/**
* Method to get the field input markup for Access Control Lists.
* Optionally can be associated with a specific component and section.
*
* TODO: Add access check.
*
* @return string The field input markup.
*/
protected function getInput()
{
Behavior::tooltip();
// Initialise some field attributes.
$section = $this->element['section'] ? (string) $this->element['section'] : '';
$component = $this->element['component'] ? (string) $this->element['component'] : '';
$assetField = $this->element['asset_field'] ? (string) $this->element['asset_field'] : 'asset_id';
// Get the actions for the asset.
$actions = Access::getActions($component, $section);
// Iterate over the children and add to the actions.
foreach ($this->element->children() as $el) {
if ($el->getName() == 'action') {
$actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'], 'description' => (string) $el['description']);
}
}
// Get the explicit rules for this asset.
if ($section == 'component') {
// Need to find the asset id by the name of the component.
$db = App::get('db');
$query = $db->getQuery(true);
$query->select($db->quoteName('id'));
$query->from($db->quoteName('#__assets'));
$query->where($db->quoteName('name') . ' = ' . $db->quote($component));
$db->setQuery($query);
$assetId = (int) $db->loadResult();
if ($error = $db->getErrorMsg()) {
throw new Exception(500, $error);
}
} else {
// Find the asset id of the content.
// Note that for global configuration, com_config injects asset_id = 1 into the form.
$assetId = $this->form->getValue($assetField);
}
// Full width format.
// Get the rules for just this asset (non-recursive).
$assetRules = Access::getAssetRules($assetId);
// Get the available user groups.
$groups = $this->getUserGroups();
// Build the form control.
$curLevel = 0;
$lang = App::get('language');
// Prepare output
$html = array();
$html[] = '<div id="permissions-sliders" class="pane-sliders">';
$html[] = '<p class="rule-desc">' . $lang->txt('JLIB_RULES_SETTINGS_DESC') . '</p>';
$html[] = '<div id="permissions-rules">';
// Start a row for each user group.
foreach ($groups as $group) {
$difLevel = $group->level - $curLevel;
$html[] = '<h3 class="pane-toggler title"><a href="javascript:void(0);"><span>';
$html[] = str_repeat('<span class="level">|–</span> ', $curLevel = $group->level) . $group->text;
$html[] = '</span></a></h3>';
$html[] = '<div class="panel">';
$html[] = '<div class="pane-slider content pane-hide">';
$html[] = '<table class="group-rules">';
$html[] = '<thead>';
$html[] = '<tr>';
$html[] = '<th class="actions" id="actions-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . $lang->txt('JLIB_RULES_ACTION') . '</span>';
$html[] = '</th>';
$html[] = '<th class="settings" id="settings-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . $lang->txt('JLIB_RULES_SELECT_SETTING') . '</span>';
$html[] = '</th>';
// The calculated setting is not shown for the root group of global configuration.
$canCalculateSettings = $group->parent_id || !empty($component);
if ($canCalculateSettings) {
$html[] = '<th id="aclactionth' . $group->value . '">';
$html[] = '<span class="acl-action">' . $lang->txt('JLIB_RULES_CALCULATED_SETTING') . '</span>';
$html[] = '</th>';
}
$html[] = '</tr>';
$html[] = '</thead>';
$html[] = '<tbody>';
foreach ($actions as $action) {
$html[] = '<tr>';
$html[] = '<td headers="actions-th' . $group->value . '">';
$html[] = '<label class="hasTip" for="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . htmlspecialchars($lang->txt($action->title) . '::' . $lang->txt($action->description), ENT_COMPAT, 'UTF-8') . '">';
$html[] = $lang->txt($action->title);
$html[] = '</label>';
$html[] = '</td>';
$html[] = '<td headers="settings-th' . $group->value . '">';
$html[] = '<select name="' . $this->name . '[' . $action->name . '][' . $group->value . ']" id="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . $lang->txt('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', $lang->txt($action->title), trim($group->text)) . '">';
$inheritedRule = Access::checkGroup($group->value, $action->name, $assetId);
// Get the actual setting for the action for this group.
$assetRule = $assetRules->allow($action->name, $group->value);
// Build the dropdowns for the permissions sliders
// The parent group has "Not Set", all children can rightly "Inherit" from that.
