示例#1
0
 /**
  * Overloaded bind function to pre-process the params.
  *
  * @param   array  $array   Named array
  * @param   mixed  $ignore  Optional array or list of parameters to ignore
  *
  * @return  null|string  null is operation was satisfactory, otherwise returns an error
  *
  * @see     JTable:bind
  * @since   1.5
  */
 public function bind($array, $ignore = '')
 {
     $input = JFactory::getApplication()->input;
     $task = $input->getString('task', '');
     if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_autofilter') && $array['state'] == 1)) {
         $array['state'] = 0;
     }
     if ($array['id'] == 0) {
         $array['created_by'] = JFactory::getUser()->id;
     }
     if (isset($array['params']) && is_array($array['params'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['params']);
         $array['params'] = (string) $registry;
     }
     if (isset($array['metadata']) && is_array($array['metadata'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['metadata']);
         $array['metadata'] = (string) $registry;
     }
     if (!JFactory::getUser()->authorise('core.admin', 'com_autofilter.categorie.' . $array['id'])) {
         $actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_autofilter/access.xml', "/access/section[@name='categorie']/");
         $default_actions = JAccess::getAssetRules('com_autofilter.categorie.' . $array['id'])->getData();
         $array_jaccess = array();
         foreach ($actions as $action) {
             $array_jaccess[$action->name] = $default_actions[$action->name];
         }
         $array['rules'] = $this->JAccessRulestoArray($array_jaccess);
     }
     // Bind the rules for ACL where supported.
     if (isset($array['rules']) && is_array($array['rules'])) {
         $this->setRules($array['rules']);
     }
     return parent::bind($array, $ignore);
 }
 /**
  * Overloaded bind function to pre-process the params.
  *
  * @param    array        Named array
  *
  * @return    null|string    null is operation was satisfactory, otherwise returns an error
  * @see        JTable:bind
  * @since      1.5
  */
 public function bind($array, $ignore = '')
 {
     if (isset($array['params']) && is_array($array['params'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['params']);
         $array['params'] = (string) $registry;
     }
     if (isset($array['metadata']) && is_array($array['metadata'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['metadata']);
         $array['metadata'] = (string) $registry;
     }
     if (!JFactory::getUser()->authorise('core.admin', 'com_mapa.mapadevenezuela.' . $array['id'])) {
         $actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_mapa/access.xml', "/access/section[@name='mapadevenezuela']/");
         $default_actions = JAccess::getAssetRules('com_mapa.mapadevenezuela.' . $array['id'])->getData();
         $array_jaccess = array();
         foreach ($actions as $action) {
             $array_jaccess[$action->name] = $default_actions[$action->name];
         }
         $array['rules'] = $this->JAccessRulestoArray($array_jaccess);
     }
     //Bind the rules for ACL where supported.
     if (isset($array['rules']) && is_array($array['rules'])) {
         $this->setRules($array['rules']);
     }
     return parent::bind($array, $ignore);
 }
示例#3
0
 /**
  * Overloaded bind function to pre-process the params.
  *
  * @param   array  $array   Named array
  * @param   mixed  $ignore  Optional array or list of parameters to ignore
  *
  * @return  null|string  null is operation was satisfactory, otherwise returns an error
  *
  * @see     JTable:bind
  * @since   1.5
  */
 public function bind($array, $ignore = '')
 {
     // Support for multiple or not foreign key field: ingredients_id
     if (!empty($array['ingredients_id'])) {
         if (is_array($array['ingredients_id'])) {
             $array['ingredients_id'] = implode(',', $array['ingredients_id']);
         } else {
             if (strrpos($array['ingredients_id'], ',') != false) {
                 $array['ingredients_id'] = explode(',', $array['ingredients_id']);
             }
         }
     } else {
         $array['ingredients_id'] = '';
     }
     // Support for multiple or not foreign key field: recipe_id
     if (!empty($array['recipe_id'])) {
         if (is_array($array['recipe_id'])) {
             $array['recipe_id'] = implode(',', $array['recipe_id']);
         } else {
             if (strrpos($array['recipe_id'], ',') != false) {
                 $array['recipe_id'] = explode(',', $array['recipe_id']);
             }
         }
     } else {
         $array['recipe_id'] = '';
     }
     $input = JFactory::getApplication()->input;
     $task = $input->getString('task', '');
     if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_akrecipes') && $array['state'] == 1)) {
         $array['state'] = 0;
     }
     if ($array['id'] == 0) {
         $array['created_by'] = JFactory::getUser()->id;
     }
     if (isset($array['params']) && is_array($array['params'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['params']);
         $array['params'] = (string) $registry;
     }
     if (isset($array['metadata']) && is_array($array['metadata'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['metadata']);
         $array['metadata'] = (string) $registry;
     }
     if (!JFactory::getUser()->authorise('core.admin', 'com_akrecipes.ingredient997479.' . $array['id'])) {
         $actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_akrecipes/access.xml', "/access/section[@name='ingredient997479']/");
         $default_actions = JAccess::getAssetRules('com_akrecipes.ingredient997479.' . $array['id'])->getData();
         $array_jaccess = array();
         foreach ($actions as $action) {
             $array_jaccess[$action->name] = $default_actions[$action->name];
         }
         $array['rules'] = $this->JAccessRulestoArray($array_jaccess);
     }
     // Bind the rules for ACL where supported.
     if (isset($array['rules']) && is_array($array['rules'])) {
         $this->setRules($array['rules']);
     }
     return parent::bind($array, $ignore);
 }
示例#4
0
 function fetchElement($name, $value, &$node, $control_name)
 {
     // Must load admin language files
     $lang = JFactory::getLanguage();
     $lang->load("com_jevents", JPATH_ADMINISTRATOR);
     $db = JFactory::getDBO();
     $class = $node->attributes('class');
     if (!$class) {
         $class = "inputbox";
     }
     //jimport("joomla.html.html.list");
     $params = JComponentHelper::getParams("com_jevents");
     $db = JFactory::getDBO();
     $rules = JAccess::getAssetRules("com_jevents", true);
     $creatorgroups = $rules->getData();
     if (strpos($name, "jevadmin") === 0) {
         $action = "core.admin";
     } else {
         if (strpos($name, "jeveditor") === 0) {
             $action = "core.edit";
         } else {
             if (strpos($name, "jevpublisher") === 0) {
                 $action = "core.edit.state";
             } else {
                 if (strpos($name, "admin") === 0) {
                     $action = "core.edit.state";
                 } else {
                     $action = "core.create";
                 }
             }
         }
     }
     // need to merge the arrays because of stupid way Joomla checks super user permissions
     //$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups[$action]->getData());
     // use union orf arrays sincee getData no longer has string keys in the resultant array
     //$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData();
     // use union orf arrays sincee getData no longer has string keys in the resultant array
     $creatorgroupsdata = $creatorgroups["core.admin"]->getData();
     // take the higher permission setting
     foreach ($creatorgroups[$action]->getData() as $creatorgroup => $permission) {
         if ($permission) {
             $creatorgroupsdata[$creatorgroup] = $permission;
         }
     }
     $users = array(0);
     foreach ($creatorgroupsdata as $creatorgroup => $permission) {
         if ($permission == 1) {
             $users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
         }
     }
     $sql = "SELECT id AS value, name AS text FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
     $db->setQuery($sql);
     $users = $db->loadObjectList();
     $users2[] = JHTML::_('select.option', '0', '- ' . JText::_('SELECT_USER') . ' -');
     $users2 = array_merge($users2, $users);
     $users = JHTML::_('select.genericlist', $users2, $control_name . '[' . $name . ']', 'class="' . $class . '" size="1" ', 'value', 'text', $value);
     return $users;
 }
 function edit($tpl = null)
 {
     $document =& JFactory::getDocument();
     // this already includes administrator
     $livesite = JURI::base();
     if (JVersion::isCompatible("1.6.0")) {
         JEVHelper::stylesheet('eventsadmin16.css', 'administrator/components/' . JEV_COM_COMPONENT . '/assets/css/');
     } else {
         $document->addStyleSheet($livesite . 'components/' . JEV_COM_COMPONENT . '/assets/css/eventsadmin.css');
     }
     $document->setTitle(JText::_('JEVENTS') . ' :: ' . JText::_('JEVENTS'));
     // Set toolbar items for the page
     JToolBarHelper::title(JText::_('JEV_EDIT_USER'), 'jevents');
     JToolBarHelper::save("user.save");
     JToolBarHelper::cancel("user.overview");
     //JToolBarHelper::help( 'edit.user', true);
     $option = JRequest::getCmd('option', JEV_COM_COMPONENT);
     $db =& JFactory::getDBO();
     $params =& JComponentHelper::getParams(JEV_COM_COMPONENT);
     if (JVersion::isCompatible("1.6.0")) {
         $rules = JAccess::getAssetRules("com_jevents", true);
         $creatorgroups = $rules->getData();
         $creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData());
         $users = array(0);
         foreach ($creatorgroups as $creatorgroup => $permission) {
             if ($permission == 1) {
                 $users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
             }
         }
         $sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
         $db->setQuery($sql);
         $users = $db->loadObjectList();
     } else {
         $minaccess = $params->getValue("jevcreator_level", 19);
         // get users AUTHORS and above
         $sql = "SELECT * FROM #__users where gid>=" . $minaccess;
         $db->setQuery($sql);
         $users = $db->loadObjectList();
     }
     $userOptions[] = JHTML::_('select.option', '-1', 'Select User');
     foreach ($users as $user) {
         $userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ({$user->username})");
     }
     $jevuser =& $this->get('user');
     $userlist = JHTML::_('select.genericlist', $userOptions, 'user_id', 'class="inputbox" size="1" ', 'value', 'text', $jevuser->user_id);
     JLoader::register('JEventsCategory', JEV_ADMINPATH . "/libraries/categoryClass.php");
     $categories = JEventsCategory::categoriesTree();
     $lists['categories'] = JHTML::_('select.genericlist', $categories, 'categories[]', 'multiple="multiple" size="15"', 'value', 'text', explode("|", $jevuser->categories));
     // get calendars
     $sql = "SELECT label as text, ics_id as value FROM #__jevents_icsfile where icaltype=2";
     $db->setQuery($sql);
     $calendars = $db->loadObjectList();
     $lists['calendars'] = JHTML::_('select.genericlist', $calendars, 'calendars[]', 'multiple="multiple" size="15"', 'value', 'text', explode("|", $jevuser->calendars));
     $this->assignRef('lists', $lists);
     $this->assignRef("users", $userlist);
     $this->assignRef('jevuser', $jevuser);
