function setDefaultPermissions($objectId, $perm, $force = false)
{
require_once 'www/project/admin/permissions.php';
$res = permission_db_get_defaults($perm);
while ($row = mysql_fetch_array($res, MYSQL_ASSOC)) {
permission_add_ugroup($this->groupId, $perm, $objectId, $row['ugroup_id'], $force);
}
}
function plugin_tracker_permission_process_update_fields_permissions($group_id, $atid, $fields, $permissions_wanted_by_user)
{
//The actual permissions
$stored_ugroups_permissions = plugin_tracker_permission_get_field_tracker_ugroups_permissions($group_id, $atid, $fields);
$permissions_updated = false;
//some special ugroup names
$anonymous_name = $GLOBALS['Language']->getText('project_ugroup', ugroup_get_name_from_id($GLOBALS['UGROUP_ANONYMOUS']));
$registered_name = $GLOBALS['Language']->getText('project_ugroup', ugroup_get_name_from_id($GLOBALS['UGROUP_REGISTERED']));
//We process the request
foreach ($permissions_wanted_by_user as $field_id => $ugroups_permissions) {
if (is_numeric($field_id) && isset($stored_ugroups_permissions[$field_id])) {
$the_field_can_be_submitted = $stored_ugroups_permissions[$field_id]['field']['field']->isSubmitable();
$the_field_can_be_updated = $stored_ugroups_permissions[$field_id]['field']['field']->isUpdateable();
$fake_object_id = $field_id;
//small variables for history
$add_submit_to_history = false;
$add_read_to_history = false;
$add_update_to_history = false;
//We look for anonymous and registered users' permissions, both in the user's request and in the db
$user_set_anonymous_to_submit = isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['submit']) && $ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['submit'] === "on";
$user_set_anonymous_to_read = isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['others']) && $ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['others'] === "0";
$user_set_anonymous_to_update = isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['others']) && $ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['others'] === "1";
$user_set_registered_to_submit = isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['submit']) && $ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['submit'] === "on";
$user_set_registered_to_read = isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['others']) && $ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['others'] === "0";
$user_set_registered_to_update = isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['others']) && $ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['others'] === "1";
$anonymous_is_already_set_to_submit = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_ANONYMOUS']]['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']);
$anonymous_is_already_set_to_read = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_ANONYMOUS']]['permissions']['PLUGIN_TRACKER_FIELD_READ']);
$anonymous_is_already_set_to_update = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_ANONYMOUS']]['permissions']['PLUGIN_TRACKER_FIELD_UPDATE']);
$registered_is_already_set_to_submit = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']);
$registered_is_already_set_to_read = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['permissions']['PLUGIN_TRACKER_FIELD_READ']);
$registered_is_already_set_to_update = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['permissions']['PLUGIN_TRACKER_FIELD_UPDATE']);
//ANONYMOUS
////////////////////////////////////////////////////////////////
//Firstly we set permissions for anonymous users
if (isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']])) {
$ugroup_permissions = $ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']];
//SUBMIT Permission
//-----------------
if ($the_field_can_be_submitted && !$anonymous_is_already_set_to_submit && $user_set_anonymous_to_submit) {
//if the ugroup is anonymous, we have to erase submit permissions for other ugroups
foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_ANONYMOUS']) {
permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $fake_object_id, $stored_ugroup_id);
$add_submit_to_history = true;
$anonymous_is_already_set_to_submit = true;
} else {
if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']) && (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['submit']) || $ugroups_permissions[$stored_ugroup_id]['submit'] !== "on")) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_submit', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name)));
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $stored_ugroup_id, $fake_object_id);
$add_submit_to_history = true;
}
}
}
} else {
if ($anonymous_is_already_set_to_submit && !$user_set_anonymous_to_submit) {
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $GLOBALS['UGROUP_ANONYMOUS'], $fake_object_id);
$add_submit_to_history = true;
$anonymous_is_already_set_to_submit = false;
}
}
//UPDATE Permission
//---------------
if ($the_field_can_be_updated && !$anonymous_is_already_set_to_update && $user_set_anonymous_to_update) {
//if the ugroup is anonymous, we have to erase submt permissions for other ugroups
foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_ANONYMOUS']) {
permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $fake_object_id, $stored_ugroup_id);
$add_update_to_history = true;
$anonymous_is_already_set_to_update = true;
} else {
if (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['others']) || $ugroups_permissions[$stored_ugroup_id]['others'] !== "100") {
if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_UPDATE'])) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name)));
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $stored_ugroup_id, $fake_object_id);
$add_update_to_history = true;
}
if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_READ'])) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name)));
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $stored_ugroup_id, $fake_object_id);
