/**
* Method to save the configuration data.
*
* @param array An array containing all global config data.
* @return bool True on success, false on failure.
* @since 1.6
*/
public function save($data)
{
// Save the rules
if (isset($data['rules'])) {
jimport('joomla.access.rules');
$rules = new JRules($data['rules']);
// Check that we aren't removing our Super User permission
// Need to get groups from database, since they might have changed
$myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id'));
$myRules = $rules->getData();
$hasSuperAdmin = $myRules['core.admin']->allow($myGroups);
if (!$hasSuperAdmin) {
$this->setError(JText::_('COM_CONFIG_ERROR_REMOVING_SUPER_ADMIN'));
return false;
}
$asset = JTable::getInstance('asset');
if ($asset->loadByName('root.1')) {
$asset->rules = (string) $rules;
if (!$asset->check() || !$asset->store()) {
JError::raiseNotice('SOME_ERROR_CODE', $asset->getError());
}
} else {
$this->setError(JText::_('COM_CONFIG_ERROR_ROOT_ASSET_NOT_FOUND'));
return false;
}
unset($data['rules']);
}
// Get the previous configuration.
$prev = new JConfig();
$prev = JArrayHelper::fromObject($prev);
// Merge the new data in. We do this to preserve values that were not in the form.
$data = array_merge($prev, $data);
/*
* Perform miscellaneous options based on configuration settings/changes.
*/
// Escape the sitename if present.
if (isset($data['sitename'])) {
$data['sitename'] = $data['sitename'];
}
// Escape the MetaDesc if present.
if (isset($data['MetaDesc'])) {
$data['MetaDesc'] = $data['MetaDesc'];
}
// Escape the MetaKeys if present.
if (isset($data['MetaKeys'])) {
$data['MetaKeys'] = $data['MetaKeys'];
}
// Escape the offline message if present.
if (isset($data['offline_message'])) {
$data['offline_message'] = JFilterOutput::ampReplace($data['offline_message']);
}
// Purge the database session table if we are changing to the database handler.
if ($prev['session_handler'] != 'database' && $data['session_handler'] == 'database') {
$table = JTable::getInstance('session');
$table->purge(-1);
}
if (empty($data['cache_handler'])) {
$data['caching'] = 0;
}
// Clean the cache if disabled but previously enabled.
if (!$data['caching'] && $prev['caching']) {
$cache = JFactory::getCache();
$cache->clean();
}
// Create the new configuration object.
$config = new JRegistry('config');
$config->loadArray($data);
/*
* Write the configuration file.
*/
jimport('joomla.filesystem.path');
jimport('joomla.filesystem.file');
// Set the configuration file path.
$file = JPATH_CONFIGURATION . DS . 'configuration.php';
// Overwrite the old FTP credentials with the new ones.
$temp = JFactory::getConfig();
$temp->set('ftp_enable', $data['ftp_enable']);
$temp->set('ftp_host', $data['ftp_host']);
$temp->set('ftp_port', $data['ftp_port']);
$temp->set('ftp_user', $data['ftp_user']);
$temp->set('ftp_pass', $data['ftp_pass']);
$temp->set('ftp_root', $data['ftp_root']);
// Get the new FTP credentials.
$ftp = JClientHelper::getCredentials('ftp', true);
// Attempt to make the file writeable if using FTP.
if (!$ftp['enabled'] && JPath::isOwner($file) && !JPath::setPermissions($file, '0644')) {
JError::raiseNotice('SOME_ERROR_CODE', JText::_('COM_CONFIG_ERROR_CONFIGURATION_PHP_NOTWRITABLE'));
}
// Attempt to write the configuration file as a PHP class named JConfig.
$configString = $config->toString('PHP', array('class' => 'JConfig', 'closingtag' => false));
if (!JFile::write($file, $configString)) {
$this->setError(JText::_('COM_CONFIG_ERROR_WRITE_FAILED'));
return false;
}
// Attempt to make the file unwriteable if using FTP.
if ($data['ftp_enable'] == 0 && !$ftp['enabled'] && JPath::isOwner($file) && !JPath::setPermissions($file, '0444')) {
JError::raiseNotice('SOME_ERROR_CODE', JText::_('COM_CONFIG_ERROR_CONFIGURATION_PHP_NOTUNWRITABLE'));
}
return true;
}
/**
* Method to return the JRules object for an asset. The returned object can optionally hold
* only the rules explicitly set for the asset or the summation of all inherited rules from
* parent assets and explicit rules.
*
* @param mixed $asset Integer asset id or the name of the asset as a string.
* @param boolean $recursive True to return the rules object with inherited rules.
*
* @return object JRules object for the asset.
* @since 1.6
*/
public static function getAssetRules($asset, $recursive = false)
{
// Get the database connection object.
$db = JFactory::getDbo();
// Build the database query to get the rules for the asset.
$query = $db->getQuery(true);
$query->select($recursive ? 'b.rules' : 'a.rules');
$query->from('#__assets AS a');
$query->group($recursive ? 'b.id' : 'a.id');
// If the asset identifier is numeric assume it is a primary key, else lookup by name.
if (is_numeric($asset)) {
// Get the root even if the asset is not found
$query->where('(a.id = ' . (int) $asset . ($recursive ? ' OR a.parent_id=0' : '') . ')');
} else {
// Get the root even if the asset is not found
$query->where('(a.name = ' . $db->quote($asset) . ($recursive ? ' OR a.parent_id=0' : '') . ')');
}
// If we want the rules cascading up to the global asset node we need a self-join.
if ($recursive) {
$query->leftJoin('#__assets AS b ON b.lft <= a.lft AND b.rgt >= a.rgt');
$query->order('b.lft');
}
// Execute the query and load the rules from the result.
$db->setQuery($query);
$result = $db->loadResultArray();
// Instantiate and return the JRules object for the asset rules.
$rules = new JRules();
$rules->mergeCollection($result);
return $rules;
}
/**
* Tests the JRules::getAllowed method.
*
* @return void
*
* @since 11.1
*/
function testGetAllowed()
{
$array1 = array('create' => array(-42 => 1), 'edit' => array(-42 => 1), 'delete' => array(-42 => 0, 2 => 1));
$result = new JObject();
$result->set('create', true);
$result->set('edit', true);
$rules = new JRules($array1);
$allowed = $rules->getAllowed(-42);
$this->assertThat($result, $this->equalTo($allowed));
}