     JHTML::_('behavior.tooltip');
 }
示例#6
0
 function edit($tpl = null)
 {
     $document = JFactory::getDocument();
     // this already includes administrator
     $document->setTitle(JText::_('JEVENTS') . ' :: ' . JText::_('JEVENTS'));
     // Set toolbar items for the page
     JToolBarHelper::title(JText::_('JEV_EDIT_USER'), 'jevents');
     JToolBarHelper::save("user.save");
     JToolBarHelper::cancel("user.overview");
     //JToolBarHelper::help( 'edit.user', true);
     $option = JRequest::getCmd('option', JEV_COM_COMPONENT);
     $db = JFactory::getDBO();
     $params = JComponentHelper::getParams(JEV_COM_COMPONENT);
     $rules = JAccess::getAssetRules("com_jevents", true);
     $data = $rules->getData();
     $creatorgroups = $data["core.create"]->getData();
     foreach ($data["core.admin"]->getData() as $creatorgroup => $permission) {
         if ($permission == 1) {
             $creatorgroups[$creatorgroup] = $permission;
         }
     }
     // array_merge does a re-indexing !!
     //$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData());
     $users = array(0);
     foreach ($creatorgroups as $creatorgroup => $permission) {
         if ($permission == 1) {
             $users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
         }
     }
     $sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
     $db->setQuery($sql);
     $users = $db->loadObjectList();
     $userOptions[] = JHTML::_('select.option', '-1', JText::_('SELECT_USER'));
     foreach ($users as $user) {
         $userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ({$user->username})");
     }
     $jevuser = $this->get('user');
     $userlist = JHTML::_('select.genericlist', $userOptions, 'user_id', 'class="inputbox" size="1" ', 'value', 'text', $jevuser->user_id);
     JLoader::register('JEventsCategory', JEV_ADMINPATH . "/libraries/categoryClass.php");
     $categories = JEventsCategory::categoriesTree();
     $lists['categories'] = JHTML::_('select.genericlist', $categories, 'categories[]', 'multiple="multiple" size="15"', 'value', 'text', explode("|", $jevuser->categories));
     // get calendars
     $sql = "SELECT label as text, ics_id as value FROM #__jevents_icsfile where icaltype=2";
     $db->setQuery($sql);
     $calendars = $db->loadObjectList();
     $lists['calendars'] = JHTML::_('select.genericlist', $calendars, 'calendars[]', 'multiple="multiple" size="15"', 'value', 'text', explode("|", $jevuser->calendars));
     $this->assignRef('lists', $lists);
     $this->assignRef("users", $userlist);
     $this->assignRef('jevuser', $jevuser);
     JHTML::_('behavior.tooltip');
     if (JevJoomlaVersion::isCompatible("3.0")) {
         $this->setLayout("edit");
     } else {
         $this->setLayout("edit16");
     }
 }
示例#7
0
 public function getOptions()
 {
     $params = JComponentHelper::getParams("com_jevents");
     $db = JFactory::getDBO();
     $rules = JAccess::getAssetRules("com_jevents", true);
     $creatorgroups = $rules->getData();
     if (strpos($this->name, "jevadmin") === 0) {
         $action = "core.admin";
     } else {
         if (strpos($this->name, "jeveditor") === 0) {
             $action = "core.edit";
         } else {
             if (strpos($this->name, "jevpublisher") === 0) {
                 $action = "core.edit.state";
             } else {
                 if (strpos($this->name, "admin") === 0) {
                     $action = "core.edit.state";
                 } else {
                     $action = "core.create";
                 }
             }
         }
     }
     // need to merge the arrays because of stupid way Joomla checks super user permissions
     //$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups[$action]->getData());
     // use union orf arrays sincee getData no longer has string keys in the resultant array
     //$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData();
     // use union orf arrays sincee getData no longer has string keys in the resultant array
     $creatorgroupsdata = $creatorgroups["core.admin"]->getData();
     // take the higher permission setting
     foreach ($creatorgroups[$action]->getData() as $creatorgroup => $permission) {
         if ($permission) {
             $creatorgroupsdata[$creatorgroup] = $permission;
         }
     }
     $users = array(0);
     foreach ($creatorgroupsdata as $creatorgroup => $permission) {
         if ($permission == 1) {
             $users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
         }
     }
     $sql = "SELECT id AS value, name AS text , sendEmail FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
     $db->setQuery($sql);
     $users = $db->loadObjectList();
     $nulluser = new stdClass();
     $nulluser->value = 0;
     $nulluser->sendEmail = 0;
     $nulluser->text = JText::_("SELECT_ADMIN");
     array_unshift($users, $nulluser);
     return $users;
 }
示例#8
0
 public static function checkGroup($groupId, $action, $asset = null)
 {
     $groupId = (int) $groupId;
     if ($groupId == 0) {
         $groupId = 17;
         //ROOT
     }
     $action = strtolower($action);
     $asset = strtolower($asset);
     if (empty($asset)) {
         $asset = 1;
     }
     if (empty(JAccess::$_assetRules[$asset])) {
         JAccess::$_assetRules[$asset] = JAccess::getAssetRules($asset);
     }
     $groupPath = JAccess::getGroupPath($groupId);
     return JAccess::$_assetRules[$asset]->allow($action, $groupPath);
 }
示例#9
0
文件: users.php 项目: JozefAB/qk
 public static function getAdminGroups()
 {
     if (!is_array(self::$groups)) {
         self::$groups = array();
         $db = JFactory::getDbo();
         $query = $db->getQuery(true);
         $query->select($db->qn('id'))->select($db->qn('lft'))->select($db->qn('rgt'))->from($db->qn('#__usergroups'));
         $db->setQuery($query);
         if ($groups = $db->loadObjectList()) {
             $rules = JAccess::getAssetRules(1);
             foreach ($groups as $group) {
                 if ($rules->allow('core.admin', array($group->id))) {
                     self::$groups[] = (int) $group->id;
                     $children = self::getAdminGroupsChildren($group->lft, $group->rgt);
                     foreach ($children as $child_id) {
                         self::$groups[] = (int) $child_id;
                     }
                 }
             }
         }
     }
     return self::$groups;
 }
示例#10
0
 protected function _getRulesData()
 {
     // get the identities for the group.
     $db = JFactory::getDBO();
     // Get the user groups from the database.
     $db->setQuery('SELECT b.id' . ' FROM #__usergroups AS a' . ' LEFT JOIN `#__usergroups` AS b ON a.lft >= b.lft AND a.rgt <= b.rgt' . ' WHERE a.id = ' . (int) $this->getState('report.group_id'));
     $identities = $db->loadResultArray();
     // Get list of extensions.
     $query = new JQuery();
     $query->select('name, element');
     $query->from('#__extensions');
     $query->where('type = ' . $db->quote('component'));
     $db->setQuery($query);
     $extensions = $db->loadObjectList();
     $actions = $this->getActions();
     foreach ($extensions as &$extension) {
         $extension->actions = array();
         $rules = JAccess::getAssetRules($extension->element, true);
         foreach ($actions as $action => $name) {
             $extension->actions[$action] = $rules->allow($action, $identities);
         }
     }
     return array('extensions' => $extensions, 'actions' => $actions);
 }
示例#11
0
 function edit($tpl = null)
 {
     JEVHelper::script('editical.js', 'components/' . JEV_COM_COMPONENT . '/assets/js/');
     $document = JFactory::getDocument();
     $document->setTitle(JText::_('EDIT_ICS'));
     // Set toolbar items for the page
     JToolBarHelper::title(JText::_('EDIT_ICS'), 'jevents');
     //JToolBarHelper::save('icals.save');
     $bar = JToolBar::getInstance('toolbar');
     if ($this->editItem && isset($this->editItem->ics_id) && $this->editItem->ics_id > 0) {
         JToolBarHelper::save('icals.savedetails');
     }
     JToolBarHelper::cancel('icals.list');
     //JToolBarHelper::help( 'screen.icals.edit', true);
     $params = JComponentHelper::getParams(JEV_COM_COMPONENT);
     //$section = $params->get("section",0);
     $db = JFactory::getDbo();
     if ($params->get("authorisedonly", 0)) {
         // get authorised users
         $sql = "SELECT u.* FROM #__jev_users as jev LEFT JOIN #__users as u on u.id=jev.user_id where jev.published=1 and jev.cancreate=1";
         $db = JFactory::getDBO();
         $db->setQuery($sql);
         $users = $db->loadObjectList();
     } else {
         $rules = JAccess::getAssetRules("com_jevents", true);
         $creatorgroups = $rules->getData();
         // need to merge the arrays because of stupid way Joomla checks super user permissions
         //$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData());
         // use union orf arrays sincee getData no longer has string keys in the resultant array
         //$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData();
         // use union orf arrays sincee getData no longer has string keys in the resultant array
         $creatorgroupsdata = $creatorgroups["core.admin"]->getData();
         // take the higher permission setting
         foreach ($creatorgroups["core.create"]->getData() as $creatorgroup => $permission) {
             if ($permission) {
                 $creatorgroupsdata[$creatorgroup] = $permission;
             }
         }
         $users = array(0);
         foreach ($creatorgroupsdata as $creatorgroup => $permission) {
             if ($permission == 1) {
                 $users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
             }
         }
         $sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
         $db->setQuery($sql);
         $users = $db->loadObjectList();
     }
     $userOptions = array();
     foreach ($users as $user) {
         $userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ({$user->username})");
     }
     $jevuser = JFactory::getUser();
     if ($this->editItem && isset($this->editItem->ics_id) && $this->editItem->ics_id > 0 && $this->editItem->created_by > 0) {
         $created_by = $this->editItem->created_by;
     } else {
         $created_by = $jevuser->id;
     }
     if (count($userOptions) > 0) {
         $userlist = JHTML::_('select.genericlist', $userOptions, 'created_by', 'class="inputbox" size="1" ', 'value', 'text', $created_by);
     } else {
         $userList = "";
     }
     $this->assignRef("users", $userlist);
     JHTML::_('behavior.tooltip');
     if (JevJoomlaVersion::isCompatible("3.0")) {
         $this->setLayout("edit");
     } else {
         $this->setLayout("edit16");
     }
 }
示例#12
0
 /**
  * Method to save the form data.
  *
  * @param   array  $data  The form data.
  *
  * @return  boolean  True on success.
  *
  * @since   1.6
  */
 public function save($data)
 {
     // Include the user plugins for events.
     JPluginHelper::importPlugin($this->events_map['save']);
     /**
      * Check the super admin permissions for group
      * We get the parent group permissions and then check the group permissions manually
      * We have to calculate the group permissions manually because we haven't saved the group yet
      */
     $parentSuperAdmin = JAccess::checkGroup($data['parent_id'], 'core.admin');
     // Get core.admin rules from the root asset
     $rules = JAccess::getAssetRules('root.1')->getData('core.admin');
     // Get the value for the current group (will be true (allowed), false (denied), or null (inherit)
     $groupSuperAdmin = $rules['core.admin']->allow($data['id']);
