/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_autofilter') && $array['state'] == 1)) {
$array['state'] = 0;
}
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_autofilter.categorie.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_autofilter/access.xml', "/access/section[@name='categorie']/");
$default_actions = JAccess::getAssetRules('com_autofilter.categorie.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array Named array
*
* @return null|string null is operation was satisfactory, otherwise returns an error
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_mapa.mapadevenezuela.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_mapa/access.xml', "/access/section[@name='mapadevenezuela']/");
$default_actions = JAccess::getAssetRules('com_mapa.mapadevenezuela.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
//Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
// Support for multiple or not foreign key field: ingredients_id
if (!empty($array['ingredients_id'])) {
if (is_array($array['ingredients_id'])) {
$array['ingredients_id'] = implode(',', $array['ingredients_id']);
} else {
if (strrpos($array['ingredients_id'], ',') != false) {
$array['ingredients_id'] = explode(',', $array['ingredients_id']);
}
}
} else {
$array['ingredients_id'] = '';
}
// Support for multiple or not foreign key field: recipe_id
if (!empty($array['recipe_id'])) {
if (is_array($array['recipe_id'])) {
$array['recipe_id'] = implode(',', $array['recipe_id']);
} else {
if (strrpos($array['recipe_id'], ',') != false) {
$array['recipe_id'] = explode(',', $array['recipe_id']);
}
}
} else {
$array['recipe_id'] = '';
}
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_akrecipes') && $array['state'] == 1)) {
$array['state'] = 0;
}
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_akrecipes.ingredient997479.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_akrecipes/access.xml', "/access/section[@name='ingredient997479']/");
$default_actions = JAccess::getAssetRules('com_akrecipes.ingredient997479.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
function fetchElement($name, $value, &$node, $control_name)
{
// Must load admin language files
$lang = JFactory::getLanguage();
$lang->load("com_jevents", JPATH_ADMINISTRATOR);
$db = JFactory::getDBO();
$class = $node->attributes('class');
if (!$class) {
$class = "inputbox";
}
//jimport("joomla.html.html.list");
$params = JComponentHelper::getParams("com_jevents");
$db = JFactory::getDBO();
$rules = JAccess::getAssetRules("com_jevents", true);
$creatorgroups = $rules->getData();
if (strpos($name, "jevadmin") === 0) {
$action = "core.admin";
} else {
if (strpos($name, "jeveditor") === 0) {
$action = "core.edit";
} else {
if (strpos($name, "jevpublisher") === 0) {
$action = "core.edit.state";
} else {
if (strpos($name, "admin") === 0) {
$action = "core.edit.state";
} else {
$action = "core.create";
}
}
}
}
// need to merge the arrays because of stupid way Joomla checks super user permissions
//$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups[$action]->getData());
// use union orf arrays sincee getData no longer has string keys in the resultant array
//$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData();
// use union orf arrays sincee getData no longer has string keys in the resultant array
$creatorgroupsdata = $creatorgroups["core.admin"]->getData();
// take the higher permission setting
foreach ($creatorgroups[$action]->getData() as $creatorgroup => $permission) {
if ($permission) {
$creatorgroupsdata[$creatorgroup] = $permission;
}
}
$users = array(0);
foreach ($creatorgroupsdata as $creatorgroup => $permission) {
if ($permission == 1) {
$users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
}
}
$sql = "SELECT id AS value, name AS text FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
$db->setQuery($sql);
$users = $db->loadObjectList();
$users2[] = JHTML::_('select.option', '0', '- ' . JText::_('SELECT_USER') . ' -');
$users2 = array_merge($users2, $users);
$users = JHTML::_('select.genericlist', $users2, $control_name . '[' . $name . ']', 'class="' . $class . '" size="1" ', 'value', 'text', $value);
return $users;
}
function edit($tpl = null)
{
$document =& JFactory::getDocument();
// this already includes administrator
$livesite = JURI::base();
if (JVersion::isCompatible("1.6.0")) {
JEVHelper::stylesheet('eventsadmin16.css', 'administrator/components/' . JEV_COM_COMPONENT . '/assets/css/');
} else {
$document->addStyleSheet($livesite . 'components/' . JEV_COM_COMPONENT . '/assets/css/eventsadmin.css');
}
$document->setTitle(JText::_('JEVENTS') . ' :: ' . JText::_('JEVENTS'));
// Set toolbar items for the page
JToolBarHelper::title(JText::_('JEV_EDIT_USER'), 'jevents');
JToolBarHelper::save("user.save");
JToolBarHelper::cancel("user.overview");
//JToolBarHelper::help( 'edit.user', true);
$option = JRequest::getCmd('option', JEV_COM_COMPONENT);
$db =& JFactory::getDBO();
$params =& JComponentHelper::getParams(JEV_COM_COMPONENT);
if (JVersion::isCompatible("1.6.0")) {
$rules = JAccess::getAssetRules("com_jevents", true);
$creatorgroups = $rules->getData();
$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData());
$users = array(0);
foreach ($creatorgroups as $creatorgroup => $permission) {
if ($permission == 1) {
$users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
}
}
$sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
$db->setQuery($sql);
$users = $db->loadObjectList();
} else {
$minaccess = $params->getValue("jevcreator_level", 19);
// get users AUTHORS and above
$sql = "SELECT * FROM #__users where gid>=" . $minaccess;
$db->setQuery($sql);
$users = $db->loadObjectList();
}
$userOptions[] = JHTML::_('select.option', '-1', 'Select User');
foreach ($users as $user) {
$userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ({$user->username})");
}
$jevuser =& $this->get('user');
$userlist = JHTML::_('select.genericlist', $userOptions, 'user_id', 'class="inputbox" size="1" ', 'value', 'text', $jevuser->user_id);
JLoader::register('JEventsCategory', JEV_ADMINPATH . "/libraries/categoryClass.php");
$categories = JEventsCategory::categoriesTree();
$lists['categories'] = JHTML::_('select.genericlist', $categories, 'categories[]', 'multiple="multiple" size="15"', 'value', 'text', explode("|", $jevuser->categories));
// get calendars
$sql = "SELECT label as text, ics_id as value FROM #__jevents_icsfile where icaltype=2";
$db->setQuery($sql);
$calendars = $db->loadObjectList();
$lists['calendars'] = JHTML::_('select.genericlist', $calendars, 'calendars[]', 'multiple="multiple" size="15"', 'value', 'text', explode("|", $jevuser->calendars));
$this->assignRef('lists', $lists);
$this->assignRef("users", $userlist);
$this->assignRef('jevuser', $jevuser);
JHTML::_('behavior.tooltip');
}
function edit($tpl = null)
{
$document = JFactory::getDocument();
// this already includes administrator
$document->setTitle(JText::_('JEVENTS') . ' :: ' . JText::_('JEVENTS'));
// Set toolbar items for the page
JToolBarHelper::title(JText::_('JEV_EDIT_USER'), 'jevents');
JToolBarHelper::save("user.save");
JToolBarHelper::cancel("user.overview");
//JToolBarHelper::help( 'edit.user', true);
$option = JRequest::getCmd('option', JEV_COM_COMPONENT);
$db = JFactory::getDBO();
$params = JComponentHelper::getParams(JEV_COM_COMPONENT);
$rules = JAccess::getAssetRules("com_jevents", true);
$data = $rules->getData();
$creatorgroups = $data["core.create"]->getData();
foreach ($data["core.admin"]->getData() as $creatorgroup => $permission) {
if ($permission == 1) {
$creatorgroups[$creatorgroup] = $permission;
}
}
// array_merge does a re-indexing !!
