Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F800087
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sat, Feb 22, 12:00 AM
Size
17 KB
Mime Type
text/x-diff
Expires
Mon, Feb 24, 12:00 AM (10 h, 22 m)
Engine
blob
Format
Raw Data
Handle
573353
Attached To
rINP In-Portal
in-portal
View Options
Index: branches/5.2.x/core/units/permissions/permissions_event_handler.php
===================================================================
--- branches/5.2.x/core/units/permissions/permissions_event_handler.php (revision 16242)
+++ branches/5.2.x/core/units/permissions/permissions_event_handler.php (revision 16243)
@@ -1,266 +1,261 @@
<?php
/**
* @version $Id$
* @package In-Portal
* @copyright Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
* @license GNU/GPL
* In-Portal is Open Source software.
* This means that this software may have been modified pursuant
* the GNU General Public License, and as distributed it includes
* or is derivative of works licensed under the GNU General Public License
* or other free or open source software licenses.
* See http://www.in-portal.org/license for copyright notices and details.
*/
defined('FULL_PATH') or die('restricted access!');
class PermissionsEventHandler extends kDBEventHandler {
/**
* Allows to override standard permission mapping
*
* @return void
* @access protected
* @see kEventHandler::$permMapping
*/
protected function mapPermissions()
{
parent::mapPermissions();
$permissions = Array (
'OnGroupSavePermissions' => Array ('subitem' => 'advanced:manage_permissions'),
);
$this->permMapping = array_merge($this->permMapping, $permissions);
}
/**
* Save category permissions
*
* @param kEvent $event
*/
function OnCategorySavePermissions($event)
{
$group_id = $this->Application->GetVar('current_group_id');
$category_id = $this->Application->GetVar('c_id');
$permissions = $this->Application->GetVar($event->getPrefixSpecial(true));
if (isset($permissions[$group_id])) {
$permissions = $permissions[$group_id];
$object = $event->getObject( Array('skip_autoload' => true) );
$permissions_helper = $this->Application->recallObject('PermissionsHelper');
/* @var $permissions_helper kPermissionsHelper */
$permissions_helper->LoadPermissions($group_id, $category_id, 0, 'c');
// format: <perm_name>['inherited'] || <perm_name>['value']
$delete_ids = Array();
$create_sql = Array();
$update_sql = Array();
$create_mask = '(%s,%s,'.$group_id.',%s,0,'.$category_id.')';
$new_id = (int)$this->Conn->GetOne('SELECT MIN('.$object->IDField.') FROM '.$object->TableName);
if($new_id > 0) $new_id = 0;
--$new_id;
foreach ($permissions as $perm_name => $perm_data) {
$inherited = $perm_data['inherited'];
$perm_value = isset($perm_data['value']) ? $perm_data['value'] : false;
$perm_id = $permissions_helper->getPermissionID($perm_name);
if ($inherited && ($perm_id != 0)) {
// permission become inherited (+ direct value was set before) => DELETE
$delete_ids[] = $permissions_helper->getPermissionID($perm_name);
}
if (!$inherited) {
// not inherited
if (($perm_id != 0) && ($perm_value != $permissions_helper->getPermissionValue($perm_name))) {
// record was found in db & new value differs from old one => UPDATE
$update_sql[$perm_id] = ' UPDATE '.$object->TableName.'
SET PermissionValue = '.$perm_value.'
