示例#1
0
 public function post_permissions($component = false)
 {
     $parameters = array();
     $query = new DeleteQuery('Permission');
     $query->filter("`role` != 'nobody'")->filter("`role` != 'superadmin'");
     if ($component) {
         $query->filter('`subject` = :component');
         $parameters[':component'] = class_for_url($component);
     }
     $result = $query->execute($parameters);
     if ($result === false) {
         Backend::addError('Could not empty permissions table');
         return false;
     }
     $permission = new PermissionObj();
     $count = 0;
     foreach (Controller::getPayload() as $key => $roles) {
         if (strpos($key, '::') === false) {
             continue;
         }
         list($subject, $action) = explode('::', $key, 2);
         foreach ($roles as $role => $value) {
             $data = array('subject' => $subject, 'action' => $action, 'role' => $role);
             if ($permission->replace($data)) {
                 $count++;
             }
         }
     }
     return $count;
 }
示例#2
0
 public static function dropAccess($access_type, $access_id)
 {
     $params = array(':access_type' => $access_type, ':access_id' => $access_id);
     $query = new DeleteQuery('Assignment');
     $query->filter('`access_type` = :access_type')->filter('`access_id` = :access_id');
     $result = $query->execute($params) !== false ? true : false;
     return $result;
 }
示例#3
0
    public static function purgeUnconfirmed()
    {
        $query = new DeleteQuery('BackendUser');
        $query->filter('`confirmed` = 0')->filter('`added` < DATE_SUB(DATE(NOW()), INTERVAL 1 WEEK)');
        $deleted = $query->execute();
        Backend::addSuccess($deleted . ' unconfirmed users deleted');
        if ($deleted) {
            send_email(ConfigValue::get('author.Email', ConfigValue::get('application.Email', 'info@' . SITE_DOMAIN)), 'Unconfirmed Users purged: ' . $deleted, $deleted . ' users were deleted from the database.
They were unconfirmed, and more than a week old

Site Admin
');
        }
        return true;
    }
示例#4
0
 public static function install(array $options = array())
 {
     if (!Backend::getDB('default')) {
         return true;
     }
     $class = get_called_class();
     if (!$class || !class_exists($class, true)) {
         return false;
     }
     //Purge permissions first
     $query = new DeleteQuery('Permission');
     $query->filter('`subject` = :subject')->filter('`system` = 0');
     $query->execute(array(':subject' => class_for_url($class)));
     $methods = get_class_methods($class);
     $methods = array_filter($methods, create_function('$var', '$temp = explode(\'_\', $var, 2); return count($temp) == 2 && in_array(strtolower($temp[0]), array(\'action\', \'get\', \'post\', \'put\', \'delete\'));'));
     $methods = array_map(create_function('$var', 'return preg_replace(\'/^(action|get|post|put|delete)_/\', \'\', $var);'), $methods);
     $result = true;
     foreach ($methods as $action) {
         $result = Permission::add('nobody', $action, class_for_url($class)) && $result;
     }
     return $result;
 }
示例#5
0
 public function getDeleteSQL()
 {
     if (!$id) {
         return false;
     }
     extract($this->meta);
     $query = new DeleteQuery($this);
     $query->filter("`{$table}`.`{$id_field}` = :{$table}_id LIMIT 1");
     //Check Ownership
     /*
     TODO
     if (array_key_exists('owner_id', $this->meta['fields'])) {
         if ($user = BackendUser::check()) {
             if (!in_array('superadmin', $user->roles)) {
                 $query->filter("`{$this->meta['table']}`.`owner_id` = :owner_id");
                 $q_params[':owner_id'] = $user->id;
             }
         }
     }
     */
     return $query;
 }
示例#6
0
 public static function forget($user)
 {
     $query = new DeleteQuery('PersistUser');
     $query->filter('`user_id` = :id');
     $query->execute(array(':id' => $user->id));
 }