public function assignPermissionAccess(Access $pa) { $db = Database::connection(); $co = $this->permissionObject->getBlockCollectionObject(); $arHandle = $this->permissionObject->getAreaHandle(); $db->Replace('BlockPermissionAssignments', array('cID' => $co->getCollectionID(), 'paID' => $pa->getPermissionAccessID(), 'cvID' => $co->getVersionID(), 'bID' => $this->permissionObject->getBlockID(), 'pkID' => $this->pk->getPermissionKeyID()), array('cID', 'cvID', 'bID', 'pkID'), true); $pa->markAsInUse(); }
public function assignPermissionAccess(Access $pa) { $db = Loader::db(); $db->Replace('PagePermissionAssignments', array('cID' => $this->getPermissionObject()->getPermissionsCollectionID(), 'paID' => $pa->getPermissionAccessID(), 'pkID' => $this->pk->getPermissionKeyID()), array('cID', 'pkID'), true); $pa->markAsInUse(); $cache = Core::make('cache/request'); $identifier = sprintf('permission/assignment/access/%s/%s', $this->pk->getPermissionKeyHandle(), $this->getPermissionObject()->getPermissionObjectIdentifier()); $cache->delete($identifier); }
public function assignPermissionAccess(Access $pa) { $cnvID = 0; if (is_object($this->permissionObject)) { $cnvID = $this->permissionObject->getConversationID(); } $db = Database::connection(); $db->Replace('ConversationPermissionAssignments', array('cnvID' => $cnvID, 'paID' => $pa->getPermissionAccessID(), 'pkID' => $this->pk->getPermissionKeyID()), array('cnvID', 'pkID'), true); $pa->markAsInUse(); }
public function validate(PermissionAccess $pae) { if ($pae instanceof ConversationAccess) { $message = $pae->getPermissionObject(); } if ($message instanceof Message) { $u = new User(); return $u->getUserID() == $message->getConversationMessageUserID(); } return false; }
public function validate(PermissionAccess $pae) { if ($pae instanceof FileSetPermissionAccess) { return true; } if ($pae instanceof FilePermissionAccess) { $f = $pae->getPermissionObject(); if (is_object($f)) { $u = new User(); return $u->getUserID() == $f->getUserID(); } } return false; }
public function assignPermissions($userOrGroup, $permissions = [], $accessType = Key::ACCESS_TYPE_INCLUDE, $cascadeToChildren = true) { if (!$cascadeToChildren) { $this->setChildPermissionsToOverride(); } $this->setPermissionsToOverride(); if (is_array($userOrGroup)) { $pe = GroupCombinationEntity::getOrCreate($userOrGroup); // group combination } elseif ($userOrGroup instanceof User || $userOrGroup instanceof \Concrete\Core\User\UserInfo || $userOrGroup instanceof \Concrete\Core\User\User) { $pe = UserEntity::getOrCreate($userOrGroup); } elseif ($userOrGroup instanceof Entity) { $pe = $userOrGroup; } else { // group; $pe = GroupEntity::getOrCreate($userOrGroup); } foreach ($permissions as $pkHandle) { $pk = Key::getByHandle($pkHandle); $pk->setPermissionObject($this); $pa = $pk->getPermissionAccessObject(); if (!is_object($pa)) { $pa = Access::create($pk); } elseif ($pa->isPermissionAccessInUse()) { $pa = $pa->duplicate(); } $pa->addListItem($pe, false, $accessType); $pt = $pk->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); } }
public function handlePageUpdate($event) { $page = $event->getPageObject(); $pk = PermissionKey::getByHandle('view_page'); $pk->setPermissionObject($page); $list = $pk->getAccessListItems(); foreach ($list as $pa) { $pae = $pa->getAccessEntityObject(); if ($pae->getAccessEntityTypeHandle() == 'group') { if ($pae->getGroupObject()->getGroupID() == GUEST_GROUP_ID) { $pd = $pa->getPermissionDurationObject(); if (!is_object($pd)) { $pd = new PermissionDuration(); } $publicDate = strtotime($page->getCollectionDatePublic()); $pd->setStartDateAllDay(0); $pd->setEndDateAllDay(0); $pd->setStartDate($dateStart = date('Y-m-d H:i:s', $publicDate)); $pd->save(); $paa = PermissionAccess::getByID($pa->paID, $pk); $paa->addListItem($pae, $pd, PermissionKey::ACCESS_TYPE_INCLUDE); } } } }
