disabled<?php } ?> > <option value=1<?php if (TBGSettings::isPermissive()) { ?> selected<?php } ?> ><?php echo __('Permissive'); ?> </option> <option value=0<?php if (!TBGSettings::isPermissive()) { ?> selected<?php } ?> ><?php echo __('Restrictive'); ?> </option> </select> </td> </tr> <tr> <td class="config_explanation" colspan="2"> <?php echo __("%restrictive: With this security policy, users don't automatically get access to projects, modules, etc., but must be granted access specifically.", array('%restrictive' => '<b>' . __('Restrictive') . '</b>'));
/** * Return if the user can create public saved searches * * @return boolean */ public function canCreatePublicSearches() { return $this->_dualPermissionsCheck('cancreatepublicsearches', 0, 'canfindissuesandsavesearches', 0, TBGSettings::isPermissive()); }
/** * Return if the user can delete own comment * * @return boolean */ public function canUserDeleteOwnComment() { $retval = $this->_canPermissionOrSeeAndEditComments('candeletecommentsown'); return $retval !== null ? $retval : TBGSettings::isPermissive(); }
public function canUserSet(TBGUser $user) { $retval = $user->hasPermission($this->getPermissionsKey(), $this->getID(), 'core', true); $retval = $retval === null ? $user->hasPermission($this->getPermissionsKey(), 0, 'core', true) : $retval; return $retval !== null ? $retval : TBGSettings::isPermissive(); }
/** * Check to see if a specified user/group/team has access * * @param string $permission_type The permission type * @param integer $uid The user id for which the permission is valid, 0 for all * @param integer $gid The group id for which the permission is valid, 0 for all * @param integer $tid The team id for which the permission is valid, 0 for all * @param integer $target_id[optional] The target id * @param string $module_name[optional] The name of the module for which the permission is valid * @param boolean $explicit[optional] whether to check for an explicit permission and return false if not set * @param boolean $permissive[optional] whether to return false or true when explicit fails * * @return unknown_type */ public static function checkPermission($permission_type, $uid, $gid, $tid, $target_id = 0, $module_name = 'core', $explicit = false, $permissive = false) { $uid = (int) $uid; $gid = (int) $gid; if (array_key_exists($module_name, self::$_permissions) && array_key_exists($permission_type, self::$_permissions[$module_name]) && (array_key_exists($target_id, self::$_permissions[$module_name][$permission_type]) || $target_id === null)) { if (array_key_exists(0, self::$_permissions[$module_name][$permission_type])) { $permissions_notarget = self::$_permissions[$module_name][$permission_type][0]; } $permissions_target = array_key_exists($target_id, self::$_permissions[$module_name][$permission_type]) ? self::$_permissions[$module_name][$permission_type][$target_id] : array(); $retval = self::_permissionsCheck($permissions_target, $uid, $gid, $tid); if (array_key_exists(0, self::$_permissions[$module_name][$permission_type])) { $retval = $retval !== null ? $retval : self::_permissionsCheck($permissions_notarget, $uid, $gid, $tid); } if ($retval !== null) { return $retval; } } if ($explicit) { return $permissive; } return TBGSettings::isPermissive(); }
/** * Return if the user can report new issues * * @param integer $product_id[optional] A product id * @return boolean */ public function canReportIssues($project_id = null) { $retval = null; if ($project_id !== null) { if (is_numeric($project_id)) { $project_id = TBGContext::factory()->TBGProject($project_id); } $project_id = $project_id instanceof TBGProject ? $project_id->getID() : $project_id; $retval = $this->hasPermission('cancreateissues', $project_id, 'core', true, null); $retval = $retval !== null ? $retval : $this->hasPermission('cancreateandeditissues', $project_id, 'core', true, null); } $retval = $retval !== null ? $retval : $this->hasPermission('cancreateissues', 0, 'core', true, null); $retval = $retval !== null ? $retval : $this->hasPermission('cancreateandeditissues', 0, 'core', true, null); return $retval !== null ? $retval : TBGSettings::isPermissive(); }
if (is_bool($val)) { ?> <?php $image_tag = $val ? image_tag('permission_set_ok.png') : image_tag('permission_set_denied.png'); ?> <?php } elseif ($mode == 'datatype') { ?> <?php $image_tag = image_tag('permission_set_unset.png'); ?> <?php } elseif ($mode == 'general' && $type == 'everyone') { ?> <?php $image_tag = TBGSettings::isPermissive() ? image_tag('permission_unset_ok.png') : image_tag('permission_unset_denied.png'); ?> <?php } elseif ($mode == 'configuration' && $type == 'everyone') { ?> <?php $image_tag = image_tag('permission_unset_denied.png'); ?> <?php } elseif ($mode == 'pages' && $type == 'everyone') { ?> <?php $image_tag = image_tag('permission_unset_ok.png'); ?> <?php } elseif ($mode == 'user' && $type == 'everyone') {
protected function _canPermissionsOrExtraInformation($permission) { if (isset($this->_can_permission_cache[$permission])) { return $this->_can_permission_cache[$permission]; } $retval = $this->_permissionCheck($permission); $retval = $retval === null ? $this->canAddExtraInformation() : $retval; $this->_can_permission_cache[$permission] = $retval; return $retval !== null ? $retval : TBGSettings::isPermissive(); }
protected function _dualPermissionsCheck($permission_1, $permission_2, $fallback = null) { $retval = $this->permissionCheck($permission_1); $retval = $retval === null ? $this->permissionCheck($permission_2) : $retval; if ($retval !== null) { return $retval; } else { return $fallback !== null ? $fallback : TBGSettings::isPermissive(); } }