CRM/Core/Permission/Drupal6.php

   1 <?php
   2 /*
   3  +--------------------------------------------------------------------+
   4  | CiviCRM version 4.5                                                |
   5  +--------------------------------------------------------------------+
   6  | Copyright CiviCRM LLC (c) 2004-2014                                |
   7  +--------------------------------------------------------------------+
   8  | This file is a part of CiviCRM.                                    |
   9  |                                                                    |
  10  | CiviCRM is free software; you can copy, modify, and distribute it  |
  11  | under the terms of the GNU Affero General Public License           |
  12  | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
  13  |                                                                    |
  14  | CiviCRM is distributed in the hope that it will be useful, but     |
  15  | WITHOUT ANY WARRANTY; without even the implied warranty of         |
  16  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
  17  | See the GNU Affero General Public License for more details.        |
  18  |                                                                    |
  19  | You should have received a copy of the GNU Affero General Public   |
  20  | License and the CiviCRM Licensing Exception along                  |
  21  | with this program; if not, contact CiviCRM LLC                     |
  22  | at info[AT]civicrm[DOT]org. If you have questions about the        |
  23  | GNU Affero General Public License or the licensing of CiviCRM,     |
  24  | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
  25  +--------------------------------------------------------------------+
  26 */
  27
  28 /**
  29  *
  30  * @package CRM
  31  * @copyright CiviCRM LLC (c) 2004-2014
  32  * $Id$
  33  *
  34  */
  35
  36 /**
  37  *
  38  */
  39 class CRM_Core_Permission_Drupal6 extends CRM_Core_Permission_DrupalBase {
  40
  41   /**
  42    * is this user someone with access for the entire system
  43    *
  44    * @var boolean
  45    */
  46   protected $_viewAdminUser = FALSE;
  47   protected $_editAdminUser = FALSE;
  48
  49   /**
  50    * am in in view permission or edit permission?
  51    * @var boolean
  52    */
  53   protected $_viewPermission = FALSE;
  54   protected $_editPermission = FALSE;
  55
  56   /**
  57    * the current set of permissioned groups for the user
  58    *
  59    * @var array
  60    */
  61   protected $_viewPermissionedGroups;
  62   protected $_editPermissionedGroups;
  63
  64   /**
  65    * given a permission string, check for access requirements
  66    *
  67    * @param string $str the permission to check
  68    *
  69    * @param null $contactID
  70    *
  71    * @return boolean true if yes, else false
  72    * @access public
  73    */
  74   function check($str, $contactID = NULL) {
  75     $str = $this->translatePermission($str, 'Drupal6', array(
  76       'view user account' => 'access user profiles',
  77       'administer users' => 'administer users',
  78     ));
  79     if ($str == CRM_Core_Permission::ALWAYS_DENY_PERMISSION) {
  80       return FALSE;
  81     }
  82     if ($str == CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) {
  83       return TRUE;
  84     }
  85     if (function_exists('user_access')) {
  86       return user_access($str) ? TRUE : FALSE;
  87     }
  88     return TRUE;
  89   }
  90
  91   /**
  92    * Given a roles array, check for access requirements
  93    *
  94    * @param array $array the roles to check
  95    *
  96    * @return boolean true if yes, else false
  97    * @access public
  98    */
  99
 100   function checkGroupRole($array) {
 101     if (function_exists('user_load') && isset($array)) {
 102       $user = user_load(array('uid' => $GLOBALS['user']->uid));
 103       //if giver roles found in user roles - return true
 104       foreach ($array as $key => $value) {
 105         if (in_array($value, $user->roles)) {
 106           return TRUE;
 107         }
 108       }
 109     }
 110     return FALSE;
 111   }
 112
 113   /**
 114    * Get all the contact emails for users that have a specific role
 115    *
 116    * @param string $roleName name of the role we are interested in
 117    *
 118    * @return string a comma separated list of email addresses
 119    */
 120   public function roleEmails($roleName) {
 121     static $_cache = array();
 122
 123     if (isset($_cache[$roleName])) {
 124       return $_cache[$roleName];
 125     }
 126
 127     $uids = array();
 128     $sql = "
 129     SELECT     {users}.uid
 130     FROM       {users}
 131     LEFT  JOIN {users_roles} ON {users}.uid = {users_roles}.uid
 132     INNER JOIN {role}        ON ( {role}.rid = {users_roles}.rid OR {role}.rid = 2 )
 133     WHERE      {role}. name LIKE '%%{$roleName}%%'
 134     AND        {users}.status = 1
 135     ";
 136
 137     $query = db_query($sql);
 138     while ($result = db_fetch_object($query)) {
 139     $uids[] = $result->uid;
 140   }
 141
 142     $_cache[$roleName] = self::getContactEmails($uids);
 143     return $_cache[$roleName];
 144   }
 145
 146   /**
 147    * Get all the contact emails for users that have a specific permission
 148    *
 149    * @param string $permissionName name of the permission we are interested in
 150    *
 151    * @return string a comma separated list of email addresses
 152    */
 153   public function permissionEmails($permissionName) {
 154     static $_cache = array();
 155
 156     if (isset($_cache[$permissionName])) {
 157       return $_cache[$permissionName];
 158     }
 159
 160     $uids = array();
 161     $sql = "
 162     SELECT     {users}.uid, {permission}.perm
 163     FROM       {users}
 164     LEFT  JOIN {users_roles} ON {users}.uid = {users_roles}.uid
 165     INNER JOIN {permission}  ON ( {permission}.rid = {users_roles}.rid OR {permission}.rid = 2 )
 166     WHERE      {permission}.perm LIKE '%%{$permissionName}%%'
 167     AND        {users}.status = 1
 168     ";
 169
 170     $query = db_query($sql);
 171     while ($result = db_fetch_object($query)) {
 172     $uids[] = $result->uid;
 173   }
 174
 175   $_cache[$permissionName] = self::getContactEmails($uids);
 176   return $_cache[$permissionName];
 177   }
 178
 179   /**
 180    * {@inheritDoc}
 181    */
 182   public function isModulePermissionSupported() {
 183     return TRUE;
 184   }
 185
 186   /**
 187    * {@inheritdoc}
 188    *
 189    * Does nothing in Drupal 6.
 190    */
 191   function upgradePermissions($permissions) {
 192     // D6 allows us to be really lazy... things get cleaned up when the admin form is next submitted...
 193   }
 194
 195   /**
 196    * Get the permissions defined in the hook_civicrm_permission implementation
 197    * of the given module.
 198    *
 199    * @param $module
 200    *
 201    * @return Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions().
 202    */
 203   static function getModulePermissions($module) {
 204     $return_permissions = array();
 205     $fn_name = "{$module}_civicrm_permission";
 206     if (function_exists($fn_name)) {
 207       $fn_name($return_permissions);
 208     }
 209     return $return_permissions;
 210   }
 211 }
 212