WHERE (PermissionId = '.$perm_id.')';
}
if ($perm_id == 0) {
// not found in db, but set directly => INSERT
$create_sql[] = sprintf($create_mask, $new_id--, $this->Conn->qstr($perm_name), $this->Conn->qstr($perm_value));
}
}
// permission state was not changed in all other cases
}
$this->UpdatePermissions($event, $create_sql, $update_sql, $delete_ids);
}
$event->MasterEvent->SetRedirectParam('item_prefix', $this->Application->GetVar('item_prefix'));
$event->MasterEvent->SetRedirectParam('group_id', $this->Application->GetVar('group_id'));
}
/**
* Saves permissions while editing group
*
* @param kEvent $event
*
* @return void
* @access protected
*/
protected function OnGroupSavePermissions($event)
{
if ( !$this->Application->CheckPermission('in-portal:user_groups.advanced:manage_permissions', 1) ) {
// no permission to save permissions
return ;
}
$permissions = $this->Application->GetVar($event->getPrefixSpecial(true));
if ( !$permissions ) {
return ;
}
$object = $event->getObject( Array ('skip_autoload' => true) );
/* @var $object kDBItem */
$group_id = $this->Application->GetVar('g_id');
$permissions_helper = $this->Application->recallObject('PermissionsHelper');
/* @var $permissions_helper kPermissionsHelper */
$permissions_helper->LoadPermissions($group_id, 0, 1, 'g');
$delete_ids = $create_sql = Array ();
$create_mask = '(%s,%s,' . $group_id . ',%s,1,0)';
$new_id = (int)$this->Conn->GetOne('SELECT MIN(' . $object->IDField . ') FROM ' . $object->TableName);
if ( $new_id > 0 ) {
$new_id = 0;
}
--$new_id;
$sections_helper = $this->Application->recallObject('SectionsHelper');
/* @var $sections_helper kSectionsHelper */
foreach ($permissions as $section_name => $section_permissions) {
- $section_data =& $sections_helper->getSectionData($section_name);
-
- if ( $section_data && isset($section_data['perm_prefix']) ) {
- // using permission from other prefix
- $section_name = $this->Application->getUnitOption($section_data['perm_prefix'] . '.main', 'PermSection');
- }
+ $section_name = $sections_helper->getPermSection($section_name);
foreach ($section_permissions as $perm_name => $perm_value) {
if ( !$permissions_helper->isOldPermission($section_name, $perm_name) ) {
$perm_name = $section_name . '.' . $perm_name;
}
$db_perm_value = $permissions_helper->getPermissionValue($perm_name);
if ( $db_perm_value == 1 && $perm_value == 0 ) {
// permission was disabled => delete it's record
$delete_ids[] = $permissions_helper->getPermissionID($perm_name);
}
elseif ( $db_perm_value == 0 && $perm_value == 1 ) {
// permission was enabled => created it's record
$create_sql[$perm_name] = sprintf($create_mask, $new_id--, $this->Conn->qstr($perm_name), $this->Conn->qstr($perm_value));
}
// permission state was not changed in all other cases
}
}
$this->UpdatePermissions($event, $create_sql, Array (), $delete_ids);
if ( $this->Application->GetVar('advanced_save') == 1 ) {
// advanced permission popup [save button]
$this->finalizePopup($event);
// $event->redirect = 'incs/just_close';
}
elseif ( $this->Application->GetVar('section_name') != '' ) {
// save simple permissions before opening advanced permission popup
$event->redirect = false;
}
}
/**
* Apply modification sqls to permissions table
*
* @param kEvent $event
* @param Array $create_sql
* @param Array $update_sql
* @param Array $delete_ids
*/
function UpdatePermissions($event, $create_sql, $update_sql, $delete_ids)
{
$object = $event->getObject();
/* @var $object kDBItem */
if ($delete_ids) {
$action = ChangeLog::DELETE;
$object->Load($delete_ids[count($delete_ids) - 1]);
$delete_sql = ' DELETE FROM '.$object->TableName.'
WHERE '.$object->IDField.' IN ('.implode(',', $delete_ids).')';
$this->Conn->Query($delete_sql);
}
if ($create_sql) {
$create_sql = ' INSERT INTO '.$object->TableName.'
VALUES '.implode(',', $create_sql);
$this->Conn->Query($create_sql);
$sql = 'SELECT MIN(' . $object->IDField . ')
FROM ' . $object->TableName;
$id = $this->Conn->GetOne($sql);
$action = ChangeLog::CREATE;
$object->Load($id);
}
if ($update_sql) {
foreach ($update_sql as $id => $sql) {
$this->Conn->Query($sql);
}
$action = ChangeLog::UPDATE;
$object->Load($id);
$object->SetDBField('PermissionValue', $object->GetDBField('PermissionValue') ? 0 : 1);
}
if ($delete_ids || $create_sql || $update_sql) {
$object->setModifiedFlag($action);
if ($event->Name == 'OnCategorySavePermissions') {
$this->Application->StoreVar('PermCache_UpdateRequired', 1);
}
}
}
/**
* Don't delete permissions from live table in case of new category creation.
* Called as much times as permission count for categories set, so don't
* perform any sql queries here!
