Commit ca8a8bc6 authored by lphuberdeau's avatar lphuberdeau

[MOD] Moving permission definitions out of the database, removing...

[MOD] Moving permission definitions out of the database, removing tiki-assignpermissions.php (phased out since 4), killing a few functions that were no longer used (instead of rewriting them), might still need to fix quickperms
parent 54239623
......@@ -4879,7 +4879,6 @@ templates/tiki-all_languages.tpl -text
templates/tiki-approve_staging_page.tpl -text
templates/tiki-article_types.tpl -text
templates/tiki-articles-js.tpl -text
templates/tiki-assignpermission.tpl -text
templates/tiki-assignuser.tpl -text
templates/tiki-backlinks.tpl -text
templates/tiki-batch_upload.tpl -text
......@@ -5364,7 +5363,6 @@ tests/testfile.txt -text
/tiki-approve_staging_page.php -text
/tiki-article_types.php -text
/tiki-articles_rss.php -text
/tiki-assignpermission.php -text
/tiki-assignuser.php -text
/tiki-atom.php -text
/tiki-auto_save.php -text
......
This diff is collapsed.
......@@ -63,9 +63,6 @@ class AdminLib extends TikiLib
function remove_dsn($dsnId) {
$info = $this->get_dsn($dsnId);
$perm_name = 'tiki_p_dsn_' . $info['name'];
$query = "delete from `users_permissions` where `permName`=?";
$this->query($query,array($perm_name));
$query = "delete from `tiki_dsn` where `dsnId`=?";
$this->query($query,array($dsnId));
return true;
......@@ -135,22 +132,12 @@ class AdminLib extends TikiLib
$result = $this->query($query,array($name, $extwiki));
}
// And now replace the perm if not created
$perm_name = 'tiki_p_extwiki_' . $name;
$query = "delete from `users_permissions`where `permName`=?";
$this->query($query,array($perm_name));
$query = "insert into `users_permissions`(`permName`,`permDesc`,`type`,`level`) values
(?,?,?,?)";
$this->query($query,array($perm_name,'Can use extwiki $extwiki','extwiki','editor'));
return true;
}
function remove_extwiki($extwikiId) {
$info = $this->get_extwiki($extwikiId);
$perm_name = 'tiki_p_extwiki_' . $info['name'];
$query = "delete from `users_permissions` where `permName`=?";
$this->query($query,array($perm_name));
$query = "delete from `tiki_extwiki` where `extwikiId`=?";
$this->query($query,array($extwikiId));
return true;
......
......@@ -6,42 +6,24 @@
// $Id$// (c) Copyright 2002-2009 by authors of the Tiki Wiki CMS Groupware Project
//this script may only be included - so its better to die if called directly.
if (! $allperms = $cachelib->getSerialized("allperms")) {
$allperms = $userlib->get_permissions(0, -1, 'permName_desc', '', '');
$cachelib->cacheItem("allperms", serialize($allperms));
}
$permissionList = array();
$adminPermissions = array();
foreach( $allperms['data'] as $row ) {
$valid = false;
if( ! $row['feature_check'] ) {
$valid = true;
} else {
foreach( explode( ',', $row['feature_check'] ) as $feature ) {
if( isset($prefs[$feature]) && $prefs[$feature] == 'y' ) {
$valid = true;
break;
}
}
}
if( $valid ) {
$permissionList[] = $row['permName'];
$allperms = $userlib->get_enabled_permissions();
$permissionList = array_keys($allperms);
if( $row['admin'] == 'y' ) {
$adminPermissions[ $row['type'] ] = substr( $row['permName'], strlen( 'tiki_p_' ) );
}
foreach( $allperms as $permName => $row ) {
if( $row['admin'] ) {
$adminPermissions[ $row['type'] ] = substr($permName, strlen( 'tiki_p_' ));
}
}
// Create a map from the permission to the admin permission
$map = array();
foreach( $allperms['data'] as $row ) {
foreach( $allperms as $permName => $row ) {
$type = $row['type'];
if( isset( $adminPermissions[$type] ) && $row['admin'] != 'y' ) {
$permName = substr( $row['permName'], strlen( 'tiki_p_' ) );
if( isset( $adminPermissions[$type] ) && ! $row['admin'] ) {
$permName = substr( $permName, strlen( 'tiki_p_' ) );
$map[ $permName ] = $adminPermissions[$type];
}
}
......
