Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F1072252
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Wed, Jul 23, 10:28 PM
Size
7 KB
Mime Type
text/x-diff
Expires
Fri, Jul 25, 10:28 PM (6 h, 2 m)
Engine
blob
Format
Raw Data
Handle
694877
Attached To
rINP In-Portal
in-portal
View Options
Index: branches/unlabeled/unlabeled-1.8.2/core/units/permissions/permissions_event_handler.php
===================================================================
--- branches/unlabeled/unlabeled-1.8.2/core/units/permissions/permissions_event_handler.php (revision 7053)
+++ branches/unlabeled/unlabeled-1.8.2/core/units/permissions/permissions_event_handler.php (revision 7054)
@@ -1,211 +1,219 @@
<?php
class PermissionsEventHandler extends kDBEventHandler {
/**
* Allows to override standart permission mapping
*
*/
function mapPermissions()
{
parent::mapPermissions();
$permissions = Array(
'OnGroupSavePermissions' => Array('subitem' => 'advanced:manage_permissions'),
);
$this->permMapping = array_merge($this->permMapping, $permissions);
}
/**
* Save category permissions
*
* @param kEvent $event
*/
function OnCategorySavePermissions(&$event)
{
$group_id = $this->Application->GetVar('current_group_id');
$category_id = $this->Application->GetVar('c_id');
$permissions = $this->Application->GetVar($event->getPrefixSpecial(true));
if (isset($permissions[$group_id])) {
$permissions = $permissions[$group_id];
$object =& $event->getObject( Array('skip_autoload' => true) );
$permissions_helper =& $this->Application->recallObject('PermissionsHelper');
/* @var $permissions_helper kPermissionsHelper */
$permissions_helper->LoadPermissions($group_id, $category_id, 0, 'c');
// format: <perm_name>['inherited'] || <perm_name>['value']
$delete_ids = Array();
$create_sql = Array();
$update_sql = Array();
$create_mask = '(%s,%s,'.$group_id.',%s,0,'.$category_id.')';
$new_id = (int)$this->Conn->GetOne('SELECT MIN('.$object->IDField.') FROM '.$object->TableName);
if($new_id > 0) $new_id = 0;
--$new_id;
foreach ($permissions as $perm_name => $perm_data) {
$inherited = $perm_data['inherited'];
$perm_value = isset($perm_data['value']) ? $perm_data['value'] : false;
$perm_id = $permissions_helper->getPermissionID($perm_name);
if ($inherited && ($perm_id != 0)) {
// permission become inherited (+ direct value was set before) => DELETE
$delete_ids[] = $permissions_helper->getPermissionID($perm_name);
}
if (!$inherited) {
// not inherited
if (($perm_id != 0) && ($perm_value != $permissions_helper->getPermissionValue($perm_name))) {
// record was found in db & new value differs from old one => UPDATE
$update_sql[] = ' UPDATE '.$object->TableName.'
SET PermissionValue = '.$perm_value.'
