static function userHasSystemPermission(Contact $user, $system_permission) { if ($user->isAdministrator()) { return true; } if (array_var(self::$permission_cache, $user->getId())) { if (array_key_exists($system_permission, self::$permission_cache[$user->getId()])) { return array_var(self::$permission_cache[$user->getId()], $system_permission); } } if (array_var(self::$permission_group_ids_cache, $user->getId())) { $contact_pg_ids = self::$permission_group_ids_cache[$user->getId()]; } else { $contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false); self::$permission_group_ids_cache[$user->getId()] = $contact_pg_ids; } $permission = self::findOne(array('conditions' => "`{$system_permission}` = 1 AND `permission_group_id` IN ({$contact_pg_ids})")); if (!array_var(self::$permission_cache, $user->getId())) { self::$permission_cache[$user->getId()] = array(); } if (!array_key_exists($system_permission, self::$permission_cache[$user->getId()])) { self::$permission_cache[$user->getId()][$system_permission] = !is_null($permission); } if (!is_null($permission)) { return true; } return false; }
/** * This function will render system notices for this user * * @param Contact $user * @return string */ function render_system_notices(Contact $user) { if(!$user->isAdministrator()) return; $system_notices = array(); if (config_option('upgrade_last_check_new_version', false)) $system_notices[] = lang('new Feng Office version available', get_url('administration', 'upgrade')); if(count($system_notices)) { tpl_assign('_system_notices', $system_notices); return tpl_fetch(get_template_path('system_notices', 'application')); } // if } // render_system_notices
function getActiveContextPermissions(Contact $contact, $object_type_id, $context, $dimension_members, $can_write = false, $can_delete = false) { if ($contact instanceof Contact && $contact->isAdministrator()) { return $dimension_members; } $allowed_members = array(); $permission_group_ids = ContactPermissionGroups::getContextPermissionGroupIdsByContactCSV($contact->getId()); $perm_ids_array = explode(",", $permission_group_ids); foreach ($perm_ids_array as $pid) { foreach ($dimension_members as $member_id) { //check if exists a context permission group for this object type id in this member $contact_member_permission = self::findById(array('permission_group_id' => $pid, 'member_id' => $member_id, 'object_type_id' => $object_type_id)); if ($contact_member_permission instanceof ContactMemberPermission && (!$can_write || $contact_member_permission->getCanWrite() && !$can_delete || $contact_member_permission->getCanDelete())) { $permission_contexts = PermissionContexts::findAll(array('`contact_id` = ' . $contact->getId(), 'permission_group_id' => $pid, 'member_id' => $member_id)); //check if the actual context applies to this permission group if (!is_null($permission_contexts)) { $dimensions = array(); $context_members = array(); foreach ($permission_contexts as $pc) { $member = $pc->getMember(); $dimension_id = $member->getDimensionId(); if (!in_array($dimension_id, $dimensions)) { $dimensions[] = $dimension_id; $context_members[$dimension_id] = array(); } $context_members[$dimension_id][] = $member; } $include = true; foreach ($dimensions as $dim_id) { $members_in_context = array(); foreach ($context_members[$dim_id] as $value) { if (in_array($value, $context)) { $members_in_context[] = $value; } } if (count($members_in_context) == 0) { $include = $include && false; } } if ($include && count($dimensions) != 0) { $allowed_members[] = $member_id; } } } } } return $allowed_members; }
static function userHasSystemPermission(Contact $user, $system_permission) { if ($user instanceof Contact && $user->isAdministrator()) { return true; } if (array_var(self::$permission_cache, $user->getId())) { if (array_key_exists($system_permission, self::$permission_cache[$user->getId()])) { return array_var(self::$permission_cache[$user->getId()], $system_permission); } } if (array_var(self::$permission_group_ids_cache, $user->getId())) { $contact_pg_ids = self::$permission_group_ids_cache[$user->getId()]; } else { $contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false); self::$permission_group_ids_cache[$user->getId()] = $contact_pg_ids; } $permission = self::findOne(array('conditions' => "`{$system_permission}` = 1 AND `permission_group_id` IN ({$contact_pg_ids})")); // check max system permission $max_role_system_permissions = MaxSystemPermissions::findOne(array('conditions' => 'permission_group_id = ' . $user->getUserType())); if ($max_role_system_permissions instanceof MaxSystemPermission) { $max_val = $max_role_system_permissions->getColumnValue($system_permission); if (!