$add_read_to_history = true;
}
}
}
}
} else {
if ($anonymous_is_already_set_to_update && !$user_set_anonymous_to_update) {
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $GLOBALS['UGROUP_ANONYMOUS'], $fake_object_id);
$add_update_to_history = true;
$anonymous_is_already_set_to_update = false;
}
}
//READ Permission
//---------------
if (!$anonymous_is_already_set_to_read && $user_set_anonymous_to_read) {
//if the ugroup is anonymous, we have to erase submit permissions for other ugroups
foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_ANONYMOUS']) {
permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_READ', $fake_object_id, $stored_ugroup_id);
$add_read_to_history = true;
$anonymous_is_already_set_to_read = true;
} else {
if (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['others']) || $ugroups_permissions[$stored_ugroup_id]['others'] !== "100") {
if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_READ'])) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_read', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name)));
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $stored_ugroup_id, $fake_object_id);
$add_read_to_history = true;
}
}
}
}
} else {
if ($anonymous_is_already_set_to_read && !$user_set_anonymous_to_read) {
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $GLOBALS['UGROUP_ANONYMOUS'], $fake_object_id);
$add_read_to_history = true;
$anonymous_is_already_set_to_read = false;
}
}
}
//REGISTERED
////////////////////////////////////////////////////////////////
//Secondly we set permissions for registered users
if (isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']])) {
$ugroup_permissions = $ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']];
//SUBMIT Permission
//-----------------
if ($the_field_can_be_submitted && !$registered_is_already_set_to_submit && $user_set_registered_to_submit) {
//if the ugroup is registered, we have to:
// 1. check consistency with current permissions for anonymous users
if ($user_set_anonymous_to_submit || $anonymous_is_already_set_to_submit) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_submit', array($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name)));
} else {
// 2. erase submit permissions for other ugroups
foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $fake_object_id, $stored_ugroup_id);
$add_submit_to_history = true;
$registered_is_already_set_to_submit = true;
} else {
if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) {
if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']) && (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['submit']) || $ugroups_permissions[$stored_ugroup_id]['submit'] !== "on")) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_submit', array($stored_ugroup_permissions['ugroup']['name'], $registered_name)));
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $stored_ugroup_id, $fake_object_id);
$add_submit_to_history = true;
}
}
}
}
}
} else {
if ($registered_is_already_set_to_submit && !$user_set_registered_to_submit) {
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $GLOBALS['UGROUP_REGISTERED'], $fake_object_id);
$add_submit_to_history = true;
$registered_is_already_set_to_submit = false;
}
}
//UPDATE Permission
//---------------
if ($the_field_can_be_updated && !$registered_is_already_set_to_update && $user_set_registered_to_update) {
//if the ugroup is registered, we have to:
// 1. check consistency with current permissions for anonymous users
if ($user_set_anonymous_to_update || $anonymous_is_already_set_to_update) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name)));
} else {
// 2. erase update permissions for other ugroups
foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $fake_object_id, $stored_ugroup_id);
$add_update_to_history = true;
$registered_is_already_set_to_update = true;
} else {
if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) {
//ugroups other than anonymous
if (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['others']) || $ugroups_permissions[$stored_ugroup_id]['others'] !== "100") {
if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_UPDATE'])) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_update', array($stored_ugroup_permissions['ugroup']['name'], $registered_name)));
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $stored_ugroup_id, $fake_object_id);
$add_update_to_history = true;
}
if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_READ'])) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_update', array($stored_ugroup_permissions['ugroup']['name'], $registered_name)));
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $stored_ugroup_id, $fake_object_id);
$add_read_to_history = true;
}
}
}
}
}
}
} else {
if ($registered_is_already_set_to_update && !$user_set_registered_to_update) {
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $GLOBALS['UGROUP_REGISTERED'], $fake_object_id);
$add_update_to_history = true;
$registered_is_already_set_to_update = false;
}
}
//READ Permission
//---------------
if (!$registered_is_already_set_to_read && $user_set_registered_to_read) {
//if the ugroup is registered, we have to:
// 1. check consistency with current permissions for anonymous users
if ($user_set_anonymous_to_read || $anonymous_is_already_set_to_read || $anonymous_is_already_set_to_update) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_read', array($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name)));
} else {
// 2. erase read permissions for other ugroups
foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_READ', $fake_object_id, $stored_ugroup_id);
$add_read_to_history = true;
$registered_is_already_set_to_read = true;
} else {
if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) {
//ugroups other than anonymous
if (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['others']) || $ugroups_permissions[$stored_ugroup_id]['others'] !== "100") {
