| 698 |
698 |
{
|
| 699 |
699 |
return $this->coo_mysqli;
|
| 700 |
700 |
}
|
| 701 |
|
|
| 702 |
|
|
| 703 |
|
/**
|
| 704 |
|
* Adds a new Admin Access Group into the database.
|
| 705 |
|
*
|
| 706 |
|
* @param array $names Array which contains the names for this group. Keys must be the language id.
|
| 707 |
|
* @param array $descriptions Array which contains the descriptions for this group. Keys must be the language id.
|
| 708 |
|
* @param int $sortOrder Sort order.
|
| 709 |
|
* @param int $parentId Parent group id.
|
| 710 |
|
*
|
| 711 |
|
* @return int|bool Returns the group id on success or false on failure.
|
| 712 |
|
*/
|
| 713 |
|
public function addAdminAccessGroup($names, $descriptions = array(), $sortOrder = 0, $parentId = 0, $protected = true)
|
| 714 |
|
{
|
| 715 |
|
$query = sprintf('INSERT INTO `admin_access_groups` (`parent_id`, `sort_order`, `protected`) VALUES (%d, %d, %d);',
|
| 716 |
|
(int)$parentId, (int)$sortOrder, (int)$protected);
|
| 717 |
|
$groupId = $this->query($query);
|
| 718 |
|
if($groupId === false)
|
| 719 |
|
{
|
| 720 |
|
return false;
|
| 721 |
|
}
|
| 722 |
|
|
| 723 |
|
$query = 'INSERT INTO `admin_access_group_descriptions` (`admin_access_group_id`, `language_id`, `name`, `description`) VALUES ';
|
| 724 |
|
foreach($names as $languageId => $name)
|
| 725 |
|
{
|
| 726 |
|
$query .= sprintf('(%d, %d, "%s", "%s"), ', (int)$groupId, (int)$languageId,
|
| 727 |
|
$this->real_escape_string($name),
|
| 728 |
|
(isset($descriptions[$languageId]) ? $this->real_escape_string($descriptions[$languageId]) : ''));
|
| 729 |
|
}
|
| 730 |
|
|
| 731 |
|
if($this->query(substr($query, 0, -2) . ';') !== false)
|
| 732 |
|
{
|
| 733 |
|
return $groupId;
|
| 734 |
|
}
|
| 735 |
|
|
| 736 |
|
return false;
|
| 737 |
|
}
|
| 738 |
|
|
| 739 |
|
|
| 740 |
|
/**
|
| 741 |
|
* Adds a Group Item to an existing Admin Access Group.
|
| 742 |
|
*
|
| 743 |
|
* @param int $groupId Group ID.
|
| 744 |
|
* @param string|array $types Type of this item. Should be "CONTROLLER", "PAGE" or "AJAX_HANDLER".
|
| 745 |
|
* @param string|array $identifiers Identifier of this item. Must be the name of the controller or page.
|
| 746 |
|
*
|
| 747 |
|
* @return bool Return true on success and false on failure.
|
| 748 |
|
*/
|
| 749 |
|
public function addAdminAccessGroupItem($groupId, $types, $identifiers)
|
| 750 |
|
{
|
| 751 |
|
$query = 'REPLACE INTO `admin_access_group_items` (`admin_access_group_id`, `identifier`, `type`) VALUES ';
|
| 752 |
|
|
| 753 |
|
if(is_array($identifiers))
|
| 754 |
|
{
|
| 755 |
|
foreach($identifiers as $index => $identifier)
|
| 756 |
|
{
|
| 757 |
|
$query .= sprintf('(%d, "%s", "%s"), ', (int)$groupId, $this->real_escape_string($identifier),
|
| 758 |
|
$this->real_escape_string(is_array($types) ? $types[$index] : $types));
|
| 759 |
|
}
|
| 760 |
|
}
|
| 761 |
|
else
|
| 762 |
|
{
|
| 763 |
|
$query .= sprintf('(%d, "%s", "%s"), ', (int)$groupId, $this->real_escape_string($identifiers),
|
| 764 |
|
$this->real_escape_string($types));
|
| 765 |
|
}
|
| 766 |
|
|
| 767 |
|
return $this->query(substr($query, 0, -2) . ';') !== false;
|
| 768 |
|
}
|
| 769 |
|
|
| 770 |
|
|
| 771 |
|
/**
|
| 772 |
|
* Adds a new Admin Access Role into the database.
|
| 773 |
|
*
|
| 774 |
|
* @param array $names Array which contains the names for this role. Keys must be the language id.
|
| 775 |
|
* @param array $descriptions Array which contains the descriptions for this role. Keys must be the language id.
|
| 776 |
|
* @param int $sortOrder Sort order.
|
| 777 |
|
*
|
| 778 |
|
* @return int|bool Returns the role id on success or false on failure.
|
| 779 |
|
*/
|
| 780 |
|
public function addAdminAccessRole($names, $descriptions = array(), $sortOrder = 0, $protected = true)
|
| 781 |
|
{
|
| 782 |
|
$query = sprintf('INSERT INTO `admin_access_roles` (`sort_order`, `protected`) VALUES (%d, %d);', (int)$sortOrder, (int)$protected);
|
| 783 |
|
$roleId = $this->query($query);
|
| 784 |
|
if($roleId === false)
|
| 785 |
|
{
|
| 786 |
|
return false;
|
| 787 |
|
}
|
| 788 |
|
|
| 789 |
|
$query = 'INSERT INTO `admin_access_role_descriptions` (`admin_access_role_id`, `language_id`, `name`, `description`) VALUES ';
|
| 790 |
|
foreach($names as $languageId => $name)
|
| 791 |
|
{
|
| 792 |
|
$query .= sprintf('(%d, %d, "%s", "%s"), ', (int)$roleId, (int)$languageId,
|
| 793 |
|
$this->real_escape_string($name),
|
| 794 |
|
(isset($descriptions[$languageId]) ? $this->real_escape_string($descriptions[$languageId]) : ''));
|
| 795 |
|
}
|
| 796 |
|
|
| 797 |
|
if($this->query(substr($query, 0, -2) . ';') !== false)
|
| 798 |
|
{
|
| 799 |
|
return $roleId;
|
| 800 |
|
}
|
| 801 |
|
|
| 802 |
|
return false;
|
| 803 |
|
}
|
| 804 |
|
|
| 805 |
|
|
| 806 |
|
/**
|
| 807 |
|
* Grants permission for an existing Admin Access Permission.
|
| 808 |
|
* The permission will be identified by the ID of the Admin Access Role and Group.
|
| 809 |
|
*
|
| 810 |
|
* @param int $roleId Role id.
|
| 811 |
|
* @param int $groupId Group id.
|
| 812 |
|
* @param bool $grantReading True if reading permission should be granted, otherwise false.
|
| 813 |
|
* @param bool $grantWriting True if writing permission should be granted, otherwise false.
|
| 814 |
|
* @param bool $grantDeleting True if deleting permission should be granted, otherwise false.
|
| 815 |
|
*
|
| 816 |
|
* @return bool Return true on success and false on failure.
|
| 817 |
|
*/
|
| 818 |
|
public function grantAdminAccessPermission($roleId,
|
| 819 |
|
$groupId,
|
| 820 |
|
$grantReading = true,
|
| 821 |
|
$grantWriting = true,
|
| 822 |
|
$grantDeleting = true)
|
| 823 |
|
{
|
| 824 |
|
$query = sprintf('REPLACE INTO `admin_access_permissions` (`admin_access_role_id`, `admin_access_group_id`, `reading_granted`, `writing_granted`, `deleting_granted`) VALUES (%d, %d, %d, %d, %d);',
|
| 825 |
|
(int)$roleId, (int)$groupId, (int)$grantReading, (int)$grantWriting, (int)$grantDeleting);
|
| 826 |
|
$error = $this->query($query) !== false;
|
| 827 |
|
|
| 828 |
|
$parentGroupSql = sprintf('SELECT * FROM `admin_access_groups` WHERE `admin_access_group_id` = (SELECT `parent_id` FROM `admin_access_groups` WHERE `admin_access_group_id` = %d);',
|
| 829 |
|
(int)$groupId);
|
| 830 |
|
$parentGroupQuery = $this->query($parentGroupSql, true);
|
| 831 |
|
if($parentGroupQuery->num_rows > 0)
|
| 832 |
|
{
|
| 833 |
|
$parentGroup = $parentGroupQuery->fetch_assoc();
|
| 834 |
|
|
| 835 |
|
if((int)($parentGroup['admin_access_group_id']) > 0)
|
| 836 |
|
{
|
| 837 |
|
$error &= $this->grantAdminAccessPermission($roleId, (int)$parentGroup['admin_access_group_id'],
|
| 838 |
|
$grantReading ? : $parentGroup['reading_granted'] === '1',
|
| 839 |
|
$grantWriting ? : $parentGroup['writing_granted'] === '1',
|
| 840 |
|
$grantDeleting ? : $parentGroup['deleting_granted']
|
| 841 |
|
=== '1');
|
| 842 |
|
}
|
| 843 |
|
}
|
| 844 |
|
|
| 845 |
|
return $error;
|
| 846 |
|
}
|
| 847 |
|
|
| 848 |
|
|
| 849 |
|
/**
|
| 850 |
|
* Adds an existing Admin Access Role to an existing Customer/Admin.
|
| 851 |
|
*
|
| 852 |
|
* @param int $roleId Role id.
|
| 853 |
|
* @param int $customerId Customer id.
|
| 854 |
|
*
|
| 855 |
|
* @return bool Return true on success and false on failure.
|
| 856 |
|
*/
|
| 857 |
|
public function addAdminAccessRoleToUserByCustomerId($roleId, $customerId)
|
| 858 |
|
{
|
| 859 |
|
$query = sprintf('REPLACE INTO `admin_access_users` (`customer_id`, `admin_access_role_id`) VALUES (%d, %d);',
|
| 860 |
|
(int)$customerId, (int)$roleId);
|
| 861 |
|
|
| 862 |
|
return $this->query($query) !== false;
|
| 863 |
|
}
|
| 864 |
|
|
| 865 |
|
|
| 866 |
|
/**
|
| 867 |
|
* Removes an existing Admin Access Role to an existing Customer/Admin.