public function save() { if (Loader::helper('validation/token')->validate('save_permissions')) { $root = (new Filesystem())->getRootFolder(); $tp = new TaskPermission(); if ($tp->canAccessTaskPermissions()) { $permissions = PermissionKey::getList('file_folder'); foreach ($permissions as $pk) { $pk->setPermissionObject($root); $paID = $_POST['pkID'][$pk->getPermissionKeyID()]; $pt = $pk->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); if ($paID > 0) { $pa = Access::getByID($paID, $pk); if (is_object($pa)) { $pt->assignPermissionAccess($pa); } } } $this->redirect('/dashboard/system/files/permissions', 'updated'); } } else { $this->error->add(Loader::helper("validation/token")->getErrorMessage()); } }
public function save() { if (Loader::helper('validation/token')->validate('save_permissions')) { $tp = new TaskPermission(); if ($tp->canAccessTaskPermissions()) { $permissions = PermissionKey::getList('sitemap'); $permissions = array_merge($permissions, PermissionKey::getList('notification')); $permissions = array_merge($permissions, PermissionKey::getList('marketplace_newsflow')); $permissions = array_merge($permissions, PermissionKey::getList('admin')); foreach ($permissions as $pk) { $paID = $_POST['pkID'][$pk->getPermissionKeyID()]; $pt = $pk->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); if ($paID > 0) { $pa = PermissionAccess::getByID($paID, $pk); if (is_object($pa)) { $pt->assignPermissionAccess($pa); } } } $this->redirect('/dashboard/system/registration/notification', 'updated'); } } else { $this->error->add(Loader::helper("validation/token")->getErrorMessage()); } $this->view(); }
public function publish(Key $key, AccessEntity $entity) { $pa = Access::create($key); foreach ($this->getAssignments($entity) as $pae) { $pa->addListItem($pae); } $pt = $key->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); }
public function setDefaultPermissions(FileManager $tree) { $rootNode = $tree->getRootTreeNodeObject(); $adminGroupEntity = GroupEntity::getOrCreate(Group::getByID(ADMIN_GROUP_ID)); $pk = CategoryTreeNodeKey::getByHandle('view_category_tree_node'); $pk->setPermissionObject($rootNode); $pa = Access::create($pk); $pa->addListItem($adminGroupEntity); $pt = $pk->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); }
public function getAccessEntityUsers(PermissionAccess $pae) { $c = null; if ($pae instanceof PagePermissionAccess) { $c = $pae->getPermissionObject(); } else { if ($pae instanceof AreaPermissionAccess) { $c = $pae->getPermissionObject()->getAreaCollectionObject(); } else { if ($pae instanceof BlockPermissionAccess) { $a = $pae->getPermissionObject()->getBlockAreaObject(); $c = $a->getAreaCollectionObject(); } } } if (is_object($c) && $c instanceof Page) { $ui = UserInfo::getByID($c->getCollectionUserID()); $users = array($ui); return $users; } }
public function apply($mixed) { $key = Key::getByHandle($this->pkHandle); $entity = $mixed->getAccessEntity(); $pa = $key->getPermissionAccessObject(); if (!is_object($pa)) { $pa = Access::create($key); } $pa->addListItem($entity, false, $this->accessType); $pt = $key->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); }
public function getPermissionAccessObject() { $db = Database::connection(); if ($this->permissionObjectToCheck instanceof TopicTreeNode) { $pa = parent::getPermissionAccessObject(); } elseif ($this->permissionObjectToCheck instanceof CategoryTreeNode && isset($this->inheritedPermissions[$this->pk->getPermissionKeyHandle()])) { $inheritedPKID = $db->GetOne('select pkID from PermissionKeys where pkHandle = ?', array($this->inheritedPermissions[$this->pk->getPermissionKeyHandle()])); $r = $db->GetOne('select paID from TreeNodePermissionAssignments where treeNodeID = ? and pkID = ?', array($this->permissionObjectToCheck->getTreeNodePermissionsNodeID(), $inheritedPKID)); $pa = Access::getByID($r, $this->pk); } else { return false; } return $pa; }
/** * @return Access */ public function getPermissionAccessObject() { $cache = \Core::make('cache/request'); $identifier = sprintf('permission/key/assignment/%s', $this->pk->getPermissionKeyID()); $item = $cache->getItem($identifier); if (!$item->isMiss()) { return $item->get(); } $item->lock(); $db = Loader::db(); $paID = $db->GetOne('select paID from PermissionAssignments where pkID = ?', array($this->pk->getPermissionKeyID())); $pa = Access::getByID($paID, $this->pk); $cache->save($item->set($pa)); return $pa; }
