protected function getAllowedThemeIDs() { $u = new User(); $pae = $this->getPermissionAccessObject(); if (!is_object($pae)) { return array(); } $accessEntities = $u->getUserAccessEntityObjects(); $accessEntities = $pae->validateAndFilterAccessEntities($accessEntities); $list = $this->getAccessListItems(PageKey::ACCESS_TYPE_ALL, $accessEntities); $list = PermissionDuration::filterByActive($list); $db = Loader::db(); $allpThemeIDs = $db->GetCol('select pThemeID from PageThemes order by pThemeID asc'); $pThemeIDs = array(); foreach ($list as $l) { if ($l->getThemesAllowedPermission() == 'N') { $pThemeIDs = array(); } if ($l->getThemesAllowedPermission() == 'C') { if ($l->getAccessType() == PageKey::ACCESS_TYPE_EXCLUDE) { $pThemeIDs = array_values(array_diff($pThemeIDs, $l->getThemesAllowedArray())); } else { $pThemeIDs = array_unique(array_merge($pThemeIDs, $l->getThemesAllowedArray())); } } if ($l->getThemesAllowedPermission() == 'A') { $pThemeIDs = $allpThemeIDs; } } return $pThemeIDs; }
public function getMyAssignment() { $u = new User(); $asl = new ViewUserAttributesUserPermissionAssignment(); if ($u->isSuperUser()) { $asl->setAttributesAllowedPermission('A'); return $asl; } $pae = $this->getPermissionAccessObject(); if (!is_object($pae)) { return $asl; } $accessEntities = $u->getUserAccessEntityObjects(); $accessEntities = $pae->validateAndFilterAccessEntities($accessEntities); $list = $this->getAccessListItems(UserKey::ACCESS_TYPE_ALL, $accessEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { if ($l->getAttributesAllowedPermission() == 'N') { $asl->setAttributesAllowedPermission('N'); } if ($l->getAttributesAllowedPermission() == 'C') { $asl->setAttributesAllowedPermission('C'); } if ($l->getAttributesAllowedPermission() == 'A') { $asl->setAttributesAllowedPermission('A'); } } $asl->setAttributesAllowedArray($this->getAllowedAttributeKeyIDs($list)); return $asl; }
public function getAccessListItems($accessType = PagePermissionKey::ACCESS_TYPE_INCLUDE, $filterEntities = array()) { $db = Loader::db(); $list = parent::getAccessListItems($accessType, $filterEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { $pe = $l->getAccessEntityObject(); $prow = $db->GetRow('select permission from PagePermissionThemeAccessList where peID = ? and paID = ?', array($pe->getAccessEntityID(), $l->getPermissionAccessID())); if (is_array($prow) && $prow['permission']) { $l->setThemesAllowedPermission($prow['permission']); $permission = $prow['permission']; } else { if ($l->getAccessType() == PagePermissionKey::ACCESS_TYPE_INCLUDE) { $l->setThemesAllowedPermission('A'); } else { $l->setThemesAllowedPermission('N'); } } if ($permission == 'C') { $pThemeIDs = $db->GetCol('select pThemeID from PagePermissionThemeAccessListCustom where peID = ? and paID = ?', array($pe->getAccessEntityID(), $l->getPermissionAccessID())); $l->setThemesAllowedArray($pThemeIDs); } } return $list; }
public function getAllowedFileExtensions() { $u = new User(); $extensions = array(); if ($u->isSuperUser()) { $extensions = Loader::helper('concrete/file')->getAllowedFileExtensions(); return $extensions; } $pae = $this->getPermissionAccessObject(); if (!is_object($pae)) { return array(); } $accessEntities = $u->getUserAccessEntityObjects(); $accessEntities = $pae->validateAndFilterAccessEntities($accessEntities); $list = $this->getAccessListItems(FileSetKey::ACCESS_TYPE_ALL, $accessEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { if ($l->getFileTypesAllowedPermission() == 'N') { $extensions = array(); } if ($l->getFileTypesAllowedPermission() == 'C') { $extensions = array_unique(array_merge($extensions, $l->getFileTypesAllowedArray())); } if ($l->getFileTypesAllowedPermission() == 'A') { $extensions = Loader::helper('concrete/file')->getAllowedFileExtensions(); } } return $extensions; }