|
| 868 |
|
*
|
| 869 |
|
* @param int $roleId Role id.
|
| 870 |
|
* @param int $customerId Customer id.
|
| 871 |
|
*
|
| 872 |
|
* @return bool Return true on success and false on failure.
|
| 873 |
|
*/
|
| 874 |
|
public function removeAdminAccessRoleFromUserByCustomerId($roleId, $customerId)
|
| 875 |
|
{
|
| 876 |
|
$query = sprintf('DELETE FROM `admin_access_users` WHERE `customer_id` = %d AND `admin_access_role_id` = %d;',
|
| 877 |
|
(int)$customerId, (int)$roleId);
|
| 878 |
|
|
| 879 |
|
return $this->query($query) !== false;
|
| 880 |
|
}
|
| 881 |
|
|
| 882 |
|
|
| 883 |
|
/**
|
| 884 |
|
* Returns the id of an existing Admin Access Group identified by a type and the identifier.
|
| 885 |
|
*
|
| 886 |
|
* @param string $type Type of this identifier. Should be "PAGE", "CONTROLLER" or "AJAX_HANDLER".
|
| 887 |
|
* @param string $identifier Identifier you are looking for. Should be the name of a controller or page.
|
| 888 |
|
*
|
| 889 |
|
* @return bool Return true on success and false on failure.
|
| 890 |
|
*/
|
| 891 |
|
public function getAdminAccessGroupIdByIdentifier($type, $identifier)
|
| 892 |
|
{
|
| 893 |
|
$query = sprintf('SELECT * FROM `admin_access_group_items` WHERE `type` = "%s" AND `identifier` = "%s" LIMIT 1;',
|
| 894 |
|
$this->real_escape_string($type), $this->real_escape_string($identifier));
|
| 895 |
|
|
| 896 |
|
$group = $this->query($query, true);
|
| 897 |
|
|
| 898 |
|
if($group !== false)
|
| 899 |
|
{
|
| 900 |
|
$group = $group->fetch_assoc();
|
| 901 |
|
|
| 902 |
|
return $group['admin_access_group_id'];
|
| 903 |
|
}
|
| 904 |
|
|
| 905 |
|
return false;
|
| 906 |
|
}
|
| 907 |
|
|
| 908 |
|
|
| 909 |
|
/**
|
| 910 |
|
* Returns the id of an existing Admin Access Group identified by a type and the identifier.
|
| 911 |
|
*
|
| 912 |
|
* @param string $type Type of this identifier. Should be "PAGE", "CONTROLLER" or "AJAX_HANDLER".
|
| 913 |
|
* @param string $identifier Identifier you are looking for. Should be the name of a controller or page.
|
| 914 |
|
*
|
| 915 |
|
* @return bool Return true on success and false on failure.
|
| 916 |
|
*/
|
| 917 |
|
public function getAdminAccessGroupIdByName($name, $languageId = 2)
|
| 918 |
|
{
|
| 919 |
|
$query = sprintf('SELECT * FROM `admin_access_group_descriptions` WHERE `name` = "%s" AND `language_id` = %s LIMIT 1;',
|
| 920 |
|
$this->real_escape_string($name), (int)$languageId);
|
| 921 |
|
|
| 922 |
|
$group = $this->query($query, true);
|
| 923 |
|
|
| 924 |
|
if($group !== false)
|
| 925 |
|
{
|
| 926 |
|
$group = $group->fetch_assoc();
|
| 927 |
|
|
| 928 |
|
return $group['admin_access_group_id'];
|
| 929 |
|
}
|
| 930 |
|
|
| 931 |
|
return false;
|
| 932 |
|
}
|
| 933 |
|
|
| 934 |
|
|
| 935 |
|
/**
|
| 936 |
|
* Checks the deleting permission for a controller.
|
| 937 |
|
*
|
| 938 |
|
* @param string $identifier The name of a controller to identify an admin access group.
|
| 939 |
|
* @param int $customerId ID of a customer to check the permission for.
|
| 940 |
|
*
|
| 941 |
|
* @return bool True if customer has a deleting permission for the controller, false otherwise.
|
| 942 |
|
*/
|
| 943 |
|
public function checkAdminAccessDeletingPermissionForController($identifier, $customerId)
|
| 944 |
|
{
|
| 945 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
| 946 |
|
$this->real_escape_string($identifier), 'CONTROLLER', (int)$customerId);
|
| 947 |
|
$permission = $this->query($query, true);
|
| 948 |
|
|
| 949 |
|
if($permission !== false)
|
| 950 |
|
{
|
| 951 |
|
$permission = $permission->fetch_assoc();
|
| 952 |
|
|
| 953 |
|
return (int)$permission['deleting_granted'] === 1;
|
| 954 |
|
}
|
| 955 |
|
|
| 956 |
|
return false;
|
| 957 |
|
}
|
| 958 |
|
|
| 959 |
|
|
| 960 |
|
/**
|
| 961 |
|
* Checks the deleting permission for a page.
|
| 962 |
|
*
|
| 963 |
|
* @param string $identifier The name of a page to identify an admin access group.
|
| 964 |
|
* @param int $customerId ID of a customer to check permission for.
|
| 965 |
|
*
|
| 966 |
|
* @return bool True if customer has a deleting permission for the page, false otherwise.
|
| 967 |
|
*/
|
| 968 |
|
public function checkAdminAccessDeletingPermissionForPage($identifier, $customerId)
|
| 969 |
|
{
|
| 970 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
| 971 |
|
$this->real_escape_string($identifier), 'PAGE', (int)$customerId);
|
| 972 |
|
$permission = $this->query($query, true);
|
| 973 |
|
|
| 974 |
|
if($permission !== false)
|
| 975 |
|
{
|
| 976 |
|
$permission = $permission->fetch_assoc();
|
| 977 |
|
|
| 978 |
|
return (int)$permission['deleting_granted'] === 1;
|
| 979 |
|
}
|
| 980 |
|
|
| 981 |
|
return false;
|
| 982 |
|
}
|
| 983 |
|
|
| 984 |
|
|
| 985 |
|
/**
|
| 986 |
|
* Checks the deleting permission for an ajax handler.
|
| 987 |
|
*
|
| 988 |
|
* @param string $identifier The name of an ajax handler to identify an admin access group.
|
| 989 |
|
* @param int $customerId ID of a customer to check permission for.
|
| 990 |
|
*
|
| 991 |
|
* @return bool True if customer has a deleting permission for the ajax handler, false otherwise.
|
| 992 |
|
*/
|
| 993 |
|
public function checkAdminAccessDeletingPermissionForAjaxHandler($identifier, $customerId)
|
| 994 |
|
{
|
| 995 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
| 996 |
|
$this->real_escape_string($identifier), 'AJAX_HANDLER', (int)$customerId);
|
| 997 |
|
$permission = $this->query($query, true);
|
| 998 |
|
|
| 999 |
|
if($permission !== false)
|
| 1000 |
|
{
|
| 1001 |
|
$permission = $permission->fetch_assoc();
|
| 1002 |
|
|
| 1003 |
|
return (int)$permission['deleting_granted'] === 1;
|
| 1004 |
|
}
|
| 1005 |
|
|
| 1006 |
|
return false;
|
| 1007 |
|
}
|
| 1008 |
|
|
| 1009 |
|
|
| 1010 |
|
/**
|
| 1011 |
|
* Checks the reading permission for a controller.
|
| 1012 |
|
*
|
| 1013 |
|
* @param string $identifier The name of a controller to identify an admin access group.
|
| 1014 |
|
* @param int $customerId ID of a customer to check the permission for.
|
| 1015 |
|
*
|
| 1016 |
|
* @return bool True if customer has a reading permission for the controller, false otherwise.
|
| 1017 |
|
*/
|
| 1018 |
|
public function checkAdminAccessReadingPermissionForController($identifier, $customerId)
|
| 1019 |
|
{
|
| 1020 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
| 1021 |
|
$this->real_escape_string($identifier), 'CONTROLLER', (int)$customerId);
|
| 1022 |
|
$permission = $this->query($query, true);
|
| 1023 |
|
|
| 1024 |
|
if($permission !== false)
|
| 1025 |
|
{
|
| 1026 |
|
$permission = $permission->fetch_assoc();
|
| 1027 |
|
|
| 1028 |
|
return (int)$permission['reading_granted'] === 1;
|
| 1029 |
|
}
|
| 1030 |
|
|
| 1031 |
|
return false;
|
| 1032 |
|
}
|
| 1033 |
|
|
| 1034 |
|
|
| 1035 |
|
/**
|
| 1036 |
|
* Checks the reading permission for a page.
|
| 1037 |
|
*
|
| 1038 |
|
* @param string $identifier The name of a page to identify an admin access group.
|
| 1039 |
|
* @param int $customerId ID of a customer to check permission for.
|
| 1040 |
|
*
|
| 1041 |
|
* @return bool True if customer has a reading permission for the page, false otherwise.
|
| 1042 |
|
*/
|
| 1043 |
|
public function checkAdminAccessReadingPermissionForPage($identifier, $customerId)
|
| 1044 |
|
{
|
| 1045 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
| 1046 |
|
$this->real_escape_string($identifier), 'PAGE', (int)$customerId);
|
| 1047 |
|
$permission = $this->query($query, true);
|
| 1048 |
|
|
| 1049 |
|
if($permission !== false)
|
| 1050 |
|
{
|
| 1051 |
|
$permission = $permission->fetch_assoc();
|
| 1052 |
|
|
| 1053 |
|
return (int)$permission['reading_granted'] === 1;
|
| 1054 |
|
}
|
| 1055 |
|
|
| 1056 |
|
return false;
|
| 1057 |
|
}
|
| 1058 |
|
|
| 1059 |
|
|
| 1060 |
|
/**
|
| 1061 |
|
* Checks the reading permission for an ajax handler.