......@@ -3240,12 +3240,10 @@ class TikiLib extends TikiDb_Bridge
$userlib = TikiLib::lib('user');
$perms = Perms::get( array( 'type' => $objectType, 'object' => $objectId ) );
$permDescs = $userlib->get_permissions(0, -1, 'permName_desc', '', $this->get_permGroup_from_objectType($objectType));
$permNames = $userlib->get_permission_names_for($this->get_permGroup_from_objectType($objectType));
$ret = array();
foreach( $permDescs['data'] as $perm ) {
$perm = $perm['permName'];
foreach( $permNames as $perm ) {
$ret[$perm] = $perms->$perm ? 'y' : 'n';
if( $global ) {
......@@ -3342,14 +3340,12 @@ class TikiLib extends TikiDb_Bridge
switch ($objectType) {
case 'wiki page': case 'wiki':
if ( $prefs['wiki_creator_admin'] == 'y' && !empty($user) && isset($info) && $info['creator'] == $user ) { //can admin his page
$perms = $userlib->get_permissions(0, -1, 'permName_desc', '', $this->get_permGroup_from_objectType($objectType));
foreach ($perms['data'] as $perm) {
$perm = $perm['permName'];
$perms = $userlib->get_permission_names_for($this->get_permGroup_from_objectType($objectType));
foreach ($perms as $perm) {
$ret[$perm] = 'y';
if ($global) {
global $$perm;
$$perm = 'y';
$smarty->assign("$perm", 'y');
$GLOBALS[$perm] = 'y';
$smarty->assign($perm, 'y');
}
}
return $ret;
......@@ -3358,13 +3354,12 @@ class TikiLib extends TikiDb_Bridge
if ($prefs['feature_wiki_userpage'] == 'y' && !empty($prefs['feature_wiki_userpage_prefix']) && !empty($user) && strcasecmp($prefs['feature_wiki_userpage_prefix'], substr($objectId, 0, strlen($prefs['feature_wiki_userpage_prefix']))) == 0) {
if (strcasecmp($objectId, $prefs['feature_wiki_userpage_prefix'].$user) == 0) { //can edit his page
if (!$global) {
$perms = $userlib->get_permissions(0, -1, 'permName_desc', '', $this->get_permGroup_from_objectType($objectType));
foreach ($perms['data'] as $perm) {
global $$perm['permName'];
if ($perm['permName'] == 'tiki_p_view' || $perm['permName'] == 'tiki_p_edit') {
$ret[$perm['permName']] = 'y';
$perms = $userlib->get_permission_names_for($this->get_permGroup_from_objectType($objectType));
foreach ($perms as $perm) {
if ($perm == 'tiki_p_view' || $perm == 'tiki_p_edit') {
$ret[$perm] = 'y';
} else {
$ret[$perm['permName']] = $$perm['permName'];
$ret[$perm] = $GLOBALS[$perm];
}
}
} else {
......