     // We only need to change the $groupSuperAdmin if the parent is true or false. Otherwise, the value set in the rule takes effect.
     if ($parentSuperAdmin === false) {
         // If parent is false (Denied), effective value will always be false
         $groupSuperAdmin = false;
     } elseif ($parentSuperAdmin === true) {
         // If parent is true (allowed), group is true unless explicitly set to false
         $groupSuperAdmin = $groupSuperAdmin === false ? false : true;
     }
     // Check for non-super admin trying to save with super admin group
     $iAmSuperAdmin = JFactory::getUser()->authorise('core.admin');
     if (!$iAmSuperAdmin && $groupSuperAdmin) {
         $this->setError(JText::_('JLIB_USER_ERROR_NOT_SUPERADMIN'));
         return false;
     }
     /**
      * Check for super-admin changing self to be non-super-admin
      * First, are we a super admin
      */
     if ($iAmSuperAdmin) {
         // Next, are we a member of the current group?
         $myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id'), false);
         if (in_array($data['id'], $myGroups)) {
             // Now, would we have super admin permissions without the current group?
             $otherGroups = array_diff($myGroups, array($data['id']));
             $otherSuperAdmin = false;
             foreach ($otherGroups as $otherGroup) {
                 $otherSuperAdmin = $otherSuperAdmin ? $otherSuperAdmin : JAccess::checkGroup($otherGroup, 'core.admin');
             }
             /**
              * If we would not otherwise have super admin permissions
              * and the current group does not have super admin permissions, throw an exception
              */
             if (!$otherSuperAdmin && !$groupSuperAdmin) {
                 $this->setError(JText::_('JLIB_USER_ERROR_CANNOT_DEMOTE_SELF'));
                 return false;
             }
         }
     }
     if (JFactory::getApplication()->input->get('task') == 'save2copy') {
         $data['title'] = $this->generateGroupTitle($data['parent_id'], $data['title']);
     }
     // Proceed with the save
     return parent::save($data);
 }
示例#13
0
 /**
  * Creates the HTML for the permissions widget
  *
  * @param   array    $actions   Array of action objects
  * @param   integer  $assetId   Id of a specific asset to  create a widget for.
  * @param   integer  $parent    Id of the parent of the asset
  * @param   string   $control   The form control
  * @param   string   $idPrefix  Prefix for the ids assigned to specific action-group pairs
  *
  * @return  string   HTML for the permissions widget
  *
  * @since   11.1
  *
  * @see     JAccess
  * @see     JFormFieldRules
  */
 public static function assetFormWidget($actions, $assetId = null, $parent = null, $control = 'jform[rules]', $idPrefix = 'jform_rules')
 {
     $images = self::_getImagesArray();
     // Get the user groups.
     $groups = self::_getUserGroups();
     // Get the incoming inherited rules as well as the asset specific rules.
     $inheriting = JAccess::getAssetRules($parent ? $parent : self::_getParentAssetId($assetId), true);
     $inherited = JAccess::getAssetRules($assetId, true);
     $rules = JAccess::getAssetRules($assetId);
     $html = array();
     $html[] = '<div class="acl-options">';
     $html[] = JHtml::_('tabs.start', 'acl-rules-' . $assetId, array('useCookie' => 1));
     $html[] = JHtml::_('tabs.panel', JText::_('JLIB_HTML_ACCESS_SUMMARY'), 'summary');
     $html[] = '			<p>' . JText::_('JLIB_HTML_ACCESS_SUMMARY_DESC') . '</p>';
     $html[] = '			<table class="aclsummary-table" summary="' . JText::_('JLIB_HTML_ACCESS_SUMMARY_DESC') . '">';
     $html[] = '			<caption>' . JText::_('JLIB_HTML_ACCESS_SUMMARY_DESC_CAPTION') . '</caption>';
     $html[] = '			<tr>';
     $html[] = '				<th class="col1 hidelabeltxt">' . JText::_('JLIB_RULES_GROUPS') . '</th>';
     foreach ($actions as $i => $action) {
         $html[] = '				<th class="col' . ($i + 2) . '">' . JText::_($action->title) . '</th>';
     }
     $html[] = '			</tr>';
     foreach ($groups as $i => $group) {
         $html[] = '			<tr class="row' . $i % 2 . '">';
         $html[] = '				<td class="col1">' . $group->text . '</td>';
         foreach ($actions as $i => $action) {
             $html[] = '				<td class="col' . ($i + 2) . '">' . ($assetId ? $inherited->allow($action->name, $group->identities) ? $images['allow'] : $images['deny'] : ($inheriting->allow($action->name, $group->identities) ? $images['allow'] : $images['deny'])) . '</td>';
         }
         $html[] = '			</tr>';
     }
     $html[] = ' 		</table>';
     foreach ($actions as $action) {
         $actionTitle = JText::_($action->title);
         $actionDesc = JText::_($action->description);
         $html[] = JHtml::_('tabs.panel', $actionTitle, $action->name);
         $html[] = '			<p>' . $actionDesc . '</p>';
         $html[] = '			<table class="aclmodify-table" summary="' . strip_tags($actionDesc) . '">';
         $html[] = '			<caption>' . JText::_('JLIB_HTML_ACCESS_MODIFY_DESC_CAPTION_ACL') . ' ' . $actionTitle . ' ' . JText::_('JLIB_HTML_ACCESS_MODIFY_DESC_CAPTION_TABLE') . '</caption>';
         $html[] = '			<tr>';
         $html[] = '				<th class="col1 hidelabeltxt">' . JText::_('JLIB_RULES_GROUP') . '</th>';
         $html[] = '				<th class="col2">' . JText::_('JLIB_RULES_INHERIT') . '</th>';
         $html[] = '				<th class="col3 hidelabeltxt">' . JText::_('JMODIFY') . '</th>';
         $html[] = '				<th class="col4">' . JText::_('JCURRENT') . '</th>';
         $html[] = '			</tr>';
         foreach ($groups as $i => $group) {
             $selected = $rules->allow($action->name, $group->value);
             $html[] = '			<tr class="row' . $i % 2 . '">';
             $html[] = '				<td class="col1">' . $group->text . '</td>';
             $html[] = '				<td class="col2">' . ($inheriting->allow($action->name, $group->identities) ? $images['allow-i'] : $images['deny-i']) . '</td>';
             $html[] = '				<td class="col3">';
             $html[] = '					<select id="' . $idPrefix . '_' . $action->name . '_' . $group->value . '" class="inputbox" size="1" name="' . $control . '[' . $action->name . '][' . $group->value . ']" title="' . JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', $actionTitle, $group->text) . '">';
             $html[] = '						<option value=""' . ($selected === null ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_INHERIT') . '</option>';
             $html[] = '						<option value="1"' . ($selected === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED') . '</option>';
             $html[] = '						<option value="0"' . ($selected === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED') . '</option>';
             $html[] = '					</select>';
             $html[] = '				</td>';
             $html[] = '				<td class="col4">' . ($assetId ? $inherited->allow($action->name, $group->identities) ? $images['allow'] : $images['deny'] : ($inheriting->allow($action->name, $group->identities) ? $images['allow'] : $images['deny'])) . '</td>';
             $html[] = '			</tr>';
         }
         $html[] = '			</table>';
     }
     $html[] = JHtml::_('tabs.end');
     // Build the footer with legend and special purpose buttons.
     $html[] = '	<div class="clr"></div>';
     $html[] = '	<ul class="acllegend fltlft">';
     $html[] = '		<li class="acl-allowed">' . JText::_('JLIB_RULES_ALLOWED') . '</li>';
     $html[] = '		<li class="acl-denied">' . JText::_('JLIB_RULES_DENIED') . '</li>';
     $html[] = '	</ul>';
     $html[] = '</div>';
     return implode("\n", $html);
 }
 /**
  *	Gets the default asset Rules for a component/view.
  */
 protected static function getDefaultAssetRules($component, $view)
 {
     // Need to find the asset id by the name of the component.
     $db = JFactory::getDbo();
     $query = $db->getQuery(true)->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
     $db->setQuery($query);
     $db->execute();
     if ($db->loadRowList()) {
         // asset alread set so use saved rules
         $assetId = (int) $db->loadResult();
         $result = JAccess::getAssetRules($assetId);
         if ($result instanceof JAccessRules) {
             $_result = (string) $result;
             $_result = json_decode($_result);
             foreach ($_result as $name => &$rule) {
                 $v = explode('.', $name);
                 if ($view !== $v[0]) {
                     // remove since it is not part of this view
                     unset($_result->{$name});
                 } else {
                     // clear the value since we inherit
                     $rule = array();
                 }
             }
             // check if there are any view values remaining
             if (count($_result)) {
                 $_result = json_encode($_result);
                 $_result = array($_result);
                 // Instantiate and return the JAccessRules object for the asset rules.
                 $rules = new JAccessRules($_result);
                 return $rules;
             }
             return $result;
         }
     }
     return JAccess::getAssetRules(0);
 }
示例#15
0
 /**
  * Gets the default asset values for a component.
  *
  * @param   $string  $component  The component asset name to search for
  *
  * @return  JAccessRules  The JAccessRules object for the asset
  */
 protected function getDefaultAssetValues($component)
 {
     // Need to find the asset id by the name of the component.
     $db = JFactory::getDbo();
     $query = $db->getQuery(true)->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
     $db->setQuery($query);
     $assetId = (int) $db->loadResult();
     return JAccess::getAssetRules($assetId);
 }
示例#16
0
 /**
  * Save entry
  *
  * @return  void
  */
 public function saveTask()
 {
     // Check for request forgeries
     Request::checkToken();
     // Incoming password blacklist edits
     $fields = Request::getVar('fields', array(), 'post');
     // Load the record
     $row = Accessgroup::oneOrNew($fields['id'])->set($fields);
     // Check the super admin permissions for group
     // We get the parent group permissions and then check the group permissions manually
     // We have to calculate the group permissions manually because we haven't saved the group yet
     $parentSuperAdmin = \JAccess::checkGroup($fields['parent_id'], 'core.admin');
     // Get core.admin rules from the root asset
     $rules = \JAccess::getAssetRules('root.1')->getData('core.admin');
     // Get the value for the current group (will be true (allowed), false (denied), or null (inherit)
     $groupSuperAdmin = $rules['core.admin']->allow($row->get('id'));
     // We only need to change the $groupSuperAdmin if the parent is true or false. Otherwise, the value set in the rule takes effect.
     if ($parentSuperAdmin === false) {
         // If parent is false (Denied), effective value will always be false
         $groupSuperAdmin = false;
     } elseif ($parentSuperAdmin === true) {
         // If parent is true (allowed), group is true unless explicitly set to false
         $groupSuperAdmin = $groupSuperAdmin === false ? false : true;
     }
     // Check for non-super admin trying to save with super admin group
     $iAmSuperAdmin = User::authorise('core.admin');
     if (!$iAmSuperAdmin && $groupSuperAdmin) {
         Notify::error(Lang::txt('JLIB_USER_ERROR_NOT_SUPERADMIN'));
         return $this->editTask($row);
     }
     // Check for super-admin changing self to be non-super-admin
     // First, are we a super admin>
     if ($iAmSuperAdmin) {