$html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>' . $lang->txt(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
$html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . $lang->txt('JLIB_RULES_ALLOWED') . '</option>';
$html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . $lang->txt('JLIB_RULES_DENIED') . '</option>';
$html[] = '</select>  ';
// If this asset's rule is allowed, but the inherited rule is deny, we have a conflict.
if ($assetRule === true && $inheritedRule === false) {
$html[] = $lang->txt('JLIB_RULES_CONFLICT');
}
$html[] = '</td>';
// Build the Calculated Settings column.
// The inherited settings column is not displayed for the root group in global configuration.
if ($canCalculateSettings) {
$html[] = '<td headers="aclactionth' . $group->value . '">';
// This is where we show the current effective settings considering currrent group, path and cascade.
// Check whether this is a component or global. Change the text slightly.
if (Access::checkGroup($group->value, 'core.admin', $assetId) !== true) {
if ($inheritedRule === null) {
$html[] = '<span class="icon-16-unset">' . $lang->txt('JLIB_RULES_NOT_ALLOWED') . '</span>';
} elseif ($inheritedRule === true) {
$html[] = '<span class="icon-16-allowed">' . $lang->txt('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
if ($assetRule === false) {
$html[] = '<span class="icon-16-denied">' . $lang->txt('JLIB_RULES_NOT_ALLOWED') . '</span>';
} else {
$html[] = '<span class="icon-16-denied"><span class="icon-16-locked">' . $lang->txt('JLIB_RULES_NOT_ALLOWED_LOCKED') . '</span></span>';
}
}
} elseif (!empty($component)) {
$html[] = '<span class="icon-16-allowed"><span class="icon-16-locked">' . $lang->txt('JLIB_RULES_ALLOWED_ADMIN') . '</span></span>';
} else {
// Special handling for groups that have global admin because they can't be denied.
// The admin rights can be changed.
if ($action->name === 'core.admin') {
$html[] = '<span class="icon-16-allowed">' . $lang->txt('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
// Other actions cannot be changed.
$html[] = '<span class="icon-16-denied"><span class="icon-16-locked">' . $lang->txt('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span></span>';
} else {
$html[] = '<span class="icon-16-allowed"><span class="icon-16-locked">' . $lang->txt('JLIB_RULES_ALLOWED_ADMIN') . '</span></span>';
}
}
$html[] = '</td>';
}
$html[] = '</tr>';
}
$html[] = '</tbody>';
$html[] = '</table>';
$html[] = '</div></div>';
}
$html[] = '</div><div class="rule-notes">';
if ($section == 'component' || $section == null) {
$html[] = $lang->txt('JLIB_RULES_SETTING_NOTES');
} else {
$html[] = $lang->txt('JLIB_RULES_SETTING_NOTES_ITEM');
}
$html[] = '</div>';
$html[] = '</div>';
$js = "jQuery(document).ready(function(\$){\n\t\t\t\t\$('div#permissions-rules').accordion({\n\t\t\t\t\theightStyle: 'content'\n\t\t\t\t});\n\t\t\t});";
App::get('document')->addScriptDeclaration($js);
return implode("\n", $html);
}
/**
* Returns an action on a grid
*
* @param integer $i The row index
* @param string $task The task to fire
* @param mixed $prefix An optional task prefix or an array of options
* @param string $text An optional text to display
* @param string $active_title An optional active tooltip to display if $enable is true
* @param string $inactive_title An optional inactive tooltip to display if $enable is true
* @param boolean $tip An optional setting for tooltip
* @param string $active_class An optional active HTML class
* @param string $inactive_class An optional inactive HTML class
* @param boolean $enabled An optional setting for access control on the action.
* @param boolean $translate An optional setting for translation.
* @param string $checkbox An optional prefix for checkboxes.