WHERE (PermissionId = '.$perm_id.')';
}
if ($perm_id == 0) {
// not found in db, but set directly => INSERT
$create_sql[] = sprintf($create_mask, $new_id--, $this->Conn->qstr($perm_name), $this->Conn->qstr($perm_value));
}
}
// permission state was not changed in all other cases
}
$this->UpdatePermissions($event, $create_sql, $update_sql, $delete_ids);
}
$event->MasterEvent->SetRedirectParam('item_prefix', $this->Application->GetVar('item_prefix'));
$event->MasterEvent->SetRedirectParam('group_id', $this->Application->GetVar('group_id'));
}
/**
* Saves permissions while editing group
*
* @param kEvent $event
*/
function OnGroupSavePermissions(&$event)
{
if (!$this->Application->CheckPermission('in-portal:user_groups.advanced:manage_permissions', 1)) {
// no permission to save permissions
return false;
}
$permissions = $this->Application->GetVar($event->getPrefixSpecial(true));
if (!$permissions) {
return false;
}
$object =& $event->getObject( Array('skip_autoload' => true) );
$group_id = $this->Application->GetVar('g_id');
$permissions_helper =& $this->Application->recallObject('PermissionsHelper');
/* @var $permissions_helper kPermissionsHelper */
$permissions_helper->LoadPermissions($group_id, 0, 1, 'g');
$delete_ids = Array();
$create_sql = Array();
$create_mask = '(%s,%s,'.$group_id.',%s,1,0)';
$new_id = (int)$this->Conn->GetOne('SELECT MIN('.$object->IDField.') FROM '.$object->TableName);
if($new_id > 0) $new_id = 0;
--$new_id;
+ $sections_helper =& $this->Application->recallObject('SectionsHelper');
foreach ($permissions as $section_name => $section_permissions) {
+ $section_data =& $sections_helper->getSectionData($section_name);
+
+ if ($section_data && isset($section_data['perm_prefix'])) {
+ // using permission from other prefix
+ $section_name = $this->Application->getUnitOption($section_data['perm_prefix'].'.main', 'PermSection');
+ }
+
foreach ($section_permissions as $perm_name => $perm_value) {
if (!$permissions_helper->isOldPermission($section_name, $perm_name)) {
$perm_name = $section_name.'.'.$perm_name;
}
$db_perm_value = $permissions_helper->getPermissionValue($perm_name);
if ($db_perm_value == 1 && $perm_value == 0) {
// permission was disabled => delete it's record
$delete_ids[] = $permissions_helper->getPermissionID($perm_name);
}
elseif ($db_perm_value == 0 && $perm_value == 1) {
// permission was enabled => created it's record
$create_sql[] = sprintf($create_mask, $new_id--, $this->Conn->qstr($perm_name), $this->Conn->qstr($perm_value));
}
// permission state was not changed in all other cases
}
}
$this->UpdatePermissions($event, $create_sql, Array(), $delete_ids);
if ($this->Application->GetVar('advanced_save') == 1) {
// advanced permission popup [save button]
$this->finalizePopup($event);
// $event->redirect = 'incs/just_close';
}
elseif ($this->Application->GetVar('section_name') != '') {
// save simple permissions before opening advanced permission popup
$event->redirect = false;
}
}
/**
* Apply modification sqls to permissions table
*
* @param kEvent $event
* @param Array $create_sql
* @param Array $update_sql
* @param Array $delete_ids
*/
function UpdatePermissions(&$event, $create_sql, $update_sql, $delete_ids)
{
$object =& $event->getObject();
if ($delete_ids) {
$delete_sql = ' DELETE FROM '.$object->TableName.'
WHERE '.$object->IDField.' IN ('.implode(',', $delete_ids).')';
$this->Conn->Query($delete_sql);
}
if ($create_sql) {
$create_sql = ' INSERT INTO '.$object->TableName.'
VALUES '.implode(',', $create_sql);
$this->Conn->Query($create_sql);
}
if ($update_sql) {
foreach ($update_sql as $sql) {
$this->Conn->Query($sql);
}
}
if ($delete_ids || $create_sql || $update_sql) {
$object->setModifiedFlag();
if ($event->Name == 'OnCategorySavePermissions') {
$this->Application->StoreVar('PermCache_UpdateRequired', 1);
}
}
}
/**
* Don't delete permissions from live table in case of new category creation.
* Called as much times as permission count for categories set, so don't
* perform any sql queries here!
*
* @param kEvent $event
*/
function OnBeforeDeleteFromLive(&$event)
{
if ($event->Prefix == 'c-perm') {
// only when saving category permissions, not group permissions
$foreign_keys = $event->getEventParam('foreign_key');
if ((count($foreign_keys) == 1) && ($foreign_keys[0] == 0)) {
// parent item has zero id
$temp_object =& $this->Application->recallObject('c');
if ($temp_object->isLoaded()) {
// category with id = 0 found in temp table
$event->status = erFAIL;
}
}
}
}
}
?>
\ No newline at end of file
Property changes on: branches/unlabeled/unlabeled-1.8.2/core/units/permissions/permissions_event_handler.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.8.2.1
\ No newline at end of property
+1.8.2.2
\ No newline at end of property
Event Timeline
Log In to Comment