$max_val) { $permission = null; } } if (!array_var(self::$permission_cache, $user->getId())) { self::$permission_cache[$user->getId()] = array(); } if (!array_key_exists($system_permission, self::$permission_cache[$user->getId()])) { self::$permission_cache[$user->getId()][$system_permission] = !is_null($permission); } if (!is_null($permission)) { return true; } return false; }
/** * Returns true if specific user can add client company * * @access public * @param User $user * @return boolean */ function canAddClient(Contact $user) { return $user->isAccountOwner() || $user->isAdministrator($this); }
/** * Return true is $user can access an $object. False otherwise. * * @param Contact $user * @param array $members * @param $object_type_id * @return boolean */ function can_access(Contact $user, $members, $object_type_id, $access_level) { if ($user->isAdministrator()) { return true; } $write = $access_level == ACCESS_LEVEL_WRITE; $delete = $access_level == ACCESS_LEVEL_DELETE; if ($user->isGuest() && $access_level != ACCESS_LEVEL_READ || !count($members) > 0) { return false; } try { $contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false); $allow_all_cache = array(); $dimension_permissions = array(); foreach ($members as $k => $m) { if (!$m instanceof Member) { unset($members[$k]); continue; } $dimension = $m->getDimension(); if (!$dimension->getDefinesPermissions()) { continue; } $dimension_id = $dimension->getId(); if (!isset($dimension_permissions[$dimension_id])) { $dimension_permissions[$dimension_id] = false; } if (!$dimension_permissions[$dimension_id]) { if ($m->canContainObject($object_type_id)) { //dimension defines permissions and user has maximum level of permissions if (isset($allow_all_cache[$dimension_id])) { $allow_all = $allow_all_cache[$dimension_id]; } else { $allow_all = $dimension->hasAllowAllForContact($contact_pg_ids); $allow_all_cache[$dimension_id] = $allow_all; } if ($allow_all) { $dimension_permissions[$dimension_id] = true; } //check individual members if (!$dimension_permissions[$dimension_id] && ContactMemberPermissions::contactCanReadObjectTypeinMember($contact_pg_ids, $m->getId(), $object_type_id, $write, $delete, $user)) { $dimension_permissions[$dimension_id] = true; } } else { unset($dimension_permissions[$dimension_id]); } } } $allowed = true; foreach ($dimension_permissions as $perm) { if (!$perm) { $allowed = false; } else { return true; // if user has permission in one of the object's members then can access = true } } if ($allowed && count($dimension_permissions)) { return true; } // Si hasta aca tienen perm en todas las dim, return true. Si hay alguna que no tiene perm sigo //Check Context Permissions $member_ids = array(); foreach ($members as $member_obj) { $member_ids[] = $member_obj->getId(); } $allowed_members = ContactMemberPermissions::getActiveContextPermissions($user, $object_type_id, $members, $member_ids, $write, $delete); $count = 0; foreach ($members as $m) { $count++; if (!in_array($m->getId(), $allowed_members)) { return false; } else { if ($count == count($members)) { return true; } } } } catch (Exception $e) { tpl_assign('error', $e); return false; } return false; }
/** * Return true is $user can access an $object. False otherwise. * * @param Contact $user * @param array $members * @param $object_type_id * @return boolean */ function can_access(Contact $user, $members, $object_type_id, $access_level){ if($user->isAdministrator()){ return true; } $write = $access_level == ACCESS_LEVEL_WRITE; $delete = $access_level == ACCESS_LEVEL_DELETE; if (($user->isGuest() && $access_level!= ACCESS_LEVEL_READ) || !count($members)>0) return false; try { $contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(),false); $allow_all_cache = array(); $dimension_query_methods = array(); $dimension_permissions = array(); foreach($members as $k => $m){ if (!$m instanceof Member) { unset($members[$k]); continue; } $dimension = $m->getDimension(); if(!$dimension->getDefinesPermissions()){ continue; } $dimension_id = $dimension->getId(); if (!isset($dimension_permissions[$dimension_id])) { $dimension_permissions[$dimension_id]=false; } if (!