Bug #3038 » 3038-pt2_rev3.patch
| administrator/components/com_comprofiler/library/cb/cb.acl.php | ||
|---|---|---|
|
return $rows;
|
||
|
}
|
||
|
|
||
|
function get_groups_above_me( $myId = null, $raw = false ) {
|
||
|
global $_CB_framework;
|
||
|
|
||
|
static $gids = array();
|
||
|
|
||
|
if ( $myId === null ) {
|
||
|
$myId = $_CB_framework->myId();
|
||
|
} else {
|
||
|
$myId = (int) $myId;
|
||
|
}
|
||
|
|
||
|
if ( ! isset( $gids[$myId] ) ) {
|
||
|
if ( checkJversion() == 2 ) {
|
||
|
$my_groups = $this->get_object_groups( $myId );
|
||
|
} elseif ( checkJversion() == 1 ) {
|
||
|
$aro_id = $this->get_object_id( 'users', $myId, 'ARO' );
|
||
|
$my_groups = $this->get_object_groups( $aro_id, 'ARO' );
|
||
|
} else {
|
||
|
$my_groups = $this->get_object_groups( 'users', $myId, 'ARO' );
|
||
|
}
|
||
|
|
||
|
$my_gids = array();
|
||
|
|
||
|
if ( $my_groups ) foreach ( $my_groups as $gid ) {
|
||
|
$my_gids = array_unique( array_merge( $my_gids, $this->get_group_parent_ids( $gid ) ) );
|
||
|
|
||
|
if ( checkJversion() == 2 ) {
|
||
|
$my_gids = array_unique( array_merge( $my_gids, $this->get_object_groups( $myId, null, 'RECURSE' ) ) );
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if ( ( ! is_array( $my_gids ) ) || empty( $my_gids ) ) {
|
||
|
$my_gids = array();
|
||
|
} else {
|
||
|
cbArrayToInts( $my_gids );
|
||
|
|
||
|
$below_me = $this->get_groups_below_me( $myId, true );
|
||
|
|
||
|
if ( $below_me ) foreach ( $my_gids as $k => $v ) {
|
||
|
if ( in_array( $v, $below_me ) ) {
|
||
|
unset( $my_gids[$k] );
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$groups = $this->get_group_children_tree( null, 'USERS', false );
|
||
|
|
||
|
if ( $groups ) foreach ( $groups as $k => $v ) {
|
||
|
if ( ! in_array( (int) $v->value, $my_gids ) ) {
|
||
|
unset( $groups[$k] );
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$gids[$myId] = array_values( $groups );
|
||
|
}
|
||
|
|
||
|
$rows = $gids[$myId];
|
||
|
|
||
|
if ( $rows ) {
|
||
|
if ( $raw ) {
|
||
|
$grps = array();
|
||
|
|
||
|
foreach ( $rows as $row ) {
|
||
|
$grps[] = (int) $row->value;
|
||
|
}
|
||
|
|
||
|
$rows = $grps;
|
||
|
}
|
||
|
} else {
|
||
|
$rows = array();
|
||
|
}
|
||
|
|
||
|
return $rows;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Prepare top most GID from array of IDs
|
||
|
*
|
||
| ... | ... | |
|
if ( ( ! $allow_myself ) && ( $user_id == $_CB_framework->myId() ) ){
|
||
|
$msg .= "You cannot $action Yourself! ";
|
||
|
} else {
|
||
|
//// OLD WAY:
|
||
|
$myGid = $this->get_user_group_id( $_CB_framework->myId() );
|
||
|
|
||
|
if ( $myGid != $cms_super_admin ) {
|
||
|
if ( ( ( $obj->gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $user_id && $obj->gid && ! in_array( $obj->gid, $this->get_group_children_ids( $myGid ) ) ) ) {
|
||
|
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
|
||
|
}
|
||
|
}
|
||
|
//// NEW WAY:
|
||
|
// OLD METHOD:
|
||
|
// $myGid = $this->get_user_group_id( $_CB_framework->myId() );
|
||
|
//
|
||
|
// if ( $myGid != $cms_super_admin ) {
|
||
|
// if ( ( ( $obj->gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $user_id && $obj->gid && ! in_array( $obj->gid, $this->get_group_children_ids( $myGid ) ) ) ) {
|
||
|
// $msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
|
||
|
// }
|
||
|
// }
|
||
|
// NEW METHOD:
|
||
|
$userGids = $this->get_groups_above_me( $user_id, true );
|
||
|
$myGids = $this->get_groups_below_me( $_CB_framework->myId(), true );
|
||
|
|
||
|
if ( ! in_array( $cms_super_admin, $myGids ) ) {
|
||
|
if ( ( ( ! array_intersect( $myGids, $obj->gids ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $user_id && $obj->gids && ( ! array_intersect( $obj->gids, $myGids ) ) ) ) {
|
||
|
if ( checkJversion() == 2 ) {
|
||
|
$myGroups = $this->get_object_groups( $_CB_framework->myId() );
|
||
|
} elseif ( checkJversion() == 1 ) {
|
||
|
$myAro_id = $this->get_object_id( 'users', $_CB_framework->myId(), 'ARO' );
|
||
|
$myGroups = $this->get_object_groups( $myAro_id, 'ARO' );
|
||
|
} else {
|
||
|
$myGroups = $this->get_object_groups( 'users', $_CB_framework->myId(), 'ARO' );
|
||
|
}
|
||
|
|
||
|
if ( ( ! in_array( $cms_super_admin, $myGids ) ) && ( ! ( ( $user_id == $_CB_framework->myId() ) && array_intersect( $myGids, $cms_admins ) ) ) ) {
|
||
|
if ( ( ( ! array_intersect( $userGids, $myGroups ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $user_id && $obj->gids && ( ! array_intersect( $userGids, $myGroups ) ) ) ) {
|
||
|
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
|
||
|
}
|
||
|
}
|
||
|
//// END.
|
||
|
}
|
||
|
}
|
||
|
} else {
|
||
|
$this_group = 'Registered';
|
||
|
$gid = $this->get_group_id( $this_group, 'ARO' );
|
||
|
//// OLD WAY:
|
||
|
$myGid = $this->get_user_group_id( $_CB_framework->myId() );
|
||
|
|
||
|
if ( ( ( $gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $gid && ! in_array( $gid, $this->get_group_children_ids( $myGid ) ) ) ) {
|
||
|
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
|
||
|
}
|
||
|
//// NEW WAY:
|
||
|
// OLD METHOD:
|
||
|
// $myGid = $this->get_user_group_id( $_CB_framework->myId() );
|
||
|
//
|
||
|
// if ( ( ( $gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $gid && ! in_array( $gid, $this->get_group_children_ids( $myGid ) ) ) ) {
|
||
|
// $msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
|
||
|
// }
|
||
|
// NEW METHOD:
|
||
|
$myGids = $this->get_groups_below_me( $_CB_framework->myId(), true );
|
||
|
|
||
|
if ( ( ! array_intersect( $myGids, array( $gid ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $gid && ( ! array_intersect( array( $gid ), $myGids ) ) ) ) {
|
||
|
if ( ( ! in_array( $gid, $myGids ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $gid && ( ! in_array( $gid, $myGids ) ) ) ) {
|
||
|
$msg .= "You cannot $action a `$this_group`. Only higher-level users have this power. ";
|
||
|
}
|
||
|
//// END.
|
||
|
}
|
||
|
|
||
|
return $msg;
|
||