static function createDefaultUserPermissionsAllDimension(Contact $user, $dimension_id, $remove_previous = true) { $role_id = $user->getUserType(); $permission_group_id = $user->getPermissionGroupId(); $dimension = Dimensions::getDimensionById($dimension_id); if (!$dimension instanceof Dimension || !$dimension->getDefinesPermissions()) { return; } try { DB::beginWork(); $shtab_permissions = array(); $new_permissions = array(); $role_permissions = self::findAll(array('conditions' => 'role_id = ' . $role_id)); $members = Members::findAll(array('conditions' => 'dimension_id = ' . $dimension_id)); foreach ($members as $member) { $member_id = $member->getId(); if ($remove_previous) { ContactMemberPermissions::delete("permission_group_id = {$permission_group_id} AND member_id = {$member_id}"); } foreach ($role_permissions as $role_perm) { if ($member->canContainObject($role_perm->getObjectTypeId())) { $cmp = new ContactMemberPermission(); $cmp->setPermissionGroupId($permission_group_id); $cmp->setMemberId($member_id); $cmp->setObjectTypeId($role_perm->getObjectTypeId()); $cmp->setCanDelete($role_perm->getCanDelete()); $cmp->setCanWrite($role_perm->getCanWrite()); $cmp->save(); $new_permissions[] = $cmp; $perm = new stdClass(); $perm->m = $member_id; $perm->r = 1; $perm->w = $role_perm->getCanWrite(); $perm->d = $role_perm->getCanDelete(); $perm->o = $role_perm->getObjectTypeId(); $shtab_permissions[] = $perm; } } } if (count($shtab_permissions)) { $stCtrl = new SharingTableController(); $stCtrl->afterPermissionChanged($permission_group_id, $shtab_permissions); } DB::commit(); return $new_permissions; } catch (Exception $e) { DB::rollback(); throw $e; } }
function delete() { // delete system permissions SystemPermissions::delete("`permission_group_id` = ".$this->getId()); // delete member permissions ContactMemberPermissions::delete("`permission_group_id` = ".$this->getId()); // delte dimension permissions ContactDimensionPermissions::delete("`permission_group_id` = ".$this->getId()); // delete contact_permission_group entries ContactPermissionGroups::delete("`permission_group_id` = ".$this->getId()); // delete tab panel permissions TabPanelPermissions::delete("`permission_group_id` = ".$this->getId()); parent::delete(); }
function delete() { if (!can_manage_dimension_members(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $member = Members::findById(get_id()); if (!$member instanceof Member) { ajx_current("empty"); return; } $ret = array(); Hook::fire('check_additional_member_permissions', array('action' => 'delete', 'member' => $member, 'pg_id' => logged_user()->getPermissionGroupId()), $ret); if (count($ret) > 0 && !array_var($ret, 'ok')) { flash_error(array_var($ret, 'message')); ajx_current("empty"); return; } try { DB::beginWork(); if (!$member->canBeDeleted($error_message)) { throw new Exception($error_message); } $dim_id = $member->getDimensionId(); // Remove from sharing table $sqlDeleteSharingTable = "DELETE sh FROM `" . TABLE_PREFIX . "sharing_table` sh\r\n\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . TABLE_PREFIX . "object_members` om\r\n\t\t\t\t\t\t\t\t\t\tON om.object_id = sh.object_id\r\n\t\t\t\t\t\t\t\t\t\tWHERE om.member_id = " . $member->getId() . " AND om.is_optimization = 0;"; DB::execute($sqlDeleteSharingTable); $affectedObjectsRows = DB::executeAll("SELECT distinct(object_id) AS object_id FROM " . TABLE_PREFIX . "object_members where member_id = " . $member->getId() . " AND is_optimization = 0"); if (is_array($affectedObjectsRows) && count($affectedObjectsRows) > 0) { $ids_str = ""; foreach ($affectedObjectsRows as $row) { $oid = $row['object_id']; $ids_str .