|
| 1062 |
|
*
|
| 1063 |
|
* @param string $identifier The name of an ajax handler to identify an admin access group.
|
| 1064 |
|
* @param int $customerId ID of a customer to check permission for.
|
| 1065 |
|
*
|
| 1066 |
|
* @return bool True if customer has a reading permission for the ajax handler, false otherwise.
|
| 1067 |
|
*/
|
| 1068 |
|
public function checkAdminAccessReadingPermissionForAjaxHandler($identifier, $customerId)
|
| 1069 |
|
{
|
| 1070 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
| 1071 |
|
$this->real_escape_string($identifier), 'AJAX_HANDLER', (int)$customerId);
|
| 1072 |
|
$permission = $this->query($query, true);
|
| 1073 |
|
|
| 1074 |
|
if($permission !== false)
|
| 1075 |
|
{
|
| 1076 |
|
$permission = $permission->fetch_assoc();
|
| 1077 |
|
|
| 1078 |
|
return (int)$permission['reading_granted'] === 1;
|
| 1079 |
|
}
|
| 1080 |
|
|
| 1081 |
|
return false;
|
| 1082 |
|
}
|
| 1083 |
|
|
| 1084 |
|
|
| 1085 |
|
/**
|
| 1086 |
|
* Checks the writing permission for a controller.
|
| 1087 |
|
*
|
| 1088 |
|
* @param string $identifier The name of a controller to identify an admin access group.
|
| 1089 |
|
* @param int $customerId ID of a customer to check the permission for.
|
| 1090 |
|
*
|
| 1091 |
|
* @return bool True if customer has a writing permission for the controller, false otherwise.
|
| 1092 |
|
*/
|
| 1093 |
|
public function checkAdminAccessWritingPermissionForController($identifier, $customerId)
|
| 1094 |
|
{
|
| 1095 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
| 1096 |
|
$this->real_escape_string($identifier), 'CONTROLLER', (int)$customerId);
|
| 1097 |
|
$permission = $this->query($query, true);
|
| 1098 |
|
|
| 1099 |
|
if($permission !== false)
|
| 1100 |
|
{
|
| 1101 |
|
$permission = $permission->fetch_assoc();
|
| 1102 |
|
|
| 1103 |
|
return (int)$permission['writing_granted'] === 1;
|
| 1104 |
|
}
|
| 1105 |
|
|
| 1106 |
|
return false;
|
| 1107 |
|
}
|
| 1108 |
|
|
| 1109 |
|
|
| 1110 |
|
/**
|
| 1111 |
|
* Checks the writing permission for a page.
|
| 1112 |
|
*
|
| 1113 |
|
* @param string $identifier The name of a page to identify an admin access group.
|
| 1114 |
|
* @param int $customerId ID of a customer to check permission for.
|
| 1115 |
|
*
|
| 1116 |
|
* @return bool True if customer has a writing permission for the page, false otherwise.
|
| 1117 |
|
*/
|
| 1118 |
|
public function checkAdminAccessWritingPermissionForPage($identifier, $customerId)
|
| 1119 |
|
{
|
| 1120 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
| 1121 |
|
$this->real_escape_string($identifier), 'PAGE', (int)$customerId);
|
| 1122 |
|
$permission = $this->query($query, true);
|
| 1123 |
|
|
| 1124 |
|
if($permission !== false)
|
| 1125 |
|
{
|
| 1126 |
|
$permission = $permission->fetch_assoc();
|
| 1127 |
|
|
| 1128 |
|
return (int)$permission['writing_granted'] === 1;
|
| 1129 |
|
}
|
| 1130 |
|
|
| 1131 |
|
return false;
|
| 1132 |
|
}
|
| 1133 |
|
|
| 1134 |
|
|
| 1135 |
|
/**
|
| 1136 |
|
* Checks the writing permission for an ajax handler.
|
| 1137 |
|
*
|
| 1138 |
|
* @param string $identifier The name of an ajax handler to identify an admin access group.
|
| 1139 |
|
* @param int $customerId ID of a customer to check permission for.
|
| 1140 |
|
*
|
| 1141 |
|
* @return bool True if customer has a writing permission for the ajax handler, false otherwise.
|
| 1142 |
|
*/
|
| 1143 |
|
public function checkAdminAccessWritingPermissionForAjaxHandler($identifier, $customerId)
|
| 1144 |
|
{
|
| 1145 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
| 1146 |
|
$this->real_escape_string($identifier), 'AJAX_HANDLER', (int)$customerId);
|
| 1147 |
|
$permission = $this->query($query, true);
|
| 1148 |
|
|
| 1149 |
|
if($permission !== false)
|
| 1150 |
|
{
|
| 1151 |
|
$permission = $permission->fetch_assoc();
|
| 1152 |
|
|
| 1153 |
|
return (int)$permission['writing_granted'] === 1;
|
| 1154 |
|
}
|
| 1155 |
|
|
| 1156 |
|
return false;
|
| 1157 |
|
}
|
| 1158 |
|
|
| 1159 |
|
|
| 1160 |
|
/**
|
| 1161 |
|
* Returns a collection of all permissions by a given role ID.
|
| 1162 |
|
*
|
| 1163 |
|
* @param int $roleId Role ID.
|
| 1164 |
|
*
|
| 1165 |
|
* @return mysqli_result
|
| 1166 |
|
*/
|
| 1167 |
|
public function getAdminAccessPermissionsByRoleId($roleId)
|
| 1168 |
|
{
|
| 1169 |
|
$query = sprintf('SELECT `permissions`.* FROM `admin_access_permissions` `permissions` WHERE `permissions`.`admin_access_role_id` = %d;',
|
| 1170 |
|
(int)$roleId);
|
| 1171 |
|
|
| 1172 |
|
return $this->query($query, true);
|
| 1173 |
|
}
|
| 1174 |
|
|
| 1175 |
|
|
| 1176 |
|
/**
|
| 1177 |
|
* Returns all roles of certain user by a given user ID.
|
| 1178 |
|
*
|
| 1179 |
|
* @param int $id User ID.
|
| 1180 |
|
*
|
| 1181 |
|
* @return mysqli_result
|
| 1182 |
|
*/
|
| 1183 |
|
public function getAdminAccessRolesByCustomerId($customerId)
|
| 1184 |
|
{
|
| 1185 |
|
$query = sprintf('SELECT `roles`.* FROM `admin_access_users` `users` LEFT JOIN `admin_access_roles` `roles` ON `users`.`admin_access_role_id` = `roles`.`admin_access_role_id` WHERE `users`.`customer_id` = %d;',
|
| 1186 |
|
(int)$customerId);
|
| 1187 |
|
|
| 1188 |
|
return $this->query($query, true);
|
| 1189 |
|
}
|
| 1190 |
|
|
| 1191 |
|
|
| 1192 |
|
/**
|
| 1193 |
|
* Grants deleting permission to a role for a given group id.
|
| 1194 |
|
*
|
| 1195 |
|
* @param int $groupId Group ID to grant permission for.
|
| 1196 |
|
* @param int $roleId Role ID to grant permission for.
|
| 1197 |
|
*
|
| 1198 |
|
* @return bool Return true on success and false on failure.
|
| 1199 |
|
*/
|
| 1200 |
|
public function grantAdminAccessDeletingPermissionToRole($groupId, $roleId)
|
| 1201 |
|
{
|
| 1202 |
|
$query = sprintf('UPDATE `admin_access_permissions` SET `deleting_granted` = "1" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
| 1203 |
|
(int)$roleId, (int)$groupId);
|
| 1204 |
|
$error = $this->query($query) !== false;
|
| 1205 |
|
|
| 1206 |
|
$parentGroupSql = sprintf('SELECT * FROM `admin_access_groups` WHERE `admin_access_group_id` = (SELECT `parent_id` FROM `admin_access_groups` WHERE `admin_access_group_id` = %d);',
|
| 1207 |
|
(int)$groupId);
|
| 1208 |
|
$parentGroupQuery = $this->query($parentGroupSql, true);
|
| 1209 |
|
if($parentGroupQuery->num_rows > 0)
|
| 1210 |
|
{
|
| 1211 |
|
$parentGroup = $parentGroupQuery->fetch_assoc();
|
| 1212 |
|
if((int)$parentGroup['admin_access_group_id'] > 0)
|
| 1213 |
|
{
|
| 1214 |
|
$error &= $this->grantAdminAccessDeletingPermissionToRole((int)$parentGroup['admin_access_group_id'],
|
| 1215 |
|
$roleId);
|
| 1216 |
|
}
|
| 1217 |
|
}
|
| 1218 |
|
|
| 1219 |
|
return $error;
|
| 1220 |
|
}
|
| 1221 |
|
|
| 1222 |
|
|
| 1223 |
|
/**
|
| 1224 |
|
* Removes deleting permission from role for a given group id.
|
| 1225 |
|
*
|
| 1226 |
|
* @param int $groupId Group ID to remove permission for.
|
| 1227 |
|
* @param int $roleId Role ID to remove permission from.
|
| 1228 |
|
*
|
| 1229 |
|
* @return bool Return true on success and false on failure.
|
| 1230 |
|
*/
|
| 1231 |
|
public function removeAdminAccessDeletingPermissionFromRole($groupId, $roleId)
|
| 1232 |
|
{
|
| 1233 |
|
$query = sprintf('UPDATE `admin_access_permissions` SET `deleting_granted` = "0" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
| 1234 |
|
(int)$roleId, (int)$groupId);
|
| 1235 |
|
|
| 1236 |
|
return $this->query($query) !== false;
|
| 1237 |
|
}
|
| 1238 |
|
|
| 1239 |
|
|
| 1240 |
|
/**
|
| 1241 |
|
* Grants reading permission to a role for a given group id.
|
| 1242 |
|
*
|
| 1243 |
|
* @param int $groupId Group ID to grant permission for.
|
| 1244 |
|
* @param int $roleId Role ID to grant permission for.