if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_READ'])) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_read', array($stored_ugroup_permissions['ugroup']['name'], $registered_name)));
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $stored_ugroup_id, $fake_object_id);
$add_read_to_history = true;
}
}
}
}
}
}
} else {
if ($registered_is_already_set_to_read && !$user_set_registered_to_read) {
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $GLOBALS['UGROUP_REGISTERED'], $fake_object_id);
$registered_is_already_set_to_read = false;
}
}
}
//OTHER INSIGNIFIANT UGROUPS
////////////////////////////////////////////////////////////////
foreach ($ugroups_permissions as $ugroup_id => $ugroup_permissions) {
if (is_numeric($ugroup_id) && $ugroup_id != $GLOBALS['UGROUP_REGISTERED'] && $ugroup_id != $GLOBALS['UGROUP_ANONYMOUS']) {
$name_of_ugroup = $stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['ugroup']['name'];
//SUBMIT Permission
//-----------------
if ($the_field_can_be_submitted && !isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']) && isset($ugroup_permissions['submit']) && $ugroup_permissions['submit'] === "on") {
//if the ugroup is not anonymous and not registered, we have to:
// check consistency with current permissions for anonymous users
// and current permissions for registered users
if ($user_set_anonymous_to_submit || $anonymous_is_already_set_to_submit) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_submit', array($name_of_ugroup, $anonymous_name)));
} else {
if ($user_set_registered_to_submit || $registered_is_already_set_to_submit) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_submit', array($name_of_ugroup, $registered_name)));
} else {
permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $fake_object_id, $ugroup_id);
$add_submit_to_history = true;
}
}
} else {
if (isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']) && isset($ugroup_permissions['submit']) && $ugroup_permissions['submit'] !== "on") {
//If we don't have already clear the permissions
if (!$user_set_anonymous_to_submit && !$user_set_registered_to_submit) {
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $ugroup_id, $fake_object_id);
$add_submit_to_history = true;
}
}
}
//UPDATE Permission
//-----------------
if ($the_field_can_be_updated && !isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_UPDATE']) && isset($ugroup_permissions['others']) && $ugroup_permissions['others'] === "1") {
//if the ugroup is not anonymous and not registered, we have to:
// check consistency with current permissions for anonymous users
// and current permissions for registered users
if ($user_set_anonymous_to_update || $anonymous_is_already_set_to_update) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($name_of_ugroup, $anonymous_name)));
} else {
if ($user_set_registered_to_update || $registered_is_already_set_to_update) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_update', array($name_of_ugroup, $registered_name)));
} else {
permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $fake_object_id, $ugroup_id);
$add_update_to_history = true;
}
}
} else {
if (isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_UPDATE']) && isset($ugroup_permissions['others']) && $ugroup_permissions['others'] !== "1") {
//If we don't have already clear the permissions
if (!$user_set_anonymous_to_update && !$user_set_registered_to_update) {
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $ugroup_id, $fake_object_id);
$add_update_to_history = true;
}
}
}
//READ Permission
//-----------------
if (!isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_READ']) && isset($ugroup_permissions['others']) && $ugroup_permissions['others'] === "0") {
//if the ugroup is not anonymous and not registered, we have to:
// check consistency with current permissions for anonymous users
// and current permissions for registered users
if ($user_set_anonymous_to_read || $anonymous_is_already_set_to_read) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_read', array($name_of_ugroup, $anonymous_name)));
} else {
if ($user_set_registered_to_read || $registered_is_already_set_to_read) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_read', array($name_of_ugroup, $registered_name)));
} else {
if ($user_set_anonymous_to_update || $anonymous_is_already_set_to_update) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($name_of_ugroup, $anonymous_name)));
} else {
if ($user_set_registered_to_update || $registered_is_already_set_to_update) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_update', array($name_of_ugroup, $registered_name)));
} else {
permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_READ', $fake_object_id, $ugroup_id);
$add_read_to_history = true;
}
}
}
}
} else {
if (isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_READ']) && isset($ugroup_permissions['others']) && $ugroup_permissions['others'] !== "0") {
//If we don't have already clear the permissions
if (!$user_set_anonymous_to_read && !$user_set_registered_to_read) {
permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $ugroup_id, $fake_object_id);
$add_read_to_history = true;
}
}
}
}
}
//history
if ($add_submit_to_history) {
permission_add_history($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $fake_object_id);
}
if ($add_read_to_history) {
permission_add_history($group_id, 'PLUGIN_TRACKER_FIELD_READ', $fake_object_id);
}
if ($add_update_to_history) {
permission_add_history($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $fake_object_id);
}
if (!$permissions_updated && ($add_submit_to_history || $add_read_to_history || $add_update_to_history)) {
$permissions_updated = true;
}
}
}
return $permissions_updated;
//$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('project_admin_userperms', 'perm_upd'));
}
/**
* Set the permission for a ugroup on an item.
