/** * Returns array of users linked to entity * * @param string $entityName Inventory entity name (affiliates, clients, etc) * @param integer $entityId Inventory entity ID * @return array */ function getAccountUsersByEntity($entityName, $entityId) { $doUsers = OA_Dal::factoryDO('users'); $doAccount_user_assoc = OA_Dal::factoryDO('account_user_assoc'); $doAccount_user_assoc->account_id = OA_Permission::getAccountIdForEntity($entityName, $entityId); $doUsers->joinAdd($doAccount_user_assoc); $doUsers->find(); return $this->_buildUsersTable($doUsers); }
| | | Copyright: See the COPYRIGHT.txt file. | | License: GPLv2 or later, see the LICENSE.txt file. | +---------------------------------------------------------------------------+ */ // Require the initialisation file require_once '../../init.php'; // Required files require_once MAX_PATH . '/lib/OA/Dal.php'; require_once MAX_PATH . '/www/admin/config.php'; require_once MAX_PATH . '/lib/OA/Session.php'; require_once MAX_PATH . '/lib/OA/Admin/UI/UserAccess.php'; // Register input variables phpAds_registerGlobal('userid', 'returnurl'); // Security check OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER); OA_Permission::enforceAccountPermission(OA_ACCOUNT_ADVERTISER, OA_PERM_SUPER_ACCOUNT); OA_Permission::enforceAccessToObject('clients', $clientid); $accountId = OA_Permission::getAccountIdForEntity('clients', $clientid); // CVE-2013-5954 - see OA_Permission::checkSessionToken() method for details OA_Permission::checkSessionToken(); /*-------------------------------------------------------*/ /* Main code */ /*-------------------------------------------------------*/ if (!empty($accountId) && !empty($userid)) { OA_Admin_UI_UserAccess::unlinkUserFromAccount($accountId, $userid); } if (empty($returnurl)) { $returnurl = 'advertiser-access.php?clientid=' . $clientid; } Header("Location: " . $returnurl);
{ global $affiliateid; phpAds_PageHeader("affiliate-access"); MAX_displayWebsiteBreadcrumbs($affiliateid); } $userAccess->setNavigationHeaderCallback('OA_headerNavigation'); function OA_footerNavigation() { echo "\n <script language='JavaScript'>\n <!--\n "; if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) { echo "function MMM_cascadePermissionsChange()\n {\n var e = findObj('permissions_" . OA_PERM_ZONE_EDIT . "');\n var a = findObj('permissions_" . OA_PERM_ZONE_ADD . "');\n var d = findObj('permissions_" . OA_PERM_ZONE_DELETE . "');\n\n a.disabled = d.disabled = !e.checked;\n if (!e.checked) {\n a.checked = d.checked = false;\n }\n }\n MMM_cascadePermissionsChange();\n //-->"; } echo "</script>"; } $userAccess->setNavigationFooterCallback('OA_footerNavigation'); $accountId = OA_Permission::getAccountIdForEntity('affiliates', $affiliateid); $userAccess->setAccountId($accountId); $userAccess->setPagePrefix('affiliate'); $aAllowedPermissions = array(); if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT, $accountId)) { $aAllowedPermissions[OA_PERM_SUPER_ACCOUNT] = array($strAllowCreateAccounts, false); } $aAllowedPermissions[OA_PERM_ZONE_EDIT] = array($strAllowAffiliateModifyZones, false, 'MMM_cascadePermissionsChange()'); $aAllowedPermissions[OA_PERM_ZONE_ADD] = array($strAllowAffiliateAddZone, true, false); $aAllowedPermissions[OA_PERM_ZONE_DELETE] = array($strAllowAffiliateDeleteZone, true, false); $aAllowedPermissions[OA_PERM_ZONE_LINK] = array($strAllowAffiliateLinkBanners, false, false); $aAllowedPermissions[OA_PERM_ZONE_INVOCATION] = array($strAllowAffiliateGenerateCode, false, false); $aAllowedPermissions[OA_PERM_USER_LOG_ACCESS] = array($strAllowAuditTrailAccess, false, false); $userAccess->setAllowedPermissions($aAllowedPermissions); $userAccess->setHiddenFields(array('affiliateid' => $affiliateid)); $userAccess->setRedirectUrl('affiliate-access.php?affiliateid=' . $affiliateid);
| | | You should have received a copy of the GNU General Public License | | along with this program; if not, write to the Free Software | | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | +---------------------------------------------------------------------------+ $Id: agency-user-unlink.php 37157 2009-05-28 12:31:10Z andrew.hill $ */ // Require the initialisation file require_once '../../init.php'; // Required files require_once MAX_PATH . '/lib/OA/Dal.php'; require_once MAX_PATH . '/www/admin/config.php'; require_once MAX_PATH . '/lib/OA/Session.php'; require_once MAX_PATH . '/lib/OA/Admin/UI/UserAccess.php'; // Register input variables phpAds_registerGlobal('userid', 'returnurl'); // Security check OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER); OA_Permission::enforceAccountPermission(OA_ACCOUNT_MANAGER, OA_PERM_SUPER_ACCOUNT); OA_Permission::enforceAccessToObject('agency', $agencyid); $accountId = OA_Permission::getAccountIdForEntity('agency', $agencyid); /*-------------------------------------------------------*/ /* Main code */ /*-------------------------------------------------------*/ if (!empty($accountId) && !empty($userid)) { OA_Admin_UI_UserAccess::unlinkUserFromAccount($accountId, $userid); } if (empty($returnurl)) { $returnurl = 'agency-access.php?agencyid=' . $agencyid; } Header("Location: " . $returnurl);
/** * A method to show an error if the current user/account doesn't have access * to the specified DB_DataObject (defined by table name and entity ID). * * @static * @param string $entityTable The name of the table. * @param integer $entityId Optional entity ID -- when set, tests if the current * account has access to the enity, when not set, tests * if the current account can create a new entity in the * table. * @param boolean $allowNewEntity Allow creation of a new entity, defaults to false. */ function enforceAccessToObject($entityTable, $entityId = null, $allowNewEntity = false) { if (!$allowNewEntity) { OA_Permission::enforceTrue(!empty($entityId)); } // Verify that the ID is numeric OA_Permission::enforceTrue(preg_match('/^\\d*$/D', $entityId)); $entityId = (int) $entityId; $hasAccess = OA_Permission::hasAccessToObject($entityTable, $entityId); if (!$hasAccess) { if (!OA_Permission::isManualAccountSwitch()) { if (OA_Permission::isUserLinkedToAdmin()) { // Check object existence OA_Permission::enforceTrue(OA_Permission::getAccountIdForEntity($entityTable, $entityId)); } // if has access switch to the manager account that owns this object if ($hasAccess) { if (OA_Permission::switchToManagerAccount($entityTable, $entityId)) { // Now that the admin user is working with the manager // account that owns the object, show to him the page. $url = $_SERVER['REQUEST_URI']; header("Location: {$url}"); exit; } else { // If is not possible to switch redirect the admin to his home page OX_Admin_Redirect::redirect(); } } } } if (!$hasAccess) { OA_Permission::redirectIfManualAccountSwitch(); $hasAccess = OA_Permission::attemptToSwitchForAccess($entityTable, $entityId); } OA_Permission::enforceTrue($hasAccess); }