= ($ids_str == "" ? "" : ",") . $oid; } add_multilple_objects_to_sharing_table($ids_str, logged_user()); } // remove member associations MemberPropertyMembers::delete('member_id = ' . $member->getId() . ' OR property_member_id = ' . $member->getId()); MemberRestrictions::delete('member_id = ' . $member->getId() . ' OR restricted_member_id = ' . $member->getId()); // remove from permissions tables ContactMemberPermissions::delete('member_id = ' . $member->getId()); PermissionContexts::delete('member_id = ' . $member->getId()); // remove associated content object if ($member->getObjectId() > 0) { $mobj = Objects::findObject($member->getObjectId()); if ($mobj instanceof ContentDataObject) { $mobj->delete(); } } // delete from object_members ObjectMembers::delete('member_id = ' . $member->getId()); Hook::fire('delete_member', $member, $ret); $parent_id = $member->getParentMemberId(); $ok = $member->delete(false); if ($ok) { evt_add("reload dimension tree", array('dim_id' => $dim_id, 'node' => null)); evt_add("try to select member", array('dimension_id' => $dim_id, 'id' => $parent_id)); } DB::commit(); flash_success(lang('success delete member', $member->getName())); if (get_id('start')) { ajx_current("start"); } else { if (get_id('dont_reload')) { ajx_current("empty"); } else { ajx_current("reload"); } } } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); ajx_current("empty"); } }
function delete() { // change parent of child nodes $child_members = $this->getAllChildren(); if (is_array($child_members)) { $parent = $this->getParentMember(); foreach ($child_members as $child) { $child->setParentMemberId($this->getParentMemberId()); if ($parent instanceof Member) { $child->setDepth($parent->getDepth() + 1); } else { $child->setDepth(1); } $child->save(); } } // delete member restrictions MemberRestrictions::delete(array("`member_id` = ?", $this->getId())); MemberRestrictions::delete(array("`restricted_member_id` = ?", $this->getId())); // delete member properties MemberPropertyMembers::delete(array("`member_id` = ?", $this->getId())); MemberPropertyMembers::delete(array("`property_member_id` = ?", $this->getId())); // delete permissions ContactMemberPermissions::delete(array("member_id = ?", $this->getId())); // delete member objects (if they don't belong to another member) $sql = "SELECT `o`.`object_id` FROM `" . ObjectMembers::instance()->getTableName() . "` `o` WHERE `o`.`is_optimization`=0 AND `o`.`member_id`=" . $this->getId() . " AND NOT EXISTS (\n\t\t\tSELECT `om`.`object_id` FROM `" . ObjectMembers::instance()->getTableName() . "` `om` WHERE `om`.`object_id`=`o`.`object_id` AND `om`.`is_optimization`=0 AND `om`.`member_id`<>" . $this->getId() . ")"; $result = DB::execute($sql); $rows = $result->fetchAll(); if (!is_null($rows)) { foreach ($rows as $row) { $obj = Objects::findById(array_var($row, 'object_id')); $obj->delete(); } } // delete object if member is a dimension_object if ($this->getObjectId()) { $object = Objects::findObject($this->getObjectId()); if ($object instanceof ContentDataObject) { $object->delete(); } } return parent::delete(); }
function delete() { if(!can_manage_dimension_members(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $member = Members::findById(get_id()); try { DB::beginWork(); if (!$member->canBeDeleted($error_message)) { throw new Exception($error_message); } $dim_id = $member->getDimensionId(); // Remove from shring table SharingTables::instance()->delete(" object_id IN ( SELECT distinct(object_id) FROM ".TABLE_PREFIX."object_members WHERE member_id = ".$member->getId()." AND is_optimization = 0 ) "); $affectedObjectsRows = DB::executeAll("SELECT distinct(object_id) AS object_id FROM ".TABLE_PREFIX."object_members where member_id = ".