*
* The difficult part of the algorithm comes from two point:
* - There is a hierarchy between ugroups (@see ugroup_get_parent)
* - There is a hierarchy between permissions (READ < WRITE < MANAGE)
*
* Let's see a scenario:
* I've selected WRITE permission for Registered users and READ permission for Project Members
* => Project Members ARE registered users therefore they have WRITE permission.
* => WRITE is stronger than READ permission.
* So the permissions wich will be set are: WRITE for registered and WRITE for project members
*
* The force parameter must be set to true if you want to bypass permissions checking (@see permission_add_ugroup).
* Pretty difficult to know if a user can update the permissions which does not exist for a new item...
*
* @param $group_id integer The id of the project
* @param $item_id integer The id of the item
* @param $permission_definition array The definission of the permission (pretty name, relations between perms, internal name, ...)
* @param $old_permissions array The permissions before
* @param &$done_permissions array The permissions after
* @param $ugroup_id The ugroup_id we want to set permission now
* @param $wanted_permissions array The permissions the user has asked
* @param &$history array Does a permission has been set ?
* @param $force boolean true if you want to bypass permissions checking (@see permission_add_ugroup).
*
* @access protected
*/
function _setPermission($group_id, $item_id, $permission_definition, $old_permissions, &$done_permissions, $ugroup_id, $wanted_permissions, &$history, $force = false)
{
//Do nothing if we have already choose a permission for ugroup
if (!isset($done_permissions[$ugroup_id])) {
//if the ugroup has a parent
if (($parent = ugroup_get_parent($ugroup_id)) !== false) {
//first choose the permission for the parent
$this->_setPermission($group_id, $item_id, $permission_definition, $old_permissions, $done_permissions, $parent, $wanted_permissions, $history, $force);
//is there a conflict between given permissions?
if ($parent = $this->_getBiggerOrEqualParent($permission_definition, $done_permissions, $parent, $wanted_permissions[$ugroup_id])) {
//warn the user that there was a conflict
$this->_controler->feedback->log('warning', $GLOBALS['Language']->getText('plugin_docman', 'warning_perms', array($old_permissions[$ugroup_id]['ugroup']['name'], $old_permissions[$parent]['ugroup']['name'], $permission_definition[$done_permissions[$parent]]['label'])));
//remove permissions which was set for the ugroup
if (count($old_permissions[$ugroup_id]['permissions'])) {
foreach ($old_permissions[$ugroup_id]['permissions'] as $permission => $nop) {
permission_clear_ugroup_object($group_id, $permission, $ugroup_id, $item_id);
$history[$permission] = true;
}
}
//The permission is none (default) for this ugroup
$done_permissions[$ugroup_id] = 100;
}
}
//If the permissions have not been set (no parent || no conflict)
if (!isset($done_permissions[$ugroup_id])) {
//remove permissions if needed
$perms_cleared = false;
if (count($old_permissions[$ugroup_id]['permissions'])) {
foreach ($old_permissions[$ugroup_id]['permissions'] as $permission => $nop) {
if ($permission != $permission_definition[$wanted_permissions[$ugroup_id]]['type']) {
//The permission has been changed
permission_clear_ugroup_object($group_id, $permission, $ugroup_id, $item_id);
$history[$permission] = true;
$perms_cleared = true;
$done_permissions[$ugroup_id] = 100;
} else {
//keep the old permission
$done_permissions[$ugroup_id] = Docman_PermissionsManager::getDefinitionIndexForPermission($permission);
}
}
}
//If the user set an explicit permission and there was no perms before or they have been removed
if ($wanted_permissions[$ugroup_id] != 100 && (!count($old_permissions[$ugroup_id]['permissions']) || $perms_cleared)) {
//Then give the permission
$permission = $permission_definition[$wanted_permissions[$ugroup_id]]['type'];
permission_add_ugroup($group_id, $permission, $item_id, $ugroup_id, $force);
$history[$permission] = true;
$done_permissions[$ugroup_id] = $wanted_permissions[$ugroup_id];
} else {
//else set none(default) permission
$done_permissions[$ugroup_id] = 100;
}
}
}
}
public function restrictAccess($item, $params = array())
{
// Check whether there is other references to this wiki page.
