/** * Checks if a given user-id is granted the passed permission for the passed systemid. * * @param string $strUserid * @param string $strPermission * @param string $strSystemid * * @return bool */ public function checkPermissionForUserId($strUserid, $strPermission, $strSystemid) { if ($strSystemid == "") { return false; } if ($this->bitTestMode) { return true; } $arrGroupIds = array(); if (validateSystemid($strUserid)) { if ($strUserid == $this->objSession->getUserID()) { $arrGroupIds = $this->objSession->getGroupIdsAsArray(); } else { $objUser = new class_module_user_user($strUserid); $arrGroupIds = $objUser->getArrGroupIds(); } } else { if (validateSystemid($this->objSession->getUserID())) { $arrGroupIds = $this->objSession->getGroupIdsAsArray(); } else { $arrGroupIds[] = class_module_system_setting::getConfigValue("_guests_group_id_"); } } foreach ($arrGroupIds as $strOneGroupId) { if ($this->checkPermissionForGroup($strOneGroupId, $strPermission, $strSystemid)) { return true; } } return false; }
/** * Generates a new SystemRecord and, if needed, the corresponding record in the rights-table (here inheritance is default) * Returns the systemID used for this record * * @param string $strPrevId Previous ID in the tree-structure * @param string $strComment Comment to identify the record * @return string The ID used/generated * * * @todo find ussages and make private */ private function createSystemRecord($strPrevId, $strComment) { $strSystemId = generateSystemid(); $this->setStrSystemid($strSystemId); //Correct prevID if ($strPrevId == "") { $strPrevId = 0; } $this->setStrPrevId($strPrevId); //determine the correct new sort-id - append by default if (class_module_system_module::getModuleByName("system") != null && version_compare(class_module_system_module::getModuleByName("system")->getStrVersion(), "4.7.5", "lt")) { $strQuery = "SELECT COUNT(*) FROM " . _dbprefix_ . "system WHERE system_prev_id = ? AND system_id != '0'"; } else { $strQuery = "SELECT COUNT(*) FROM " . _dbprefix_ . "system WHERE system_prev_id = ? AND system_id != '0' AND system_deleted = 0"; } $arrRow = $this->objDB->getPRow($strQuery, array($strPrevId), 0, false); $intSiblings = $arrRow["COUNT(*)"]; $strComment = uniStrTrim(strip_tags($strComment), 240); if (class_module_system_module::getModuleByName("system") != null && version_compare(class_module_system_module::getModuleByName("system")->getStrVersion(), "4.7.5", "lt")) { //So, lets generate the record $strQuery = "INSERT INTO " . _dbprefix_ . "system\n ( system_id, system_prev_id, system_module_nr, system_owner, system_create_date, system_lm_user,\n system_lm_time, system_status, system_comment, system_sort, system_class) VALUES\n (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; //Send the query to the db $this->objDB->_pQuery($strQuery, array($strSystemId, $strPrevId, $this->getIntModuleNr(), $this->objSession->getUserID(), class_date::getCurrentTimestamp(), $this->objSession->getUserID(), time(), (int) $this->getIntRecordStatus(), $strComment, $this->getNextSortValue($strPrevId), $this->getStrRecordClass())); } else { //So, lets generate the record $strQuery = "INSERT INTO " . _dbprefix_ . "system\n ( system_id, system_prev_id, system_module_nr, system_owner, system_create_date, system_lm_user,\n system_lm_time, system_status, system_comment, system_sort, system_class, system_deleted) VALUES\n (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; //Send the query to the db $this->objDB->_pQuery($strQuery, array($strSystemId, $strPrevId, $this->getIntModuleNr(), $this->objSession->getUserID(), class_date::getCurrentTimestamp(), $this->objSession->getUserID(), time(), (int) $this->getIntRecordStatus(), $strComment, (int) ($intSiblings + 1), $this->getStrRecordClass(), $this->getIntRecordDeleted())); } //we need a Rights-Record $this->objDB->_pQuery("INSERT INTO " . _dbprefix_ . "system_right (right_id, right_inherit) VALUES (?, 1)", array($strSystemId)); //update rights to inherit class_carrier::getInstance()->getObjRights()->setInherited(true, $strSystemId); class_logger::getInstance()->addLogRow("new system-record created: " . $strSystemId . " (" . $strComment . ")", class_logger::$levelInfo); $this->objDB->flushQueryCache(); $this->internalInit(); //reset the old values since we're having a new record $this->strOldPrevId = -1; $this->intOldRecordStatus = -1; return $strSystemId; }