Changeset 2445 for branches/schema06/system/classes/usergroup.php
- Timestamp:
- 09/05/08 03:39:36 (4 months ago)
- Files:
-
- 1 modified
-
branches/schema06/system/classes/usergroup.php (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
branches/schema06/system/classes/usergroup.php
r2439 r2445 7 7 { 8 8 // These arrays hold the current membership and permission settings for this group 9 // These arrays are NOT matched key and value pairs (the are not storedlike array('foo'=>'foo') )9 // $member_ids is not NOT matched key and value pairs ( like array('foo'=>'foo') ) 10 10 private $member_ids = array(); 11 11 private $permissions = array(); … … 43 43 if ( $results= DB::get_results( 'SELECT token_id, permission_id FROM {group_token_permissions} WHERE group_id=?', array( $this->id ) ) ) { 44 44 foreach ( $results as $result ) { 45 $this->permissions[] = array( 46 'token_id' => $result->token_id, 47 'permission_id' => $result->permission_id, 48 ); 45 $this->permissions[$result->token_id] = $result->permission_id; 49 46 } 50 47 } … … 209 206 * @param mixed A permission token ID, name, or array of the same 210 207 **/ 211 public function grant( $permissions )208 public function grant( $permissions, $access = 'full' ) 212 209 { 213 210 $permissions = Utils::single_array( $permissions ); 214 211 // Use ids internally for all permissions 215 212 $permissions = array_map(array('ACL', 'token_id'), $permissions); 216 // Merge the new permissions 217 $this->permissions_granted = $this->permissions_granted + $permissions;218 // List each permission exactly once219 $this->permissions_granted = array_unique($this->permissions_granted);220 // Remove granted permissions from the denied list221 $this->permissions_denied = array_diff($this->permissions_denied, $this->permissions_granted);213 214 // Merge and grant the new permissions 215 foreach ( $permissions as $permission ) { 216 $this->permissions[$permission] = $access; 217 ACL::grant_group( $this->id, $permission, $access ); 218 } 222 219 } 223 220 … … 228 225 public function deny( $permissions ) 229 226 { 230 $permissions = Utils::single_array( $permissions ); 231 // Use ids internally for all permissions 232 $permissions = array_map(array('ACL', 'permission_id'), $permissions); 233 // Merge the new permissions 234 $this->permissions_denied = $this->permissions_denied + $permissions; 235 // List each permission exactly once 236 $this->permissions_denied = array_unique($this->permissions_denied); 237 // Remove denied permissions from the granted list 238 $this->permissions_granted = array_diff($this->permissions_granted, $this->permissions_denied); 227 $this->grant( $permissions, 'deny' ); 239 228 } 240 229 … … 247 236 $permissions = Utils::single_array( $permissions ); 248 237 // Remove permissions from the granted list 249 $this->permissions_granted = array_diff($this->permissions_granted, $permissions); 250 // Remove permissions from the denied list 251 $this->permissions_denied = array_diff($this->permissions_denied, $permissions); 238 $this->permissions = array_diff_key( $this->permissions, $permissions ); 239 foreach ( $permissions as $permission ) { 240 ACL::revoke_group_permission( $this->id, $permission ); 241 } 252 242 } 253 243 … … 260 250 * @see ACL::user_can() 261 251 **/ 262 public function can( $permission )252 public function can( $permission, $access = 'full' ) 263 253 { 264 254 $permission= ACL::token_id( $permission ); 265 if ( in_array( $permission, $this->permissions_denied ) ) { 266 return false; 267 } 268 if ( in_array( $permission, $this->permissions_granted ) ) { 255 if ( isset( $this->permissions[$permission] ) && $this->permissions[$permission] == $access ) { 269 256 return true; 270 257 }