//$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData());
$users = array(0);
foreach ($creatorgroups as $creatorgroup => $permission) {
if ($permission == 1) {
$users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
}
}
$sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
$db->setQuery($sql);
$users = $db->loadObjectList();
$userOptions[] = JHTML::_('select.option', '-1', JText::_('SELECT_USER'));
foreach ($users as $user) {
$userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ({$user->username})");
}
$jevuser = $this->get('user');
$userlist = JHTML::_('select.genericlist', $userOptions, 'user_id', 'class="inputbox" size="1" ', 'value', 'text', $jevuser->user_id);
JLoader::register('JEventsCategory', JEV_ADMINPATH . "/libraries/categoryClass.php");
$categories = JEventsCategory::categoriesTree();
$lists['categories'] = JHTML::_('select.genericlist', $categories, 'categories[]', 'multiple="multiple" size="15"', 'value', 'text', explode("|", $jevuser->categories));
// get calendars
$sql = "SELECT label as text, ics_id as value FROM #__jevents_icsfile where icaltype=2";
$db->setQuery($sql);
$calendars = $db->loadObjectList();
$lists['calendars'] = JHTML::_('select.genericlist', $calendars, 'calendars[]', 'multiple="multiple" size="15"', 'value', 'text', explode("|", $jevuser->calendars));
$this->assignRef('lists', $lists);
$this->assignRef("users", $userlist);
$this->assignRef('jevuser', $jevuser);
JHTML::_('behavior.tooltip');
if (JevJoomlaVersion::isCompatible("3.0")) {
$this->setLayout("edit");
} else {
$this->setLayout("edit16");
}
}
public function getOptions()
{
$params = JComponentHelper::getParams("com_jevents");
$db = JFactory::getDBO();
$rules = JAccess::getAssetRules("com_jevents", true);
$creatorgroups = $rules->getData();
if (strpos($this->name, "jevadmin") === 0) {
$action = "core.admin";
} else {
if (strpos($this->name, "jeveditor") === 0) {
$action = "core.edit";
} else {
if (strpos($this->name, "jevpublisher") === 0) {
$action = "core.edit.state";
} else {
if (strpos($this->name, "admin") === 0) {
$action = "core.edit.state";
} else {
$action = "core.create";
}
}
}
}
// need to merge the arrays because of stupid way Joomla checks super user permissions
//$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups[$action]->getData());
// use union orf arrays sincee getData no longer has string keys in the resultant array
//$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData();
// use union orf arrays sincee getData no longer has string keys in the resultant array
$creatorgroupsdata = $creatorgroups["core.admin"]->getData();
// take the higher permission setting
foreach ($creatorgroups[$action]->getData() as $creatorgroup => $permission) {
if ($permission) {
$creatorgroupsdata[$creatorgroup] = $permission;
}
}
$users = array(0);
foreach ($creatorgroupsdata as $creatorgroup => $permission) {
if ($permission == 1) {
$users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
}
}
$sql = "SELECT id AS value, name AS text , sendEmail FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
$db->setQuery($sql);
$users = $db->loadObjectList();
$nulluser = new stdClass();
$nulluser->value = 0;
$nulluser->sendEmail = 0;
$nulluser->text = JText::_("SELECT_ADMIN");
array_unshift($users, $nulluser);
return $users;
}
public static function checkGroup($groupId, $action, $asset = null)
{
$groupId = (int) $groupId;
if ($groupId == 0) {
$groupId = 17;
//ROOT
}
$action = strtolower($action);
$asset = strtolower($asset);
if (empty($asset)) {
$asset = 1;
}
if (empty(JAccess::$_assetRules[$asset])) {
JAccess::$_assetRules[$asset] = JAccess::getAssetRules($asset);
}
$groupPath = JAccess::getGroupPath($groupId);
return JAccess::$_assetRules[$asset]->allow($action, $groupPath);
}
public static function getAdminGroups()
{
if (!is_array(self::$groups)) {
self::$groups = array();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select($db->qn('id'))->select($db->qn('lft'))->select($db->qn('rgt'))->from($db->qn('#__usergroups'));
$db->setQuery($query);
if ($groups = $db->loadObjectList()) {
$rules = JAccess::getAssetRules(1);
foreach ($groups as $group) {
if ($rules->allow('core.admin', array($group->id))) {
self::$groups[] = (int) $group->id;
$children = self::getAdminGroupsChildren($group->lft, $group->rgt);
foreach ($children as $child_id) {
self::$groups[] = (int) $child_id;
}
}
}
}
}
return self::$groups;
}
protected function _getRulesData()
{
// get the identities for the group.
$db = JFactory::getDBO();
// Get the user groups from the database.
$db->setQuery('SELECT b.id' . ' FROM #__usergroups AS a' . ' LEFT JOIN `#__usergroups` AS b ON a.lft >= b.lft AND a.rgt <= b.rgt' . ' WHERE a.id = ' . (int) $this->getState('report.group_id'));
$identities = $db->loadResultArray();
// Get list of extensions.
$query = new JQuery();
$query->select('name, element');
$query->from('#__extensions');
$query->where('type = ' . $db->quote('component'));
$db->setQuery($query);
$extensions = $db->loadObjectList();
$actions = $this->getActions();
foreach ($extensions as &$extension) {
$extension->actions = array();
$rules = JAccess::getAssetRules($extension->element, true);
foreach ($actions as $action => $name) {
$extension->actions[$action] = $rules->allow($action, $identities);
}
}
return array('extensions' => $extensions, 'actions' => $actions);
}
function edit($tpl = null)
{
JEVHelper::script('editical.js', 'components/' . JEV_COM_COMPONENT . '/assets/js/');
$document = JFactory::getDocument();
$document->setTitle(JText::_('EDIT_ICS'));
// Set toolbar items for the page
JToolBarHelper::title(JText::_('EDIT_ICS'), 'jevents');
//JToolBarHelper::save('icals.save');
$bar = JToolBar::getInstance('toolbar');
if ($this->editItem && isset($this->editItem->ics_id) && $this->editItem->ics_id > 0) {
JToolBarHelper::save('icals.savedetails');
}
JToolBarHelper::cancel('icals.list');
//JToolBarHelper::help( 'screen.icals.edit', true);
$params = JComponentHelper::getParams(JEV_COM_COMPONENT);
//$section = $params->get("section",0);
$db = JFactory::getDbo();
if ($params->get("authorisedonly", 0)) {
// get authorised users
$sql = "SELECT u.* FROM #__jev_users as jev LEFT JOIN #__users as u on u.id=jev.user_id where jev.published=1 and jev.cancreate=1";
$db = JFactory::getDBO();
$db->setQuery($sql);
$users = $db->loadObjectList();
} else {
$rules = JAccess::getAssetRules("com_jevents", true);
$creatorgroups = $rules->getData();
// need to merge the arrays because of stupid way Joomla checks super user permissions
//$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData());
// use union orf arrays sincee getData no longer has string keys in the resultant array
//$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData();
// use union orf arrays sincee getData no longer has string keys in the resultant array
$creatorgroupsdata = $creatorgroups["core.admin"]->getData();
// take the higher permission setting
foreach ($creatorgroups["core.create"]->getData() as $creatorgroup => $permission) {
if ($permission) {
$creatorgroupsdata[$creatorgroup] = $permission;
}
}
$users = array(0);
foreach ($creatorgroupsdata as $creatorgroup => $permission) {
if ($permission == 1) {
$users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
}
}
$sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
$db->setQuery($sql);
$users = $db->loadObjectList();
}
$userOptions = array();
foreach ($users as $user) {
$userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ({$user->username})");
}
$jevuser = JFactory::getUser();
if ($this->editItem && isset($this->editItem->ics_id) && $this->editItem->ics_id > 0 && $this->editItem->created_by > 0) {
$created_by = $this->editItem->created_by;
} else {
$created_by = $jevuser->id;
}
if (count($userOptions) > 0) {
$userlist = JHTML::_('select.genericlist', $userOptions, 'created_by', 'class="inputbox" size="1" ', 'value', 'text', $created_by);
} else {
$userList = "";
}
$this->assignRef("users", $userlist);
JHTML::_('behavior.tooltip');
if (JevJoomlaVersion::isCompatible("3.0")) {
$this->setLayout("edit");
} else {
$this->setLayout("edit16");
}
}
/**
* Method to save the form data.
*
* @param array $data The form data.
*
* @return boolean True on success.
*
* @since 1.6
*/
public function save($data)
{
// Include the user plugins for events.
