function get_group_children( $var_1 = null, $var_2 = null, $var_3 = null ) {
global $_CB_database;
if ( ! $var_3 ) {
$var_3 = 'NO_RECURSE';
}
if ( checkJversion() == 2 ) {
$query = 'SELECT g1.' . $_CB_database->NameQuote( 'id' )
. "\n FROM " . $_CB_database->NameQuote( '#__usergroups' ) . " AS g1";
if ( $var_3 == 'RECURSE' ) {
$query .= "\n LEFT JOIN " . $_CB_database->NameQuote( '#__usergroups' ) . " AS g2"
. ' ON g2.' . $_CB_database->NameQuote( 'lft' ) . ' < g1.' . $_CB_database->NameQuote( 'lft' )
. ' AND g2.' . $_CB_database->NameQuote( 'rgt' ) . ' > g1.' . $_CB_database->NameQuote( 'rgt' )
. "\n WHERE g2." . $_CB_database->NameQuote( 'id' ) . " = " . (int) $var_1;
} else {
$query .= "\n WHERE g1." . $_CB_database->NameQuote( 'parent_id' ) . " = " . (int) $var_1;
}
$query .= "\n ORDER BY g1." . $_CB_database->NameQuote( 'title' );
$_CB_database->setQuery( $query );
$return = $_CB_database->loadResultArray();
} else {
if ( ! $var_2 ) {
$var_2 = 'ARO';
}
$return = $this->_acl->get_group_children( $var_1, $var_2, $var_3 );
}
return $return;
}
public function act_permissions()
{
global $global;
include_once APPROOT . '3rd/phpgacl/gacl_api.class.php';
$gacl = new gacl_api(array('db' => $global['db'], 'db_table_prefix' => 'gacl_'));
//select role
$this->roles = acl_get_roles();
if (isset($_REQUEST['role'])) {
$this->role = $_REQUEST['role'];
}
//change role if requested
if (isset($_POST['change_role'])) {
$this->role = $_POST['role'];
}
if (!array_key_exists($this->role, $this->roles)) {
$this->role = key($this->roles);
}
$role_id = $gacl->get_group_id($this->role, NULL, 'ARO');
$role_name = $gacl->get_group_data($role_id, 'ARO');
$role_name = $role_name[3];
//list accessible modules
$options = $gacl->get_objects('crud', 0, 'ACO');
$this->crud = $options['crud'];
$group_id = $gacl->get_group_id('entities', 'Entities', 'AXO');
$entity_groups = $gacl->get_group_children($group_id, 'AXO', 'NO_RECURSE');
$this->entity_groups = array();
foreach ($entity_groups as $id) {
$group = $gacl->get_group_data($id, 'AXO');
$this->entity_groups[$group[2]] = _t($group[3]);
}
//get the deny list
$acl_list = array();
$this->select = array();
foreach ($this->entity_groups as $key => $group) {
$acl_id = $gacl->search_acl('crud', FALSE, FALSE, FALSE, $role_name, FALSE, FALSE, $group, FALSE);
if ($acl_id) {
$acl_list = array_merge($acl_list, $acl_id);
}
$acl = $gacl->get_acl($acl_id[0]);
if ($acl['allow'] == 0) {
$crud = $acl['aco']['crud'];
}
foreach ($this->crud as $opt) {
$this->select[$key . "_" . $opt] = true;
if (is_array($crud) && in_array($opt, $crud)) {
$this->select[$key . "_" . $opt] = false;
}
}
}
//list accessible entities
if ($_POST['change_permissions']) {
if ($this->role == 'admin') {
shnMessageQueue::addInformation(_t('YOU_CANNOT_CHANGE_THE_ADMINISTRATOR_PERMISSIONS_'));
} else {
$this->select = array();
foreach ($this->entity_groups as $key => $group) {
$crud = array();
foreach ($this->crud as $opt) {
if (!isset($_POST[$key . '_' . $opt])) {
array_push($crud, $opt);
}
$this->select[$key . "_" . $opt] = true;
if (is_array($crud) && in_array($opt, $crud)) {
$this->select[$key . "_" . $opt] = false;
}
}
$axo_id = $gacl->get_group_id($key, $group, 'AXO');
if (count($crud) > 0) {
$gacl->add_acl(array('crud' => $crud), NULL, array($role_id), NULL, array($axo_id), 0, 1);
}
}
//delete previous acls
foreach ($acl_list as $acl_id) {
$gacl->del_acl($acl_id);
}
}
}
}
