예제 #1
0
 public static function get_my_homepage()
 {
     $clearance = Base_AclCommon::get_clearance();
     $sql = 'SELECT home_page FROM base_home_page AS bhp WHERE ';
     $vals = array();
     if ($clearance != null) {
         $sql .= ' NOT EXISTS (SELECT * FROM base_home_page_clearance WHERE home_page_id=bhp.id AND ' . implode(' AND ', array_fill(0, count($clearance), 'clearance!=%s')) . ')';
         $vals = array_values($clearance);
     } else {
         $sql .= ' NOT EXISTS (SELECT * FROM base_home_page_clearance WHERE home_page_id=bhp.id)';
     }
     $sql .= ' ORDER BY priority';
     $page = DB::GetOne($sql, $vals);
     $pages = self::get_home_pages();
     return isset($pages[$page]) ? $pages[$page] : array();
 }
예제 #2
0
 public static function get_access($tab, $action, $record = null, $return_crits = false, $return_in_array = false)
 {
     if (!$return_crits && self::$admin_access && Base_AclCommon::i_am_admin()) {
         $ret = true;
     } elseif (isset($record[':active']) && !$record[':active'] && ($action == 'edit' || $action == 'delete' || $action == 'clone')) {
         return false;
     } else {
         static $cache = array();
         $cache_key = "{$tab}__USER_" . Base_AclCommon::get_user();
         if (!isset($cache[$cache_key])) {
             self::check_table_name($tab);
             $user_clearance = Base_AclCommon::get_clearance();
             $r = DB::Execute('SELECT * FROM ' . $tab . '_access AS acs WHERE NOT EXISTS (SELECT * FROM ' . $tab . '_access_clearance WHERE rule_id=acs.id AND ' . implode(' AND ', array_fill(0, count($user_clearance), 'clearance!=%s')) . ')', array_values($user_clearance));
             $crits = array('view' => null, 'edit' => null, 'delete' => null, 'add' => null, 'print' => null, 'export' => null, 'selection' => null);
             $crits_raw = array('view' => array(), 'edit' => array(), 'delete' => array(), 'add' => array(), 'print' => array(), 'export' => array(), 'selection' => array());
             $fields = array();
             while ($row = $r->FetchRow()) {
                 $fields[$row['id']] = array();
                 $new = self::parse_access_crits($row['crits']);
                 $crits_raw[$row['action']][$row['id']] = $new;
                 // if new or existing crit is empty, then we have access to all records
                 if ($new->is_empty()) {
                     $crits[$row['action']] = $new;
                 }
                 if ($crits[$row['action']] instanceof Utils_RecordBrowser_Crits && $crits[$row['action']]->is_empty()) {
                     continue;
                 }
                 $crits[$row['action']] = self::merge_crits($crits[$row['action']], $new, true);
             }
             $r = DB::Execute('SELECT * FROM ' . $tab . '_access_fields');
             while ($row = $r->FetchRow()) {
                 $fields[$row['rule_id']][$row['block_field']] = $row['block_field'];
             }
             $cache[$cache_key]['crits'] = $crits;
             $cache[$cache_key]['crits_raw'] = $crits_raw;
             $cache[$cache_key]['fields'] = $fields;
         } else {
             $crits = $cache[$cache_key]['crits'];
             $crits_raw = $cache[$cache_key]['crits_raw'];
             $fields = $cache[$cache_key]['fields'];
         }
         if ($return_crits) {
             if ($action == 'browse') {
                 $action = 'view';
             }
             if ($return_in_array) {
                 return $crits_raw[$action];
             }
             return $crits[$action];
         }
         if ($action == 'browse') {
             return $crits['view'] !== null ? true : false;
         }
         $ret = false;
         $blocked_fields = array();
         if ($action != 'browse' && $action != 'clone') {
             foreach ($crits_raw[$action] as $rule_id => $c) {
                 if ($record != null && !self::check_record_against_crits($tab, $record, $c)) {
                     continue;
                 }
                 if (!$ret) {
                     $ret = true;
                     $blocked_fields = $fields[$rule_id];
                 } else {
                     foreach ($blocked_fields as $f => $v) {
                         if (!isset($fields[$rule_id][$f])) {
                             unset($blocked_fields[$f]);
                         }
                     }
                 }
             }
         }
     }
     if ($action !== 'browse' && $action !== 'delete') {
         self::init($tab);
         if ($ret === false) {
             return false;
         }
         if ($ret === true) {
             $ret = array();
         }
         foreach (self::$table_rows as $field => $args) {
             if (!isset($ret[$args['id']])) {
                 if (isset($blocked_fields[$args['id']])) {
                     $ret[$args['id']] = false;
                 } else {
                     $ret[$args['id']] = true;
                 }
             }
         }
     }
     return $ret;
 }
예제 #3
0
	public function edit_permissions_rule($id = null, $clone = false) {
		if (Base_AdminCommon::get_access('Utils_RecordBrowser', 'permissions')!=2) return false;
        if ($this->is_back()) {
            return false;
		}
		load_js('modules/Utils/RecordBrowser/edit_permissions.js');
		$all_clearances = array(''=>'---')+array_flip(Base_AclCommon::get_clearance(true));
		$all_fields = array();
		$this->init();
		foreach ($this->table_rows as $k=>$v)
			$all_fields[$v['id']] = $k;
		$js = '';
		$operators = array(
			'='=>__('equal'), 
			'!'=>__('not equal'), 
			'>'=>'>',
			'>='=>'>=',
			'<'=>'<',
			'<='=>'<='
		);