$dao = $this->_getItemDao();
$referenced = $dao->isWikiPageReferenced($item->getPageName(), $item->getGroupId());
if (!$referenced) {
$dIF =& $this->_getItemFactory();
$id_in_wiki = $dIF->getIdInWikiOfWikiPageItem($item->getPageName(), $item->getGroupId());
// Restrict access to wiki admins if the page already exists in wiki.
if ($id_in_wiki !== null) {
permission_clear_all($item->getGroupId(), 'WIKIPAGE_READ', $id_in_wiki, false);
permission_add_ugroup($item->getGroupId(), 'WIKIPAGE_READ', $id_in_wiki, $GLOBALS['UGROUP_WIKI_ADMIN']);
}
}
}
function permission_process_update_tracker_permissions($group_id, $atid, $permissions_wanted_by_user)
{
//The user want to update permissions for the tracker.
//We look into the request for specials variable
$prefixe_expected = 'permissions_';
$len_prefixe_expected = strlen($prefixe_expected);
//some special ugroup names
$anonymous_name = $GLOBALS['Language']->getText('project_ugroup', ugroup_get_name_from_id($GLOBALS['UGROUP_ANONYMOUS']));
$registered_name = $GLOBALS['Language']->getText('project_ugroup', ugroup_get_name_from_id($GLOBALS['UGROUP_REGISTERED']));
//small variables for history
$add_full_to_history = false;
$add_assignee_to_history = false;
$add_submitter_to_history = false;
//The actual permissions
$stored_ugroups_permissions = permission_get_tracker_ugroups_permissions($group_id, $atid);
//We look for anonymous and registered users' permissions, both in the user's request and in the db
$user_set_anonymous_to_fullaccess = isset($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']]) && $_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']] === "0";
$user_set_registered_to_fullaccess = isset($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_REGISTERED']]) && $_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']] === "0";
$anonymous_is_already_set_to_fullaccess = isset($stored_ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['permissions']['TRACKER_ACCESS_FULL']);
$registered_is_already_set_to_fullaccess = isset($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['permissions']['TRACKER_ACCESS_FULL']);
$registered_is_already_set_to_assignee = isset($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['permissions']['TRACKER_ACCESS_ASSIGNEE']);
$registered_is_already_set_to_submitter = isset($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['permissions']['TRACKER_ACCESS_SUBMITTER']);
//ANONYMOUS
////////////////////////////////////////////////////////////////
if (isset($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']])) {
switch ($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']]) {
case 0:
//TRACKER_ACCESS_FULL
//-------------------
if (!$anonymous_is_already_set_to_fullaccess) {
foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_ANONYMOUS']) {
permission_add_ugroup($group_id, 'TRACKER_ACCESS_FULL', $atid, $stored_ugroup_id);
$add_full_to_history = true;
$anonymous_is_already_set_to_fullaccess = true;
} else {
//We remove permissions for others ugroups
if (count($stored_ugroup_permissions['permissions']) > 0 && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name)));
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_FULL'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid);
$add_full_to_history = true;
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
$registered_is_already_set_to_fullaccess = false;
}
}
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid);
$add_assignee_to_history = true;
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
$registered_is_already_set_to_assignee = false;
}
}
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid);
$add_submitter_to_history = true;
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
$registered_is_already_set_to_submitter = false;
}
}
}
}
}
}
break;
case 1:
//TRACKER_ACCESS_ASSIGNEE
//-----------------------
//forbidden, do nothing
break;
case 2:
//TRACKER_ACCESS_SUBMITTER
//------------------------
//forbidden, do nothing
break;
case 3:
//TRACKER_ACCESS_SUBMITTER && TRACKER_ACCESS_ASSIGNEE
//---------------------------------------------------
//forbidden, do nothing
break;
case 100:
//NO ACCESS
//---------
if ($anonymous_is_already_set_to_fullaccess) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $GLOBALS['UGROUP_ANONYMOUS'], $atid);
$add_submitter_to_history = true;
$anonymous_is_already_set_to_fullaccess = false;
}
break;
default:
//do nothing
break;
}
}
//REGISTERED
////////////////////////////////////////////////////////////////
if (isset($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_REGISTERED']])) {
switch ($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_REGISTERED']]) {
case 0:
//TRACKER_ACCESS_FULL
//-------------------
if (!$registered_is_already_set_to_fullaccess) {
//It is not necessary to process if the anonymous has full access
if ($anonymous_is_already_set_to_fullaccess) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name)));
