function get_group_children( $var_1 = null, $var_2 = null, $var_3 = null ) { global $_CB_database; if ( ! $var_3 ) { $var_3 = 'NO_RECURSE'; } if ( checkJversion() == 2 ) { $query = 'SELECT g1.' . $_CB_database->NameQuote( 'id' ) . "\n FROM " . $_CB_database->NameQuote( '#__usergroups' ) . " AS g1"; if ( $var_3 == 'RECURSE' ) { $query .= "\n LEFT JOIN " . $_CB_database->NameQuote( '#__usergroups' ) . " AS g2" . ' ON g2.' . $_CB_database->NameQuote( 'lft' ) . ' < g1.' . $_CB_database->NameQuote( 'lft' ) . ' AND g2.' . $_CB_database->NameQuote( 'rgt' ) . ' > g1.' . $_CB_database->NameQuote( 'rgt' ) . "\n WHERE g2." . $_CB_database->NameQuote( 'id' ) . " = " . (int) $var_1; } else { $query .= "\n WHERE g1." . $_CB_database->NameQuote( 'parent_id' ) . " = " . (int) $var_1; } $query .= "\n ORDER BY g1." . $_CB_database->NameQuote( 'title' ); $_CB_database->setQuery( $query ); $return = $_CB_database->loadResultArray(); } else { if ( ! $var_2 ) { $var_2 = 'ARO'; } $return = $this->_acl->get_group_children( $var_1, $var_2, $var_3 ); } return $return; }
public function act_permissions() { global $global; include_once APPROOT . '3rd/phpgacl/gacl_api.class.php'; $gacl = new gacl_api(array('db' => $global['db'], 'db_table_prefix' => 'gacl_')); //select role $this->roles = acl_get_roles(); if (isset($_REQUEST['role'])) { $this->role = $_REQUEST['role']; } //change role if requested if (isset($_POST['change_role'])) { $this->role = $_POST['role']; } if (!array_key_exists($this->role, $this->roles)) { $this->role = key($this->roles); } $role_id = $gacl->get_group_id($this->role, NULL, 'ARO'); $role_name = $gacl->get_group_data($role_id, 'ARO'); $role_name = $role_name[3]; //list accessible modules $options = $gacl->get_objects('crud', 0, 'ACO'); $this->crud = $options['crud']; $group_id = $gacl->get_group_id('entities', 'Entities', 'AXO'); $entity_groups = $gacl->get_group_children($group_id, 'AXO', 'NO_RECURSE'); $this->entity_groups = array(); foreach ($entity_groups as $id) { $group = $gacl->get_group_data($id, 'AXO'); $this->entity_groups[$group[2]] = _t($group[3]); } //get the deny list $acl_list = array(); $this->select = array(); foreach ($this->entity_groups as $key => $group) { $acl_id = $gacl->search_acl('crud', FALSE, FALSE, FALSE, $role_name, FALSE, FALSE, $group, FALSE); if ($acl_id) { $acl_list = array_merge($acl_list, $acl_id); } $acl = $gacl->get_acl($acl_id[0]); if ($acl['allow'] == 0) { $crud = $acl['aco']['crud']; } foreach ($this->crud as $opt) { $this->select[$key . "_" . $opt] = true; if (is_array($crud) && in_array($opt, $crud)) { $this->select[$key . "_" . $opt] = false; } } } //list accessible entities if ($_POST['change_permissions']) { if ($this->role == 'admin') { shnMessageQueue::addInformation(_t('YOU_CANNOT_CHANGE_THE_ADMINISTRATOR_PERMISSIONS_')); } else { $this->select = array(); foreach ($this->entity_groups as $key => $group) { $crud = array(); foreach ($this->crud as $opt) { if (!isset($_POST[$key . '_' . $opt])) { array_push($crud, $opt); } $this->select[$key . "_" . $opt] = true; if (is_array($crud) && in_array($opt, $crud)) { $this->select[$key . "_" . $opt] = false; } } $axo_id = $gacl->get_group_id($key, $group, 'AXO'); if (count($crud) > 0) { $gacl->add_acl(array('crud' => $crud), NULL, array($role_id), NULL, array($axo_id), 0, 1); } } //delete previous acls foreach ($acl_list as $acl_id) { $gacl->del_acl($acl_id); } } } }