|
| 1245 |
|
*
|
| 1246 |
|
* @return bool Return true on success and false on failure.
|
| 1247 |
|
*/
|
| 1248 |
|
public function grantAdminAccessReadingPermissionToRole($groupId, $roleId)
|
| 1249 |
|
{
|
| 1250 |
|
$query = sprintf('UPDATE `admin_access_permissions` SET `reading_granted` = "1" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
| 1251 |
|
(int)$roleId, (int)$groupId);
|
| 1252 |
|
$error = $this->query($query) !== false;
|
| 1253 |
|
|
| 1254 |
|
$parentGroupSql = sprintf('SELECT * FROM `admin_access_groups` WHERE `admin_access_group_id` = (SELECT `parent_id` FROM `admin_access_groups` WHERE `admin_access_group_id` = %d);',
|
| 1255 |
|
(int)$groupId);
|
| 1256 |
|
$parentGroupQuery = $this->query($parentGroupSql, true);
|
| 1257 |
|
if($parentGroupQuery->num_rows > 0)
|
| 1258 |
|
{
|
| 1259 |
|
$parentGroup = $parentGroupQuery->fetch_assoc();
|
| 1260 |
|
if((int)$parentGroup['admin_access_group_id'] > 0)
|
| 1261 |
|
{
|
| 1262 |
|
$error &= $this->grantAdminAccessReadingPermissionToRole((int)$parentGroup['admin_access_group_id'],
|
| 1263 |
|
$roleId);
|
| 1264 |
|
}
|
| 1265 |
|
}
|
| 1266 |
|
|
| 1267 |
|
return $error;
|
| 1268 |
|
}
|
| 1269 |
|
|
| 1270 |
|
|
| 1271 |
|
/**
|
| 1272 |
|
* Removes reading permission from role for a given group id.
|
| 1273 |
|
*
|
| 1274 |
|
* @param int $groupId Group ID to remove permission for.
|
| 1275 |
|
* @param int $roleId Role ID to remove permission from.
|
| 1276 |
|
*
|
| 1277 |
|
* @return bool Return true on success and false on failure.
|
| 1278 |
|
*/
|
| 1279 |
|
public function removeAdminAccessReadingPermissionFromRole($groupId, $roleId)
|
| 1280 |
|
{
|
| 1281 |
|
$query = sprintf('UPDATE `admin_access_permissions` SET `reading_granted` = "0" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
| 1282 |
|
(int)$roleId, (int)$groupId);
|
| 1283 |
|
|
| 1284 |
|
return $this->query($query) !== false;
|
| 1285 |
|
}
|
| 1286 |
|
|
| 1287 |
|
|
| 1288 |
|
/**
|
| 1289 |
|
* Grants writing permission to a role for a given group id.
|
| 1290 |
|
*
|
| 1291 |
|
* @param int $groupId Group ID to grant permission for.
|
| 1292 |
|
* @param int $roleId Role ID to grant permission for.
|
| 1293 |
|
*
|
| 1294 |
|
* @return bool Return true on success and false on failure.
|
| 1295 |
|
*/
|
| 1296 |
|
public function grantAdminAccessWritingPermissionToRole($groupId, $roleId)
|
| 1297 |
|
{
|
| 1298 |
|
$query = sprintf('UPDATE `admin_access_permissions` SET `writing_granted` = "1" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
| 1299 |
|
(int)$roleId, (int)$groupId);
|
| 1300 |
|
$error = $this->query($query) !== false;
|
| 1301 |
|
|
| 1302 |
|
$parentGroupSql = sprintf('SELECT * FROM `admin_access_groups` WHERE `admin_access_group_id` = (SELECT `parent_id` FROM `admin_access_groups` WHERE `admin_access_group_id` = %d);',
|
| 1303 |
|
(int)$groupId);
|
| 1304 |
|
$parentGroupQuery = $this->query($parentGroupSql, true);
|
| 1305 |
|
if($parentGroupQuery->num_rows > 0)
|
| 1306 |
|
{
|
| 1307 |
|
$parentGroup = $parentGroupQuery->fetch_assoc();
|
| 1308 |
|
if((int)$parentGroup['admin_access_group_id'] > 0)
|
| 1309 |
|
{
|
| 1310 |
|
$error &= $this->grantAdminAccessWritingPermissionToRole((int)$parentGroup['admin_access_group_id'],
|
| 1311 |
|
$roleId);
|
| 1312 |
|
}
|
| 1313 |
|
}
|
| 1314 |
|
|
| 1315 |
|
return $error;
|
| 1316 |
|
}
|
| 1317 |
|
|
| 1318 |
|
|
| 1319 |
|
/**
|
| 1320 |
|
* Removes writing permission from role for a given group id.
|
| 1321 |
|
*
|
| 1322 |
|
* @param int $groupId Group ID to remove permission for.
|
| 1323 |
|
* @param int $roleId Role ID to remove permission from.
|
| 1324 |
|
*
|
| 1325 |
|
* @return bool Return true on success and false on failure.
|
| 1326 |
|
*/
|
| 1327 |
|
public function removeAdminAccessWritingPermissionFromRole($groupId, $roleId)
|
| 1328 |
|
{
|
| 1329 |
|
$query = sprintf('UPDATE `admin_access_permissions` SET `writing_granted` = "0" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
| 1330 |
|
(int)$roleId, (int)$groupId);
|
| 1331 |
|
|
| 1332 |
|
return $this->query($query) !== false;
|
| 1333 |
|
}
|
| 1334 |
|
|
| 1335 |
|
|
| 1336 |
|
/**
|
| 1337 |
|
* Deletes role by a given role ID.
|
| 1338 |
|
*
|
| 1339 |
|
* @param int $roleId ID of the role that should be deleted.
|
| 1340 |
|
*
|
| 1341 |
|
* @return bool Return true on success and false on failure.
|
| 1342 |
|
*/
|
| 1343 |
|
public function deleteAdminAccessRoleById($roleId)
|
| 1344 |
|
{
|
| 1345 |
|
$query = sprintf('DELETE FROM `admin_access_roles` WHERE `admin_access_role_id` = %d;', (int)$roleId);
|
| 1346 |
|
$error = $this->query($query) !== false;
|
| 1347 |
|
|
| 1348 |
|
$query = sprintf('DELETE FROM `admin_access_role_descriptions` WHERE `admin_access_role_id` = %d;',
|
| 1349 |
|
(int)$roleId);
|
| 1350 |
|
$error &= $this->query($query) !== false;
|
| 1351 |
|
|
| 1352 |
|
$query = sprintf('DELETE FROM `admin_access_users` WHERE `admin_access_role_id` = %d;', (int)$roleId);
|
| 1353 |
|
$error &= $this->query($query) !== false;
|
| 1354 |
|
|
| 1355 |
|
$query = sprintf('DELETE FROM `admin_access_permissions` WHERE `admin_access_role_id` = %d;', (int)$roleId);
|
| 1356 |
|
$error &= $this->query($query) !== false;
|
| 1357 |
|
|
| 1358 |
|
return $error;
|
| 1359 |
|
}
|
| 1360 |
|
|
| 1361 |
|
|
| 1362 |
|
/**
|
| 1363 |
|
* Returns a collection of all roles.
|
| 1364 |
|
*
|
| 1365 |
|
* @return mysqli_result
|
| 1366 |
|
*/
|
| 1367 |
|
public function getAllAdminAccessRoles()
|
| 1368 |
|
{
|
| 1369 |
|
return $this->query('SELECT `roles`.* FROM `admin_access_roles` `roles`;', true);
|
| 1370 |
|
}
|
| 1371 |
|
|
| 1372 |
|
|
| 1373 |
|
/**
|
| 1374 |
|
* Deletes an admin access user by a given customer ID.
|
| 1375 |
|
*
|
| 1376 |
|
* @param int $customerId ID of the user that should be deleted.
|
| 1377 |
|
*
|
| 1378 |
|
* @return bool Return true on success and false on failure.
|
| 1379 |
|
*/
|
| 1380 |
|
public function deleteAdminAccessUserByCustomerId($customerId)
|
| 1381 |
|
{
|
| 1382 |
|
$query = sprintf('DELETE FROM `admin_access_users` WHERE `customer_id` = %d;', (int)$customerId);
|
| 1383 |
|
|
| 1384 |
|
return $this->query($query) !== false;
|
| 1385 |
|
}
|
| 1386 |
|
|
| 1387 |
|
|
| 1388 |
|
/**
|
| 1389 |
|
* Returns a role by a given role ID.
|
| 1390 |
|
*
|
| 1391 |
|
* @param int $roleId ID of the requested role.
|
| 1392 |
|
*
|
| 1393 |
|
* @return mysqli_result
|
| 1394 |
|
*/
|
| 1395 |
|
public function getAdminAccessRoleById($roleId)
|
| 1396 |
|
{
|
| 1397 |
|
$query = sprintf('SELECT `roles`.* FROM `admin_access_roles` `roles` WHERE `roles`.`admin_access_role_id` = %d;',
|
| 1398 |
|
(int)$roleId);
|
| 1399 |
|
|
| 1400 |
|
return $this->query($query, true);
|
| 1401 |
|
}
|
| 1402 |
|
|
| 1403 |
|
|
| 1404 |
|
/**
|
| 1405 |
|
* Returns a collection of all groups.
|
| 1406 |
|
*
|
| 1407 |
|
* @return mysqli_result
|
| 1408 |
|
*/
|
| 1409 |
|
public function getAllAdminAccessGroups()
|
| 1410 |
|
{
|
| 1411 |
|
return $this->query('SELECT `groups`.* FROM `admin_access_groups` `groups`;', true);
|
| 1412 |
|
}
|
| 1413 |
|
|
| 1414 |
|
|
| 1415 |
|
/**
|
| 1416 |
|
* Returns a group by a given group id.
|
| 1417 |
|
*
|
| 1418 |
|
* @param int $id Group id.
