Exemplo n.º 1
0
 /**
  * Returns array of users linked to entity
  *
  * @param string $entityName  Inventory entity name (affiliates, clients, etc)
  * @param integer $entityId  Inventory entity ID
  * @return array
  */
 function getAccountUsersByEntity($entityName, $entityId)
 {
     $doUsers = OA_Dal::factoryDO('users');
     $doAccount_user_assoc = OA_Dal::factoryDO('account_user_assoc');
     $doAccount_user_assoc->account_id = OA_Permission::getAccountIdForEntity($entityName, $entityId);
     $doUsers->joinAdd($doAccount_user_assoc);
     $doUsers->find();
     return $this->_buildUsersTable($doUsers);
 }
|                                                                           |
| Copyright: See the COPYRIGHT.txt file.                                    |
| License: GPLv2 or later, see the LICENSE.txt file.                        |
+---------------------------------------------------------------------------+
*/
// Require the initialisation file
require_once '../../init.php';
// Required files
require_once MAX_PATH . '/lib/OA/Dal.php';
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/lib/OA/Session.php';
require_once MAX_PATH . '/lib/OA/Admin/UI/UserAccess.php';
// Register input variables
phpAds_registerGlobal('userid', 'returnurl');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
OA_Permission::enforceAccountPermission(OA_ACCOUNT_ADVERTISER, OA_PERM_SUPER_ACCOUNT);
OA_Permission::enforceAccessToObject('clients', $clientid);
$accountId = OA_Permission::getAccountIdForEntity('clients', $clientid);
// CVE-2013-5954 - see OA_Permission::checkSessionToken() method for details
OA_Permission::checkSessionToken();
/*-------------------------------------------------------*/
/* Main code                                             */
/*-------------------------------------------------------*/
if (!empty($accountId) && !empty($userid)) {
    OA_Admin_UI_UserAccess::unlinkUserFromAccount($accountId, $userid);
}
if (empty($returnurl)) {
    $returnurl = 'advertiser-access.php?clientid=' . $clientid;
}
Header("Location: " . $returnurl);
{
    global $affiliateid;
    phpAds_PageHeader("affiliate-access");
    MAX_displayWebsiteBreadcrumbs($affiliateid);
}
$userAccess->setNavigationHeaderCallback('OA_headerNavigation');
function OA_footerNavigation()
{
    echo "\n    <script language='JavaScript'>\n    <!--\n    ";
    if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) {
        echo "function MMM_cascadePermissionsChange()\n        {\n            var e = findObj('permissions_" . OA_PERM_ZONE_EDIT . "');\n            var a = findObj('permissions_" . OA_PERM_ZONE_ADD . "');\n            var d = findObj('permissions_" . OA_PERM_ZONE_DELETE . "');\n\n            a.disabled = d.disabled = !e.checked;\n            if (!e.checked) {\n                a.checked = d.checked = false;\n            }\n        }\n        MMM_cascadePermissionsChange();\n        //-->";
    }
    echo "</script>";
}
$userAccess->setNavigationFooterCallback('OA_footerNavigation');
$accountId = OA_Permission::getAccountIdForEntity('affiliates', $affiliateid);
$userAccess->setAccountId($accountId);
$userAccess->setPagePrefix('affiliate');
$aAllowedPermissions = array();
if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT, $accountId)) {
    $aAllowedPermissions[OA_PERM_SUPER_ACCOUNT] = array($strAllowCreateAccounts, false);
}
$aAllowedPermissions[OA_PERM_ZONE_EDIT] = array($strAllowAffiliateModifyZones, false, 'MMM_cascadePermissionsChange()');
$aAllowedPermissions[OA_PERM_ZONE_ADD] = array($strAllowAffiliateAddZone, true, false);
$aAllowedPermissions[OA_PERM_ZONE_DELETE] = array($strAllowAffiliateDeleteZone, true, false);
$aAllowedPermissions[OA_PERM_ZONE_LINK] = array($strAllowAffiliateLinkBanners, false, false);
$aAllowedPermissions[OA_PERM_ZONE_INVOCATION] = array($strAllowAffiliateGenerateCode, false, false);
$aAllowedPermissions[OA_PERM_USER_LOG_ACCESS] = array($strAllowAuditTrailAccess, false, false);