JPluginHelper::importPlugin($this->events_map['save']);
/**
* Check the super admin permissions for group
* We get the parent group permissions and then check the group permissions manually
* We have to calculate the group permissions manually because we haven't saved the group yet
*/
$parentSuperAdmin = JAccess::checkGroup($data['parent_id'], 'core.admin');
// Get core.admin rules from the root asset
$rules = JAccess::getAssetRules('root.1')->getData('core.admin');
// Get the value for the current group (will be true (allowed), false (denied), or null (inherit)
$groupSuperAdmin = $rules['core.admin']->allow($data['id']);
// We only need to change the $groupSuperAdmin if the parent is true or false. Otherwise, the value set in the rule takes effect.
if ($parentSuperAdmin === false) {
// If parent is false (Denied), effective value will always be false
$groupSuperAdmin = false;
} elseif ($parentSuperAdmin === true) {
// If parent is true (allowed), group is true unless explicitly set to false
$groupSuperAdmin = $groupSuperAdmin === false ? false : true;
}
// Check for non-super admin trying to save with super admin group
$iAmSuperAdmin = JFactory::getUser()->authorise('core.admin');
if (!$iAmSuperAdmin && $groupSuperAdmin) {
$this->setError(JText::_('JLIB_USER_ERROR_NOT_SUPERADMIN'));
return false;
}
/**
* Check for super-admin changing self to be non-super-admin
* First, are we a super admin
*/
if ($iAmSuperAdmin) {
// Next, are we a member of the current group?
$myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id'), false);
if (in_array($data['id'], $myGroups)) {
// Now, would we have super admin permissions without the current group?
$otherGroups = array_diff($myGroups, array($data['id']));
$otherSuperAdmin = false;
foreach ($otherGroups as $otherGroup) {
$otherSuperAdmin = $otherSuperAdmin ? $otherSuperAdmin : JAccess::checkGroup($otherGroup, 'core.admin');
}
/**
* If we would not otherwise have super admin permissions
* and the current group does not have super admin permissions, throw an exception
*/
if (!$otherSuperAdmin && !$groupSuperAdmin) {
$this->setError(JText::_('JLIB_USER_ERROR_CANNOT_DEMOTE_SELF'));
return false;
}
}
}
if (JFactory::getApplication()->input->get('task') == 'save2copy') {
$data['title'] = $this->generateGroupTitle($data['parent_id'], $data['title']);
}
// Proceed with the save
return parent::save($data);
}
/**
* Creates the HTML for the permissions widget
*
* @param array $actions Array of action objects
* @param integer $assetId Id of a specific asset to create a widget for.
* @param integer $parent Id of the parent of the asset
* @param string $control The form control
* @param string $idPrefix Prefix for the ids assigned to specific action-group pairs
*
* @return string HTML for the permissions widget
*
* @since 11.1
*
* @see JAccess
* @see JFormFieldRules
*/
public static function assetFormWidget($actions, $assetId = null, $parent = null, $control = 'jform[rules]', $idPrefix = 'jform_rules')
{
$images = self::_getImagesArray();
// Get the user groups.
$groups = self::_getUserGroups();
// Get the incoming inherited rules as well as the asset specific rules.
$inheriting = JAccess::getAssetRules($parent ? $parent : self::_getParentAssetId($assetId), true);
$inherited = JAccess::getAssetRules($assetId, true);
$rules = JAccess::getAssetRules($assetId);
$html = array();
$html[] = '<div class="acl-options">';
$html[] = JHtml::_('tabs.start', 'acl-rules-' . $assetId, array('useCookie' => 1));
$html[] = JHtml::_('tabs.panel', JText::_('JLIB_HTML_ACCESS_SUMMARY'), 'summary');
$html[] = ' <p>' . JText::_('JLIB_HTML_ACCESS_SUMMARY_DESC') . '</p>';
$html[] = ' <table class="aclsummary-table" summary="' . JText::_('JLIB_HTML_ACCESS_SUMMARY_DESC') . '">';
$html[] = ' <caption>' . JText::_('JLIB_HTML_ACCESS_SUMMARY_DESC_CAPTION') . '</caption>';
$html[] = ' <tr>';
$html[] = ' <th class="col1 hidelabeltxt">' . JText::_('JLIB_RULES_GROUPS') . '</th>';
foreach ($actions as $i => $action) {
$html[] = ' <th class="col' . ($i + 2) . '">' . JText::_($action->title) . '</th>';
}
$html[] = ' </tr>';
foreach ($groups as $i => $group) {
$html[] = ' <tr class="row' . $i % 2 . '">';
$html[] = ' <td class="col1">' . $group->text . '</td>';
foreach ($actions as $i => $action) {
$html[] = ' <td class="col' . ($i + 2) . '">' . ($assetId ? $inherited->allow($action->name, $group->identities) ? $images['allow'] : $images['deny'] : ($inheriting->allow($action->name, $group->identities) ? $images['allow'] : $images['deny'])) . '</td>';
}
$html[] = ' </tr>';
}
$html[] = ' </table>';
foreach ($actions as $action) {
$actionTitle = JText::_($action->title);
$actionDesc = JText::_($action->description);
$html[] = JHtml::_('tabs.panel', $actionTitle, $action->name);
$html[] = ' <p>' . $actionDesc . '</p>';
$html[] = ' <table class="aclmodify-table" summary="' . strip_tags($actionDesc) . '">';
$html[] = ' <caption>' . JText::_('JLIB_HTML_ACCESS_MODIFY_DESC_CAPTION_ACL') . ' ' . $actionTitle . ' ' . JText::_('JLIB_HTML_ACCESS_MODIFY_DESC_CAPTION_TABLE') . '</caption>';
$html[] = ' <tr>';
$html[] = ' <th class="col1 hidelabeltxt">' . JText::_('JLIB_RULES_GROUP') . '</th>';
$html[] = ' <th class="col2">' . JText::_('JLIB_RULES_INHERIT') . '</th>';
$html[] = ' <th class="col3 hidelabeltxt">' . JText::_('JMODIFY') . '</th>';
$html[] = ' <th class="col4">' . JText::_('JCURRENT') . '</th>';
$html[] = ' </tr>';
foreach ($groups as $i => $group) {
$selected = $rules->allow($action->name, $group->value);
$html[] = ' <tr class="row' . $i % 2 . '">';
$html[] = ' <td class="col1">' . $group->text . '</td>';
$html[] = ' <td class="col2">' . ($inheriting->allow($action->name, $group->identities) ? $images['allow-i'] : $images['deny-i']) . '</td>';
$html[] = ' <td class="col3">';
$html[] = ' <select id="' . $idPrefix . '_' . $action->name . '_' . $group->value . '" class="inputbox" size="1" name="' . $control . '[' . $action->name . '][' . $group->value . ']" title="' . JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', $actionTitle, $group->text) . '">';
$html[] = ' <option value=""' . ($selected === null ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_INHERIT') . '</option>';
$html[] = ' <option value="1"' . ($selected === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED') . '</option>';
$html[] = ' <option value="0"' . ($selected === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED') . '</option>';
$html[] = ' </select>';
$html[] = ' </td>';
$html[] = ' <td class="col4">' . ($assetId ? $inherited->allow($action->name, $group->identities) ? $images['allow'] : $images['deny'] : ($inheriting->allow($action->name, $group->identities) ? $images['allow'] : $images['deny'])) . '</td>';
$html[] = ' </tr>';
}
$html[] = ' </table>';
}
$html[] = JHtml::_('tabs.end');
// Build the footer with legend and special purpose buttons.
$html[] = ' <div class="clr"></div>';
$html[] = ' <ul class="acllegend fltlft">';
$html[] = ' <li class="acl-allowed">' . JText::_('JLIB_RULES_ALLOWED') . '</li>';
$html[] = ' <li class="acl-denied">' . JText::_('JLIB_RULES_DENIED') . '</li>';
$html[] = ' </ul>';
$html[] = '</div>';
return implode("\n", $html);
}
/**
* Gets the default asset Rules for a component/view.
*/
protected static function getDefaultAssetRules($component, $view)
{
// Need to find the asset id by the name of the component.
$db = JFactory::getDbo();
$query = $db->getQuery(true)->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
$db->setQuery($query);
$db->execute();
if ($db->loadRowList()) {
// asset alread set so use saved rules
$assetId = (int) $db->loadResult();
$result = JAccess::getAssetRules($assetId);
if ($result instanceof JAccessRules) {
$_result = (string) $result;
$_result = json_decode($_result);
foreach ($_result as $name => &$rule) {
$v = explode('.', $name);
if ($view !== $v[0]) {
// remove since it is not part of this view
unset($_result->{$name});
} else {
// clear the value since we inherit
$rule = array();
}
}
// check if there are any view values remaining
if (count($_result)) {
$_result = json_encode($_result);
$_result = array($_result);
// Instantiate and return the JAccessRules object for the asset rules.
$rules = new JAccessRules($_result);
return $rules;
}
return $result;
}
}
return JAccess::getAssetRules(0);
}
/**
* Gets the default asset values for a component.
