function permission_form_parameters($pg_id)
{
set_time_limit(0);
ini_set('memory_limit', '512M');
$member_permissions = array();
$dimensions = array();
$dims = Dimensions::findAll(array('order' => 'default_order'));
$members = array();
$member_types = array();
$allowed_object_types = array();
$allowed_object_types_by_member_type[] = array();
$root_permissions = array();
$enabled_dimensions = config_option("enabled_dimensions");
foreach ($dims as $dim) {
if ($dim->getDefinesPermissions() && in_array($dim->getId(), $enabled_dimensions)) {
$dimensions[] = $dim;
$root_members = DB::executeAll("SELECT * FROM " . TABLE_PREFIX . "members WHERE dimension_id=" . $dim->getId() . " AND parent_member_id=0 ORDER BY name ASC");
$tmp_mem_ids = array();
foreach ($root_members as $mem) {
if (!isset($members[$dim->getId()])) {
$members[$dim->getId()] = array();
}
$members[$dim->getId()][] = $mem;
$members[$dim->getId()] = array_merge($members[$dim->getId()], get_all_children_sorted($mem));
}
$allowed_object_types[$dim->getId()] = array();
$dim_obj_types = $dim->getAllowedObjectTypeContents();
foreach ($dim_obj_types as $dim_obj_type) {
// To draw a row for each object type of the dimension
if (!in_array($dim_obj_type->getContentObjectTypeId(), $allowed_object_types[$dim->getId()])) {
$allowed_object_types[$dim->getId()][] = $dim_obj_type->getContentObjectTypeId();
}
// To enable or disable object types depending on the selected member
if (!is_array(array_var($allowed_object_types_by_member_type, $dim_obj_type->getDimensionObjectTypeId()))) {
$allowed_object_types_by_member_type[$dim_obj_type->getDimensionObjectTypeId()] = array();
}
$allowed_object_types_by_member_type[$dim_obj_type->getDimensionObjectTypeId()][] = $dim_obj_type->getContentObjectTypeId();
}
if ($dim->deniesAllForContact($pg_id)) {
$cmp_count = ContactMemberPermissions::count("`permission_group_id` = {$pg_id} and member_id in (select m.id from " . TABLE_PREFIX . "members m where m.dimension_id=" . $dim->getId() . ")");
if ($cmp_count > 0) {
$dim->setContactDimensionPermission($pg_id, 'check');
}
}
if ($dim->hasAllowAllForContact($pg_id)) {
if (isset($members[$dim->getId()])) {
foreach ($members[$dim->getId()] as $mem) {
$member_permissions[$mem['id']] = array();
foreach ($dim_obj_types as $dim_obj_type) {
if ($dim_obj_type->getDimensionObjectTypeId() == $mem['object_type_id']) {
$member_permissions[$mem['id']][] = array('o' => $dim_obj_type->getContentObjectTypeId(), 'w' => 1, 'd' => 1, 'r' => 1);
}
}
}
}
} else {
if (!$dim->deniesAllForContact($pg_id)) {
if (isset($members[$dim->getId()])) {
$tmp_ids = array();
foreach ($members[$dim->getId()] as $mem) {
$tmp_ids[] = $mem['id'];
}
$mem_pgs = array();
if (is_array($tmp_ids) && count($tmp_ids)) {
$pgs = DB::executeAll("SELECT * FROM " . TABLE_PREFIX . "contact_member_permissions WHERE permission_group_id={$pg_id} AND member_id IN (" . implode(',', $tmp_ids) . ")\r\n\t\t\t\t\t\t\t\t\tAND object_type_id IN (SELECT ot.id FROM " . TABLE_PREFIX . "object_types ot WHERE ot.type IN ('content_object','located'))");
if (is_array($pgs)) {
foreach ($pgs as $p) {
if (!isset($mem_pgs[$p['member_id']])) {
$mem_pgs[$p['member_id']] = array();
}
$mem_pgs[$p['member_id']][] = $p;
}
}
}
foreach ($members[$dim->getId()] as $mem) {
$member_permissions[$mem['id']] = array();
if (isset($mem_pgs[$mem['id']]) && is_array($mem_pgs[$mem['id']])) {
foreach ($mem_pgs[$mem['id']] as $pg) {
$member_permissions[$mem['id']][] = array('o' => $pg['object_type_id'], 'w' => $pg['can_write'], 'd' => $pg['can_delete'], 'r' => 1);
}
}
}
}
}
}
if (isset($members[$dim->getId()])) {
foreach ($members[$dim->getId()] as $member) {
$member_types[$member['id']] = $member['object_type_id'];
}
}
}
}
if (config_option('let_users_create_objects_in_root')) {
$root_cmps = ContactMemberPermissions::findAll(array('conditions' => 'permission_group_id = ' . $pg_id . ' AND member_id = 0'));
foreach ($root_cmps as $root_cmp) {
$root_permissions[$root_cmp->getObjectTypeId()] = array('w' => $root_cmp->getCanWrite(), 'd' => $root_cmp->getCanDelete(), 'r' => 1);