$userAccess->setAllowedPermissions($aAllowedPermissions);
$userAccess->setHiddenFields(array('affiliateid' => $affiliateid));
$userAccess->setRedirectUrl('affiliate-access.php?affiliateid=' . $affiliateid);
Exemplo n.º 4
0
|                                                                           |
| You should have received a copy of the GNU General Public License         |
| along with this program; if not, write to the Free Software               |
| Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA |
+---------------------------------------------------------------------------+
$Id: agency-user-unlink.php 37157 2009-05-28 12:31:10Z andrew.hill $
*/
// Require the initialisation file
require_once '../../init.php';
// Required files
require_once MAX_PATH . '/lib/OA/Dal.php';
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/lib/OA/Session.php';
require_once MAX_PATH . '/lib/OA/Admin/UI/UserAccess.php';
// Register input variables
phpAds_registerGlobal('userid', 'returnurl');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER);
OA_Permission::enforceAccountPermission(OA_ACCOUNT_MANAGER, OA_PERM_SUPER_ACCOUNT);
OA_Permission::enforceAccessToObject('agency', $agencyid);
$accountId = OA_Permission::getAccountIdForEntity('agency', $agencyid);
/*-------------------------------------------------------*/
/* Main code                                             */
/*-------------------------------------------------------*/
if (!empty($accountId) && !empty($userid)) {
    OA_Admin_UI_UserAccess::unlinkUserFromAccount($accountId, $userid);
}
if (empty($returnurl)) {
    $returnurl = 'agency-access.php?agencyid=' . $agencyid;
}
Header("Location: " . $returnurl);
Exemplo n.º 5
0
 /**
  * A method to show an error if the current user/account doesn't have access
  * to the specified DB_DataObject (defined by table name and entity ID).
  *
  * @static
  * @param string  $entityTable    The name of the table.
  * @param integer $entityId       Optional entity ID -- when set, tests if the current
  *                                account has access to the enity, when not set,  tests
  *                                if the current account can create a new entity in the
  *                                table.
  * @param boolean $allowNewEntity Allow creation of a new entity, defaults to false.
  */
 function enforceAccessToObject($entityTable, $entityId = null, $allowNewEntity = false)
 {
     if (!$allowNewEntity) {
         OA_Permission::enforceTrue(!empty($entityId));
     }
     // Verify that the ID is numeric
     OA_Permission::enforceTrue(preg_match('/^\\d*$/D', $entityId));
     $entityId = (int) $entityId;
     $hasAccess = OA_Permission::hasAccessToObject($entityTable, $entityId);
     if (!$hasAccess) {
         if (!OA_Permission::isManualAccountSwitch()) {
             if (OA_Permission::isUserLinkedToAdmin()) {
                 // Check object existence
                 OA_Permission::enforceTrue(OA_Permission::getAccountIdForEntity($entityTable, $entityId));
             }
             // if has access switch to the manager account that owns this object
             if ($hasAccess) {
                 if (OA_Permission::switchToManagerAccount($entityTable, $entityId)) {
                     // Now that the admin user is working with the manager
                     // account that owns the object, show to him the page.
                     $url = $_SERVER['REQUEST_URI'];
                     header("Location: {$url}");
                     exit;
                 } else {
                     // If is not possible to switch redirect the admin to his home page
                     OX_Admin_Redirect::redirect();
                 }
             }
         }
     }
     if (!$hasAccess) {
         OA_Permission::redirectIfManualAccountSwitch();
         $hasAccess = OA_Permission::attemptToSwitchForAccess($entityTable, $entityId);
     }
     OA_Permission::enforceTrue($hasAccess);
 }