/**
* Copy one permission row to the subtree
*
*
* @package CMS
*
* @param string type - permission type (OBJ/ACL)
* @param integer source_id - source ID (obejct ID or group ID)
* @param string crud - CRUPD mask to be copied eg "01000"
* @param integer user_id - User ID
* @param integer group_id - Group ID
* @param integer role_id - Role ID
*
* Call:
* copy_permissions(array(
* "type" => 'OBJ',
* "source_id" => $site->fdat['id'],
* "crud" => $site->fdat['crud']
* "user_id" => $site->fdat['perm_user_id'],
* "group_id" => $site->fdat['perm_group_id'],
* "role_id" => $site->fdat['perm_role_id'],
* ));
*/
function copy_permissions ($args) {
global $site, $class_path;
$source_id = $args['source_id'];
$crud = $args['crud'];
$user_id = $args['user_id'];
$group_id = $args['group_id'];
$role_id = $args['role_id'];
## how many objects/groups were actually updated
$updated_count = 0;
# make string "01000" to array
$crud_arr['C'] = substr($crud,0,1);
$crud_arr['R'] = substr($crud,1,1);
$crud_arr['U'] = substr($crud,2,1);
$crud_arr['P'] = substr($crud,3,1);
$crud_arr['D'] = substr($crud,4,1);
?>
<tr>
<td valign="top" class="scms_confirm_alert_cell" height="100%">
<?
#echo "ID:". $source_id.' / CRUD: '.$crud;
if($args['type']) {
############ 1) GET SUBTREE HERE (query 1 time)
# get object subtree: children sections (ignore objects languages, to get folders also. there is no risk because we get always one certain branch)
if($args['type']=='OBJ'){
include_once($class_path."rubloetelu.class.php"); # used in subtree proc
$rubs = new RubLoetelu(array(
"keel" => $keel,
"required_perm" => "U",
"object_type_ids" => "1,22", # get sections, folders (Bug #1996)
"ignore_lang" => 1 # ignore objects languages
));
#printr($rubs->get_loetelu());
#$rubs->debug->print_msg();
# get branch: is array of all section children with update permission:
$branch = $rubs->get_branch_byID(array(id => $site->fdat['id']));
#printr($branch);
}
# get group subtree: children subgroups
elseif($args['type']=='ACL'){
$sql = "SELECT group_id AS id, parent_group_id AS parent, name FROM groups ORDER BY name";
$sth = new SQL($sql);
while ($data = $sth->fetch()){
$temp_tree[] = $data;
}
############# generate tree
require_once($class_path.'menu.class.php');
$menu = new Menu(array(
width=> "100%",
tree => $temp_tree,
datatype => "group"
));
$menu->get_full_subtree(array("parent_id" => $site->fdat['id']));
# $menu->full_subtree is variable from group tree and is all ID-s of group children
#echo printr($menu->full_subtree);
foreach($menu->full_subtree as $subgroup_id) {
$branch[$subgroup_id] = ""; # name is not important
};
}
###################
# 2. INSERT PERMISSIONS
# loop over subtree
# branch is array of all children
foreach($branch as $child_id=>$child_name) {
# omit source object itself
if($child_id == $source_id) {
continue;
}
########### CREATE CHILD (to get permissions and title)
if($args['type'] == 'OBJ') {
## create child object
$child = new Objekt(array(
objekt_id => $child_id
));
$child->title = $child->all['pealkiri'];
}
elseif($args['type'] == 'ACL') {
## create child group
$child = new Group(array(
group_id => $child_id,
));
$child->permission = get_user_permission(array(
type => 'ACL',
group_id => $child_id
));
$child->title = $child->name;
}
#printr($child->permission);
########### CHECK UPDATE PERMISSION - does user has U permission for this object? (Bug #2203)
if(!$child->permission['U']) {
continue; # user doesn't have U permission => don't change child
}
# insert permission also to child:
#print "<br>insert permission also to child: ". $child_id. " => ".$child_name;
##### 1) DELETE OLD permission
$sql = $site->db->prepare("DELETE FROM permissions WHERE type=? AND source_id=? AND ",$args['type'], $child_id);
if($role_id){
$sql .= $site->db->prepare(" role_id=? ", $role_id);
} elseif($group_id){
$sql .= $site->db->prepare(" group_id=? ", $group_id);
} elseif($user_id){
$sql .= $site->db->prepare(" user_id=? ", $user_id);
}
$sth = new SQL($sql);
$site->debug->msg($sth->debug->get_msgs());
#print "<br>".$sql;
##### 2) INSERT permission
$sql = $site->db->prepare("INSERT INTO permissions (type,source_id,role_id,group_id,user_id,C,R,U,P,D) VALUES (?,?,?,?,?,?,?,?,?,?)",
$args['type'],
$child_id,
($role_id?$role_id:0),
($group_id?$group_id:0),
($user_id?$user_id:0),
$crud_arr['C'],
$crud_arr['R'],
$crud_arr['U'],
$crud_arr['P'],
$crud_arr['D']
);
$sth = new SQL($sql);
$site->debug->msg($sth->debug->get_msgs());
#print "<br>".$sql;
if($sth->rows) {
$updated_count++;
}
############
# 3. WRITE LOG
# type= OBJ
if($args['type'] == 'OBJ') {
new Log(array(
'action' => 'update',
'component' => 'ACL',
'objekt_id' => $child_id,
'message' => "Object '".$child->title."' (ID=".$child_id.") permissions updated inside subtree",
));
}
# type= ACL
elseif($args['type'] == 'ACL') {
new Log(array(
'action' => 'update',
'component' => 'ACL',
'objekt_id' => $child_id,
'message' => "Object '".$child->title."' (ID=".$child_id.") permissions updated inside subtree",
));
}
# / write log
############
}
# / loop over subtree
###################
} # if permission type provided
##################
######### MESSAGE
echo $site->sys_sona(array(sona => "Permissions copied to subtree", tyyp=>"editor"));
echo ': '.$updated_count.'';
?>
</td>
</tr>
<?#################### BUTTONS ###########?>
<tr>
<td align="right" valign="top" class="scms_dialog_area_bottom">
<input type="button" value="<?=$site->sys_sona(array(sona => "Close", tyyp=>"editor")) ?>" onclick="javascript:window.close();">
</td>
</tr>
<?
}
