Exemplos de CB Security::getSecuritySets em PHP

Exemplo n.º 1

Arquivo: Actions.php Projeto: sebbie42/casebox

 /**
  * internal function executing a copy or move action
  * @param  array $sourceIds ids to be copied
  * @param  int   $targetId
  * @return array processed ids
  */
 private function doAction($action, $objectIds, $targetId)
 {
     $rez = array();
     // all the copy process will be made in a single transaction
     DB\startTransaction();
     //get security sets to which this user has
     //read access for copy or delete access for move
     $this->securitySetsFilter = '';
     if (!Security::isAdmin()) {
         $ss = array();
         switch ($action) {
             case 'copy':
                 $ss = \CB\Security::getSecuritySets();
                 break;
             case 'move':
                 //check if the user can move, because it doesnt anctually delete the obj, but just move it
                 $ss = \CB\Security::getSecuritySets(false, 5);
                 break;
         }
         $this->securitySetsFilter = 'AND ti.security_set_id in (0' . implode(',', $ss) . ')';
     }
     /* select only objects that current user can delete */
     $accessibleIds = array();
     $res = DB\dbQuery('SELECT t.id
         FROM tree t
         JOIN tree_info ti ON
             t.id = ti.id ' . $this->securitySetsFilter . '
         WHERE t.id in (' . implode(',', $objectIds) . ')
             AND t.dstatus = 0');
     while ($r = $res->fetch_assoc()) {
         $accessibleIds[] = $r['id'];
     }
     $res->close();
     if (!empty($accessibleIds)) {
         $this->objectsClass = new \CB\Objects();
         $rez = $this->doRecursiveAction($action, $accessibleIds, $targetId);
     } else {
         throw new \Exception(L\get('Access_denied'), 1);
     }
     DB\commitTransaction();
     return $rez;
 }

Exemplo n.º 2

Arquivo: Search.php Projeto: austinvernsonger/casebox

 /**
  * get assign security sets to filters
  * dont check if 'skipSecurity = true'
  * it's used in Objects fields where we show all nodes
  * without permission filtering
  * @param  array   &$p
  * @return varchar
  */
 protected function getSecuritySetsParam(&$p)
 {
     $rez = '';
     if (!Security::isAdmin() && empty($p['skipSecurity'])) {
         $pids = false;
         if (!empty($p['pid'])) {
             $pids = $p['pid'];
         } elseif (!empty($p['pids'])) {
             $pids = $p['pids'];
         }
         $sets = Security::getSecuritySets(false, 5, $pids);
         if (!empty($sets)) {
             $rez = 'security_set_id:(' . implode(' OR ', $sets) . ') OR oid:' . User::getId();
         } else {
             //for created users that doesnt belong to any group
             //and dont have any security sets associated
             $rez = '!security_set_id:[* TO *]';
         }
     }
     return $rez;
 }