public function updateDetails($post) { $permissions = PermissionKey::getList('basic_workflow'); foreach ($permissions as $pk) { $pk->setPermissionObject($this); $pt = $pk->getPermissionAssignmentObject(); $paID = $post['pkID'][$pk->getPermissionKeyID()]; $pt->clearPermissionAssignment(); if ($paID > 0) { $pa = PermissionAccess::getByID($paID, $pk); if (is_object($pa)) { $pt->assignPermissionAccess($pa); } } } }
public function import(\SimpleXMLElement $sx) { if (isset($sx->permissionkeys)) { foreach ($sx->permissionkeys->permissionkey as $pk) { if (is_object(Key::getByHandle((string) $pk['handle']))) { continue; } $pkc = Category::getByHandle((string) $pk['category']); $c1 = $pkc->getPermissionKeyClass(); $pkx = call_user_func(array($c1, 'import'), $pk); $assignments = array(); if (isset($pk->access)) { foreach ($pk->access->children() as $ch) { if ($ch->getName() == 'group') { /* * Legacy */ $g = Group::getByName($ch['name']); if (!is_object($g)) { $g = Group::add($g['name'], $g['description']); } $pae = GroupEntity::getOrCreate($g); $assignments[] = $pae; } if ($ch->getName() == 'entity') { $type = Type::getByHandle((string) $ch['type']); $class = $type->getAccessEntityTypeClass(); if (method_exists($class, 'configureFromImport')) { $pae = $class::configureFromImport($ch); $assignments[] = $pae; } } } } if (count($assignments)) { $pa = Access::create($pkx); foreach ($assignments as $pae) { $pa->addListItem($pae); } $pt = $pkx->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); } } } }
public static function add() { // copy permissions from the other node. $rootNode = ExpressEntryCategory::add(); $treeID = parent::create($rootNode); $tree = self::getByID($treeID); $adminGroupEntity = GroupEntity::getOrCreate(ConcreteGroup::getByID(ADMIN_GROUP_ID)); $permissions = ['view_express_entries', 'add_express_entries', 'edit_express_entries', 'delete_express_entries']; foreach ($permissions as $handle) { $pk = ExpressTreeNodeKey::getByHandle($handle); $pk->setPermissionObject($rootNode); $pa = Access::create($pk); $pa->addListItem($adminGroupEntity); $pt = $pk->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); } return $tree; }
public static function add($name) { // copy permissions from the other node. $rootNode = CategoryTreeNode::add(); $treeID = parent::create($rootNode); $tree = self::getByID($treeID); $tree->setTopicTreeName($name); // by default, topic trees are viewable by all $guestGroupEntity = GroupPermissionAccessEntity::getOrCreate(UserGroup::getByID(GUEST_GROUP_ID)); $pk = CategoryTreeNodePermissionKey::getByHandle('view_category_tree_node'); if (is_object($pk)) { $pk->setPermissionObject($rootNode); $pa = PermissionAccess::create($pk); $pa->addListItem($guestGroupEntity); $pt = $pk->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); } return $tree; }
public function copyFromFileSetToFile() { $opa = $this->getPermissionAccessObject(); $paID = false; if (is_object($opa)) { $paID = $opa->getPermissionAccessID(); } if ($paID == -1) { // this is proceeding from a merged file set assignment (copying from multiple file sets) $npa = Access::create($this); $ids = $opa->getPermissionAccessIDList(); foreach ($ids as $paID) { $pax = Access::getByID($paID, $this); $pax->duplicate($npa); } $paID = $npa->getPermissionAccessID(); } if ($paID) { $db = Loader::db(); $db->Replace('FilePermissionAssignments', array('fID' => $this->permissionObject->getFileID(), 'pkID' => $this->getPermissionKeyID(), 'paID' => $paID), array('fID', 'paID', 'pkID'), true); } }
public function save() { $this->view($this->post('ptID')); if (Loader::helper('validation/token')->validate('save_permissions')) { $permissions = PermissionKey::getList('page_type'); foreach ($permissions as $pk) { $pk->setPermissionObject($this->pagetype); $paID = $_POST['pkID'][$pk->getPermissionKeyID()]; $pt = $pk->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); if ($paID > 0) { $pa = Access::getByID($paID, $pk); if (is_object($pa)) { $pt->assignPermissionAccess($pa); } } } if (Config::get('concrete.permissions.model') == 'advanced') { $permissions = PermissionKey::getList('page'); $defaultPage = $this->pagetype->getPageTypePageTemplateDefaultPageObject(); foreach ($permissions as $pk) { $pk->setPermissionObject($defaultPage); $paID = $_POST['pkID'][$pk->getPermissionKeyID()]; $pt = $pk->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); if ($paID > 0) { $pa = Access::getByID($paID, $pk); if (is_object($pa)) { $pt->assignPermissionAccess($pa); } } } } $this->redirect('/dashboard/pages/types/permissions', $this->pagetype->getPageTypeID(), 'updated'); } else { $this->error->add(Loader::helper("validation/token")->getErrorMessage()); } }