		$form = $this->init_module('Libs_QuickForm');
		$theme = $this->init_module('Base_Theme');
		
		$counts = array(
			'clearance'=>5,
			'ands'=>5,
			'ors'=>10
		);
		
		$actions = $this->get_permission_actions();
		$form->addElement('select', 'action', __('Action'), $actions);
		
		$fields_permissions = $all_fields;

		foreach ($all_fields as $k=>$v) {
			if ($this->table_rows[$v]['type']=='calculated' || $this->table_rows[$v]['type']=='hidden') unset($all_fields[$k]);
			else $this->manage_permissions_set_field_values($k);
		}

		$all_fields = array(
			':Created_by'=>__('Created by'),
			':Created_on'=>__('Created on'),
			':Edited_on'=>__('Edited on')
		) + $all_fields;
		if ($this->tab=='contact' || $this->tab=='company')
			$all_fields = array('id'=>__('ID')) + $all_fields;
		
		$this->manage_permissions_set_field_values(':Created_by', array('USER_ID'=>__('User Login')));
		$this->manage_permissions_set_field_values(':Created_on', Utils_RecordBrowserCommon::$date_values);
		$this->manage_permissions_set_field_values(':Edited_on', Utils_RecordBrowserCommon::$date_values);
		if ($this->tab=='contact')
			$this->manage_permissions_set_field_values('id', array('USER'=>__('User Contact')));
		if ($this->tab=='company')
			$this->manage_permissions_set_field_values('id', array('USER_COMPANY'=>__('User Company')));
		
		for ($i=0; $i<$counts['clearance']; $i++)
			$form->addElement('select', 'clearance_'.$i, __('Clearance'), $all_clearances);
		$current_or = array();
		$current_and = 0;
		
		foreach ($all_fields as $k=>$v) {
			if (isset($this->table_rows[$v])) {
				$v = $this->table_rows[$v]['name'];
			}
			$all_fields[$k] = _V($v);
		}
		
