3 * Table Definition for Group_Rights
16 require_once 'DB/DataObject.php';
19 class Pman_Core_DataObjects_Group_rights extends DB_DataObject
22 /* the code below is auto generated do not remove the above tag */
24 public $__table = 'group_rights'; // table name
25 public $rightname; // string(64) not_null
26 public $group_id; // int(11) not_null
27 public $accessmask; // string(10) not_null
28 public $id; // int(11) not_null primary_key auto_increment
31 /* the code above is auto generated do not remove the tag below */
35 var $fullRights = "ADESPIM";
38 function groupsWithRights($rightname, $right)
41 $t->rightname = $rightname;
42 $t->whereAdd("accessmask like '{$this->escape($right)}'");
44 $t->selectAdd('distinct(group_id) as group_id');
45 return $t->fetchAll('group_id');
50 function listPermsFromGroupIds($grps, $isAdmin=false, $isOwner = false) {
53 $t->whereAdd('group_id IN ('. implode(',', $grps).')');
63 if (isset($ret[$t->rightname])) {
64 $ret[$t->rightname] = $this->mergeMask($ret[$t->rightname], $t->accessmask);
67 $ret[$t->rightname] = $t->accessmask;
69 // blank out rights that are disabled by the system..
70 $defs = $this->defaultPermData();
74 //echo "<PRE>";print_r($defs);
76 foreach($defs as $k=>$v) {
80 if (empty($v[0])) { // delete right if not there..
86 if (isset($ret[$k])) {
87 if (empty($ret[$k]) && $isAdmin) {
88 $r[$k] = $v[0] ; // -- it's admin they get rights... can not be disabled..
91 // in theory non-owners could sneak in rights here..??
95 // not set contition...
101 $r[$k] = $isAdmin ? $v[0] : $v[1];
108 function mergeMask($a, $b)
112 for($i=0; $i< strlen($this->fullRights) ; $i++) {
113 if ((strpos($a, $this->fullRights[$i]) > -1) ||
114 (strpos($b, $this->fullRights[$i]) > -1)
116 $ret .= $this->fullRights[$i];
125 function defaultPermData()
128 // we should do better caching of this... really..
138 // P - print / export
143 $gid = empty($this->group_id) ? 0 : $this->group_id;
144 static $Pman_DataObjects_Group_Right = array();
147 if (!empty($Pman_DataObjects_Group_Right[$gid])) {
148 return $Pman_DataObjects_Group_Right[$gid];
150 $has_admin = true; ///?? not sure..
152 $g = DB_DataObject::factory('groups');
153 $g->get($this->group_id);
154 $has_admin = $g->type == 2 ? false : true;
159 $ff = HTML_FlexyFramework::get();
161 $enabled = array('Core') ;
162 $enabled = explode(',', $ff->enable);
163 $disabled = explode(',', $ff->disable? $ff->disable: '');
164 $pman = $ff->rootDir . '/Pman/';
166 //echo '<PRE>';print_r($enabled);
167 foreach($enabled as $module) {
169 if (($module == 'Admin') && !$has_admin) {
173 $fn = $pman. $module. '/'.$module. '.perms.json';
174 if (!file_exists($fn)) {
177 $ar = (array)json_decode(file_get_contents($fn));
179 // since these are critical files.. die'ing with error is ok.
180 die("invalid json file: " . $fn);
182 // echo '<PRE>';print_r($ar);
183 foreach($ar as $k=> $perm) {
185 continue; // it's a comment..
187 if (in_array($module, $disabled) || in_array($module.'.'. $k, $disabled)) {
190 $ret[$module.'.'. $k ] = $perm;
194 $Pman_DataObjects_Group_Right[$gid] = $ret;
196 return $Pman_DataObjects_Group_Right[$gid];
201 function adminRights() // get the admin rights - used when no accounts are available..
203 $defs = $this->defaultPermData();
205 foreach($defs as $k=>$v) {
215 // all groups must have the minimum privaligess..
216 // admin group must have all the privaliges
217 $g = DB_DataObject::Factory('groups');
218 $g->get($this->group_id);
219 $defs = $this->defaultPermData();
221 case "Administrators";
222 $this->accessmask = $this->mergeMask($this->accessmask, $defs[$this->rightname][0]);
226 //$this->accessmask = $this->mergeMask($this->accessmask, $defs[$this->rightname][1]);
233 * generates the default admin group.
236 function genDefault()
238 // need to create to special groups, admin & DEFAULT.
239 $g = DB_DataObject::Factory('Groups');
240 //$g->name = 'Default';
241 //if (!$g->find(true)) {
245 $this->applyDefs($g, 1);
247 $g = DB_DataObject::Factory('Groups');
248 $g->name = 'Administrators';
250 if (!$g->find(true)) {
253 $this->applyDefs($g, 0);
258 function applyDefs($g, $usecol) {
260 $defs = $this->defaultPermData();
261 //echo '<PRE>';print_r($defs);
263 foreach($defs as $rightname => $defdata) {
264 $gr = DB_DataObject::Factory('group_rights');
265 $gr->rightname = $rightname;
266 $gr->group_id = $g->id;
267 if (!$gr->find(true)) {
268 $gr->accessmask = $defdata[$usecol];
273 $gr->accessmask = $gr->mergeMask($gr->accessmask, $defdata[$usecol]);
274 if ($gr->accessmask == $oldgr->accessmask) {
282 function checkPerm($lvl, $au)