*
* @param kEvent $event
* @return void
* @access protected
*/
protected function OnBeforeDeleteFromLive(kEvent $event)
{
parent::OnBeforeDeleteFromLive($event);
if ( $event->Prefix == 'c-perm' ) {
// only when saving category permissions, not group permissions
$foreign_keys = $event->getEventParam('foreign_key');
if ( (count($foreign_keys) == 1) && ($foreign_keys[0] == 0) ) {
// parent item has zero id
$temp_object = $this->Application->recallObject('c');
/* @var $temp_object CategoriesItem */
if ( $temp_object->isLoaded() ) {
// category with id = 0 found in temp table
$event->status = kEvent::erFAIL;
}
}
}
}
-}
\ No newline at end of file
+}
Index: branches/5.2.x/core/units/permissions/permissions_tag_processor.php
===================================================================
--- branches/5.2.x/core/units/permissions/permissions_tag_processor.php (revision 16242)
+++ branches/5.2.x/core/units/permissions/permissions_tag_processor.php (revision 16243)
@@ -1,231 +1,226 @@
<?php
/**
* @version $Id$
* @package In-Portal
* @copyright Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
* @license GNU/GPL
* In-Portal is Open Source software.
* This means that this software may have been modified pursuant
* the GNU General Public License, and as distributed it includes
* or is derivative of works licensed under the GNU General Public License
* or other free or open source software licenses.
* See http://www.in-portal.org/license for copyright notices and details.
*/
defined('FULL_PATH') or die('restricted access!');
class PermissionsTagProcessor extends kDBTagProcessor {
function HasPermission($params)
{
$section_name = $params['section_name'];
$sections_helper = $this->Application->recallObject('SectionsHelper');
/* @var $sections_helper kSectionsHelper */
$section_data =& $sections_helper->getSectionData($section_name);
return array_search($params['perm_name'], $section_data['permissions']) !== false;
}
function HasAdvancedPermissions($params)
{
$section_name = $params['section_name'];
$sections_helper = $this->Application->recallObject('SectionsHelper');
/* @var $sections_helper kSectionsHelper */
$section_data =& $sections_helper->getSectionData($section_name);
$ret = false;
foreach ($section_data['permissions'] as $perm_name) {
if (preg_match('/^advanced:(.*)/', $perm_name)) {
$ret = true;
break;
}
}
return $ret;
}
function PermissionValue($params)
{
$section_name = $params['section_name'];
$perm_name = $params['perm_name'];
$sections_helper = $this->Application->recallObject('SectionsHelper');
/* @var $sections_helper kSectionsHelper */
- $section_data =& $sections_helper->getSectionData($section_name);
-
- if ($section_data && isset($section_data['perm_prefix'])) {
- // using permission from other prefix
- $section_name = $this->Application->getUnitOption($section_data['perm_prefix'].'.main', 'PermSection');
- }
+ $section_name = $sections_helper->getPermSection($section_name);
$permissions_helper = $this->Application->recallObject('PermissionsHelper');
/* @var $permissions_helper kPermissionsHelper */
if (!$permissions_helper->isOldPermission($section_name, $perm_name)) {
$perm_name = $section_name.'.'.$perm_name;
}
return $permissions_helper->getPermissionValue($perm_name);
}
function LoadPermissions($params)
{
$permissions_helper = $this->Application->recallObject('PermissionsHelper');
$prefix_parts = explode('-', $this->Prefix, 2);
/* @var $permissions_helper kPermissionsHelper */
$permissions_helper->LoadPermissions($this->Application->GetVar('g_id'), 0, 1, 'g');
}
function LevelIndicator($params)
{
return $params['level'] * $params['multiply'];
}
function PrintPermissions($params)
{
$category = $this->Application->recallObject('c');
/* @var $category kDBItem */
$group_id = $this->Application->GetVar('group_id');
$prefix = $this->Application->GetVar('item_prefix');
$module = $this->Application->findModule('Var', $prefix, 'Name');
$perm_live_table = $this->Application->getUnitOption('c-perm', 'TableName');
$perm_temp_table = $this->Application->GetTempName($perm_live_table, 'prefix:'.$this->Prefix);
if ($category->GetID() == 0) {
$categories = Array(0);
}
else {
$categories = explode('|', substr($category->GetDBField('ParentPath'), 1, -1));
}
if (count($categories) == 1 || $category->GetID() == 0) {
