Spade
Mini Shell
| Directory:~$ /home/lmsyaran/public_html/joomla3/libraries/joomla/form/fields/ |
| [Home] [System Details] [Kill Me] |
<?php
/**
* @package Joomla.Platform
* @subpackage Form
*
* @copyright (C) 2009 Open Source Matters, Inc.
<https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE
*/
defined('JPATH_PLATFORM') or die;
/**
* Form Field class for the Joomla Platform.
* Field for assigning permissions to groups for a given asset
*
* @see JAccess
* @since 1.7.0
*/
class JFormFieldRules extends JFormField
{
/**
* The form field type.
*
* @var string
* @since 1.7.0
*/
protected $type = 'Rules';
/**
* The section.
*
* @var string
* @since 3.2
*/
protected $section;
/**
* The component.
*
* @var string
* @since 3.2
*/
protected $component;
/**
* The assetField.
*
* @var string
* @since 3.2
*/
protected $assetField;
/**
* Method to get certain otherwise inaccessible properties from the form
field object.
*
* @param string $name The property name for which to get the value.
*
* @return mixed The property value or null.
*
* @since 3.2
*/
public function __get($name)
{
switch ($name)
{
case 'section':
case 'component':
case 'assetField':
return $this->$name;
}
return parent::__get($name);
}
/**
* Method to set certain otherwise inaccessible properties of the form
field object.
*
* @param string $name The property name for which to set the value.
* @param mixed $value The value of the property.
*
* @return void
*
* @since 3.2
*/
public function __set($name, $value)
{
switch ($name)
{
case 'section':
case 'component':
case 'assetField':
$this->$name = (string) $value;
break;
default:
parent::__set($name, $value);
}
}
/**
* Method to attach a JForm object to the field.
*
* @param SimpleXMLElement $element The SimpleXMLElement object
representing the `<field>` tag for the form field object.
* @param mixed $value The form field value to validate.
* @param string $group The field name group control
value. This acts as an array container for the field.
* For example if the field has
name="foo" and the group value is set to "bar" then the
* full field name would end up being
"bar[foo]".
*
* @return boolean True on success.
*
* @see JFormField::setup()
* @since 3.2
*/
public function setup(SimpleXMLElement $element, $value, $group = null)
{
$return = parent::setup($element, $value, $group);
if ($return)
{
$this->section = $this->element['section'] ? (string)
$this->element['section'] : '';
$this->component = $this->element['component'] ?
(string) $this->element['component'] : '';
$this->assetField = $this->element['asset_field'] ?
(string) $this->element['asset_field'] : 'asset_id';
}
return $return;
}
/**
* Method to get the field input markup for Access Control Lists.
* Optionally can be associated with a specific component and section.
*
* @return string The field input markup.
*
* @since 1.7.0
* @todo: Add access check.
*/
protected function getInput()
{
JHtml::_('bootstrap.tooltip');
// Add Javascript for permission change
JHtml::_('script', 'system/permissions.js',
array('version' => 'auto', 'relative'
=> true));
// Load JavaScript message titles
JText::script('ERROR');
JText::script('WARNING');
JText::script('NOTICE');
JText::script('MESSAGE');
// Add strings for JavaScript error translations.
JText::script('JLIB_JS_AJAX_ERROR_CONNECTION_ABORT');
JText::script('JLIB_JS_AJAX_ERROR_NO_CONTENT');
JText::script('JLIB_JS_AJAX_ERROR_OTHER');
JText::script('JLIB_JS_AJAX_ERROR_PARSE');
JText::script('JLIB_JS_AJAX_ERROR_TIMEOUT');
// Initialise some field attributes.
$section = $this->section;
$assetField = $this->assetField;
$component = empty($this->component) ? 'root.1' :
$this->component;
// Current view is global config?
$isGlobalConfig = $component === 'root.1';
// Get the actions for the asset.
$actions = JAccess::getActions($component, $section);
// Iterate over the children and add to the actions.
foreach ($this->element->children() as $el)
{
if ($el->getName() == 'action')
{
$actions[] = (object) array(
'name' => (string) $el['name'],
'title' => (string) $el['title'],
'description' => (string) $el['description'],
);
}
}
// Get the asset id.
// Note that for global configuration, com_config injects asset_id = 1
into the form.
$assetId = $this->form->getValue($assetField);
$newItem = empty($assetId) && $isGlobalConfig === false
&& $section !== 'component';
$parentAssetId = null;
// If the asset id is empty (component or new item).
if (empty($assetId))
{
// Get the component asset id as fallback.
$db = JFactory::getDbo();
$query = $db->getQuery(true)
->select($db->quoteName('id'))
->from($db->quoteName('#__assets'))
->where($db->quoteName('name') . ' = ' .