$member->getId()." AND is_optimization = 0") ; if (is_array($affectedObjectsRows) && count($affectedObjectsRows) > 0) { foreach ( $affectedObjectsRows as $row ) { $oid = $row['object_id']; $object = Objects::findObject($row['object_id']); // return an instance of Message, contact, etc. /* @var $object ContentDataObject */ if ($object instanceof ContentDataObject) { $object->addToSharingTable(); } } } // remove member associations MemberPropertyMembers::delete('member_id = '.$member->getId().' OR property_member_id = '.$member->getId()); MemberRestrictions::delete('member_id = '.$member->getId().' OR restricted_member_id = '.$member->getId()); // remove from permissions tables ContactMemberPermissions::delete('member_id = '.$member->getId()); PermissionContexts::delete('member_id = '.$member->getId()); // remove associated content object if ($member->getObjectId() > 0) { $mobj = Objects::findObject($member->getObjectId()); if ($mobj instanceof ContentDataObject) $mobj->delete(); } // delete from object_members ObjectMembers::delete('member_id = '.$member->getId()); Hook::fire('delete_member', $member, $ret); // ApplicationLogs::createLog($member, ApplicationLogs::ACTION_DELETE, false, true); $ok = $member->delete(false); if ($ok) { evt_add("reload dimension tree", array('dim_id' => $dim_id, 'node' => null)); evt_add("select dimension member", array('dim_id' => $dim_id, 'node' => 'root')); } DB::commit(); flash_success(lang('success delete member', $member->getName())); if (get_id('start')) { ajx_current("start"); } else { if (get_id('dont_reload')) { ajx_current("empty"); } else { ajx_current("reload"); } } } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); ajx_current("empty"); } }
static function createDefaultUserPermissionsAllDimension(Contact $user, $dimension_id, $remove_previous = true) { $role_id = $user->getUserType(); $permission_group_id = $user->getPermissionGroupId(); $dimension = Dimensions::getDimensionById($dimension_id); if (!$dimension instanceof Dimension || !$dimension->getDefinesPermissions()) return; try { $shtab_permissions = array(); $new_permissions = array(); $role_permissions = self::findAll(array('conditions' => 'role_id = '.$role_id)); $members = Members::findAll(array('conditions' => 'dimension_id = '.$dimension_id)); foreach ($members as $member) { $member_id = $member->getId(); if ($remove_previous) { ContactMemberPermissions::delete("permission_group_id = $permission_group_id AND member_id = $member_id"); } foreach ($role_permissions as $role_perm) { if ($member->canContainObject($role_perm->getObjectTypeId())) { $cmp = new ContactMemberPermission(); $cmp->setPermissionGroupId($permission_group_id); $cmp->setMemberId($member_id); $cmp->setObjectTypeId($role_perm->getObjectTypeId()); $cmp->setCanDelete($role_perm->getCanDelete()); $cmp->setCanWrite($role_perm->getCanWrite()); $cmp->save(); $new_permissions[] = $cmp; $perm = new stdClass(); $perm->m = $member_id; $perm->r = 1; $perm->w = $role_perm->getCanWrite(); $perm->d = $role_perm->getCanDelete(); $perm->o = $role_perm->getObjectTypeId(); $shtab_permissions[] = $perm; } } } if (count($shtab_permissions)) { $cdp = ContactDimensionPermissions::instance()->findOne(array('conditions' => "permission_group_id = '$permission_group_id' AND dimension_id = $dimension_id")); if (!$cdp instanceof ContactDimensionPermission) { $cdp = new ContactDimensionPermission(); $cdp->setPermissionGroupId($permission_group_id); $cdp->setContactDimensionId($dimension_id); $cdp->setPermissionType('check'); $cdp->save(); } else { if ($cdp->getPermissionType() == 'deny all') { $cdp->setPermissionType('check'); $cdp->save(); } } $stCtrl = new SharingTableController(); $stCtrl->afterPermissionChanged($permission_group_id, $shtab_permissions); } return $new_permissions; } catch (Exception $e) { throw $e; } }
