PageRenderTime 49ms CodeModel.GetById 22ms RepoModel.GetById 0ms app.codeStats 0ms

/web/concrete/core/models/permission/keys/custom/add_block_to_area.php

https://github.com/glockops/concrete5
PHP | 106 lines | 93 code | 13 blank | 0 comment | 21 complexity | 50e184abbebc9131e583187dfad68e3b MD5 | raw file
Possible License(s): MIT, LGPL-2.1, BSD-3-Clause 
    

  1. <?

    2. 

  2. defined('C5_EXECUTE') or die("Access Denied.");

    3. 

  3. 

    4. 

  4. class Concrete5_Model_AddBlockToAreaAreaPermissionKey extends AreaPermissionKey  {

    5. 

  5. 

    6. 

  6. 	public function copyFromPageToArea() {

    7. 

  7. 		$db = Loader::db();

    8. 

  8. 		$inheritedPKID = $db->GetOne('select pkID from PermissionKeys where pkHandle = ?', array('add_block'));

    9. 

  9. 		$r = $db->Execute('select peID, pa.paID from PermissionAssignments pa inner join PermissionAccessList pal on pa.paID = pal.paID where pkID = ?', array(

    10. 

  10. 			$inheritedPKID

    11. 

  11. 		));

    12. 

  12. 		if ($r) { 

    13. 

  13. 			while ($row = $r->FetchRow()) {

    14. 

  14. 				$db->Replace('AreaPermissionAssignments', array(

    15. 

  15. 					'cID' => $this->permissionObject->getCollectionID(), 

    16. 

  16. 					'arHandle' => $this->permissionObject->getAreaHandle(), 

    17. 

  17. 					'pkID' => $this->getPermissionKeyID(),

    18. 

  18. 					'paID' => $row['paID']

    19. 

  19. 				), array('cID', 'arHandle', 'pkID'), true);

    20. 

  20. 					

    21. 

  21. 				$rx = $db->Execute('select permission from BlockTypePermissionBlockTypeAccessList where paID = ? and peID = ?', array(

    22. 

  22. 						$row['paID'], $row['peID']

    23. 

  23. 					));

    24. 

  24. 				while ($rowx = $rx->FetchRow()) {

    25. 

  25. 					$db->Replace('AreaPermissionBlockTypeAccessList', array(

    26. 

  26. 						'peID' => $row['peID'],

    27. 

  27. 						'permission' => $rowx['permission'],

    28. 

  28. 						'paID' => $row['paID']

    29. 

  29. 					), array('paID', 'peID'), true);				

    30. 

  30. 				}

    31. 

  31. 				$db->Execute('delete from AreaPermissionBlockTypeAccessListCustom where paID = ?', array(

    32. 

  32. 					$row['paID']

    33. 

  33. 				));

    34. 

  34. 				$rx = $db->Execute('select btID from BlockTypePermissionBlockTypeAccessListCustom where paID = ? and peID = ?', array(

    35. 

  35. 						$row['paID'], $row['peID']

    36. 

  36. 					));

    37. 

  37. 				while ($rowx = $rx->FetchRow()) {

    38. 

  38. 					$db->Replace('AreaPermissionBlockTypeAccessListCustom', array(

    39. 

  39. 						'paID' => $row['paID'],

    40. 

  40. 						'btID' => $rowx['btID'],

    41. 

  41. 						'peID' => $row['peID']

    42. 

  42. 					), array('paID', 'peID', 'btID'), true);				

    43. 

  43. 				}

    44. 

  44. 			}

    45. 

  45. 		}

    46. 

  46. 	}

    47. 

  47. 	

    48. 

  48. 

    49. 

  49. 	protected function getAllowedBlockTypeIDs() {

    50. 

  50. 

    51. 

  51. 		$u = new User();

    52. 

  52. 		$pae = $this->getPermissionAccessObject();

    53. 

  53. 		if (!is_object($pae)) {

    54. 

  54. 			return array();

    55. 

  55. 		}

    56. 

  56. 		

    57. 

  57. 		$accessEntities = $u->getUserAccessEntityObjects();

    58. 

  58. 		$accessEntities = $pae->validateAndFilterAccessEntities($accessEntities);

    59. 

  59. 		$list = $this->getAccessListItems(AreaPermissionKey::ACCESS_TYPE_ALL, $accessEntities);

    60. 

  60. 		$list = PermissionDuration::filterByActive($list);

    61. 

  61. 		

    62. 

  62. 		$db = Loader::db();

    63. 

  63. 		$btIDs = array();		

    64. 

  64. 		if (count($list) > 0) {

    65. 

  65. 			$dsh = Loader::helper('concrete/dashboard');

    66. 

  66. 			if ($dsh->inDashboard()) {

    67. 

  67. 				$allBTIDs = $db->GetCol('select btID from BlockTypes');

    68. 

  68. 			} else { 

    69. 

  69. 				$allBTIDs = $db->GetCol('select btID from BlockTypes where btIsInternal = 0');

    70. 

  70. 			}

    71. 

  71. 			foreach($list as $l) {

    72. 

  72. 				if ($l->getBlockTypesAllowedPermission() == 'N') {

    73. 

  73. 					$btIDs = array();

    74. 

  74. 				}

    75. 

  75. 				if ($l->getBlockTypesAllowedPermission() == 'C') {

    76. 

  76. 					if ($l->getAccessType() == AreaPermissionKey::ACCESS_TYPE_EXCLUDE) {

    77. 

  77. 						$btIDs = array_values(array_diff($btIDs, $l->getBlockTypesAllowedArray()));

    78. 

  78. 					} else { 

    79. 

  79. 						$btIDs = array_unique(array_merge($btIDs, $l->getBlockTypesAllowedArray()));

    80. 

  80. 					}

    81. 

  81. 				}

    82. 

  82. 				if ($l->getBlockTypesAllowedPermission() == 'A') {

    83. 

  83. 					$btIDs = $allBTIDs;

    84. 

  84. 				}

    85. 

  85. 			}

    86. 

  86. 		}

    87. 

  87. 

    88. 

  88. 		return $btIDs;

    89. 

  89. 	}

    90. 

  90. 	

    91. 

  91. 	public function validate($bt = false) {

    92. 

  92. 		$u = new User();

    93. 

  93. 		if ($u->isSuperUser()) {

    94. 

  94. 			return true;

    95. 

  95. 		}

    96. 

  96. 

    97. 

  97. 		$types = $this->getAllowedBlockTypeIDs();

    98. 

  98. 		if ($bt != false) {

    99. 

  99. 			return in_array($bt->getBlockTypeID(), $types);

    100. 

  100. 		} else {

    101. 

  101. 			return count($types) > 0;

    102. 

  102. 		}

    103. 

  103. 	}	

    104. 

  104. 

    105. 

  105. 	

    106. 

  106. }

    107. 

  107.