/** * @deprecated */ public function permission_db_authorized_ugroups($permission_type) { include_once 'www/project/admin/permissions.php'; $result = array(); $res = permission_db_authorized_ugroups($permission_type, $this->getId()); if (db_numrows($res) > 0) { while ($row = db_fetch_array($res)) { $result[] = $row; } return $result; } else { return false; } }
/** * userCanView - determine if the user can view this artifact. * * @param $my_user_id if not specified, use the current user id.. * @return boolean user_can_view. */ function userCanView($my_user_id = 0) { if (!$my_user_id) { $u = UserManager::instance()->getCurrentUser(); $my_user_id = $u->getId(); } else { $u = UserManager::instance()->getUserById($my_user_id); } // Super-user and Tracker admin have all rights to see even artfact that are restricted to all users if ($u->isSuperUser() || $u->isTrackerAdmin($this->ArtifactType->getGroupID(), $this->ArtifactType->getID())) { return true; } //Individual artifact permission $can_access = !$this->useArtifactPermissions(); if (!$can_access) { $res = permission_db_authorized_ugroups('TRACKER_ARTIFACT_ACCESS', $this->getID()); if (db_numrows($res) > 0) { while ($row = db_fetch_array($res)) { if (ugroup_user_is_member($my_user_id, $row['ugroup_id'], $this->ArtifactType->Group->getID(), $this->ArtifactType->getID())) { $can_access = true; } } } } if ($can_access) { // Full access $res = permission_db_authorized_ugroups('TRACKER_ACCESS_FULL', $this->ArtifactType->getID()); if (db_numrows($res) > 0) { while ($row = db_fetch_array($res)) { if (ugroup_user_is_member($my_user_id, $row['ugroup_id'], $this->ArtifactType->Group->getID(), $this->ArtifactType->getID())) { return true; } } } // 'submitter' access $res = permission_db_authorized_ugroups('TRACKER_ACCESS_SUBMITTER', $this->ArtifactType->getID()); if (db_numrows($res) > 0) { while ($row = db_fetch_array($res)) { if (ugroup_user_is_member($my_user_id, $row['ugroup_id'], $this->ArtifactType->Group->getID(), $this->ArtifactType->getID())) { // check that submitter is also a member if (ugroup_user_is_member($this->getSubmittedBy(), $row['ugroup_id'], $this->ArtifactType->Group->getID(), $this->ArtifactType->getID())) { return true; } } } } // 'assignee' access $res = permission_db_authorized_ugroups('TRACKER_ACCESS_ASSIGNEE', $this->ArtifactType->getID()); if (db_numrows($res) > 0) { while ($row = db_fetch_array($res)) { if (ugroup_user_is_member($my_user_id, $row['ugroup_id'], $this->ArtifactType->Group->getID(), $this->ArtifactType->getID())) { // check that one of the assignees is also a member if (ugroup_user_is_member($this->getValue('assigned_to'), $row['ugroup_id'], $this->ArtifactType->Group->getID(), $this->ArtifactType->getID())) { return true; } // multi-assigned to $multi_assigned = $this->getMultiAssignedTo(); if (is_array($multi_assigned)) { foreach ($multi_assigned as $assigned) { if (ugroup_user_is_member($assigned, $row['ugroup_id'], $this->ArtifactType->Group->getID(), $this->ArtifactType->getID())) { return true; } } } } } } } return false; }
/** * @param Project $project * Return a DB list of ugroup_ids authorized to access the given object */ private function getCurrentGitAdminPermissionsForProject(Project $project) { return permission_db_authorized_ugroups(Git::PERM_ADMIN, $project->getID()); }
/** * Get the list of people to notify when Watermarking is disabled * * Notify the Docman admins. * Current code is not really clean, but as there is no clean interface * for ugroups & permission manangement... * * @return Array */ public function getPeopleToNotifyWhenWatermarkingIsDisabled($item) { $res = permission_db_authorized_ugroups('PLUGIN_DOCMAN_ADMIN', $item->getGroupId()); if (db_numrows($res) == 0) { $res = permission_db_get_defaults('PLUGIN_DOCMAN_ADMIN'); } $admins = array(); $um = UserManager::instance(); while ($row = db_fetch_array($res)) { if ($row['ugroup_id'] < 101) { $sql = ugroup_db_get_dynamic_members($row['ugroup_id'], 0, $item->getGroupId()); } else { $sql = ugroup_db_get_members($row['ugroup_id']); } $res_members = db_query($sql); while ($row_members = db_fetch_array($res_members)) { $admins[] = $um->getUserById($row_members['user_id'])->getEmail(); } } return $admins; }