		for ($i=0; $i<$counts['ands']; $i++) {
			$current_or[$i] = 0;
			for ($j=0; $j<$counts['ors']; $j++) {
				$form->addElement('select', 'crits_'.$i.'_'.$j.'_field', __('Crits'), array(''=>'---')+$all_fields, array('onchange'=>'utils_recordbrowser__update_field_values('.$i.', '.$j.');', 'id'=>'crits_'.$i.'_'.$j.'_field'));
				$form->addElement('select', 'crits_'.$i.'_'.$j.'_op', __('Operator'), array(''=>'---')+$operators);
				$form->addElement('select', 'crits_'.$i.'_'.$j.'_value', __('Value'), array(), array('id'=>'crits_'.$i.'_'.$j.'_value', 'onchange'=>'utils_recordbrowser__update_field_sub_values('.$i.', '.$j.');'));
				$form->addElement('select', 'crits_'.$i.'_'.$j.'_sub_value', __('Subrecord Value'), array(), array('id'=>'crits_'.$i.'_'.$j.'_sub_value', 'style'=>'display:none;'));
				$js .= 'utils_recordbrowser__update_field_values('.$i.', '.$j.');';
			}
		}
		$defaults = array();
		foreach ($fields_permissions as $k=>$v) {
			$defaults['field_'.$k] = 1;
			$form->addElement('checkbox', 'field_'.$k, _V($this->table_rows[$v]['name']));
		}
		$theme->assign('labels', array(
			'and' => '<span class="joint">'.__('and').'</span>',
			'or' => '<span class="joint">'.__('or').'</span>',
			'caption' => $id?__('Edit permission rule'):__('Add permission rule'),
			'clearance' => __('Clearance requried'),
			'fields' => __('Fields allowed'),
			'crits' => __('Criteria required'),
			'add_clearance' => __('Add clearance'),
			'add_or' => __('Add criteria (or)'),
			'add_and' => __('Add criteria (and)')
 		));
		$current_clearance = 0;
		$sub_values = array();
		if ($id!==null && $this->tab!='__RECORDSETS__' && !preg_match('/,/',$this->tab)) {
			$row = DB::GetRow('SELECT * FROM '.$this->tab.'_access AS acs WHERE id=%d', array($id));
			
			$defaults['action'] = $row['action'];
			$crits = unserialize($row['crits']);
			$i = 0;
			$j = 0;
			$or = false;
			$first = true;
			foreach ($crits as $k=>$v) {
				$operator = '=';
				while (($k[0]<'a' || $k[0]>'z') && ($k[0]<'A' || $k[0]>'Z') && $k[0]!=':') {
					if ($k[0]=='!') $operator = '!';
					if ($k[0]=='(' && $or) $or = false;
					if ($k[0]=='|') $or = true;
					if ($k[0]=='<') $operator = '<';
					if ($k[0]=='>') $operator = '>';
					if ($k[0]=='~') $operator = DB::like();
					if ($k[1]=='=' && $operator!=DB::like()) {
						$operator .= '=';
						$k = substr($k, 2);
					} else $k = substr($k, 1);
				}
				if (!$first) {
					if ($or) $j++;
					else {
						$current_or[$i] += $j;
						$j = 0;
						$i++;
					}
				} else {
					$first = false;
				}
				$sub_value = null;
				if (!isset($r[$k]) && $k[strlen($k)-1]==']') {
					$sub_value = $v;
					list($k, $v) = explode('[', trim($k, ']'));
				}
				$defaults['crits_'.$i.'_'.$j.'_field'] = $k;
				$defaults['crits_'.$i.'_'.$j.'_op'] = $operator;
				$js .= '$("crits_'.$i.'_'.$j.'_value").value = "'.$v.'";';
				if ($sub_value!==null) $sub_values['crits_'.$i.'_'.$j.'_sub_value'] = $sub_value;
			}
			$current_or[$i] += $j;
			$current_and += $i;
			
			$i = 0;
			$tmp = DB::GetAll('SELECT * FROM '.$this->tab.'_access_clearance AS acs WHERE rule_id=%d', array($id));
			foreach ($tmp as $t) {
				$defaults['clearance_'.$i] = $t['clearance'];
				$i++;
			}
			$current_clearance += $i-1;
			
			$tmp = DB::GetAll('SELECT * FROM '.$this->tab.'_access_fields AS acs WHERE rule_id=%d', array($id));
			foreach ($tmp as $t) {
				unset($defaults['field_'.$t['block_field']]);
			}
		}
		for ($i=0; $i<$counts['ands']; $i++)
			for ($j=0; $j<$counts['ors']; $j++)
				$js .= 'utils_recordbrowser__update_field_sub_values('.$i.', '.$j.');';
		foreach ($sub_values as $k=>$v)
			$js .= '$("'.$k.'").value = "'.$v.'";';

		$form->setDefaults($defaults);
		
		if ($form->validate()) {
			$vals = $form->exportValues();
			$action = $vals['action'];