         // Next, are we a member of the current group?
         $myGroups = \JAccess::getGroupsByUser(User::get('id'), false);
         if (in_array($fields['id'], $myGroups)) {
             // Now, would we have super admin permissions without the current group?
             $otherGroups = array_diff($myGroups, array($fields['id']));
             $otherSuperAdmin = false;
             foreach ($otherGroups as $otherGroup) {
                 $otherSuperAdmin = $otherSuperAdmin ? $otherSuperAdmin : \JAccess::checkGroup($otherGroup, 'core.admin');
             }
             // If we would not otherwise have super admin permissions
             // and the current group does not have super admin permissions, throw an exception
             if (!$otherSuperAdmin && !$groupSuperAdmin) {
                 Notify::error(Lang::txt('JLIB_USER_ERROR_CANNOT_DEMOTE_SELF'));
                 return $this->editTask($row);
             }
         }
     }
     if ($this->getTask() == 'save2copy') {
         $row->set('id', null);
     }
     // Try to save
     if (!$row->save()) {
         Notify::error($row->getError());
         return $this->editTask($row);
     }
     Notify::success(Lang::txt('COM_MEMBERS_SAVE_SUCCESS'));
     if ($this->getTask() == 'save2new') {
         $row = Accessgroup::blank();
     }
     // Fall through to edit form
     if (in_array($this->getTask(), array('apply', 'save2new', 'save2copy'))) {
         return $this->editTask($row);
     }
     // Redirect
     $this->cancelTask();
 }
 protected function setCreatorLookup()
 {
     // If user is jevents can deleteall or has backend access then allow them to specify the creator
     $jevuser = JEVHelper::getAuthorisedUser();
     $user = JFactory::getUser();
     if (JVersion::isCompatible("1.6.0")) {
         //$access = JAccess::check($user->id, "core.deleteall", "com_jevents");
         $access = $user->authorise('core.admin', 'com_jevents');
     } else {
         // Get an ACL object
         $acl =& JFactory::getACL();
         $grp = $acl->getAroGroup($user->get('id'));
         // if no valid group (e.g. anon user) then skip this.
         if (!$grp) {
             return;
         }
         $access = $acl->is_group_child_of($grp->name, 'Public Backend');
     }
     $db = JFactory::getDBO();
     if ($jevuser && $jevuser->candeleteall || $access) {
         if (JVersion::isCompatible("1.6.0")) {
             $params =& JComponentHelper::getParams(JEV_COM_COMPONENT);
             $authorisedonly = $params->get("authorisedonly", 0);
             // if authorised only then load from database
             if ($authorisedonly) {
                 $sql = "SELECT tl.*, ju.*  FROM #__jev_users AS tl ";
                 $sql .= " LEFT JOIN #__users as ju ON tl.user_id=ju.id ";
                 $sql .= " WHERE tl.cancreate=1";
                 $sql .= " ORDER BY ju.name ASC";
                 $db->setQuery($sql);
                 $users = $db->loadObjectList();
             } else {
                 $rules = JAccess::getAssetRules("com_jevents", true);
                 $creatorgroups = $rules->getData();
                 // need to merge the arrays because of stupid way Joomla checks super user permissions
                 //$creatorgroups = array_merge($creatorgroups["core.admin"]->getData(), $creatorgroups["core.create"]->getData());
                 // use union orf arrays sincee getData no longer has string keys in the resultant array
                 //$creatorgroups = $creatorgroups["core.admin"]->getData()+ $creatorgroups["core.create"]->getData();
                 // use union orf arrays sincee getData no longer has string keys in the resultant array
                 $creatorgroupsdata = $creatorgroups["core.admin"]->getData();
                 // take the higher permission setting
                 foreach ($creatorgroups["core.create"]->getData() as $creatorgroup => $permission) {
                     if ($permission) {
                         $creatorgroupsdata[$creatorgroup] = $permission;
                     }
                 }
                 $users = array(0);
                 foreach ($creatorgroupsdata as $creatorgroup => $permission) {
                     if ($permission == 1) {
                         $users = array_merge(JAccess::getUsersByGroup($creatorgroup, true), $users);
                     }
                 }
                 $sql = "SELECT * FROM #__users where id IN (" . implode(",", array_values($users)) . ") ORDER BY name asc";
                 $db->setQuery($sql);
                 $users = $db->loadObjectList();
             }
         } else {
             $db = JFactory::getDBO();
             $params =& JComponentHelper::getParams(JEV_COM_COMPONENT);
             $authorisedonly = $params->get("authorisedonly", 0);
             // if authorised only then load from database
             if ($authorisedonly) {
                 $sql = "SELECT tl.*, ju.*  FROM #__jev_users AS tl ";
                 $sql .= " LEFT JOIN #__users as ju ON tl.user_id=ju.id ";
                 $sql .= " WHERE tl.cancreate=1";
                 $sql .= " ORDER BY ju.name ASC";
                 $db->setQuery($sql);
                 $users = $db->loadObjectList();
             } else {
                 $params =& JComponentHelper::getParams(JEV_COM_COMPONENT);
                 $minaccess = $params->getValue("jevcreator_level", 19);
                 $sql = "SELECT * FROM #__users where gid>=" . $minaccess;
                 $sql .= " ORDER BY name ASC";
                 $db->setQuery($sql);
                 $users = $db->loadObjectList();
             }
         }
         $userOptions[] = JHTML::_('select.option', '-1', JText::_('SELECT_USER'));
         foreach ($users as $user) {
             $userOptions[] = JHTML::_('select.option', $user->id, $user->name . " ( " . $user->username . " )");
         }
         $creator = $this->row->created_by() > 0 ? $this->row->created_by() : (isset($jevuser) ? $jevuser->user_id : 0);
         $userlist = JHTML::_('select.genericlist', $userOptions, 'jev_creatorid', 'class="inputbox" size="1" ', 'value', 'text', $creator);
         $this->assignRef("users", $userlist);
     }
 }
示例#18
0
 /**
  * Метод для отправки оповещения редакторам
  * @param integer $catid	ID категории
  * @param string  $name		Автор вопроса
  */
 protected function sendMail($data, &$category)
 {
     $params = $category->getParams();
     // отключение
     if ($params->get('disabled_mail')) {
         return true;
     }
     $rules = JAccess::getAssetRules('com_smfaq.category.' . $category->id, false);
     $r = $rules->getData();
     $group = $r['core.edit']->getData();
     if (is_array($group) && count($group) > 0) {
         foreach ($group as $key => $value) {
             if ($value == 1) {
                 $groups[] = JAccess::getUsersByGroup($key);
             }
         }
         if (isset($groups)) {
             $users_id = array();
             foreach ($groups as $group) {
                 if ($group) {
                     for ($i = 0; $i < count($group); $i++) {
                         $users_id[] = $group[$i];
                     }
                 }
             }
             if (count($users_id) > 0) {
                 $users_id = implode(",", array_unique($users_id));
                 $db = JFactory::getDBO();
                 $query = 'SELECT email FROM #__users WHERE id IN (' . $users_id . ')';
                 $db->setQuery($query);
                 $emails = $db->loadResultArray();
                 if ($emails) {
                     $config = JFactory::getConfig();
                     $mailfrom = $config->get('mailfrom');
                     $fromname = $config->get('fromname');
                     $date = JFactory::getDate(null, $config->get('offset'));
                     $date = $date->format('d.m.Y H:i');
                     $link = JURI::root() . 'index.php?option=com_smfaq&task=edit.edit&id=' . $this->getState('smfaq.id') . '&catid=' . $category->id;
                     $subject = JText::sprintf('COM_SMFAQ_MAIL_SUBJECT_NEW', $category->title);
                     $message = JText::sprintf('COM_SMFAQ_MAIL_MESSAGE_NEW', $data['created_by'], $date, $data['question'], $link);
                     $mail = JFactory::getMailer();
                     // 						if (($mail->Mailer == 'mail') && ! function_exists('mail')) {
                     // 							return false;
                     // 						}
                     foreach ($emails as $email) {
                         $send = $mail->sendMail($mailfrom, $fromname, $email, $subject, $message);
                         if ($send !== true) {
                             return false;
                         }
                     }
                 }
             }
         }
     } else {
     }
     return true;
 }
 /**
  * Returns the Super Users email information. If you provide a comma separated $email list
  * we will check that these emails do belong to Super Users and that they have not blocked
  * system emails.
  *
  * @param   null|string  $email  A list of Super Users to email
  *
  * @return  array  The list of Super User emails
  *
  * @since   3.5
  */
 private function getSuperUsers($email = null)
 {
     // Get a reference to the database object
     $db = JFactory::getDbo();
     // Convert the email list to an array
     if (!empty($email)) {
         $temp = explode(',', $email);
         $emails = array();
         foreach ($temp as $entry) {
             $entry = trim($entry);
             $emails[] = $db->q($entry);
         }
         $emails = array_unique($emails);
     } else {
         $emails = array();
     }
     // Get a list of groups which have Super User privileges
     $ret = array();
     try {
         $assets = JTable::getInstance('Asset', 'JTable');
         $rootId = $assets->getRootId();
         $rules = JAccess::getAssetRules($rootId)->getData();
         $rawGroups = $rules['core.admin'];
         $groups = array();
         if (empty($rawGroups)) {
             return $ret;
         }
         foreach ($rawGroups as $g => $enabled) {
             if ($enabled) {
                 $groups[] = $db->q($g);
             }
         }
         if (empty($groups)) {
             return $ret;
         }
     } catch (Exception $exc) {
         return $ret;
     }
     // Get the user IDs of users belonging to the SA groups
     try {
         $query = $db->getQuery(true)->select($db->qn('user_id'))->from($db->qn('#__user_usergroup_map'))->where($db->qn('group_id') . ' IN(' . implode(',', $groups) . ')');
         $db->setQuery($query);
         $rawUserIDs = $db->loadColumn(0);
         if (empty($rawUserIDs)) {
             return $ret;
         }
         $userIDs = array();
         foreach ($rawUserIDs as $id) {
             $userIDs[] = $db->q($id);
         }
     } catch (Exception $exc) {
         return $ret;
     }
     // Get the user information for the Super Administrator users
     try {
         $query = $db->getQuery(true)->select(array($db->qn('id'), $db->qn('username'), $db->qn('email')))->from($db->qn('#__users'))->where($db->qn('id') . ' IN(' . implode(',', $userIDs) . ')')->where($db->qn('sendEmail') . ' = ' . $db->q('1'));
         if (!empty($emails)) {
             $query->where($db->qn('email') . 'IN(' . implode(',', $emails) . ')');
         }
         $db->setQuery($query);
         $ret = $db->loadObjectList();
     } catch (Exception $exc) {
         return $ret;
     }
     return $ret;
 }
示例#20
0
	public function testGetAssetRules() {
		if (defined('DB_NOT_AVAILABLE')) {
			$this->markTestSkipped('The database is not available');
		}