*
* @param $string $component The component asset name to search for
*
* @return JAccessRules The JAccessRules object for the asset
*/
protected function getDefaultAssetValues($component)
{
// Need to find the asset id by the name of the component.
$db = JFactory::getDbo();
$query = $db->getQuery(true)->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
$db->setQuery($query);
$assetId = (int) $db->loadResult();
return JAccess::getAssetRules($assetId);
}
/**
* Save entry
*
* @return void
*/
public function saveTask()
{
// Check for request forgeries
Request::checkToken();
// Incoming password blacklist edits
$fields = Request::getVar('fields', array(), 'post');
// Load the record
$row = Accessgroup::oneOrNew($fields['id'])->set($fields);
// Check the super admin permissions for group
// We get the parent group permissions and then check the group permissions manually
// We have to calculate the group permissions manually because we haven't saved the group yet
$parentSuperAdmin = \JAccess::checkGroup($fields['parent_id'], 'core.admin');
// Get core.admin rules from the root asset
$rules = \JAccess::getAssetRules('root.1')->getData('core.admin');
// Get the value for the current group (will be true (allowed), false (denied), or null (inherit)
$groupSuperAdmin = $rules['core.admin']->allow($row->get('id'));
// We only need to change the $groupSuperAdmin if the parent is true or false. Otherwise, the value set in the rule takes effect.
if ($parentSuperAdmin === false) {
// If parent is false (Denied), effective value will always be false
$groupSuperAdmin = false;
} elseif ($parentSuperAdmin === true) {
// If parent is true (allowed), group is true unless explicitly set to false
$groupSuperAdmin = $groupSuperAdmin === false ? false : true;
}
// Check for non-super admin trying to save with super admin group
$iAmSuperAdmin = User::authorise('core.admin');
if (!$iAmSuperAdmin && $groupSuperAdmin) {
Notify::error(Lang::txt('JLIB_USER_ERROR_NOT_SUPERADMIN'));
return $this->editTask($row);
}
// Check for super-admin changing self to be non-super-admin
// First, are we a super admin>
if ($iAmSuperAdmin) {
// Next, are we a member of the current group?
$myGroups = \JAccess::getGroupsByUser(User::get('id'), false);
if (in_array($fields['id'], $myGroups)) {
// Now, would we have super admin permissions without the current group?
$otherGroups = array_diff($myGroups, array($fields['id']));
$otherSuperAdmin = false;
foreach ($otherGroups as $otherGroup) {
$otherSuperAdmin = $otherSuperAdmin ? $otherSuperAdmin : \JAccess::checkGroup($otherGroup, 'core.admin');
}
// If we would not otherwise have super admin permissions
// and the current group does not have super admin permissions, throw an exception
if (!$otherSuperAdmin && !$groupSuperAdmin) {
Notify::error(Lang::txt('JLIB_USER_ERROR_CANNOT_DEMOTE_SELF'));
return $this->editTask($row);
}
}
}
if ($this->getTask() == 'save2copy') {
$row->set('id', null);
}
// Try to save
if (!$row->save()) {
Notify::error($row->getError());
return $this->editTask($row);
}
Notify::success(Lang::txt('COM_MEMBERS_SAVE_SUCCESS'));
if ($this->getTask() == 'save2new') {
$row = Accessgroup::blank();
}
// Fall through to edit form
if (in_array($this->getTask(), array('apply', 'save2new', 'save2copy'))) {
return $this->editTask($row);
}
// Redirect
$this->cancelTask();
}
protected function setCreatorLookup()
{
// If user is jevents can deleteall or has backend access then allow them to specify the creator
$jevuser = JEVHelper::getAuthorisedUser();
$user = JFactory::getUser();
if (JVersion::isCompatible("1.6.0")) {
//$access = JAccess::check($user->id, "core.deleteall", "com_jevents");
$access = $user->authorise('core.admin', 'com_jevents');
} else {
// Get an ACL object
$acl =& JFactory::getACL();
$grp = $acl->getAroGroup($user->get('id'));
// if no valid group (e.g. anon user) then skip this.
if (!$grp) {
return;
}
$access = $acl->is_group_child_of($grp->name, 'Public Backend');
}
$db = JFactory::getDBO();
if ($jevuser && $jevuser->candeleteall || $access) {
if (JVersion::isCompatible("1.6.0")) {
$params =& JComponentHelper::getParams(JEV_COM_COMPONENT);
$authorisedonly = $params->get("authorisedonly", 0);
// if authorised only then load from database
if ($authorisedonly) {
$sql = "SELECT tl.*, ju.* FROM #__jev_users AS tl ";
$sql .= " LEFT JOIN #__users as ju ON tl.user_id=ju.id ";
$sql .= " WHERE tl.cancreate=1";
$sql .= " ORDER BY ju.name ASC";
$db->setQuery($sql);
$users = $db->loadObjectList();
} else {
$rules = JAccess::getAssetRules("com_jevents", true);
$creatorgroups = $rules->getData();
// need to merge the arrays because of stupid way Joomla checks super user permissions
//$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData());
// use union orf arrays sincee getData no longer has string keys in the resultant array
//$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData();
// use union orf arrays sincee getData no longer has string keys in the resultant array
$creatorgroupsdata = $creatorgroups["core.admin"]->getData();
// take the higher permission setting
foreach ($creatorgroups["core.create"]->getData() as $creatorgroup => $permission) {
if ($permission) {
$creatorgroupsdata[$creatorgroup] = $permission;
}
}
$users = array(0);
foreach ($creatorgroupsdata as $creatorgroup => $permission) {
if ($permission == 1) {
$users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
}
}
$sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
$db->setQuery($sql);
$users = $db->loadObjectList();
}
} else {
$db = JFactory::getDBO();
$params =& JComponentHelper::getParams(JEV_COM_COMPONENT);
$authorisedonly = $params->get("authorisedonly", 0);
// if authorised only then load from database
if ($authorisedonly) {
$sql = "SELECT tl.*, ju.* FROM #__jev_users AS tl ";
$sql .= " LEFT JOIN #__users as ju ON tl.user_id=ju.id ";
$sql .= " WHERE tl.cancreate=1";
$sql .= " ORDER BY ju.name ASC";
$db->setQuery($sql);
$users = $db->loadObjectList();
} else {
$params =& JComponentHelper::getParams(JEV_COM_COMPONENT);
$minaccess = $params->getValue("jevcreator_level", 19);
$sql = "SELECT * FROM #__users where gid>=" . $minaccess;
$sql .= " ORDER BY name ASC";
$db->setQuery($sql);
$users = $db->loadObjectList();
}
}
$userOptions[] = JHTML::_('select.option', '-1', JText::_('SELECT_USER'));
foreach ($users as $user) {
$userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ( " . $user->username . " )");
}
$creator = $this->row->created_by() > 0 ? $this->row->created_by() : (isset($jevuser) ? $jevuser->user_id : 0);
$userlist = JHTML::_('select.genericlist', $userOptions, 'jev_creatorid', 'class="inputbox" size="1" ', 'value', 'text', $creator);
$this->assignRef("users", $userlist);
}
}
/**
* Метод для отправки оповещения редакторам
* @param integer $catid ID категории
* @param string $name Автор вопроса
*/
protected function sendMail($data, &$category)
{
$params = $category->getParams();
// отключение
if ($params->get('disabled_mail')) {
return true;
}
$rules = JAccess::getAssetRules('com_smfaq.category.' . $category->id, false);
$r = $rules->getData();
$group = $r['core.edit']->getData();
if (is_array($group) && count($group) > 0) {
foreach ($group as $key => $value) {
if ($value == 1) {
$groups[] = JAccess::getUsersByGroup($key);
}
}
if (isset($groups)) {
$users_id = array();
foreach ($groups as $group) {
if ($group) {
for ($i = 0; $i < count($group); $i++) {
$users_id[] = $group[$i];
}
}
}
if (count($users_id) > 0) {
$users_id = implode(",", array_unique($users_id));
$db = JFactory::getDBO();
$query = 'SELECT email FROM #__users WHERE id IN (' . $users_id . ')';
$db->setQuery($query);
$emails = $db->loadResultArray();
if ($emails) {
$config = JFactory::getConfig();
$mailfrom = $config->get('mailfrom');
$fromname = $config->get('fromname');
$date = JFactory::getDate(null, $config->get('offset'));
$date = $date->format('d.m.Y H:i');
$link = JURI::root() . 'index.php?option=com_smfaq&task=edit.edit&id=' . $this->getState('smfaq.id') . '&catid=' . $category->id;
$subject = JText::sprintf('COM_SMFAQ_MAIL_SUBJECT_NEW', $category->title);
$message = JText::sprintf('COM_SMFAQ_MAIL_MESSAGE_NEW', $data['created_by'], $date, $data['question'], $link);
$mail = JFactory::getMailer();
// if (($mail->Mailer == 'mail') && ! function_exists('mail')) {
// return false;
// }
foreach ($emails as $email) {
$send = $mail->sendMail($mailfrom, $fromname, $email, $subject, $message);
if ($send !== true) {
return false;
}
}
}
}
}
} else {
}
return true;
}
/**
* Returns the Super Users email information. If you provide a comma separated $email list
* we will check that these emails do belong to Super Users and that they have not blocked
* system emails.
