-
Notifications
You must be signed in to change notification settings - Fork 6
/
Access.php
76 lines (60 loc) · 2.12 KB
/
Access.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
<?php
/**
* Matomo - free/libre analytics platform
*
* @link http://matomo.org
* @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
*
*/
namespace Piwik\Plugins\GroupPermissions;
use Piwik\Db;
class Access extends \Piwik\Access
{
public function getRawSitesWithSomeViewAccess($login)
{
$sql = self::getSqlAccessSite("access, t2.idsite");
$userRights = Db::fetchAll($sql, $login);
$model = new Model();
$groupRights = $model->getPermissionsOfUser($login);
if (empty($userRights)) {
return $groupRights;
}
if (empty($groupRights)) {
return $userRights;
}
$rights = array();
foreach ($userRights as $userRight) {
if (!isset($rights[$userRight['idsite']])) {
$rights[$userRight['idsite']] = $userRight['access'];
continue;
}
$rights[$userRight['idsite']] = $this->getHigherPermission($rights[$userRight['idsite']], $userRight['access']);
}
foreach ($groupRights as $groupRight) {
if (!isset($rights[$groupRight['idsite']])) {
$rights[$groupRight['idsite']] = $groupRight['access'];
continue;
}
$rights[$groupRight['idsite']] = $this->getHigherPermission($rights[$groupRight['idsite']], $groupRight['access']);
}
$return = array();
foreach ($rights as $idsite => $access) {
$return[] = array('idsite' => $idsite, 'access' => $access);
}
return $return;
}
public function getHigherPermission($permission1, $permission2) {
if ($permission1 === 'admin' || $permission2 === 'admin') {
return 'admin';
}
else if ($permission1 === 'write' || $permission2 === 'write') {
return 'write';
}
else if ($permission1 === 'view' || $permission2 === 'view') {
return 'view';
}
else {
return '';
}
}
}