Joomla Platform  13.1
Documentation des API du framework Joomla Platform
 Tout Classes Espaces de nommage Fichiers Fonctions Variables Pages
rules.php
Aller à la documentation de ce fichier.
1 <?php
2 /**
3  * @package Joomla.Platform
4  * @subpackage Form
5  *
6  * @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
7  * @license GNU General Public License version 2 or later; see LICENSE
8  */
9 
10 defined('JPATH_PLATFORM') or die;
11 
12 /**
13  * Form Field class for the Joomla Platform.
14  * Field for assigning permissions to groups for a given asset
15  *
16  * @package Joomla.Platform
17  * @subpackage Form
18  * @see JAccess
19  * @since 11.1
20  */
21 class JFormFieldRules extends JFormField
22 {
23  /**
24  * The form field type.
25  *
26  * @var string
27  * @since 11.1
28  */
29  protected $type = 'Rules';
30 
31  /**
32  * The section.
33  *
34  * @var string
35  * @since 3.2
36  */
37  protected $section;
38 
39  /**
40  * The component.
41  *
42  * @var string
43  * @since 3.2
44  */
45  protected $component;
46 
47  /**
48  * The assetField.
49  *
50  * @var string
51  * @since 3.2
52  */
53  protected $assetField;
54 
55  /**
56  * Method to get certain otherwise inaccessible properties from the form field object.
57  *
58  * @param string $name The property name for which to the the value.
59  *
60  * @return mixed The property value or null.
61  *
62  * @since 3.2
63  */
64  public function __get($name)
65  {
66  switch ($name)
67  {
68  case 'section':
69  case 'component':
70  case 'assetField':
71  return $this->$name;
72  }
73 
74  return parent::__get($name);
75  }
76 
77  /**
78  * Method to set certain otherwise inaccessible properties of the form field object.
79  *
80  * @param string $name The property name for which to the the value.
81  * @param mixed $value The value of the property.
82  *
83  * @return void
84  *
85  * @since 3.2
86  */
87  public function __set($name, $value)
88  {
89  switch ($name)
90  {
91  case 'section':
92  case 'component':
93  case 'assetField':
94  $this->$name = (string) $value;
95  break;
96 
97  default:
98  parent::__set($name, $value);
99  }
100  }
101 
102  /**
103  * Method to attach a JForm object to the field.
104  *
105  * @param SimpleXMLElement $element The SimpleXMLElement object representing the <field /> tag for the form field object.
106  * @param mixed $value The form field value to validate.
107  * @param string $group The field name group control value. This acts as as an array container for the field.
108  * For example if the field has name="foo" and the group value is set to "bar" then the
109  * full field name would end up being "bar[foo]".
110  *
111  * @return boolean True on success.
112  *
113  * @see JFormField::setup()
114  * @since 3.2
115  */
116  public function setup(SimpleXMLElement $element, $value, $group = null)
117  {
118  $return = parent::setup($element, $value, $group);
119 
120  if ($return)
121  {
122  $this->section = $this->element['section'] ? (string) $this->element['section'] : '';
123  $this->component = $this->element['component'] ? (string) $this->element['component'] : '';
124  $this->assetField = $this->element['asset_field'] ? (string) $this->element['asset_field'] : 'asset_id';
125  }
126 
127  return $return;
128  }
129 
130  /**
131  * Method to get the field input markup for Access Control Lists.
132  * Optionally can be associated with a specific component and section.
133  *
134  * @return string The field input markup.
135  *
136  * @since 11.1
137  * @todo: Add access check.
138  */
139  protected function getInput()
140  {
141  JHtml::_('bootstrap.tooltip');
142 
143  // Initialise some field attributes.
144  $section = $this->section;
145  $component = $this->component;
146  $assetField = $this->assetField;
147 
148  // Get the actions for the asset.
149  $actions = JAccess::getActions($component, $section);
150 
151  // Iterate over the children and add to the actions.
