public function assignPermissions($userOrGroup, $permissions = [], $accessType = Key::ACCESS_TYPE_INCLUDE, $cascadeToChildren = true)
 {
     if (!$cascadeToChildren) {
         $this->setChildPermissionsToOverride();
     }
     $this->setPermissionsToOverride();
     if (is_array($userOrGroup)) {
         $pe = GroupCombinationEntity::getOrCreate($userOrGroup);
         // group combination
     } elseif ($userOrGroup instanceof User || $userOrGroup instanceof \Concrete\Core\User\UserInfo || $userOrGroup instanceof \Concrete\Core\User\User) {
         $pe = UserEntity::getOrCreate($userOrGroup);
     } elseif ($userOrGroup instanceof Entity) {
         $pe = $userOrGroup;
     } else {
         // group;
         $pe = GroupEntity::getOrCreate($userOrGroup);
     }
     foreach ($permissions as $pkHandle) {
         $pk = Key::getByHandle($pkHandle);
         $pk->setPermissionObject($this);
         $pa = $pk->getPermissionAccessObject();
         if (!is_object($pa)) {
             $pa = Access::create($pk);
         } elseif ($pa->isPermissionAccessInUse()) {
             $pa = $pa->duplicate();
         }
         $pa->addListItem($pe, false, $accessType);
         $pt = $pk->getPermissionAssignmentObject();
         $pt->assignPermissionAccess($pa);
     }
 }
Exemplo n.º 2
0
 public function add($data, $oID, $tax = 0, $taxIncluded = 0, $taxName = '')
 {
     $db = Database::get();
     $product = VividProduct::getByID($data['product']['pID']);
     $productName = $product->getProductName();
     $productPrice = $product->getActivePrice();
     $qty = $data['product']['qty'];
     if (!$product->pQtyUnlim) {
         $inStock = $product->getProductQty();
         $newStock = $inStock - $qty;
         $product->setProductQty($newStock);
     }
     $pID = $product->getProductID();
     $values = array($oID, $pID, $productName, $productPrice, $tax, $taxIncluded, $taxName, $qty);
     $db->Execute("INSERT INTO VividStoreOrderItems (oID,pID,oiProductName,oiPricePaid,oiTax,oiTaxIncluded,oiTaxName,oiQty) VALUES (?,?,?,?,?,?,?,?)", $values);
     $oiID = $db->lastInsertId();
     foreach ($data['productAttributes'] as $optionGroup => $selectedOption) {
         $optionGroupID = str_replace("pog", "", $optionGroup);
         $optionGroupName = VividProduct::getProductOptionGroupNameByID($optionGroupID);
         $optionValue = VividProduct::getProductOptionValueByID($selectedOption);
         $values = array($oiID, $optionGroupName, $optionValue);
         $db->Execute("INSERT INTO VividStoreOrderItemOptions (oiID,oioKey,oioValue) VALUES (?,?,?)", $values);
     }
     if ($product->hasDigitalDownload()) {
         $fileObjs = $product->getProductDownloadFileObjects();
         $fileObj = $fileObjs[0];
         $pk = \Concrete\Core\Permission\Key\FileKey::getByHandle('view_file');
         $pk->setPermissionObject($fileObj);
         $pao = $pk->getPermissionAssignmentObject();
         $u = new User();
         $uID = $u->getUserID();
         $ui = UserInfo::getByID($uID);
         $user = \Concrete\Core\Permission\Access\Entity\UserEntity::getOrCreate($ui);
         $pa = $pk->getPermissionAccessObject();
         if ($pa) {
             $pa->addListItem($user);
             $pao->assignPermissionAccess($pa);
         }
     }
 }
Exemplo n.º 3
0
 public function removePermissions($userOrGroup, $permissions = array())
 {
     if ($this->cInheritPermissionsFrom != 'OVERRIDE') {
         return;
     }
     if (is_array($userOrGroup)) {
         $pe = GroupCombinationPermissionAccessEntity::getOrCreate($userOrGroup);
         // group combination
     } elseif ($userOrGroup instanceof User || $userOrGroup instanceof UserInfo) {
