public function execute() { $system = wa(); $datetime = $system->getDateTime(); $user = $this->getUser()->getRights('contacts', 'backend'); $admin = $user >= 2; $cr = new contactsRightsModel(); if (!empty($this->params['limited_own_profile'])) { $this->id = wa()->getUser()->getId(); $this->view->assign('limited_own_profile', true); $this->view->assign('save_url', '?module=profile&action=save'); $this->view->assign('password_save_url', '?module=profile&action=password'); $this->view->assign('save_geocoords_url', '?module=profile&action=saveGeocoords'); $this->view->assign('photo_upload_url', '?module=profile&action=tmpimage'); $this->view->assign('photo_editor_url', '?module=profile&action=photo'); $this->view->assign('photo_editor_uploaded_url', '?module=profile&action=photo&uploaded=1'); } else { $this->id = (int) waRequest::get('id'); if (empty($this->id)) { throw new waException('No id specified.'); } $r = $cr->getRight(null, $this->id); //var_dump($r );exit; if (!$r) { throw new waRightsException(_w('Access denied')); } else { $this->view->assign('readonly', $r === 'read'); } } $exists = $this->getContactInfo(); if ($exists) { $this->getUserInfo(); $this->view->assign('last_view_context', $this->getLastViewContext()); // collect data from other applications to show in tabs if (empty($this->params['limited_own_profile'])) { $links = array(); foreach (wa()->event('profile.tab', $this->id) as $app_id => $one_or_more_links) { if (!isset($one_or_more_links['html'])) { $i = ''; foreach ($one_or_more_links as $link) { $key = isset($link['id']) ? $link['id'] : $app_id . $i; $links[$key] = $link; $i++; } } else { $key = isset($one_or_more_links['id']) ? $one_or_more_links['id'] : $app_id; $links[$key] = $one_or_more_links; } } $this->view->assign('links', $links); } // tab to open by default $this->view->assign('tab', waRequest::get('tab')); $this->view->assign('admin', $admin); $this->view->assign('superadmin', $admin && $this->getUser()->getRights('webasyst', 'backend')); $this->view->assign('current_user_id', wa()->getUser()->getId()); $this->view->assign('can_edit', $cr->getRight(null, $this->id)); // Update history if (empty($this->params['limited_own_profile'])) { $name = $this->contact->get('name'); if ($name || $name === '0') { $history = new contactsHistoryModel(); $history->save('/contact/' . $this->id, $name); } // Update history in user's browser $historyModel = new contactsHistoryModel(); $this->view->assign('history', $historyModel->get()); } $this->view->assign('wa_view', $this->view); $this->view->assign('access_disable_msg', contactsHelper::getAccessDisableMsg($this->contact)); $this->view->assign('my_url', wa()->getRootUrl(true) . 'my/'); $this->view->assign('backend_url', wa()->getRootUrl(true) . wa()->getConfig()->getBackendUrl(false) . '/'); $this->view->assign('static_url', wa()->getAppStaticUrl('contacts')); } $this->view->assign('exists', $exists); if ($this->getRequest()->request('standalone')) { /** * Include plugins js and css * @event backend_assets * @return array[string]string $return[%plugin_id%] */ $this->view->assign('backend_assets', wa()->event('backend_assets')); } $auth = wa()->getAuthConfig(); $this->view->assign('personal_portal_available', !empty($auth['app'])); /* * @event backend_contact_info * @return array[string]array $return[%plugin_id%] array of html output * @return array[string][string]string $return[%plugin_id%]['after_header'] html output * @return array[string][string]string $return[%plugin_id%]['header'] html output * @return array[string][string]string $return[%plugin_id%]['before_header'] html output * @return array[string][string]string $return[%plugin_id%]['before_top'] html output * @return array[string][string]string $return[%plugin_id%]['top'] html output * @return array[string][string]string $return[%plugin_id%]['after_top'] html output * @return array[string][string]string $return[%plugin_id%]['photo'] html output */ $backend_contact_info_params = array('contact_id' => $this->id); $this->view->assign('backend_contact_info', wa()->event('backend_contact_info', $backend_contact_info_params)); }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException('Access denied.'); } $app_id = waRequest::post('app_id'); $name = waRequest::post('name'); $value = (int) waRequest::post('value'); $contact_id = waRequest::get('id'); $has_backend_access_old = $this->hasBackendAccess($contact_id); if (!$name && !$value) { $values = waRequest::post('app'); if (!is_array($values)) { throw new waException('Bad values for access rights.'); } } else { $values = array($name => $value); } $right_model = new waContactRightsModel(); $is_admin = $right_model->get($contact_id, 'webasyst', 'backend', false); if ($is_admin && $app_id != 'webasyst') { throw new waException('Cannot change application rights for global admin.'); } // If $contact_id used to have limited access and we're changing global admin privileges, // then need to notify all applications to remove their custom access records. if (!$is_admin && $app_id == 'webasyst' && $name == 'backend') { foreach (wa()->getApps() as $aid => $app) { try { if (isset($app['rights']) && $app['rights']) { $app_config = SystemConfig::getAppConfig($aid); $class_name = $app_config->getPrefix() . "RightConfig"; $file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php"); $right_config = null; if (!file_exists($file_path)) { continue; } waSystem::getInstance($aid, $app_config); include_once $file_path; /** * @var waRightConfig */ $right_config = new $class_name(); $right_config->clearRights($contact_id); } } catch (Exception $e) { // silently ignore other applications errors } } } // Update $app_id access records $app_config = SystemConfig::getAppConfig($app_id); $class_name = $app_config->getPrefix() . "RightConfig"; $file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php"); $right_config = null; if (file_exists($file_path)) { // Init app waSystem::getInstance($app_id, $app_config); include_once $file_path; /** * @var waRightConfig */ $right_config = new $class_name(); } foreach ($values as $name => $value) { if ($right_config && $right_config->setRights($contact_id, $name, $value)) { // If we've got response from custom rights config, then no need to update main rights table continue; } // Set default limited rights if ($right_config && $name == 'backend' && $value == 1) { /** * @var $right_config waRightConfig */ foreach ($right_config->setDefaultRights($contact_id) as $n => $v) { $right_model->save($contact_id, $app_id, $n, $v); } } $right_model->save($contact_id, $app_id, $name, $value); } waSystem::setActive('contacts'); if ($contact_id) { // TODO: use waContact method for disabling $is_user = waRequest::post('is_user', null, 'int'); if ($is_user === -1 || $is_user === 0 || $is_user === 1) { $contact = new waContact($contact_id); $contact->save(array('is_user' => $is_user)); $this->response['access_disable_msg'] = contactsHelper::getAccessDisableMsg($contact); } } $has_backend_access_new = $this->hasBackendAccess($contact_id); if ($has_backend_access_new !== $has_backend_access_old) { if ($has_backend_access_new) { $this->logAction("grant_backend_access", null, $contact_id); } else { $this->logAction("revoke_backend_access", null, $contact_id); } } }