		$access = new JAccess();
		$ObjArrayJrules = $access->getAssetRules(3, True);
		$string1 = '{"core.login.site":{"6":1,"2":1},"core.login.admin":{"6":1},"core.admin":{"8":1,"7":1},"core.manage":{"7":1,"10":1,"6":1},"core.create":{"6":1,"4":0},"core.delete":{"6":1,"4":0,"5":1},"core.edit":{"6":1},"core.edit.state":{"6":1}}';
		$this->assertThat(
			(string)$ObjArrayJrules,
			$this->equalTo($string1),
			'Line: ' . __LINE__
		);

		$ObjArrayJrules = $access->getAssetRules(3, False);
		$string1 = '{"core.admin":{"7":1},"core.manage":{"6":1},"core.create":{"4":0},"core.delete":{"4":0,"5":1},"core.edit":[],"core.edit.state":[]}';
		$this->assertThat(
			(string) $ObjArrayJrules,
			$this->equalTo($string1),
			'Line: ' . __LINE__
		);

		$ObjArrayJrules = $access->getAssetRules(1550, False);
		$string1 = '[]';
		$this->assertThat(
			(string)$ObjArrayJrules,
			$this->equalTo($string1),
			'Line: ' . __LINE__
		);

		$ObjArrayJrules = $access->getAssetRules('testasset', False);
		$string1 = '[]';
		$this->assertThat(
			(string)$ObjArrayJrules,
			$this->equalTo($string1),
			'Line: ' . __LINE__
		);

	}
示例#21
0
 protected function getAuthorisedUsers($action, $asset = null)
 {
     $action = strtolower(preg_replace('#[\\s\\-]+#', '.', trim($action)));
     $asset = strtolower(preg_replace('#[\\s\\-]+#', '.', trim($asset)));
     // Default to the root asset node.
     if (empty($asset)) {
         $asset = 1;
     }
     // Get all asset rules
     $rules = JAccess::getAssetRules($asset, true);
     $data = $rules->getData();
     // Get all action rules for the asset
     $groups = array();
     if (!empty($data[$action])) {
         $groups = $data[$action]->getData();
     }
     // Split groups into allow and deny list
     $allow = array();
     $deny = array();
     foreach ($groups as $groupid => $access) {
         if ($access) {
             $allow[] = $groupid;
         } else {
             $deny[] = $groupid;
         }
     }
     // Get userids
     if ($allow) {
         // These users can do the action
         $allow = $this->getUsersByGroup($allow, true);
     }
     if ($deny) {
         // But these users have explicit deny for the action
         $deny = $this->getUsersByGroup($deny, true);
     }
     // Remove denied users from allowed users list
     return array_diff($allow, $deny);
 }
示例#22
0
 /**
  * Method to get the field input markup for Access Control Lists.
  * Optionally can be associated with a specific component and section.
  *
  * TODO: Add access check.
  *
  * @return  string  The field input markup.
  *
  * @since   11.1
  */
 protected function getInput()
 {
     JHtml::_('behavior.tooltip');
     // Initialise some field attributes.
     $section = $this->element['section'] ? (string) $this->element['section'] : '';
     $component = $this->element['component'] ? (string) $this->element['component'] : '';
     $assetField = $this->element['asset_field'] ? (string) $this->element['asset_field'] : 'asset_id';
     // Get the actions for the asset.
     $actions = JAccess::getActions($component, $section);
     // Iterate over the children and add to the actions.
     foreach ($this->element->children() as $el) {
         if ($el->getName() == 'action') {
             $actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'], 'description' => (string) $el['description']);
         }
     }
     // Get the explicit rules for this asset.
     if ($section == 'component') {
         // Need to find the asset id by the name of the component.
         $db = JFactory::getDbo();
         $query = $db->getQuery(true)->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
         $db->setQuery($query);
         $assetId = (int) $db->loadResult();
     } else {
         // Find the asset id of the content.
         // Note that for global configuration, com_config injects asset_id = 1 into the form.
         $assetId = $this->form->getValue($assetField);
     }
     // Use the compact form for the content rules (deprecated).
     /* @todo remove code:
     		if (!empty($component) && $section != 'component') {
     			return JHtml::_('rules.assetFormWidget', $actions, $assetId, $assetId ? null : $component, $this->name, $this->id);
     		}
     		 */
     // Full width format.
     // Get the rules for just this asset (non-recursive).
     $assetRules = JAccess::getAssetRules($assetId);
     // Get the available user groups.
     $groups = $this->getUserGroups();
     // Build the form control.
     $curLevel = 0;
     // Prepare output
     $html = array();
     // Description
     $html[] = '<p class="rule-desc">' . JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
     // Begin tabs
     $html[] = '<div id="permissions-sliders" class="tabbable tabs-left">';
     // Building tab nav
     $html[] = '<ul class="nav nav-tabs">';
     foreach ($groups as $group) {
         // Initial Active Tab
         $active = "";
         if ($group->value == 1) {
             $active = "active";
         }
         $html[] = '<li class="' . $active . '">';
         $html[] = '<a href="#permission-' . $group->value . '" data-toggle="tab">';
         $html[] = str_repeat('<span class="level">&ndash; ', $curLevel = $group->level) . $group->text;
         $html[] = '</a>';
         $html[] = '</li>';
     }
     $html[] = '</ul>';
     $html[] = '<div class="tab-content">';
     // Start a row for each user group.
     foreach ($groups as $group) {
         // Initial Active Pane
         $active = "";
         if ($group->value == 1) {
             $active = " active";
         }
         $difLevel = $group->level - $curLevel;
         $html[] = '<div class="tab-pane' . $active . '" id="permission-' . $group->value . '">';
         $html[] = '<table class="table table-striped">';
         $html[] = '<thead>';
         $html[] = '<tr>';
         $html[] = '<th class="actions" id="actions-th' . $group->value . '">';
         $html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_ACTION') . '</span>';
         $html[] = '</th>';
         $html[] = '<th class="settings" id="settings-th' . $group->value . '">';
         $html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_SELECT_SETTING') . '</span>';
         $html[] = '</th>';
         // The calculated setting is not shown for the root group of global configuration.
         $canCalculateSettings = $group->parent_id || !empty($component);
         if ($canCalculateSettings) {
             $html[] = '<th id="aclactionth' . $group->value . '">';
             $html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_CALCULATED_SETTING') . '</span>';
             $html[] = '</th>';
         }
         $html[] = '</tr>';
         $html[] = '</thead>';
         $html[] = '<tbody>';
         foreach ($actions as $action) {
             $html[] = '<tr>';
             $html[] = '<td headers="actions-th' . $group->value . '">';
             $html[] = '<label class="tip" for="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . htmlspecialchars(JText::_($action->title) . ' ' . JText::_($action->description), ENT_COMPAT, 'UTF-8') . '">';
             $html[] = JText::_($action->title);
             $html[] = '</label>';
             $html[] = '</td>';
             $html[] = '<td headers="settings-th' . $group->value . '">';
             $html[] = '<select class="input-small" name="' . $this->name . '[' . $action->name . '][' . $group->value . ']" id="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', JText::_($action->title), trim($group->text)) . '">';
             $inheritedRule = JAccess::checkGroup($group->value, $action->name, $assetId);
             // Get the actual setting for the action for this group.
             $assetRule = $assetRules->allow($action->name, $group->value);
             // Build the dropdowns for the permissions sliders
             // The parent group has "Not Set", all children can rightly "Inherit" from that.
             $html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>' . JText::_(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
             $html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED') . '</option>';
             $html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED') . '</option>';
             $html[] = '</select>&#160; ';
             // If this asset's rule is allowed, but the inherited rule is deny, we have a conflict.
             if ($assetRule === true && $inheritedRule === false) {
                 $html[] = JText::_('JLIB_RULES_CONFLICT');
             }
             $html[] = '</td>';
             // Build the Calculated Settings column.
             // The inherited settings column is not displayed for the root group in global configuration.
             if ($canCalculateSettings) {
                 $html[] = '<td headers="aclactionth' . $group->value . '">';
                 // This is where we show the current effective settings considering currrent group, path and cascade.
                 // Check whether this is a component or global. Change the text slightly.
                 if (JAccess::checkGroup($group->value, 'core.admin', $assetId) !== true) {
                     if ($inheritedRule === null) {
                         $html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
                     } elseif ($inheritedRule === true) {
                         $html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
                     } elseif ($inheritedRule === false) {
                         if ($assetRule === false) {
                             $html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
                         } else {
                             $html[] = '<span class="label"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED') . '</span>';
                         }
                     }
                 } elseif (!empty($component)) {
                     $html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
                 } else {
                     // Special handling for  groups that have global admin because they can't  be denied.
                     // The admin rights can be changed.
                     if ($action->name === 'core.admin') {
                         $html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
                     } elseif ($inheritedRule === false) {
                         // Other actions cannot be changed.
                         $html[] = '<span class="label label-important"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span>';
                     } else {
                         $html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
                     }
                 }
                 $html[] = '</td>';
             }
             $html[] = '</tr>';
         }
         $html[] = '</tbody>';
         $html[] = '</table></div>';
     }
     $html[] = '</div></div>';
     $html[] = '<div class="alert">';
     if ($section == 'component' || $section == null) {
         $html[] = JText::_('JLIB_RULES_SETTING_NOTES');
     } else {
         $html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM');
     }
     $html[] = '</div>';
     return implode("\n", $html);
 }
示例#23
0
	/**
	 * Method to get the field input markup for Access Control Lists.
	 * Optionally can be associated with a specific component and section.
	 *
	 * TODO: Add access check.
	 *
	 * @return  string  The field input markup.
	 *
	 * @since   11.1
	 */
	protected function getInput()
	{
		JHtml::_('behavior.tooltip');