}
}
$all_object_types = ObjectTypes::findAll(array("conditions" => "`type` IN ('content_object', 'located') AND name <> 'template_task' AND name <> 'template_milestone' AND `name` <> 'template' AND `name` <> 'file revision'"));
return array('member_types' => $member_types, 'allowed_object_types_by_member_type' => $allowed_object_types_by_member_type, 'allowed_object_types' => $allowed_object_types, 'all_object_types' => $all_object_types, 'member_permissions' => $member_permissions, 'dimensions' => $dimensions, 'root_permissions' => $root_permissions);
}
function save_member_permissions($member)
{
$permissionsString = array_var($_POST, 'permissions');
if ($permissionsString && $permissionsString != '') {
$permissions = json_decode($permissionsString);
}
$sharingTablecontroller = new SharingTableController();
$changed_pgs = array();
if (isset($permissions) && is_array($permissions)) {
$allowed_pg_ids = array();
foreach ($permissions as &$perm) {
$cmp = ContactMemberPermissions::findById(array('permission_group_id' => $perm->pg, 'member_id' => $member->getId(), 'object_type_id' => $perm->o));
if (!$cmp instanceof ContactMemberPermission) {
$cmp = new ContactMemberPermission();
$cmp->setPermissionGroupId($perm->pg);
$cmp->setMemberId($member->getId());
$cmp->setObjectTypeId($perm->o);
}
$cmp->setCanWrite($perm->w);
$cmp->setCanDelete($perm->d);
if ($perm->r) {
$allowed_pg_ids[$perm->pg] = array();
if (isset($allowed_pg_ids[$perm->pg]['w'])) {
if (!$allowed_pg_ids[$perm->pg]['w']) {
$allowed_pg_ids[$perm->pg]['w'] = $perm->w;
}
} else {
$allowed_pg_ids[$perm->pg]['w'] = $perm->w;
}
if (isset($allowed_pg_ids[$perm->pg]['d'])) {
if (!$allowed_pg_ids[$perm->pg]['d']) {
$allowed_pg_ids[$perm->pg]['d'] = $perm->d;
}
} else {
$allowed_pg_ids[$perm->pg]['d'] = $perm->d;
}
$cmp->save();
} else {
$cmp->delete();
}
$perm->m = $member->getId();
$changed_pgs[] = $perm->pg;
}
foreach ($changed_pgs as $pg_id) {
$sharingTablecontroller->afterPermissionChanged($pg_id, $permissions);
}
foreach ($allowed_pg_ids as $key => $mids) {
$root_cmp = ContactMemberPermissions::findById(array('permission_group_id' => $key, 'member_id' => $member->getId(), 'object_type_id' => $member->getObjectTypeId()));
if (!$root_cmp instanceof ContactMemberPermission) {
$root_cmp = new ContactMemberPermission();
$root_cmp->setPermissionGroupId($key);
$root_cmp->setMemberId($member->getId());
$root_cmp->setObjectTypeId($member->getObjectTypeId());
}
$root_cmp->setCanWrite($mids['w'] == true ? 1 : 0);
$root_cmp->setCanDelete($mids['d'] == true ? 1 : 0);
$root_cmp->save();
}
}
// check the status of the dimension to set 'allow_all', 'deny_all' or 'check'
$dimension = $member->getDimension();
$mem_ids = $dimension->getAllMembers(true);
if (count($mem_ids) == 0) {
$mem_ids[] = 0;
}
foreach ($changed_pgs as $pg_id) {
$count = ContactMemberPermissions::count(array('conditions' => "`permission_group_id`={$pg_id} AND `member_id` IN (" . implode(",", $mem_ids) . ") AND `can_delete` = 0"));
if ($count > 0) {
$dimension->setContactDimensionPermission($pg_id, 'check');
} else {
$count = ContactMemberPermissions::count(array('conditions' => "`permission_group_id`={$pg_id} AND `member_id` IN (" . implode(",", $mem_ids) . ")"));
if ($count == 0) {
$dimension->setContactDimensionPermission($pg_id, 'deny all');
} else {
$allow_all = true;
$dim_obj_types = $dimension->getAllowedObjectTypeContents();
$members = Members::findAll("`id` IN (" . implode(",", $mem_ids) . ")");
foreach ($dim_obj_types as $dim_obj_type) {
$mem_ids_for_ot = array();
foreach ($members as $member) {
if ($dim_obj_type->getDimensionObjectTypeId() == $member->getObjectTypeId()) {
$mem_ids_for_ot[] = $member->getId();
}
}
if (count($mem_ids_for_ot) == 0) {
$mem_ids_for_ot[] = 0;
}
$count = ContactMemberPermissions::count(array('conditions' => "`permission_group_id`={$pg_id} AND \n\t\t\t\t\t\t`object_type_id` = " . $dim_obj_type->getContentObjectTypeId() . " AND `can_delete` = 1 AND `member_id` IN (" . implode(",", $mem_ids_for_ot) . ")"));
