PageRenderTime 42ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/web/concrete/core/models/permission/keys/custom/view_user_attributes.php

https://github.com/glockops/concrete5
PHP | 93 lines | 77 code | 16 blank | 0 comment | 24 complexity | 064f1a078e7fcef9d144ce7ce13e570f MD5 | raw file
Possible License(s): MIT, LGPL-2.1, BSD-3-Clause
  1. <?
  2. defined('C5_EXECUTE') or die("Access Denied.");
  3. class Concrete5_Model_ViewUserAttributesUserPermissionKey extends UserPermissionKey {
  4. protected function getAllowedAttributeKeyIDs($list = false) {
  5. if (!$list) {
  6. $u = new User();
  7. $accessEntities = $u->getUserAccessEntityObjects();
  8. $list = $this->getAccessListItems(UserPermissionKey::ACCESS_TYPE_ALL, $accessEntities);
  9. $list = PermissionDuration::filterByActive($list);
  10. }
  11. $db = Loader::db();
  12. $allakIDs = $db->GetCol('select akID from UserAttributeKeys');
  13. $akIDs = array();
  14. foreach($list as $l) {
  15. if ($l->getAttributesAllowedPermission() == 'N') {
  16. $akIDs = array();
  17. }
  18. if ($l->getAttributesAllowedPermission() == 'C') {
  19. if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_EXCLUDE) {
  20. $akIDs = array_values(array_diff($akIDs, $l->getAttributesAllowedArray()));
  21. } else {
  22. $akIDs = array_unique(array_merge($akIDs, $l->getAttributesAllowedArray()));
  23. }
  24. }
  25. if ($l->getAttributesAllowedPermission() == 'A') {
  26. $akIDs = $allakIDs;
  27. }
  28. }
  29. return $akIDs;
  30. }
  31. public function getMyAssignment() {
  32. $u = new User();
  33. $asl = new ViewUserAttributesUserPermissionAssignment();
  34. if ($u->isSuperUser()) {
  35. $asl->setAttributesAllowedPermission('A');
  36. return $asl;
  37. }
  38. $pae = $this->getPermissionAccessObject();
  39. if (!is_object($pae)) {
  40. return $asl;
  41. }
  42. $accessEntities = $u->getUserAccessEntityObjects();
  43. $accessEntities = $pae->validateAndFilterAccessEntities($accessEntities);
  44. $list = $this->getAccessListItems(UserPermissionKey::ACCESS_TYPE_ALL, $accessEntities);
  45. $list = PermissionDuration::filterByActive($list);
  46. foreach($list as $l) {
  47. if ($l->getAttributesAllowedPermission() == 'N') {
  48. $asl->setAttributesAllowedPermission('N');
  49. }
  50. if ($l->getAttributesAllowedPermission() == 'C') {
  51. $asl->setAttributesAllowedPermission('C');
  52. }
  53. if ($l->getAttributesAllowedPermission() == 'A') {
  54. $asl->setAttributesAllowedPermission('A');
  55. }
  56. }
  57. $asl->setAttributesAllowedArray($this->getAllowedAttributeKeyIDs($list));
  58. return $asl;
  59. }
  60. public function validate($obj = false) {
  61. $u = new User();
  62. if ($u->isSuperUser()) {
  63. return true;
  64. }
  65. $types = $this->getAllowedAttributeKeyIDs();
  66. if ($obj != false) {
  67. if (is_object($obj)) {
  68. $akID = $obj->getAttributeKeyID();
  69. } else {
  70. $akID = $obj;
  71. }
  72. return in_array($akID, $types);
  73. } else {
  74. return count($types) > 0;
  75. }
  76. }
  77. }