......@@ -124,24 +124,6 @@ class UsersLib extends TikiLib
return true;
}
// assign permissions for an individual object according to the global permissions for that object type
function inherit_global_permissions($objectId, $objectType) {
global $cachelib;
$groups = $this->get_groups();
if (! $perms = $cachelib->getSerialized($objectType . "_permission_names")) {
$perms = $this->get_permissions(0, -1, 'permName_desc', '', $objectType);
$cachelib->cacheItem($objectType . "_permission_names",serialize($perms));
}
foreach ($groups['data'] as $group) {
foreach ($perms['data'] as $perm) {
if (in_array($perm['permName'], $group['perms'])) {
$this->assign_object_permission($group['groupName'], $objectId, $objectType, $perm['permName']);
}
}
}
}
function get_object_permissions($objectId, $objectType, $group='', $perm='') {
$objectId = md5($objectType . strtolower($objectId));
......@@ -2306,7 +2288,6 @@ class UsersLib extends TikiLib
$this->query($query, array($level, $perm));
global $cachelib;
$cachelib->invalidate("allperms");
$cachelib->empty_type_cache("fgals_perms");
global $menulib; include_once('lib/menubuilder/menulib.php');
......@@ -2323,7 +2304,6 @@ class UsersLib extends TikiLib
}
global $cachelib;
$cachelib->invalidate("allperms");
$cachelib->empty_type_cache("fgals_perms");
$cachelib->invalidate("groupperms_$group");
......@@ -2341,7 +2321,6 @@ class UsersLib extends TikiLib
}
global $cachelib;
$cachelib->invalidate("allperms");
$cachelib->empty_type_cache("fgals_perms");
$cachelib->invalidate("groupperms_$group");
......@@ -2352,11 +2331,10 @@ class UsersLib extends TikiLib
function create_dummy_level($level) {
$query = "delete from `users_permissions` where `permName` = ?";
$result = $this->query($query, array(''));
$query = "insert into `users_permissions`(`permName`, `permDesc`, `type`, `level`) values('','','',?)";
$query = "insert into `users_permissions`(`permName`, `level`) values('', ?)";
$this->query($query, array($level));
global $cachelib;
$cachelib->invalidate("allperms");
$cachelib->empty_type_cache("fgals_perms");
global $menulib; include_once('lib/menubuilder/menulib.php');
......@@ -2449,6 +2427,45 @@ class UsersLib extends TikiLib
}
}
function get_enabled_permissions()
{
global $prefs;
$raw = $this->get_raw_permissions();
$out = array();
foreach ($raw as $permission) {
$valid = empty($permission['prefs']);
foreach ($permission['prefs'] as $name) {
if ($prefs[$name] == 'y') {
$valid = true;
break;
}
}
if ($valid) {
$out[$permission['name']] = $permission;
}
}
return $out;
}
function get_permission_names_for($type)
{
$raw = $this->get_raw_permissions();
$out = array();
foreach ($raw as $permission) {
if ($permission['type'] == $type) {
$out[] = $permission['name'];
}
}
return $out;
}
private function get_raw_permissions()
{
return array(
......@@ -4705,50 +4722,29 @@ class UsersLib extends TikiLib
function get_permissions($offset = 0, $maxRecords = -1, $sort_mode = 'permName_asc', $find = '', $type = '', $group = '', $enabledOnly = false) {
global $prefs;
$values = array();
$sort_mode = $this->convertSortMode($sort_mode);
$mid = '';
if ($type && $type != 'all') {
$mid = ' where `type`= ? ';
$values[] = $type;
if ($enabledOnly) {
$raw = $this->get_enabled_permissions();
} else {
$raw = $this->get_raw_permissions();
}
if ($find) {
if ($mid) {
$mid .= " and `permName` like ?";
$values[] = '%'.$find.'%';
} else {
$mid .= " where `permName` like ?";
$values[] = '%'.$find.'%';
}
} else {
if ($mid) {
$mid .= " and `permName` > ''";
} else {
$mid .= " where `permName` > ''";
$ret = array();
foreach ($raw as $permission) {
if ($type && $type != 'all' && $permission['type'] != $type) {
continue;
}
}
$query = "select * from `users_permissions` $mid order by $sort_mode ";
$ret = $this->fetchAll($query, $values, $maxRecords, $offset);
$cant = 0;
foreach ( $ret as &$res ) {
if( $enabledOnly && $res['feature_check'] ) { // only list enabled features
