[civicrm-core.git] / CRM / Core / Permission / DrupalBase.php

<?php
/*
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC. All rights reserved.                        |
 |                                                                    |
 | This work is published under the GNU AGPLv3 license with some      |
 | permitted exceptions and without any warranty. For full license    |
 | and copyright information, see https://civicrm.org/licensing       |
 +--------------------------------------------------------------------+
 */

/**
 *
 * @package CRM
 * @copyright CiviCRM LLC https://civicrm.org/licensing
 */

/**
 *
 */
class CRM_Core_Permission_DrupalBase extends CRM_Core_Permission_Base {

  /**
   * @param $uids
   *
   * @return string
   */
  public function getContactEmails($uids) {
    if (empty($uids)) {
      return '';
    }
    $uidString = implode(',', $uids);
    $sql = "
    SELECT     e.email
    FROM       civicrm_contact c
    INNER JOIN civicrm_email e     ON ( c.id = e.contact_id AND e.is_primary = 1 )
    INNER JOIN civicrm_uf_match uf ON ( c.id = uf.contact_id )
    WHERE      c.is_deceased = 0
    AND        c.is_deleted  = 0
    AND        uf.uf_id IN ( $uidString )
    ";

    $dao = CRM_Core_DAO::executeQuery($sql);

    $emails = [];
    while ($dao->fetch()) {
      $emails[] = $dao->email;
    }

    return implode(', ', $emails);
  }

  /**
   * Given a roles array, check for access requirements
   *
   * @param array $array
   *   The roles to check.
   *
   * @return bool
   *   true if yes, else false
   */
  public function checkGroupRole($array) {
    if (function_exists('user_load') && isset($array)) {
      $user = user_load($GLOBALS['user']->uid);
      //if giver roles found in user roles - return true
      foreach ($array as $key => $value) {
        if (in_array($value, $user->roles)) {
          return TRUE;
        }
      }
    }
    return FALSE;
  }

  /**
   * @inheritDoc
   */
  public function isModulePermissionSupported() {
    return TRUE;
  }

  /**
   * Get all the contact emails for users that have a specific permission.
   *
   * @param string $permissionName
   *   Name of the permission we are interested in.
   *
   * @return string
   *   a comma separated list of email addresses
   */
  public function permissionEmails($permissionName) {
    static $_cache = [];

    if (isset($_cache[$permissionName])) {
      return $_cache[$permissionName];
    }

    $uids = [];
    $sql = "
      SELECT {users}.uid, {role_permission}.permission
      FROM {users}
      JOIN {users_roles}
        ON {users}.uid = {users_roles}.uid
      JOIN {role_permission}
        ON {role_permission}.rid = {users_roles}.rid
      WHERE {role_permission}.permission = '{$permissionName}'
        AND {users}.status = 1
    ";

    $result = db_query($sql);
    foreach ($result as $record) {
      $uids[] = $record->uid;
    }

    $_cache[$permissionName] = self::getContactEmails($uids);
    return $_cache[$permissionName];
  }

  /**
   * @inheritDoc
   */
  public function upgradePermissions($permissions) {
    if (empty($permissions)) {
      throw new CRM_Core_Exception("Cannot upgrade permissions: permission list missing");
    }
    $query = db_delete('role_permission')
      ->condition('module', 'civicrm')
      ->condition('permission', array_keys($permissions), 'NOT IN');
    $query->execute();
  }