public function assignPermissionAccess(Access $pa) { $db = Database::connection(); $db->Replace('FilePermissionAssignments', array('fID' => $this->getPermissionObject()->getFileID(), 'paID' => $pa->getPermissionAccessID(), 'pkID' => $this->pk->getPermissionKeyID()), array('fID', 'pkID'), true); $pa->markAsInUse(); }
public function installMaintenanceModePermission() { $pk = Key::getByHandle('view_in_maintenance_mode'); if (!$pk instanceof Key) { $pk = Key::add('admin', 'view_in_maintenance_mode', 'View Site in Maintenance Mode', 'Controls whether a user can access the website when its under maintenance.', false, false); $pa = $pk->getPermissionAccessObject(); if (!is_object($pa)) { $pa = Access::create($pk); } $adminGroup = Group::getByID(ADMIN_GROUP_ID); if ($adminGroup) { $adminGroupEntity = GroupEntity::getOrCreate($adminGroup); $pa->addListItem($adminGroupEntity); $pt = $pk->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); } } }
public function setPropertiesFromArray($arr) { return parent::setPropertiesFromArray($arr); }
public function addNotifications() { $this->output(t('Adding notifications...')); $adminGroupEntity = GroupEntity::getOrCreate(\Group::getByID(ADMIN_GROUP_ID)); $adminUserEntity = UserEntity::getOrCreate(\UserInfo::getByID(USER_SUPER_ID)); $pk = Key::getByHandle('notify_in_notification_center'); $pa = Access::create($pk); $pa->addListItem($adminUserEntity); $pa->addListItem($adminGroupEntity); $pt = $pk->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); }
public function assignPermissionAccess(Access $pa) { $db = Database::connection(); $db->Replace('AreaPermissionAssignments', array('cID' => $this->getPermissionObject()->getCollectionID(), 'arHandle' => $this->getPermissionObject()->getAreaHandle(), 'paID' => $pa->getPermissionAccessID(), 'pkID' => $this->pk->getPermissionKeyID()), array('cID', 'arHandle', 'pkID'), true); $pa->markAsInUse(); }
public function save_simple() { if ($this->validateAction()) { $c = $this->page; $c->setPermissionsToManualOverride(); $pk = PermissionKey::getByHandle('view_page'); $pk->setPermissionObject($c); $pt = $pk->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); $pa = Access::create($pk); if (is_array($_POST['readGID'])) { foreach ($_POST['readGID'] as $gID) { $pa->addListItem(GroupPermissionAccessEntity::getOrCreate(Group::getByID($gID))); } } $pt->assignPermissionAccess($pa); $editAccessEntities = array(); if (is_array($_POST['editGID'])) { foreach ($_POST['editGID'] as $gID) { $editAccessEntities[] = GroupPermissionAccessEntity::getOrCreate(Group::getByID($gID)); } } $editPermissions = array('view_page_versions', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_multilingual_settings', 'edit_page_theme', 'edit_page_page_type', 'edit_page_template', 'edit_page_permissions', 'preview_page_as_user', 'schedule_page_contents_guest_access', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page'); foreach ($editPermissions as $pkHandle) { $pk = PermissionKey::getByHandle($pkHandle); $pk->setPermissionObject($c); $pt = $pk->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); $pa = Access::create($pk); foreach ($editAccessEntities as $editObj) { $pa->addListItem($editObj); } $pt->assignPermissionAccess($pa); } $r = new PageEditResponse(); $r->setPage($this->page); $r->setTitle(t('Page Updated')); $r->setMessage(t('Page permissions have been saved.')); $r->outputJSON(); } }
public function assignPermissionAccess(Access $pa) { $db = Loader::db(); $db->Replace('PageTypePermissionAssignments', array('ptID' => $this->getPermissionObject()->getPageTypeID(), 'paID' => $pa->getPermissionAccessID(), 'pkID' => $this->pk->getPermissionKeyID()), array('ptID', 'pkID'), true); $pa->markAsInUse(); }