if ($count != count($mem_ids_for_ot)) {
$allow_all = false;
break;
}
}
if ($allow_all) {
$dimension->setContactDimensionPermission($pg_id, 'allow all');
} else {
$dimension->setContactDimensionPermission($pg_id, 'check');
}
}
}
}
}
function core_dim_add_new_contact_to_person_dimension($object)
{
/* @var $object Contact */
$person_ot = ObjectTypes::findOne(array("conditions" => "`name` = 'person'"));
$company_ot = ObjectTypes::findOne(array("conditions" => "`name` = 'company'"));
$person_dim = Dimensions::findOne(array("conditions" => "`code` = 'feng_persons'"));
if ($person_ot instanceof ObjectType && $person_dim instanceof Dimension) {
$oid = $object->isCompany() ? $company_ot->getId() : $person_ot->getId();
$tmp_mem = Members::findOne(array("conditions" => "`dimension_id` = " . $person_dim->getId() . " AND `object_type_id` = {$oid} AND `object_id` = " . $object->getId()));
$reload_dimension = true;
if ($tmp_mem instanceof Member) {
$member = $tmp_mem;
$reload_dimension = false;
} else {
$member = new Member();
$member->setName($object->getObjectName());
$member->setDimensionId($person_dim->getId());
$parent_member_id = 0;
$depth = 1;
if ($object->isCompany()) {
$member->setObjectTypeId($company_ot->getId());
} else {
$member->setObjectTypeId($person_ot->getId());
if ($object->getCompanyId() > 0) {
$pmember = Members::findOne(array('conditions' => '`object_id` = ' . $object->getCompanyId() . ' AND `object_type_id` = ' . $company_ot->getId() . ' AND `dimension_id` = ' . $person_dim->getId()));
if ($pmember instanceof Member) {
$parent_member_id = $pmember->getId();
$depth = $pmember->getDepth() + 1;
}
}
}
$member->setParentMemberId($parent_member_id);
$member->setDepth($depth);
$member->setObjectId($object->getId());
$member->save();
}
$sql = "INSERT INTO `" . TABLE_PREFIX . "contact_dimension_permissions` (`permission_group_id`, `dimension_id`, `permission_type`)\r\n\t\t\t\t SELECT `c`.`permission_group_id`, " . $person_dim->getId() . ", 'check'\r\n\t\t\t\t FROM `" . TABLE_PREFIX . "contacts` `c` \r\n\t\t\t\t WHERE `c`.`is_company`=0 AND `c`.`user_type`!=0 AND `c`.`disabled`=0 AND `c`.`object_id`=" . $object->getId() . "\r\n\t\t\t\t ON DUPLICATE KEY UPDATE `dimension_id`=`dimension_id`;";
DB::execute($sql);
$sql = "INSERT INTO `" . TABLE_PREFIX . "contact_member_permissions` (`permission_group_id`, `member_id`, `object_type_id`, `can_write`, `can_delete`)\r\n\t\t\t\t SELECT `c`.`permission_group_id`, " . $member->getId() . ", `ot`.`id`, (`c`.`object_id` = " . $object->getId() . ") as `can_write`, (`c`.`object_id` = " . $object->getId() . ") as `can_delete`\r\n\t\t\t\t FROM `" . TABLE_PREFIX . "contacts` `c` JOIN `" . TABLE_PREFIX . "object_types` `ot` \r\n\t\t\t\t WHERE `c`.`is_company`=0 AND `c`.`object_id`=" . $object->getId() . "\r\n\t\t\t\t \tAND `c`.`user_type`!=0 AND `c`.`disabled`=0\r\n\t\t\t\t\tAND `ot`.`type` IN ('content_object', 'comment', 'located')\r\n\t\t\t\t ON DUPLICATE KEY UPDATE `member_id`=`member_id`;";
DB::execute($sql);
DB::execute("DELETE FROM `" . TABLE_PREFIX . "contact_member_permissions` WHERE `permission_group_id` = 0;");
// NEW! Add contact to its own member to be searchable
if (logged_user() instanceof Contact) {
$object->addToMembers(array($member));
$object->addToSharingTable();
}
// add permission to creator
if ($object->getCreatedBy() instanceof Contact) {
$record_count = ContactMemberPermissions::count(array("`permission_group_id` = ? AND `member_id` = ?", $object->getCreatedBy()->getPermissionGroupId(), $member->getId()));
if ($record_count == 0) {
DB::execute("INSERT INTO `" . TABLE_PREFIX . "contact_member_permissions` (`permission_group_id`, `member_id`, `object_type_id`, `can_write`, `can_delete`)\r\n\t\t\t\t SELECT " . $object->getCreatedBy()->getPermissionGroupId() . ", " . $member->getId() . ", `ot`.`id`, 1, 1\r\n\t\t\t\t FROM `" . TABLE_PREFIX . "object_types` `ot` \r\n\t\t\t\t WHERE `ot`.`type` IN ('content_object', 'comment', 'located');");
}
}
if ($reload_dimension) {
evt_add("reload dimension tree", array('dim_id' => $member->getDimensionId()));
}
}
}