*
* @param null|string $email A list of Super Users to email
*
* @return array The list of Super User emails
*
* @since 3.5
*/
private function getSuperUsers($email = null)
{
// Get a reference to the database object
$db = JFactory::getDbo();
// Convert the email list to an array
if (!empty($email)) {
$temp = explode(',', $email);
$emails = array();
foreach ($temp as $entry) {
$entry = trim($entry);
$emails[] = $db->q($entry);
}
$emails = array_unique($emails);
} else {
$emails = array();
}
// Get a list of groups which have Super User privileges
$ret = array();
try {
$assets = JTable::getInstance('Asset', 'JTable');
$rootId = $assets->getRootId();
$rules = JAccess::getAssetRules($rootId)->getData();
$rawGroups = $rules['core.admin'];
$groups = array();
if (empty($rawGroups)) {
return $ret;
}
foreach ($rawGroups as $g => $enabled) {
if ($enabled) {
$groups[] = $db->q($g);
}
}
if (empty($groups)) {
return $ret;
}
} catch (Exception $exc) {
return $ret;
}
// Get the user IDs of users belonging to the SA groups
try {
$query = $db->getQuery(true)->select($db->qn('user_id'))->from($db->qn('#__user_usergroup_map'))->where($db->qn('group_id') . ' IN(' . implode(',', $groups) . ')');
$db->setQuery($query);
$rawUserIDs = $db->loadColumn(0);
if (empty($rawUserIDs)) {
return $ret;
}
$userIDs = array();
foreach ($rawUserIDs as $id) {
$userIDs[] = $db->q($id);
}
} catch (Exception $exc) {
return $ret;
}
// Get the user information for the Super Administrator users
try {
$query = $db->getQuery(true)->select(array($db->qn('id'), $db->qn('username'), $db->qn('email')))->from($db->qn('#__users'))->where($db->qn('id') . ' IN(' . implode(',', $userIDs) . ')')->where($db->qn('sendEmail') . ' = ' . $db->q('1'));
if (!empty($emails)) {
$query->where($db->qn('email') . 'IN(' . implode(',', $emails) . ')');
}
$db->setQuery($query);
$ret = $db->loadObjectList();
} catch (Exception $exc) {
return $ret;
}
return $ret;
}
public function testGetAssetRules() {
if (defined('DB_NOT_AVAILABLE')) {
$this->markTestSkipped('The database is not available');
}
$access = new JAccess();
$ObjArrayJrules = $access->getAssetRules(3, True);
$string1 = '{"core.login.site":{"6":1,"2":1},"core.login.admin":{"6":1},"core.admin":{"8":1,"7":1},"core.manage":{"7":1,"10":1,"6":1},"core.create":{"6":1,"4":0},"core.delete":{"6":1,"4":0,"5":1},"core.edit":{"6":1},"core.edit.state":{"6":1}}';
$this->assertThat(
(string)$ObjArrayJrules,
$this->equalTo($string1),
'Line: ' . __LINE__
);
$ObjArrayJrules = $access->getAssetRules(3, False);
$string1 = '{"core.admin":{"7":1},"core.manage":{"6":1},"core.create":{"4":0},"core.delete":{"4":0,"5":1},"core.edit":[],"core.edit.state":[]}';
$this->assertThat(
(string) $ObjArrayJrules,
$this->equalTo($string1),
'Line: ' . __LINE__
);
$ObjArrayJrules = $access->getAssetRules(1550, False);
$string1 = '[]';
$this->assertThat(
(string)$ObjArrayJrules,
$this->equalTo($string1),
'Line: ' . __LINE__
);
$ObjArrayJrules = $access->getAssetRules('testasset', False);
$string1 = '[]';
$this->assertThat(
(string)$ObjArrayJrules,
$this->equalTo($string1),
'Line: ' . __LINE__
);
}
protected function getAuthorisedUsers($action, $asset = null)
{
$action = strtolower(preg_replace('#[\\s\\-]+#', '.', trim($action)));
$asset = strtolower(preg_replace('#[\\s\\-]+#', '.', trim($asset)));
// Default to the root asset node.
if (empty($asset)) {
$asset = 1;
}
// Get all asset rules
$rules = JAccess::getAssetRules($asset, true);
$data = $rules->getData();
// Get all action rules for the asset
$groups = array();
if (!empty($data[$action])) {
$groups = $data[$action]->getData();
}
// Split groups into allow and deny list
$allow = array();
$deny = array();
foreach ($groups as $groupid => $access) {
if ($access) {
$allow[] = $groupid;
} else {
$deny[] = $groupid;
}
}
// Get userids
if ($allow) {
// These users can do the action
$allow = $this->getUsersByGroup($allow, true);
}
if ($deny) {
// But these users have explicit deny for the action
$deny = $this->getUsersByGroup($deny, true);
}
// Remove denied users from allowed users list
return array_diff($allow, $deny);
}
/**
* Method to get the field input markup for Access Control Lists.
* Optionally can be associated with a specific component and section.
*
* TODO: Add access check.
*
* @return string The field input markup.
*
* @since 11.1
*/
protected function getInput()
{
JHtml::_('behavior.tooltip');
// Initialise some field attributes.
$section = $this->element['section'] ? (string) $this->element['section'] : '';
$component = $this->element['component'] ? (string) $this->element['component'] : '';
$assetField = $this->element['asset_field'] ? (string) $this->element['asset_field'] : 'asset_id';
// Get the actions for the asset.
$actions = JAccess::getActions($component, $section);
// Iterate over the children and add to the actions.
foreach ($this->element->children() as $el) {
if ($el->getName() == 'action') {
$actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'], 'description' => (string) $el['description']);
}
}
// Get the explicit rules for this asset.
if ($section == 'component') {
// Need to find the asset id by the name of the component.
$db = JFactory::getDbo();
$query = $db->getQuery(true)->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
$db->setQuery($query);
$assetId = (int) $db->loadResult();
} else {
// Find the asset id of the content.
// Note that for global configuration, com_config injects asset_id = 1 into the form.
$assetId = $this->form->getValue($assetField);
}
// Use the compact form for the content rules (deprecated).
/* @todo remove code:
if (!empty($component) && $section != 'component') {
return JHtml::_('rules.assetFormWidget', $actions, $assetId, $assetId ? null : $component, $this->name, $this->id);
}
*/
// Full width format.
// Get the rules for just this asset (non-recursive).
$assetRules = JAccess::getAssetRules($assetId);
// Get the available user groups.
$groups = $this->getUserGroups();
// Build the form control.
$curLevel = 0;
// Prepare output
$html = array();
// Description
$html[] = '<p class="rule-desc">' . JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
// Begin tabs
$html[] = '<div id="permissions-sliders" class="tabbable tabs-left">';
// Building tab nav
$html[] = '<ul class="nav nav-tabs">';
foreach ($groups as $group) {
// Initial Active Tab
$active = "";
if ($group->value == 1) {
$active = "active";
}
$html[] = '<li class="' . $active . '">';
$html[] = '<a href="#permission-' . $group->value . '" data-toggle="tab">';
$html[] = str_repeat('<span class="level">– ', $curLevel = $group->level) . $group->text;
$html[] = '</a>';
$html[] = '</li>';
}
$html[] = '</ul>';
$html[] = '<div class="tab-content">';
// Start a row for each user group.
foreach ($groups as $group) {
// Initial Active Pane
$active = "";
if ($group->value == 1) {
$active = " active";
}
$difLevel = $group->level - $curLevel;
$html[] = '<div class="tab-pane' . $active . '" id="permission-' . $group->value . '">';
$html[] = '<table class="table table-striped">';
$html[] = '<thead>';
$html[] = '<tr>';
$html[] = '<th class="actions" id="actions-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_ACTION') . '</span>';
$html[] = '</th>';
$html[] = '<th class="settings" id="settings-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_SELECT_SETTING') . '</span>';
$html[] = '</th>';
// The calculated setting is not shown for the root group of global configuration.
