/**
* Adds a new object into access control lists
*
* Usage example:
* <code>
* $auth_permit = array(
* COT_GROUP_DEFAULT => 'R',
* COT_GROUP_GUESTS => '0',,
* COT_GROUP_MEMBERS => 'R',
* 12 => 'RW', // allows Read & Write for group with ID = 12
* );
*
* $auth_lock = array(
* COT_GROUP_DEFAULT => 'A',
* COT_GROUP_GUESTS => 'W12345A',
* COT_GROUP_MEMBERS => 'A',
* 12 => 'R', // cannot change Read for group with ID = 12
* );
*
* cot_auth_add_item('test', 'item123', $auth_permit, $auth_lock);
* </code>
*
* @param string $module_name The module object belongs to
* @param string $item_id Object identifier within the module
* @param array $auth_permit Allowed permissions map
* @param array $auth_lock Locked permissions map
* @return int Number of rows inserted
* @global CotDB $db
*/
function cot_auth_add_item($module_name, $item_id, $auth_permit = array(), $auth_lock = array())
{
global $db, $cot_groups, $db_auth, $usr, $cot_auth_default_permit, $cot_auth_default_lock;
$auth_permit = $auth_permit + $cot_auth_default_permit;
$auth_lock = $auth_lock + $cot_auth_default_lock;
$ins_array = array();
foreach ($cot_groups as $k => $v) {
if (!$v['skiprights']) {
$base_grp = $k > COT_GROUP_SUPERADMINS ? COT_GROUP_DEFAULT : $k;
$ins_array[] = array('auth_groupid' => $k, 'auth_code' => $module_name, 'auth_option' => $item_id, 'auth_rights' => cot_auth_getvalue($auth_permit[$base_grp]), 'auth_rights_lock' => cot_auth_getvalue($auth_lock[$base_grp]), 'auth_setbyuserid' => $usr['id']);
}
}
$res = $db->insert($db_auth, $ins_array);
cot_auth_reorder();
cot_auth_clear('all');
return $res;
}
/**
* Updates an existing category in the database
*
* @global Cache $cache
* @global CotDB $db
* @global string $db_auth
* @global string $db_structure
* @param string $extension Extension code
* @param int $id Category structure_id
* @param array $old_data Data row already present in the database
* @param array $new_data Submitted category data
* @param bool $is_module TRUE for modules, FALSE for plugins
* @return mixed TRUE on success, cot_error() arguments as array on specific error, FALSE on generic error
* @global CotDB $db
* @global Cache $cache
*/
function cot_structure_update($extension, $id, $old_data, $new_data, $is_module = true)
{
global $cache, $db, $db_auth, $db_config, $db_structure;
/* === Hook === */
foreach (cot_getextplugins('structure.update') as $pl) {
include $pl;
}
/* ===== */
if ($old_data['structure_code'] != $new_data['structure_code']) {
if ($db->query("SELECT COUNT(*) FROM {$db_structure} WHERE structure_area=? AND structure_code=?", array($extension, $new_data['structure_code']))->fetchColumn() == 0) {
$is_module && $db->update($db_auth, array('auth_option' => $new_data['structure_code']), "auth_code=? AND auth_option=?", array($extension, $old_data['structure_code']));
$db->update($db_config, array('config_subcat' => $new_data['structure_code']), "config_cat=? AND config_subcat=? AND config_owner='module'", array($extension, $old_data['structure_code']));
$area_updatecat = 'cot_' . $extension . '_updatecat';
function_exists($area_updatecat) ? $area_updatecat($old_data['structure_code'], $new_data['structure_code']) : FALSE;
cot_auth_reorder();
} else {
unset($new_data['structure_code']);
return array('adm_cat_exists', 'default');
}
}
$area_sync = 'cot_' . $extension . '_sync';
