/** * Set the permission for a ugroup on an item. * * The difficult part of the algorithm comes from two point: * - There is a hierarchy between ugroups (@see ugroup_get_parent) * - There is a hierarchy between permissions (READ < WRITE < MANAGE) * * Let's see a scenario: * I've selected WRITE permission for Registered users and READ permission for Project Members * => Project Members ARE registered users therefore they have WRITE permission. * => WRITE is stronger than READ permission. * So the permissions wich will be set are: WRITE for registered and WRITE for project members * * The force parameter must be set to true if you want to bypass permissions checking (@see permission_add_ugroup). * Pretty difficult to know if a user can update the permissions which does not exist for a new item... * * @param $group_id integer The id of the project * @param $item_id integer The id of the item * @param $permission_definition array The definission of the permission (pretty name, relations between perms, internal name, ...) * @param $old_permissions array The permissions before * @param &$done_permissions array The permissions after * @param $ugroup_id The ugroup_id we want to set permission now * @param $wanted_permissions array The permissions the user has asked * @param &$history array Does a permission has been set ? * @param $force boolean true if you want to bypass permissions checking (@see permission_add_ugroup). * * @access protected */ function _setPermission($group_id, $item_id, $permission_definition, $old_permissions, &$done_permissions, $ugroup_id, $wanted_permissions, &$history, $force = false) { //Do nothing if we have already choose a permission for ugroup if (!isset($done_permissions[$ugroup_id])) { //if the ugroup has a parent if (($parent = ugroup_get_parent($ugroup_id)) !== false) { //first choose the permission for the parent $this->_setPermission($group_id, $item_id, $permission_definition, $old_permissions, $done_permissions, $parent, $wanted_permissions, $history, $force); //is there a conflict between given permissions? if ($parent = $this->_getBiggerOrEqualParent($permission_definition, $done_permissions, $parent, $wanted_permissions[$ugroup_id])) { //warn the user that there was a conflict $this->_controler->feedback->log('warning', $GLOBALS['Language']->getText('plugin_docman', 'warning_perms', array($old_permissions[$ugroup_id]['ugroup']['name'], $old_permissions[$parent]['ugroup']['name'], $permission_definition[$done_permissions[$parent]]['label']))); //remove permissions which was set for the ugroup if (count($old_permissions[$ugroup_id]['permissions'])) { foreach ($old_permissions[$ugroup_id]['permissions'] as $permission => $nop) { permission_clear_ugroup_object($group_id, $permission, $ugroup_id, $item_id); $history[$permission] = true; } } //The permission is none (default) for this ugroup $done_permissions[$ugroup_id] = 100; } } //If the permissions have not been set (no parent || no conflict) if (!isset($done_permissions[$ugroup_id])) { //remove permissions if needed $perms_cleared = false; if (count($old_permissions[$ugroup_id]['permissions'])) { foreach ($old_permissions[$ugroup_id]['permissions'] as $permission => $nop) { if ($permission != $permission_definition[$wanted_permissions[$ugroup_id]]['type']) { //The permission has been changed permission_clear_ugroup_object($group_id, $permission, $ugroup_id, $item_id); $history[$permission] = true; $perms_cleared = true; $done_permissions[$ugroup_id] = 100; } else { //keep the old permission $done_permissions[$ugroup_id] = Docman_PermissionsManager::getDefinitionIndexForPermission($permission); } } } //If the user set an explicit permission and there was no perms before or they have been removed if ($wanted_permissions[$ugroup_id] != 100 && (!count($old_permissions[$ugroup_id]['permissions']) || $perms_cleared)) { //Then give the permission $permission = $permission_definition[$wanted_permissions[$ugroup_id]]['type']; permission_add_ugroup($group_id, $permission, $item_id, $ugroup_id, $force); $history[$permission] = true; $done_permissions[$ugroup_id] = $wanted_permissions[$ugroup_id]; } else { //else set none(default) permission $done_permissions[$ugroup_id] = 100; } } } }
function plugin_tracker_permission_process_update_fields_permissions($group_id, $atid, $fields, $permissions_wanted_by_user) { //The actual permissions $stored_ugroups_permissions = plugin_tracker_permission_get_field_tracker_ugroups_permissions($group_id, $atid, $fields); $permissions_updated = false; //some special ugroup names $anonymous_name = $GLOBALS['Language']->getText('project_ugroup', ugroup_get_name_from_id($GLOBALS['UGROUP_ANONYMOUS'])); $registered_name = $GLOBALS['Language']->getText('project_ugroup', ugroup_get_name_from_id($GLOBALS['UGROUP_REGISTERED'])); //We process the request foreach ($permissions_wanted_by_user as $field_id => $ugroups_permissions) { if (is_numeric($field_id) && isset($stored_ugroups_permissions[$field_id])) { $the_field_can_be_submitted = $stored_ugroups_permissions[$field_id]['field']['field']->isSubmitable(); $the_field_can_be_updated = $stored_ugroups_permissions[$field_id]['field']['field']->isUpdateable(); $fake_object_id = $field_id; //small variables for history $add_submit_to_history = false; $add_read_to_history = false; $add_update_to_history = false; //We look for anonymous and registered users' permissions, both in the user's request and in the db $user_set_anonymous_to_submit = isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['submit']) && $ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['submit'] === "on"; $user_set_anonymous_to_read = isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['others']) && $ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['others'] === "0"; $user_set_anonymous_to_update = isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['others']) && $ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['others'] === "1"; $user_set_registered_to_submit = isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['submit']) && $ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['submit'] === "on"; $user_set_registered_to_read = isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['others']) && $ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['others'] === "0"; $user_set_registered_to_update = isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]) && isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['others']) && $ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['others'] === "1"; $anonymous_is_already_set_to_submit = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_ANONYMOUS']]['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']); $anonymous_is_already_set_to_read = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_ANONYMOUS']]['permissions']['PLUGIN_TRACKER_FIELD_READ']); $anonymous_is_already_set_to_update = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_ANONYMOUS']]['permissions']['PLUGIN_TRACKER_FIELD_UPDATE']); $registered_is_already_set_to_submit = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']); $registered_is_already_set_to_read = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['permissions']['PLUGIN_TRACKER_FIELD_READ']); $registered_is_already_set_to_update = isset($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['permissions']['PLUGIN_TRACKER_FIELD_UPDATE']); //ANONYMOUS //////////////////////////////////////////////////////////////// //Firstly we set permissions for anonymous users if (isset($ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']])) { $ugroup_permissions = $ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]; //SUBMIT Permission //----------------- if ($the_field_can_be_submitted && !$anonymous_is_already_set_to_submit && $user_set_anonymous_to_submit) { //if the ugroup is anonymous, we have to erase submit permissions for other ugroups foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_ANONYMOUS']) { permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $fake_object_id, $stored_ugroup_id); $add_submit_to_history = true; $anonymous_is_already_set_to_submit = true; } else { if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']) && (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['submit']) || $ugroups_permissions[$stored_ugroup_id]['submit'] !== "on")) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_submit', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name))); permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $stored_ugroup_id, $fake_object_id); $add_submit_to_history = true; } } } } else { if ($anonymous_is_already_set_to_submit && !$user_set_anonymous_to_submit) { permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $GLOBALS['UGROUP_ANONYMOUS'], $fake_object_id); $add_submit_to_history = true; $anonymous_is_already_set_to_submit = false; } } //UPDATE Permission //--------------- if ($the_field_can_be_updated && !$anonymous_is_already_set_to_update && $user_set_anonymous_to_update) { //if the ugroup is anonymous, we have to erase submt permissions for other ugroups foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_ANONYMOUS']) { permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $fake_object_id, $stored_ugroup_id); $add_update_to_history = true; $anonymous_is_already_set_to_update = true; } else { if (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['others']) || $ugroups_permissions[$stored_ugroup_id]['others'] !== "100") { if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_UPDATE'])) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name))); permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $stored_ugroup_id, $fake_object_id); $add_update_to_history = true; } if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_READ'])) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name))); permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $stored_ugroup_id, $fake_object_id); $add_read_to_history = true; } } } } } else { if ($anonymous_is_already_set_to_update && !$user_set_anonymous_to_update) { permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $GLOBALS['UGROUP_ANONYMOUS'], $fake_object_id); $add_update_to_history = true; $anonymous_is_already_set_to_update = false; } } //READ Permission //--------------- if (!