$canCalculateSettings = $group->parent_id || !empty($component);
if ($canCalculateSettings) {
$html[] = '<th id="aclactionth' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_CALCULATED_SETTING') . '</span>';
$html[] = '</th>';
}
$html[] = '</tr>';
$html[] = '</thead>';
$html[] = '<tbody>';
foreach ($actions as $action) {
$html[] = '<tr>';
$html[] = '<td headers="actions-th' . $group->value . '">';
$html[] = '<label class="tip" for="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . htmlspecialchars(JText::_($action->title) . ' ' . JText::_($action->description), ENT_COMPAT, 'UTF-8') . '">';
$html[] = JText::_($action->title);
$html[] = '</label>';
$html[] = '</td>';
$html[] = '<td headers="settings-th' . $group->value . '">';
$html[] = '<select class="input-small" name="' . $this->name . '[' . $action->name . '][' . $group->value . ']" id="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', JText::_($action->title), trim($group->text)) . '">';
$inheritedRule = JAccess::checkGroup($group->value, $action->name, $assetId);
// Get the actual setting for the action for this group.
$assetRule = $assetRules->allow($action->name, $group->value);
// Build the dropdowns for the permissions sliders
// The parent group has "Not Set", all children can rightly "Inherit" from that.
$html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>' . JText::_(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
$html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED') . '</option>';
$html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED') . '</option>';
$html[] = '</select>  ';
// If this asset's rule is allowed, but the inherited rule is deny, we have a conflict.
if ($assetRule === true && $inheritedRule === false) {
$html[] = JText::_('JLIB_RULES_CONFLICT');
}
$html[] = '</td>';
// Build the Calculated Settings column.
// The inherited settings column is not displayed for the root group in global configuration.
if ($canCalculateSettings) {
$html[] = '<td headers="aclactionth' . $group->value . '">';
// This is where we show the current effective settings considering currrent group, path and cascade.
// Check whether this is a component or global. Change the text slightly.
if (JAccess::checkGroup($group->value, 'core.admin', $assetId) !== true) {
if ($inheritedRule === null) {
$html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
} elseif ($inheritedRule === true) {
$html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
if ($assetRule === false) {
$html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
} else {
$html[] = '<span class="label"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED') . '</span>';
}
}
} elseif (!empty($component)) {
$html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
} else {
// Special handling for groups that have global admin because they can't be denied.
// The admin rights can be changed.
if ($action->name === 'core.admin') {
$html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
// Other actions cannot be changed.
$html[] = '<span class="label label-important"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span>';
} else {
$html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
}
}
$html[] = '</td>';
}
$html[] = '</tr>';
}
$html[] = '</tbody>';
$html[] = '</table></div>';
}
$html[] = '</div></div>';
$html[] = '<div class="alert">';
if ($section == 'component' || $section == null) {
$html[] = JText::_('JLIB_RULES_SETTING_NOTES');
} else {
$html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM');
}
$html[] = '</div>';
return implode("\n", $html);
}
/**
* Method to get the field input markup for Access Control Lists.
* Optionally can be associated with a specific component and section.
*
* TODO: Add access check.
*
* @return string The field input markup.
*
* @since 11.1
*/
protected function getInput()
{
JHtml::_('behavior.tooltip');
// Initialise some field attributes.
$section = $this->element['section'] ? (string) $this->element['section'] : '';
$component = $this->element['component'] ? (string) $this->element['component'] : '';
$assetField = $this->element['asset_field'] ? (string) $this->element['asset_field'] : 'asset_id';
// Get the actions for the asset.
$actions = JAccess::getActions($component, $section);
// Iterate over the children and add to the actions.
foreach ($this->element->children() as $el)
{
if ($el->getName() == 'action')
{
$actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'],
'description' => (string) $el['description']);
}
}
// Get the explicit rules for this asset.
if ($section == 'component')
{
// Need to find the asset id by the name of the component.
$db = JFactory::getDbo();
$db->setQuery('SELECT id FROM #__assets WHERE name = ' . $db->quote($component));
$assetId = (int) $db->loadResult();
if ($error = $db->getErrorMsg())
{
JError::raiseNotice(500, $error);
}
}
else
{
// Find the asset id of the content.
// Note that for global configuration, com_config injects asset_id = 1 into the form.
$assetId = $this->form->getValue($assetField);
}
// Use the compact form for the content rules (deprecated).
//if (!empty($component) && $section != 'component') {
// return JHtml::_('rules.assetFormWidget', $actions, $assetId, $assetId ? null : $component, $this->name, $this->id);
//}
// Full width format.
// Get the rules for just this asset (non-recursive).
$assetRules = JAccess::getAssetRules($assetId);
// Get the available user groups.
$groups = $this->getUserGroups();
// Build the form control.
$curLevel = 0;
// Prepare output
$html = array();
$html[] = '<div id="permissions-sliders" class="pane-sliders">';
$html[] = '<p class="rule-desc">' . JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
$html[] = '<ul id="rules">';
// Start a row for each user group.
foreach ($groups as $group)
{
$difLevel = $group->level - $curLevel;
if ($difLevel > 0)
{
$html[] = '<li><ul>';
}
else if ($difLevel < 0)
{
$html[] = str_repeat('</ul></li>', -$difLevel);
}
$html[] = '<li>';
$html[] = '<div class="panel">';
$html[] = '<h3 class="pane-toggler title"><a href="javascript:void(0);"><span>';
$html[] = str_repeat('<span class="level">|–</span> ', $curLevel = $group->level) . $group->text;
$html[] = '</span></a></h3>';
$html[] = '<div class="pane-slider content pane-hide">';
$html[] = '<div class="mypanel">';
$html[] = '<table class="group-rules">';
$html[] = '<thead>';
$html[] = '<tr>';
$html[] = '<th class="actions" id="actions-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_ACTION') . '</span>';
$html[] = '</th>';
$html[] = '<th class="settings" id="settings-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_SELECT_SETTING') . '</span>';
$html[] = '</th>';
// The calculated setting is not shown for the root group of global configuration.
$canCalculateSettings = ($group->parent_id || !empty($component));
if ($canCalculateSettings)
{
$html[] = '<th id="aclactionth' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_CALCULATED_SETTING') . '</span>';
$html[] = '</th>';
}
$html[] = '</tr>';
$html[] = '</thead>';
$html[] = '<tbody>';
foreach ($actions as $action)
{
$html[] = '<tr>';
$html[] = '<td headers="actions-th' . $group->value . '">';
$html[] = '<label class="hasTip" for="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="'
. htmlspecialchars(JText::_($action->title) . '::' . JText::_($action->description), ENT_COMPAT, 'UTF-8') . '">';
$html[] = JText::_($action->title);
$html[] = '</label>';
$html[] = '</td>';
$html[] = '<td headers="settings-th' . $group->value . '">';
$html[] = '<select name="' . $this->name . '[' . $action->name . '][' . $group->value . ']" id="' . $this->id . '_' . $action->name
. '_' . $group->value . '" title="'
. JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', JText::_($action->title), trim($group->text)) . '">';
$inheritedRule = JAccess::checkGroup($group->value, $action->name, $assetId);
// Get the actual setting for the action for this group.
$assetRule = $assetRules->allow($action->name, $group->value);
// Build the dropdowns for the permissions sliders
// The parent group has "Not Set", all children can rightly "Inherit" from that.
$html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>'
. JText::_(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
$html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED')
. '</option>';
$html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED')
. '</option>';
$html[] = '</select>  ';
// If this asset's rule is allowed, but the inherited rule is deny, we have a conflict.
if (($assetRule === true) && ($inheritedRule === false))
{
$html[] = JText::_('JLIB_RULES_CONFLICT');
}
$html[] = '</td>';
// Build the Calculated Settings column.