152  foreach ($this->element->children() as $el)
153  {
154  if ($el->getName() == 'action')
155  {
156  $actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'],
157  'description' => (string) $el['description']);
158  }
159  }
160 
161  // Get the explicit rules for this asset.
162  if ($section == 'component')
163  {
164  // Need to find the asset id by the name of the component.
165  $db = JFactory::getDbo();
166  $query = $db->getQuery(true)
167  ->select($db->quoteName('id'))
168  ->from($db->quoteName('#__assets'))
169  ->where($db->quoteName('name') . ' = ' . $db->quote($component));
170  $db->setQuery($query);
171  $assetId = (int) $db->loadResult();
172  }
173  else
174  {
175  // Find the asset id of the content.
176  // Note that for global configuration, com_config injects asset_id = 1 into the form.
177  $assetId = $this->form->getValue($assetField);
178  }
179 
180  // Full width format.
181 
182  // Get the rules for just this asset (non-recursive).
183  $assetRules = JAccess::getAssetRules($assetId);
184 
185  // Get the available user groups.
186  $groups = $this->getUserGroups();
187 
188  // Prepare output
189  $html = array();
190 
191  // Description
192  $html[] = '<p class="rule-desc">' . JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
193 
194  // Begin tabs
195  $html[] = '<div id="permissions-sliders" class="tabbable tabs-left">';
196 
197  // Building tab nav
198  $html[] = '<ul class="nav nav-tabs">';
199 
200  foreach ($groups as $group)
201  {
202  // Initial Active Tab
203  $active = "";
204 
205  if ($group->value == 1)
206  {
207  $active = "active";
208  }
209 
210  $html[] = '<li class="' . $active . '">';
211  $html[] = '<a href="#permission-' . $group->value . '" data-toggle="tab">';
212  $html[] = str_repeat('<span class="level">&ndash;</span> ', $curLevel = $group->level) . $group->text;
213  $html[] = '</a>';
214  $html[] = '</li>';
215  }
216 
217  $html[] = '</ul>';
218 
219  $html[] = '<div class="tab-content">';
220 
221  // Start a row for each user group.
222  foreach ($groups as $group)
223  {
224  // Initial Active Pane
225  $active = "";
226 
227  if ($group->value == 1)
228  {
229  $active = " active";
230  }
231 
232  $html[] = '<div class="tab-pane' . $active . '" id="permission-' . $group->value . '">';
233  $html[] = '<table class="table table-striped">';
234  $html[] = '<thead>';
235  $html[] = '<tr>';
236 
237  $html[] = '<th class="actions" id="actions-th' . $group->value . '">';
238  $html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_ACTION') . '</span>';
239  $html[] = '</th>';
240 
241  $html[] = '<th class="settings" id="settings-th' . $group->value . '">';
242  $html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_SELECT_SETTING') . '</span>';
243  $html[] = '</th>';
244 
245  // The calculated setting is not shown for the root group of global configuration.
246  $canCalculateSettings = ($group->parent_id || !empty($component));
247 
248  if ($canCalculateSettings)
249  {
250  $html[] = '<th id="aclactionth' . $group->value . '">';
251  $html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_CALCULATED_SETTING') . '</span>';
252  $html[] = '</th>';
253  }
254 
255  $html[] = '</tr>';
256  $html[] = '</thead>';
257  $html[] = '<tbody>';
258 
259  foreach ($actions as $action)
260  {
261  $html[] = '<tr>';
262  $html[] = '<td headers="actions-th' . $group->value . '">';
263  $html[] = '<label for="' . $this->id . '_' . $action->name . '_' . $group->value . '" class="hasTooltip" title="'
264  . htmlspecialchars(JText::_($action->title) . ' ' . JText::_($action->description), ENT_COMPAT, 'UTF-8') . '">';
265  $html[] = JText::_($action->title);
266  $html[] = '</label>';
267  $html[] = '</td>';
268 
269  $html[] = '<td headers="settings-th' . $group->value . '">';
270 
271  $html[] = '<select class="input-small" name="' . $this->name . '[' . $action->name . '][' . $group->value . ']" id="' . $this->id . '_' . $action->name
272  . '_' . $group->value . '" title="'
273  . JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', JText::_($action->title), trim($group->text)) . '">';
274 
275  $inheritedRule = JAccess::checkGroup($group->value, $action->name, $assetId);
276 
277  // Get the actual setting for the action for this group.
