/**
* Checks access control list for currently loaded row for the specified user and returns an access value. Values are:
*
* __CA_ACL_NO_ACCESS__ (0)
* __CA_ACL_READONLY_ACCESS__ (1)
* __CA_ACL_EDIT_ACCESS__ (2)
* __CA_ACL_EDIT_DELETE_ACCESS__ (3)
*
* @param ca_users $t_user A ca_users object
* @param int $pn_id Optional row_id to check ACL for; if omitted currently loaded row_id is used
* @return int An access value
*/
public function checkACLAccessForUser($t_user, $pn_id = null)
{
if (!$this->supportsACL()) {
return __CA_ACL_EDIT_DELETE_ACCESS__;
}
if (!$pn_id) {
$pn_id = (int) $this->getPrimaryKey();
if (!$pn_id) {
return null;
}
}
if ($t_user->canDoAction('is_administrator')) {
return __CA_ACL_EDIT_DELETE_ACCESS__;
}
require_once __CA_MODELS_DIR__ . '/ca_acl.php';
return ca_acl::accessForRow($t_user, $this->tableNum(), $pn_id);
}
*
* This source code is free and modifiable under the terms of
* GNU General Public License. (http://www.gnu.org/copyleft/gpl.html). See
* the "license.txt" file for details, or visit the CollectiveAccess web site at
* http://www.CollectiveAccess.org
*
* ----------------------------------------------------------------------
*/
$vs_id_prefix = $this->getVar('id_prefix');
$t_instance = $this->getVar('t_instance');
$t_item = $this->getVar('t_user');
// user
$t_subject = $this->getVar('t_subject');
$va_settings = $this->getVar('settings');
$vs_add_label = $this->getVar('add_label');
$t_acl = new ca_acl();
$vb_read_only = isset($va_settings['readonly']) && $va_settings['readonly'] || $this->request->user->getBundleAccessLevel($t_instance->tableName(), 'ca_users') == __CA_BUNDLE_ACCESS_READONLY__;
$t_acl->set('access', (int) $this->getVar('initialValue'));
?>
<div id="<?php
print $vs_id_prefix . '_world';
?>
">
<div class="bundleContainer">
<div class="caItemList">
<div id="<?php
print $vs_id_prefix;
?>
_World" class="labelInfo">
<table class="caListItem">
<tr>
* This source code is free and modifiable under the terms of
* GNU General Public License. (http://www.gnu.org/copyleft/gpl.html). See
* the "license.txt" file for details, or visit the CollectiveAccess web site at
* http://www.CollectiveAccess.org
*
* ----------------------------------------------------------------------
*/
$vs_id_prefix = $this->getVar('id_prefix') . '_group';
$t_instance = $this->getVar('t_instance');
$t_item = $this->getVar('t_group');
// user group
$t_subject = $this->getVar('t_subject');
$va_settings = $this->getVar('settings');
$vs_add_label = $this->getVar('add_label');
$vb_read_only = isset($va_settings['readonly']) && $va_settings['readonly'] || $this->request->user->getBundleAccessLevel($t_instance->tableName(), 'ca_users') == __CA_BUNDLE_ACCESS_READONLY__;
$t_acl = new ca_acl();
$va_initial_values = $this->getVar('initialValues');
if (!is_array($va_initial_values)) {
$va_initial_values = array();
}
?>
<div id="<?php
print $vs_id_prefix . $t_item->tableNum() . '_rel';
?>
">
<?php
//
// The bundle template - used to generate each bundle in the form
//
?>
<textarea class='caItemTemplate' style='display: none;'>
/**
*
*
* @param array $pa_options Array of options passed through to _initView
*/
public function SetAccess($pa_options = null)
{
list($vn_subject_id, $t_subject) = $this->_initView($pa_options);
if (!$this->_checkAccess($t_subject)) {
return false;
}
if (!$t_subject->isSaveable($this->request) || !$this->request->user->canDoAction('can_change_acl_' . $t_subject->tableName())) {
$this->response->setRedirect($this->request->config->get('error_display_url') . '/n/2570?r=' . urlencode($this->request->getFullUrlPath()));