$db->quote($component));
$db->setQuery($query);
$assetId = (int) $db->loadResult();
/**
* @to do: incorrect info
* When creating a new item (not saving) it uses the calculated
permissions from the component (item <-> component <-> global
config).
* But if we have a section too (item <-> section(s) <->
component <-> global config) this is not correct.
* Also, currently it uses the component permission, but should use the
calculated permissions for achild of the component/section.
*/
}
// If not in global config we need the parent_id asset to calculate
permissions.
if (!$isGlobalConfig)
{
// In this case we need to get the component rules too.
$db = JFactory::getDbo();
$query = $db->getQuery(true)
->select($db->quoteName('parent_id'))
->from($db->quoteName('#__assets'))
->where($db->quoteName('id') . ' = ' .
$assetId);
$db->setQuery($query);
$parentAssetId = (int) $db->loadResult();
}
// Full width format.
// Get the rules for just this asset (non-recursive).
$assetRules = JAccess::getAssetRules($assetId, false, false);
// Get the available user groups.
$groups = $this->getUserGroups();
// Ajax request data.
$ajaxUri =
JRoute::_('index.php?option=com_config&task=config.store&format=json&'
. JSession::getFormToken() . '=1');
// Prepare output
$html = array();
// Description
$html[] = '<p class="rule-desc">' .
JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
// Begin tabs
$html[] = '<div class="tabbable tabs-left"
data-ajaxuri="' . $ajaxUri . '"
id="permissions-sliders">';
// Building tab nav
$html[] = '<ul class="nav nav-tabs">';
foreach ($groups as $group)
{
// Initial Active Tab
$active = (int) $group->value === 1 ? '
class="active"' : '';
$html[] = '<li' . $active . '>';
$html[] = '<a href="#permission-' . $group->value .
'" data-toggle="tab">';
$html[] = JLayoutHelper::render('joomla.html.treeprefix',
array('level' => $group->level + 1)) . $group->text;
$html[] = '</a>';
$html[] = '</li>';
}
$html[] = '</ul>';
$html[] = '<div class="tab-content">';
// Start a row for each user group.
foreach ($groups as $group)
{
// Initial Active Pane
$active = (int) $group->value === 1 ? ' active' :
'';
$html[] = '<div class="tab-pane' . $active .
'" id="permission-' . $group->value .
'">';
$html[] = '<table class="table
table-striped">';
$html[] = '<thead>';
$html[] = '<tr>';
$html[] = '<th class="actions"
id="actions-th' . $group->value . '">';
$html[] = '<span class="acl-action">' .
JText::_('JLIB_RULES_ACTION') . '</span>';
$html[] = '</th>';
$html[] = '<th class="settings"
id="settings-th' . $group->value . '">';
$html[] = '<span class="acl-action">' .
JText::_('JLIB_RULES_SELECT_SETTING') .
'</span>';
$html[] = '</th>';
$html[] = '<th id="aclactionth' . $group->value .
'">';
$html[] = '<span class="acl-action">' .
JText::_('JLIB_RULES_CALCULATED_SETTING') .
'</span>';
$html[] = '</th>';
$html[] = '</tr>';
$html[] = '</thead>';
$html[] = '<tbody>';
// Check if this group has super user permissions
$isSuperUserGroup = JAccess::checkGroup($group->value,
'core.admin');
foreach ($actions as $action)
{
$html[] = '<tr>';
$html[] = '<td headers="actions-th' .
$group->value . '">';
$html[] = '<label for="' . $this->id .
'_' . $action->name . '_' . $group->value .
'" class="hasTooltip" title="'
. JHtml::_('tooltipText', $action->title,
$action->description) . '">';
$html[] = JText::_($action->title);
$html[] = '</label>';
$html[] = '</td>';
$html[] = '<td headers="settings-th' .
$group->value . '">';
$html[] = '<select onchange="sendPermissions.call(this,
event)" data-chosen="true" class="input-small
novalidate"'
. ' name="' . $this->name . '[' .
$action->name . '][' . $group->value . ']"'
. ' id="' . $this->id . '_' .
$action->name . '_' . $group->value . '"'
. ' title="' . strip_tags(
JText::sprintf(
'JLIB_RULES_SELECT_ALLOW_DENY_GROUP',
JText::_($action->title),
htmlspecialchars(trim($group->text), ENT_QUOTES,
'UTF-8')
)
) . '">';
/**
* Possible values:
* null = not set means inherited
* false = denied
* true = allowed
*/
// Get the actual setting for the action for this group.
$assetRule = $newItem === false ?
$assetRules->allow($action->name, $group->value) : null;
// Build the dropdowns for the permissions sliders
// The parent group has "Not Set", all children can rightly
"Inherit" from that.
$html[] = '<option value=""' . ($assetRule ===
null ? ' selected="selected"' : '') .
'>'
. JText::_(empty($group->parent_id) && $isGlobalConfig ?