$feats = preg_split('/,/', $res['feature_check']);
$got_one = false;
foreach ($feats as $feat) {
if ( $prefs[ trim($feat) ] == 'y') {
$got_one = true;
}
}
if (!$got_one) {
continue;
}
if ($find && stripos($permission['name'], $find) === false) {
continue;
}
$cant++;
if ($group) {
if (is_string($group)) {
$ret[] = $this->permission_compatibility($permission);
}
if ($group) {
if (is_string($group)) {
foreach ( $ret as &$res ) {
if ($this->group_has_permission($group, $res['permName'])) {
$res['hasPerm'] = 'y';
$res[count($res)/2] = 'y'; // keep indexed key too
......@@ -4756,7 +4752,9 @@ class UsersLib extends TikiLib
$res['hasPerm'] = 'n';
$res[count($res)/2] = 'n';
}
} else if (is_array($group)) {
}
} else if (is_array($group)) {
foreach ( $ret as &$res ) {
foreach( $group as $groupName) {
if ($this->group_has_permission($groupName, $res['permName'])) {
$res[$groupName.'_hasPerm'] = 'y';
......@@ -4772,21 +4770,28 @@ class UsersLib extends TikiLib
return array(
'data' => $ret,
'cant' => $cant,
'cant' => count($ret),
);
}
private function permission_compatibility($newFormat) {
$newFormat['permName'] = $newFormat['name'];
$newFormat['permDesc'] = $newFormat['description'];
$newFormat['feature_checks'] = implode(',', $newFormat['prefs']);
return $newFormat;
}
function get_permission_types() {
global $prefs;
$ret = array();
$query = "select distinct `type` from `users_permissions`";
$ret = $this->fetchAll($query);
$cant = count($ret);
foreach ($this->get_raw_permissions() as $perm) {
if (! isset($ret[$perm['type']])) {
$ret[$perm['type']] = true;
}
}
return array(
'data' => $ret,
'cant' => $cant,
);
return array_keys($ret);
}
function get_group_permissions($group) {
......@@ -4807,17 +4812,6 @@ class UsersLib extends TikiLib
return $ret;
}
function get_user_detailled_permissions($user) {
$groups = $this->get_user_groups($user);
// Use group cache if only one group
//if ( count($groups) == 1 ) return $this->get_group_permissions($groups[0]);
$query = 'select distinct up.* from `users_permissions` as up, `users_grouppermissions` as ug where ug.`groupName` in ('.implode(',',array_fill(0,count($groups),'?')).') and up.`permName`=ug.`permName`';
return $this->fetchAll($query, $groups);
}
function assign_permission_to_group($perm, $group) {
$query = "delete from `users_grouppermissions` where `groupName` = ? and `permName` = ?";
$result = $this->query($query, array($group, $perm));
......@@ -4825,7 +4819,6 @@ class UsersLib extends TikiLib
$result = $this->query($query, array($group, $perm));
global $cachelib;
$cachelib->invalidate("allperms");
$cachelib->empty_type_cache("fgals_perms");
$cachelib->invalidate("groupperms_$group");
......@@ -4884,7 +4877,6 @@ class UsersLib extends TikiLib
$result = $this->query($query, array($perm, $group));
global $cachelib;
$cachelib->invalidate("allperms");
$cachelib->empty_type_cache("fgals_perms");
$cachelib->invalidate("groupperms_$group");
......@@ -5668,13 +5660,6 @@ class UsersLib extends TikiLib
return true;
}
function get_permissions_types() {
$query = "select `type` from `users_permissions` group by `type`";
$result = $this->query($query,array());
$ret = array();
while ($res = $result->fetchRow()) { $ret[] = $res['type']; }
return $ret;
}
function send_validation_email($name, $apass, $email, $again='', $second='', $chosenGroup='', $mailTemplate = '', $pass = '') {
// TODO: CLEANUP duplicates code in callback_tikiwiki_send_email() in registrationlib?
global $tikilib, $prefs, $smarty;
......
......@@ -59,10 +59,10 @@ class WikiRenderer
function applyPermissions() // {{{
{
global $userlib;
$permDescs = $userlib->get_permissions( 0, -1, 'permName_desc', '', 'wiki' );
$permNames = $userlib->get_permission_names_for('wiki');
$objectperms = Perms::get( array( 'type' => 'wiki page', 'object' => $this->page ) );
foreach( $permDescs['data'] as $name ) {
foreach( $permNames as $name ) {
$name = $name['permName'];
$this->setGlobal( $name, $objectperms->$name ? 'y' : 'n' );
}
......
