Project

General

Profile

Bug #3038 » 3038-pt2_rev2.patch

krileon, 01 February 2012 18:11

View differences:

/administrator/components/com_comprofiler/library/cb/cb.acl.php
return $rows;
}
function get_groups_above_me( $myId = null, $raw = false ) {
global $_CB_framework;
static $gids = array();
if ( $myId === null ) {
$myId = $_CB_framework->myId();
} else {
$myId = (int) $myId;
}
if ( ! isset( $gids[$myId] ) ) {
if ( checkJversion() == 2 ) {
$my_groups = $this->get_object_groups( $myId );
} elseif ( checkJversion() == 1 ) {
$aro_id = $this->get_object_id( 'users', $myId, 'ARO' );
$my_groups = $this->get_object_groups( $aro_id, 'ARO' );
} else {
$my_groups = $this->get_object_groups( 'users', $myId, 'ARO' );
}
$my_gids = array();
if ( $my_groups ) foreach ( $my_groups as $gid ) {
$my_gids = array_unique( array_merge( $my_gids, $this->get_group_parent_ids( $gid ) ) );
if ( checkJversion() == 2 ) {
$my_gids = array_unique( array_merge( $my_gids, $this->get_object_groups( $myId, null, 'RECURSE' ) ) );
}
}
if ( ( ! is_array( $my_gids ) ) || empty( $my_gids ) ) {
$my_gids = array();
} else {
cbArrayToInts( $my_gids );
$below_me = $this->get_groups_below_me( $myId, true );
if ( $below_me ) foreach ( $my_gids as $k => $v ) {
if ( in_array( $v, $below_me ) ) {
unset( $my_gids[$k] );
}
}
}
$groups = $this->get_group_children_tree( null, 'USERS', false );
if ( $groups ) foreach ( $groups as $k => $v ) {
if ( ! in_array( (int) $v->value, $my_gids ) ) {
unset( $groups[$k] );
}
}
$gids[$myId] = array_values( $groups );
}
$rows = $gids[$myId];
if ( $rows ) {
if ( $raw ) {
$grps = array();
foreach ( $rows as $row ) {
$grps[] = (int) $row->value;
}
$rows = $grps;
}
} else {
$rows = array();
}
return $rows;
}
/**
* Prepare top most GID from array of IDs
*
......
if ( ( ! $allow_myself ) && ( $user_id == $_CB_framework->myId() ) ){
$msg .= "You cannot $action Yourself! ";
} else {
//// OLD WAY:
$myGid = $this->get_user_group_id( $_CB_framework->myId() );
if ( $myGid != $cms_super_admin ) {
if ( ( ( $obj->gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $user_id && $obj->gid && ! in_array( $obj->gid, $this->get_group_children_ids( $myGid ) ) ) ) {
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
}
}
//// NEW WAY:
// OLD METHOD:
// $myGid = $this->get_user_group_id( $_CB_framework->myId() );
//
// if ( $myGid != $cms_super_admin ) {
// if ( ( ( $obj->gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $user_id && $obj->gid && ! in_array( $obj->gid, $this->get_group_children_ids( $myGid ) ) ) ) {
// $msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
// }
// }
// NEW METHOD:
$userGids = $this->get_groups_above_me( $user_id, true );
$myGids = $this->get_groups_below_me( $_CB_framework->myId(), true );
if ( ! in_array( $cms_super_admin, $myGids ) ) {
if ( ( ( ! array_intersect( $myGids, $obj->gids ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $user_id && $obj->gids && ( ! array_intersect( $obj->gids, $myGids ) ) ) ) {
if ( checkJversion() == 2 ) {
$myGroups = $this->get_object_groups( $_CB_framework->myId() );
} elseif ( checkJversion() == 1 ) {
$myAro_id = $this->get_object_id( 'users', $_CB_framework->myId(), 'ARO' );
$myGroups = $this->get_object_groups( $myAro_id, 'ARO' );
} else {
$myGroups = $this->get_object_groups( 'users', $_CB_framework->myId(), 'ARO' );
}
if ( ( ! in_array( $cms_super_admin, $myGids ) ) && ( ! ( ( $user_id == $_CB_framework->myId() ) && array_intersect( $myGids, $cms_admins ) ) ) ) {
if ( ( ( ! array_intersect( $userGids, $myGroups ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $user_id && $obj->gids && ( ! array_intersect( $userGids, $myGroups ) ) ) ) {
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
}
}
//// END.
}
}
} else {
$this_group = 'Registered';
$gid = $this->get_group_id( $this_group, 'ARO' );
//// OLD WAY:
$myGid = $this->get_user_group_id( $_CB_framework->myId() );
if ( ( ( $gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $gid && ! in_array( $gid, $this->get_group_children_ids( $myGid ) ) ) ) {
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
}
//// NEW WAY:
// OLD METHOD:
// $myGid = $this->get_user_group_id( $_CB_framework->myId() );
//
// if ( ( ( $gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $gid && ! in_array( $gid, $this->get_group_children_ids( $myGid ) ) ) ) {
// $msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
// }
// NEW METHOD:
$myGids = $this->get_groups_below_me( $_CB_framework->myId(), true );
if ( ( ! array_intersect( $myGids, array( $gid ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $gid && ( ! array_intersect( array( $gid ), $myGids ) ) ) ) {
if ( ( ! in_array( $gid, $myGids ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $gid && ( ! in_array( $gid, $myGids ) ) ) ) {
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
}
//// END.
}
return $msg;
(5-5/10)