// The inherited settings column is not displayed for the root group in global configuration.
if ($canCalculateSettings)
{
$html[] = '<td headers="aclactionth' . $group->value . '">';
// This is where we show the current effective settings considering currrent group, path and cascade.
// Check whether this is a component or global. Change the text slightly.
if (JAccess::checkGroup($group->value, 'core.admin') !== true)
{
if ($inheritedRule === null)
{
$html[] = '<span class="icon-16-unset">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
}
else if ($inheritedRule === true)
{
$html[] = '<span class="icon-16-allowed">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
}
else if ($inheritedRule === false)
{
if ($assetRule === false)
{
$html[] = '<span class="icon-16-denied">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
}
else
{
$html[] = '<span class="icon-16-denied"><span class="icon-16-locked">' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED')
. '</span></span>';
}
}
}
else if (!empty($component))
{
$html[] = '<span class="icon-16-allowed"><span class="icon-16-locked">' . JText::_('JLIB_RULES_ALLOWED_ADMIN')
. '</span></span>';
}
else
{
// Special handling for groups that have global admin because they can't be denied.
// The admin rights can be changed.
if ($action->name === 'core.admin')
{
$html[] = '<span class="icon-16-allowed">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
}
elseif ($inheritedRule === false)
{
// Other actions cannot be changed.
$html[] = '<span class="icon-16-denied"><span class="icon-16-locked">'
. JText::_('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span></span>';
}
else
{
$html[] = '<span class="icon-16-allowed"><span class="icon-16-locked">' . JText::_('JLIB_RULES_ALLOWED_ADMIN')
. '</span></span>';
}
}
$html[] = '</td>';
}
$html[] = '</tr>';
}
$html[] = '</tbody>';
$html[] = '</table></div>';
$html[] = '</div></div>';
$html[] = '</li>';
}
$html[] = str_repeat('</ul></li>', $curLevel);
$html[] = '</ul><div class="rule-notes">';
if ($section == 'component' || $section == null)
{
$html[] = JText::_('JLIB_RULES_SETTING_NOTES');
}
else
{
$html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM');
}
$html[] = '</div></div>';
$js = "window.addEvent('domready', function(){ new Fx.Accordion($$('div#permissions-sliders.pane-sliders .panel h3.pane-toggler'), $$('div#permissions-sliders.pane-sliders .panel div.pane-slider'), {onActive: function(toggler, i) {toggler.addClass('pane-toggler-down');toggler.removeClass('pane-toggler');i.addClass('pane-down');i.removeClass('pane-hide');Cookie.write('jpanesliders_permissions-sliders"
. $component
. "',$$('div#permissions-sliders.pane-sliders .panel h3').indexOf(toggler));},onBackground: function(toggler, i) {toggler.addClass('pane-toggler');toggler.removeClass('pane-toggler-down');i.addClass('pane-hide');i.removeClass('pane-down');},duration: 300,display: "
. JRequest::getInt('jpanesliders_permissions-sliders' . $component, 0, 'cookie') . ",show: "
. JRequest::getInt('jpanesliders_permissions-sliders' . $component, 0, 'cookie') . ", alwaysHide:true, opacity: false}); });";
JFactory::getDocument()->addScriptDeclaration($js);
return implode("\n", $html);
}
/**
* Method to duplicate modules.
*
* @param array &$pks An array of primary key IDs.
*
* @return boolean True if successful.
*
* @since 1.6
* @throws Exception
*/
public function duplicate(&$pks)
{
$user = JFactory::getUser();
// Access checks.
if (!$user->authorise('core.create', 'com_modules')) {
throw new Exception(JText::_('JERROR_CORE_CREATE_NOT_PERMITTED'));
}
$db = $this->getDbo();
$query = $db->getQuery(true);
$inserts = array();
$table = $this->getTable();
$table_adv = JTable::getInstance('AdvancedModules', 'AdvancedModulesTable');
foreach ($pks as $pk) {
if ($table->load($pk, true)) {
// Reset the id to create a new record.
$table->id = 0;
// Alter the title.
$m = null;
if (preg_match('#\\((\\d+)\\)$#', $table->title, $m)) {
$table->title = preg_replace('#\\(\\d+\\)$#', '(' . ($m[1] + 1) . ')', $table->title);
}
$data = $this->generateNewTitle(0, $table->title, $table->position);
$table->title = $data[0];
// Unpublish duplicate module
$table->published = 0;
if (!$table->check() || !$table->store()) {
throw new Exception($table->getError());
}
$query->clear()->select($db->quoteName('menuid'))->from($db->quoteName('#__modules_menu'))->where($db->quoteName('moduleid') . ' = ' . (int) $pk);
$db->setQuery($query);
$rows = $db->loadColumn();
foreach ($rows as $menuid) {
$inserts[(int) $table->id . '-' . (int) $menuid] = (int) $table->id . ',' . (int) $menuid;
}
if ($table->id && !$table_adv->load($table->id)) {
$table_adv->moduleid = $table->id;
$db->insertObject($table_adv->getTableName(), $table_adv, $table_adv->getKeyName());
}
if ($table_adv->load($pk, true)) {
$table_adv->moduleid = $table->id;
$rules = JAccess::getAssetRules('com_modules.module.' . $pk);
$table_adv->setRules($rules);
if (!$table_adv->check() || !$table_adv->store()) {
throw new Exception($table_adv->getError());
}
}
} else {
throw new Exception($table->getError());
}
}
if (!empty($inserts)) {
// Module-Menu Mapping: Do it in one query
$query->clear()->insert('#__modules_menu')->columns(array($db->quoteName('moduleid'), $db->quoteName('menuid')));
foreach ($inserts as $insert) {
$query->values($insert);
}
$db->setQuery($query);
try {
$db->execute();
} catch (RuntimeException $e) {
return JError::raiseWarning(500, $e->getMessage());
}
}
// Clear modules cache
$this->cleanCache();
return true;
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
if ($array['id'] == 0) {
$array['modified_by'] = JFactory::getUser()->id;
}
// Support for alias field: alias
if (empty($array['alias'])) {
if (empty($array['brand_name'])) {
$array['alias'] = JFilterOutput::stringURLSafe(date('Y-m-d H:i:s'));
} else {
$array['alias'] = JFilterOutput::stringURLSafe(trim($array['brand_name']));
}
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_akrecipes.brand.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_akrecipes/access.xml', "/access/section[@name='brand']/");
$default_actions = JAccess::getAssetRules('com_akrecipes.brand.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
protected function getInput3()
{
$css = 'div[id$="permissions"].tab-pane .control-group .controls {
margin-left: 0;
}
div[id$="permissions"].tab-pane label.hasTooltip {
float: left;
}';
$document = JFactory::getDocument();
$document->addStyleDeclaration($css);
JHtml::_('bootstrap.tooltip');
$section = $this->section;
$component = $this->component;
$assetField = $this->assetField;
$actions = JAccess::getActions($component, $section);
foreach ($this->element->children() as $el) {
if ($el->getName() == 'action') {
$actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'], 'description' => (string) $el['description']);
}
}
$sectionComponentArr = array('component', 'component_category', 'component_listing', 'component_comment', 'component_single_rating', 'component_criteria', 'component_moderator', 'component_field_value');
if (in_array($section, $sectionComponentArr)) {
$db = JFactory::getDbo();
$query = $db->getQuery(true)->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
$db->setQuery($query);
$assetId = (int) $db->loadResult();
} else {
$assetId = $this->form->getValue($assetField);
}
if (strpos($section, '_') != false) {
$customNameArray = explode('_', $section);
if (count($customNameArray) == 2) {
$customName = $customNameArray[1];
$customName .= '_';
} elseif (count($customNameArray) > 2) {
unset($customNameArray[0]);
$customName = implode('_', $customNameArray);
$customName .= '_';
} else {
$customName = $section . '_';
}
} else {
$customName = '';
}
$assetRules = JAccess::getAssetRules($assetId);
$groups = $this->getUserGroups();
$html = array();
$html[] = '<p class="rule-desc">' . JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
$html[] = '<div id="' . $customName . 'permissions-sliders" class="tabbable tabs-left">';
$html[] = '<ul class="nav nav-tabs">';
foreach ($groups as $group) {
$active = "";
if ($group->value == 1) {
$active = "active";
}
$html[] = '<li class="' . $active . '">';
$html[] = '<a href="#' . $customName . 'permission-' . $group->value . '" data-toggle="tab">';
$html[] = str_repeat('<span class="level">–</span> ', $curLevel = $group->level) . $group->text;
$html[] = '</a>';
$html[] = '</li>';
}
$html[] = '</ul>';
$html[] = '<div class="tab-content">';
foreach ($groups as $group) {