public function getMyAssignment() { $u = new User(); $asl = new AddConversationMessageConversationListItem(); if ($u->isSuperUser()) { $asl->setNewConversationMessageApprovalStatus('A'); return $asl; } $pae = $this->getPermissionAccessObject(); if (!is_object($pae)) { $asl->setNewConversationMessageApprovalStatus('U'); return $asl; } $accessEntities = $u->getUserAccessEntityObjects(); $accessEntities = $pae->validateAndFilterAccessEntities($accessEntities); $list = $this->getAccessListItems(UserKey::ACCESS_TYPE_ALL, $accessEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { if ($l->getNewConversationMessageApprovalStatus() == 'U') { $asl->setNewConversationMessageApprovalStatus('U'); } if ($l->getNewConversationMessageApprovalStatus() == 'A') { $asl->setNewConversationMessageApprovalStatus('A'); } } return $asl; }
public function validate() { $u = new User(); if ($u->isSuperUser()) { return true; } $pae = $this->getPermissionAccessObject(); if (!is_object($pae)) { return false; } $accessEntities = $u->getUserAccessEntityObjects(); $accessEntities = $pae->validateAndFilterAccessEntities($accessEntities); $valid = false; $list = $this->getAccessListItems(PermissionKey::ACCESS_TYPE_ALL, $accessEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_INCLUDE) { $valid = true; } if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_EXCLUDE) { $valid = false; } } return $valid; }
public function getAccessListItems($accessType = PagePermissionKey::ACCESS_TYPE_INCLUDE, $filterEntities = array()) { $db = Database::connection(); $list = parent::getAccessListItems($accessType, $filterEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { $pe = $l->getAccessEntityObject(); $prow = $db->fetchAssoc('select permission, externalLink from PagePermissionPageTypeAccessList where peID = ? and paID = ?', array($pe->getAccessEntityID(), $l->getPermissionAccessID())); if (is_array($prow) && $prow['permission']) { $l->setPageTypesAllowedPermission($prow['permission']); $l->setAllowExternalLinks($prow['externalLink']); $permission = $prow['permission']; } elseif ($l->getAccessType() == PagePermissionKey::ACCESS_TYPE_INCLUDE) { $l->setPageTypesAllowedPermission('A'); $l->setAllowExternalLinks(1); } else { $l->setPageTypesAllowedPermission('N'); $l->setAllowExternalLinks(0); } if ($permission == 'C') { $ptIDs = $db->GetCol('select ptID from PagePermissionPageTypeAccessListCustom where peID = ? and paID = ?', array($pe->getAccessEntityID(), $l->getPermissionAccessID())); $l->setPageTypesAllowedArray($ptIDs); } } return $list; }
public function getCurrentlyActiveUsers(WorkflowProgress $wp) { $paa = $this->getPermissionAccessObject(); if (!$paa) { return array(); } $paa->setWorkflowProgressObject($wp); $included = $this->getAccessListItems(self::ACCESS_TYPE_INCLUDE); $excluded = $this->getAccessListItems(self::ACCESS_TYPE_EXCLUDE); $included = PermissionDuration::filterByActive($included); $excluded = PermissionDuration::filterByActive($excluded); $users = array(); $usersExcluded = array(); foreach ($included as $inc) { $pae = $inc->getAccessEntityObject(); $users = array_merge($users, $pae->getAccessEntityUsers($paa)); } $users = array_unique($users); foreach ($excluded as $inc) { $pae = $inc->getAccessEntityObject(); $usersExcluded = array_merge($usersExcluded, $pae->getAccessEntityUsers()); } $users = array_diff($users, $usersExcluded); return $users; }
public function getAccessListItems($accessType = PagePermissionKey::ACCESS_TYPE_INCLUDE, $filterEntities = array(), $checkCache = true) { $db = Database::connection(); $list = parent::getAccessListItems($accessType, $filterEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { /** * @var $l NotifyInNotificationCenterNotificationListItem */ $pe = $l->getAccessEntityObject(); $prow = $db->GetRow('select permission from NotificationPermissionSubscriptionList where peID = ? and paID = ?', array($pe->getAccessEntityID(), $l->getPermissionAccessID())); if (is_array($prow) && $prow['permission']) { $l->setSubscriptionsAllowedPermission($prow['permission']); $permission = $prow['permission']; if ($permission == 'C') { $subscriptions = $db->GetCol('select nSubscriptionIdentifier from NotificationPermissionSubscriptionListCustom where peID = ? and paID = ?', array($pe->getAccessEntityID(), $l->getPermissionAccessID())); $l->setSubscriptionsAllowedArray($subscriptions); } } elseif ($l->getAccessType() == PagePermissionKey::ACCESS_TYPE_INCLUDE) { $l->setSubscriptionsAllowedPermission('A'); } else { $l->setSubscriptionsAllowedPermission('N'); } } return $list; }