} else {
foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
//We remove old permissions
if ($registered_is_already_set_to_assignee) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid);
$add_assignee_to_history = true;
$registered_is_already_set_to_assignee = false;
}
if ($registered_is_already_set_to_submitter) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid);
$add_submitter_to_history = true;
$registered_is_already_set_to_submitter = false;
}
permission_add_ugroup($group_id, 'TRACKER_ACCESS_FULL', $atid, $stored_ugroup_id);
$add_full_to_history = true;
$registered_is_already_set_to_fullaccess = true;
} else {
if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) {
//ugroups other than anonymous
//We remove permissions for others ugroups
if (count($stored_ugroup_permissions['permissions']) > 0 && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($stored_ugroup_permissions['ugroup']['name'], $registered_name)));
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_FULL'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid);
$add_full_to_history = true;
}
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid);
$add_assignee_to_history = true;
}
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid);
$add_submitter_to_history = true;
}
}
}
}
}
}
}
break;
case 1:
//TRACKER_ACCESS_ASSIGNEE
//-----------------------
if (!$registered_is_already_set_to_assignee) {
//It is not necessary to process if the anonymous has full access (anon can't have assignee or submitter access)
if ($anonymous_is_already_set_to_fullaccess) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name)));
} else {
foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
//We remove old permissions
if ($registered_is_already_set_to_fullaccess) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid);
$add_full_to_history = true;
$registered_is_already_set_to_fullaccess = false;
}
if ($registered_is_already_set_to_submitter) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid);
$add_submitter_to_history = true;
$registered_is_already_set_to_submitter = false;
}
permission_add_ugroup($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid, $stored_ugroup_id);
$registered_is_already_set_to_assignee = true;
} else {
if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) {
//ugroups other than anonymous
//We remove permissions for others ugroups if they have assignee
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE']) && !isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER']) && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_assignee', array($stored_ugroup_permissions['ugroup']['name'], $registered_name)));
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid);
$add_assignee_to_history = true;
}
}
}
}
}
}
break;
case 2:
//TRACKER_ACCESS_SUBMITTER
//------------------------
if (!$registered_is_already_set_to_submitter) {
//It is not necessary to process if the anonymous has full access (anon can't have assignee or submitter access)
if ($anonymous_is_already_set_to_fullaccess) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name)));
} else {
foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
//We remove old permissions
if ($registered_is_already_set_to_fullaccess) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid);
$add_full_to_history = true;
$registered_is_already_set_to_fullaccess = false;
}
if ($registered_is_already_set_to_assignee) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid);
$add_assignee_to_history = true;
$registered_is_already_set_to_assignee = false;
}
permission_add_ugroup($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid, $stored_ugroup_id);
$add_submitter_to_history = true;
$registered_is_already_set_to_submitter = true;
} else {
if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) {
//ugroups other than anonymous
//We remove permissions for others ugroups if they have submitter
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER']) && !isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE']) && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter', array($stored_ugroup_permissions['ugroup']['name'], $registered_name)));
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid);
$add_submitter_to_history = true;
}
}
}
}
}
}
break;
case 3:
//TRACKER_ACCESS_SUBMITTER && TRACKER_ACCESS_ASSIGNEE
//---------------------------------------------------
if (!($registered_is_already_set_to_submitter && $registered_is_already_set_to_assignee)) {
//It is not necessary to process if the anonymous has full access (anon can't have assignee or submitter access)
if ($anonymous_is_already_set_to_fullaccess) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name)));
} else {
foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) {
if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) {
//We remove old permissions
