/**
* Initializes the internal kajona session
* @return void
*/
public function initInternalSession()
{
$arrTables = $this->objDB->getTables();
if (!in_array(_dbprefix_ . "session", $arrTables) || class_module_system_setting::getConfigValue("_guests_group_id_") === null) {
return;
}
$this->bitLazyLoaded = true;
if ($this->getSession("KAJONA_INTERNAL_SESSID") !== false) {
$this->objInternalSession = class_module_system_session::getSessionById($this->getSession("KAJONA_INTERNAL_SESSID"));
if ($this->objInternalSession != null && $this->objInternalSession->isSessionValid()) {
$this->objInternalSession->setIntReleasetime(time() + (int) class_module_system_setting::getConfigValue("_system_release_time_"));
$this->objInternalSession->setStrLasturl(getServer("QUERY_STRING"));
} else {
$this->objInternalSession = null;
}
if ($this->objInternalSession != null) {
return;
}
}
//try to load the matching groups
$strGroups = class_module_system_setting::getConfigValue("_guests_group_id_");
if (validateSystemid($this->getUserID())) {
$this->objUser = new class_module_user_user($this->getUserID());
$strGroups = implode(",", $this->objUser->getArrGroupIds());
}
$objSession = new class_module_system_session();
$objSession->setStrPHPSessionId($this->getSessionId());
$objSession->setStrUserid($this->getUserID());
$objSession->setStrGroupids($strGroups);
$objSession->setIntReleasetime(time() + (int) class_module_system_setting::getConfigValue("_system_release_time_"));
$objSession->setStrLasturl(getServer("QUERY_STRING"));
$objSession->setSystemid(generateSystemid());
//this update is removed. the internal session validates on destruct, if an update or an insert is required
//$objSession->updateObjectToDb();
$this->setSession("KAJONA_INTERNAL_SESSID", $objSession->getSystemid());
$this->objInternalSession = $objSession;
}
/**
* Checks if a given user-id is granted the passed permission for the passed systemid.
*
* @param string $strUserid
* @param string $strPermission
* @param string $strSystemid
*
* @return bool
*/
public function checkPermissionForUserId($strUserid, $strPermission, $strSystemid)
{
if ($strSystemid == "") {
return false;
}
if ($this->bitTestMode) {
return true;
}
$arrGroupIds = array();
if (validateSystemid($strUserid)) {
if ($strUserid == $this->objSession->getUserID()) {
$arrGroupIds = $this->objSession->getGroupIdsAsArray();
} else {
$objUser = new class_module_user_user($strUserid);
$arrGroupIds = $objUser->getArrGroupIds();
}
} else {
if (validateSystemid($this->objSession->getUserID())) {
$arrGroupIds = $this->objSession->getGroupIdsAsArray();
} else {
$arrGroupIds[] = class_module_system_setting::getConfigValue("_guests_group_id_");
}
}
foreach ($arrGroupIds as $strOneGroupId) {
if ($this->checkPermissionForGroup($strOneGroupId, $strPermission, $strSystemid)) {
return true;
}
}
return false;
}
/**
* Saves the memberships passed by param
*
* @return string "" in case of success
* @permissions edit
*/
protected function actionSaveMembership()
{
$objUser = new class_module_user_user($this->getSystemid());
$objUsersources = new class_module_user_sourcefactory();
$objSourcesytem = $objUsersources->getUsersource($objUser->getStrSubsystem());
$arrGroups = $objSourcesytem->getAllGroupIds();
$arrUserGroups = $objUser->getArrGroupIds();
//validate possible blocked groups
$objConfig = class_config::getInstance("blockedgroups.php");
$arrBlockedGroups = explode(",", $objConfig->getConfig("blockedgroups"));
//Searching for groups to enter
foreach ($arrGroups as $strSingleGroup) {
$objGroup = new class_module_user_group($strSingleGroup);
//skipped for blocked groups, those won't be updated
if (!$this->isGroupEditable($objGroup)) {
continue;
}
if ($this->getParam($strSingleGroup) != "") {
//add the user to this group
if (!in_array($strSingleGroup, $arrUserGroups)) {
$objGroup->getObjSourceGroup()->addMember($objUser->getObjSourceUser());
} else {
//user is already in the group, remove the marker
foreach ($arrUserGroups as $strKey => $strValue) {
if ($strValue == $strSingleGroup) {
$arrUserGroups[$strKey] = null;
}
}
}
}
}
//check, if the current user is member of the admin-group.
//if not, remain the admin-group as-is
if (!class_carrier::getInstance()->getObjSession()->isSuperAdmin()) {
$intKey = array_search(class_module_system_setting::getConfigValue("_admins_group_id_"), $arrUserGroups);
if ($intKey !== false) {
$arrUserGroups[$intKey] = null;
}
foreach ($arrBlockedGroups as $strOneGroup) {
$intKey = array_search($strOneGroup, $arrUserGroups);
if ($intKey !== false) {
$arrUserGroups[$intKey] = null;
}
}
}
//loop the users' list in order to remove unwanted relations
foreach ($arrUserGroups as $strValue) {
if (validateSystemid($strValue)) {
$objGroup = new class_module_user_group($strValue);
$objGroup->getObjSourceGroup()->removeMember($objUser->getObjSourceUser());
}
}
if ($this->getParam("folderview")) {
$this->adminReload(class_link::getLinkAdminHref($this->getArrModule("modul"), "list", "&peClose=1&blockAction=1"));
} else {
$this->adminReload(class_link::getLinkAdminHref($this->getArrModule("modul"), "list"));
}
}