protected function getAllowedBlockTypeIDs() { $u = new User(); $pae = $this->getPermissionAccessObject(); if (!is_object($pae)) { return array(); } $accessEntities = $u->getUserAccessEntityObjects(); $accessEntities = $pae->validateAndFilterAccessEntities($accessEntities); $list = $this->getAccessListItems(AreaKey::ACCESS_TYPE_ALL, $accessEntities); $list = PermissionDuration::filterByActive($list); $db = Loader::db(); $btIDs = array(); if (count($list) > 0) { $cache = \Core::make('cache/request'); $dsh = Loader::helper('concrete/dashboard'); if ($dsh->inDashboard()) { $identifier = 'blocktypeids/all'; } else { $identifier = 'blocktypeids/public'; } $item = $cache->getItem($identifier); $allBTIDs = $item->get(); if ($item->isMiss()) { if ($dsh->inDashboard()) { $allBTIDs = $db->GetCol('select btID from BlockTypes'); } else { $allBTIDs = $db->GetCol('select btID from BlockTypes where btIsInternal = 0'); } $cache->save($item->set($allBTIDs)); } foreach ($list as $l) { if ($l->getBlockTypesAllowedPermission() == 'N') { $btIDs = array(); } if ($l->getBlockTypesAllowedPermission() == 'C') { if ($l->getAccessType() == AreaKey::ACCESS_TYPE_EXCLUDE) { $btIDs = array_values(array_diff($btIDs, $l->getBlockTypesAllowedArray())); } else { $btIDs = array_unique(array_merge($btIDs, $l->getBlockTypesAllowedArray())); } } if ($l->getBlockTypesAllowedPermission() == 'A') { $btIDs = $allBTIDs; } } } return $btIDs; }
public function validateAccessEntities($accessEntities) { $valid = false; $accessEntities = $this->validateAndFilterAccessEntities($accessEntities); $list = $this->getAccessListItems(PermissionKey::ACCESS_TYPE_ALL, $accessEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_INCLUDE) { $valid = true; } if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_EXCLUDE) { $valid = false; } } return $valid; }
public function getAccessListItems($accessType = PagePermissionKey::ACCESS_TYPE_INCLUDE, $filterEntities = [], $checkCache = true) { $db = Database::connection(); $list = parent::getAccessListItems($accessType, $filterEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { $pe = $l->getAccessEntityObject(); $prow = $db->fetchAssoc('select permission from PagePermissionThemeAccessList where peID = ? and paID = ?', [$pe->getAccessEntityID(), $l->getPermissionAccessID()]); if ($prow && $prow['permission']) { $l->setThemesAllowedPermission($prow['permission']); $permission = $prow['permission']; if ($permission == 'C') { $pThemeIDs = $db->GetCol('select pThemeID from PagePermissionThemeAccessListCustom where peID = ? and paID = ?', [$pe->getAccessEntityID(), $l->getPermissionAccessID()]); $l->setThemesAllowedArray($pThemeIDs); } } elseif ($l->getAccessType() == PagePermissionKey::ACCESS_TYPE_INCLUDE) { $l->setThemesAllowedPermission('A'); } else { $l->setThemesAllowedPermission('N'); } } return $list; }
public function getAccessListItems($accessType = UserPermissionKey::ACCESS_TYPE_INCLUDE, $filterEntities = array()) { $db = Loader::db(); $list = parent::getAccessListItems($accessType, $filterEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { $pe = $l->getAccessEntityObject(); $prow = $db->GetRow('select attributePermission, uName, uPassword, uEmail, uAvatar, uTimezone, uDefaultLanguage from UserPermissionEditPropertyAccessList where peID = ? and paID = ?', array($pe->getAccessEntityID(), $this->getPermissionAccessID())); if (is_array($prow) && $prow['attributePermission']) { $l->setAttributesAllowedPermission($prow['attributePermission']); $l->setAllowEditUserName($prow['uName']); $l->setAllowEditEmail($prow['uEmail']); $l->setAllowEditPassword($prow['uPassword']); $l->setAllowEditAvatar($prow['uAvatar']); $l->setAllowEditTimezone($prow['uTimezone']); $l->setAllowEditDefaultLanguage($prow['uDefaultLanguage']); $attributePermission = $prow['attributePermission']; } else { if ($l->getAccessType() == UserPermissionKey::ACCESS_TYPE_INCLUDE) { $l->setAttributesAllowedPermission('A'); $l->setAllowEditUserName(1); $l->setAllowEditEmail(1); $l->setAllowEditPassword(1); $l->setAllowEditAvatar(1); $l->setAllowEditTimezone(1); $l->setAllowEditDefaultLanguage(1); } else { $l->setAttributesAllowedPermission('N'); $l->setAllowEditUserName(0); $l->setAllowEditEmail(0); $l->setAllowEditPassword(0); $l->setAllowEditAvatar(0); $l->setAllowEditTimezone(0); $l->setAllowEditDefaultLanguage(0); } } if ($attributePermission == 'C') { $akIDs = $db->GetCol('select akID from UserPermissionEditPropertyAttributeAccessListCustom where peID = ? and paID = ?', array($pe->getAccessEntityID(), $this->getPermissionAccessID())); $l->setAttributesAllowedArray($akIDs); } } return $list; }