function plugin_tracker_permission_fetch_selection_field($permission_type, $object_id, $group_id, $html_name = "ugroups[]", $html_disabled = false, $selected = array()) { $html = ''; // Get ugroups already defined for this permission_type if (empty($selected)) { $res_ugroups = permission_db_authorized_ugroups($permission_type, $object_id); $nb_set = db_numrows($res_ugroups); } else { $res_ugroups = $selected; $nb_set = count($res_ugroups); } // Now retrieve all possible ugroups for this project, as well as the default values $sql = "SELECT ugroup_id,is_default FROM permissions_values WHERE permission_type='{$permission_type}'"; $res = db_query($sql); $predefined_ugroups = ''; $default_values = array(); if (db_numrows($res) < 1) { $html .= "<p><b>" . $GLOBALS['Language']->getText('global', 'error') . "</b>: " . $GLOBALS['Language']->getText('project_admin_permissions', 'perm_type_not_def', $permission_type); return $html; } else { while ($row = db_fetch_array($res)) { if ($predefined_ugroups) { $predefined_ugroups .= ' ,'; } $predefined_ugroups .= $row['ugroup_id']; if ($row['is_default']) { $default_values[] = $row['ugroup_id']; } } } $sql = "SELECT * FROM ugroup WHERE group_id=" . $group_id . " OR ugroup_id IN (" . $predefined_ugroups . ") ORDER BY ugroup_id"; $res = db_query($sql); $array = array(); while ($row = db_fetch_array($res)) { $name = util_translate_name_ugroup($row[1]); $array[] = array('value' => $row[0], 'text' => $name); } if (empty($selected)) { if ($nb_set) { $res_ugroups = util_result_column_to_array($res_ugroups); } else { $res_ugroups = $default_values; } } $html .= html_build_multiple_select_box($array, $html_name, $res_ugroups, 8, false, util_translate_name_ugroup('ugroup_nobody_name_key'), false, '', false, '', false, CODENDI_PURIFIER_CONVERT_HTML, $html_disabled); return $html; }
public function permission_db_authorized_ugroups($permission_type) { $result = array(); $res = permission_db_authorized_ugroups($permission_type, $this->getId()); if (db_numrows($res) > 0) { while ($row = db_fetch_array($res)) { $result[] = $row; } return $result; } else { return false; } }
public function fetchCriteriaValue($criteria) { $hp = Codendi_HTMLPurifier::instance(); $html = ''; $criteria_value = $this->getCriteriaValue($criteria); $multiple = ' '; $size = ' '; $name = "criteria[{$this->id}][values][]"; //Field values $permission_type = 'PLUGIN_TRACKER_ARTIFACT_ACCESS'; $object_id = 0; $group_id = $this->getTracker()->getGroupId(); //TODO :From permissions.php // Get ugroups already defined for this permission_type $res_ugroups = permission_db_authorized_ugroups($permission_type, $object_id); $nb_set = db_numrows($res_ugroups); // Now retrieve all possible ugroups for this project, as well as the default values $sql = "SELECT ugroup_id,is_default FROM permissions_values WHERE permission_type='{$permission_type}'"; $res = db_query($sql); $predefined_ugroups = ''; $default_values = array(); if (db_numrows($res) < 1) { $html .= "<p><b>" . $GLOBALS['Language']->getText('global', 'error') . "</b>: " . $GLOBALS['Language']->getText('project_admin_permissions', 'perm_type_not_def', $permission_type); return $html; } else { while ($row = db_fetch_array($res)) { if ($predefined_ugroups) { $predefined_ugroups .= ' ,'; } $predefined_ugroups .