'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') .
'</option>';
$html[] = '<option value="1"' . ($assetRule ===
true ? ' selected="selected"' : '') .
'>' . JText::_('JLIB_RULES_ALLOWED')
. '</option>';
$html[] = '<option value="0"' . ($assetRule ===
false ? ' selected="selected"' : '') .
'>' . JText::_('JLIB_RULES_DENIED')
. '</option>';
$html[] = '</select>  ';
$html[] = '<span id="icon_' . $this->id .
'_' . $action->name . '_' . $group->value .
'"' . '></span>';
$html[] = '</td>';
// Build the Calculated Settings column.
$html[] = '<td headers="aclactionth' .
$group->value . '">';
$result = array();
// Get the group, group parent id, and group global config recursive
calculated permission for the chosen action.
$inheritedGroupRule = JAccess::checkGroup((int)
$group->value, $action->name, $assetId);
$inheritedGroupParentAssetRule = !empty($parentAssetId) ?
JAccess::checkGroup($group->value, $action->name, $parentAssetId) :
null;
$inheritedParentGroupRule = !empty($group->parent_id) ?
JAccess::checkGroup($group->parent_id, $action->name, $assetId) :
null;
// Current group is a Super User group, so calculated setting is
"Allowed (Super User)".
if ($isSuperUserGroup)
{
$result['class'] = 'label label-success';
$result['text'] = '<span class="icon-lock
icon-white"></span>' .
JText::_('JLIB_RULES_ALLOWED_ADMIN');
}
// Not super user.
else
{
// First get the real recursive calculated setting and add (Inherited)
to it.
// If recursive calculated setting is "Denied" or null.
Calculated permission is "Not Allowed (Inherited)".
if ($inheritedGroupRule === null || $inheritedGroupRule === false)
{
$result['class'] = 'label label-important';
$result['text'] =
JText::_('JLIB_RULES_NOT_ALLOWED_INHERITED');
}
// If recursive calculated setting is "Allowed". Calculated
permission is "Allowed (Inherited)".
else
{
$result['class'] = 'label label-success';
$result['text'] =
JText::_('JLIB_RULES_ALLOWED_INHERITED');
}
// Second part: Overwrite the calculated permissions labels if there
is an explicit permission in the current group.
/**
* @to do: incorrect info
* If a component has a permission that doesn't exists in global
config (ex: frontend editing in com_modules) by default
* we get "Not Allowed (Inherited)" when we should get
"Not Allowed (Default)".
*/
// If there is an explicit permission "Not Allowed".
Calculated permission is "Not Allowed".
if ($assetRule === false)
{
$result['class'] = 'label label-important';
$result['text'] =
JText::_('JLIB_RULES_NOT_ALLOWED');
}
// If there is an explicit permission is "Allowed".
Calculated permission is "Allowed".
elseif ($assetRule === true)
{
$result['class'] = 'label label-success';
$result['text'] =
JText::_('JLIB_RULES_ALLOWED');
}
// Third part: Overwrite the calculated permissions labels for special
cases.
// Global configuration with "Not Set" permission.
Calculated permission is "Not Allowed (Default)".
if (empty($group->parent_id) && $isGlobalConfig === true
&& $assetRule === null)
{
$result['class'] = 'label label-important';
$result['text'] =
JText::_('JLIB_RULES_NOT_ALLOWED_DEFAULT');
}
/**
* Component/Item with explicit "Denied" permission at
parent Asset (Category, Component or Global config) configuration.
* Or some parent group has an explicit "Denied".
* Calculated permission is "Not Allowed (Locked)".
*/
elseif ($inheritedGroupParentAssetRule === false ||
$inheritedParentGroupRule === false)
{
$result['class'] = 'label label-important';
$result['text'] = '<span class="icon-lock
icon-white"></span>' .
JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED');
}
}
$html[] = '<span class="' .
$result['class'] . '">' .
$result['text'] . '</span>';
$html[] = '</td>';
$html[] = '</tr>';
}
$html[] = '</tbody>';
$html[] = '</table></div>';
}
$html[] = '</div></div>';
$html[] = '<div class="clr"></div>';
$html[] = '<div class="alert">';
if ($section === 'component' || !$section)
{
$html[] = JText::alt('JLIB_RULES_SETTING_NOTES', $component);
}
else
{
$html[] = JText::alt('JLIB_RULES_SETTING_NOTES_ITEM',
$component . '_' . $section);
}
$html[] = '</div>';
return implode("\n", $html);
}
/**
* Get a list of the user groups.
*
* @return array
*
* @since 1.7.0
*/
protected function getUserGroups()
{
$options = JHelperUsergroups::getInstance()->getAll();
foreach ($options as &$option)
{
$option->value = $option->id;
$option->text = $option->title;
}
return array_values($options);
}
}