			$clearance = array();
			for ($i=0; $i<$counts['clearance']; $i++)
				if ($vals['clearance_'.$i]) $clearance[] = $vals['clearance_'.$i];
			
			$crits = array();
			for ($i=0; $i<$counts['ands']; $i++) {
				$or = '(';
				for ($j=0; $j<$counts['ors']; $j++) {
					if ($vals['crits_'.$i.'_'.$j.'_field'] && $vals['crits_'.$i.'_'.$j.'_op']) {
						if (!isset($operators[$vals['crits_'.$i.'_'.$j.'_op']])) trigger_error('Fatal error',E_USER_ERROR);
						if (!isset($all_fields[$vals['crits_'.$i.'_'.$j.'_field']])) trigger_error('Fatal error',E_USER_ERROR);
						$op = $vals['crits_'.$i.'_'.$j.'_op'];
						if ($op=='=') $op = '';
						if (isset($vals['crits_'.$i.'_'.$j.'_sub_value'])) {
							$vals['crits_'.$i.'_'.$j.'_field'] = $vals['crits_'.$i.'_'.$j.'_field'].'['.$vals['crits_'.$i.'_'.$j.'_value'].']';
							$vals['crits_'.$i.'_'.$j.'_value'] = $vals['crits_'.$i.'_'.$j.'_sub_value'];
						}
						$next = array($or.$op.$vals['crits_'.$i.'_'.$j.'_field'] => $vals['crits_'.$i.'_'.$j.'_value']);
						$crits = Utils_RecordBrowserCommon::merge_crits($crits, $next);
					}
					$or = '|';
				}
			}

			$blocked_fields = array();
			foreach ($fields_permissions as $k=>$v) {
				if (isset($vals['field_'.$k])) continue;
				$blocked_fields[] = $k;
			}
			
			if ($id===null || $clone)
				Utils_RecordBrowserCommon::add_access($this->tab, $action, $clearance, $crits, $blocked_fields);
			else
				Utils_RecordBrowserCommon::update_access($this->tab, $id, $action, $clearance, $crits, $blocked_fields);
			return false;
		}
		
		eval_js($js);

		eval_js('utils_recordbrowser__init_clearance('.$current_clearance.', '.$counts['clearance'].')');
		eval_js('utils_recordbrowser__init_crits_and('.$current_and.', '.$counts['ands'].')');
		for ($i=0; $i<$counts['ands']; $i++)
				eval_js('utils_recordbrowser__init_crits_or('.$i.', '.$current_or[$i].', '.$counts['ors'].')');
		eval_js('utils_recordbrowser__crits_initialized = true;');
		
		$form->assign_theme('form', $theme);
		$theme->assign('fields', $fields_permissions);
		$theme->assign('counts', $counts);
		