function save_permissions($pg_id, $is_guest = false, $permissions_data = null, $save_cmps = true, $update_sharing_table = true, $fire_hook = true, $update_contact_member_cache = true, $users_ids_to_check = array(), $only_member_permissions = false) { if (is_null($permissions_data)) { // system permissions $sys_permissions_data = array_var($_POST, 'sys_perm'); // module permissions $mod_permissions_data = array_var($_POST, 'mod_perm'); // root permissions if ($rp_genid = array_var($_POST, 'root_perm_genid')) { $rp_permissions_data = array(); foreach ($_POST as $name => $value) { if (str_starts_with($name, $rp_genid . 'rg_root_')) { $rp_permissions_data[$name] = $value; } } } // member permissions $permissionsString = array_var($_POST, 'permissions'); } else { // system permissions $sys_permissions_data = array_var($permissions_data, 'sys_perm'); // module permissions $mod_permissions_data = array_var($permissions_data, 'mod_perm'); // root permissions $rp_genid = array_var($permissions_data, 'root_perm_genid'); $rp_permissions_data = array_var($permissions_data, 'root_perm'); // member permissions $permissionsString = array_var($permissions_data, 'permissions'); } try { DB::beginWork(); $changed_members = array(); // save module permissions if (!$only_member_permissions) { try { TabPanelPermissions::clearByPermissionGroup($pg_id, true); if (!is_null($mod_permissions_data) && is_array($mod_permissions_data)) { foreach ($mod_permissions_data as $tab_id => $val) { DB::execute("INSERT INTO " . TABLE_PREFIX . "tab_panel_permissions (permission_group_id,tab_panel_id) VALUES ('{$pg_id}','{$tab_id}') ON DUPLICATE KEY UPDATE permission_group_id=permission_group_id"); } } } catch (Exception $e) { Logger::log("Error saving module permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } $root_permissions_sharing_table_delete = array(); $root_permissions_sharing_table_add = array(); if (logged_user() instanceof Contact && can_manage_security(logged_user())) { try { if (!$only_member_permissions) { // save system permissions $system_permissions = SystemPermissions::findById($pg_id); if (!$system_permissions instanceof SystemPermission) { $system_permissions = new SystemPermission(); $system_permissions->setPermissionGroupId($pg_id); } $system_permissions->setAllPermissions(false); $other_permissions = array(); Hook::fire('add_user_permissions', $pg_id, $other_permissions); foreach ($other_permissions as $k => $v) { $system_permissions->setColumnValue($k, false); } // check max permissions for role, in case of modifying user's permissions $role_id = "-1"; $tmp_contact = Contacts::findOne(array('conditions' => 'permission_group_id = ' . $pg_id)); if ($tmp_contact instanceof Contact) { $role_id = $tmp_contact->getUserType(); } $max_role_system_permissions = MaxSystemPermissions::findOne(array('conditions' => 'permission_group_id = ' . $role_id)); if ($max_role_system_permissions instanceof MaxSystemPermission) { foreach ($sys_permissions_data as $col => &$val) { $max_val = $max_role_system_permissions->getColumnValue($col); if (!$max_val) { unset($sys_permissions_data[$col]); } } } // don't allow to write emails for collaborators and guests if ($tmp_contact instanceof Contact) { $user_type_name = $tmp_contact->getUserTypeName(); if (!in_array($user_type_name, array('Super Administrator', 'Administrator', 'Manager', 'Executive'))) { $mail_ot = ObjectTypes::findByName('mail'); if ($mail_ot instanceof ObjectType) { DB::executeAll("UPDATE " . TABLE_PREFIX . "contact_member_permissions SET can_write=0, can_delete=0 WHERE object_type_id=" . $mail_ot->getId() . " AND permission_group_id={$pg_id}"); } } } $sys_permissions_data['can_task_assignee'] = !