$anonymous_is_already_set_to_read && $user_set_anonymous_to_read) { //if the ugroup is anonymous, we have to erase submit permissions for other ugroups foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_ANONYMOUS']) { permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_READ', $fake_object_id, $stored_ugroup_id); $add_read_to_history = true; $anonymous_is_already_set_to_read = true; } else { if (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['others']) || $ugroups_permissions[$stored_ugroup_id]['others'] !== "100") { if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_READ'])) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_read', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name))); permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $stored_ugroup_id, $fake_object_id); $add_read_to_history = true; } } } } } else { if ($anonymous_is_already_set_to_read && !$user_set_anonymous_to_read) { permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $GLOBALS['UGROUP_ANONYMOUS'], $fake_object_id); $add_read_to_history = true; $anonymous_is_already_set_to_read = false; } } } //REGISTERED //////////////////////////////////////////////////////////////// //Secondly we set permissions for registered users if (isset($ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']])) { $ugroup_permissions = $ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]; //SUBMIT Permission //----------------- if ($the_field_can_be_submitted && !$registered_is_already_set_to_submit && $user_set_registered_to_submit) { //if the ugroup is registered, we have to: // 1. check consistency with current permissions for anonymous users if ($user_set_anonymous_to_submit || $anonymous_is_already_set_to_submit) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_submit', array($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name))); } else { // 2. erase submit permissions for other ugroups foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $fake_object_id, $stored_ugroup_id); $add_submit_to_history = true; $registered_is_already_set_to_submit = true; } else { if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) { if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']) && (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['submit']) || $ugroups_permissions[$stored_ugroup_id]['submit'] !== "on")) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_submit', array($stored_ugroup_permissions['ugroup']['name'], $registered_name))); permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $stored_ugroup_id, $fake_object_id); $add_submit_to_history = true; } } } } } } else { if ($registered_is_already_set_to_submit && !$user_set_registered_to_submit) { permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $GLOBALS['UGROUP_REGISTERED'], $fake_object_id); $add_submit_to_history = true; $registered_is_already_set_to_submit = false; } } //UPDATE Permission //--------------- if ($the_field_can_be_updated && !$registered_is_already_set_to_update && $user_set_registered_to_update) { //if the ugroup is registered, we have to: // 1. check consistency with current permissions for anonymous users if ($user_set_anonymous_to_update || $anonymous_is_already_set_to_update) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name))); } else { // 2. erase update permissions for other ugroups foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $fake_object_id, $stored_ugroup_id); $add_update_to_history = true; $registered_is_already_set_to_update = true; } else { if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) { //ugroups other than anonymous if (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['others']) || $ugroups_permissions[$stored_ugroup_id]['others'] !== "100") { if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_UPDATE'])) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_update', array($stored_ugroup_permissions['ugroup']['name'], $registered_name))); permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $stored_ugroup_id, $fake_object_id); $add_update_to_history = true; } if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_READ'])) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_update', array($stored_ugroup_permissions['ugroup']['name'], $registered_name))); permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $stored_ugroup_id, $fake_object_id); $add_read_to_history = true; } } } } } } } else { if ($registered_is_already_set_to_update && !$user_set_registered_to_update) { permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $GLOBALS['UGROUP_REGISTERED'], $fake_object_id); $add_update_to_history = true; $registered_is_already_set_to_update = false; } } //READ Permission //--------------- if (!