$new_data['structure_count'] = function_exists($area_sync) ? $area_sync($new_data['structure_code']) : 0;
$sql1 = $db->update($db_structure, $new_data, 'structure_id=' . (int) $id);
$updated = $sql1 > 0;
/* === Hook === */
foreach (cot_getextplugins('structure.update.done') as $pl) {
include $pl;
}
/* ===== */
return $updated;
}
cot_message('Added');
} elseif ($auth = cot_import('auth', 'P', 'ARR')) {
$mask = array();
$db->update($db_auth, array('auth_rights' => 0), "auth_groupid={$g}");
foreach ($auth as $k => $v) {
foreach ($v as $i => $j) {
if (is_array($j)) {
$mask = 0;
foreach ($j as $l => $m) {
$mask += cot_auth_getvalue($l);
}
$db->update($db_auth, array('auth_rights' => $mask), "auth_groupid=? AND auth_code=? AND auth_option=?", array($g, $k, $i));
}
}
}
cot_auth_reorder();
cot_auth_clear('all');
cot_message('Updated');
}
}
$jj = 1;
/* === Hook for the plugins === */
foreach (cot_getextplugins('admin.rights.main') as $pl) {
include $pl;
}
/* ===== */
$adminpath[] = array(cot_url('admin', 'm=users'), $L['Users']);
$adminpath[] = array(cot_url('admin', 'm=users&n=edit&g=' . $g), $cot_groups[$g]['name']);
$adminpath[] = array(cot_url('admin', 'm=rights&g=' . $g), $L['Rights']);
$advanced && ($adminpath[] = array(cot_url('admin', 'm=rights&g=' . $g . '&advanced=1'), $L['More']));
$adminsubtitle = $L['Rights'];
/**
* Installs or updates a Cotonti extension: module or plugin.
* Messages emitted during installation can be received through standard
* Cotonti messages interface.
* @param string $name Plugin code
* @param bool $is_module TRUE for modules, FALSE for plugins
* @param bool $update Perform update rather than new install
* @param bool $force_update Forces extension update even if version has not changed
* @return bool Operation status
* @global Cache $cache
*/
function cot_extension_install($name, $is_module = false, $update = false, $force_update = false)
{
global $cfg, $L, $cache, $usr, $db_auth, $db_config, $db_users, $db_core, $cot_groups, $cot_ext_ignore_parts, $db, $db_x, $env;
$path = $is_module ? $cfg['modules_dir'] . "/{$name}" : $cfg['plugins_dir'] . "/{$name}";
// Emit initial message
if ($update) {
cot_message(cot_rc('ext_updating', array('type' => $is_module ? $L['Module'] : $L['Plugin'], 'name' => $name)));
} else {
cot_message(cot_rc('ext_installing', array('type' => $is_module ? $L['Module'] : $L['Plugin'], 'name' => $name)));
}
// Check setup file and tags
$setup_file = $path . "/{$name}.setup.php";
if (!file_exists($setup_file)) {
cot_error(cot_rc('ext_setup_not_found', array('path' => $setup_file)));
return false;
}
$old_ext_format = false;
$info = cot_infoget($setup_file, 'COT_EXT');
if (!$info && cot_plugin_active('genoa')) {
// Try load old format info
$info = cot_infoget($setup_file, 'SED_EXTPLUGIN');
if ($info) {
$old_ext_format = true;
}
}
if ($info === false) {
cot_error('ext_invalid_format');
return false;
}
// Check versions
$res = $db->query("SELECT ct_version FROM {$db_core} WHERE ct_code = '{$name}'");
if ($res->rowCount() == 1) {
$current_ver = $res->fetchColumn();
$res->closeCursor();
if ($update) {
if (version_compare($current_ver, $info['Version']) == 0 && !$force_update) {
// Nothing to update
cot_message(cot_rc('ext_up2date', array('type' => $is_module ? $L['Module'] : $L['Plugin'], 'name' => $name)));
return COT_EXT_NOTHING_TO_UPDATE;
}
} else {
cot_clear_messages();
