function edit_permissions() { if (!can_manage_security(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $member = Members::findById(get_id()); if (!$member instanceof Member) { flash_error(lang('member dnx')); ajx_current("empty"); return; } if (!array_var($_POST, 'permissions')) { $permission_parameters = permission_member_form_parameters($member); tpl_assign('permission_parameters', $permission_parameters); } else { try { DB::beginWork(); save_member_permissions($member); DB::commit(); flash_success(lang('success user permissions updated')); ajx_current("back"); } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); ajx_current("empty"); } } }
function get_default_member_permission($parent, $permission_parameters) { //inherit permission from parent if ($parent != 0 && config_option('inherit_permissions_from_parent_member')) { $parent_member = Members::getMemberById($parent); if ($parent_member instanceof Member) { $parent_permissions = permission_member_form_parameters($parent_member); $permission_parameters['permission_groups'] = $parent_permissions['permission_groups']; $permission_parameters['member_permissions'] = $parent_permissions['member_permissions']; } } // Add default permissions for executives, managers and administrators if (config_option('add_default_permissions_for_users')) { if ($parent == 0) { $user_types = implode(',', config_option('give_member_permissions_to_new_users')); if (trim($user_types) != "") { $users = Contacts::findAll(array('conditions' => "user_type IN (" . $user_types . ")")); foreach ($users as $user) { if (!isset($permission_parameters['member_permissions'][$user->getPermissionGroupId()]) || count($permission_parameters['member_permissions'][$user->getPermissionGroupId()]) == 0) { $user_pg = array(); foreach ($permission_parameters['allowed_object_types'] as $ot) { $role_perm = RoleObjectTypePermissions::findOne(array('conditions' => array("role_id=? AND object_type_id=?", $user->getUserType(), $ot->getId()))); $user_pg[] = array('o' => $ot->getId(), 'w' => $role_perm instanceof RoleObjectTypePermission ? $role_perm->getCanWrite() ? 1 : 0 : 0, 'd' => $role_perm instanceof RoleObjectTypePermission ? $role_perm->getCanDelete() ? 1 : 0 : 0, 'r' => $role_perm instanceof RoleObjectTypePermission ? 1 : 0); } $permission_parameters['member_permissions'][$user->getPermissionGroupId()] = $user_pg; } } } } } return $permission_parameters; }