* @return string The Html code
*/
public static function action($i, $task, $prefix = '', $text = '', $active_title = '', $inactive_title = '', $tip = false, $active_class = '', $inactive_class = '', $enabled = true, $translate = true, $checkbox = 'cb')
{
if (is_array($prefix)) {
$options = $prefix;
$text = array_key_exists('text', $options) ? $options['text'] : $text;
$active_title = array_key_exists('active_title', $options) ? $options['active_title'] : $active_title;
$inactive_title = array_key_exists('inactive_title', $options) ? $options['inactive_title'] : $inactive_title;
$tip = array_key_exists('tip', $options) ? $options['tip'] : $tip;
$active_class = array_key_exists('active_class', $options) ? $options['active_class'] : $active_class;
$inactive_class = array_key_exists('inactive_class', $options) ? $options['inactive_class'] : $inactive_class;
$enabled = array_key_exists('enabled', $options) ? $options['enabled'] : $enabled;
$translate = array_key_exists('translate', $options) ? $options['translate'] : $translate;
$checkbox = array_key_exists('checkbox', $options) ? $options['checkbox'] : $checkbox;
$prefix = array_key_exists('prefix', $options) ? $options['prefix'] : '';
}
if ($tip) {
Behavior::tooltip();
}
if ($enabled) {
$html[] = '<a class="jgrid' . ($tip ? ' hasTip' : '') . '"';
$html[] = ' href="javascript:void(0);" onclick="return listItemTask(\'' . $checkbox . $i . '\',\'' . $prefix . $task . '\')"';
$html[] = ' title="' . addslashes(htmlspecialchars($translate ? Lang::txt($active_title) : $active_title, ENT_COMPAT, 'UTF-8')) . '">';
$html[] = '<span class="state ' . $active_class . '">';
$html[] = $text ? '<span class="text">' . ($translate ? Lang::txt($text) : $text) . '</span>' : '';
$html[] = '</span>';
$html[] = '</a>';
} else {
$html[] = '<a class="jgrid' . ($tip ? ' hasTip' : '') . '"';
$html[] = ' title="' . addslashes(htmlspecialchars($translate ? Lang::txt($inactive_title) : $inactive_title, ENT_COMPAT, 'UTF-8')) . '">';
$html[] = '<span class="state ' . $inactive_class . '">';
$html[] = $text ? '<span class="text">' . ($translate ? Lang::txt($text) : $text) . '</span>' : '';
$html[] = '</span>';
$html[] = '</a>';
}
return implode($html);
}
/**
* Displays a calendar control field
*
* @param string $name
* @param string $value
* @param array $options
* @return string HTML markup for a calendar field
*/
public static function calendar($name, $value = null, $options = array())
{
static $done;
if ($done === null) {
$done = array();
}
$readonly = isset($options['readonly']) && $options['readonly'] == 'readonly';
$disabled = isset($options['disabled']) && $options['disabled'] == 'disabled';
$format = 'yy-mm-dd';
if (isset($options['format'])) {
$format = $options['format'] ? $options['format'] : $format;
unset($options['format']);
}
if (!isset($options['class'])) {
$options['class'] = 'calendar-field';
} else {
$options['class'] = ' calendar-field';
}
if (!$readonly && !$disabled) {
// Load the calendar behavior
Behavior::calendar();
Behavior::tooltip();
$id = self::getIdAttribute($name, $options);
// Only display the triggers once for each control.
if (!in_array($id, $done)) {
$format = $format == 'Y-m-d H:i:s' || $format == '%Y-%m-%d %H:%M:%S' || $format == 'Y-m-d' ? 'yy-mm-dd' : $format;
\App::get('document')->addScriptDeclaration("\n\t\t\t\t\tjQuery(document).ready(function(\$){\n\t\t\t\t\t\t\$('#" . $id . "').datetimepicker({\n\t\t\t\t\t\t\tduration: '',\n\t\t\t\t\t\t\tshowTime: true,\n\t\t\t\t\t\t\tconstrainInput: false,\n\t\t\t\t\t\t\tstepMinutes: 1,\n\t\t\t\t\t\t\tstepHours: 1,\n\t\t\t\t\t\t\taltTimeField: '',\n\t\t\t\t\t\t\ttime24h: true,\n\t\t\t\t\t\t\tdateFormat: '" . $format . "',\n\t\t\t\t\t\t\ttimeFormat: 'HH:mm:00'\n\t\t\t\t\t\t});\n\t\t\t\t\t});\n\t\t\t\t");
$done[] = $id;
}
return '<span class="input-datetime">' . self::text($name, $value, $options) . '</span>';
} else {
$value = 0 !== (int) $value ? with(new Date($value))->format('Y-m-d H:i:s') : '';
return self::text($name . 'disabled', 0 !== (int) $value ? with(new Date($value))->format('Y-m-d H:i:s') : '', $options) . self::hidden($name, $value, $options);
}
}