{assign var=escgroup value=$group|escape:url}
{title help="Permission" url="tiki-assignpermission.php?group=$escgroup"}{tr}Assign permissions to group:{/tr} {$group|escape}{/title}
<div class="navbar">
{if $tiki_p_admin eq 'y'} {* only full admins can manage groups, not tiki_p_admin_users *}
{button href="tiki-admingroups.php" _text="{tr}Admin groups{/tr}"}
{/if}
{button href="tiki-adminusers.php" _text="{tr}Admin users{/tr}"}
{button href="?do=temp_cache&amp;group=$escgroup" _text="{tr}Clear Cache{/tr}"}
</div>
{remarksbox type='note' title='New feature'}
{tr}This page will be replaced with the Object Permissions page although currently it does not support the "advanced" mode of this page.<br />Please try it out and feedback with any improvements or problems.{/tr}
<br /><br />
{tr}Click this button to try it now:{/tr} {button href="tiki-objectpermissions.php" _text="{tr}Global object permissions{/tr}"}
{/remarksbox}
<h2>{tr}Group Information{/tr}</h2>
<table class="formcolor" id="groupinformation">
<tr>
<td>{tr}Name:{/tr}</td>
<td>{$group_info.groupName|escape}</td>
</tr>
<tr>
<td>{tr}Description:{/tr}</td>
<td>{$group_info.groupDesc|escape}</td>
</tr>
<tr>
<td style="vertical-align:top;">{tr}Permissions:{/tr}</td>
<td>
{section name=grp loop=$group_info.perms}
{$group_info.perms[grp]}
{if $group_info.perms[grp] != "Anonymous"}
<a class="link" href="tiki-assignpermission.php?type={$type}&amp;sort_mode={$sort_mode}&amp;permission={$group_info.perms[grp]}&amp;group={$group|escape:url}&amp;action=remove">{icon _id='cross' alt="{tr}Delete{/tr}"}</a>
{/if}
<br />
{/section}
</td>
</tr>
</table>
<br />
<a name="assign" ></a>
<h2>{tr}Assign Permissions{/tr}</h2>
<table class="findtable">
<tr>
<td class="findtable">{tr}Find{/tr}</td>
<td class="findtable">
<form method="post" action="tiki-assignpermission.php#assign" name="permselects">
<input type="text" name="find" value="{$find|escape}" />
<input type="submit" value="{tr}Find{/tr}" name="search" />
<input type="hidden" name="sort_mode" value="{$sort_mode|escape}" />
<select name="type" onchange="permselects.submit()">
<option value="">{tr}All{/tr}</option>
{sortlinks}
{section name=v loop=$types}
<option value="{$types[v]}"{if $type eq $types[v]} selected="selected"{/if}>{tr}{$types[v]}{/tr}</option>
{/section}
{/sortlinks}
</select>
<select name="group" onchange="permselects.submit()">
{section name=v loop=$groups}
<option value="{$groups[v].groupName|escape}"{if $group eq $groups[v].groupName|escape} selected="selected"{/if}>{$groups[v].groupName|escape}</option>
{/section}
</select>
</form>
</td>
</tr>
</table>
<form action="tiki-assignpermission.php" method="post">
<input type="hidden" name="group" value="{$group|escape}" />
<input type="hidden" name="type" value="{$type|escape}" />
<input type="submit" name="update" value="{tr}Update{/tr}" /><br />
<table class="sortable" id="assignperms" width="100%">
<thead>
<tr>
<th>&nbsp;</th>
<th>{tr}Name{/tr}</th>
{if $advanced_features eq 'y'}<th>{tr}level{/tr}</th>{/if}
<th>{tr}Type{/tr}</th>
<th>{tr}Desc{/tr}</th>
</tr>
</thead>
<tbody>
{cycle values="odd,even" print=false}
{section name=user loop=$perms}
<tr class="{cycle}">
<td>
<input type="hidden" name="permName[{$perms[user].permName}]" />
<input type="checkbox" name="perm[{$perms[user].permName}]"
{assign var=has_inherited_one_perm value='n'}
{assign var=has_inherited_perm value=''}
{foreach key=gr item=it from=$inherited_groups_perms}
{if $it[user].hasPerm eq 'y'}{assign var=has_inherited_one_perm value='y'}{/if}
{/foreach}