		$theme->display('edit_permissions');
		Base_ActionBarCommon::add('save', __('Save'), $form->get_submit_form_href());
		Base_ActionBarCommon::add('delete', __('Cancel'), $this->create_back_href());
		return true;
	}
예제 #4
0
 public function edit_permissions_rule($id = null, $clone = false)
 {
     if (Base_AdminCommon::get_access('Utils_RecordBrowser', 'permissions') != 2) {
         return false;
     }
     if ($this->is_back()) {
         return false;
     }
     load_js('modules/Utils/RecordBrowser/edit_permissions.js');
     $all_clearances = array('' => '---') + array_flip(Base_AclCommon::get_clearance(true));
     $all_fields = array();
     $this->init();
     foreach ($this->table_rows as $k => $v) {
         $all_fields[$v['id']] = $k;
     }
     $form = $this->init_module('Libs_QuickForm');
     $theme = $this->init_module('Base_Theme');
     $counts = array('clearance' => 5);
     $actions = $this->get_permission_actions();
     $form->addElement('select', 'action', __('Action'), $actions);
     $fields_permissions = $all_fields;
     for ($i = 0; $i < $counts['clearance']; $i++) {
         $form->addElement('select', 'clearance_' . $i, __('Clearance'), $all_clearances);
     }
     $defaults = array();
     foreach ($fields_permissions as $k => $v) {
         $defaults['field_' . $k] = 1;
         $form->addElement('checkbox', 'field_' . $k, _V($this->table_rows[$v]['name']));
     }
     $theme->assign('labels', array('and' => '<span class="joint">' . __('and') . '</span>', 'or' => '<span class="joint">' . __('or') . '</span>', 'caption' => $id ? __('Edit permission rule') : __('Add permission rule'), 'clearance' => __('Clearance requried'), 'fields' => __('Fields allowed'), 'crits' => __('Criteria required'), 'add_clearance' => __('Add clearance'), 'add_or' => __('Add criteria (or)'), 'add_and' => __('Add criteria (and)')));
     $current_clearance = 0;
     $crits = array();
     if ($id !== null && $this->tab != '__RECORDSETS__' && !preg_match('/,/', $this->tab)) {
         $row = DB::GetRow('SELECT * FROM ' . $this->tab . '_access AS acs WHERE id=%d', array($id));
         $defaults['action'] = $row['action'];
         $crits = Utils_RecordBrowserCommon::unserialize_crits($row['crits']);
         if (is_array($crits)) {
             $crits = Utils_RecordBrowser_Crits::from_array($crits);
         }
         $i = 0;
         $tmp = DB::GetAll('SELECT * FROM ' . $this->tab . '_access_clearance AS acs WHERE rule_id=%d', array($id));
         foreach ($tmp as $t) {
             $defaults['clearance_' . $i] = $t['clearance'];
             $i++;
         }
         $current_clearance += $i - 1;
         $tmp = DB::GetAll('SELECT * FROM ' . $this->tab . '_access_fields AS acs WHERE rule_id=%d', array($id));
         foreach ($tmp as $t) {
             unset($defaults['field_' . $t['block_field']]);
         }
     }
     $qbi = new Utils_RecordBrowser_QueryBuilderIntegration($this->tab);
     $qb = $qbi->get_builder_module($this, $crits);
     $qb->add_to_form($form, 'qb_crits', __('Crits'), 'qb_crits_editor');
     $form->setDefaults($defaults);
     if ($form->validate()) {
         $vals = $form->exportValues();
         $action = $vals['action'];
         $clearance = array();
         for ($i = 0; $i < $counts['clearance']; $i++) {
             if ($vals['clearance_' . $i]) {
                 $clearance[] = $vals['clearance_' . $i];
             }
         }
         $crits = $qbi->json_to_crits($vals['qb_crits']);
         $blocked_fields = array();
         foreach ($fields_permissions as $k => $v) {
             if (isset($vals['field_' . $k])) {
                 continue;
             }
             $blocked_fields[] = $k;
         }
         if ($id === null || $clone) {
             Utils_RecordBrowserCommon::add_access($this->tab, $action, $clearance, $crits, $blocked_fields);
         } else {
             Utils_RecordBrowserCommon::update_access($this->tab, $id, $action, $clearance, $crits, $blocked_fields);
         }
         return false;
     }
     eval_js('utils_recordbrowser__init_clearance(' . $current_clearance . ', ' . $counts['clearance'] . ')');
     eval_js('utils_recordbrowser__crits_initialized = true;');
     $form->assign_theme('form', $theme);
     $theme->assign('fields', $fields_permissions);
     $theme->assign('counts', $counts);
