/**
* Returns all the userGroup, to which a user belongs to
* Returns empty group if no group found
* Static function.
*
* @param CMS_profile_user|integer $user
* @param boolean $returnIds : return array of groups ids instead of CMS_profile_usersGroup (faster, default : false)
* @return array(groupID => CMS_profile_usersGroup)
* @access public
*/
static function getGroupsOfUser($user, $returnIds = false, $reset = false)
{
static $userGroups;
if ($reset) {
unset($userGroups);
}
if (is_a($user, "CMS_profile_user")) {
$user = $user->getUserId();
}
if (!SensitiveIO::isPositiveInteger($user)) {
return array();
}
if (!isset($userGroups)) {
$sql = "\n\t\t\t\tselect\n\t\t\t\t\tuserId_gu,\n\t\t\t\t\tgroupId_gu\n\t\t\t\tfrom\n\t\t\t\t\tprofileUsersByGroup,\n\t\t\t\t\tprofilesUsersGroups\n\t\t\t\twhere\n\t\t\t\t\tgroupId_gu = id_prg\n\t\t\t\torder by label_prg asc\n\t\t\t";
$q = new CMS_query($sql);
if ($q->getNumRows()) {
$userGroups = array();
while ($data = $q->getArray()) {
$userGroups[$data['userId_gu']][$data['groupId_gu']] = $data['groupId_gu'];
}
}
}
if (!isset($userGroups[$user])) {
return array();
} else {
if ($returnIds) {
return $userGroups[$user];
} else {
$groups = array();
foreach ($userGroups[$user] as $groupdId) {
$groups[$groupdId] = CMS_profile_usersGroupsCatalog::getById($groupdId, $reset);
}
return $groups;
}
}
}
/**
* Apply group profile to all users belonging in this group
* This method must be as fast as possible
*
* @return void
* @access public
*/
function applyToUsers()
{
if (!$this->_users) {
return true;
}
// class users by groups they belong to
$usersByGroups = array();
foreach ($this->_users as $userId) {
$userGroupsIds = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true);
ksort($userGroupsIds);
$usersByGroups[implode(',', $userGroupsIds)][] = $userId;
}
ksort($usersByGroups);
$profiles = array();
//then loop through usersByGroups to compute rights of each combination of groups
foreach ($usersByGroups as $groupsIds => $usersIds) {
$groupIds = explode(',', $groupsIds);
$groupStack = $oldGroupStack = '';
$profile = null;
foreach ($groupIds as $groupId) {
$oldGroupStack = $groupStack;
$groupStack .= $groupStack ? ',' . $groupId : $groupId;
if ($groupStack && isset($profiles[$groupStack])) {
//already computed : do nothing
} elseif ($oldGroupStack && isset($profiles[$oldGroupStack])) {
$profile = clone $profiles[$oldGroupStack];
//get last computation
} else {
$profile = new CMS_profile();
}
if ($profile) {
//add group clearances
$group = CMS_profile_usersGroupsCatalog::getById($groupId);
if ($group && !$group->hasError()) {
$profile->addPageClearances($group->getPageClearances());
$profile->addModuleClearances($group->getModuleClearances());
$profile->addModuleCategoriesClearancesStack($group->getModuleCategoriesClearancesStack());
$profile->addValidationClearances($group->getValidationClearances());
$profile->addAdminClearance($group->getAdminClearance());
$profile->addTemplateGroupsDenied($group->getTemplateGroupsDenied());
$profile->addRowGroupsDenied($group->getRowGroupsDenied());
//store profile
$profiles[$groupStack] = $profile;
}
}
}
}
// Delete old categories clearances first (to speedup further inserts)
$q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $this->_users) . ")");
while (($id = $q->getValue('profile_pru')) !== false) {
$qdel = new CMS_query("delete from modulesCategories_clearances where profile_mcc ='" . SensitiveIO::sanitizeSQLString($id) . "'");
}
//then loop through usersByGroups to apply rights of users by groups
foreach ($usersByGroups as $groupsIds => $usersIds) {
//get profile for groups
if (isset($profiles[$groupsIds])) {
$profile = $profiles[$groupsIds];
//get profilesIds for users
$q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $usersIds) . ")");
$usersProfilesIds = array();
while (($id = $q->getValue('profile_pru')) !== false) {
$usersProfilesIds[] = $id;
}
if ($usersProfilesIds) {
//Update profiles
$pagesClearancesStack = $profile->getPageClearances();
$validationClearancesStack = $profile->getValidationClearances();
$moduleClearancesStack = $profile->getModuleClearances();
$templateGroupsDenied = $profile->getTemplateGroupsDenied();
$rowGroupsDenied = $profile->getRowGroupsDenied();
$q = new CMS_query("\n\t\t\t\t\t\tupdate\n\t\t\t\t\t\t\tprofiles\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tadministrationClearance_pr='" . SensitiveIO::sanitizeSQLString($profile->getAdminClearance()) . "',\n\t\t\t\t\t\t\tpageClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($pagesClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tvalidationClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($validationClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tmoduleClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($moduleClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\ttemplateGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($templateGroupsDenied->getTextDefinition()) . "',\n\t\t\t\t\t\t\trowGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($rowGroupsDenied->getTextDefinition()) . "'\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\tid_pr in (" . implode(',', $usersProfilesIds) . ")\n\t\t\t\t\t");
//Update categories clearances
$moduleCategoriesClearanceStack = $profile->getModuleCategoriesClearancesStack();
// Insert new ones
$elements = $moduleCategoriesClearanceStack->getElements();
if (is_array($elements) && $elements) {
$values = '';
foreach ($usersProfilesIds as $userProfileId) {
foreach ($elements as $v) {
$values .= $values ? ',' : '';
$values .= "('" . $userProfileId . "', '" . $v[0] . "', '" . $v[1] . "')";
}
}
$sql = "\n\t\t\t\t\t\t\tinsert into modulesCategories_clearances\n\t\t\t\t\t\t\t\t(profile_mcc, category_mcc, clearance_mcc)\n\t\t\t\t\t\t\tvalues " . $values . "\n\t\t\t\t\t\t";
$q = new CMS_query($sql);
}
}
}
}
//Clear polymod cache
CMS_cache::clearTypeCache('polymod');
return true;
}
