function &create_for_group($group_id, $action, $item_type, $item_id)
{
$search_base = new AMP_System_Permission_Item($this->dbcon);
$items = $search_base->find(array('group' => $group_id, 'action' => $action, 'target_type' => $item_type, 'target_id' => $item_id, 'allow' => 1));
if ($items && !empty($items)) {
$found = current($items);
return $found;
}
$item = new AMP_System_Permission_Item(AMP_Registry::getDbcon());
$item->setDefaults();
$item->mergeData(array('action' => $action, 'target_type' => $item_type, 'target_id' => $item_id, 'group_id' => $group_id, 'allow' => true));
$result = $item->save();
if (!$result) {
return false;
}
return $item->id;
}
function _updateSections()
{
$root_section = $this->getData('root_section_id');
$allowed_base = array();
if ($root_section && $root_section != AMP_CONTENT_SECTION_ID_ROOT) {
$map = AMPContent_Map::instance();
$allowed_by_root = $map->getDescendants($root_section);
$allowed_base = array_flip($allowed_by_root);
}
$allowed_sections = $this->getData('sections');
if (!$allowed_sections) {
$allowed_sections = $allowed_base;
}
$actual_sections = $this->_readSections();
$new_section_ids = array_diff(array_keys($allowed_sections), array_keys($actual_sections));
$new_sections = array_combine_key($new_section_ids, AMP_lookup('sectionMap'));
$deleted_section_ids = array_diff(array_keys($actual_sections), array_keys($allowed_sections));
$deleted_sections = array_combine_key($deleted_section_ids, AMP_lookup('sectionMap'));
if (empty($new_sections) && empty($deleted_sections)) {
return true;
}
//$visible_sections = AMP_lookup( 'sectionMap');
require_once 'AMP/System/Permission/Item/Item.php';
foreach ($new_sections as $section_id => $section_name) {
$item = AMP_System_Permission_Item::create_for_group($this->id, 'access', 'section', $section_id);
unset($item);
}
$permissions_lookup = AMP_lookup('SectionPermissionItemsByGroup', $this->id);
foreach ($deleted_sections as $section_id => $section_name) {
if (!$permissions_lookup) {
continue;
}
if (!($permission_item_id = array_search($section_id, $permissions_lookup))) {
continue;
}
$item = new AMP_System_Permission_Item($this->dbcon, $permission_item_id);
$item->delete();
unset($item);
}
}
function _create_permission_values()
{
$groups = AMP_lookup('permissionGroups');
foreach ($groups as $group_id => $name) {
$allowed_sections_source = new AMPSystemLookup_SectionsByGroup($group_id);
$allowed_sections = $allowed_sections_source->dataset;
//AMP_lookup( 'sectionsByGroup', $group_id );
if (!$allowed_sections) {
//all sections are allowed this group by default
continue;
}
//if group has restrictions
$parent_id = $this->getParent();
$current_user = AMP_current_user();
if ($current_user && $current_user->getGroup() == $group_id) {
$allow_new_section = true;
} elseif ($parent_id == AMP_CONTENT_MAP_ROOT_SECTION) {
$map = AMPContent_Map::instance();
$siblings = $map->getChildren(AMP_CONTENT_MAP_ROOT_SECTION);
$allowed_siblings = array_combine_key($siblings, $allowed_sections);
$allow_new_section = count($siblings) == count($allowed_sections);
} else {
$allow_new_section = isset($allowed_sections[$parent_id]);
}
if ($allow_new_section) {
require_once 'AMP/System/Permission/Item/Item.php';
AMP_System_Permission_Item::create_for_group($group_id, 'access', 'section', $this->id);
}
}
AMP_permission_update();
}