|
| 1419 |
|
*
|
| 1420 |
|
* @return mysqli_result
|
| 1421 |
|
*/
|
| 1422 |
|
public function getAdminAccessGroupById($groupId)
|
| 1423 |
|
{
|
| 1424 |
|
$query = sprintf('SELECT `groups`.* FROM `admin_access_groups` `groups` WHERE `groups`.`admin_access_group_id` = %d;',
|
| 1425 |
|
(int)$groupId);
|
| 1426 |
|
|
| 1427 |
|
return $this->query($query, true);
|
| 1428 |
|
}
|
| 1429 |
|
|
| 1430 |
|
|
| 1431 |
|
/**
|
| 1432 |
|
* Deletes a group by a given group ID.
|
| 1433 |
|
*
|
| 1434 |
|
* @param int $id ID of the group that should be deleted.
|
| 1435 |
|
*
|
| 1436 |
|
* @return bool Return true on success and false on failure.
|
| 1437 |
|
*/
|
| 1438 |
|
public function deleteAdminAccessGroupById($groupId)
|
| 1439 |
|
{
|
| 1440 |
|
$query = sprintf('DELETE FROM `admin_access_groups` WHERE `admin_access_group_id` = %d;', (int)$groupId);
|
| 1441 |
|
$error = $this->query($query) !== false;
|
| 1442 |
|
|
| 1443 |
|
$query = sprintf('DELETE FROM `admin_access_group_items` WHERE `admin_access_group_id` = %d;', (int)$groupId);
|
| 1444 |
|
$error &= $this->query($query) !== false;
|
| 1445 |
|
|
| 1446 |
|
$query = sprintf('DELETE FROM `admin_access_group_descriptions` WHERE `admin_access_group_id` = %d;',
|
| 1447 |
|
(int)$groupId);
|
| 1448 |
|
$error &= $this->query($query) !== false;
|
| 1449 |
|
|
| 1450 |
|
$query = sprintf('DELETE FROM `admin_access_permissions` WHERE `admin_access_group_id` = %d;', (int)$groupId);
|
| 1451 |
|
$error &= $this->query($query) !== false;
|
| 1452 |
|
|
| 1453 |
|
return $error;
|
| 1454 |
|
}
|
|
701 |
|
|
702 |
|
|
703 |
/**
|
|
704 |
* Adds a new Admin Access Group into the database.
|
|
705 |
*
|
|
706 |
* @param array $names Array which contains the names for this group. Keys must be the language id.
|
|
707 |
* @param array $descriptions Array which contains the descriptions for this group. Keys must be the language id.
|
|
708 |
* @param int $sortOrder Sort order.
|
|
709 |
* @param int $parentId Parent group id.
|
|
710 |
*
|
|
711 |
* @return int|bool Returns the group id on success or false on failure.
|
|
712 |
*/
|
|
713 |
public function addAdminAccessGroup($names, $descriptions = [], $sortOrder = 0, $parentId = 0, $protected = true)
|
|
714 |
{
|
|
715 |
$query = sprintf('INSERT INTO `admin_access_groups` (`parent_id`, `sort_order`, `protected`) VALUES (%d, %d, %d);',
|
|
716 |
(int)$parentId,
|
|
717 |
(int)$sortOrder,
|
|
718 |
(int)$protected);
|
|
719 |
$groupId = $this->query($query);
|
|
720 |
if ($groupId === false) {
|
|
721 |
return false;
|
|
722 |
}
|
|
723 |
|
|
724 |
$query = 'INSERT INTO `admin_access_group_descriptions` (`admin_access_group_id`, `language_id`, `name`, `description`) VALUES ';
|
|
725 |
foreach ($names as $languageId => $name) {
|
|
726 |
$query .= sprintf('(%d, %d, "%s", "%s"), ',
|
|
727 |
(int)$groupId,
|
|
728 |
(int)$languageId,
|
|
729 |
$this->real_escape_string($name),
|
|
730 |
(isset($descriptions[$languageId]) ? $this->real_escape_string($descriptions[$languageId]) : ''));
|
|
731 |
}
|
|
732 |
|
|
733 |
$result = $this->query(substr($query, 0, -2) . ';');
|
|
734 |
if ($result !== false && $result !== null) {
|
|
735 |
return $groupId;
|
|
736 |
}
|
|
737 |
|
|
738 |
return false;
|
|
739 |
}
|
|
740 |
|
|
741 |
|
|
742 |
/**
|
|
743 |
* Adds a Group Item to an existing Admin Access Group.
|
|
744 |
*
|
|
745 |
* @param int $groupId Group ID.
|
|
746 |
* @param string|array $types Type of this item. Should be "CONTROLLER", "PAGE" or "AJAX_HANDLER".
|
|
747 |
* @param string|array $identifiers Identifier of this item. Must be the name of the controller or page.
|
|
748 |
*
|
|
749 |
* @return bool Return true on success and false on failure.
|
|
750 |
*/
|
|
751 |
public function addAdminAccessGroupItem($groupId, $types, $identifiers)
|
|
752 |
{
|
|
753 |
$query = 'REPLACE INTO `admin_access_group_items` (`admin_access_group_id`, `identifier`, `type`) VALUES ';
|
|
754 |
|
|
755 |
if (is_array($identifiers)) {
|
|
756 |
foreach ($identifiers as $index => $identifier) {
|
|
757 |
$query .= sprintf('(%d, "%s", "%s"), ',
|
|
758 |
(int)$groupId,
|
|
759 |
$this->real_escape_string($identifier),
|
|
760 |
$this->real_escape_string(is_array($types) ? $types[$index] : $types));
|
|
761 |
}
|
|
762 |
} else {
|
|
763 |
$query .= sprintf('(%d, "%s", "%s"), ',
|
|
764 |
(int)$groupId,
|
|
765 |
$this->real_escape_string($identifiers),
|
|
766 |
$this->real_escape_string($types));
|
|
767 |
}
|
|
768 |
|
|
769 |
$result = $this->query(substr($query, 0, -2) . ';');
|
|
770 |
|
|
771 |
return $result !== null && $result !== false;
|
|
772 |
}
|
|
773 |
|
|
774 |
|
|
775 |
/**
|
|
776 |
* Adds a new Admin Access Role into the database.
|
|
777 |
*
|
|
778 |
* @param array $names Array which contains the names for this role. Keys must be the language id.
|
|
779 |
* @param array $descriptions Array which contains the descriptions for this role. Keys must be the language id.
|
|
780 |
* @param int $sortOrder Sort order.
|
|
781 |
*
|
|
782 |
* @return int|bool Returns the role id on success or false on failure.
|
|
783 |
*/
|
|
784 |
public function addAdminAccessRole($names, $descriptions = [], $sortOrder = 0, $protected = true)
|
|
785 |
{
|
|
786 |
$query = sprintf('INSERT INTO `admin_access_roles` (`sort_order`, `protected`) VALUES (%d, %d);',
|
|
787 |
(int)$sortOrder,
|
|
788 |
(int)$protected);
|
|
789 |
$roleId = $this->query($query);
|
|
790 |
if ($roleId === null || $roleId === false) {
|
|
791 |
return false;
|
|
792 |
}
|
|
793 |
|
|
794 |
$query = 'INSERT INTO `admin_access_role_descriptions` (`admin_access_role_id`, `language_id`, `name`, `description`) VALUES ';
|
|
795 |
foreach ($names as $languageId => $name) {
|
|
796 |
$query .= sprintf('(%d, %d, "%s", "%s"), ',
|
|
797 |
(int)$roleId,
|
|
798 |
(int)$languageId,
|
|
799 |
$this->real_escape_string($name),
|
|
800 |
(isset($descriptions[$languageId]) ? $this->real_escape_string($descriptions[$languageId]) : ''));
|
|
801 |
}
|
|
802 |
$result = $this->query(substr($query, 0, -2) . ';');
|
|
803 |
if ($result !== null && $result !== false) {
|
|
804 |
return $roleId;
|
|
805 |
}
|
|
806 |
|
|
807 |
return false;
|
|
808 |
}
|
|
809 |
|
|
810 |
|
|
811 |
/**
|
|
812 |
* Grants permission for an existing Admin Access Permission.
|
|
813 |
* The permission will be identified by the ID of the Admin Access Role and Group.
|
|
814 |
*
|
|
815 |
* @param int $roleId Role id.
|
|
816 |
* @param int $groupId Group id.
|
|
817 |
* @param bool $grantReading True if reading permission should be granted, otherwise false.
|
|
818 |
* @param bool $grantWriting True if writing permission should be granted, otherwise false.
|
|
819 |
* @param bool $grantDeleting True if deleting permission should be granted, otherwise false.
|
|
820 |
*
|
|
821 |
* @return bool Return true on success and false on failure.
|
|
822 |
*/
|
|
823 |
public function grantAdminAccessPermission(
|
|
824 |
$roleId,
|
|
825 |
$groupId,
|
|
826 |
$grantReading = true,
|
|
827 |
$grantWriting = true,
|
|
828 |
$grantDeleting = true
|
|
829 |
) {
|
|
830 |
$query = sprintf('REPLACE INTO `admin_access_permissions` (`admin_access_role_id`, `admin_access_group_id`, `reading_granted`, `writing_granted`, `deleting_granted`) VALUES (%d, %d, %d, %d, %d);',
|
|
831 |
(int)$roleId,
|
|
832 |
(int)$groupId,
|
|
833 |
(int)$grantReading,
|
|
834 |
(int)$grantWriting,
|
|
835 |
(int)$grantDeleting);
|
|
836 |
$result = $this->query($query, true);
|
|
837 |
$error = $result !== null && $result !== false;
|
|
838 |
|
|
839 |
$parentGroupSql = sprintf('SELECT * FROM `admin_access_groups` WHERE `admin_access_group_id` = (SELECT `parent_id` FROM `admin_access_groups` WHERE `admin_access_group_id` = %d);',
|
|
840 |
(int)$groupId);
|
|
841 |
$parentGroupQuery = $this->query($parentGroupSql, true);
|
|
842 |
if ($parentGroupSql !== null && $parentGroupQuery->num_rows > 0) {
|
|
843 |
$parentGroup = $parentGroupQuery->fetch_assoc();
|
|
844 |
|
|
845 |
if ((int)($parentGroup['admin_access_group_id']) > 0) {
|
|
846 |
$error &= $this->grantAdminAccessPermission($roleId,
|
|
847 |
(int)$parentGroup['admin_access_group_id'],
|
|
848 |
$grantReading ? : $parentGroup['reading_granted'] === '1',
|
|
849 |
$grantWriting ? : $parentGroup['writing_granted'] === '1',
|
|
850 |
$grantDeleting ? : $parentGroup['deleting_granted']
|
|
851 |
=== '1');
|
|
852 |
}
|
|
853 |
}
|
|
854 |
|
|
855 |
return $error;
|
|
856 |
}
|
|
857 |
|
|
858 |
|
|
859 |
/**
|
|
860 |
* Adds an existing Admin Access Role to an existing Customer/Admin.
