/** * Edit group * * @param void * @return null */ function edit() { $this->setTemplate('add'); if (!can_manage_security(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } // if $group = PermissionGroups::findById(get_id()); if (!$group instanceof PermissionGroup) { flash_error(lang('group dnx')); $this->redirectTo('administration', 'groups'); } // if $group_data = array_var($_POST, 'group'); if (!is_array($group_data)) { $pg_id = $group->getId(); $parameters = permission_form_parameters($pg_id); // Module Permissions $module_permissions = TabPanelPermissions::findAll(array("conditions" => "`permission_group_id` = {$pg_id}")); $module_permissions_info = array(); foreach ($module_permissions as $mp) { $module_permissions_info[$mp->getTabPanelId()] = 1; } $all_modules = TabPanels::findAll(array("conditions" => "`enabled` = 1", "order" => "ordering")); $all_modules_info = array(); foreach ($all_modules as $module) { $all_modules_info[] = array('id' => $module->getId(), 'name' => lang($module->getTitle()), 'ot' => $module->getObjectTypeId()); } // System Permissions $system_permissions = SystemPermissions::findById($pg_id); tpl_assign('module_permissions_info', $module_permissions_info); tpl_assign('all_modules_info', $all_modules_info); tpl_assign('system_permissions', $system_permissions); tpl_assign('permission_parameters', $parameters); // users $group_users = array(); $cpgs = ContactPermissionGroups::findAll(array("conditions" => "`permission_group_id` = {$pg_id}")); foreach ($cpgs as $cpg) { $group_users[] = $cpg->getContactId(); } tpl_assign('groupUserIds', $group_users); tpl_assign('users', Contacts::getAllUsers()); tpl_assign('pg_id', $group->getId()); tpl_assign('group', $group); tpl_assign('group_data', array('name' => $group->getName())); add_page_action(lang('delete'), "javascript:if(confirm(lang('confirm delete group'))) og.openLink('" . $group->getDeleteUrl() . "');", 'ico-trash', null, null, true); } else { try { $group->setFromAttributes($group_data); DB::beginWork(); $group->save(); // set permissions $pg_id = $group->getId(); //save_permissions($pg_id); $gr_users = $group->getUsers(); $gr_users_ids = array(); if ($post_users = array_var($_POST, 'user')) { foreach ($post_users as $user_id => $val) { if ($val == '1' && is_numeric($user_id)) { $gr_users_ids[] = $user_id; } } } foreach ($gr_users as $us) { if (!in_array($us->getId(), $gr_users_ids)) { $gr_users_ids[] = $us->getId(); } } // save users ContactPermissionGroups::delete("`permission_group_id` = {$pg_id}"); if ($users = array_var($_POST, 'user')) { foreach ($users as $user_id => $val) { if ($val == '1' && is_numeric($user_id) && Contacts::findById($user_id) instanceof Contact) { $cpg = new ContactPermissionGroup(); $cpg->setPermissionGroupId($pg_id); $cpg->setContactId($user_id); $cpg->save(); } } } //ApplicationLogs::createLog($group, ApplicationLogs::ACTION_EDIT); DB::commit(); flash_success(lang('success edit group', $group->getName())); ajx_current("back"); } catch (Exception $e) { DB::rollback(); tpl_assign('error', $e); return; } try { save_user_permissions_background(logged_user(), $pg_id, false, $gr_users_ids); } catch (Exception $e) { tpl_assign('error', $e); } } }
/** * Show update permissions page * * @param void * @return null */ function update_permissions() { $user = Contacts::findById(get_id()); if (!($user instanceof Contact && $user->isUser()) || $user->getDisabled()) { flash_error(lang('user dnx')); ajx_current("empty"); return; } // if if (!$user->canUpdatePermissions(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } // if $redirect_to = array_var($_GET, 'redirect_to'); if (trim($redirect_to) == '' || !is_valid_url($redirect_to)) { $redirect_to = $user->getCardUserUrl(); } // if $sys_permissions_data = array_var($_POST, 'sys_perm'); if (!is_array($sys_permissions_data)) { $pg_id = $user->getPermissionGroupId(); $parameters = permission_form_parameters($pg_id); // Module Permissions $module_permissions = TabPanelPermissions::findAll(array("conditions" => "`permission_group_id` = {$pg_id}")); $module_permissions_info = array(); foreach ($module_permissions as $mp) { $module_permissions_info[$mp->getTabPanelId()] = 1; } $all_modules = TabPanels::findAll(array("conditions" => "`enabled` = 1", "order" => "ordering")); $all_modules_info = array(); foreach ($all_modules as $module) { $all_modules_info[] = array('id' => $module->getId(), 'name' => lang($module->getTitle()), 'ot' => $module->getObjectTypeId()); } // System Permissions $system_permissions = SystemPermissions::findById($pg_id); tpl_assign('module_permissions_info', $module_permissions_info); tpl_assign('all_modules_info', $all_modules_info); tpl_assign('system_permissions', $system_permissions); tpl_assign('permission_parameters', $parameters); $more_permissions = array(); Hook::fire('add_user_permissions', $pg_id, $more_permissions); tpl_assign('more_permissions', $more_permissions); // Permission Groups $groups = PermissionGroups::getNonPersonalSameLevelPermissionsGroups('`parent_id`,`id` ASC'); tpl_assign('groups', $groups); $roles = SystemPermissions::getAllRolesPermissions(); tpl_assign('roles', $roles); $tabs = TabPanelPermissions::getAllRolesModules(); tpl_assign('tabs_allowed', $tabs); tpl_assign('guest_groups', PermissionGroups::instance()->getGuestPermissionGroups()); } tpl_assign('user', $user); tpl_assign('redirect_to', $redirect_to); if (array_var($_POST, 'submitted') == 'submitted') { $user_data = array_var($_POST, 'user'); if (!is_array($user_data)) { $user_data = array(); } try { DB::beginWork(); $pg_id = $user->getPermissionGroupId(); $user->setUserType(array_var($user_data, 'type')); $user->save(); save_permissions($pg_id, $user->isGuest()); DB::commit(); flash_success(lang('success user permissions updated')); ajx_current("back"); } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); ajx_current("empty"); } } // if }
$member_permissions[$member_id] = array(); } $member_permissions[$member_id][] = array('o' => $p->getObjectTypeId(), 'w' => $p->getCanWrite(), 'd' => $p->getCanDelete(), 'r' => 1); } } } else { $pg_id = $contact->getPermissionGroupId(); tpl_assign('user', $contact); } $parameters = permission_form_parameters($pg_id); if ($contact->isNew()) { $parameters['root_permissions'] = $root_permissions; $parameters['member_permissions'] = $member_permissions; } // Module Permissions $module_permissions = TabPanelPermissions::findAll(array("conditions" => "`permission_group_id` = {$pg_id}")); $module_permissions_info = array(); foreach ($module_permissions as $mp) { $module_permissions_info[$mp->getTabPanelId()] = 1; } $all_modules = TabPanels::findAll(array("conditions" => "`enabled` = 1", "order" => "ordering")); $all_modules_info = array(); foreach ($all_modules as $module) { $all_modules_info[] = array('id' => $module->getId(), 'name' => lang($module->getTitle()), 'ot' => $module->getObjectTypeId()); } // System Permissions $system_permissions = SystemPermissions::findById($pg_id); tpl_assign('module_permissions_info', $module_permissions_info); tpl_assign('all_modules_info', $all_modules_info); if (!$system_permissions instanceof SystemPermission) { $system_permissions = new SystemPermission();