cot_error(cot_rc('ext_already_installed', array('name' => $name)));
return false;
}
}
if ($update) {
// Safely drop existing bindings
$bindings_cnt = cot_plugin_remove($name);
cot_message(cot_rc('ext_bindings_uninstalled', array('cnt' => $bindings_cnt)));
}
// Install hook parts and bindings
$hook_bindings = array();
$dp = opendir($path);
while ($f = readdir($dp)) {
if (preg_match("#^{$name}(\\.([\\w\\.]+))?.php\$#", $f, $mt) && !in_array($mt[2], $cot_ext_ignore_parts)) {
$part_info = cot_infoget($path . "/{$f}", 'COT_EXT');
if (!$part_info && cot_plugin_active('genoa')) {
// Try to load old format info
$part_info = cot_infoget($path . "/{$f}", 'SED_EXTPLUGIN');
}
if ($part_info) {
if (empty($part_info['Hooks'])) {
$hooks = $is_module ? array('module') : array('standalone');
} else {
$hooks = explode(',', $part_info['Hooks']);
$hooks = is_array($hooks) ? array_map('trim', $hooks) : array();
}
if (empty($part_info['Order'])) {
$order = COT_PLUGIN_DEFAULT_ORDER;
} else {
$order = array_map('trim', explode(',', $part_info['Order']));
if (count($order) == 1 || count($order) < count($hooks)) {
$order = (int) $order[0];
}
}
$i = 0;
foreach ($hooks as $hook) {
$hook_bindings[] = array('part' => empty($mt[2]) ? 'main' : $mt[2], 'file' => $f, 'hook' => $hook, 'order' => isset($order[$i]) ? (int) $order[$i] : $order);
++$i;
}
}
}
}
closedir($dp);
$bindings_cnt = cot_plugin_add($hook_bindings, $name, $info['Name'], $is_module);
cot_message(cot_rc('ext_bindings_installed', array('cnt' => $bindings_cnt)));
// Install config
$info_cfg = cot_infoget($setup_file, 'COT_EXT_CONFIG');
if (!$info_cfg && cot_plugin_active('genoa')) {
// Try to load old format config
$info_cfg = cot_infoget($setup_file, 'SED_EXTPLUGIN_CONFIG');
}
$options = cot_config_parse($info_cfg, $is_module);
if ($update) {
// Get differential config
if (cot_config_update($name, $options, $is_module) > 0) {
cot_message('ext_config_updated');
}
} elseif (count($options) > 0) {
if (cot_config_add($name, $options, $is_module)) {
cot_message('ext_config_installed');
} else {
cot_error('ext_config_error');
return false;
}
}
// Install structure config if present
$info_cfg = cot_infoget($setup_file, 'COT_EXT_CONFIG_STRUCTURE');
if ($info_cfg) {
$options = cot_config_parse($info_cfg, $is_module);
if ($update) {
if (cot_config_update($name, $options, $is_module, '__default') > 0) {
// Update all nested categories
$type = $is_module ? 'module' : 'plug';
$res = $db->query("SELECT DISTINCT config_subcat FROM {$db_config}\n\t\t\t\t\tWHERE config_owner = '{$type}' AND config_cat = '{$name}'\n\t\t\t\t\t\tAND config_subcat != '' AND config_subcat != '__default'");
$cat_list = $res->fetchAll(PDO::FETCH_COLUMN, 0);
foreach ($cat_list as $cat) {
cot_config_update($name, $options, $is_module, $cat);
}
cot_message('ext_config_struct_updated');
}
} elseif (count($options) > 0) {
if (cot_config_add($name, $options, $is_module, '__default')) {
cot_message('ext_config_struct_installed');
} else {
cot_error('ext_config_struct_error');
return false;
}
}
}
if ($update) {
// Only update auth locks
if ($is_module) {
$auth_code = $name;
$auth_option = 'a';
} else {
$auth_code = 'plug';
$auth_option = $name;
}
$lock_guests = cot_auth_getvalue($info['Lock_guests']);