     $theme->display('edit_permissions');
     Base_ActionBarCommon::add('save', __('Save'), $form->get_submit_form_href());
     Base_ActionBarCommon::add('delete', __('Cancel'), $this->create_back_href());
     return true;
 }
예제 #5
0
 public function company_addon($arg)
 {
     $rb = $this->init_module('Utils/RecordBrowser', 'contact', 'contact_addon');
     $rb->set_additional_actions_method(array($this, 'contacts_actions'));
     if (Utils_RecordBrowserCommon::get_access('contact', 'add')) {
         Base_ActionBarCommon::add('add', __('Add contact'), $this->create_callback_href(array($this, 'company_addon_new_contact'), array($arg['id'])));
     }
     $rb->set_button($this->create_callback_href(array($this, 'company_addon_new_contact'), array($arg['id'])));
     $rb->set_defaults(array('company_name' => $arg['id']));
     $this->display_module($rb, array(array('(company_name' => $arg['id'], '|related_companies' => array($arg['id'])), array('company_name' => false), array('last_name' => 'ASC', 'first_name' => 'ASC')), 'show_data');
     $uid = Base_AclCommon::get_clearance();
     if (in_array('ACCESS:manager', $uid) && in_array('ACCESS:employee', $uid)) {
         $prompt_id = "contacts_address_fix";
         $content = $this->update_contacts_address_prompt($arg, $prompt_id);
         Libs_LeightboxCommon::display($prompt_id, $content, __('Update Contacts'));
         Base_ActionBarCommon::add('all', __('Update Contacts'), Libs_LeightboxCommon::get_open_href($prompt_id));
     }
 }
예제 #6
0
 public static function display_clearances($clearances)
 {
     $all_clearances = array_flip(Base_AclCommon::get_clearance(true));
     foreach ($clearances as $k => $v) {
         if (isset($all_clearances[$v])) {
             $clearances[$k] = $all_clearances[$v];
         } else {
             unset($clearances[$k]);
         }
     }
     return '<span class="Base_Acl__permissions_clearance">' . implode(' <span class="joint">' . __('and') . '</span> ', $clearances) . '</span>';
 }
예제 #7
0
 public function edit_home_page($id = null)
 {
     if ($this->is_back()) {
         return false;
     }
     $counts = 5;
     $all_clearances = array('' => '---') + array_flip(Base_AclCommon::get_clearance(true));
     $home_pages = array('' => '---');
     $current_clearance = 0;
     $form = $this->init_module('Libs_QuickForm');
     $theme = $this->init_module('Base_Theme');
     $theme->assign('labels', array('and' => '<span class="joint">' . __('and') . '</span>', 'or' => '<span class="joint">' . __('or') . '</span>', 'caption' => $id ? __('Edit Home Page') : __('Add Home Page'), 'clearance' => __('Clearance requried'), 'fields' => __('Fields allowed'), 'crits' => __('Criteria required'), 'add_clearance' => __('Add clearance'), 'add_or' => __('Add criteria (or)'), 'add_and' => __('Add criteria (and)')));
     $tmp = Base_HomePageCommon::get_home_pages();
     $home_pages = array();
     foreach ($tmp as $k => $v) {
         $home_pages[$k] = _V($k);
     }
     // ****** - translating home_page options
     $form->addElement('select', 'home_page', __('Target Home Page'), array('' => '---') + $home_pages);
     if ($id) {
         $page = DB::GetOne('SELECT home_page FROM base_home_page WHERE id=%d', array($id));
         $form->setDefaults(array('home_page' => $page));
     }
     $form->addRule('home_page', __('Field required'), 'required');
     for ($i = 0; $i < $counts; $i++) {
         $form->addElement('select', 'clearance_' . $i, __('Clearance'), $all_clearances);
     }
     $i = 0;
     $clearances = DB::GetAssoc('SELECT id, clearance FROM base_home_page_clearance WHERE home_page_id=%d', array($id));
     foreach ($clearances as $v) {
         $form->setDefaults(array('clearance_' . $i => $v));
         $i++;
     }
     $current_clearance = max($i - 1, 0);
     if ($form->validate()) {
         DB::StartTrans();
         $vals = $form->exportValues();
         $clearances = array();
         for ($i = 0; $i < $counts; $i++) {
             if ($vals['clearance_' . $i]) {
                 $clearances[] = $vals['clearance_' . $i];
             }
         }
         if ($id !== null) {
             DB::Execute('DELETE FROM base_home_page_clearance WHERE home_page_id=%d', array($id));
             DB::Execute('UPDATE base_home_page SET home_page=%s WHERE id=%d', array($vals['home_page'], $id));