$dimension_permissions[$dimension_id]){ if ($m->canContainObject($object_type_id)){ if (!isset($dimension_query_methods[$dimension->getId()])) { $dimension_query_methods[$dimension->getId()] = $dimension->getPermissionQueryMethod(); } //dimension defines permissions and user has maximum level of permissions if (isset($allow_all_cache[$dimension_id])) { $allow_all = $allow_all_cache[$dimension_id]; } else { $allow_all = $dimension->hasAllowAllForContact($contact_pg_ids); $allow_all_cache[$dimension_id] = $allow_all; } if ($allow_all) { $dimension_permissions[$dimension_id]=true; } //check individual members if (!$dimension_permissions[$dimension_id] && ContactMemberPermissions::contactCanReadObjectTypeinMember($contact_pg_ids, $m->getId(), $object_type_id, $write, $delete, $user)){ $dimension_permissions[$dimension_id]=true; } } else { unset($dimension_permissions[$dimension_id]); } } } $allowed = true; // check that user has permissions in all mandatory query method dimensions $mandatory_count = 0; foreach ($dimension_query_methods as $dim_id => $qmethod) { if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_MANDATORY) { $mandatory_count++; if (!array_var($dimension_permissions, $dim_id)) { // if one of the members belong to a mandatory dimension and user does not have permissions on it then return false return false; } } } // If no members in mandatory dimensions then check for not mandatory ones if ($allowed && $mandatory_count == 0) { foreach ($dimension_query_methods as $dim_id => $qmethod) { if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_NOT_MANDATORY) { if (array_var($dimension_permissions, $dim_id)) { // if has permissions over any member of a non mandatory dimension then return true return true; } else { $allowed = false; } } } } if ($allowed && count($dimension_permissions)) { return true; } // Si hasta aca tienen perm en todas las dim, return true. Si hay alguna que no tiene perm sigo //Check Context Permissions $member_ids = array(); foreach ($members as $member_obj) $member_ids[] = $member_obj->getId(); $allowed_members = ContactMemberPermissions::getActiveContextPermissions($user, $object_type_id, $members, $member_ids, $write, $delete); $count=0; foreach($members as $m){ $count++; if (!in_array($m->getId(), $allowed_members)) return false; else if ($count==count($members)) return true; } } catch(Exception $e) { tpl_assign('error', $e); return false; } return false; }
/** * Return true is $user can access an $object. False otherwise. * * @param Contact $user * @param array $members * @param $object_type_id * @return boolean */ function can_access(Contact $user, $members, $object_type_id, $access_level, $allow_super_admin = true) { if ($allow_super_admin && $user->isAdministrator()) { return true; } $write = $access_level == ACCESS_LEVEL_WRITE; $delete = $access_level == ACCESS_LEVEL_DELETE; if ($user->isGuest() && $access_level != ACCESS_LEVEL_READ) { return false; } try { $contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false); $allow_all_cache = array(); $dimension_query_methods = array(); // if no manageable member then check if user has permissions wihout classifying $manageable_members = array(); foreach ($members as $mem) { if ($mem instanceof Member && $mem->getDimension()->getIsManageable() && $mem->getDimension()->getDefinesPermissions()) { $manageable_members[] = $mem->getId(); } } if (count($manageable_members) == 0) { $return = false; if (config_option('let_users_create_objects_in_root') && $contact_pg_ids != "" && ($user->isAdminGroup() || $user->isExecutive() || $user->isManager())) { $cond = $delete ? 'AND can_delete = 1' : ($write ? 'AND can_write = 1' : ''); $cmp = ContactMemberPermissions::findOne(array('conditions' => "member_id=0 AND object_type_id={$object_type_id} AND permission_group_id IN ({$contact_pg_ids}) {$cond}")); $return = $cmp instanceof ContactMemberPermission; } return $return; } $max_role_ot_perm = MaxRoleObjectTypePermissions::instance()->findOne(array('conditions' => "object_type_id='{$object_type_id}' AND role_id = '" . $user->getUserType() . "'")); $enabled_dimensions = config_option('enabled_dimensions'); $dimension_permissions = array(); foreach ($members as $k => $m) { if (!$m instanceof Member) { unset($members[$k]); continue; } $dimension = $m->getDimension(); if (!