$db->update($db_auth, array('auth_rights_lock' => $lock_guests), "\n\t\t\tauth_code = '{$auth_code}' AND auth_option = '{$auth_option}'\n\t\t\tAND (auth_groupid = " . COT_GROUP_GUESTS . ' OR auth_groupid = ' . COT_GROUP_INACTIVE . ')');
$lock_members = cot_auth_getvalue($info['Lock_members']);
$ingore_groups = implode(',', array(COT_GROUP_GUESTS, COT_GROUP_INACTIVE, COT_GROUP_BANNED, COT_GROUP_SUPERADMINS));
$db->update($db_auth, array('auth_rights_lock' => $lock_members), "auth_code = '{$auth_code}' AND auth_option = '{$auth_option}' AND auth_groupid NOT IN ({$ingore_groups})");
cot_message('ext_auth_locks_updated');
} else {
// Install auth
$insert_rows = array();
foreach ($cot_groups as $v) {
if (!$v['skiprights']) {
if ($v['id'] == COT_GROUP_GUESTS || $v['id'] == COT_GROUP_INACTIVE) {
$ins_auth = cot_auth_getvalue($info['Auth_guests']);
$ins_lock = cot_auth_getvalue($info['Lock_guests']);
if ($ins_auth > 128 || $ins_lock < 128) {
$ins_auth = $ins_auth > 127 ? $ins_auth - 128 : $ins_auth;
$ins_lock = 128;
}
} elseif ($v['id'] == COT_GROUP_BANNED) {
$ins_auth = 0;
$ins_lock = 255;
} elseif ($v['id'] == COT_GROUP_SUPERADMINS) {
$ins_auth = 255;
$ins_lock = 255;
} else {
$ins_auth = cot_auth_getvalue($info['Auth_members']);
$ins_lock = cot_auth_getvalue($info['Lock_members']);
}
if ($is_module) {
$insert_rows[] = array('auth_groupid' => $v['id'], 'auth_code' => $name, 'auth_option' => 'a', 'auth_rights' => $ins_auth, 'auth_rights_lock' => $ins_lock, 'auth_setbyuserid' => $usr['id']);
} else {
$insert_rows[] = array('auth_groupid' => $v['id'], 'auth_code' => 'plug', 'auth_option' => $name, 'auth_rights' => $ins_auth, 'auth_rights_lock' => $ins_lock, 'auth_setbyuserid' => $usr['id']);
}
}
}
if ($db->insert($db_auth, $insert_rows)) {
$db->update($db_users, array('user_auth' => ''), "user_auth != ''");
cot_message('ext_auth_installed');
}
}
if ($update) {
// Find and apply patches
if (file_exists("{$path}/setup")) {
$new_ver = cot_apply_patches("{$path}/setup", $current_ver);
}
if (version_compare($info['Version'], $new_ver) > 0 || $new_ver === true) {
$new_ver = $info['Version'];
}
} else {
if (file_exists($path . "/setup/{$name}.install.sql")) {
// Run SQL install script
$sql_err = $db->runScript(file_get_contents("{$path}/setup/{$name}.install.sql"));
if (empty($sql_err)) {
cot_message(cot_rc('ext_executed_sql', array('ret' => 'OK')));
} else {
cot_error(cot_rc('ext_executed_sql', array('ret' => $sql_err)));
return false;
}
}
$install_handler = $old_ext_format ? $setup_file : $path . "/setup/{$name}.install.php";
if ($old_ext_format) {
global $action;
$action = 'install';
}
if (file_exists($install_handler)) {
// Run PHP install handler
$envtmp = $env;
$env = array('ext' => $name, 'location' => $name, 'type' => $is_module ? 'module' : 'plug');
$ret = (include $install_handler);
$env = $envtmp;
if ($ret !== false) {
$msg = $ret == 1 ? 'OK' : $ret;
cot_message(cot_rc('ext_executed_php', array('ret' => $msg)));
} else {
cot_error(cot_rc('ext_executed_php', array('ret' => $msg ? $msg : $L['Error'])));
return false;
}
}
}
// Register version information
if ($update) {
cot_extension_update($name, $new_ver, !$is_module);
cot_message(cot_rc('ext_updated', array('type' => $is_module ? $L['Module'] : $L['Plugin'], 'name' => $name, 'ver' => $new_ver)));
} else {
cot_extension_add($name, $info['Name'], $info['Version'], !$is_module);
}
// Cleanup
cot_auth_reorder();
$cache && $cache->clear();
return true;
}