/**
* Syncronize user privilege types with group privilege types
* Add privtypes but not change uprivs levels
* Remove privtypes and privs if group hasn't privtype
*
* @param integer $id_user User ID
* @param array $areas array of area objects
* @return array Array(0, boolean)
*/
private function sync_upriv($id_user, $areas)
{
// get group's privilege types
$group = new Group_model();
$g = $group->get_group_by_user($id_user);
$gp = X4Utils_helper::obj2array($this->get_gprivs($g->id), 'what', 'level');
$sql = array();
foreach ($areas as $i) {
// get User privilege types on area
$up = X4Utils_helper::obj2array($this->get_uprivs($id_user, $i->id_area), 'privtype', 'id');
// check group privilege types
foreach ($gp as $k => $v) {
if (isset($up[$k])) {
// if user have a group's privilege do none
unset($up[$k]);
} else {
if ($i->id_area == 1 || !in_array($k, $this->admin_privtypes)) {
// if user don't have then add the missing privilege type
$sql[] = 'INSERT INTO uprivs (updated, id_area, id_user, privtype, level, xon) VALUES (NOW(), ' . $i->id_area . ', ' . $id_user . ', \'' . $k . '\', ' . $v . ', 1)';
}
}
}
// in array 'up' now you have only the privileges that the group did not so delete it
foreach ($up as $k => $v) {
$sql[] = 'DELETE u.*, p.* FROM uprivs u
JOIN privs p ON u.id_user = p.id_who AND u.privtype = p.what AND u.id_area = p.id_area
WHERE u.id = ' . $v . ' AND p.id_who = ' . $id_user . ' AND p.what = \'' . $k . '\' AND p.id_area = ' . $i->id_area;
}
}
return empty($sql) ? array(0, 1) : $this->db->multi_exec($sql);
}