|
|
861 |
*
|
|
862 |
* @param int $roleId Role id.
|
|
863 |
* @param int $customerId Customer id.
|
|
864 |
*
|
|
865 |
* @return bool Return true on success and false on failure.
|
|
866 |
*/
|
|
867 |
public function addAdminAccessRoleToUserByCustomerId($roleId, $customerId)
|
|
868 |
{
|
|
869 |
$query = sprintf('REPLACE INTO `admin_access_users` (`customer_id`, `admin_access_role_id`) VALUES (%d, %d);',
|
|
870 |
(int)$customerId,
|
|
871 |
(int)$roleId);
|
|
872 |
$result = $this->query($query, true);
|
|
873 |
|
|
874 |
return $result !== null && $result !== false;
|
|
875 |
}
|
|
876 |
|
|
877 |
|
|
878 |
/**
|
|
879 |
* Removes an existing Admin Access Role to an existing Customer/Admin.
|
|
880 |
*
|
|
881 |
* @param int $roleId Role id.
|
|
882 |
* @param int $customerId Customer id.
|
|
883 |
*
|
|
884 |
* @return bool Return true on success and false on failure.
|
|
885 |
*/
|
|
886 |
public function removeAdminAccessRoleFromUserByCustomerId($roleId, $customerId)
|
|
887 |
{
|
|
888 |
$query = sprintf('DELETE FROM `admin_access_users` WHERE `customer_id` = %d AND `admin_access_role_id` = %d;',
|
|
889 |
(int)$customerId,
|
|
890 |
(int)$roleId);
|
|
891 |
$result = $this->query($query, true);
|
|
892 |
|
|
893 |
return $result !== null && $result !== false;
|
|
894 |
}
|
|
895 |
|
|
896 |
|
|
897 |
/**
|
|
898 |
* Returns the id of an existing Admin Access Group identified by a type and the identifier.
|
|
899 |
*
|
|
900 |
* @param string $type Type of this identifier. Should be "PAGE", "CONTROLLER" or "AJAX_HANDLER".
|
|
901 |
* @param string $identifier Identifier you are looking for. Should be the name of a controller or page.
|
|
902 |
*
|
|
903 |
* @return bool Return true on success and false on failure.
|
|
904 |
*/
|
|
905 |
public function getAdminAccessGroupIdByIdentifier($type, $identifier)
|
|
906 |
{
|
|
907 |
$query = sprintf('SELECT * FROM `admin_access_group_items` WHERE `type` = "%s" AND `identifier` = "%s" LIMIT 1;',
|
|
908 |
$this->real_escape_string($type),
|
|
909 |
$this->real_escape_string($identifier));
|
|
910 |
|
|
911 |
$group = $this->query($query, true);
|
|
912 |
if ($group !== null && $group->num_rows > 0) {
|
|
913 |
$group = $group->fetch_assoc();
|
|
914 |
|
|
915 |
return $group['admin_access_group_id'];
|
|
916 |
}
|
|
917 |
|
|
918 |
return false;
|
|
919 |
}
|
|
920 |
|
|
921 |
|
|
922 |
/**
|
|
923 |
* Returns the id of an existing Admin Access Group identified by a type and the identifier.
|
|
924 |
*
|
|
925 |
* @param string $type Type of this identifier. Should be "PAGE", "CONTROLLER" or "AJAX_HANDLER".
|
|
926 |
* @param string $identifier Identifier you are looking for. Should be the name of a controller or page.
|
|
927 |
*
|
|
928 |
* @return bool Return true on success and false on failure.
|
|
929 |
*/
|
|
930 |
public function getAdminAccessGroupIdByName($name, $languageId = 2)
|
|
931 |
{
|
|
932 |
$query = sprintf('SELECT * FROM `admin_access_group_descriptions` WHERE `name` = "%s" AND `language_id` = %s LIMIT 1;',
|
|
933 |
$this->real_escape_string($name),
|
|
934 |
(int)$languageId);
|
|
935 |
|
|
936 |
$group = $this->query($query, true);
|
|
937 |
if ($group !== null && $group->num_rows > 0) {
|
|
938 |
$group = $group->fetch_assoc();
|
|
939 |
|
|
940 |
return $group['admin_access_group_id'];
|
|
941 |
}
|
|
942 |
|
|
943 |
return false;
|
|
944 |
}
|
|
945 |
|
|
946 |
|
|
947 |
/**
|
|
948 |
* Checks the deleting permission for a controller.
|
|
949 |
*
|
|
950 |
* @param string $identifier The name of a controller to identify an admin access group.
|
|
951 |
* @param int $customerId ID of a customer to check the permission for.
|
|
952 |
*
|
|
953 |
* @return bool True if customer has a deleting permission for the controller, false otherwise.
|
|
954 |
*/
|
|
955 |
public function checkAdminAccessDeletingPermissionForController($identifier, $customerId)
|
|
956 |
{
|
|
957 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
|
958 |
$this->real_escape_string($identifier),
|
|
959 |
'CONTROLLER',
|
|
960 |
(int)$customerId);
|
|
961 |
|
|
962 |
$permission = $this->query($query, true);
|
|
963 |
if ($permission !== null && $permission->num_rows > 0) {
|
|
964 |
$permission = $permission->fetch_assoc();
|
|
965 |
|
|
966 |
return (int)$permission['deleting_granted'] === 1;
|
|
967 |
}
|
|
968 |
|
|
969 |
return false;
|
|
970 |
}
|
|
971 |
|
|
972 |
|
|
973 |
/**
|
|
974 |
* Checks the deleting permission for a page.
|
|
975 |
*
|
|
976 |
* @param string $identifier The name of a page to identify an admin access group.
|
|
977 |
* @param int $customerId ID of a customer to check permission for.
|
|
978 |
*
|
|
979 |
* @return bool True if customer has a deleting permission for the page, false otherwise.
|
|
980 |
*/
|
|
981 |
public function checkAdminAccessDeletingPermissionForPage($identifier, $customerId)
|
|
982 |
{
|
|
983 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
|
984 |
$this->real_escape_string($identifier),
|
|
985 |
'PAGE',
|
|
986 |
(int)$customerId);
|
|
987 |
|
|
988 |
$permission = $this->query($query, true);
|
|
989 |
if ($permission !== null && $permission->num_rows > 0) {
|
|
990 |
$permission = $permission->fetch_assoc();
|
|
991 |
|
|
992 |
return (int)$permission['deleting_granted'] === 1;
|
|
993 |
}
|
|
994 |
|
|
995 |
return false;
|
|
996 |
}
|
|
997 |
|
|
998 |
|
|
999 |
/**
|
|
1000 |
* Checks the deleting permission for an ajax handler.
|
|
1001 |
*
|
|
1002 |
* @param string $identifier The name of an ajax handler to identify an admin access group.
|
|
1003 |
* @param int $customerId ID of a customer to check permission for.
|
|
1004 |
*
|
|
1005 |
* @return bool True if customer has a deleting permission for the ajax handler, false otherwise.
|
|
1006 |
*/
|
|
1007 |
public function checkAdminAccessDeletingPermissionForAjaxHandler($identifier, $customerId)
|
|
1008 |
{
|
|
1009 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
|
1010 |
$this->real_escape_string($identifier),
|
|
1011 |
'AJAX_HANDLER',
|
|
1012 |
(int)$customerId);
|
|
1013 |
|
|
1014 |
$permission = $this->query($query, true);
|
|
1015 |
if ($permission !== null && $permission->num_rows > 0) {
|
|
1016 |
$permission = $permission->fetch_assoc();
|
|
1017 |
|
|
1018 |
return (int)$permission['deleting_granted'] === 1;
|
|
1019 |
}
|
|
1020 |
|
|
1021 |
return false;
|
|
1022 |
}
|
|
1023 |
|
|
1024 |
|
|
1025 |
/**
|
|
1026 |
* Checks the reading permission for a controller.
|
|
1027 |
*
|
|
1028 |
* @param string $identifier The name of a controller to identify an admin access group.
|
|
1029 |
* @param int $customerId ID of a customer to check the permission for.
|
|
1030 |
*
|
|
1031 |
* @return bool True if customer has a reading permission for the controller, false otherwise.
|
|
1032 |
*/
|
|
1033 |
public function checkAdminAccessReadingPermissionForController($identifier, $customerId)
|
|
1034 |
{
|
|
1035 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
|
1036 |
$this->real_escape_string($identifier),
|
|
1037 |
'CONTROLLER',
|
|
1038 |
(int)$customerId);
|
|
1039 |
|
|
1040 |
$permission = $this->query($query, true);
|
|
1041 |
if ($permission !== null && $permission->num_rows > 0) {
|
|
1042 |
$permission = $permission->fetch_assoc();
|
|
1043 |
|
|
1044 |
return (int)$permission['reading_granted'] === 1;
|
|
1045 |
}
|
|
1046 |
|
|
1047 |
return false;
|
|
1048 |
}
|
|
1049 |
|
|
1050 |
|
|
1051 |
/**
|
|
1052 |
* Checks the reading permission for a page.
|
|
1053 |
*
|
|
1054 |
* @param string $identifier The name of a page to identify an admin access group.
