/**
* Method to return a list of view levels for which the user is authorised.
*
* @param integer $userId Id of the user for which to get the list of authorised view levels.
* @return array List of view levels for which the user is authorised.
*/
public static function getAuthorisedViewLevels($userId)
{
// Get all groups that the user is mapped to recursively.
$groups = self::getGroupsByUser($userId);
// Only load the view levels once.
if (empty(self::$viewLevels)) {
// Build the view levels array.
$levels = Viewlevel::all()->rows();
foreach ($levels as $level) {
self::$viewLevels[$level->get('id')] = (array) json_decode($level->get('rules'));
}
}
// Initialise the authorised array.
$authorised = array(1);
// Find the authorised levels.
foreach (self::$viewLevels as $level => $rule) {
foreach ($rule as $id) {
if ($id < 0 && $id * -1 == $userId) {
$authorised[] = $level;
break;
} elseif ($id >= 0 && in_array($id, $groups)) {
$authorised[] = $level;
break;
}
}
}
return $authorised;
}
/**
* Removes one or more entries
*
* @return void
*/
public function removeTask()
{
// Check for request forgeries
Request::checkToken();
if (!User::authorise('core.delete', $this->option)) {
return $this->cancelTask();
}
// Incoming
$ids = Request::getVar('id', array());
$ids = !is_array($ids) ? array($ids) : $ids;
$i = 0;
// Do we have any IDs?
if (!empty($ids)) {
// Populate the list once.
$levelsInUse = array();
$db = App::get('db');
$query = $db->getQuery(true)->select('DISTINCT access');
// Get all the tables and the prefix
$tables = $db->getTableList();
$prefix = $db->getPrefix();
foreach ($tables as $table) {
// Get all of the columns in the table
$fields = $db->getTableColumns($table);
// We are looking for the access field. If custom tables are using something other
// than the 'access' field they are on their own unfortunately.
// Also make sure the table prefix matches the live db prefix (eg, it is not a "bak_" table)
if (strpos($table, $prefix) === 0 && isset($fields['access'])) {
// Lookup the distinct values of the field.
$query->clear('from')->from($db->quoteName($table));
$db->setQuery($query);
$values = $db->loadColumn();
$error = $db->getErrorMsg();
// Check for DB error.
if ($error) {
Notify::error($error);
continue;
}
$levelsInUse = array_merge($levelsInUse, $values);
}
}
// Get uniques
$levelsInUse = array_unique($levelsInUse);
// Loop through each ID and delete the necessary items
foreach ($ids as $id) {
$id = intval($id);
$row = Viewlevel::oneOrNew($id);
if (in_array($row->get('id'), $levelsInUse)) {
Notify::warning(Lang::txt('COM_MEMBERS_ERROR_VIEW_LEVEL_IN_USE', $row->get('id'), $row->get('title')));
continue;
}
// Remove the record
if (!$row->destroy()) {
Notify::error($row->getError());
continue;
}
$i++;
}
} else {
Notify::warning(Lang::txt('COM_MEMBERS_ACCESSLEVELS_DELETE_NO_ROW_SELECTED'));
}
// Output messsage and redirect
if ($i) {
Notify::success(Lang::txt('COM_MEMBERS_ACCESSLEVELS_DELETE_SUCCESS'));
}
$this->cancelTask();
}
/**
* Delete this object and its dependencies
*
* @return boolean
*/
public function destroy()
{
if ($this->get('id') == 0) {
$this->addError('JGLOBAL_CATEGORY_NOT_FOUND');
return false;
}
if ($this->get('parent_id') == 0) {
$this->addError('JLIB_DATABASE_ERROR_DELETE_ROOT');
return false;
}
if ($this->get('lft') == 0 or $this->get('rgt') == 0) {
$this->addError('JLIB_DATABASE_ERROR_DELETE_ROOT');
return false;
}
// Select it's children
$children = self::all()->where('lft', '>=', (int) $this->get('lft'))->where('rgt', '<=', (int) $this->get('rgt'))->rows();
if (!$children->count()) {
$this->addError('JLIB_DATABASE_ERROR_DELETE_CATEGORY');
return false;
}
// Delete the dependencies
$ids = array();
foreach ($children as $child) {
$ids[] = $child->get('id');
}
$query = $this->getQuery()->delete($this->getTableName())->whereIn('id', $ids);
if (!$query->execute()) {
$this->addError($query->getError());
return false;
}
// Delete the usergroup in view levels
$find = array();
$replace = array();
foreach ($ids as $id) {
$find[] = "[{$id},";
$find[] = ",{$id},";
$find[] = ",{$id}]";
$find[] = "[{$id}]";
$replace[] = "[";
$replace[] = ",";
$replace[] = "]";
$replace[] = "[]";
}
$rules = Viewlevel::all()->rows();
foreach ($rules as $rule) {
foreach ($ids as $id) {
if (strstr($rule->get('rules'), '[' . $id) || strstr($rule->get('rules'), ',' . $id) || strstr($rule->get('rules'), $id . ']')) {
$rule->set('rules', str_replace($find, $replace, $rule->get('rules')));
if (!$rule->save()) {
$this->addError($rule->getError());
return false;
}
}
}
}
// Delete the user to usergroup mappings for the group(s) from the database.
try {
Map::destroyByGroup($ids);
} catch (\Exception $e) {
$this->addError($e->getMessage());
return false;
}
return true;
}