$registered_is_already_set_to_read && $user_set_registered_to_read) { //if the ugroup is registered, we have to: // 1. check consistency with current permissions for anonymous users if ($user_set_anonymous_to_read || $anonymous_is_already_set_to_read || $anonymous_is_already_set_to_update) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_read', array($stored_ugroups_permissions[$field_id]['ugroups'][$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name))); } else { // 2. erase read permissions for other ugroups foreach ($stored_ugroups_permissions[$field_id]['ugroups'] as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_READ', $fake_object_id, $stored_ugroup_id); $add_read_to_history = true; $registered_is_already_set_to_read = true; } else { if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) { //ugroups other than anonymous if (!isset($ugroups_permissions[$stored_ugroup_id]) || !isset($ugroups_permissions[$stored_ugroup_id]['others']) || $ugroups_permissions[$stored_ugroup_id]['others'] !== "100") { if (isset($stored_ugroup_permissions['permissions']['PLUGIN_TRACKER_FIELD_READ'])) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_read', array($stored_ugroup_permissions['ugroup']['name'], $registered_name))); permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $stored_ugroup_id, $fake_object_id); $add_read_to_history = true; } } } } } } } else { if ($registered_is_already_set_to_read && !$user_set_registered_to_read) { permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $GLOBALS['UGROUP_REGISTERED'], $fake_object_id); $registered_is_already_set_to_read = false; } } } //OTHER INSIGNIFIANT UGROUPS //////////////////////////////////////////////////////////////// foreach ($ugroups_permissions as $ugroup_id => $ugroup_permissions) { if (is_numeric($ugroup_id) && $ugroup_id != $GLOBALS['UGROUP_REGISTERED'] && $ugroup_id != $GLOBALS['UGROUP_ANONYMOUS']) { $name_of_ugroup = $stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['ugroup']['name']; //SUBMIT Permission //----------------- if ($the_field_can_be_submitted && !isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']) && isset($ugroup_permissions['submit']) && $ugroup_permissions['submit'] === "on") { //if the ugroup is not anonymous and not registered, we have to: // check consistency with current permissions for anonymous users // and current permissions for registered users if ($user_set_anonymous_to_submit || $anonymous_is_already_set_to_submit) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_submit', array($name_of_ugroup, $anonymous_name))); } else { if ($user_set_registered_to_submit || $registered_is_already_set_to_submit) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_submit', array($name_of_ugroup, $registered_name))); } else { permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $fake_object_id, $ugroup_id); $add_submit_to_history = true; } } } else { if (isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_SUBMIT']) && isset($ugroup_permissions['submit']) && $ugroup_permissions['submit'] !== "on") { //If we don't have already clear the permissions if (!$user_set_anonymous_to_submit && !$user_set_registered_to_submit) { permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $ugroup_id, $fake_object_id); $add_submit_to_history = true; } } } //UPDATE Permission //----------------- if ($the_field_can_be_updated && !isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_UPDATE']) && isset($ugroup_permissions['others']) && $ugroup_permissions['others'] === "1") { //if the ugroup is not anonymous and not registered, we have to: // check consistency with current permissions for anonymous users // and current permissions for registered users if ($user_set_anonymous_to_update || $anonymous_is_already_set_to_update) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($name_of_ugroup, $anonymous_name))); } else { if ($user_set_registered_to_update || $registered_is_already_set_to_update) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_update', array($name_of_ugroup, $registered_name))); } else { permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $fake_object_id, $ugroup_id); $add_update_to_history = true; } } } else { if (isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_UPDATE']) && isset($ugroup_permissions['others']) && $ugroup_permissions['others'] !== "1") { //If we don't have already clear the permissions if (!$user_set_anonymous_to_update && !$user_set_registered_to_update) { permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $ugroup_id, $fake_object_id); $add_update_to_history = true; } } } //READ Permission //----------------- if (!isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_READ']) && isset($ugroup_permissions['others']) && $ugroup_permissions['others'] === "0") { //if the ugroup is not anonymous and not registered, we have to: // check consistency with current permissions for anonymous users // and current permissions for registered users if ($user_set_anonymous_to_read || $anonymous_is_already_set_to_read) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_read', array($name_of_ugroup, $anonymous_name))); } else { if ($user_set_registered_to_read || $registered_is_already_set_to_read) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_read', array($name_of_ugroup, $registered_name))); } else { if ($user_set_anonymous_to_update || $anonymous_is_already_set_to_update) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_anon_update', array($name_of_ugroup, $anonymous_name))); } else { if ($user_set_registered_to_update || $registered_is_already_set_to_update) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'ignore_g_regis_update', array($name_of_ugroup, $registered_name))); } else { permission_add_ugroup($group_id, 'PLUGIN_TRACKER_FIELD_READ', $fake_object_id, $ugroup_id); $add_read_to_history = true; } } } } } else { if (isset($stored_ugroups_permissions[$field_id]['ugroups'][$ugroup_id]['permissions']['PLUGIN_TRACKER_FIELD_READ']) && isset($ugroup_permissions['others']) && $ugroup_permissions['others'] !