Index: branches/5.2.x/core/units/permissions/permissions_event_handler.php =================================================================== --- branches/5.2.x/core/units/permissions/permissions_event_handler.php (revision 16242) +++ branches/5.2.x/core/units/permissions/permissions_event_handler.php (revision 16243) @@ -1,266 +1,261 @@ Array ('subitem' => 'advanced:manage_permissions'), ); $this->permMapping = array_merge($this->permMapping, $permissions); } /** * Save category permissions * * @param kEvent $event */ function OnCategorySavePermissions($event) { $group_id = $this->Application->GetVar('current_group_id'); $category_id = $this->Application->GetVar('c_id'); $permissions = $this->Application->GetVar($event->getPrefixSpecial(true)); if (isset($permissions[$group_id])) { $permissions = $permissions[$group_id]; $object = $event->getObject( Array('skip_autoload' => true) ); $permissions_helper = $this->Application->recallObject('PermissionsHelper'); /* @var $permissions_helper kPermissionsHelper */ $permissions_helper->LoadPermissions($group_id, $category_id, 0, 'c'); // format: ['inherited'] || ['value'] $delete_ids = Array(); $create_sql = Array(); $update_sql = Array(); $create_mask = '(%s,%s,'.$group_id.',%s,0,'.$category_id.')'; $new_id = (int)$this->Conn->GetOne('SELECT MIN('.$object->IDField.') FROM '.$object->TableName); if($new_id > 0) $new_id = 0; --$new_id; foreach ($permissions as $perm_name => $perm_data) { $inherited = $perm_data['inherited']; $perm_value = isset($perm_data['value']) ? $perm_data['value'] : false; $perm_id = $permissions_helper->getPermissionID($perm_name); if ($inherited && ($perm_id != 0)) { // permission become inherited (+ direct value was set before) => DELETE $delete_ids[] = $permissions_helper->getPermissionID($perm_name); } if (!$inherited) { // not inherited if (($perm_id != 0) && ($perm_value != $permissions_helper->getPermissionValue($perm_name))) { // record was found in db & new value differs from old one => UPDATE $update_sql[$perm_id] = ' UPDATE '.$object->TableName.' SET PermissionValue = '.$perm_value.' WHERE (PermissionId = '.$perm_id.')'; } if ($perm_id == 0) { // not found in db, but set directly => INSERT $create_sql[] = sprintf($create_mask, $new_id--, $this->Conn->qstr($perm_name), $this->Conn->qstr($perm_value)); } } // permission state was not changed in all other cases } $this->UpdatePermissions($event, $create_sql, $update_sql, $delete_ids); } $event->MasterEvent->SetRedirectParam('item_prefix', $this->Application->GetVar('item_prefix')); $event->MasterEvent->SetRedirectParam('group_id', $this->Application->GetVar('group_id')); } /** * Saves permissions while editing group * * @param kEvent $event * * @return void * @access protected */ protected function OnGroupSavePermissions($event) { if ( !$this->Application->CheckPermission('in-portal:user_groups.advanced:manage_permissions', 1) ) { // no permission to save permissions return ; } $permissions = $this->Application->GetVar($event->getPrefixSpecial(true)); if ( !$permissions ) { return ; } $object = $event->getObject( Array ('skip_autoload' => true) ); /* @var $object kDBItem */ $group_id = $this->Application->GetVar('g_id'); $permissions_helper = $this->Application->recallObject('PermissionsHelper'); /* @var $permissions_helper kPermissionsHelper */ $permissions_helper->LoadPermissions($group_id, 0, 1, 'g'); $delete_ids = $create_sql = Array (); $create_mask = '(%s,%s,' . $group_id . ',%s,1,0)'; $new_id = (int)$this->Conn->GetOne('SELECT MIN(' . $object->IDField . ') FROM ' . $object->TableName); if ( $new_id > 0 ) { $new_id = 0; } --$new_id; $sections_helper = $this->Application->recallObject('SectionsHelper'); /* @var $sections_helper kSectionsHelper */ foreach ($permissions as $section_name => $section_permissions) { - $section_data =& $sections_helper->getSectionData($section_name); - - if ( $section_data && isset($section_data['perm_prefix']) ) { - // using permission from other prefix - $section_name = $this->Application->getUnitOption($section_data['perm_prefix'] . '.main', 'PermSection'); - } + $section_name = $sections_helper->getPermSection($section_name); foreach ($section_permissions as $perm_name => $perm_value) { if ( !$permissions_helper->isOldPermission($section_name, $perm_name) ) { $perm_name = $section_name . '.' . $perm_name; } $db_perm_value = $permissions_helper->getPermissionValue($perm_name); if ( $db_perm_value == 1 && $perm_value == 0 ) { // permission was disabled => delete it's record $delete_ids[] = $permissions_helper->getPermissionID($perm_name); } elseif ( $db_perm_value == 0 && $perm_value == 1 ) { // permission was enabled => created it's record $create_sql[$perm_name] = sprintf($create_mask, $new_id--, $this->Conn->qstr($perm_name), $this->Conn->qstr($perm_value)); } // permission state was not changed in all other cases } } $this->UpdatePermissions($event, $create_sql, Array (), $delete_ids); if ( $this->Application->GetVar('advanced_save') == 1 ) { // advanced permission popup [save button] $this->finalizePopup($event); // $event->redirect = 'incs/just_close'; } elseif ( $this->Application->GetVar('section_name') != '' ) { // save simple permissions before opening advanced permission popup $event->redirect = false; } } /** * Apply modification sqls to permissions table * * @param kEvent $event * @param Array $create_sql * @param Array $update_sql * @param Array $delete_ids */ function UpdatePermissions($event, $create_sql, $update_sql, $delete_ids) { $object = $event->getObject(); /* @var $object kDBItem */ if ($delete_ids) { $action = ChangeLog::DELETE; $object->Load($delete_ids[count($delete_ids) - 1]); $delete_sql = ' DELETE FROM '.$object->TableName.' WHERE '.$object->IDField.' IN ('.implode(',', $delete_ids).')'; $this->Conn->Query($delete_sql); } if ($create_sql) { $create_sql = ' INSERT INTO '.$object->TableName.' VALUES '.implode(',', $create_sql); $this->Conn->Query($create_sql); $sql = 'SELECT MIN(' . $object->IDField . ') FROM ' . $object->TableName; $id = $this->Conn->GetOne($sql); $action = ChangeLog::CREATE; $object->Load($id); } if ($update_sql) { foreach ($update_sql as $id => $sql) { $this->Conn->Query($sql); } $action = ChangeLog::UPDATE; $object->Load($id); $object->SetDBField('PermissionValue', $object->GetDBField('PermissionValue') ? 0 : 1); } if ($delete_ids || $create_sql || $update_sql) { $object->setModifiedFlag($action); if ($event->Name == 'OnCategorySavePermissions') { $this->Application->StoreVar('PermCache_UpdateRequired', 1); } } } /** * Don't delete permissions from live table in case of new category creation. * Called as much times as permission count for categories set, so don't * perform any sql queries here! * * @param kEvent $event * @return void * @access protected */ protected function OnBeforeDeleteFromLive(kEvent $event) { parent::OnBeforeDeleteFromLive($event); if ( $event->Prefix == 'c-perm' ) { // only when saving category permissions, not group permissions $foreign_keys = $event->getEventParam('foreign_key'); if ( (count($foreign_keys) == 1) && ($foreign_keys[0] == 0) ) { // parent item has zero id $temp_object = $this->Application->recallObject('c'); /* @var $temp_object CategoriesItem */ if ( $temp_object->isLoaded() ) { // category with id = 0 found in temp table $event->status = kEvent::erFAIL; } } } } -} \ No newline at end of file +} Index: branches/5.2.x/core/units/permissions/permissions_tag_processor.php =================================================================== --- branches/5.2.x/core/units/permissions/permissions_tag_processor.php (revision 16242) +++ branches/5.2.x/core/units/permissions/permissions_tag_processor.php (revision 16243) @@ -1,231 +1,226 @@ Application->recallObject('SectionsHelper'); /* @var $sections_helper kSectionsHelper */ $section_data =& $sections_helper->getSectionData($section_name); return array_search($params['perm_name'], $section_data['permissions']) !== false; } function HasAdvancedPermissions($params) { $section_name = $params['section_name']; $sections_helper = $this->Application->recallObject('SectionsHelper'); /* @var $sections_helper kSectionsHelper */ $section_data =& $sections_helper->getSectionData($section_name); $ret = false; foreach ($section_data['permissions'] as $perm_name) { if (preg_match('/^advanced:(.*)/', $perm_name)) { $ret = true; break; } } return $ret; } function PermissionValue($params) { $section_name = $params['section_name']; $perm_name = $params['perm_name']; $sections_helper = $this->Application->recallObject('SectionsHelper'); /* @var $sections_helper kSectionsHelper */ - $section_data =& $sections_helper->getSectionData($section_name); - - if ($section_data && isset($section_data['perm_prefix'])) { - // using permission from other prefix - $section_name = $this->Application->getUnitOption($section_data['perm_prefix'].'.main', 'PermSection'); - } + $section_name = $sections_helper->getPermSection($section_name); $permissions_helper = $this->Application->recallObject('PermissionsHelper'); /* @var $permissions_helper kPermissionsHelper */ if (!$permissions_helper->isOldPermission($section_name, $perm_name)) { $perm_name = $section_name.'.'.$perm_name; } return $permissions_helper->getPermissionValue($perm_name); } function LoadPermissions($params) { $permissions_helper = $this->Application->recallObject('PermissionsHelper'); $prefix_parts = explode('-', $this->Prefix, 2); /* @var $permissions_helper kPermissionsHelper */ $permissions_helper->LoadPermissions($this->Application->GetVar('g_id'), 0, 1, 'g'); } function LevelIndicator($params) { return $params['level'] * $params['multiply']; } function PrintPermissions($params) { $category = $this->Application->recallObject('c'); /* @var $category kDBItem */ $group_id = $this->Application->GetVar('group_id'); $prefix = $this->Application->GetVar('item_prefix'); $module = $this->Application->findModule('Var', $prefix, 'Name'); $perm_live_table = $this->Application->getUnitOption('c-perm', 'TableName'); $perm_temp_table = $this->Application->GetTempName($perm_live_table, 'prefix:'.$this->Prefix); if ($category->GetID() == 0) { $categories = Array(0); } else { $categories = explode('|', substr($category->GetDBField('ParentPath'), 1, -1)); } if (count($categories) == 1 || $category->GetID() == 0) { // category located in root category ("Home") => then add it to path virtually array_unshift($categories, 0); } $this_cat = array_pop($categories); // get permission name + category position in parent path that has value set for that permission $case = 'MAX(CASE p.CatId'; foreach ($categories as $pos => $cat_id) { $case .= ' WHEN '.$cat_id.' THEN '.$pos; } $case .= ' END) AS InheritedPosition'; $sql = 'SELECT '.$case.', p.Permission AS Perm FROM '.