         $pe = UserPermissionAccessEntity::getOrCreate($userOrGroup);
     } else {
         // group;
         $pe = GroupPermissionAccessEntity::getOrCreate($userOrGroup);
     }
     foreach ($permissions as $pkHandle) {
         $pk = PagePermissionKey::getByHandle($pkHandle);
         $pk->setPermissionObject($this);
         $pa = $pk->getPermissionAccessObject();
         if (is_object($pa)) {
             if ($pa->isPermissionAccessInUse()) {
                 $pa = $pa->duplicate();
             }
             $pa->removeListItem($pe);
             $pt = $pk->getPermissionAssignmentObject();
             $pt->assignPermissionAccess($pa);
         }
     }
 }
Exemplo n.º 4
0
 public function assignPermissions($userOrGroup, $permissions = array(), $accessType = FileSetPermissionKey::ACCESS_TYPE_INCLUDE)
 {
     $db = Loader::db();
     if ($this->fsID > 0) {
         $db->Execute("UPDATE FileSets SET fsOverrideGlobalPermissions = 1 WHERE fsID = ?", array($this->fsID));
         $this->fsOverrideGlobalPermissions = true;
     }
     if (is_array($userOrGroup)) {
         $pe = GroupCombinationPermissionAccessEntity::getOrCreate($userOrGroup);
         // group combination
     } else {
         if ($userOrGroup instanceof User || $userOrGroup instanceof \UserInfo) {
             $pe = UserPermissionAccessEntity::getOrCreate($userOrGroup);
         } else {
             // group;
             $pe = GroupPermissionAccessEntity::getOrCreate($userOrGroup);
         }
     }
     foreach ($permissions as $pkHandle) {
         $pk = PermissionKey::getByHandle($pkHandle);
         $pk->setPermissionObject($this);
         $pa = $pk->getPermissionAccessObject();
         if (!is_object($pa)) {
             $pa = PermissionAccess::create($pk);
         } else {
             if ($pa->isPermissionAccessInUse()) {
                 $pa = $pa->duplicate();
             }
         }
         $pa->addListItem($pe, false, $accessType);
         $pt = $pk->getPermissionAssignmentObject();
         $pt->assignPermissionAccess($pa);
     }
 }
 public function addNotifications()
 {
     $this->output(t('Adding notifications...'));
     $adminGroupEntity = GroupEntity::getOrCreate(\Group::getByID(ADMIN_GROUP_ID));
     $adminUserEntity = UserEntity::getOrCreate(\UserInfo::getByID(USER_SUPER_ID));
     $pk = Key::getByHandle('notify_in_notification_center');
     $pa = Access::create($pk);
     $pa->addListItem($adminUserEntity);
     $pa->addListItem($adminGroupEntity);
     $pt = $pk->getPermissionAssignmentObject();
     $pt->assignPermissionAccess($pa);
 }
Exemplo n.º 6
0
<?php

defined('C5_EXECUTE') or die("Access Denied.");
use Concrete\Core\Permission\Access\Entity\UserEntity as UserPermissionAccessEntity;
if (Loader::helper('validation/token')->validate('process')) {
    $js = Loader::helper('json');
    $obj = new stdClass();
    $ui = UserInfo::getByID($_REQUEST['uID']);
    if (is_object($ui)) {
        $pae = UserPermissionAccessEntity::getOrCreate($ui);
        $obj->peID = $pae->getAccessEntityID();
        $obj->label = $pae->getAccessEntityLabel();
    }
    echo $js->encode($obj);
}
Exemplo n.º 7
0
 private function assignFilePermissions()
 {
     foreach ($this->getOrderItems() as $orderItem) {
         $product = $orderItem->getProductObject();
         if ($product->hasDigitalDownload()) {
             $fileObjs = StoreProductFile::getFileObjectsForProduct($product);
             $fileObj = $fileObjs[0];
             $pk = \Concrete\Core\Permission\Key\FileKey::getByHandle('view_file');
             $pk->setPermissionObject($fileObj);