$dimension->getDefinesPermissions() || !in_array($dimension->getId(), $enabled_dimensions)) { continue; } $dimension_id = $dimension->getId(); if (!isset($dimension_permissions[$dimension_id])) { $dimension_permissions[$dimension_id] = false; } if (!$dimension_permissions[$dimension_id]) { if ($m->canContainObject($object_type_id)) { if (!isset($dimension_query_methods[$dimension->getId()])) { $dimension_query_methods[$dimension->getId()] = $dimension->getPermissionQueryMethod(); } //dimension defines permissions and user has maximum level of permissions if (isset($allow_all_cache[$dimension_id])) { $allow_all = $allow_all_cache[$dimension_id]; } else { $allow_all = $dimension->hasAllowAllForContact($contact_pg_ids); $allow_all_cache[$dimension_id] = $allow_all; } if ($allow_all) { $dimension_permissions[$dimension_id] = true; } //check individual members if (!$dimension_permissions[$dimension_id] && ContactMemberPermissions::contactCanReadObjectTypeinMember($contact_pg_ids, $m->getId(), $object_type_id, $write, $delete, $user)) { if ($max_role_ot_perm) { if ($access_level == ACCESS_LEVEL_DELETE && $max_role_ot_perm->getCanDelete() || $access_level == ACCESS_LEVEL_WRITE && $max_role_ot_perm->getCanWrite() || $access_level == ACCESS_LEVEL_READ) { $dimension_permissions[$dimension_id] = true; } } } } else { unset($dimension_permissions[$dimension_id]); } } } $allowed = true; // check that user has permissions in all mandatory query method dimensions $mandatory_count = 0; foreach ($dimension_query_methods as $dim_id => $qmethod) { if (!in_array($dim_id, $enabled_dimensions)) { continue; } if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_MANDATORY) { $mandatory_count++; if (!array_var($dimension_permissions, $dim_id)) { // if one of the members belong to a mandatory dimension and user does not have permissions on it then return false return false; } } } // If no members in mandatory dimensions then check for not mandatory ones if ($allowed && $mandatory_count == 0) { foreach ($dimension_query_methods as $dim_id => $qmethod) { if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_NOT_MANDATORY) { if (array_var($dimension_permissions, $dim_id)) { // if has permissions over any member of a non mandatory dimension then return true return true; } else { $allowed = false; } } } } if ($allowed && count($dimension_permissions)) { return true; } // Si hasta aca tienen perm en todas las dim, return true. Si hay alguna que no tiene perm sigo //Check Context Permissions $member_ids = array(); foreach ($members as $member_obj) { $member_ids[] = $member_obj->getId(); } $allowed_members = ContactMemberPermissions::getActiveContextPermissions($user, $object_type_id, $members, $member_ids, $write, $delete); $count = 0; foreach ($members as $m) { $count++; if (!in_array($m->getId(), $allowed_members)) { return false; } else { if ($count == count($members)) { return true; } } } } catch (Exception $e) { tpl_assign('error', $e); return false; } return false; }
function create_user($user_data, $permissionsString, $rp_permissions_data = array(), $save_permissions = true) { // try to find contact by some properties $contact_id = array_var($user_data, "contact_id"); $contact = Contacts::instance()->findById($contact_id); if (!is_valid_email(array_var($user_data, 'email'))) { throw new Exception(lang("email value is required")); } if (!$contact instanceof Contact) { // Create a new user $contact = new Contact(); $contact->setUsername(array_var($user_data, 'username')); $contact->setDisplayName(array_var($user_data, 'display_name')); $contact->setCompanyId(array_var($user_data, 'company_id')); $contact->setUserType(array_var($user_data, 'type')); $contact->setTimezone(array_var($user_data, 'timezone')); $contact->setFirstname($contact->getObjectName() != "" ? $contact->getObjectName() : $contact->getUsername()); $contact->setObjectName(); $user_from_contact = false; } else { // Create user from contact $contact->setUserType(array_var($user_data, 'type')); if (array_var($user_data, 'company_id')) { $contact->setCompanyId(array_var($user_data, 'company_id')); } $contact->setUsername(array_var($user_data, 'username')); $contact->setTimezone(array_var($user_data, 'timezone')); $user_from_contact = true; } $contact->save(); if (is_valid_email(array_var($user_data, 'email'))) { $user = Contacts::getByEmail(array_var($user_data, 'email')); if (!