         } else {
             $prio = DB::GetOne('SELECT MAX(priority) FROM base_home_page') + 1;
             DB::Execute('INSERT INTO base_home_page (home_page,priority) VALUES (%s, %d)', array($vals['home_page'], $prio));
             $id = DB::Insert_ID('base_home_page', 'id');
         }
         foreach ($clearances as $c) {
             DB::Execute('INSERT INTO base_home_page_clearance (home_page_id, clearance) VALUES (%d, %s)', array($id, $c));
         }
         DB::CompleteTrans();
         return false;
     }
     $form->add_error_closing_buttons();
     $form->assign_theme('form', $theme);
     $theme->assign('counts', $counts);
     $theme->display('edit_home_pages');
     load_js('modules/Base/HomePage/edit_home_pages.js');
     eval_js('base_home_page__init_clearance(' . $current_clearance . ', ' . $counts . ')');
     eval_js('base_home_page__initialized = true;');
     Base_ActionBarCommon::add('save', __('Save'), $form->get_submit_form_href());
     Base_ActionBarCommon::add('delete', __('Cancel'), $this->create_back_href());
     return true;
 }
예제 #8
0
파일: Acl_0.php 프로젝트: cretzu89/EPESI
 public function edit_rule($r_id, $p_id = null)
 {
     if ($this->is_back()) {
         return false;
     }
     $counts = 5;
     $all_clearances = array('' => '---') + array_flip(Base_AclCommon::get_clearance(true));
     $translated_permission_names = array();
     foreach (DB::GetAssoc('SELECT id, name FROM base_acl_permission ORDER BY name ASC') as $k => $v) {
         $translated_permission_names[$k] = _V($v);
     }
     $perms = array('' => '---') + $translated_permission_names;
     $current_clearance = 0;
     $form = $this->init_module('Libs_QuickForm');
     $theme = $this->init_module('Base_Theme');
     $theme->assign('labels', array('and' => '<span class="joint">' . __('and') . '</span>', 'or' => '<span class="joint">' . __('or') . '</span>', 'caption' => $r_id ? __('Edit permission rule') : __('Add permission rule'), 'clearance' => __('Clearance requried'), 'fields' => __('Fields allowed'), 'crits' => __('Criteria required'), 'add_clearance' => __('Add clearance'), 'add_or' => __('Add criteria (or)'), 'add_and' => __('Add criteria (and)')));
     $form->addElement('select', 'permission', __('Permission'), $perms);
     if ($p_id) {
         $form->setDefaults(array('permission' => $p_id));
         $form->freeze('permission');
     } else {
         $form->addRule('permission', __('Field required'), 'required');
     }
     for ($i = 0; $i < $counts; $i++) {
         $form->addElement('select', 'clearance_' . $i, __('Clearance'), $all_clearances);
     }
     $i = 0;
     $clearances = DB::GetAssoc('SELECT id, clearance FROM base_acl_rules_clearance WHERE rule_id=%d', array($r_id));
     foreach ($clearances as $v) {
         $form->setDefaults(array('clearance_' . $i => $v));
         $i++;
     }
     $current_clearance = max($i - 1, 0);
     if ($form->validate()) {
         $vals = $form->exportValues();
         $clearances = array();
         for ($i = 0; $i < $counts; $i++) {
             if ($vals['clearance_' . $i]) {
                 $clearances[] = $vals['clearance_' . $i];
             }
         }
         if ($r_id !== null) {
             DB::Execute('DELETE FROM base_acl_rules_clearance WHERE rule_id=%d', array($r_id));
         } else {
             if (!$p_id) {
                 $p_id = $vals['permission'];
             }
             DB::Execute('INSERT INTO base_acl_rules (permission_id) VALUES (%d)', array($p_id));
             $r_id = DB::Insert_ID('base_acl_rules', 'id');
         }
         foreach ($clearances as $c) {
             DB::Execute('INSERT INTO base_acl_rules_clearance (rule_id, clearance) VALUES (%d, %s)', array($r_id, $c));
         }
         return false;
     }
     $form->add_error_closing_buttons();
     $form->assign_theme('form', $theme);
     $theme->assign('counts', $counts);
     $theme->display('edit_permissions');
     load_js('modules/Base/Acl/edit_permissions.js');
     eval_js('base_acl__init_clearance(' . $current_clearance . ', ' . $counts . ')');
     eval_js('base_acl__initialized = true;');
     Base_ActionBarCommon::add('save', __('Save'), $form->get_submit_form_href());
     Base_ActionBarCommon::add('delete', __('Cancel'), $this->create_back_href());
     return true;
 }