|
|
1055 |
* @param int $customerId ID of a customer to check permission for.
|
|
1056 |
*
|
|
1057 |
* @return bool True if customer has a reading permission for the page, false otherwise.
|
|
1058 |
*/
|
|
1059 |
public function checkAdminAccessReadingPermissionForPage($identifier, $customerId)
|
|
1060 |
{
|
|
1061 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
|
1062 |
$this->real_escape_string($identifier),
|
|
1063 |
'PAGE',
|
|
1064 |
(int)$customerId);
|
|
1065 |
|
|
1066 |
$permission = $this->query($query, true);
|
|
1067 |
if ($permission !== null && $permission->num_rows > 0) {
|
|
1068 |
$permission = $permission->fetch_assoc();
|
|
1069 |
|
|
1070 |
return (int)$permission['reading_granted'] === 1;
|
|
1071 |
}
|
|
1072 |
|
|
1073 |
return false;
|
|
1074 |
}
|
|
1075 |
|
|
1076 |
|
|
1077 |
/**
|
|
1078 |
* Checks the reading permission for an ajax handler.
|
|
1079 |
*
|
|
1080 |
* @param string $identifier The name of an ajax handler to identify an admin access group.
|
|
1081 |
* @param int $customerId ID of a customer to check permission for.
|
|
1082 |
*
|
|
1083 |
* @return bool True if customer has a reading permission for the ajax handler, false otherwise.
|
|
1084 |
*/
|
|
1085 |
public function checkAdminAccessReadingPermissionForAjaxHandler($identifier, $customerId)
|
|
1086 |
{
|
|
1087 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
|
1088 |
$this->real_escape_string($identifier),
|
|
1089 |
'AJAX_HANDLER',
|
|
1090 |
(int)$customerId);
|
|
1091 |
|
|
1092 |
$permission = $this->query($query, true);
|
|
1093 |
if ($permission !== null && $permission->num_rows > 0) {
|
|
1094 |
$permission = $permission->fetch_assoc();
|
|
1095 |
|
|
1096 |
return (int)$permission['reading_granted'] === 1;
|
|
1097 |
}
|
|
1098 |
|
|
1099 |
return false;
|
|
1100 |
}
|
|
1101 |
|
|
1102 |
|
|
1103 |
/**
|
|
1104 |
* Checks the writing permission for a controller.
|
|
1105 |
*
|
|
1106 |
* @param string $identifier The name of a controller to identify an admin access group.
|
|
1107 |
* @param int $customerId ID of a customer to check the permission for.
|
|
1108 |
*
|
|
1109 |
* @return bool True if customer has a writing permission for the controller, false otherwise.
|
|
1110 |
*/
|
|
1111 |
public function checkAdminAccessWritingPermissionForController($identifier, $customerId)
|
|
1112 |
{
|
|
1113 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
|
1114 |
$this->real_escape_string($identifier),
|
|
1115 |
'CONTROLLER',
|
|
1116 |
(int)$customerId);
|
|
1117 |
|
|
1118 |
$permission = $this->query($query, true);
|
|
1119 |
if ($permission !== null && $permission->num_rows > 0) {
|
|
1120 |
$permission = $permission->fetch_assoc();
|
|
1121 |
|
|
1122 |
return (int)$permission['writing_granted'] === 1;
|
|
1123 |
}
|
|
1124 |
|
|
1125 |
return false;
|
|
1126 |
}
|
|
1127 |
|
|
1128 |
|
|
1129 |
/**
|
|
1130 |
* Checks the writing permission for a page.
|
|
1131 |
*
|
|
1132 |
* @param string $identifier The name of a page to identify an admin access group.
|
|
1133 |
* @param int $customerId ID of a customer to check permission for.
|
|
1134 |
*
|
|
1135 |
* @return bool True if customer has a writing permission for the page, false otherwise.
|
|
1136 |
*/
|
|
1137 |
public function checkAdminAccessWritingPermissionForPage($identifier, $customerId)
|
|
1138 |
{
|
|
1139 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
|
1140 |
$this->real_escape_string($identifier),
|
|
1141 |
'PAGE',
|
|
1142 |
(int)$customerId);
|
|
1143 |
|
|
1144 |
$permission = $this->query($query, true);
|
|
1145 |
if ($permission !== null && $permission->num_rows > 0) {
|
|
1146 |
$permission = $permission->fetch_assoc();
|
|
1147 |
|
|
1148 |
return (int)$permission['writing_granted'] === 1;
|
|
1149 |
}
|
|
1150 |
|
|
1151 |
return false;
|
|
1152 |
}
|
|
1153 |
|
|
1154 |
|
|
1155 |
/**
|
|
1156 |
* Checks the writing permission for an ajax handler.
|
|
1157 |
*
|
|
1158 |
* @param string $identifier The name of an ajax handler to identify an admin access group.
|
|
1159 |
* @param int $customerId ID of a customer to check permission for.
|
|
1160 |
*
|
|
1161 |
* @return bool True if customer has a writing permission for the ajax handler, false otherwise.
|
|
1162 |
*/
|
|
1163 |
public function checkAdminAccessWritingPermissionForAjaxHandler($identifier, $customerId)
|
|
1164 |
{
|
|
1165 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_group_items` `items` LEFT JOIN `admin_access_permissions` `permissions` ON `admin_access_group_id` = `permissions`.`admin_access_group_id` LEFT JOIN `admin_access_users` `users` ON `permissions`.`admin_access_role_id` = `users`.`admin_access_role_id` WHERE `items`.`identifier` = "%s" AND `items`.`type` = "%s" AND `users`.`customer_id` = %d;',
|
|
1166 |
$this->real_escape_string($identifier),
|
|
1167 |
'AJAX_HANDLER',
|
|
1168 |
(int)$customerId);
|
|
1169 |
|
|
1170 |
$permission = $this->query($query, true);
|
|
1171 |
if ($permission !== null && $permission->num_rows > 0) {
|
|
1172 |
$permission = $permission->fetch_assoc();
|
|
1173 |
|
|
1174 |
return (int)$permission['writing_granted'] === 1;
|
|
1175 |
}
|
|
1176 |
|
|
1177 |
return false;
|
|
1178 |
}
|
|
1179 |
|
|
1180 |
|
|
1181 |
/**
|
|
1182 |
* Returns a collection of all permissions by a given role ID.
|
|
1183 |
*
|
|
1184 |
* @param int $roleId Role ID.
|
|
1185 |
*
|
|
1186 |
* @return mysqli_result
|
|
1187 |
*/
|
|
1188 |
public function getAdminAccessPermissionsByRoleId($roleId)
|
|
1189 |
{
|
|
1190 |
$query = sprintf('SELECT `permissions`.* FROM `admin_access_permissions` `permissions` WHERE `permissions`.`admin_access_role_id` = %d;',
|
|
1191 |
(int)$roleId);
|
|
1192 |
|
|
1193 |
return $this->query($query, true);
|
|
1194 |
}
|
|
1195 |
|
|
1196 |
|
|
1197 |
/**
|
|
1198 |
* Returns all roles of certain user by a given user ID.
|
|
1199 |
*
|
|
1200 |
* @param int $id User ID.
|
|
1201 |
*
|
|
1202 |
* @return mysqli_result
|
|
1203 |
*/
|
|
1204 |
public function getAdminAccessRolesByCustomerId($customerId)
|
|
1205 |
{
|
|
1206 |
$query = sprintf('SELECT `roles`.* FROM `admin_access_users` `users` LEFT JOIN `admin_access_roles` `roles` ON `users`.`admin_access_role_id` = `roles`.`admin_access_role_id` WHERE `users`.`customer_id` = %d;',
|
|
1207 |
(int)$customerId);
|
|
1208 |
|
|
1209 |
return $this->query($query, true);
|
|
1210 |
}
|
|
1211 |
|
|
1212 |
|
|
1213 |
/**
|
|
1214 |
* Grants deleting permission to a role for a given group id.
|
|
1215 |
*
|
|
1216 |
* @param int $groupId Group ID to grant permission for.
|
|
1217 |
* @param int $roleId Role ID to grant permission for.
|
|
1218 |
*
|
|
1219 |
* @return bool Return true on success and false on failure.
|
|
1220 |
*/
|
|
1221 |
public function grantAdminAccessDeletingPermissionToRole($groupId, $roleId)
|
|
1222 |
{
|
|
1223 |
$query = sprintf('UPDATE `admin_access_permissions` SET `deleting_granted` = "1" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
|
1224 |
(int)$roleId,
|
|
1225 |
(int)$groupId);
|
|
1226 |
$result = $this->query($query, true);
|
|
1227 |
$error = $result !== null && $result !== false;
|
|
1228 |
|
|
1229 |
$parentGroupSql = sprintf('SELECT * FROM `admin_access_groups` WHERE `admin_access_group_id` = (SELECT `parent_id` FROM `admin_access_groups` WHERE `admin_access_group_id` = %d);',
|
|
1230 |
(int)$groupId);
|
|
1231 |
$parentGroupQuery = $this->query($parentGroupSql, true);
|
|
1232 |
if ($parentGroupQuery !== null && $parentGroupQuery->num_rows > 0) {
|
|
1233 |
$parentGroup = $parentGroupQuery->fetch_assoc();
|
|
1234 |
if ((int)$parentGroup['admin_access_group_id'] > 0) {
|
|
1235 |
$error &= $this->grantAdminAccessDeletingPermissionToRole((int)$parentGroup['admin_access_group_id'],
|
|
1236 |
$roleId);
|
|
1237 |
}
|
|
1238 |
}
|
|
1239 |
|
|
1240 |
return $error;
|
|
1241 |
}
|
|
1242 |
|
|
1243 |
|
|
1244 |
/**
|
|
1245 |
* Removes deleting permission from role for a given group id.
|
|
1246 |
*
|
|
1247 |
* @param int $groupId Group ID to remove permission for.
|
|
1248 |
* @param int $roleId Role ID to remove permission from.