$perm_live_table.' p LEFT JOIN '.TABLE_PREFIX.'CategoryPermissionsConfig pc ON pc.PermissionName = p.Permission WHERE p.CatId IN ('.implode(',', $categories).') AND pc.ModuleId = ' . $this->Conn->qstr($module) . ' AND ( (p.GroupId = ' . (int)$group_id . ' AND p.Type = 0) ) GROUP BY Perm'; $perm_positions = $this->Conn->GetCol($sql, 'Perm'); $pos_sql = ''; foreach ($perm_positions as $perm_name => $category_pos) { $pos_sql .= '(#TABLE_PREFIX#.Permission = "'.$perm_name.'" AND #TABLE_PREFIX#.CatId = '.$categories[$category_pos].') OR '; } $pos_sql = $pos_sql ? substr($pos_sql, 0, -4) : '0'; // get all permissions list with iheritence status, inherited category id and permission value $sql = 'SELECT pc.PermissionName, pc.Description, IF (tmp_p.PermissionValue IS NULL AND p.PermissionValue IS NULL, 0, IF (tmp_p.PermissionValue IS NOT NULL, tmp_p.PermissionValue, p.PermissionValue) ) AS Value, IF (tmp_p.CatId IS NOT NULL, tmp_p.CatId, IF(p.CatId IS NOT NULL, p.CatId, 0) ) AS InheritedFrom, IF(tmp_p.CatId = '.$category->GetID().', 0, 1) AS Inherited, IF(p.PermissionValue IS NOT NULL, p.PermissionValue, 0) AS InheritedValue FROM '.TABLE_PREFIX.'CategoryPermissionsConfig pc LEFT JOIN '.$perm_live_table.' p ON (p.Permission = pc.PermissionName) AND ('.str_replace('#TABLE_PREFIX#', 'p', $pos_sql).') AND (p.GroupId = '.(int)$group_id.') LEFT JOIN '.$perm_temp_table.' tmp_p ON (tmp_p.Permission = pc.PermissionName) AND (tmp_p.CatId = '.$this_cat.') AND (tmp_p.GroupId = '.$group_id.') WHERE ModuleId = "'.$module.'"'; $permissions = $this->Conn->Query($sql); $ret = ''; $block_params = $this->prepareTagParams($params); $block_params['name'] = $params['render_as']; foreach ($permissions as $perm_record) { $block_params = array_merge($block_params, $perm_record); $ret .= $this->Application->ParseBlock($block_params); } return $ret; } /** * Print module tab for each module * * @param Array $params * @return string */ function PrintTabs($params) { $ret = ''; $block_params = $params; foreach ($this->Application->ModuleInfo as $module_name => $module_data) { if (!$this->Application->prefixRegistred($module_data['Var']) || !$this->Application->getUnitOption($module_data['Var'], 'CatalogItem')) continue; $params['item_prefix'] = $module_data['Var']; $ret .= $this->Application->IncludeTemplate($params); } return $ret; } /** * Returns category name by ID * * @param Array $params * @return string * @access protected */ protected function CategoryPath($params) { $category_id = $params['cat_id']; $cache_key = 'category_paths[%CIDSerial:' . $category_id . '%][%PhrasesSerial%][Adm:' . (int)$this->Application->isAdmin . ']'; $category_path = $this->Application->getCache($cache_key); if ( $category_path === false ) { // not cached if ( $category_id > 0 ) { $id_field = $this->Application->getUnitOption('c', 'IDField'); $table_name = $this->Application->getUnitOption('c', 'TableName'); $ml_formatter = $this->Application->recallObject('kMultiLanguage'); /* @var $ml_formatter kMultiLanguage */ $sql = 'SELECT ' . $ml_formatter->LangFieldName('CachedNavbar') . ' FROM ' . $table_name . ' WHERE ' . $id_field . ' = ' . $category_id; $cached_navbar = preg_replace('/^Content(&\|&){0,1}/i', '', $this->Conn->GetOne($sql)); $category_path = trim($this->CategoryPath(Array ('cat_id' => 0)) . ' > ' . str_replace('&|&', ' > ', $cached_navbar), ' > '); } else { $category_path = $this->Application->Phrase(($this->Application->isAdmin ? 'la_' : 'lu_') . 'rootcategory_name'); } $this->Application->setCache($cache_key, $category_path); } return $category_path; } function PermInputName($params) { return $this->Prefix.'['.$this->Application->GetVar('group_id').']['.$this->Application->Parser->GetParam('PermissionName').']['.$params['sub_key'].']'; } - } \ No newline at end of file + }