Project

General

Profile

Bug #3038 » 3038.patch

krileon, 29 November 2011 22:35

View differences:

administrator/components/com_comprofiler/library/cb/cb.acl.php
return $return;
}
function get_allowed_access( $access_gid, $recurse, $user_gid ) {
if ( ( $access_gid == -2 ) || ( ( $access_gid == -1 ) && ( $user_gid && ( $user_gid != $this->mapGroupNamesToValues( 'Public' ) ) ) ) ) {
function get_allowed_access( $access_gid, $recurse, $user_gids ) {
if ( ! is_array( $user_gids ) ) {
$user_gids = array( $user_gids );
}
if ( ( $access_gid == -2 ) || ( ( $access_gid == -1 ) && ( $user_gids && ( ! in_array( $this->mapGroupNamesToValues( 'Public' ), $user_gids ) ) ) ) ) {
return true;
} else {
if ( $user_gid == $access_gid ) {
if ( in_array( $access_gid, $user_gids ) ) {
return true;
} else {
if ( $recurse == 'RECURSE' ) {
$group_children = $this->get_group_parent_ids( $access_gid );
if ( is_array( $group_children ) && ( count( $group_children ) > 0 ) ) {
if ( in_array( $user_gid, $group_children ) ) {
if ( array_intersect( $user_gids, $group_children ) ) {
return true;
}
}
......
$id = (int) $grp->id;
$parent = (int) $grp->parent_id;
$grps = array( $parent, $id );
// Go no further if group has no parent:
if ( $parent ) {
// Determine Joomla version:
......
return 2; // Public Backend
}
}
// Loop through for deep groups:
return $this->get_parent_container( $groups[$parent], $groups );
} else {
......
return null; // Unknown
}
function get_groups_below_me() {
function get_groups_below_me( $myId = null, $raw = false ) {
global $_CB_framework;
static $gids = array();
$myId = $_CB_framework->myId();
if ( $myId === null ) {
$myId = $_CB_framework->myId();
} else {
$myId = (int) $myId;
}
if ( ! isset( $gids[$myId] ) ) {
if ( checkJversion() == 2 ) {
......
}
}
}
$gids[$myId] = array_values( $groups );
}
return $gids[$myId];
$rows = $gids[$myId];
if ( $rows ) {
if ( $raw ) {
$grps = array( -2 );
if ( $myId ) {
$grps[] = -1;
}
foreach ( $rows as $row ) {
$grps[] = (int) $row->value;
}
$rows = $grps;
}
} else {
$rows = array();
}
return $rows;
}
/**
......
} else {
$this_group = 'Registered';
$obj->gid = $this->get_group_id( $this_group, 'ARO' );
$obj->gids = $this->get_groups_below_me( $user_id, true );
}
if ( ( ! $allow_myself ) && ( $user_id == $_CB_framework->myId() ) ){
$msg .= "You cannot $action Yourself! ";
} else {
$myGid = $this->get_user_group_id( $_CB_framework->myId() );
$myGids = $this->get_groups_below_me( $_CB_framework->myId(), true );
if ( $myGid != $cms_super_admin ) {
if ( ( ( $obj->gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $user_id && $obj->gid && ! in_array( $obj->gid, $this->get_group_children_ids( $myGid ) ) ) ) {
if ( ! in_array( $cms_super_admin, $myGids ) ) {
if ( ( ( ! array_intersect( $myGids, $obj->gids ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $user_id && $obj->gids && ( ! array_intersect( $obj->gids, $myGids ) ) ) ) {
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
}
}
......
} else {
$this_group = 'Registered';
$gid = $this->get_group_id( $this_group, 'ARO' );
$myGid = $this->get_user_group_id( $_CB_framework->myId() );
$myGids = $this->get_groups_below_me( $_CB_framework->myId(), true );
if ( ( ( $gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $gid && ! in_array( $gid, $this->get_group_children_ids( $myGid ) ) ) ) { $msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
if ( ( ! array_intersect( $myGids, array( $gid ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $gid && ( ! array_intersect( array( $gid ), $myGids ) ) ) ) {
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
}
}
......
}
}
} elseif ( $ueConfig[$action] > 1 ) {
if ( in_array( $this->get_user_group_id( $_CB_framework->myId() ), $this->get_group_parent_ids( $ueConfig[$action] ) ) ) {
if ( in_array( $ueConfig[$action], $this->get_groups_below_me( $_CB_framework->myId(), true ) ) ) {
$ret = null;
} else {
$ret = false;
......
$user_id = (int) $user_id;
if ( ! isset( $uid[$user_id] ) ) {
$uid[$user_id] = ( $user_id && in_array( $this->get_user_group_id( $user_id ), $this->get_group_parent_ids( $ueConfig['imageApproverGid'] ) ) );
$uid[$user_id] = ( $user_id && in_array( $ueConfig['imageApproverGid'], $this->get_groups_below_me( $user_id, true ) ) );
}
return $uid[$user_id];
(1-1/10)