== "0") { //If we don't have already clear the permissions if (!$user_set_anonymous_to_read && !$user_set_registered_to_read) { permission_clear_ugroup_object($group_id, 'PLUGIN_TRACKER_FIELD_READ', $ugroup_id, $fake_object_id); $add_read_to_history = true; } } } } } //history if ($add_submit_to_history) { permission_add_history($group_id, 'PLUGIN_TRACKER_FIELD_SUBMIT', $fake_object_id); } if ($add_read_to_history) { permission_add_history($group_id, 'PLUGIN_TRACKER_FIELD_READ', $fake_object_id); } if ($add_update_to_history) { permission_add_history($group_id, 'PLUGIN_TRACKER_FIELD_UPDATE', $fake_object_id); } if (!$permissions_updated && ($add_submit_to_history || $add_read_to_history || $add_update_to_history)) { $permissions_updated = true; } } } return $permissions_updated; //$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('project_admin_userperms', 'perm_upd')); }
function permission_process_update_tracker_permissions($group_id, $atid, $permissions_wanted_by_user) { //The user want to update permissions for the tracker. //We look into the request for specials variable $prefixe_expected = 'permissions_'; $len_prefixe_expected = strlen($prefixe_expected); //some special ugroup names $anonymous_name = $GLOBALS['Language']->getText('project_ugroup', ugroup_get_name_from_id($GLOBALS['UGROUP_ANONYMOUS'])); $registered_name = $GLOBALS['Language']->getText('project_ugroup', ugroup_get_name_from_id($GLOBALS['UGROUP_REGISTERED'])); //small variables for history $add_full_to_history = false; $add_assignee_to_history = false; $add_submitter_to_history = false; //The actual permissions $stored_ugroups_permissions = permission_get_tracker_ugroups_permissions($group_id, $atid); //We look for anonymous and registered users' permissions, both in the user's request and in the db $user_set_anonymous_to_fullaccess = isset($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']]) && $_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']] === "0"; $user_set_registered_to_fullaccess = isset($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_REGISTERED']]) && $_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']] === "0"; $anonymous_is_already_set_to_fullaccess = isset($stored_ugroups_permissions[$GLOBALS['UGROUP_ANONYMOUS']]['permissions']['TRACKER_ACCESS_FULL']); $registered_is_already_set_to_fullaccess = isset($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['permissions']['TRACKER_ACCESS_FULL']); $registered_is_already_set_to_assignee = isset($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['permissions']['TRACKER_ACCESS_ASSIGNEE']); $registered_is_already_set_to_submitter = isset($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['permissions']['TRACKER_ACCESS_SUBMITTER']); //ANONYMOUS //////////////////////////////////////////////////////////////// if (isset($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']])) { switch ($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_ANONYMOUS']]) { case 0: //TRACKER_ACCESS_FULL //------------------- if (!$anonymous_is_already_set_to_fullaccess) { foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_ANONYMOUS']) { permission_add_ugroup($group_id, 'TRACKER_ACCESS_FULL', $atid, $stored_ugroup_id); $add_full_to_history = true; $anonymous_is_already_set_to_fullaccess = true; } else { //We remove permissions for others ugroups if (count($stored_ugroup_permissions['permissions']) > 0 && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroup_permissions['ugroup']['name'], $anonymous_name))); if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_FULL'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid); $add_full_to_history = true; if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { $registered_is_already_set_to_fullaccess = false; } } if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid); $add_assignee_to_history = true; if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { $registered_is_already_set_to_assignee = false; } } if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid); $add_submitter_to_history = true; if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { $registered_is_already_set_to_submitter = false; } } } } } } break; case 1: //TRACKER_ACCESS_ASSIGNEE //----------------------- //forbidden, do nothing break; case 2: //TRACKER_ACCESS_SUBMITTER //------------------------ //forbidden, do nothing break; case 3: //TRACKER_ACCESS_SUBMITTER && TRACKER_ACCESS_ASSIGNEE //--------------------------------------------------- //forbidden, do nothing break; case 100: //NO ACCESS //--------- if ($anonymous_is_already_set_to_fullaccess) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $GLOBALS['UGROUP_ANONYMOUS'], $atid); $add_submitter_to_history = true; $anonymous_is_already_set_to_fullaccess = false; } break; default: //do nothing break; } } //REGISTERED //////////////////////////////////////////////////////////////// if (isset($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_REGISTERED']])) { switch ($_REQUEST[$prefixe_expected . $GLOBALS['UGROUP_REGISTERED']]) { case 0: //TRACKER_ACCESS_FULL //------------------- if (!