		// Initialise some field attributes.
		$section = $this->element['section'] ? (string) $this->element['section'] : '';
		$component = $this->element['component'] ? (string) $this->element['component'] : '';
		$assetField = $this->element['asset_field'] ? (string) $this->element['asset_field'] : 'asset_id';

		// Get the actions for the asset.
		$actions = JAccess::getActions($component, $section);

		// Iterate over the children and add to the actions.
		foreach ($this->element->children() as $el)
		{
			if ($el->getName() == 'action')
			{
				$actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'],
					'description' => (string) $el['description']);
			}
		}

		// Get the explicit rules for this asset.
		if ($section == 'component')
		{
			// Need to find the asset id by the name of the component.
			$db = JFactory::getDbo();
			$db->setQuery('SELECT id FROM #__assets WHERE name = ' . $db->quote($component));
			$assetId = (int) $db->loadResult();

			if ($error = $db->getErrorMsg())
			{
				JError::raiseNotice(500, $error);
			}
		}
		else
		{
			// Find the asset id of the content.
			// Note that for global configuration, com_config injects asset_id = 1 into the form.
			$assetId = $this->form->getValue($assetField);
		}

		// Use the compact form for the content rules (deprecated).
		//if (!empty($component) && $section != 'component') {
		//	return JHtml::_('rules.assetFormWidget', $actions, $assetId, $assetId ? null : $component, $this->name, $this->id);
		//}

		// Full width format.

		// Get the rules for just this asset (non-recursive).
		$assetRules = JAccess::getAssetRules($assetId);

		// Get the available user groups.
		$groups = $this->getUserGroups();

		// Build the form control.
		$curLevel = 0;

		// Prepare output
		$html = array();
		$html[] = '<div id="permissions-sliders" class="pane-sliders">';
		$html[] = '<p class="rule-desc">' . JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
		$html[] = '<ul id="rules">';

		// Start a row for each user group.
		foreach ($groups as $group)
		{
			$difLevel = $group->level - $curLevel;

			if ($difLevel > 0)
			{
				$html[] = '<li><ul>';
			}
			else if ($difLevel < 0)
			{
				$html[] = str_repeat('</ul></li>', -$difLevel);
			}

			$html[] = '<li>';

			$html[] = '<div class="panel">';
			$html[] = '<h3 class="pane-toggler title"><a href="javascript:void(0);"><span>';
			$html[] = str_repeat('<span class="level">|&ndash;</span> ', $curLevel = $group->level) . $group->text;
			$html[] = '</span></a></h3>';
			$html[] = '<div class="pane-slider content pane-hide">';
			$html[] = '<div class="mypanel">';
			$html[] = '<table class="group-rules">';
			$html[] = '<thead>';
			$html[] = '<tr>';

			$html[] = '<th class="actions" id="actions-th' . $group->value . '">';
			$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_ACTION') . '</span>';
			$html[] = '</th>';

			$html[] = '<th class="settings" id="settings-th' . $group->value . '">';
			$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_SELECT_SETTING') . '</span>';
			$html[] = '</th>';

			// The calculated setting is not shown for the root group of global configuration.
			$canCalculateSettings = ($group->parent_id || !empty($component));
			if ($canCalculateSettings)
			{
				$html[] = '<th id="aclactionth' . $group->value . '">';
				$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_CALCULATED_SETTING') . '</span>';
				$html[] = '</th>';
			}

			$html[] = '</tr>';
			$html[] = '</thead>';
			$html[] = '<tbody>';

			foreach ($actions as $action)
			{
				$html[] = '<tr>';
				$html[] = '<td headers="actions-th' . $group->value . '">';
				$html[] = '<label class="hasTip" for="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="'
					. htmlspecialchars(JText::_($action->title) . '::' . JText::_($action->description), ENT_COMPAT, 'UTF-8') . '">';
				$html[] = JText::_($action->title);
				$html[] = '</label>';
				$html[] = '</td>';

				$html[] = '<td headers="settings-th' . $group->value . '">';

				$html[] = '<select name="' . $this->name . '[' . $action->name . '][' . $group->value . ']" id="' . $this->id . '_' . $action->name
					. '_' . $group->value . '" title="'
					. JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', JText::_($action->title), trim($group->text)) . '">';

				$inheritedRule = JAccess::checkGroup($group->value, $action->name, $assetId);

				// Get the actual setting for the action for this group.
				$assetRule = $assetRules->allow($action->name, $group->value);

				// Build the dropdowns for the permissions sliders

				// The parent group has "Not Set", all children can rightly "Inherit" from that.
				$html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>'
					. JText::_(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
				$html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED')
					. '</option>';
				$html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED')
					. '</option>';

				$html[] = '</select>&#160; ';

				// If this asset's rule is allowed, but the inherited rule is deny, we have a conflict.
				if (($assetRule === true) && ($inheritedRule === false))
				{
					$html[] = JText::_('JLIB_RULES_CONFLICT');
				}

				$html[] = '</td>';

				// Build the Calculated Settings column.
				// The inherited settings column is not displayed for the root group in global configuration.
				if ($canCalculateSettings)
				{
					$html[] = '<td headers="aclactionth' . $group->value . '">';

					// This is where we show the current effective settings considering currrent group, path and cascade.
					// Check whether this is a component or global. Change the text slightly.

					if (JAccess::checkGroup($group->value, 'core.admin') !== true)
					{
						if ($inheritedRule === null)
						{
							$html[] = '<span class="icon-16-unset">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
						}
						else if ($inheritedRule === true)
						{
							$html[] = '<span class="icon-16-allowed">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
						}
						else if ($inheritedRule === false)
						{
							if ($assetRule === false)
							{
								$html[] = '<span class="icon-16-denied">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
							}
							else
							{
								$html[] = '<span class="icon-16-denied"><span class="icon-16-locked">' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED')
									. '</span></span>';
							}
						}
					}
					else if (!empty($component))
					{
						$html[] = '<span class="icon-16-allowed"><span class="icon-16-locked">' . JText::_('JLIB_RULES_ALLOWED_ADMIN')
							. '</span></span>';
					}
					else
					{
						// Special handling for  groups that have global admin because they can't  be denied.
						// The admin rights can be changed.
						if ($action->name === 'core.admin')
						{
							$html[] = '<span class="icon-16-allowed">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
						}
						elseif ($inheritedRule === false)
						{
							// Other actions cannot be changed.
							$html[] = '<span class="icon-16-denied"><span class="icon-16-locked">'
								. JText::_('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span></span>';
						}
						else
						{
							$html[] = '<span class="icon-16-allowed"><span class="icon-16-locked">' . JText::_('JLIB_RULES_ALLOWED_ADMIN')
								. '</span></span>';
						}
					}