public function approve(WorkflowProgress $wp) { $c = Page::getByID($this->getRequestedPageID()); $ps = $this->getPagePermissionSet(); $assignments = $ps->getPermissionAssignments(); foreach ($assignments as $pkID => $paID) { $pk = PermissionKey::getByID($pkID); $pk->setPermissionObject($c); $pt = $pk->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); if ($paID > 0) { $pa = PermissionAccess::getByID($paID, $pk); if (is_object($pa)) { $pt->assignPermissionAccess($pa); } } } $c->refreshCache(); $wpr = new WorkflowProgressResponse(); $wpr->setWorkflowProgressResponseURL(\URL::to($c)); return $wpr; }
public function view() { $editAccess = array(); if (Config::get('concrete.permissions.model') != 'simple') { return; } $home = Page::getByID(1, "RECENT"); $pk = PermissionKey::getByHandle('view_page'); $pk->setPermissionObject($home); $assignments = $pk->getAccessListItems(); foreach ($assignments as $asi) { $ae = $asi->getAccessEntityObject(); if ($ae->getAccessEntityTypeHandle() == 'group' && $ae->getGroupObject()->getGroupID() == GUEST_GROUP_ID) { $this->set('guestCanRead', true); } elseif ($ae->getAccessEntityTypeHandle() == 'group' && $ae->getGroupObject()->getGroupID() == REGISTERED_GROUP_ID) { $this->set('registeredCanRead', true); } } $gl = new GroupList(); $gl->filter('gID', REGISTERED_GROUP_ID, '>'); $gIDs = $gl->getResults(); $gArray = array(); foreach ($gIDs as $g) { $gArray[] = $g; } $pk = PermissionKey::getByHandle('edit_page_contents'); $pk->setPermissionObject($home); $assignments = $pk->getAccessListItems(); foreach ($assignments as $asi) { $ae = $asi->getAccessEntityObject(); if ($ae->getAccessEntityTypeHandle() == 'group') { $groupObject = $ae->getGroupObject(); if ($groupObject) { $editAccess[] = $ae->getGroupObject()->getGroupID(); } } } $this->set('home', $home); $this->set('gArray', $gArray); $this->set('editAccess', $editAccess); if ($this->isPost()) { if ($this->token->validate('site_permissions_code')) { switch ($_POST['view']) { case "ANYONE": $viewObj = GroupPermissionAccessEntity::getOrCreate(Group::getByID(GUEST_GROUP_ID)); break; case "USERS": $viewObj = GroupPermissionAccessEntity::getOrCreate(Group::getByID(REGISTERED_GROUP_ID)); break; case "PRIVATE": $viewObj = GroupPermissionAccessEntity::getOrCreate(Group::getByID(ADMIN_GROUP_ID)); break; } $pk = PermissionKey::getByHandle('view_page'); $pk->setPermissionObject($home); $pt = $pk->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); $pa = PermissionAccess::create($pk); $pa->addListItem($viewObj); $pt->assignPermissionAccess($pa); $editAccessEntities = array(); if (is_array($_POST['gID'])) { foreach ($_POST['gID'] as $gID) { $editAccessEntities[] = GroupPermissionAccessEntity::getOrCreate(Group::getByID($gID)); } } $editPermissions = array('view_page_versions', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_multilingual_settings', 'edit_page_theme', 'edit_page_page_type', 'edit_page_template', 'edit_page_permissions', 'delete_page', 'preview_page_as_user', 'schedule_page_contents_guest_access', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page'); foreach ($editPermissions as $pkHandle) { $pk = PermissionKey::getByHandle($pkHandle); $pk->setPermissionObject($home); $pt = $pk->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); $pa = PermissionAccess::create($pk); foreach ($editAccessEntities as $editObj) { $pa->addListItem($editObj); } $pt->assignPermissionAccess($pa); } $pkx = PermissionKey::getbyHandle('add_block'); $pt = $pkx->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); $pa = PermissionAccess::create($pkx); foreach ($editAccessEntities as $editObj) { $pa->addListItem($editObj); } $pt->assignPermissionAccess($pa); $pkx = PermissionKey::getbyHandle('add_stack'); $pt = $pkx->getPermissionAssignmentObject(); $pt->clearPermissionAssignment(); $pa = PermissionAccess::create($pkx); foreach ($editAccessEntities as $editObj) { $pa->addListItem($editObj); } $pt->assignPermissionAccess($pa); $cms = Core::make('app'); $cms->clearCaches(); $this->redirect('/dashboard/system/permissions/site/', 'saved'); } else { $this->error->add($this->token->getErrorMessage()); } } }