{if $perms[user].hasPerm eq 'y' or $inherited_from_anon[user].hasPerm eq 'y'or $inherited_from_reg[user].hasPerm eq 'y' or $has_inherited_one_perm eq 'y'}checked="checked" {/if}
{if $inherited_from_anon[user].hasPerm eq 'y' or $inherited_from_reg[user].hasPerm eq 'y' or $has_inherited_one_perm eq 'y' or $perms[user].from_admin eq 'y'}disabled="disabled" {/if}/>
</td>
<td>{$perms[user].permName}</td>
{if $advanced_features eq 'y'}
<td>
<select name="level[{$perms[user].permName}]">{html_options output=$levels values=$levels selected=$perms[user].level}</select>
</td>
{/if}
<td>{tr}{$perms[user].type}{/tr}</td>
<td>
{if $perms[user].from_admin eq 'y'}
<span style="float:right;font-size:80%;padding:1px 5px;border:1px solid #999;color:#258;background-color:#ace;">{tr}Admin{/tr}</span>
{/if}
{if $inherited_from_anon[user].hasPerm eq 'y'}
<span style="float:right;font-size:80%;padding:1px 5px;border:1px solid #999;color:#262;background-color:#ada;">{tr}inherited from{/tr}<a href="tiki-assignpermission.php?group=Anonymous"> Anonymous</a></span>
{/if}
{if $inherited_from_reg[user].hasPerm eq 'y'}
<span style="float:right;font-size:80%;padding:1px 5px;border:1px solid #999;color:#258;background-color:#acd;">{tr}inherited from{/tr}<a href="tiki-assignpermission.php?group=Registered"> Registered</a></span>
{/if}
{if $has_inherited_one_perm eq 'y'}
<span style="float:right;font-size:80%;padding:1px 5px;border:1px solid #999;color:#852;background-color:#dca;">{tr}inherited{/tr}</span>
{/if}
{tr}{$perms[user].permDesc}{/tr}
</td>
</tr>
{/section}
</tbody>
</table>
<input type="submit" name="update" value="{tr}Update{/tr}" />
</form>
<br/>
{remarksbox type="warning" title="{tr}Advanced feature{/tr}"}
{tr}Level configuration:{/tr}
{if $advanced_features ne 'y'}
<a href="tiki-assignpermission.php?find={$find}&amp;type={$type}&amp;group={$group|escape:url}&amp;sort_mode={$sort_mode}&amp;advanced_features=y">{tr}Show{/tr}</a>
{else}
<a href="tiki-assignpermission.php?find={$find}&amp;type={$type}&amp;group={$group|escape:url}&amp;sort_mode={$sort_mode}">{tr}Hide{/tr}</a>
{/if}
<div {if $advanced_features ne 'y'}style="display:none;"{else}style="display:block;"{/if}>
<h2>{tr}Create level{/tr}</h2>
<form method="post" action="tiki-assignpermission.php">
<input type="hidden" name="group" value="{$group|escape}" />
<input type="hidden" name="type" value="{$type|escape}" />
{tr}Create level:{/tr} <input type="text" name="level" />
<input type="submit" name="createlevel" value="{tr}Create{/tr}" />
</form>
<br />
<br />
<form method="post" action="tiki-assignpermission.php">
<input type="hidden" name="group" value="{$group|escape}" />
<input type="hidden" name="type" value="{$type|escape}" />
<select name="oper">
<option value="assign">{tr}Assign{/tr}</option>
<option value="remove">{tr}Remove{/tr}</option>
</select>
{tr}all permissions in level:{/tr}
<select name="level[]" multiple="multiple" size="5">
{html_options output=$levels values=$levels selected=$perms[user].level}
</select>
<input type="submit" name="allper" value="{tr}Update{/tr}" />
</form>
</div>
{/remarksbox}
......@@ -102,10 +102,6 @@ if ($("#assignstructure").attr("checked")) {
</div>
</form>
{remarksbox type="note" title="{tr}Note{/tr}"}
{tr}Previous version of assign permissions page can still be found{/tr} <a href="tiki-assignpermission.php?group={if isset($smarty.request.group)}{$smarty.request.group}{else}Anonymous{/if}">{tr}here{/tr}</a>
{/remarksbox}
{/tab}
{if !empty($permissions_added) or !empty($permissions_removed)}
......