$is_guest; $system_permissions->setFromAttributes($sys_permissions_data); $system_permissions->setUseOnDuplicateKeyWhenInsert(true); $system_permissions->save(); //object type root permissions $can_have_root_permissions = config_option('let_users_create_objects_in_root') && in_array($user_type_name, array('Super Administrator', 'Administrator', 'Manager', 'Executive')); if ($rp_genid && $can_have_root_permissions) { ContactMemberPermissions::delete("permission_group_id = {$pg_id} AND member_id = 0"); foreach ($rp_permissions_data as $name => $value) { if (str_starts_with($name, $rp_genid . 'rg_root_')) { $rp_ot = substr($name, strrpos($name, '_') + 1); if (is_numeric($rp_ot) && $rp_ot > 0 && $value == 0) { $root_permissions_sharing_table_delete[] = $rp_ot; } if (!is_numeric($rp_ot) || $rp_ot <= 0 || $value < 1) { continue; } $root_permissions_sharing_table_add[] = $rp_ot; // save with member_id = 0 $root_perm_cmp = new ContactMemberPermission(); $root_perm_cmp->setPermissionGroupId($pg_id); $root_perm_cmp->setMemberId('0'); $root_perm_cmp->setObjectTypeId($rp_ot); $root_perm_cmp->setCanWrite($value >= 2); $root_perm_cmp->setCanDelete($value >= 3); $root_perm_cmp->save(); } } } if (!$can_have_root_permissions) { ContactMemberPermissions::delete("permission_group_id = {$pg_id} AND member_id = 0"); $sh_controller = new SharingTableController(); $all_object_type_ids = ObjectTypes::findAll(array('id' => true)); $sh_controller->adjust_root_permissions($pg_id, array('root_permissions_sharing_table_delete' => $all_object_type_ids)); } } } catch (Exception $e) { Logger::log("Error saving system and root permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } // set all permissions to read_only if user is guest if ($is_guest) { try { $all_saved_permissions = ContactMemberPermissions::findAll(array("conditions" => "`permission_group_id` = {$pg_id}")); foreach ($all_saved_permissions as $sp) { /* @var $sp ContactMemberPermission */ if ($sp->getCanDelete() || $sp->getCanWrite()) { $sp->setCanDelete(false); $sp->setCanWrite(false); $sp->save(); } } $cdps = ContactDimensionPermissions::findAll(array("conditions" => "`permission_type` = 'allow all'")); foreach ($cdps as $cdp) { $cdp->setPermissionType('check'); $cdp->save(); } } catch (Exception $e) { Logger::log("Error setting guest user permissions to read_only for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } // check the status of the changed dimensions to set 'allow_all', 'deny_all' or 'check' try { $dimensions = Dimensions::findAll(array("conditions" => array("`id` IN (SELECT DISTINCT `dimension_id` FROM " . Members::instance()->getTableName(true) . " WHERE `id` IN (?))", $changed_members))); foreach ($dimensions as $dimension) { $dimension->setContactDimensionPermission($pg_id, 'check'); } } catch (Exception $e) { Logger::log("Error setting dimension permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } //member permissions if ($permissionsString && $permissionsString != '') { $permissions = json_decode($permissionsString); } if (isset($permissions) && !is_null($permissions) && is_array($permissions)) { try { $tmp_contact = Contacts::findOne(array('conditions' => 'permission_group_id = ' . $pg_id)); if ($tmp_contact instanceof Contact) { $user_type_name = $tmp_contact->getUserTypeName(); $role_id = $tmp_contact->getUserType(); $max_role_ot_perms = MaxRoleObjectTypePermissions::instance()->findAll(array('conditions' => "role_id = '{$role_id}'")); } $mail_ot = ObjectTypes::findByName('mail'); $sql_insert_values = ""; $member_object_types_to_delete = array(); $allowed_members_ids = array(); foreach ($permissions as &$perm) { if (!isset($all_perm_deleted[$perm->m])) { $all_perm_deleted[$perm->m] = true; } $allowed_members_ids[$perm->m] = array(); $allowed_members_ids[$perm->m]['pg'] = $pg_id; if ($perm->r) { if (isset($allowed_members_ids[$perm->m]['w'])) { if ($allowed_members_ids[$perm->m]['w'] != 1) { $allowed_members_ids[$perm->m]['w'] = $is_guest ? false : $perm->w; } } else { $allowed_members_ids[$perm->m]['w'] = $is_guest ? false : $perm->w; } if (isset($allowed_members_ids[$perm->m]['d'])) { if ($allowed_members_ids[$perm->m]['d'] != 1) { $allowed_members_ids[$perm->m]['d'] = $is_guest ? false : $perm->d; } } else { $allowed_members_ids[$perm->m]['d'] = $is_guest ? false : $perm->d; } // check max permissions for user type if ($tmp_contact instanceof Contact) { $max_perm = null; foreach ($max_role_ot_perms as $max_role_ot_perm) { if ($max_role_ot_perm->getObjectTypeId() == $perm->o) { $max_perm = $max_role_ot_perm; } } if ($max_perm) { if (!$max_perm->getCanDelete()) { $perm->d = 0; } if (!$max_perm->getCanWrite()) { $perm->w = 0; } } else { $perm->d = 0; $perm->w = 0; $perm->r = 0; } } if ($save_cmps) { // don't allow to write emails for collaborators and guests if ($tmp_contact instanceof Contact && !in_array($user_type_name, array('Super Administrator', 'Administrator', 'Manager', 'Executive'))) { if ($mail_ot instanceof ObjectType && $perm->o == $mail_ot->getId()) { $perm->d = 0; $perm->w = 0; } } $sql_insert_values .= ($sql_insert_values == "" ? "" : ",") . "('" . $pg_id . "','" . $perm->m . "','" . $perm->o . "','" . $perm->d . "','" . $perm->w . "')"; if (!isset($member_object_types_to_delete[$perm->m])) { $member_object_types_to_delete[$perm->m] = array(); } $member_object_types_to_delete[$perm->m][] = $perm->o; } $all_perm_deleted[$perm->m] = false; } else { if (is_numeric($perm->m) && is_numeric($perm->o)) { DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE member_id='" . $perm->m . "' AND object_type_id='" . $perm->o . "' AND permission_group_id={$pg_id}"); } } $changed_members[] = $perm->m; } if ($save_cmps) { if (count($all_perm_deleted) > 0) { $member_ids_to_delete = array(); foreach ($all_perm_deleted as $mid => $del) { // also check in contact_member_permissions $cmps = ContactMemberPermissions::findAll(array('conditions' => 'permission_group_id=' . $pg_id . " AND member_id={$mid}")); if ($del && (!is_array($cmps) || count($cmps) == 0)) { $member_ids_to_delete[] = $mid; } } if (count($member_ids_to_delete) > 0) { DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE member_id IN (" . implode(',', $member_ids_to_delete) . ") AND permission_group_id={$pg_id}"); } } foreach ($member_object_types_to_delete as $mid => $obj_type_ids) { if (count($obj_type_ids) > 0) { DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE member_id={$mid} AND object_type_id IN (" . implode(',', $obj_type_ids) . ") AND permission_group_id={$pg_id}"); } } if ($sql_insert_values != "") { DB::execute("INSERT INTO " . TABLE_PREFIX . "contact_member_permissions (permission_group_id, member_id, object_type_id, can_delete, can_write) VALUES {$sql_insert_values} ON DUPLICATE KEY UPDATE member_id=member_id"); } } } catch (Exception $e) { Logger::log("Error saving member permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } DB::commit(); } catch (Exception $e) { Logger::log("Error saving permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); DB::rollback(); } try { if (isset($permissions) && !is_null($permissions) && is_array($permissions)) { if ($update_sharing_table) { try { $sharingTablecontroller = new SharingTableController(); $rp_info = array('root_permissions_sharing_table_delete' => $root_permissions_sharing_table_delete, 'root_permissions_sharing_table_add' => $root_permissions_sharing_table_add); $sharingTablecontroller->afterPermissionChanged($pg_id, $permissions, $rp_info); } catch (Exception $e) { Logger::log("Error saving permissions to sharing table for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } if ($update_contact_member_cache) { try { $contactMemberCacheController = new ContactMemberCacheController(); $group = PermissionGroups::findById($pg_id); $real_group = null; if ($group->getType() == 'user_groups') { $real_group = $group; } $users = $group->getUsers(); $users_ids_checked = array(); foreach ($users as $us) { $users_ids_checked[] = $us->getId(); $contactMemberCacheController->afterUserPermissionChanged($us, $permissions, $real_group); } //check all users related to the group foreach ($users_ids_to_check as $us_id) { if (!in_array($us_id, $users_ids_checked)) { $users_ids_checked[] = $us_id; $us = Contacts::findById($us_id); if ($us instanceof Contact) { $contactMemberCacheController->afterUserPermissionChanged($us, $permissions, $real_group); } } } } catch (Exception $e) { Logger::log("Error saving permissions to contact member cache for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } } } catch (Exception $e) { Logger::log("Error saving module permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); } if ($fire_hook) { Hook::fire('after_save_contact_permissions', $pg_id, $pg_id); } // remove contact object from members where permissions were deleted $user = Contacts::findOne(array('conditions' => 'permission_group_id=' . $pg_id)); if ($user instanceof Contact) { $to_remove = array(); if (isset($all_perm_deleted) && is_array($all_perm_deleted)) { foreach ($all_perm_deleted as $m_id => $must_remove) { if ($must_remove) { $to_remove[] = $m_id; } } ObjectMembers::removeObjectFromMembers($user, logged_user(), null, $to_remove); } } }
function delete($check = true) { if ($check && !$this->canBeDeleted($error_message)) { throw new Exception($error_message); } // change parent of child nodes $child_members = $this->getAllChildren(); if (is_array($child_members)) { $parent = $this->getParentMember(); foreach($child_members as $child) { $child->setParentMemberId($this->getParentMemberId()); if ($parent instanceof Member) { $child->setDepth($parent->getDepth()+1); } else $child->setDepth(1); $child->save(); } } // delete member restrictions MemberRestrictions::delete(array("`member_id` = ?", $this->getId())); MemberRestrictions::delete(array("`restricted_member_id` = ?", $this->getId())); // delete member properties MemberPropertyMembers::delete(array("`member_id` = ?", $this->getId())); MemberPropertyMembers::delete(array("`property_member_id` = ?", $this->getId())); // delete permissions ContactMemberPermissions::delete(array("member_id = ?", $this->getId())); // delete member objects (if they don't belong to another member) $sql = "SELECT `o`.`object_id` FROM `".ObjectMembers::instance()->getTableName()."` `o` WHERE `o`.`is_optimization`=0 AND `o`.`member_id`=".$this->getId()." AND NOT EXISTS ( SELECT `om`.`object_id` FROM `".ObjectMembers::instance()->getTableName()."` `om` WHERE `om`.`object_id`=`o`.`object_id` AND `om`.`is_optimization`=0 AND `om`.`member_id`<>".$this->getId().")"; $result = DB::execute($sql); $rows = $result->fetchAll(); if (!is_null($rows)) { foreach ($rows as $row) { $obj = Objects::findById(array_var($row, 'object_id')); $obj->delete(); } } // clean object_members ObjectMembers::delete("member_id = ".$this->getId()); // delete object if member is a dimension_object if ($this->getObjectId()) { $object = Objects::findObject($this->getObjectId()); if ($object instanceof ContentDataObject) $object->delete(); } ApplicationLogs::createLog($this, ApplicationLogs::ACTION_DELETE, false, true, true, 'member deleted'); return parent::delete(); }