$perms->add_acl($access_perms, null, array($anon_role), null, array($non_admin_mods), 1, 1, null, null, 'user');
// Worker has All on non-admin
$perms->add_acl($all_perms, null, array($worker_role), null, array($non_admin_mods), 1, 1, null, null, 'user');
// Set view permissions to users table to guest and worker roles.
$perms->add_acl($view_perms, null, array($worker_role, $guest_role), array('app' => array('users')), null, 1, 1, null, null, 'user');
// Now we have the basic set up we need to create objects for all users
dPmsg('Converting admin user permissions to Administrator Role');
$sql = 'SELECT user_id, user_username, permission_id ' . 'FROM ' . $dbprefix . 'users LEFT JOIN ' . $dbprefix . 'permissions ON permission_user = user_id' . ' WHERE permission_grant_on = ' . "'all'" . " AND permission_item = -1 AND permission_value = -1";
$res = db_exec($sql);
if ($res) {
while ($row = db_fetch_assoc($res)) {
// Add the basic ARO
$perms->add_object('user', $row['user_username'], $row['user_id'], 1, 0, 'aro');
if ($row['permission_id']) {
$perms->add_group_object($admin_role, 'user', $row['user_id'], 'aro');
}
}
}
// Upgrade permissions for custom modules
dPmsg('Searching for add-on modules to add to new permissions');
$sql = 'SELECT mod_directory, mod_name, permissions_item_table FROM ' . $dbprefix . 'modules ' . 'WHERE mod_ui_active = 1 AND mod_type = ' . "'user'";
$custom_modules = db_loadList($sql);
foreach ($custom_modules as $mod) {
$perms->addModule($mod['mod_directory'], $mod['mod_name']);
$perms->addGroupItem($mod['mod_directory'], 'non_admin');
if (isset($mod['permissions_item_table']) && $mod['permissions_item_table']) {
$perms->addModuleSection($mod['permissions_item_table']);
}
}
// Finally we need to regenerate the cached permissions.
$perms->regeneratePermissions();