= $row['ugroup_id']; if ($row['is_default']) { $default_values[] = $row['ugroup_id']; } } } $sql = "SELECT * FROM ugroup WHERE group_id=" . $group_id . " OR ugroup_id IN (" . $predefined_ugroups . ") ORDER BY ugroup_id"; $res = db_query($sql); $array = array(); while ($row = db_fetch_array($res)) { $name_ugroup = util_translate_name_ugroup($row[1]); $array[] = array('value' => $row[0], 'text' => $name_ugroup); } //end permissions.php if ($criteria->is_advanced) { $multiple = ' multiple="multiple" '; $size = ' size="' . min(7, count($array) + 2) . '" '; } $html .= '<select id="tracker_report_criteria_' . ($criteria->is_advanced ? 'adv_' : '') . $this->id . '" name="' . $name . '" ' . $size . $multiple . '>'; //Any value $selected = count($criteria_value) ? '' : 'selected="selected"'; $html .= '<option value="" ' . $selected . '>' . $GLOBALS['Language']->getText('global', 'any') . '</option>'; //None value $selected = isset($criteria_value[100]) ? 'selected="selected"' : ''; $html .= '<option value="100" ' . $selected . '>' . $GLOBALS['Language']->getText('global', 'none') . '</option>'; foreach ($array as $value) { $id = $value['value']; $selected = isset($criteria_value[$id]) ? 'selected="selected"' : ''; $html .= '<option value="' . $value['value'] . '">'; $html .= $value['text']; $html .= '</option>'; } $html .= '</select>'; return $html; }
/** * Return true if the user has one of his ugroups with ADMIN permission on docman * @return boolean * @access protected */ function _isUserDocmanAdmin($user) { require_once 'www/project/admin/permissions.php'; $has_permission = false; $permission_type = 'PLUGIN_DOCMAN_ADMIN'; $object_id = $this->groupId; // permissions set for this object. $res = permission_db_authorized_ugroups($permission_type, (int) $object_id); if (db_numrows($res) < 1 && $permission_type == 'PLUGIN_DOCMAN_ADMIN') { // No ugroup defined => no permissions set => get default permissions only for admin permission $res = permission_db_get_defaults($permission_type); } while (!$has_permission && ($row = db_fetch_array($res))) { // should work even for anonymous users $has_permission = ugroup_user_is_member($user->getId(), $row['ugroup_id'], $this->groupId); } return $has_permission; }
public function permission_db_authorized_ugroups($permission_type) { if (!isset($this->cached_permission_authorized_ugroups)) { $this->cached_permission_authorized_ugroups = array(); $res = permission_db_authorized_ugroups($permission_type, $this->getId()); if (db_numrows($res) > 0) { while ($row = db_fetch_array($res)) { $this->cached_permission_authorized_ugroups[] = $row; } } } return $this->cached_permission_authorized_ugroups; }
private function getLastChangesetValues($artifact_id) { $user_group_ids = array(); $db_res = permission_db_authorized_ugroups(self::PERMISSION_TYPE, $artifact_id); while ($row = db_fetch_array($db_res)) { $user_group_ids[] = $row['ugroup_id']; } return $user_group_ids; }
/** * Log permission change in project history */ function permission_add_history($group_id, $permission_type, $object_id) { global $Language; $res = permission_db_authorized_ugroups($permission_type, $object_id); $type = permission_get_object_type($permission_type, $object_id); $name = permission_get_object_name($permission_type, $object_id); if (db_numrows($res) < 1) { // No ugroup defined => no permissions set group_add_history('perm_reset_for_' . $type, 'default', $group_id, array($name)); return; } $ugroup_list = ''; while ($row = db_fetch_array($res)) { if ($ugroup_list) { $ugroup_list .= ', '; } $ugroup_list .= ugroup_get_name_from_id($row['ugroup_id']); } group_add_history('perm_granted_for_' . $type, $ugroup_list, $group_id, array($name)); }
function news_read_permissions($forum_id) { /* Takes forum_id and reads the permission of the corresponding news. Returns a result set. */ return permission_db_authorized_ugroups('NEWS_READ', $forum_id); }