<?php chdir(dirname(__FILE__)); define("CONSOLE_MODE", true); define('PUBLIC_FOLDER', 'public'); include "init.php"; header("Content-type: text/plain"); $admin_pg = PermissionGroups::findOne(array('conditions' => "`name`='Super Administrator'")); $all_roles_max_permissions = RoleObjectTypePermissions::getAllRoleObjectTypePermissionsInfo(); $admin_perms = $all_roles_max_permissions[$admin_pg->getId()]; $all_object_types = array(); foreach ($admin_perms as &$aperm) { $all_object_types[] = $aperm['object_type_id']; } $users = Contacts::getAllUsers(); echo date('H:i:s') . " - Processing " . count($users) . " users...\n"; foreach ($users as $user) { /* @var $user Contact */ $max_permissions = array_var($all_roles_max_permissions, $user->getUserType()); $pg_id = $user->getPermissionGroupId(); foreach ($all_object_types as $ot) { if (!$ot) { continue; } $max = array_var($max_permissions, $ot); if (!$max) { // cannot read -> delete in contact_member_permissions $sql = "DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE permission_group_id={$pg_id} AND object_type_id={$ot}"; DB::execute($sql); } else { // cut can_delete and can_write using max permissions
private function cut_max_user_permissions(Contact $user) { $admin_pg = PermissionGroups::findOne(array('conditions' => "`name`='Super Administrator'")); $all_roles_max_permissions = RoleObjectTypePermissions::getAllRoleObjectTypePermissionsInfo(); $admin_perms = $all_roles_max_permissions[$admin_pg->getId()]; $all_object_types = array(); foreach ($admin_perms as &$aperm) { $all_object_types[] = $aperm['object_type_id']; } $max_permissions = array_var($all_roles_max_permissions, $user->getUserType()); $pg_id = $user->getPermissionGroupId(); foreach ($all_object_types as $ot) { if (!$ot) { continue; } $max = array_var($max_permissions, $ot); if (!$max) { // cannot read -> delete in contact_member_permissions $sql = "DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE permission_group_id={$pg_id} AND object_type_id={$ot}"; DB::execute($sql); } else { // cut can_delete and can_write using max permissions $can_d = $max['can_delete'] ? "1" : "0"; $can_w = $max['can_write'] ? "1" : "0"; $sql = "UPDATE " . TABLE_PREFIX . "contact_member_permissions\r\n\t\t\t\tSET can_delete=(can_delete AND {$can_d}), can_write=(can_write AND {$can_w})\r\n\t\t\t\tWHERE permission_group_id={$pg_id} AND object_type_id={$ot}"; DB::execute($sql); } } // rebuild sharing table for permission group $pg_id $cmp_rows = DB::executeAll("SELECT * FROM " . TABLE_PREFIX . "contact_member_permissions WHERE permission_group_id={$pg_id}"); $permissions_array = array(); foreach ($cmp_rows as $row) { $p = new stdClass(); $p->m = array_var($row, 'member_id'); $p->o = array_var($row, 'object_type_id'); $p->d = array_var($row, 'can_delete'); $p->w = array_var($row, 'can_write'); $p->r = 1; $permissions[] = $p; } $sharing_table_controller = new SharingTableController(); $sharing_table_controller->after_permission_changed($pg_id, $permissions_array); }
echo $type; ?> ] = <?php echo $role; ?> ; <?php } ?> <?php $rolePermissions = SystemPermissions::getAllRolesPermissions(); echo "og.userRolesPermissions =" . json_encode($rolePermissions) . ";"; $maxRolePermissions = MaxSystemPermissions::getAllMaxRolesPermissions(); echo "og.userMaxRolesPermissions =" . json_encode($maxRolePermissions) . ";"; echo "og.defaultRoleObjectTypePermissions = " . json_encode(RoleObjectTypePermissions::getAllRoleObjectTypePermissionsInfo()) . ";"; echo "og.maxRoleObjectTypePermissions = " . json_encode(MaxRoleObjectTypePermissions::getAllMaxRoleObjectTypePermissionsInfo()) . ";"; ?> <?php $tabs_allowed = TabPanelPermissions::getAllRolesModules(); echo "og.tabs_allowed=" . json_encode($tabs_allowed) . ";"; $guest_groups = PermissionGroups::instance()->getGuestPermissionGroups(); echo "og.guest_permission_group_ids = [];"; foreach ($guest_groups as $gg) { echo "og.guest_permission_group_ids.push(" . $gg->getId() . ");"; } $executive_groups = PermissionGroups::instance()->getExecutivePermissionGroups(); echo "og.executive_permission_group_ids = [];"; foreach ($executive_groups as $eg) { echo "og.executive_permission_group_ids.push(" . $eg->getId() . ");";