					$html[] = '</td>';
				}

				$html[] = '</tr>';
			}

			$html[] = '</tbody>';
			$html[] = '</table></div>';

			$html[] = '</div></div>';
			$html[] = '</li>';

		}

		$html[] = str_repeat('</ul></li>', $curLevel);
		$html[] = '</ul><div class="rule-notes">';
		if ($section == 'component' || $section == null)
		{
			$html[] = JText::_('JLIB_RULES_SETTING_NOTES');
		}
		else
		{
			$html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM');
		}
		$html[] = '</div></div>';

		$js = "window.addEvent('domready', function(){ new Fx.Accordion($$('div#permissions-sliders.pane-sliders .panel h3.pane-toggler'), $$('div#permissions-sliders.pane-sliders .panel div.pane-slider'), {onActive: function(toggler, i) {toggler.addClass('pane-toggler-down');toggler.removeClass('pane-toggler');i.addClass('pane-down');i.removeClass('pane-hide');Cookie.write('jpanesliders_permissions-sliders"
			. $component
			. "',$$('div#permissions-sliders.pane-sliders .panel h3').indexOf(toggler));},onBackground: function(toggler, i) {toggler.addClass('pane-toggler');toggler.removeClass('pane-toggler-down');i.addClass('pane-hide');i.removeClass('pane-down');},duration: 300,display: "
			. JRequest::getInt('jpanesliders_permissions-sliders' . $component, 0, 'cookie') . ",show: "
			. JRequest::getInt('jpanesliders_permissions-sliders' . $component, 0, 'cookie') . ", alwaysHide:true, opacity: false}); });";

		JFactory::getDocument()->addScriptDeclaration($js);

