7 require_once 'Pman.php';
9 class Pman_Admin_GroupRights extends Pman
12 parent::getAuth(); // load company!
13 $au = $this->getAuthUser();
15 $this->jerr("Not authenticated", array('authFailure' => true));
18 if ($au->company()->comptype !='OWNER') {
19 $this->jerr("Error", "only company owners can manage groups");
22 $this->authUser = $au;
26 // perms - any table that can be modified by the user should be listed here..
27 // without it, our perms manager should deny writing via the web interface...
29 // FOR PERMS - SEE THE DATAOBJECT!
31 function get($v, $opts = Array())
33 // must recieve a group..
34 if (!isset($_GET['group_id']) || (int)$_GET['group_id'] < 0) {
35 $this->jerr("NO GROUP");
38 if (!$this->checkPerm('E')) { // editing groups..
39 $this->jerr("PERMISSION DENIED");
42 $g = DB_DataObject::Factory('core_group');
43 if (!$g->get($_GET['group_id'])) {
44 $this->jerr("group is invalid");
47 // DB_DataObject::debugLevel(1);
48 $p = DB_DataObject::factory('core_group_right');
49 $p->group_id = (int)$_GET['group_id'];
54 $cur[$p->rightname] = clone($p);
57 // print_r($cur);exit;
61 // echo "<PRE>"; print_r($p->defaultPermData() );
62 foreach($p->defaultPermData() as $k => $defdata) {
64 if (empty($defdata[0])) { // no admin data available..
67 if (!isset($cur[$k])) {
68 // then there is no current access right for it..
69 //DB_DataObject::debugLevel(1);
70 $gr = DB_DataObject::factory('core_group_right');
71 $gr->group_id = (int)$_GET['group_id'];
73 $gr->accessmask = $g->type == 2 ? '' : $defdata[1]; // set to defaults.. unless it's a contact group.
75 $cur[$k] = clone($gr);
80 'id' => $cur[$k]->id * 1, //
82 'descript' => isset($defdata[2]) ? $defdata[2] : '' ,
83 'accessmask' => $cur[$k]->accessmask,
84 'FullMask' => $defdata[0],
85 'group_id' => (int)$_GET['group_id']
90 foreach ($ar as $key => $row) {
91 $rightname[$key] = $row['rightname'];
92 $descript[$key] = $row['descript'];
95 // Sort the data with volume descending, edition ascending
96 //array_multisort($rightname, SORT_ASC, $descript, SORT_ASC, $ar);
100 usort($ar, function($a, $b) {
101 $rdiff = $a['rightname'] - $b['rightname'];
102 if ($rdiff) return $rdiff;
103 return $a['descript'] - $b['descript'];
116 if (!isset($_POST['group_id']) || (int)$_POST['group_id'] < 0) {
117 $this->jerr("NO GROUP");
120 if (!$this->checkPerm('E')) { // editing groups..
121 $this->jerr("PERMISSION DENIED");
125 if (!empty($_POST['dataUpdate'])) {
126 foreach($_POST['dataUpdate'] as $id => $ac) {
128 $p = DB_DataObject::factory('core_group_right');
129 $p->group_id = (int)$_POST['group_id'];
131 $this->jerr("could not find gid:{$p->group_id} and $id");
132 continue; // errro cond.
135 $p->accessmask = $ac;
136 $p->validate(); // ensure that the basic perms can not be removed
140 if (!empty($_POST['dataAdd'])) {
141 foreach($_POST['dataAdd'] as $perm => $ac) {
142 $p = DB_DataObject::factory('core_group_right');
143 $p->group_id = (int)$_POST['group_id'];
144 $p->rightname = $perm;
145 $p->accessmask = $ac;
146 $p->validate(); // ensure that the basic perms can not be removed
156 function checkPerm($lvl)
158 return $this->hasPerm('Core.Groups', $lvl);