Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
232624b1 | 4 | | CiviCRM version 4.4 | |
6a488035 TO |
5 | +--------------------------------------------------------------------+ |
6 | | Copyright CiviCRM LLC (c) 2004-2013 | | |
7 | +--------------------------------------------------------------------+ | |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
26 | */ | |
27 | ||
28 | /** | |
29 | * | |
30 | * @package CRM | |
31 | * @copyright CiviCRM LLC (c) 2004-2013 | |
32 | * $Id$ | |
33 | * | |
34 | */ | |
35 | ||
36 | /** | |
37 | * | |
38 | */ | |
39 | class CRM_Core_Permission_Drupal6 extends CRM_Core_Permission_DrupalBase { | |
40 | ||
41 | /** | |
42 | * is this user someone with access for the entire system | |
43 | * | |
44 | * @var boolean | |
45 | */ | |
46 | protected $_viewAdminUser = FALSE; | |
47 | protected $_editAdminUser = FALSE; | |
48 | ||
49 | /** | |
50 | * am in in view permission or edit permission? | |
51 | * @var boolean | |
52 | */ | |
53 | protected $_viewPermission = FALSE; | |
54 | protected $_editPermission = FALSE; | |
55 | ||
56 | /** | |
57 | * the current set of permissioned groups for the user | |
58 | * | |
59 | * @var array | |
60 | */ | |
61 | protected $_viewPermissionedGroups; | |
62 | protected $_editPermissionedGroups; | |
63 | ||
085823c1 TO |
64 | /** |
65 | * given a permission string, check for access requirements | |
66 | * | |
67 | * @param string $str the permission to check | |
68 | * | |
69 | * @return boolean true if yes, else false | |
70 | * @access public | |
71 | */ | |
72 | function check($str, $contactID = NULL) { | |
73 | $str = $this->translatePermission($str, 'Drupal6', array( | |
74 | 'view user account' => 'access user profiles', | |
ccd74e76 | 75 | 'administer users' => 'administer users', |
085823c1 TO |
76 | )); |
77 | if ($str == CRM_Core_Permission::ALWAYS_DENY_PERMISSION) { | |
78 | return FALSE; | |
79 | } | |
80 | if ($str == CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) { | |
81 | return TRUE; | |
82 | } | |
83 | if (function_exists('user_access')) { | |
84 | return user_access($str) ? TRUE : FALSE; | |
85 | } | |
86 | return TRUE; | |
87 | } | |
88 | ||
6a488035 TO |
89 | /** |
90 | * Given a roles array, check for access requirements | |
91 | * | |
92 | * @param array $array the roles to check | |
93 | * | |
94 | * @return boolean true if yes, else false | |
95 | * @access public | |
96 | */ | |
97 | ||
98 | function checkGroupRole($array) { | |
99 | if (function_exists('user_load') && isset($array)) { | |
100 | $user = user_load(array('uid' => $GLOBALS['user']->uid)); | |
101 | //if giver roles found in user roles - return true | |
102 | foreach ($array as $key => $value) { | |
103 | if (in_array($value, $user->roles)) { | |
104 | return TRUE; | |
105 | } | |
106 | } | |
107 | } | |
108 | return FALSE; | |
109 | } | |
110 | ||
111 | /** | |
112 | * Get all the contact emails for users that have a specific role | |
113 | * | |
114 | * @param string $roleName name of the role we are interested in | |
115 | * | |
116 | * @return string a comma separated list of email addresses | |
117 | */ | |
118 | public function roleEmails($roleName) { | |
119 | static $_cache = array(); | |
120 | ||
121 | if (isset($_cache[$roleName])) { | |
122 | return $_cache[$roleName]; | |
123 | } | |
124 | ||
125 | $uids = array(); | |
126 | $sql = " | |
127 | SELECT {users}.uid | |
128 | FROM {users} | |
129 | LEFT JOIN {users_roles} ON {users}.uid = {users_roles}.uid | |
130 | INNER JOIN {role} ON ( {role}.rid = {users_roles}.rid OR {role}.rid = 2 ) | |
131 | WHERE {role}. name LIKE '%%{$roleName}%%' | |
132 | AND {users}.status = 1 | |
133 | "; | |
134 | ||
135 | $query = db_query($sql); | |
136 | while ($result = db_fetch_object($query)) { | |
137 | $uids[] = $result->uid; | |
138 | } | |
139 | ||
140 | $_cache[$roleName] = self::getContactEmails($uids); | |
141 | return $_cache[$roleName]; | |
142 | } | |
143 | ||
144 | /** | |
145 | * Get all the contact emails for users that have a specific permission | |
146 | * | |
147 | * @param string $permissionName name of the permission we are interested in | |
148 | * | |
149 | * @return string a comma separated list of email addresses | |
150 | */ | |
151 | public function permissionEmails($permissionName) { | |
152 | static $_cache = array(); | |
153 | ||
154 | if (isset($_cache[$permissionName])) { | |
155 | return $_cache[$permissionName]; | |
156 | } | |
157 | ||
158 | $uids = array(); | |
159 | $sql = " | |
160 | SELECT {users}.uid, {permission}.perm | |
161 | FROM {users} | |
162 | LEFT JOIN {users_roles} ON {users}.uid = {users_roles}.uid | |
163 | INNER JOIN {permission} ON ( {permission}.rid = {users_roles}.rid OR {permission}.rid = 2 ) | |
164 | WHERE {permission}.perm LIKE '%%{$permissionName}%%' | |
165 | AND {users}.status = 1 | |
166 | "; | |
167 | ||
168 | $query = db_query($sql); | |
169 | while ($result = db_fetch_object($query)) { | |
170 | $uids[] = $result->uid; | |
171 | } | |
172 | ||
173 | $_cache[$permissionName] = self::getContactEmails($uids); | |
174 | return $_cache[$permissionName]; | |
175 | } | |
176 | ||
dea68872 TO |
177 | /** |
178 | * {@inheritDoc} | |
179 | */ | |
180 | public function isModulePermissionSupported() { | |
181 | return TRUE; | |
182 | } | |
183 | ||
6a488035 | 184 | /** |
c4bc14ed | 185 | * {@inheritdoc} |
6a488035 TO |
186 | * |
187 | * Does nothing in Drupal 6. | |
188 | */ | |
0d8fc497 | 189 | function upgradePermissions($permissions) { |
dea68872 | 190 | // D6 allows us to be really lazy... things get cleaned up when the admin form is next submitted... |
6a488035 TO |
191 | } |
192 | ||
193 | /** | |
194 | * Get the permissions defined in the hook_civicrm_permission implementation | |
195 | * of the given module. | |
196 | * | |
197 | * @return Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions(). | |
198 | */ | |
199 | static function getModulePermissions($module) { | |
200 | $return_permissions = array(); | |
201 | $fn_name = "{$module}_civicrm_permission"; | |
202 | if (function_exists($fn_name)) { | |
203 | $fn_name($return_permissions); | |
204 | } | |
205 | return $return_permissions; | |
206 | } | |
207 | } | |
208 |