var $fullRights = "ADESPIM";
- function listPermsFromGroupIds($grps, $isAdmin=false) {
+
+ function groupsWithRights($rightname, $right)
+ {
+ $t = clone($this);
+ $t->rightname = $rightname;
+ $t->whereAdd("accessmask like '{$this->escape($right)}'");
+ $t->selectAdd();
+ $t->selectAdd('distinct(group_id) as group_id');
+ return $t->fetchAll('group_id');
+
+ }
+
+
+ function listPermsFromGroupIds($grps, $isAdmin=false, $isOwner = false) {
$t = clone($this);
$t->whereAdd('group_id IN ('. implode(',', $grps).')');
+ $t->autoJoin();
$t->find();
- $ret = array();
+
+ $ret = array();
while($t->fetch()) {
+
+
+
+
if (isset($ret[$t->rightname])) {
$ret[$t->rightname] = $this->mergeMask($ret[$t->rightname], $t->accessmask);
continue;
}
// blank out rights that are disabled by the system..
$defs = $this->defaultPermData();
+
+
+
//echo "<PRE>";print_r($defs);
$r = array();
foreach($defs as $k=>$v) {
+
+
+
if (empty($v[0])) { // delete right if not there..
$r[$k] = '';
continue;
if (isset($ret[$k])) {
if (empty($ret[$k]) && $isAdmin) {
- $r[$k] = $v[0];
+ $r[$k] = $v[0] ; // -- it's admin they get rights... can not be disabled..
continue;
}
-
+ // in theory non-owners could sneak in rights here..??
$r[$k] = $ret[$k];
continue;
}
// not set contition...
+ if (!$isOwner) {
+ $r[$k] = '';
+ continue;
+ }
$r[$k] = $isAdmin ? $v[0] : $v[1];