function &create_for_group($group_id, $action, $item_type, $item_id) { $search_base = new AMP_System_Permission_Item($this->dbcon); $items = $search_base->find(array('group' => $group_id, 'action' => $action, 'target_type' => $item_type, 'target_id' => $item_id, 'allow' => 1)); if ($items && !empty($items)) { $found = current($items); return $found; } $item = new AMP_System_Permission_Item(AMP_Registry::getDbcon()); $item->setDefaults(); $item->mergeData(array('action' => $action, 'target_type' => $item_type, 'target_id' => $item_id, 'group_id' => $group_id, 'allow' => true)); $result = $item->save(); if (!$result) { return false; } return $item->id; }
function _updateSections() { $root_section = $this->getData('root_section_id'); $allowed_base = array(); if ($root_section && $root_section != AMP_CONTENT_SECTION_ID_ROOT) { $map = AMPContent_Map::instance(); $allowed_by_root = $map->getDescendants($root_section); $allowed_base = array_flip($allowed_by_root); } $allowed_sections = $this->getData('sections'); if (!$allowed_sections) { $allowed_sections = $allowed_base; } $actual_sections = $this->_readSections(); $new_section_ids = array_diff(array_keys($allowed_sections), array_keys($actual_sections)); $new_sections = array_combine_key($new_section_ids, AMP_lookup('sectionMap')); $deleted_section_ids = array_diff(array_keys($actual_sections), array_keys($allowed_sections)); $deleted_sections = array_combine_key($deleted_section_ids, AMP_lookup('sectionMap')); if (empty($new_sections) && empty($deleted_sections)) { return true; } //$visible_sections = AMP_lookup( 'sectionMap'); require_once 'AMP/System/Permission/Item/Item.php'; foreach ($new_sections as $section_id => $section_name) { $item = AMP_System_Permission_Item::create_for_group($this->id, 'access', 'section', $section_id); unset($item); } $permissions_lookup = AMP_lookup('SectionPermissionItemsByGroup', $this->id); foreach ($deleted_sections as $section_id => $section_name) { if (!$permissions_lookup) { continue; } if (!($permission_item_id = array_search($section_id, $permissions_lookup))) { continue; } $item = new AMP_System_Permission_Item($this->dbcon, $permission_item_id); $item->delete(); unset($item); } }
function _create_permission_values() { $groups = AMP_lookup('permissionGroups'); foreach ($groups as $group_id => $name) { $allowed_sections_source = new AMPSystemLookup_SectionsByGroup($group_id); $allowed_sections = $allowed_sections_source->dataset; //AMP_lookup( 'sectionsByGroup', $group_id ); if (!$allowed_sections) { //all sections are allowed this group by default continue; } //if group has restrictions $parent_id = $this->getParent(); $current_user = AMP_current_user(); if ($current_user && $current_user->getGroup() == $group_id) { $allow_new_section = true; } elseif ($parent_id == AMP_CONTENT_MAP_ROOT_SECTION) { $map = AMPContent_Map::instance(); $siblings = $map->getChildren(AMP_CONTENT_MAP_ROOT_SECTION); $allowed_siblings = array_combine_key($siblings, $allowed_sections); $allow_new_section = count($siblings) == count($allowed_sections); } else { $allow_new_section = isset($allowed_sections[$parent_id]); } if ($allow_new_section) { require_once 'AMP/System/Permission/Item/Item.php'; AMP_System_Permission_Item::create_for_group($group_id, 'access', 'section', $this->id); } } AMP_permission_update(); }