$user) { $contact->addEmail(array_var($user_data, 'email'), 'personal', true); } } //permissions $additional_name = ""; $tmp_pg = PermissionGroups::findOne(array('conditions' => "`name`='User " . $contact->getId() . " Personal'")); if ($tmp_pg instanceof PermissionGroup) { $additional_name = "_" . gen_id(); } $permission_group = new PermissionGroup(); $permission_group->setName('User ' . $contact->getId() . $additional_name . ' Personal'); $permission_group->setContactId($contact->getId()); $permission_group->setIsContext(false); $permission_group->setType("permission_groups"); $permission_group->save(); $contact->setPermissionGroupId($permission_group->getId()); $null = null; Hook::fire('on_create_user_perm_group', $permission_group, $null); $contact_pg = new ContactPermissionGroup(); $contact_pg->setContactId($contact->getId()); $contact_pg->setPermissionGroupId($permission_group->getId()); $contact_pg->save(); if (can_manage_security(logged_user())) { $sp = new SystemPermission(); if (!$user_from_contact) { $rol_permissions = SystemPermissions::getRolePermissions(array_var($user_data, 'type')); if (is_array($rol_permissions)) { foreach ($rol_permissions as $pr) { $sp->setPermission($pr); } } } $sp->setPermissionGroupId($permission_group->getId()); if (isset($user_data['can_manage_security'])) { $sp->setCanManageSecurity(array_var($user_data, 'can_manage_security')); } if (isset($user_data['can_manage_configuration'])) { $sp->setCanManageConfiguration(array_var($user_data, 'can_manage_configuration')); } if (isset($user_data['can_manage_templates'])) { $sp->setCanManageTemplates(array_var($user_data, 'can_manage_templates')); } if (isset($user_data['can_manage_time'])) { $sp->setCanManageTime(array_var($user_data, 'can_manage_time')); } if (isset($user_data['can_add_mail_accounts'])) { $sp->setCanAddMailAccounts(array_var($user_data, 'can_add_mail_accounts')); } if (isset($user_data['can_manage_dimensions'])) { $sp->setCanManageDimensions(array_var($user_data, 'can_manage_dimensions')); } if (isset($user_data['can_manage_dimension_members'])) { $sp->setCanManageDimensionMembers(array_var($user_data, 'can_manage_dimension_members')); } if (isset($user_data['can_manage_tasks'])) { $sp->setCanManageTasks(array_var($user_data, 'can_manage_tasks')); } if (isset($user_data['can_task_assignee'])) { $sp->setCanTasksAssignee(array_var($user_data, 'can_task_assignee')); } if (isset($user_data['can_manage_billing'])) { $sp->setCanManageBilling(array_var($user_data, 'can_manage_billing')); } if (isset($user_data['can_view_billing'])) { $sp->setCanViewBilling(array_var($user_data, 'can_view_billing')); } if (isset($user_data['can_see_assigned_to_other_tasks'])) { $sp->setColumnValue('can_see_assigned_to_other_tasks', array_var($user_data, 'can_see_assigned_to_other_tasks')); } Hook::fire('add_user_permissions', $sp, $other_permissions); if (!is_null($other_permissions) && is_array($other_permissions)) { foreach ($other_permissions as $k => $v) { $sp->setColumnValue($k, array_var($user_data, $k)); } } $sp->save(); $permissions_sent = array_var($_POST, 'manual_permissions_setted') == 1; // give permissions for user if user type defined in "give_member_permissions_to_new_users" config option $allowed_user_type_ids = config_option('give_member_permissions_to_new_users'); if ($contact->isAdministrator() || !$permissions_sent && in_array($contact->getUserType(), $allowed_user_type_ids)) { ini_set('memory_limit', '512M'); $permissions = array(); $default_permissions = RoleObjectTypePermissions::instance()->findAll(array('conditions' => 'role_id = ' . $contact->getUserType())); $dimensions = Dimensions::findAll(); foreach ($dimensions as $dimension) { if ($dimension->getDefinesPermissions()) { $cdp = ContactDimensionPermissions::findOne(array("conditions" => "`permission_group_id` = " . $contact->getPermissionGroupId() . " AND `dimension_id` = " . $dimension->getId())); if (!$cdp instanceof ContactDimensionPermission) { $cdp = new ContactDimensionPermission(); $cdp->setPermissionGroupId($contact->getPermissionGroupId()); $cdp->setContactDimensionId($dimension->getId()); } $cdp->setPermissionType('check'); $cdp->save(); // contact member permisssion entries $members = DB::executeAll('SELECT * FROM ' . TABLE_PREFIX . 