if ($registered_is_already_set_to_fullaccess) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid);
$add_full_to_history = true;
$registered_is_already_set_to_fullaccess = false;
}
if (!$registered_is_already_set_to_assignee) {
permission_add_ugroup($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid, $stored_ugroup_id);
$add_assignee_to_history = true;
$registered_is_already_set_to_assignee = true;
}
if (!$registered_is_already_set_to_submitter) {
permission_add_ugroup($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid, $stored_ugroup_id);
$add_submitter_to_history = true;
$registered_is_already_set_to_submitter = true;
}
} else {
if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) {
//ugroups other than anonymous
//We remove permissions for others ugroups if they have submitter or assignee
if ((isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER']) || isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE'])) && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter_assignee', array($stored_ugroup_permissions['ugroup']['name'], $registered_name)));
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid);
$add_submitter_to_history = true;
}
if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid);
$add_assignee_to_history = true;
}
}
}
}
}
}
}
break;
case 100:
//NO SPECIFIC ACCESS
//------------------
if ($registered_is_already_set_to_assignee) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $GLOBALS['UGROUP_REGISTERED'], $atid);
$add_assignee_to_history = true;
$registered_is_already_set_to_assignee = false;
}
if ($registered_is_already_set_to_submitter) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $GLOBALS['UGROUP_REGISTERED'], $atid);
$add_submitter_to_history = true;
$registered_is_already_set_to_submitter = false;
}
if ($registered_is_already_set_to_fullaccess) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $GLOBALS['UGROUP_REGISTERED'], $atid);
$add_full_to_history = true;
$registered_is_already_set_to_fullaccess = false;
}
break;
default:
//do nothing
break;
}
}
//OTHERS INSIGNIFIANT UGROUPS
////////////////////////////////////////////////////////////////
foreach ($_REQUEST as $key => $value) {
$pos = strpos($key, $prefixe_expected);
if ($pos !== false) {
//We've just found a variable
//We check now if the suffixe (id of ugroup) and the value is numeric values
$suffixe = substr($key, $len_prefixe_expected);
if (is_numeric($suffixe)) {
$ugroup_id = $suffixe;
if ($ugroup_id != $GLOBALS['UGROUP_ANONYMOUS'] && $ugroup_id != $GLOBALS['UGROUP_REGISTERED']) {
//already done.
$ugroup_name = $stored_ugroups_permissions[$ugroup_id]['ugroup']['name'];
switch ($value) {
case 0:
//TRACKER_FULL_ACCESS
//-------------------
if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) {
if ($anonymous_is_already_set_to_fullaccess) {
//It is not necessary to process if the anonymous has full access
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($ugroup_name, $anonymous_name)));
} else {
if ($registered_is_already_set_to_fullaccess) {
//It is not necessary to process if the registered has full access
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($ugroup_name, $registered_name)));
} else {
//We remove old permissions
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $ugroup_id, $atid);
$add_assignee_to_history = true;
}
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $ugroup_id, $atid);
$add_submitter_to_history = true;
}
permission_add_ugroup($group_id, 'TRACKER_ACCESS_FULL', $atid, $ugroup_id);
$add_full_to_history = true;
}
}
}
break;
case 1:
//TRACKER_ACCESS_ASSIGNEE
//-----------------------
if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) {
//It is not necessary to process if the anonymous has full access
if ($anonymous_is_already_set_to_fullaccess) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($ugroup_name, $anonymous_name)));
} else {
if ($registered_is_already_set_to_fullaccess) {
//It is not necessary to process if the registered has full access
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($ugroup_name, $registered_name)));
} else {
if ($registered_is_already_set_to_submitter && $registered_is_already_set_to_assignee) {
//It is not necessary to process if the registered has submitter and assignee
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter_assignee', array($ugroup_name, $registered_name)));
} else {
if ($registered_is_already_set_to_assignee) {
//It is not necessary to process if the registered has assignee
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_assignee', array($ugroup_name, $registered_name)));
} else {
//We remove old permissions
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $ugroup_id, $atid);
$add_full_to_history = true;
}
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $ugroup_id, $atid);
$add_submitter_to_history = true;
}
permission_add_ugroup($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid, $ugroup_id);
