diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2008-12-31 04:05:41 +0000 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2008-12-31 04:05:41 +0000 |
| commit | 1579494ec4acb80e103a40106aea1630628c00d2 (patch) | |
| tree | 04f7215f225a19beea90ea9a7b8bbde2d37593ec /core/helpers/access.php | |
| parent | 246139cf1f8a439a85c310252bdeb1497d56a7cf (diff) | |
Preliminary "Edit Permissions" dialog. You can't change permissions
yet, but it shows you which items have locked view perms.
Diffstat (limited to 'core/helpers/access.php')
| -rw-r--r-- | core/helpers/access.php | 35 |
1 files changed, 30 insertions, 5 deletions
diff --git a/core/helpers/access.php b/core/helpers/access.php index c2f7a76e..9d4cb105 100644 --- a/core/helpers/access.php +++ b/core/helpers/access.php @@ -85,6 +85,29 @@ class access_Core { } /** + * Can this permission be changed for this item? + * + * @param Group_Model $group + * @param string $perm_name + * @param Item_Model $item + * @return ORM_Model item that locks this one + */ + public static function locking_items($group, $perm_name, $item) { + if ($perm_name != "view") { + return null; + } + + // For view permissions, if any parent is self::DENY, then those parents lock this one. + return ORM::factory("item") + ->where("`left` <= $item->left") + ->where("`right` >= $item->right") + ->where("`id` <> $item->id") + ->where("view_$group->id", 0) + ->find_all() + ->as_array(); + } + + /** * Does the active user have this permission on this item? * * @param string $perm_name @@ -193,19 +216,21 @@ class access_Core { /** * Register a permission so that modules can use it. * - * @param string $perm_name + * @param string $name The internal name for for this permission + * @param string $display_name The internationalized version of the displayable name * @return void */ - public static function register_permission($perm_name) { - $permission = ORM::factory("permission", $perm_name); + public static function register_permission($name, $display_name) { + $permission = ORM::factory("permission", $name); if ($permission->loaded) { throw new Exception("@todo PERMISSION_ALREADY_EXISTS $name"); } - $permission->name = $perm_name; + $permission->name = $name; + $permission->display_name = $display_name; $permission->save(); foreach (self::_get_all_groups() as $group) { - self::_add_columns($perm_name, $group); + self::_add_columns($name, $group); } } |