$active = "";
if ($group->value == 1) {
$active = " active";
}
$html[] = '<div class="tab-pane' . $active . '" id="' . $customName . 'permission-' . $group->value . '">';
$html[] = '<table class="table table-striped">';
$html[] = '<thead>';
$html[] = '<tr>';
$html[] = '<th class="actions" id="actions-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_ACTION') . '</span>';
$html[] = '</th>';
$html[] = '<th class="settings" id="settings-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_SELECT_SETTING') . '</span>';
$html[] = '</th>';
$canCalculateSettings = $group->parent_id || !empty($component);
if ($canCalculateSettings) {
$html[] = '<th id="aclactionth' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_CALCULATED_SETTING') . '</span>';
$html[] = '</th>';
}
$html[] = '</tr>';
$html[] = '</thead>';
$html[] = '<tbody>';
foreach ($actions as $action) {
$html[] = '<tr>';
$html[] = '<td headers="actions-th' . $group->value . '">';
$html[] = '<label for="' . $this->id . '_' . $action->name . '_' . $group->value . '" class="hasTooltip" title="' . '<strong>' . htmlspecialchars(JText::_($action->title) . '</strong><br/>' . JText::_($action->description), ENT_COMPAT, 'UTF-8') . '">';
$html[] = JText::_($action->title);
$html[] = '</label>';
$html[] = '</td>';
$html[] = '<td headers="settings-th' . $group->value . '">';
$this->name = $this->formControl . '[rules]';
$html[] = '<select class="input-small" name="' . $this->name . '[' . $action->name . '][' . $group->value . ']" id="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', JText::_($action->title), trim($group->text)) . '">';
$inheritedRule = JAccess::checkGroup($group->value, $action->name, $assetId);
$assetRule = $assetRules->allow($action->name, $group->value);
$html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>' . JText::_(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
$html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED') . '</option>';
$html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED') . '</option>';
$html[] = '</select>  ';
if ($assetRule === true && $inheritedRule === false) {
$html[] = JText::_('JLIB_RULES_CONFLICT');
}
$html[] = '</td>';
if ($canCalculateSettings) {
$html[] = '<td headers="aclactionth' . $group->value . '">';
if (JAccess::checkGroup($group->value, 'core.admin', $assetId) !== true) {
if ($inheritedRule === null) {
$html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
} elseif ($inheritedRule === true) {
$html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
if ($assetRule === false) {
$html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
} else {
$html[] = '<span class="label"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED') . '</span>';
}
}
} elseif (!empty($component)) {
$html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
} else {
if ($action->name === 'core.admin') {
$html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
$html[] = '<span class="label label-important"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span>';
} else {
$html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
}
}
$html[] = '</td>';
}
$html[] = '</tr>';
}
$html[] = '</tbody>';
$html[] = '</table></div>';
}
$html[] = '</div></div>';
$html[] = '<div class="alert">';
if ($section == 'component' || $section == null) {
$html[] = JText::_('JLIB_RULES_SETTING_NOTES');
} else {
$html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM');
}
$html[] = '</div>';
$html[] = '<script type="text/javascript">';
$html[] = 'jQuery(document).ready(function(){';
$html[] = 'var loadTabFix = function() {';
$html[] = ' var addClassActive = true;';
$html[] = ' jQuery("#' . $customName . 'permissions-sliders ul li").each(function(){';
$html[] = ' if(jQuery(this).hasClass("active")){';
$html[] = ' addClassActive = false;';
$html[] = ' }';
$html[] = ' });';
$html[] = ' if(addClassActive){';
$html[] = ' jQuery("#' . $customName . 'permissions-sliders a:first").tab("show");';
$html[] = ' }';
$html[] = '}';
$html[] = 'setTimeout(loadTabFix, 110);';
$html[] = '});';
$html[] = '</script>';
return implode("\n", $html);
}
protected function getAssetRules($component = null, $asset_id = null)
{
static $cache = array();
static $assets = array();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
if (is_null($component)) {
$component = $this->component;
}
if (is_null($asset_id)) {
$asset_id = $this->asset_id;
}
if (!$asset_id) {
if (isset($assets[$component])) {
$asset_id = (int) $assets[$component];
} else {
// This is a new item, get the asset id of the component
$query->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
$db->setQuery($query);
$assets[$component] = $db->loadResult();
$asset_id = (int) $assets[$component];
}
}
if (!$asset_id) {
$asset_id = 1;
}
if (isset($cache[$asset_id])) {
return $cache[$asset_id];
}
$cache[$asset_id] = JAccess::getAssetRules($asset_id);
return $cache[$asset_id];
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
// Support for multiple or not foreign key field: subject
if (!empty($array['subject'])) {
if (is_array($array['subject'])) {
$array['subject'] = implode(',', $array['subject']);
} else {
if (strrpos($array['subject'], ',') != false) {
$array['subject'] = explode(',', $array['subject']);
}
}
} else {
$array['subject'] = '';
}
// Support for multiple or not foreign key field: category
if (!empty($array['category'])) {
if (is_array($array['category'])) {
$array['category'] = implode(',', $array['category']);
} else {
if (strrpos($array['category'], ',') != false) {
$array['category'] = explode(',', $array['category']);
}
}
} else {
$array['category'] = '';
}
// Support for checkbox field: keyness
if (!isset($array['keyness'])) {
$array['keyness'] = 0;
}
// Support for multiple or not foreign key field: frequency
if (!empty($array['frequency'])) {
if (is_array($array['frequency'])) {
$array['frequency'] = implode(',', $array['frequency']);
} else {
if (strrpos($array['frequency'], ',') != false) {
$array['frequency'] = explode(',', $array['frequency']);
}
}
} else {
$array['frequency'] = '';
}
// Support for multiple or not foreign key field: pos
if (!empty($array['pos'])) {
if (is_array($array['pos'])) {
$array['pos'] = implode(',', $array['pos']);
} else {
if (strrpos($array['pos'], ',') != false) {
$array['pos'] = explode(',', $array['pos']);
}
}
} else {
$array['pos'] = '';
}
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_vocab.content.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_vocab/access.xml', "/access/section[@name='content']/");
$default_actions = JAccess::getAssetRules('com_vocab.content.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Method to check JUser object authorisation against an access control
* object and optionally an access extension object
*
* @param string $action The name of the action to check for permission.
* @param string $assetname The name of the asset on which to perform the action.
*
* @return boolean True if authorised
*
* @since 11.1
*/
public function authorise($action, $assetname = null)
{
// Make sure we only check for core.admin once during the run.
if ($this->isRoot === null) {
$this->isRoot = false;
// Check for the configuration file failsafe.
$config = JFactory::getConfig();
$rootUser = $config->get('root_user');
// The root_user variable can be a numeric user ID or a username.
if (is_numeric($rootUser) && $this->id > 0 && $this->id == $rootUser) {
$this->isRoot = true;
} elseif ($this->username && $this->username == $rootUser) {
$this->isRoot = true;
} else {
// Get all groups against which the user is mapped.
$identities = $this->getAuthorisedGroups();
array_unshift($identities, $this->id * -1);
if (JAccess::getAssetRules(1)->allow('core.admin', $identities)) {
$this->isRoot = true;
return true;
}
}
}
return $this->isRoot ? true : JAccess::check($this->id, $action, $assetname);
}
/**
* Tests the JAccess::getAssetRules method.
*
* @return void
*
* @since 11.1
*/
public function testGetAssetRulesTextTrue()
{
$access = new JAccess();
$ObjArrayJrules = $access->getAssetRules('testasset', true);
$string1 = '{"core.login.site":{"6":1,"2":1},"core.login.admin":{"6":1},"core.login.offline":[],"core.admin":{"8":1},"core.manage":{"7":1},' . '"core.create":{"6":1,"3":1},"core.delete":{"6":1},"core.edit":{"6":1,"4":1},"core.edit.state":{"6":1,"5":1},"core.edit.own":{"6":1,"3":1}}';
$this->assertThat((string) $ObjArrayJrules, $this->equalTo($string1), 'Invalid asset uses rule from root. Line: ' . __LINE__);
}