$registered_is_already_set_to_fullaccess) { //It is not necessary to process if the anonymous has full access if ($anonymous_is_already_set_to_fullaccess) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name))); } else { foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { //We remove old permissions if ($registered_is_already_set_to_assignee) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid); $add_assignee_to_history = true; $registered_is_already_set_to_assignee = false; } if ($registered_is_already_set_to_submitter) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid); $add_submitter_to_history = true; $registered_is_already_set_to_submitter = false; } permission_add_ugroup($group_id, 'TRACKER_ACCESS_FULL', $atid, $stored_ugroup_id); $add_full_to_history = true; $registered_is_already_set_to_fullaccess = true; } else { if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) { //ugroups other than anonymous //We remove permissions for others ugroups if (count($stored_ugroup_permissions['permissions']) > 0 && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($stored_ugroup_permissions['ugroup']['name'], $registered_name))); if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_FULL'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid); $add_full_to_history = true; } if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid); $add_assignee_to_history = true; } if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid); $add_submitter_to_history = true; } } } } } } } break; case 1: //TRACKER_ACCESS_ASSIGNEE //----------------------- if (!$registered_is_already_set_to_assignee) { //It is not necessary to process if the anonymous has full access (anon can't have assignee or submitter access) if ($anonymous_is_already_set_to_fullaccess) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name))); } else { foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { //We remove old permissions if ($registered_is_already_set_to_fullaccess) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid); $add_full_to_history = true; $registered_is_already_set_to_fullaccess = false; } if ($registered_is_already_set_to_submitter) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid); $add_submitter_to_history = true; $registered_is_already_set_to_submitter = false; } permission_add_ugroup($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid, $stored_ugroup_id); $registered_is_already_set_to_assignee = true; } else { if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) { //ugroups other than anonymous //We remove permissions for others ugroups if they have assignee if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE']) && !isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER']) && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_assignee', array($stored_ugroup_permissions['ugroup']['name'], $registered_name))); permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid); $add_assignee_to_history = true; } } } } } } break; case 2: //TRACKER_ACCESS_SUBMITTER //------------------------ if (!$registered_is_already_set_to_submitter) { //It is not necessary to process if the anonymous has full access (anon can't have assignee or submitter access) if ($anonymous_is_already_set_to_fullaccess) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name))); } else { foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { //We remove old permissions if ($registered_is_already_set_to_fullaccess) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid); $add_full_to_history = true; $registered_is_already_set_to_fullaccess = false; } if ($registered_is_already_set_to_assignee) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid); $add_assignee_to_history = true; $registered_is_already_set_to_assignee = false; } permission_add_ugroup($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid, $stored_ugroup_id); $add_submitter_to_history = true; $registered_is_already_set_to_submitter = true; } else { if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) { //ugroups other than anonymous //We remove permissions for others ugroups if they have submitter if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER']) && !isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE']) && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter', array($stored_ugroup_permissions['ugroup']['name'], $registered_name))); permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid); $add_submitter_to_history = true; } } } } } } break; case 3: //TRACKER_ACCESS_SUBMITTER && TRACKER_ACCESS_ASSIGNEE //--------------------------------------------------- if (!