protected function beforeDelete(array $params) { $delKeys = !empty($params['delete_keys']) ? json_decode($params['delete_keys']) : array(); if (!empty($delKeys)) { // Only admins may edit the set of linked users. if (!$params['currentUserHasManagePermission']) { throw new \GO\Base\Exception\AccessDenied(); } foreach ($delKeys as $delKey) { // if ($delKey==1) // throw new \Exception(\GO::t('dontChangeAdminPermissions')); $aclItem = \GO\Base\Model\Acl::model()->findByPk($params['model_id']); if ($aclItem->user_id == $delKey) { // Situation: user with id $delKey is owner of ACL with id $params['model_id'] if (\GO::user()->isAdmin()) { // Situation: Current user is in root group. Action: set current // user as owner of the ACL $aclItem->user_id = \GO::user()->id; $aclItem->save(); } else { throw new \Exception(\GO::t('dontChangeOwnersPermissions')); } } } } else { return false; } return true; }
/** * Get's the Acces Control List for this model if it has one. * * @return \GO\Base\Model\Acl */ public function getAcl() { if ($this->_acl) { return $this->_acl; } else { $aclId = $this->findAclId(); if ($aclId) { $this->_acl = \GO\Base\Model\Acl::model()->findByPk($aclId); return $this->_acl; } else { return false; } } }
/** * Check if the acl for the finance does exist. * If not, then create a new acl and return it. * * @return \GO\Base\Model\Acl */ public static function getFinanceAcl() { $financeAclID = \GO::config()->get_setting('projects2_finance_acl'); if (!empty($financeAclID)) { $financeAcl = \GO\Base\Model\Acl::model()->findByPk($financeAclID); } if (empty($financeAcl)) { $financeAcl = new \GO\Base\Model\Acl(); $financeAcl->user_id = 1; $financeAcl->description = 'Finance access for Projects 2'; if ($financeAcl->save()) { \GO::config()->save_setting('projects2_finance_acl', $financeAcl->id); } } return $financeAcl; }
public function setFolderPermissions() { if (\GO::modules()->isInstalled('files')) { $folder = \GO\Files\Model\Folder::model()->findByPath('addressbook', true); if ($folder) { $folder->acl_id = \GO\Base\Model\Acl::model()->getReadOnlyAcl()->id; $folder->readonly = 1; $folder->save(); } $folder = \GO\Files\Model\Folder::model()->findByPath('addressbook/photos', true); if ($folder && !$folder->acl_id) { $folder->setNewAcl(1); $folder->readonly = 1; $folder->save(); } //hide old contacts folder if it exists $folder = \GO\Files\Model\Folder::model()->findByPath('contacts'); if ($folder) { if (!$folder->acl_id) { $folder->setNewAcl(1); $folder->readonly = 1; $folder->save(); } else { $folder->getAcl()->clear(); } } } }
private function acls() { $acls = Acl::model()->findByAttributes(array('user_id' => $this->from)); $success = true; foreach ($acls as $item) { $item->user_id = $this->to; $success = $item->save() && $success; } return $success; }
protected function beforeDuplicate(&$duplicate) { if (!empty($duplicate->acl_id)) { $oldAcl = \GO\Base\Model\Acl::model()->findByPk($duplicate->acl_id); $duplicate->setNewAcl(); $newAcl = \GO\Base\Model\Acl::model()->findByPk($duplicate->acl_id); $oldAcl->copyPermissions($newAcl); } return parent::beforeDuplicate($duplicate); }