PageRenderTime 30ms CodeModel.GetById 24ms app.highlight 3ms RepoModel.GetById 2ms app.codeStats 0ms

/web/concrete/core/models/permission/keys/custom/add_block_to_area.php

https://github.com/glockops/concrete5
PHP | 106 lines | 93 code | 13 blank | 0 comment | 21 complexity | 50e184abbebc9131e583187dfad68e3b MD5 | raw file
  1<?
  2defined('C5_EXECUTE') or die("Access Denied.");
  3
  4class Concrete5_Model_AddBlockToAreaAreaPermissionKey extends AreaPermissionKey  {
  5
  6	public function copyFromPageToArea() {
  7		$db = Loader::db();
  8		$inheritedPKID = $db->GetOne('select pkID from PermissionKeys where pkHandle = ?', array('add_block'));
  9		$r = $db->Execute('select peID, pa.paID from PermissionAssignments pa inner join PermissionAccessList pal on pa.paID = pal.paID where pkID = ?', array(
 10			$inheritedPKID
 11		));
 12		if ($r) { 
 13			while ($row = $r->FetchRow()) {
 14				$db->Replace('AreaPermissionAssignments', array(
 15					'cID' => $this->permissionObject->getCollectionID(), 
 16					'arHandle' => $this->permissionObject->getAreaHandle(), 
 17					'pkID' => $this->getPermissionKeyID(),
 18					'paID' => $row['paID']
 19				), array('cID', 'arHandle', 'pkID'), true);
 20					
 21				$rx = $db->Execute('select permission from BlockTypePermissionBlockTypeAccessList where paID = ? and peID = ?', array(
 22						$row['paID'], $row['peID']
 23					));
 24				while ($rowx = $rx->FetchRow()) {
 25					$db->Replace('AreaPermissionBlockTypeAccessList', array(
 26						'peID' => $row['peID'],
 27						'permission' => $rowx['permission'],
 28						'paID' => $row['paID']
 29					), array('paID', 'peID'), true);				
 30				}
 31				$db->Execute('delete from AreaPermissionBlockTypeAccessListCustom where paID = ?', array(
 32					$row['paID']
 33				));
 34				$rx = $db->Execute('select btID from BlockTypePermissionBlockTypeAccessListCustom where paID = ? and peID = ?', array(
 35						$row['paID'], $row['peID']
 36					));
 37				while ($rowx = $rx->FetchRow()) {
 38					$db->Replace('AreaPermissionBlockTypeAccessListCustom', array(
 39						'paID' => $row['paID'],
 40						'btID' => $rowx['btID'],
 41						'peID' => $row['peID']
 42					), array('paID', 'peID', 'btID'), true);				
 43				}
 44			}
 45		}
 46	}
 47	
 48
 49	protected function getAllowedBlockTypeIDs() {
 50
 51		$u = new User();
 52		$pae = $this->getPermissionAccessObject();
 53		if (!is_object($pae)) {
 54			return array();
 55		}
 56		
 57		$accessEntities = $u->getUserAccessEntityObjects();
 58		$accessEntities = $pae->validateAndFilterAccessEntities($accessEntities);
 59		$list = $this->getAccessListItems(AreaPermissionKey::ACCESS_TYPE_ALL, $accessEntities);
 60		$list = PermissionDuration::filterByActive($list);
 61		
 62		$db = Loader::db();
 63		$btIDs = array();		
 64		if (count($list) > 0) {
 65			$dsh = Loader::helper('concrete/dashboard');
 66			if ($dsh->inDashboard()) {
 67				$allBTIDs = $db->GetCol('select btID from BlockTypes');
 68			} else { 
 69				$allBTIDs = $db->GetCol('select btID from BlockTypes where btIsInternal = 0');
 70			}
 71			foreach($list as $l) {
 72				if ($l->getBlockTypesAllowedPermission() == 'N') {
 73					$btIDs = array();
 74				}
 75				if ($l->getBlockTypesAllowedPermission() == 'C') {
 76					if ($l->getAccessType() == AreaPermissionKey::ACCESS_TYPE_EXCLUDE) {
 77						$btIDs = array_values(array_diff($btIDs, $l->getBlockTypesAllowedArray()));
 78					} else { 
 79						$btIDs = array_unique(array_merge($btIDs, $l->getBlockTypesAllowedArray()));
 80					}
 81				}
 82				if ($l->getBlockTypesAllowedPermission() == 'A') {
 83					$btIDs = $allBTIDs;
 84				}
 85			}
 86		}
 87
 88		return $btIDs;
 89	}
 90	
 91	public function validate($bt = false) {
 92		$u = new User();
 93		if ($u->isSuperUser()) {
 94			return true;
 95		}
 96
 97		$types = $this->getAllowedBlockTypeIDs();
 98		if ($bt != false) {
 99			return in_array($bt->getBlockTypeID(), $types);
100		} else {
101			return count($types) > 0;
102		}
103	}	
104
105	
106}