($registered_is_already_set_to_submitter && $registered_is_already_set_to_assignee)) { //It is not necessary to process if the anonymous has full access (anon can't have assignee or submitter access) if ($anonymous_is_already_set_to_fullaccess) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($stored_ugroups_permissions[$GLOBALS['UGROUP_REGISTERED']]['ugroup']['name'], $anonymous_name))); } else { foreach ($stored_ugroups_permissions as $stored_ugroup_id => $stored_ugroup_permissions) { if ($stored_ugroup_id === $GLOBALS['UGROUP_REGISTERED']) { //We remove old permissions if ($registered_is_already_set_to_fullaccess) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $stored_ugroup_id, $atid); $add_full_to_history = true; $registered_is_already_set_to_fullaccess = false; } if (!$registered_is_already_set_to_assignee) { permission_add_ugroup($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid, $stored_ugroup_id); $add_assignee_to_history = true; $registered_is_already_set_to_assignee = true; } if (!$registered_is_already_set_to_submitter) { permission_add_ugroup($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid, $stored_ugroup_id); $add_submitter_to_history = true; $registered_is_already_set_to_submitter = true; } } else { if ($stored_ugroup_id !== $GLOBALS['UGROUP_ANONYMOUS']) { //ugroups other than anonymous //We remove permissions for others ugroups if they have submitter or assignee if ((isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER']) || isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE'])) && (!isset($_REQUEST[$prefixe_expected . $stored_ugroup_id]) || $_REQUEST[$prefixe_expected . $stored_ugroup_id] != 100)) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter_assignee', array($stored_ugroup_permissions['ugroup']['name'], $registered_name))); if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_SUBMITTER'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $stored_ugroup_id, $atid); $add_submitter_to_history = true; } if (isset($stored_ugroup_permissions['permissions']['TRACKER_ACCESS_ASSIGNEE'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $stored_ugroup_id, $atid); $add_assignee_to_history = true; } } } } } } } break; case 100: //NO SPECIFIC ACCESS //------------------ if ($registered_is_already_set_to_assignee) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $GLOBALS['UGROUP_REGISTERED'], $atid); $add_assignee_to_history = true; $registered_is_already_set_to_assignee = false; } if ($registered_is_already_set_to_submitter) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $GLOBALS['UGROUP_REGISTERED'], $atid); $add_submitter_to_history = true; $registered_is_already_set_to_submitter = false; } if ($registered_is_already_set_to_fullaccess) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $GLOBALS['UGROUP_REGISTERED'], $atid); $add_full_to_history = true; $registered_is_already_set_to_fullaccess = false; } break; default: //do nothing break; } } //OTHERS INSIGNIFIANT UGROUPS //////////////////////////////////////////////////////////////// foreach ($_REQUEST as $key => $value) { $pos = strpos($key, $prefixe_expected); if ($pos !== false) { //We've just found a variable //We check now if the suffixe (id of ugroup) and the value is numeric values $suffixe = substr($key, $len_prefixe_expected); if (is_numeric($suffixe)) { $ugroup_id = $suffixe; if ($ugroup_id != $GLOBALS['UGROUP_ANONYMOUS'] && $ugroup_id != $GLOBALS['UGROUP_REGISTERED']) { //already done. $ugroup_name = $stored_ugroups_permissions[$ugroup_id]['ugroup']['name']; switch ($value) { case 0: //TRACKER_FULL_ACCESS //------------------- if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) { if ($anonymous_is_already_set_to_fullaccess) { //It is not necessary to process if the anonymous has full access $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($ugroup_name, $anonymous_name))); } else { if ($registered_is_already_set_to_fullaccess) { //It is not necessary to process if the registered has full access $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($ugroup_name, $registered_name))); } else { //We remove old permissions if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $ugroup_id, $atid); $add_assignee_to_history = true; } if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $ugroup_id, $atid); $add_submitter_to_history = true; } permission_add_ugroup($group_id, 'TRACKER_ACCESS_FULL', $atid, $ugroup_id); $add_full_to_history = true; } } } break; case 1: //TRACKER_ACCESS_ASSIGNEE //----------------------- if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) { //It is not necessary to process if the anonymous has full access if ($anonymous_is_already_set_to_fullaccess) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($ugroup_name, $anonymous_name))); } else { if ($registered_is_already_set_to_fullaccess) { //It is not necessary to process if the registered has full access $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($ugroup_name, $registered_name))); } else { if ($registered_is_already_set_to_submitter && $registered_is_already_set_to_assignee) { //It is not necessary to process if the registered has submitter and assignee $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter_assignee', array($ugroup_name, $registered_name))); } else { if ($registered_is_already_set_to_assignee) { //It is not necessary to process if the registered has assignee $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_assignee', array($ugroup_name, $registered_name))); } else { //We remove old permissions if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $ugroup_id, $atid); $add_full_to_history = true; } if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $ugroup_id, $atid); $add_submitter_to_history = true; } permission_add_ugroup($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid, $ugroup_id); $add_assignee_to_history = true; } } } } } break; case 2: //TRACKER_ACCESS_SUBMITTER //------------------------ if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) { //It is not necessary to process if the anonymous has full access if ($anonymous_is_already_set_to_fullaccess) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($ugroup_name, $anonymous_name))); } else { if ($registered_is_already_set_to_fullaccess) { //It is not necessary to process if the registered has full access $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($ugroup_name, $registered_name))); } else { if ($registered_is_already_set_to_submitter && $registered_is_already_set_to_assignee) { //It is not necessary to process if the registered has submitter and assignee $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter_assignee', array($ugroup_name, $registered_name))); } else { if ($registered_is_already_set_to_submitter) { //It is not necessary to process if the registered has submitter $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter', array($ugroup_name, $registered_name))); } else { //We remove old permissions if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $ugroup_id, $atid); $add_full_to_history = true; } if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $ugroup_id, $atid); $add_assignee_to_history = true; } permission_add_ugroup($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid, $ugroup_id); $add_submitter_to_history = true; } } } } } break; case 3: //TRACKER_ACCESS_SUBMITTER && TRACKER_ACCESS_ASSIGNEE //--------------------------------------------------- if (!(isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE']) && isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER']))) { //It is not necessary to process if the anonymous has full access if ($anonymous_is_already_set_to_fullaccess) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_anon_full', array($ugroup_name, $anonymous_name))); } else { if ($registered_is_already_set_to_fullaccess) { //It is not necessary to process if the registered has full access $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_full', array($ugroup_name, $registered_name))); } else { if ($registered_is_already_set_to_submitter && $registered_is_already_set_to_assignee) { //It is not necessary to process if the registered has submitter and assignee $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('tracker_admin_permissions', 'tracker_ignore_g_regis_submitter_assignee', array($ugroup_name, $registered_name))); } else { //We remove old permissions if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $ugroup_id, $atid); $add_full_to_history = true; } if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) { permission_add_ugroup($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid, $ugroup_id); $add_assignee_to_history = true; } if (!isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) { permission_add_ugroup($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid, $ugroup_id); $add_submitter_to_history = true; } } } } } break; case 100: //NO SPECIFIC ACCESS //------------------ if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_FULL'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_FULL', $ugroup_id, $atid); $add_full_to_history = true; } if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_ASSIGNEE'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_ASSIGNEE', $ugroup_id, $atid); $add_assignee_to_history = true; } if (isset($stored_ugroups_permissions[$ugroup_id]['permissions']['TRACKER_ACCESS_SUBMITTER'])) { permission_clear_ugroup_object($group_id, 'TRACKER_ACCESS_SUBMITTER', $ugroup_id, $atid); $add_submitter_to_history = true; } break; default: //do nothing break; } } } } } //history if ($add_full_to_history) { permission_add_history($group_id, 'TRACKER_ACCESS_FULL', $atid); } if ($add_assignee_to_history) { permission_add_history($group_id, 'TRACKER_ACCESS_ASSIGNEE', $atid); } if ($add_submitter_to_history) { permission_add_history($group_id, 'TRACKER_ACCESS_SUBMITTER', $atid); } //feedback if ($add_full_to_history || $add_assignee_to_history || $add_submitter_to_history) { $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('project_admin_userperms', 'perm_upd')); } }