......@@ -35,24 +35,9 @@ if (empty($info)) {
}
$smarty->assign('nlId', $_REQUEST["nlId"]);
$smarty->assign('individual', 'n');
if ($userlib->object_has_one_permission($_REQUEST["nlId"], 'newsletter')) {
$smarty->assign('individual', 'y');
if ($tiki_p_admin != 'y') {
$perms = $userlib->get_permissions(0, -1, 'permName_desc', '', 'newsletters');
foreach($perms["data"] as $perm) {
$permName = $perm["permName"];
if ($userlib->object_has_permission($user, $_REQUEST["nlId"], 'newsletter', $permName)) {
$$permName = 'y';
$smarty->assign("$permName", 'y');
} else {
$$permName = 'n';
$smarty->assign("$permName", 'n');
}
}
}
}
$tikilib->get_perm_object($_REQUEST['nlId'], 'newsletter');
$access->check_permission('tiki_p_admin_newsletters');
if (isset($_REQUEST['delsel_x']) && isset($_REQUEST['checked'])) {
......
......@@ -23,23 +23,8 @@ if (!isset($_REQUEST["surveyId"])) {
die;
}
$smarty->assign('surveyId', $_REQUEST["surveyId"]);
$smarty->assign('individual', 'n');
if ($userlib->object_has_one_permission($_REQUEST["surveyId"], 'survey')) {
$smarty->assign('individual', 'y');
if ($tiki_p_admin != 'y') {
$perms = $userlib->get_permissions(0, -1, 'permName_desc', '', 'surveys');
foreach($perms["data"] as $perm) {
$permName = $perm["permName"];
if ($userlib->object_has_permission($user, $_REQUEST["surveyId"], 'survey', $permName)) {
$$permName = 'y';
$smarty->assign("$permName", 'y');
} else {
$$permName = 'n';
$smarty->assign("$permName", 'n');
}
}
}
}
$tikilib->get_perm_object($_REQUEST['surveyId'], 'survey');
$access->check_permission('tiki_p_admin_surveys');
$survey_info = $srvlib->get_survey($_REQUEST["surveyId"]);
......
......@@ -21,24 +21,7 @@ if (!isset($_REQUEST["surveyId"])) {
$_REQUEST["surveyId"] = 0;
}
$smarty->assign('surveyId', $_REQUEST["surveyId"]);
$smarty->assign('individual', 'n');
//begin checking for perms
if ($userlib->object_has_one_permission($_REQUEST["surveyId"], 'survey')) {
$smarty->assign('individual', 'y');
if ($tiki_p_admin != 'y') {
$perms = $userlib->get_permissions(0, -1, 'permName_desc', '', 'surveys');
foreach($perms["data"] as $perm) {
$permName = $perm["permName"];
if ($userlib->object_has_permission($user, $_REQUEST["surveyId"], 'survey', $permName)) {
$$permName = 'y';
$smarty->assign("$permName", 'y');
} else {
$$permName = 'n';
$smarty->assign("$permName", 'n');
}
}
}
}
$tikilib->get_perm_object($_REQUEST['surveyId'], 'survey');
$access->check_permission('tiki_p_admin_surveys');
if (isset($_REQUEST["save"])) {
check_ticket('admin-surveys');
......
<?php
// (c) Copyright 2002-2011 by authors of the Tiki Wiki CMS Groupware Project
//
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
// $Id$
// This script is used to assign permissions to a particular group