278  $assetRule = $assetRules->allow($action->name, $group->value);
279 
280  // Build the dropdowns for the permissions sliders
281 
282  // The parent group has "Not Set", all children can rightly "Inherit" from that.
283  $html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>'
284  . JText::_(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
285  $html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED')
286  . '</option>';
287  $html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED')
288  . '</option>';
289 
290  $html[] = '</select>&#160; ';
291 
292  // If this asset's rule is allowed, but the inherited rule is deny, we have a conflict.
293  if (($assetRule === true) && ($inheritedRule === false))
294  {
295  $html[] = JText::_('JLIB_RULES_CONFLICT');
296  }
297 
298  $html[] = '</td>';
299 
300  // Build the Calculated Settings column.
301  // The inherited settings column is not displayed for the root group in global configuration.
302  if ($canCalculateSettings)
303  {
304  $html[] = '<td headers="aclactionth' . $group->value . '">';
305 
306  // This is where we show the current effective settings considering currrent group, path and cascade.
307  // Check whether this is a component or global. Change the text slightly.
308 
309  if (JAccess::checkGroup($group->value, 'core.admin', $assetId) !== true)
310  {
311  if ($inheritedRule === null)
312  {
313  $html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
314  }
315  elseif ($inheritedRule === true)
316  {
317  $html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
318  }
319  elseif ($inheritedRule === false)
320  {
321  if ($assetRule === false)
322  {
323  $html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
324  }
325  else
326  {
327  $html[] = '<span class="label"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED')
328  . '</span>';
329  }
330  }
331  }
332  elseif (!empty($component))
333  {
334  $html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN')
335  . '</span>';
336  }
337  else
338  {
339  // Special handling for groups that have global admin because they can't be denied.
340  // The admin rights can be changed.
341  if ($action->name === 'core.admin')
342  {
343  $html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
344  }
345  elseif ($inheritedRule === false)
346  {
347  // Other actions cannot be changed.
348  $html[] = '<span class="label label-important"><i class="icon-lock icon-white"></i> '
349  . JText::_('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span>';
350  }
351  else
352  {
353  $html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN')
354  . '</span>';
355  }
356  }
357 
358  $html[] = '</td>';
359  }
360 
361  $html[] = '</tr>';
362  }
363 
364  $html[] = '</tbody>';
365  $html[] = '</table></div>';
366  }
367 
368  $html[] = '</div></div>';
369 
370  $html[] = '<div class="alert">';
371 
372  if ($section == 'component' || $section == null)
373  {
374  $html[] = JText::_('JLIB_RULES_SETTING_NOTES');
375  }
376  else
377  {
378  $html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM');
379  }
380 
381  $html[] = '</div>';
382 
383  return implode("\n", $html);
384  }
385 
386  /**
387  * Get a list of the user groups.
388  *
389  * @return array
390  *
391  * @since 11.1
392  */
393  protected function getUserGroups()
394  {
395  $db = JFactory::getDbo();
396  $query = $db->getQuery(true)
397  ->select('a.id AS value, a.title AS text, COUNT(DISTINCT b.id) AS level, a.parent_id')
398  ->from('#__usergroups AS a')
399  ->join('LEFT', $db->quoteName('#__usergroups') . ' AS b ON a.lft > b.lft AND a.rgt < b.rgt')
400  ->group('a.id, a.title, a.lft, a.rgt, a.parent_id')
401  ->order('a.lft ASC');
402  $db->setQuery($query);
403  $options = $db->loadObjectList();
404 
405  return $options;
406  }
407 }