             $pao = $pk->getPermissionAssignmentObject();
             $u = new User();
             $uID = $u->getUserID();
             $ui = UserInfo::getByID($uID);
             $user = \Concrete\Core\Permission\Access\Entity\UserEntity::getOrCreate($ui);
             $pa = $pk->getPermissionAccessObject();
             if ($pa) {
                 $pa->addListItem($user);
                 $pao->assignPermissionAccess($pa);
             }
         }
     }
 }
Exemplo n.º 8
0
 public function assignPermissions($userOrGroup, $permissions = array(), $accessType = PagePermissionKey::ACCESS_TYPE_INCLUDE)
 {
     if ($this->cInheritPermissionsFrom != 'OVERRIDE') {
         $this->setPermissionsToManualOverride();
         $this->clearPagePermissions();
     }
     if (is_array($userOrGroup)) {
         $pe = GroupCombinationPermissionAccessEntity::getOrCreate($userOrGroup);
         // group combination
     } else {
         if ($userOrGroup instanceof User || $userOrGroup instanceof UserInfo) {
             $pe = UserPermissionAccessEntity::getOrCreate($userOrGroup);
         } else {
             // group;
             $pe = GroupPermissionAccessEntity::getOrCreate($userOrGroup);
         }
     }
     foreach ($permissions as $pkHandle) {
         $pk = PagePermissionKey::getByHandle($pkHandle);
         $pk->setPermissionObject($this);
         $pa = $pk->getPermissionAccessObject();
         if (!is_object($pa)) {
             $pa = PermissionAccess::create($pk);
         } else {
             if ($pa->isPermissionAccessInUse()) {
                 $pa = $pa->duplicate();
             }
         }
         $pa->addListItem($pe, false, $accessType);
         $pt = $pk->getPermissionAssignmentObject();
         $pt->assignPermissionAccess($pa);
     }
 }
 public function install_site_permissions()
 {
     $g1 = Group::getByID(GUEST_GROUP_ID);
     $g2 = Group::getByID(REGISTERED_GROUP_ID);
     $g3 = Group::getByID(ADMIN_GROUP_ID);
     $filesystem = new Filesystem();
     $folder = $filesystem->getRootFolder();
     $folder->assignPermissions($g1, ['view_file_folder_file']);
     $folder->assignPermissions($g3, ['view_file_folder_file', 'search_file_folder', 'edit_file_folder', 'edit_file_folder_file_properties', 'edit_file_folder_file_contents', 'copy_file_folder_files', 'edit_file_folder_permissions', 'delete_file_folder_files', 'delete_file_folder', 'add_file']);
     $u = new User();
     $u->saveConfig('NEWSFLOW_LAST_VIEWED', 'FIRSTRUN');
     // login
     $login = Page::getByPath('/login', "RECENT");
     $login->assignPermissions($g1, ['view_page']);
     // register
     $register = Page::getByPath('/register', "RECENT");
     $register->assignPermissions($g1, ['view_page']);
     // dashboard
     $dashboard = Page::getByPath('/dashboard', "RECENT");
     $dashboard->assignPermissions($g3, ['view_page']);
     // drafts
     $drafts = Page::getByPath('/!drafts', "RECENT");
     $drafts->assignPermissions($g3, ['view_page', 'view_page_versions', 'view_page_in_sitemap', 'preview_page_as_user', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_multilingual_settings', 'edit_page_theme', 'edit_page_template', 'edit_page_page_type', 'edit_page_permissions', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page', 'schedule_page_contents_guest_access']);
     $home = Page::getByID(1, "RECENT");
     $home->assignPermissions($g1, ['view_page']);
     $home->assignPermissions($g3, ['view_page_versions', 'view_page_in_sitemap', 'preview_page_as_user', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_multilingual_settings', 'edit_page_theme', 'edit_page_template', 'edit_page_page_type', 'edit_page_permissions', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page', 'schedule_page_contents_guest_access']);