		return implode("\n", $html);
	}
示例#24
0
 /**
  * Method to duplicate modules.
  *
  * @param   array &$pks An array of primary key IDs.
  *
  * @return  boolean  True if successful.
  *
  * @since   1.6
  * @throws  Exception
  */
 public function duplicate(&$pks)
 {
     $user = JFactory::getUser();
     // Access checks.
     if (!$user->authorise('core.create', 'com_modules')) {
         throw new Exception(JText::_('JERROR_CORE_CREATE_NOT_PERMITTED'));
     }
     $db = $this->getDbo();
     $query = $db->getQuery(true);
     $inserts = array();
     $table = $this->getTable();
     $table_adv = JTable::getInstance('AdvancedModules', 'AdvancedModulesTable');
     foreach ($pks as $pk) {
         if ($table->load($pk, true)) {
             // Reset the id to create a new record.
             $table->id = 0;
             // Alter the title.
             $m = null;
             if (preg_match('#\\((\\d+)\\)$#', $table->title, $m)) {
                 $table->title = preg_replace('#\\(\\d+\\)$#', '(' . ($m[1] + 1) . ')', $table->title);
             }
             $data = $this->generateNewTitle(0, $table->title, $table->position);
             $table->title = $data[0];
             // Unpublish duplicate module
             $table->published = 0;
             if (!$table->check() || !$table->store()) {
                 throw new Exception($table->getError());
             }
             $query->clear()->select($db->quoteName('menuid'))->from($db->quoteName('#__modules_menu'))->where($db->quoteName('moduleid') . ' = ' . (int) $pk);
             $db->setQuery($query);
             $rows = $db->loadColumn();
             foreach ($rows as $menuid) {
                 $inserts[(int) $table->id . '-' . (int) $menuid] = (int) $table->id . ',' . (int) $menuid;
             }
             if ($table->id && !$table_adv->load($table->id)) {
                 $table_adv->moduleid = $table->id;
                 $db->insertObject($table_adv->getTableName(), $table_adv, $table_adv->getKeyName());
             }
             if ($table_adv->load($pk, true)) {
                 $table_adv->moduleid = $table->id;
                 $rules = JAccess::getAssetRules('com_modules.module.' . $pk);
                 $table_adv->setRules($rules);
                 if (!$table_adv->check() || !$table_adv->store()) {
                     throw new Exception($table_adv->getError());
                 }
             }
         } else {
             throw new Exception($table->getError());
         }
     }
     if (!empty($inserts)) {
         // Module-Menu Mapping: Do it in one query
         $query->clear()->insert('#__modules_menu')->columns(array($db->quoteName('moduleid'), $db->quoteName('menuid')));
         foreach ($inserts as $insert) {
             $query->values($insert);
         }
         $db->setQuery($query);
         try {
             $db->execute();
         } catch (RuntimeException $e) {
             return JError::raiseWarning(500, $e->getMessage());
         }
     }
     // Clear modules cache
     $this->cleanCache();
     return true;
 }
示例#25
0
 /**
  * Overloaded bind function to pre-process the params.
  *
  * @param   array  $array   Named array
  * @param   mixed  $ignore  Optional array or list of parameters to ignore
  *
  * @return  null|string  null is operation was satisfactory, otherwise returns an error
  *
  * @see     JTable:bind
  * @since   1.5
  */
 public function bind($array, $ignore = '')
 {
     $input = JFactory::getApplication()->input;
     $task = $input->getString('task', '');
     if ($array['id'] == 0) {
         $array['created_by'] = JFactory::getUser()->id;
     }
     if ($array['id'] == 0) {
         $array['modified_by'] = JFactory::getUser()->id;
     }
     // Support for alias field: alias
     if (empty($array['alias'])) {
         if (empty($array['brand_name'])) {
             $array['alias'] = JFilterOutput::stringURLSafe(date('Y-m-d H:i:s'));
         } else {
             $array['alias'] = JFilterOutput::stringURLSafe(trim($array['brand_name']));
         }
     }
     if (isset($array['params']) && is_array($array['params'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['params']);
         $array['params'] = (string) $registry;
     }
     if (isset($array['metadata']) && is_array($array['metadata'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['metadata']);
         $array['metadata'] = (string) $registry;
     }
     if (!JFactory::getUser()->authorise('core.admin', 'com_akrecipes.brand.' . $array['id'])) {
         $actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_akrecipes/access.xml', "/access/section[@name='brand']/");
         $default_actions = JAccess::getAssetRules('com_akrecipes.brand.' . $array['id'])->getData();
         $array_jaccess = array();
         foreach ($actions as $action) {
             $array_jaccess[$action->name] = $default_actions[$action->name];
         }
         $array['rules'] = $this->JAccessRulestoArray($array_jaccess);
     }
     // Bind the rules for ACL where supported.
     if (isset($array['rules']) && is_array($array['rules'])) {
         $this->setRules($array['rules']);
     }
     return parent::bind($array, $ignore);
 }
示例#26
0
    protected function getInput3()
    {
        $css = 'div[id$="permissions"].tab-pane .control-group .controls {
						margin-left: 0;
					}
					div[id$="permissions"].tab-pane label.hasTooltip {
						float: left;
					}';
        $document = JFactory::getDocument();
        $document->addStyleDeclaration($css);
        JHtml::_('bootstrap.tooltip');
        $section = $this->section;
        $component = $this->component;
        $assetField = $this->assetField;
        $actions = JAccess::getActions($component, $section);
        foreach ($this->element->children() as $el) {
            if ($el->getName() == 'action') {
                $actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'], 'description' => (string) $el['description']);
            }
        }
        $sectionComponentArr = array('component', 'component_category', 'component_listing', 'component_comment', 'component_single_rating', 'component_criteria', 'component_moderator', 'component_field_value');
        if (in_array($section, $sectionComponentArr)) {
            $db = JFactory::getDbo();
            $query = $db->getQuery(true)->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
            $db->setQuery($query);
            $assetId = (int) $db->loadResult();
        } else {
            $assetId = $this->form->getValue($assetField);
        }
        if (strpos($section, '_') != false) {
            $customNameArray = explode('_', $section);
            if (count($customNameArray) == 2) {
                $customName = $customNameArray[1];
                $customName .= '_';
            } elseif (count($customNameArray) > 2) {
                unset($customNameArray[0]);
                $customName = implode('_', $customNameArray);
                $customName .= '_';
            } else {
                $customName = $section . '_';
            }
        } else {
            $customName = '';
        }
        $assetRules = JAccess::getAssetRules($assetId);
        $groups = $this->getUserGroups();
        $html = array();
        $html[] = '<p class="rule-desc">' . JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
        $html[] = '<div id="' . $customName . 'permissions-sliders" class="tabbable tabs-left">';
        $html[] = '<ul class="nav nav-tabs">';
        foreach ($groups as $group) {
            $active = "";
            if ($group->value == 1) {
                $active = "active";
            }
            $html[] = '<li class="' . $active . '">';
            $html[] = '<a href="#' . $customName . 'permission-' . $group->value . '" data-toggle="tab">';
            $html[] = str_repeat('<span class="level">&ndash;</span> ', $curLevel = $group->level) . $group->text;
            $html[] = '</a>';
            $html[] = '</li>';
        }
        $html[] = '</ul>';
        $html[] = '<div class="tab-content">';
        foreach ($groups as $group) {
            $active = "";
            if ($group->value == 1) {
                $active = " active";
            }
            $html[] = '<div class="tab-pane' . $active . '" id="' . $customName . 'permission-' . $group->value . '">';
            $html[] = '<table class="table table-striped">';
            $html[] = '<thead>';
            $html[] = '<tr>';
            $html[] = '<th class="actions" id="actions-th' . $group->value . '">';
            $html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_ACTION') . '</span>';
            $html[] = '</th>';
            $html[] = '<th class="settings" id="settings-th' . $group->value . '">';
            $html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_SELECT_SETTING') . '</span>';
            $html[] = '</th>';
            $canCalculateSettings = $group->parent_id || !empty($component);
            if ($canCalculateSettings) {
                $html[] = '<th id="aclactionth' . $group->value . '">';
                $html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_CALCULATED_SETTING') . '</span>';
                $html[] = '</th>';
            }
            $html[] = '</tr>';
            $html[] = '</thead>';
            $html[] = '<tbody>';
            foreach ($actions as $action) {
                $html[] = '<tr>';
                $html[] = '<td headers="actions-th' . $group->value . '">';
                $html[] = '<label for="' . $this->id . '_' . $action->name . '_' . $group->value . '" class="hasTooltip" title="' . '<strong>' . htmlspecialchars(JText::_($action->title) . '</strong><br/>' . JText::_($action->description), ENT_COMPAT, 'UTF-8') . '">';
                $html[] = JText::_($action->title);
                $html[] = '</label>';
                $html[] = '</td>';
                $html[] = '<td headers="settings-th' . $group->value . '">';
                $this->name = $this->formControl . '[rules]';
                $html[] = '<select class="input-small" name="' . $this->name . '[' . $action->name . '][' . $group->value . ']" id="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', JText::_($action->title), trim($group->text)) . '">';
                $inheritedRule = JAccess::checkGroup($group->value, $action->name, $assetId);
                $assetRule = $assetRules->allow($action->name, $group->value);
                $html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>' . JText::_(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
                $html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED') . '</option>';
                $html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED') . '</option>';
                $html[] = '</select>&#160; ';
                if ($assetRule === true && $inheritedRule === false) {
                    $html[] = JText::_('JLIB_RULES_CONFLICT');
                }
                $html[] = '</td>';
                if ($canCalculateSettings) {
                    $html[] = '<td headers="aclactionth' . $group->value . '">';
                    if (JAccess::checkGroup($group->value, 'core.admin', $assetId) !== true) {
                        if ($inheritedRule === null) {
                            $html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
                        } elseif ($inheritedRule === true) {
                            $html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
                        } elseif ($inheritedRule === false) {
                            if ($assetRule === false) {
                                $html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
                            } else {
                                $html[] = '<span class="label"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED') . '</span>';
                            }
                        }
                    } elseif (!empty($component)) {
                        $html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
                    } else {
                        if ($action->name === 'core.admin') {
                            $html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
                        } elseif ($inheritedRule === false) {
                            $html[] = '<span class="label label-important"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span>';
                        } else {
                            $html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
                        }
                    }
                    $html[] = '</td>';
                }
                $html[] = '</tr>';
            }
            $html[] = '</tbody>';
            $html[] = '</table></div>';
        }
        $html[] = '</div></div>';
        $html[] = '<div class="alert">';
        if ($section == 'component' || $section == null) {
            $html[] = JText::_('JLIB_RULES_SETTING_NOTES');
        } else {
            $html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM');
        }
        $html[] = '</div>';
        $html[] = '<script type="text/javascript">';
        $html[] = 'jQuery(document).ready(function(){';
        $html[] = 'var loadTabFix = function() {';
        $html[] = '     var addClassActive = true;';
        $html[] = '     jQuery("#' . $customName . 'permissions-sliders ul li").each(function(){';
        $html[] = '         if(jQuery(this).hasClass("active")){';
        $html[] = '             addClassActive = false;';
        $html[] = '         }';
        $html[] = '     });';
        $html[] = '     if(addClassActive){';
        $html[] = '         jQuery("#' . $customName . 'permissions-sliders a:first").tab("show");';
        $html[] = '     }';
        $html[] = '}';
        $html[] = 'setTimeout(loadTabFix, 110);';
        $html[] = '});';
        $html[] = '</script>';
        return implode("\n", $html);
    }
示例#27
0
 protected function getAssetRules($component = null, $asset_id = null)
 {
     static $cache = array();
     static $assets = array();
     $db = JFactory::getDbo();
     $query = $db->getQuery(true);
     if (is_null($component)) {
         $component = $this->component;
     }
     if (is_null($asset_id)) {
         $asset_id = $this->asset_id;
     }
     if (!$asset_id) {
         if (isset($assets[$component])) {
             $asset_id = (int) $assets[$component];
         } else {
             // This is a new item, get the asset id of the component
             $query->select($db->quoteName('id'))->from($db->quoteName('#__assets'))->where($db->quoteName('name') . ' = ' . $db->quote($component));
             $db->setQuery($query);
             $assets[$component] = $db->loadResult();
             $asset_id = (int) $assets[$component];
         }
     }
     if (!$asset_id) {
         $asset_id = 1;
     }
     if (isset($cache[$asset_id])) {
         return $cache[$asset_id];
     }
     $cache[$asset_id] = JAccess::getAssetRules($asset_id);
     return $cache[$asset_id];
 }
示例#28
0
 /**
  * Overloaded bind function to pre-process the params.
  *
  * @param   array  $array   Named array
  * @param   mixed  $ignore  Optional array or list of parameters to ignore
  *
  * @return  null|string  null is operation was satisfactory, otherwise returns an error
  *
  * @see     JTable:bind
  * @since   1.5
  */
 public function bind($array, $ignore = '')
 {
     // Support for multiple or not foreign key field: subject
     if (!empty($array['subject'])) {
         if (is_array($array['subject'])) {
             $array['subject'] = implode(',', $array['subject']);
         } else {
             if (strrpos($array['subject'], ',') != false) {
                 $array['subject'] = explode(',', $array['subject']);
             }
         }
     } else {
         $array['subject'] = '';
     }
     // Support for multiple or not foreign key field: category
     if (!empty($array['category'])) {
         if (is_array($array['category'])) {
             $array['category'] = implode(',', $array['category']);
         } else {
             if (strrpos($array['category'], ',') != false) {
                 $array['category'] = explode(',', $array['category']);
             }
         }
     } else {
         $array['category'] = '';
     }
     // Support for checkbox field: keyness
     if (!isset($array['keyness'])) {
         $array['keyness'] = 0;
     }
     // Support for multiple or not foreign key field: frequency
     if (!empty($array['frequency'])) {
         if (is_array($array['frequency'])) {
             $array['frequency'] = implode(',', $array['frequency']);
         } else {
             if (strrpos($array['frequency'], ',') != false) {
                 $array['frequency'] = explode(',', $array['frequency']);
             }
         }
     } else {
         $array['frequency'] = '';
     }
     // Support for multiple or not foreign key field: pos
     if (!empty($array['pos'])) {
         if (is_array($array['pos'])) {
             $array['pos'] = implode(',', $array['pos']);
         } else {
             if (strrpos($array['pos'], ',') != false) {
                 $array['pos'] = explode(',', $array['pos']);
             }
         }
     } else {
         $array['pos'] = '';
     }
     $input = JFactory::getApplication()->input;
     $task = $input->getString('task', '');
     if ($array['id'] == 0) {
         $array['created_by'] = JFactory::getUser()->id;
     }
     if (isset($array['params']) && is_array($array['params'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['params']);
         $array['params'] = (string) $registry;
     }
     if (isset($array['metadata']) && is_array($array['metadata'])) {
         $registry = new JRegistry();
         $registry->loadArray($array['metadata']);
         $array['metadata'] = (string) $registry;
     }
     if (!JFactory::getUser()->authorise('core.admin', 'com_vocab.content.' . $array['id'])) {
         $actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_vocab/access.xml', "/access/section[@name='content']/");
         $default_actions = JAccess::getAssetRules('com_vocab.content.' . $array['id'])->getData();
         $array_jaccess = array();
         foreach ($actions as $action) {
             $array_jaccess[$action->name] = $default_actions[$action->name];
         }
         $array['rules'] = $this->JAccessRulestoArray($array_jaccess);
     }
     // Bind the rules for ACL where supported.
     if (isset($array['rules']) && is_array($array['rules'])) {
         $this->setRules($array['rules']);
     }
     return parent::bind($array, $ignore);
 }
示例#29
0
 /**
  * Method to check JUser object authorisation against an access control
  * object and optionally an access extension object
  *
  * @param   string  $action     The name of the action to check for permission.
  * @param   string  $assetname  The name of the asset on which to perform the action.
  *
  * @return  boolean  True if authorised
  *
  * @since   11.1
  */
 public function authorise($action, $assetname = null)
 {
     // Make sure we only check for core.admin once during the run.
     if ($this->isRoot === null) {
         $this->isRoot = false;
         // Check for the configuration file failsafe.
         $config = JFactory::getConfig();
         $rootUser = $config->get('root_user');
         // The root_user variable can be a numeric user ID or a username.
         if (is_numeric($rootUser) && $this->id > 0 && $this->id == $rootUser) {
             $this->isRoot = true;
         } elseif ($this->username && $this->username == $rootUser) {
             $this->isRoot = true;
         } else {
             // Get all groups against which the user is mapped.
             $identities = $this->getAuthorisedGroups();
             array_unshift($identities, $this->id * -1);
             if (JAccess::getAssetRules(1)->allow('core.admin', $identities)) {
                 $this->isRoot = true;
                 return true;
             }
         }
     }
     return $this->isRoot ? true : JAccess::check($this->id, $action, $assetname);
 }
 /**
  * Tests the JAccess::getAssetRules method.
  *
  * @return  void
  *
  * @since   11.1
  */
 public function testGetAssetRulesTextTrue()
 {
     $access = new JAccess();
     $ObjArrayJrules = $access->getAssetRules('testasset', true);
     $string1 = '{"core.login.site":{"6":1,"2":1},"core.login.admin":{"6":1},"core.login.offline":[],"core.admin":{"8":1},"core.manage":{"7":1},' . '"core.create":{"6":1,"3":1},"core.delete":{"6":1},"core.edit":{"6":1,"4":1},"core.edit.state":{"6":1,"5":1},"core.edit.own":{"6":1,"3":1}}';
     $this->assertThat((string) $ObjArrayJrules, $this->equalTo($string1), 'Invalid asset uses rule from root. Line: ' . __LINE__);
 }