public function getMyAssignment() { $u = new User(); $asl = new \Concrete\Core\Permission\Access\ListItem\EditPagePropertiesPageListItem(); if ($u->isSuperUser()) { $asl->setAllowEditName(1); $asl->setAllowEditDateTime(1); $asl->setAllowEditUserID(1); $asl->setAllowEditDescription(1); $asl->setAllowEditPaths(1); $asl->setAttributesAllowedArray($this->getAllAttributeKeyIDs()); $asl->setAttributesAllowedPermission('A'); return $asl; } $pae = $this->getPermissionAccessObject(); if (!is_object($pae)) { return $asl; } $accessEntities = $u->getUserAccessEntityObjects(); $accessEntities = $pae->validateAndFilterAccessEntities($accessEntities); $list = $pae->getAccessListItems(PageKey::ACCESS_TYPE_ALL, $accessEntities); $list = PermissionDuration::filterByActive($list); $properties = array(); $excluded = array(); $akIDs = array(); $u = new User(); if (count($list) > 0) { $allAKIDs = $this->getAllAttributeKeyIDs(); } foreach ($list as $l) { if ($l->allowEditName() && !in_array('name', $excluded)) { $asl->setAllowEditName(1); } if ($l->allowEditDateTime() && !in_array('date', $excluded)) { $asl->setAllowEditDateTime(1); } if ($l->allowEditUserID() && !in_array('uID', $excluded)) { $asl->setAllowEditUserID(1); } if ($l->allowEditDescription() && !in_array('description', $excluded)) { $asl->setAllowEditDescription(1); } if ($l->allowEditPaths() && !in_array('paths', $excluded)) { $asl->setAllowEditPaths(1); } if ($l->getAccessType() == PageKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditName()) { $asl->setAllowEditName(0); $excluded[] = 'name'; } if ($l->getAccessType() == PageKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditDateTime()) { $asl->setAllowEditDateTime(0); $excluded[] = 'date'; } if ($l->getAccessType() == PageKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditUserID()) { $asl->setAllowEditUserID(0); $excluded[] = 'uID'; } if ($l->getAccessType() == PageKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditDescription()) { $asl->setAllowEditDescription(0); $excluded[] = 'description'; } if ($l->getAccessType() == PageKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditPaths()) { $asl->setAllowEditPaths(0); $excluded[] = 'paths'; } if ($l->getAttributesAllowedPermission() == 'N') { $akIDs = array(); $asl->setAttributesAllowedPermission('N'); } if ($l->getAttributesAllowedPermission() == 'C') { $asl->setAttributesAllowedPermission('C'); if ($l->getAccessType() == PageKey::ACCESS_TYPE_EXCLUDE) { $akIDs = array_values(array_diff($akIDs, $l->getAttributesAllowedArray())); } else { $akIDs = array_unique(array_merge($akIDs, $l->getAttributesAllowedArray())); } } if ($l->getAttributesAllowedPermission() == 'A') { $akIDs = $allAKIDs; $asl->setAttributesAllowedPermission('A'); } } $asl->setAttributesAllowedArray($akIDs); return $asl; }
public function getMyAssignment() { $u = new User(); $asl = new \Concrete\Core\Permission\Access\ListItem\EditUserPropertiesUserListItem(); $db = Loader::db(); $allAKIDs = $db->GetCol('select akID from UserAttributeKeys order by akID asc'); if ($u->isSuperUser()) { $asl->setAllowEditUserName(1); $asl->setAllowEditEmail(1); $asl->setAllowEditPassword(1); $asl->setAllowEditAvatar(1); $asl->setAllowEditTimezone(1); $asl->setAllowEditDefaultLanguage(1); $asl->setAttributesAllowedArray($allAKIDs); $asl->setAttributesAllowedPermission('A'); return $asl; } $pae = $this->getPermissionAccessObject(); if (!is_object($pae)) { return $asl; } $accessEntities = $u->getUserAccessEntityObjects(); $accessEntities = $pae->validateAndFilterAccessEntities($accessEntities); $list = $this->getAccessListItems(UserKey::ACCESS_TYPE_ALL, $accessEntities); $list = PermissionDuration::filterByActive($list); $properties = array(); $excluded = array(); $akIDs = array(); $u = new User(); foreach ($list as $l) { if ($l->allowEditUserName() && !in_array('uName', $excluded)) { $asl->setAllowEditUserName(1); } if ($l->allowEditEmail() && !in_array('uEmail', $excluded)) { $asl->setAllowEditEmail(1); } if ($l->allowEditPassword() && !in_array('uPassword', $excluded)) { $asl->setAllowEditPassword(1); } if ($l->allowEditAvatar() && !in_array('uAvatar', $excluded)) { $asl->setAllowEditAvatar(1); } if ($l->allowEditTimezone() && !in_array('uTimezone', $excluded)) { $asl->allowEditTimezone(1); } if ($l->allowEditDefaultLanguage() && !in_array('uDefaultLanguage', $excluded)) { $asl->setAllowEditDefaultLanguage(1); } if ($l->getAccessType() == UserKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditUserName()) { $asl->setAllowEditUserName(0); $excluded[] = 'uName'; } if ($l->getAccessType() == UserKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditEmail()) { $asl->setAllowEditEmail(0); $excluded[] = 'uEmail'; } if ($l->getAccessType() == UserKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditPassword()) { $asl->setAllowEditPassword(0); $excluded[] = 'uPassword'; } if ($l->getAccessType() == UserKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditAvatar()) { $asl->setAllowEditAvatar(0); $excluded[] = 'uAvatar'; } if ($l->getAccessType() == UserKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditTimezone()) { $asl->setAllowEditTimezone(0); $excluded[] = 'uTimezone'; } if ($l->getAccessType() == UserKey::ACCESS_TYPE_EXCLUDE && !$l->allowEditDefaultLanguage()) { $asl->setAllowEditDefaultLanguage(0); $excluded[] = 'uDefaultLanguage'; } if ($l->getAttributesAllowedPermission() == 'N') { $akIDs = array(); $asl->setAttributesAllowedPermission('N'); } if ($l->getAttributesAllowedPermission() == 'C') { $asl->setAttributesAllowedPermission('C'); if ($l->getAccessType() == UserKey::ACCESS_TYPE_EXCLUDE) { $akIDs = array_values(array_diff($akIDs, $l->getAttributesAllowedArray())); } else { $akIDs = array_unique(array_merge($akIDs, $l->getAttributesAllowedArray())); } } if ($l->getAttributesAllowedPermission() == 'A') { $akIDs = $allAKIDs; $asl->setAttributesAllowedPermission('A'); } } $asl->setAttributesAllowedArray($akIDs); return $asl; }
public function getAccessListItems($accessType = PagePermissionKey::ACCESS_TYPE_INCLUDE, $filterEntities = array()) { $db = Database::connection(); $list = parent::getAccessListItems($accessType, $filterEntities); $list = PermissionDuration::filterByActive($list); foreach ($list as $l) { $pe = $l->getAccessEntityObject(); $prow = $db->GetRow('select attributePermission, name, publicDateTime, uID, description, paths from PagePermissionPropertyAccessList where peID = ? and paID = ?', array($pe->getAccessEntityID(), $l->getPermissionAccessID())); $attributePermission = ''; if (!empty($prow) && $prow['attributePermission']) { $l->setAttributesAllowedPermission($prow['attributePermission']); $l->setAllowEditName($prow['name']); $l->setAllowEditDateTime($prow['publicDateTime']); $l->setAllowEditUserID($prow['uID']); $l->setAllowEditDescription($prow['description']); $l->setAllowEditPaths($prow['paths']); $attributePermission = $prow['attributePermission']; } elseif ($l->getAccessType() == PagePermissionKey::ACCESS_TYPE_INCLUDE) { $l->setAttributesAllowedPermission('A'); $l->setAllowEditName(1); $l->setAllowEditDateTime(1); $l->setAllowEditUserID(1); $l->setAllowEditDescription(1); $l->setAllowEditPaths(1); } else { $l->setAttributesAllowedPermission('N'); $l->setAllowEditName(0); $l->setAllowEditDateTime(0); $l->setAllowEditUserID(0); $l->setAllowEditDescription(0); $l->setAllowEditPaths(0); } if ($attributePermission == 'C') { $akIDs = $db->GetCol('select akID from PagePermissionPropertyAttributeAccessListCustom where peID = ? and paID = ?', array($pe->getAccessEntityID(), $l->getPermissionAccessID())); $l->setAttributesAllowedArray($akIDs); } } return $list; }