// category located in root category ("Home") => then add it to path virtually
array_unshift($categories, 0);
}
$this_cat = array_pop($categories);
// get permission name + category position in parent path that has value set for that permission
$case = 'MAX(CASE p.CatId';
foreach ($categories as $pos => $cat_id) {
$case .= ' WHEN '.$cat_id.' THEN '.$pos;
}
$case .= ' END) AS InheritedPosition';
$sql = 'SELECT '.$case.', p.Permission AS Perm
FROM '.$perm_live_table.' p
LEFT JOIN '.TABLE_PREFIX.'CategoryPermissionsConfig pc ON pc.PermissionName = p.Permission
WHERE
p.CatId IN ('.implode(',', $categories).') AND
pc.ModuleId = ' . $this->Conn->qstr($module) . ' AND
(
(p.GroupId = ' . (int)$group_id . ' AND p.Type = 0)
)
GROUP BY Perm';
$perm_positions = $this->Conn->GetCol($sql, 'Perm');
$pos_sql = '';
foreach ($perm_positions as $perm_name => $category_pos) {
$pos_sql .= '(#TABLE_PREFIX#.Permission = "'.$perm_name.'" AND #TABLE_PREFIX#.CatId = '.$categories[$category_pos].') OR ';
}
$pos_sql = $pos_sql ? substr($pos_sql, 0, -4) : '0';
// get all permissions list with iheritence status, inherited category id and permission value
$sql = 'SELECT pc.PermissionName,
pc.Description,
IF (tmp_p.PermissionValue IS NULL AND p.PermissionValue IS NULL,
0,
IF (tmp_p.PermissionValue IS NOT NULL, tmp_p.PermissionValue, p.PermissionValue)
) AS Value,
IF (tmp_p.CatId IS NOT NULL, tmp_p.CatId, IF(p.CatId IS NOT NULL, p.CatId, 0) ) AS InheritedFrom,
IF(tmp_p.CatId = '.$category->GetID().', 0, 1) AS Inherited,
IF(p.PermissionValue IS NOT NULL, p.PermissionValue, 0) AS InheritedValue
FROM '.TABLE_PREFIX.'CategoryPermissionsConfig pc
LEFT JOIN '.$perm_live_table.' p
ON (p.Permission = pc.PermissionName) AND ('.str_replace('#TABLE_PREFIX#', 'p', $pos_sql).') AND (p.GroupId = '.(int)$group_id.')
LEFT JOIN '.$perm_temp_table.' tmp_p
ON (tmp_p.Permission = pc.PermissionName) AND (tmp_p.CatId = '.$this_cat.') AND (tmp_p.GroupId = '.$group_id.')
WHERE ModuleId = "'.$module.'"';
$permissions = $this->Conn->Query($sql);
$ret = '';
$block_params = $this->prepareTagParams($params);
$block_params['name'] = $params['render_as'];
foreach ($permissions as $perm_record) {
$block_params = array_merge($block_params, $perm_record);
$ret .= $this->Application->ParseBlock($block_params);
}
return $ret;
}
/**
* Print module tab for each module
*
* @param Array $params
* @return string
*/
function PrintTabs($params)
{
$ret = '';
$block_params = $params;
foreach ($this->Application->ModuleInfo as $module_name => $module_data) {
if (!$this->Application->prefixRegistred($module_data['Var']) || !$this->Application->getUnitOption($module_data['Var'], 'CatalogItem')) continue;
$params['item_prefix'] = $module_data['Var'];
$ret .= $this->Application->IncludeTemplate($params);
}
return $ret;
}
/**
* Returns category name by ID
*
* @param Array $params
* @return string
* @access protected
*/
protected function CategoryPath($params)
{
$category_id = $params['cat_id'];
$cache_key = 'category_paths[%CIDSerial:' . $category_id . '%][%PhrasesSerial%][Adm:' . (int)$this->Application->isAdmin . ']';
$category_path = $this->Application->getCache($cache_key);
if ( $category_path === false ) {
// not cached
if ( $category_id > 0 ) {
$id_field = $this->Application->getUnitOption('c', 'IDField');
$table_name = $this->Application->getUnitOption('c', 'TableName');
$ml_formatter = $this->Application->recallObject('kMultiLanguage');
/* @var $ml_formatter kMultiLanguage */
$sql = 'SELECT ' . $ml_formatter->LangFieldName('CachedNavbar') . '
FROM ' . $table_name . '
WHERE ' . $id_field . ' = ' . $category_id;
$cached_navbar = preg_replace('/^Content(&\|&){0,1}/i', '', $this->Conn->GetOne($sql));
$category_path = trim($this->CategoryPath(Array ('cat_id' => 0)) . ' > ' . str_replace('&|&', ' > ', $cached_navbar), ' > ');
}
else {
$category_path = $this->Application->Phrase(($this->Application->isAdmin ? 'la_' : 'lu_') . 'rootcategory_name');
}
$this->Application->setCache($cache_key, $category_path);
}
return $category_path;
}
function PermInputName($params)
{
return $this->Prefix.'['.$this->Application->GetVar('group_id').']['.$this->Application->Parser->GetParam('PermissionName').']['.$params['sub_key'].']';
}
- }
\ No newline at end of file
+ }
Event Timeline
Log In to Comment