     $config = \Core::make('config/database');
     $config->save('concrete.security.token.jobs', Core::make('helper/validation/identifier')->getString(64));
     $config->save('concrete.security.token.encryption', Core::make('helper/validation/identifier')->getString(64));
     $config->save('concrete.security.token.validation', Core::make('helper/validation/identifier')->getString(64));
     // group permissions
     $tree = GroupTree::get();
     $node = $tree->getRootTreeNodeObject();
     $permissions = ['search_users_in_group', 'edit_group', 'assign_group', 'add_sub_group', 'edit_group_permissions'];
     $adminGroupEntity = GroupPermissionAccessEntity::getOrCreate($g3);
     foreach ($permissions as $pkHandle) {
         $pk = PermissionKey::getByHandle($pkHandle);
         $pk->setPermissionObject($node);
         $pa = PermissionAccess::create($pk);
         $pa->addListItem($adminGroupEntity);
         $pt = $pk->getPermissionAssignmentObject();
         $pt->assignPermissionAccess($pa);
     }
     // conversation permissions
     $messageAuthorEntity = ConversationMessageAuthorEntity::getOrCreate();
     $guestEntity = GroupPermissionAccessEntity::getOrCreate($g1);
     $registeredEntity = GroupPermissionAccessEntity::getOrCreate($g2);
     $pk = PermissionKey::getByHandle('add_conversation_message');
     $pa = PermissionAccess::create($pk);
     $pa->addListItem($guestEntity);
     $pt = $pk->getPermissionAssignmentObject();
     $pt->assignPermissionAccess($pa);
     $pk = PermissionKey::getByHandle('add_conversation_message_attachments');
     $pa = PermissionAccess::create($pk);
     $pa->addListItem($guestEntity);
     $pt = $pk->getPermissionAssignmentObject();
     $pt->assignPermissionAccess($pa);
     $pk = PermissionKey::getByHandle('edit_conversation_message');
     $pa = PermissionAccess::create($pk);
     $pa->addListItem($messageAuthorEntity);
     $pa->addListItem($adminGroupEntity);
     $pt = $pk->getPermissionAssignmentObject();
     $pt->assignPermissionAccess($pa);
     $pk = PermissionKey::getByHandle('delete_conversation_message');
     $pa = PermissionAccess::create($pk);
     $pa->addListItem($messageAuthorEntity);
     $pa->addListItem($adminGroupEntity);
     $pt = $pk->getPermissionAssignmentObject();
     $pt->assignPermissionAccess($pa);
     $pk = PermissionKey::getByHandle('rate_conversation_message');
     $pa = PermissionAccess::create($pk);
     $pa->addListItem($registeredEntity);
     $pa->addListItem($adminGroupEntity);
     $pt = $pk->getPermissionAssignmentObject();
     $pt->assignPermissionAccess($pa);
     $permissions = ['edit_conversation_permissions', 'flag_conversation_message', 'approve_conversation_message'];
     foreach ($permissions as $pkHandle) {
         $pk = PermissionKey::getByHandle($pkHandle);
         $pa = PermissionAccess::create($pk);
         $pa->addListItem($adminGroupEntity);
         $pt = $pk->getPermissionAssignmentObject();
         $pt->assignPermissionAccess($pa);
     }
     // notification
     $adminUserEntity = UserEntity::getOrCreate(\UserInfo::getByID(USER_SUPER_ID));
     $pk = PermissionKey::getByHandle('notify_in_notification_center');
     $pa = PermissionAccess::create($pk);
     $pa->addListItem($adminUserEntity);
     $pa->addListItem($adminGroupEntity);
     $pt = $pk->getPermissionAssignmentObject();
     $pt->assignPermissionAccess($pa);
     try {
         Core::make('helper/file')->makeExecutable(DIR_BASE_CORE . '/bin/concrete5', 'all');
     } catch (\Exception $x) {
     }
 }