'members WHERE dimension_id=' . $dimension->getId()); foreach ($members as $member) { foreach ($default_permissions as $p) { // Add persmissions to sharing table $perm = new stdClass(); $perm->m = $member['id']; $perm->r = 1; $perm->w = $p->getCanWrite(); $perm->d = $p->getCanDelete(); $perm->o = $p->getObjectTypeId(); $permissions[] = $perm; } } } } $_POST['permissions'] = json_encode($permissions); } else { if ($permissions_sent) { $_POST['permissions'] = $permissionsString; } else { $_POST['permissions'] = ""; } } if (config_option('let_users_create_objects_in_root') && ($contact->isAdminGroup() || $contact->isExecutive() || $contact->isManager())) { if ($permissions_sent) { foreach ($rp_permissions_data as $name => $value) { $ot_id = substr($name, strrpos($name, '_') + 1); $cmp = new ContactMemberPermission(); $cmp->setPermissionGroupId($permission_group->getId()); $cmp->setMemberId(0); $cmp->setObjectTypeId($ot_id); $cmp->setCanDelete($value >= 3); $cmp->setCanWrite($value >= 2); $cmp->save(); } } else { $default_permissions = RoleObjectTypePermissions::instance()->findAll(array('conditions' => 'role_id = ' . $contact->getUserType())); foreach ($default_permissions as $p) { $cmp = new ContactMemberPermission(); $cmp->setPermissionGroupId($permission_group->getId()); $cmp->setMemberId(0); $cmp->setObjectTypeId($p->getObjectTypeId()); $cmp->setCanDelete($p->getCanDelete()); $cmp->setCanWrite($p->getCanWrite()); $cmp->save(); } } } } if (!isset($_POST['sys_perm']) && !$user_from_contact) { $rol_permissions = SystemPermissions::getRolePermissions(array_var($user_data, 'type')); $_POST['sys_perm'] = array(); if (is_array($rol_permissions)) { foreach ($rol_permissions as $pr) { $_POST['sys_perm'][$pr] = 1; } } } if (!isset($_POST['mod_perm']) && !$user_from_contact) { $tabs_permissions = TabPanelPermissions::getRoleModules(array_var($user_data, 'type')); $_POST['mod_perm'] = array(); foreach ($tabs_permissions as $pr) { $_POST['mod_perm'][$pr] = 1; } } $password = ''; if (array_var($user_data, 'password_generator') == 'specify') { $perform_password_validation = true; // Validate input $password = array_var($user_data, 'password'); if (trim($password) == '') { throw new Error(lang('password value required')); } // if if ($password != array_var($user_data, 'password_a')) { throw new Error(lang('passwords dont match')); } // if } else { $user_data['password_generator'] = 'link'; $perform_password_validation = false; } $contact->setPassword($password); $contact->save(); $user_password = new ContactPassword(); $user_password->setContactId($contact->getId()); $user_password->setPasswordDate(DateTimeValueLib::now()); $user_password->setPassword(cp_encrypt($password, $user_password->getPasswordDate()->getTimestamp())); $user_password->password_temp = $password; $user_password->perform_validation = $perform_password_validation; $user_password->save(); if (array_var($user_data, 'autodetect_time_zone', 1) == 1) { set_user_config_option('autodetect_time_zone', 1, $contact->getId()); } /* create contact for this user*/ ApplicationLogs::createLog($contact, ApplicationLogs::ACTION_ADD); // Set role permissions for active members $active_context = active_context(); $sel_members = array(); if (is_array($active_context) && !$permissions_sent) { $tmp_perms = array(); if ($_POST['permissions'] != "") { $tmp_perms = json_decode($_POST['permissions']); } foreach ($active_context as $selection) { if ($selection instanceof Member) { $sel_members[] = $selection; $has_project_permissions = ContactMemberPermissions::instance()->count("permission_group_id = '" . $contact->getPermissionGroupId() . "' AND member_id = " . $selection->getId()) > 0; if (!$has_project_permissions) { $new_cmps = RoleObjectTypePermissions::createDefaultUserPermissions($contact, $selection); foreach ($new_cmps as $new_cmp) { $perm = new stdClass(); $perm->m = $new_cmp->getMemberId(); $perm->r = 1; $perm->w = $new_cmp->getCanWrite(); $perm->d = $new_cmp->getCanDelete(); $perm->o = $new_cmp->getObjectTypeId(); $tmp_perms[] = $perm; } } } } if (count($tmp_perms) > 0) { $_POST['permissions'] = json_encode($tmp_perms); } } if ($save_permissions) { //save_permissions($contact->getPermissionGroupId(), $contact->isGuest()); save_user_permissions_background(logged_user(), $contact->getPermissionGroupId(), $contact->isGuest()); } Hook::fire('after_user_add', $contact, $null); // add user content object to associated members if (count($sel_members) > 0) { ObjectMembers::addObjectToMembers($contact->getId(), $sel_members); $contact->addToSharingTable(); } return $contact; }