return;
}
$vs_form_prefix = $this->request->getParameter('_formName', pString);
// Save user ACL's
$va_users_to_set = array();
foreach ($_REQUEST as $vs_key => $vs_val) {
if (preg_match("!^{$vs_form_prefix}_user_id(.*)\$!", $vs_key, $va_matches)) {
$vn_user_id = (int) $this->request->getParameter($vs_form_prefix . '_user_id' . $va_matches[1], pInteger);
$vn_access = $this->request->getParameter($vs_form_prefix . '_user_access_' . $va_matches[1], pInteger);
if ($vn_access >= 0) {
$va_users_to_set[$vn_user_id] = $vn_access;
}
}
}
$t_subject->setACLUsers($va_users_to_set);
// Save group ACL's
$va_groups_to_set = array();
foreach ($_REQUEST as $vs_key => $vs_val) {
if (preg_match("!^{$vs_form_prefix}_group_id(.*)\$!", $vs_key, $va_matches)) {
$vn_group_id = (int) $this->request->getParameter($vs_form_prefix . '_group_id' . $va_matches[1], pInteger);
$vn_access = $this->request->getParameter($vs_form_prefix . '_group_access_' . $va_matches[1], pInteger);
if ($vn_access >= 0) {
$va_groups_to_set[$vn_group_id] = $vn_access;
}
}
}
$t_subject->setACLUserGroups($va_groups_to_set);
// Save "world" ACL
$t_subject->setACLWorldAccess($this->request->getParameter("{$vs_form_prefix}_access_world", pInteger));
// Propagate ACL settings to records that inherit from this one
if ((bool) $t_subject->getProperty('SUPPORTS_ACL_INHERITANCE')) {
ca_acl::applyACLInheritanceToChildrenFromRow($t_subject);
if (is_array($va_inheritors = $t_subject->getProperty('ACL_INHERITANCE_LIST'))) {
foreach ($va_inheritors as $vs_inheritor_table) {
ca_acl::applyACLInheritanceToRelatedFromRow($t_subject, $vs_inheritor_table);
}
}
}
// Set ACL-related intrinsic fields
if ($t_subject->hasField('acl_inherit_from_ca_collections') || $t_subject->hasField('acl_inherit_from_parent')) {
$t_subject->setMode(ACCESS_WRITE);
if ($t_subject->hasField('acl_inherit_from_ca_collections')) {
$t_subject->set('acl_inherit_from_ca_collections', $this->request->getParameter('acl_inherit_from_ca_collections', pString));
}
if ($t_subject->hasField('acl_inherit_from_parent')) {
$t_subject->set('acl_inherit_from_parent', $this->request->getParameter('acl_inherit_from_parent', pString));
}
$t_subject->update();
if ($t_subject->numErrors()) {
$this->postError(1250, _t('Could not set ACL inheritance settings: %1', join("; ", $t_subject->getErrors())), "BaseEditorController->SetAccess()");
}
}
$this->Access();
}
/**
*
*/
public function delete($pb_delete_related = false, $pa_options = null, $pa_fields = null, $pa_table_list = null)
{
$t_left = $this->getAppDatamodel()->getInstanceByTableNum($this->getLeftTableNum());
$vn_left_id = $this->get($this->getLeftTableFieldName());
$vn_right_id = $this->get($this->getRightTableFieldName());
$t_right = $this->getAppDatamodel()->getInstanceByTableNum($this->getRightTableNum());
if ($vn_rc = parent::delete($pb_delete_related, $pa_options, $pa_fields, $pa_table_list)) {
foreach (array($this->getRightTableName() => $t_left, $this->getLeftTableName() => $t_right) as $vs_other_table_name => $t_instance) {
if ((bool) $t_instance->getProperty('SUPPORTS_ACL_INHERITANCE')) {
if (is_array($va_inheritors = $t_instance->getProperty('ACL_INHERITANCE_LIST')) && in_array($vs_other_table_name, $va_inheritors)) {
ca_acl::applyACLInheritanceToRelatedRowFromRow($t_instance, $vs_other_table_name == $this->getLeftTableName() ? $vn_right_id : $vn_left_id, $vs_other_table_name, $vs_other_table_name == $this->getLeftTableName() ? $vn_left_id : $vn_right_id, array('deleteACLOnly' => true));
}
}
}
}
return $vn_rc;
}