|
|
1249 |
*
|
|
1250 |
* @return bool Return true on success and false on failure.
|
|
1251 |
*/
|
|
1252 |
public function removeAdminAccessDeletingPermissionFromRole($groupId, $roleId)
|
|
1253 |
{
|
|
1254 |
$query = sprintf('UPDATE `admin_access_permissions` SET `deleting_granted` = "0" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
|
1255 |
(int)$roleId,
|
|
1256 |
(int)$groupId);
|
|
1257 |
$result = $this->query($query, true);
|
|
1258 |
|
|
1259 |
return $result !== null && $result !== false;
|
|
1260 |
}
|
|
1261 |
|
|
1262 |
|
|
1263 |
/**
|
|
1264 |
* Grants reading permission to a role for a given group id.
|
|
1265 |
*
|
|
1266 |
* @param int $groupId Group ID to grant permission for.
|
|
1267 |
* @param int $roleId Role ID to grant permission for.
|
|
1268 |
*
|
|
1269 |
* @return bool Return true on success and false on failure.
|
|
1270 |
*/
|
|
1271 |
public function grantAdminAccessReadingPermissionToRole($groupId, $roleId)
|
|
1272 |
{
|
|
1273 |
$query = sprintf('UPDATE `admin_access_permissions` SET `reading_granted` = "1" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
|
1274 |
(int)$roleId,
|
|
1275 |
(int)$groupId);
|
|
1276 |
$result = $this->query($query, true);
|
|
1277 |
$error = $result !== null && $result !== false;
|
|
1278 |
|
|
1279 |
$parentGroupSql = sprintf('SELECT * FROM `admin_access_groups` WHERE `admin_access_group_id` = (SELECT `parent_id` FROM `admin_access_groups` WHERE `admin_access_group_id` = %d);',
|
|
1280 |
(int)$groupId);
|
|
1281 |
$parentGroupQuery = $this->query($parentGroupSql, true);
|
|
1282 |
if ($parentGroupQuery !== null && $parentGroupQuery->num_rows > 0) {
|
|
1283 |
$parentGroup = $parentGroupQuery->fetch_assoc();
|
|
1284 |
if ((int)$parentGroup['admin_access_group_id'] > 0) {
|
|
1285 |
$error &= $this->grantAdminAccessReadingPermissionToRole((int)$parentGroup['admin_access_group_id'],
|
|
1286 |
$roleId);
|
|
1287 |
}
|
|
1288 |
}
|
|
1289 |
|
|
1290 |
return $error;
|
|
1291 |
}
|
|
1292 |
|
|
1293 |
|
|
1294 |
/**
|
|
1295 |
* Removes reading permission from role for a given group id.
|
|
1296 |
*
|
|
1297 |
* @param int $groupId Group ID to remove permission for.
|
|
1298 |
* @param int $roleId Role ID to remove permission from.
|
|
1299 |
*
|
|
1300 |
* @return bool Return true on success and false on failure.
|
|
1301 |
*/
|
|
1302 |
public function removeAdminAccessReadingPermissionFromRole($groupId, $roleId)
|
|
1303 |
{
|
|
1304 |
$query = sprintf('UPDATE `admin_access_permissions` SET `reading_granted` = "0" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
|
1305 |
(int)$roleId,
|
|
1306 |
(int)$groupId);
|
|
1307 |
$result = $this->query($query, true);
|
|
1308 |
|
|
1309 |
return $result !== null && $result !== false;
|
|
1310 |
}
|
|
1311 |
|
|
1312 |
|
|
1313 |
/**
|
|
1314 |
* Grants writing permission to a role for a given group id.
|
|
1315 |
*
|
|
1316 |
* @param int $groupId Group ID to grant permission for.
|
|
1317 |
* @param int $roleId Role ID to grant permission for.
|
|
1318 |
*
|
|
1319 |
* @return bool Return true on success and false on failure.
|
|
1320 |
*/
|
|
1321 |
public function grantAdminAccessWritingPermissionToRole($groupId, $roleId)
|
|
1322 |
{
|
|
1323 |
$query = sprintf('UPDATE `admin_access_permissions` SET `writing_granted` = "1" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
|
1324 |
(int)$roleId,
|
|
1325 |
(int)$groupId);
|
|
1326 |
$result = $this->query($query, true);
|
|
1327 |
$error = $result !== null && $result !== false;
|
|
1328 |
|
|
1329 |
$parentGroupSql = sprintf('SELECT * FROM `admin_access_groups` WHERE `admin_access_group_id` = (SELECT `parent_id` FROM `admin_access_groups` WHERE `admin_access_group_id` = %d);',
|
|
1330 |
(int)$groupId);
|
|
1331 |
$parentGroupQuery = $this->query($parentGroupSql, true);
|
|
1332 |
if ($parentGroupQuery !== null && $parentGroupQuery->num_rows > 0) {
|
|
1333 |
$parentGroup = $parentGroupQuery->fetch_assoc();
|
|
1334 |
if ((int)$parentGroup['admin_access_group_id'] > 0) {
|
|
1335 |
$error &= $this->grantAdminAccessWritingPermissionToRole((int)$parentGroup['admin_access_group_id'],
|
|
1336 |
$roleId);
|
|
1337 |
}
|
|
1338 |
}
|
|
1339 |
|
|
1340 |
return $error;
|
|
1341 |
}
|
|
1342 |
|
|
1343 |
|
|
1344 |
/**
|
|
1345 |
* Removes writing permission from role for a given group id.
|
|
1346 |
*
|
|
1347 |
* @param int $groupId Group ID to remove permission for.
|
|
1348 |
* @param int $roleId Role ID to remove permission from.
|
|
1349 |
*
|
|
1350 |
* @return bool Return true on success and false on failure.
|
|
1351 |
*/
|
|
1352 |
public function removeAdminAccessWritingPermissionFromRole($groupId, $roleId)
|
|
1353 |
{
|
|
1354 |
$query = sprintf('UPDATE `admin_access_permissions` SET `writing_granted` = "0" WHERE `admin_access_role_id` = %d AND `admin_access_group_id` = %d;',
|
|
1355 |
(int)$roleId,
|
|
1356 |
(int)$groupId);
|
|
1357 |
$result = $this->query($query, true);
|
|
1358 |
|
|
1359 |
return $result !== null && $result !== false;
|
|
1360 |
}
|
|
1361 |
|
|
1362 |
|
|
1363 |
/**
|
|
1364 |
* Deletes role by a given role ID.
|
|
1365 |
*
|
|
1366 |
* @param int $roleId ID of the role that should be deleted.
|
|
1367 |
*
|
|
1368 |
* @return bool Return true on success and false on failure.
|
|
1369 |
*/
|
|
1370 |
public function deleteAdminAccessRoleById($roleId)
|
|
1371 |
{
|
|
1372 |
$query = sprintf('DELETE FROM `admin_access_roles` WHERE `admin_access_role_id` = %d;', (int)$roleId);
|
|
1373 |
$result = $this->query($query, true);
|
|
1374 |
$error = $result !== null && $result !== false;
|
|
1375 |
|
|
1376 |
$query = sprintf('DELETE FROM `admin_access_role_descriptions` WHERE `admin_access_role_id` = %d;',
|
|
1377 |
(int)$roleId);
|
|
1378 |
$result = $this->query($query, true);
|
|
1379 |
$error &= $result !== null && $result !== false;
|
|
1380 |
|
|
1381 |
$query = sprintf('DELETE FROM `admin_access_users` WHERE `admin_access_role_id` = %d;', (int)$roleId);
|
|
1382 |
$result = $this->query($query, true);
|
|
1383 |
$error &= $result !== null && $result !== false;
|
|
1384 |
|
|
1385 |
$query = sprintf('DELETE FROM `admin_access_permissions` WHERE `admin_access_role_id` = %d;', (int)$roleId);
|
|
1386 |
$result = $this->query($query, true);
|
|
1387 |
$error &= $result !== null && $result !== false;
|
|
1388 |
|
|
1389 |
return $error;
|
|
1390 |
}
|
|
1391 |
|
|
1392 |
|
|
1393 |
/**
|
|
1394 |
* Returns a collection of all roles.
|
|
1395 |
*
|
|
1396 |
* @return mysqli_result
|
|
1397 |
*/
|
|
1398 |
public function getAllAdminAccessRoles()
|
|
1399 |
{
|
|
1400 |
return $this->query('SELECT `roles`.* FROM `admin_access_roles` `roles`;', true);
|
|
1401 |
}
|
|
1402 |
|
|
1403 |
|
|
1404 |
/**
|
|
1405 |
* Deletes an admin access user by a given customer ID.
|
|
1406 |
*
|
|
1407 |
* @param int $customerId ID of the user that should be deleted.
|
|
1408 |
*
|
|
1409 |
* @return bool Return true on success and false on failure.
|
|
1410 |
*/
|
|
1411 |
public function deleteAdminAccessUserByCustomerId($customerId)
|
|
1412 |
{
|
|
1413 |
$query = sprintf('DELETE FROM `admin_access_users` WHERE `customer_id` = %d;', (int)$customerId);
|
|
1414 |
$result = $this->query($query, true);
|
|
1415 |
|
|
1416 |
return $result !== null && $result !== false;
|
|
1417 |
}
|
|
1418 |
|
|
1419 |
|
|
1420 |
/**
|
|
1421 |
* Returns a role by a given role ID.
|
|
1422 |
*
|
|
1423 |
* @param int $roleId ID of the requested role.
|
|
1424 |
*
|
|
1425 |
* @return mysqli_result
|
|
1426 |
*/
|
|
1427 |
public function getAdminAccessRoleById($roleId)
|
|
1428 |
{
|
|
1429 |
$query = sprintf('SELECT `roles`.* FROM `admin_access_roles` `roles` WHERE `roles`.`admin_access_role_id` = %d;',
|
|
1430 |
(int)$roleId);
|
|
1431 |
|
|
1432 |
return $this->query($query, true);
|
|
1433 |
}
|
|
1434 |
|
|
1435 |
|
|
1436 |
/**
|