Changeset 25245 for trunk/include
- Timestamp:
- Oct 30, 2013, 9:29:48 PM (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/ws_functions.inc.php
r25237 r25245 3625 3625 /** 3626 3626 * API method 3627 * Updates users 3627 3628 * @param mixed[] $params 3628 3629 * @option int[] user_id … … 3812 3813 } 3813 3814 3815 /** 3816 * API method 3817 * Returns permissions 3818 * @param mixed[] $params 3819 * @option int[] cat_id (optional) 3820 * @option int[] group_id (optional) 3821 * @option int[] user_id (optional) 3822 */ 3823 function ws_permissions_getList($params, &$service) 3824 { 3825 $my_params = array_intersect(array_keys($params), array('cat_id','group_id','user_id')); 3826 if (count($my_params) > 1) 3827 { 3828 return new PwgError(WS_ERR_INVALID_PARAM, 'Too many parameters, provide cat_id OR user_id OR group_id'); 3829 } 3830 3831 $cat_filter = ''; 3832 if (!empty($params['cat_id'])) 3833 { 3834 $cat_filter = 'WHERE cat_id IN('. implode(',', $params['cat_id']) .')'; 3835 } 3836 3837 $perms = array(); 3838 3839 // direct users 3840 $query = ' 3841 SELECT user_id, cat_id 3842 FROM '. USER_ACCESS_TABLE .' 3843 '. $cat_filter .' 3844 ;'; 3845 $result = pwg_query($query); 3846 3847 while ($row = pwg_db_fetch_assoc($result)) 3848 { 3849 if (!isset($perms[ $row['cat_id'] ])) 3850 { 3851 $perms[ $row['cat_id'] ]['id'] = $row['cat_id']; 3852 } 3853 $perms[ $row['cat_id'] ]['users'][] = $row['user_id']; 3854 } 3855 3856 // indirect users 3857 $query = ' 3858 SELECT ug.user_id, ga.cat_id 3859 FROM '. USER_GROUP_TABLE .' AS ug 3860 INNER JOIN '. GROUP_ACCESS_TABLE .' AS ga 3861 ON ug.group_id = ga.group_id 3862 '. $cat_filter .' 3863 ;'; 3864 $result = pwg_query($query); 3865 3866 while ($row = pwg_db_fetch_assoc($result)) 3867 { 3868 if (!isset($perms[ $row['cat_id'] ])) 3869 { 3870 $perms[ $row['cat_id'] ]['id'] = $row['cat_id']; 3871 } 3872 $perms[ $row['cat_id'] ]['users_indirect'][] = $row['user_id']; 3873 } 3874 3875 // groups 3876 $query = ' 3877 SELECT group_id, cat_id 3878 FROM '. GROUP_ACCESS_TABLE .' 3879 '. $cat_filter .' 3880 ;'; 3881 $result = pwg_query($query); 3882 3883 while ($row = pwg_db_fetch_assoc($result)) 3884 { 3885 if (!isset($perms[ $row['cat_id'] ])) 3886 { 3887 $perms[ $row['cat_id'] ]['id'] = $row['cat_id']; 3888 } 3889 $perms[ $row['cat_id'] ]['groups'][] = $row['group_id']; 3890 } 3891 3892 // filter by group and user 3893 foreach ($perms as $cat_id => &$cat) 3894 { 3895 if (isset($filters['group_id'])) 3896 { 3897 if (empty($cat['groups']) or count(array_intersect($cat['groups'], $params['group_id'])) == 0) 3898 { 3899 unset($perms[$cat_id]); 3900 continue; 3901 } 3902 } 3903 if (isset($filters['user_id'])) 3904 { 3905 if ( 3906 (empty($cat['users_indirect']) or count(array_intersect($cat['users_indirect'], $params['user_id'])) == 0) 3907 and (empty($cat['users']) or count(array_intersect($cat['users'], $params['user_id'])) == 0) 3908 ) { 3909 unset($perms[$cat_id]); 3910 continue; 3911 } 3912 } 3913 3914 $cat['groups'] = !empty($cat['groups']) ? array_unique($cat['groups']) : array(); 3915 $cat['users'] = !empty($cat['users']) ? array_unique($cat['users']) : array(); 3916 $cat['users_indirect'] = !empty($cat['users_indirect']) ? array_unique($cat['users_indirect']) : array(); 3917 } 3918 unset($cat); 3919 3920 return array('categories' => new PwgNamedArray(array_values($perms), 'category', array('id'))); 3921 } 3922 3923 /** 3924 * API method 3925 * Add permissions 3926 * @param mixed[] $params 3927 * @option int[] cat_id 3928 * @option int[] group_id (optional) 3929 * @option int[] user_id (optional) 3930 * @option bool recursive 3931 */ 3932 function ws_permissions_add($params, &$service) 3933 { 3934 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 3935 3936 if (!empty($params['group_id'])) 3937 { 3938 $cat_ids = get_uppercat_ids($params['cat_id']); 3939 if ($params['recursive']) 3940 { 3941 $cat_ids = array_merge($cat_ids, get_subcat_ids($params['cat_id'])); 3942 } 3943 3944 $query = ' 3945 SELECT id 3946 FROM '.CATEGORIES_TABLE.' 3947 WHERE id IN ('.implode(',', $cat_ids).') 3948 AND status = \'private\' 3949 ;'; 3950 $private_cats = array_from_query($query, 'id'); 3951 3952 $inserts = array(); 3953 foreach ($private_cats as $cat_id) 3954 { 3955 foreach ($params['group_id'] as $group_id) 3956 { 3957 $inserts[] = array( 3958 'group_id' => $group_id, 3959 'cat_id' => $cat_id 3960 ); 3961 } 3962 } 3963 3964 mass_inserts( 3965 GROUP_ACCESS_TABLE, 3966 array('group_id','cat_id'), 3967 $inserts, 3968 array('ignore'=>true) 3969 ); 3970 } 3971 3972 if (!empty($params['user_id'])) 3973 { 3974 if ($params['recursive']) $_POST['apply_on_sub'] = true; 3975 add_permission_on_category($params['cat_id'], $params['user_id']); 3976 } 3977 3978 return $service->invoke('pwg.permissions.getList', array('cat_id'=>$params['cat_id'])); 3979 } 3980 3981 /** 3982 * API method 3983 * Removes permissions 3984 * @param mixed[] $params 3985 * @option int[] cat_id 3986 * @option int[] group_id (optional) 3987 * @option int[] user_id (optional) 3988 */ 3989 function ws_permissions_remove($params, &$service) 3990 { 3991 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 3992 3993 $cat_ids = get_subcat_ids($params['cat_id']); 3994 3995 if (!empty($params['group_id'])) 3996 { 3997 $query = ' 3998 DELETE 3999 FROM '. GROUP_ACCESS_TABLE .' 4000 WHERE group_id IN ('. implode(',', $params['group_id']).') 4001 AND cat_id IN ('. implode(',', $cat_ids).') 4002 ;'; 4003 pwg_query($query); 4004 } 4005 4006 if (!empty($params['user_id'])) 4007 { 4008 $query = ' 4009 DELETE 4010 FROM '. USER_ACCESS_TABLE .' 4011 WHERE user_id IN ('. implode(',', $params['user_id']) .') 4012 AND cat_id IN ('. implode(',', $cat_ids) .') 4013 ;'; 4014 pwg_query($query); 4015 } 4016 4017 return $service->invoke('pwg.permissions.getList', array('cat_id'=>$params['cat_id'])); 4018 } 4019 3814 4020 ?>
Note: See TracChangeset
for help on using the changeset viewer.