public function act_permissions()
{
global $global;
include_once APPROOT . '3rd/phpgacl/gacl_api.class.php';
$gacl = new gacl_api(array('db' => $global['db'], 'db_table_prefix' => 'gacl_'));
//select role
$this->roles = acl_get_roles();
if (isset($_REQUEST['role'])) {
$this->role = $_REQUEST['role'];
}
//change role if requested
if (isset($_POST['change_role'])) {
$this->role = $_POST['role'];
}
if (!array_key_exists($this->role, $this->roles)) {
$this->role = key($this->roles);
}
$role_id = $gacl->get_group_id($this->role, NULL, 'ARO');
$role_name = $gacl->get_group_data($role_id, 'ARO');
$role_name = $role_name[3];
//list accessible modules
$options = $gacl->get_objects('crud', 0, 'ACO');
$this->crud = $options['crud'];
$group_id = $gacl->get_group_id('entities', 'Entities', 'AXO');
$entity_groups = $gacl->get_group_children($group_id, 'AXO', 'NO_RECURSE');
$this->entity_groups = array();
foreach ($entity_groups as $id) {
$group = $gacl->get_group_data($id, 'AXO');
$this->entity_groups[$group[2]] = _t($group[3]);
}
//get the deny list
$acl_list = array();
$this->select = array();
foreach ($this->entity_groups as $key => $group) {
$acl_id = $gacl->search_acl('crud', FALSE, FALSE, FALSE, $role_name, FALSE, FALSE, $group, FALSE);
if ($acl_id) {
$acl_list = array_merge($acl_list, $acl_id);
}
$acl = $gacl->get_acl($acl_id[0]);
if ($acl['allow'] == 0) {
$crud = $acl['aco']['crud'];
}
foreach ($this->crud as $opt) {
$this->select[$key . "_" . $opt] = true;
if (is_array($crud) && in_array($opt, $crud)) {
$this->select[$key . "_" . $opt] = false;
}
}
}
//list accessible entities
if ($_POST['change_permissions']) {
if ($this->role == 'admin') {
shnMessageQueue::addInformation(_t('YOU_CANNOT_CHANGE_THE_ADMINISTRATOR_PERMISSIONS_'));
} else {
$this->select = array();
foreach ($this->entity_groups as $key => $group) {
$crud = array();
foreach ($this->crud as $opt) {
if (!isset($_POST[$key . '_' . $opt])) {
array_push($crud, $opt);
}
$this->select[$key . "_" . $opt] = true;
if (is_array($crud) && in_array($opt, $crud)) {
$this->select[$key . "_" . $opt] = false;
}
}
$axo_id = $gacl->get_group_id($key, $group, 'AXO');
if (count($crud) > 0) {
$gacl->add_acl(array('crud' => $crud), NULL, array($role_id), NULL, array($axo_id), 0, 1);
}
}
//delete previous acls
foreach ($acl_list as $acl_id) {
$gacl->del_acl($acl_id);
}
}
}
}
public function act_permissions()
{
$gacl_api = acl_get_gacl_api();
$this->roles = acl_get_roles();
if (isset($_POST['update'])) {
foreach ($this->roles as $role_val => $role_name) {
if ($role_val == 'admin') {
continue;
}
$acl_id = $gacl_api->search_acl('access', 'access', FALSE, FALSE, $role_name, 'events', $this->event->event_record_number, FALSE, FALSE);
if (isset($_POST['roles']) && in_array($role_val, $_POST['roles'])) {
if (count($acl_id) == 0) {
$aro_grp = $gacl_api->get_group_id($role_val, $role_name, 'ARO');
$return = $gacl_api->add_acl(array('access' => array('access')), null, array($aro_grp), array('events' => array($this->event->event_record_number)), null, 1);
}
} else {
$gacl_api->del_acl($acl_id[0]);
}
}
set_redirect_header('events', 'permissions');
}
if (isset($_POST['add_user']) && $_POST['add_user'] != '') {
$username = $_POST['add_user'];
if (UserHelper::isUser($username)) {
$return = $gacl_api->add_acl(array('access' => array('access')), array("users" => array($username)), null, array('events' => array($this->event->event_record_number)), null, 1);
} else {
shnMessageQueue::addError(_t('USERID_DOES_NOT_EXISTS_'));
}
}
if (isset($_POST['remove_user'])) {
$acl_id = $gacl_api->search_acl('access', 'access', 'users', $_POST['remove_user'], FALSE, 'events', $this->event->event_record_number, FALSE, FALSE);
if (isset($acl_id[0])) {
$gacl_api->del_acl($acl_id[0]);
}
}
//populate checkboxes
$this->value = array();
foreach ($this->roles as $role_val => $role_name) {
$acl_id = $gacl_api->search_acl('access', 'access', FALSE, FALSE, $role_name, 'events', $this->event->event_record_number, FALSE, FALSE);
if (count($acl_id) > 0) {
$this->value[$role_val] = $role_val;
}
}
//get users with permissions
$this->users = acl_get_allowed_users($this->event->event_record_number);
}