}
Commit	Line	Data
6a488035 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
bc77d7c0	4	\| Copyright CiviCRM LLC. All rights reserved. \|
6a488035	5	\| \|
bc77d7c0 TO	6	\| This work is published under the GNU AGPLv3 license with some \|
	7	\| permitted exceptions and without any warranty. For full license \|
	8	\| and copyright information, see https://civicrm.org/licensing \|
6a488035	9	+--------------------------------------------------------------------+
d25dd0ee	10	*/
6a488035 TO	11
	12	/**
	13	*
	14	* @package CRM
ca5cec67	15	* @copyright CiviCRM LLC https://civicrm.org/licensing
6a488035 TO	16	*/
	17
	18	/**
	19	*
	20	*/
	21	class CRM_Core_Permission_DrupalBase extends CRM_Core_Permission_Base {
42762e35	22
a0ee3941 EM	23	/**
	24	* @param $uids
	25	*
	26	* @return string
	27	*/
00be9182	28	public function getContactEmails($uids) {
42762e35 DL	29	if (empty($uids)) {
	30	return '';
	31	}
	32	$uidString = implode(',', $uids);
	33	$sql = "
	34	SELECT e.email
	35	FROM civicrm_contact c
	36	INNER JOIN civicrm_email e ON ( c.id = e.contact_id AND e.is_primary = 1 )
	37	INNER JOIN civicrm_uf_match uf ON ( c.id = uf.contact_id )
	38	WHERE c.is_deceased = 0
	39	AND c.is_deleted = 0
	40	AND uf.uf_id IN ( $uidString )
	41	";
	42
	43	$dao = CRM_Core_DAO::executeQuery($sql);
	44
be2fb01f	45	$emails = [];
42762e35	46	while ($dao->fetch()) {
2aa397bc	47	$emails[] = $dao->email;
42762e35 DL	48	}
	49
	50	return implode(', ', $emails);
	51	}
68be1dfe EM	52
	53	/**
	54	* Given a roles array, check for access requirements
	55	*
6a0b768e TO	56	* @param array $array
6a0b768e TO	57	* The roles to check.
68be1dfe	58	*
c301f76e	59	* @return bool
a6c01b45	60	* true if yes, else false
68be1dfe	61	*/
00be9182	62	public function checkGroupRole($array) {
68be1dfe	63	if (function_exists('user_load') && isset($array)) {
481a74f4	64	$user = user_load($GLOBALS['user']->uid);
68be1dfe EM	65	//if giver roles found in user roles - return true
	66	foreach ($array as $key => $value) {
	67	if (in_array($value, $user->roles)) {
	68	return TRUE;
	69	}
	70	}
	71	}
	72	return FALSE;
	73	}
	74
	75	/**
e7c15cb6	76	* @inheritDoc
68be1dfe EM	77	*/
	78	public function isModulePermissionSupported() {
	79	return TRUE;
	80	}
	81
	82	/**
d09edf64	83	* Get all the contact emails for users that have a specific permission.
68be1dfe	84	*
6a0b768e TO	85	* @param string $permissionName
6a0b768e TO	86	* Name of the permission we are interested in.
68be1dfe	87	*
a6c01b45 CW	88	* @return string
a6c01b45 CW	89	* a comma separated list of email addresses
68be1dfe EM	90	*/
68be1dfe EM	91	public function permissionEmails($permissionName) {
be2fb01f	92	static $_cache = [];
68be1dfe EM	93
	94	if (isset($_cache[$permissionName])) {
	95	return $_cache[$permissionName];
	96	}
	97
be2fb01f	98	$uids = [];
68be1dfe EM	99	$sql = "
	100	SELECT {users}.uid, {role_permission}.permission
	101	FROM {users}
	102	JOIN {users_roles}
	103	ON {users}.uid = {users_roles}.uid
	104	JOIN {role_permission}
	105	ON {role_permission}.rid = {users_roles}.rid
	106	WHERE {role_permission}.permission = '{$permissionName}'
	107	AND {users}.status = 1
	108	";
	109
	110	$result = db_query($sql);
481a74f4	111	foreach ($result as $record) {
68be1dfe EM	112	$uids[] = $record->uid;
	113	}
	114
	115	$_cache[$permissionName] = self::getContactEmails($uids);
	116	return $_cache[$permissionName];
	117	}
	118
	119	/**
e7c15cb6	120	* @inheritDoc
68be1dfe	121	*/
00be9182	122	public function upgradePermissions($permissions) {
68be1dfe EM	123	if (empty($permissions)) {
	124	throw new CRM_Core_Exception("Cannot upgrade permissions: permission list missing");
	125	}
	126	$query = db_delete('role_permission')
	127	->condition('module', 'civicrm')
	128	->condition('permission', array_keys($permissions), 'NOT IN');
	129	$query->execute();
	130	}
96025800	131
232624b1	132	}