$add_assignee_to_history = true;
}
}
}
}
}
break;
case 2:
//TRACKER_ACCESS_SUBMITTER
//------------------------
if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) {
//It is not necessary to process if the anonymous has full access
if ($anonymous_is_already_set_to_fullaccess) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($ugroup_name, $anonymous_name)));
} else {
if ($registered_is_already_set_to_fullaccess) {
//It is not necessary to process if the registered has full access
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($ugroup_name, $registered_name)));
} else {
if ($registered_is_already_set_to_submitter && $registered_is_already_set_to_assignee) {
//It is not necessary to process if the registered has submitter and assignee
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter_assignee', array($ugroup_name, $registered_name)));
} else {
if ($registered_is_already_set_to_submitter) {
//It is not necessary to process if the registered has submitter
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter', array($ugroup_name, $registered_name)));
} else {
//We remove old permissions
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $ugroup_id, $atid);
$add_full_to_history = true;
}
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $ugroup_id, $atid);
$add_assignee_to_history = true;
}
permission_add_ugroup($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid, $ugroup_id);
$add_submitter_to_history = true;
}
}
}
}
}
break;
case 3:
//TRACKER_ACCESS_SUBMITTER && TRACKER_ACCESS_ASSIGNEE
//---------------------------------------------------
if (!(isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE']) && isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER']))) {
//It is not necessary to process if the anonymous has full access
if ($anonymous_is_already_set_to_fullaccess) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($ugroup_name, $anonymous_name)));
} else {
if ($registered_is_already_set_to_fullaccess) {
//It is not necessary to process if the registered has full access
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($ugroup_name, $registered_name)));
} else {
if ($registered_is_already_set_to_submitter && $registered_is_already_set_to_assignee) {
//It is not necessary to process if the registered has submitter and assignee
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter_assignee', array($ugroup_name, $registered_name)));
} else {
//We remove old permissions
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $ugroup_id, $atid);
$add_full_to_history = true;
}
if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) {
permission_add_ugroup($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid, $ugroup_id);
$add_assignee_to_history = true;
}
if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) {
permission_add_ugroup($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid, $ugroup_id);
$add_submitter_to_history = true;
}
}
}
}
}
break;
case 100:
//NO SPECIFIC ACCESS
//------------------
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $ugroup_id, $atid);
$add_full_to_history = true;
}
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $ugroup_id, $atid);
$add_assignee_to_history = true;
}
if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) {
permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $ugroup_id, $atid);
$add_submitter_to_history = true;
}
break;
default:
//do nothing
break;
}
}
}
}
}
//history
if ($add_full_to_history) {
permission_add_history($group_id, 'TRACKER_ACCESS_FULL', $atid);
}
if ($add_assignee_to_history) {
permission_add_history($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid);
}
if ($add_submitter_to_history) {
permission_add_history($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid);
}
//feedback
if ($add_full_to_history || $add_assignee_to_history || $add_submitter_to_history) {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('project_admin_userperms', 'perm_upd'));
}
}
function news_update_permissions($forum_id, $is_private, $group_id)
{
global $Language, $UGROUP_PROJECT_MEMBERS;
/*
Takes forum_id and permission, and updates the permission of the corresponding entry in 'permissions' table
*/
if ($is_private == 3) {
permission_clear_all($group_id, 'NEWS_READ', $forum_id, false);
if (permission_add_ugroup($group_id, 'NEWS_READ', $forum_id, $UGROUP_PROJECT_MEMBERS)) {
$GLOBALS['Response']->addFeedback('info', $Language->getText('news_submit', 'news_perm_update_success'));
} else {
$GLOBALS['Response']->addFeedback('error', $Language->getText('news_admin_index', 'update_err'));
}
} else {
if (permission_clear_all($group_id, 'NEWS_READ', $forum_id, false)) {
$GLOBALS['Response']->addFeedback('info', $Language->getText('news_submit', 'news_perm_update_success'));
} else {
$GLOBALS['Response']->addFeedback('error', $Language->getText('news_admin_index', 'update_err'));
}
}
}