diff options
Diffstat (limited to 'modules-available/permissionmanager/inc/permissionutil.inc.php')
-rw-r--r-- | modules-available/permissionmanager/inc/permissionutil.inc.php | 51 |
1 files changed, 26 insertions, 25 deletions
diff --git a/modules-available/permissionmanager/inc/permissionutil.inc.php b/modules-available/permissionmanager/inc/permissionutil.inc.php index 6aa97600..170fd699 100644 --- a/modules-available/permissionmanager/inc/permissionutil.inc.php +++ b/modules-available/permissionmanager/inc/permissionutil.inc.php @@ -14,7 +14,7 @@ class PermissionUtil * @param string|false $wildcard if $permission is a wildcard string this returns the matching variant * @param int|false $wclen if $permission is a wildcard string, this is the length of the matching variant */ - private static function makeComparisonVariants($permission, &$compare, &$wildcard, &$wclen) + private static function makeComparisonVariants($permission, ?array &$compare, &$wildcard, &$wclen): void { if (!is_array($permission)) { $permission = explode('.', $permission); @@ -46,12 +46,12 @@ class PermissionUtil /** * Check if the user has the given permission (for the given location). * - * @param string $userid userid to check + * @param int $userid userid to check * @param string $permissionid permissionid to check * @param int|null $locationid locationid to check or null if the location should be disregarded * @return bool true if user has permission, false if not */ - public static function userHasPermission($userid, $permissionid, $locationid) + public static function userHasPermission(int $userid, string $permissionid, ?int $locationid): bool { $permissionid = strtolower($permissionid); self::validatePermission($permissionid); @@ -121,10 +121,12 @@ class PermissionUtil // Compare to database result if ($cacheAll) { $allLocs = Location::getLocationsAssoc(); + } else { + $allLocs = []; } self::makeComparisonVariants($parts, $compare, $wildcard, $wclen); $retval = false; - while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + foreach ($res as $row) { if (in_array($row['permissionid'], $compare, true) || ($wildcard !== false && strncmp($row['permissionid'], $wildcard, $wclen) === 0)) { if (!$cacheAll || ($row['locationid'] == $locationid) || $row['locationid'] === null) { @@ -132,15 +134,13 @@ class PermissionUtil if (!$cacheAll) break; } - if ($cacheAll) { - $cache[$key][(int)$row['locationid']] = true; - $list = ($row['locationid'] === null) ? array_keys($allLocs) : $allLocs[(int)$row['locationid']]['children']; - foreach ($list as $lid) { - $cache[$key][$lid] = true; - } - if ($row['locationid'] === null) - break; + $cache[$key][(int)$row['locationid']] = true; + $list = ($row['locationid'] === null) ? array_keys($allLocs) : $allLocs[(int)$row['locationid']]['children']; + foreach ($list as $lid) { + $cache[$key][$lid] = true; } + if ($row['locationid'] === null) + break; } } if ($locationid === null) { @@ -154,11 +154,11 @@ class PermissionUtil /** * Get all locations where the user has the given permission. * - * @param string $userid userid to check + * @param int $userid userid to check * @param string $permissionid permissionid to check * @return array array of locationids where the user has the given permission */ - public static function getAllowedLocations($userid, $permissionid) + public static function getAllowedLocations(int $userid, string $permissionid): array { $permissionid = strtolower($permissionid); self::validatePermission($permissionid); @@ -178,7 +178,7 @@ class PermissionUtil // Gather locationid from relevant rows self::makeComparisonVariants($parts, $compare, $wildcard, $wclen); $allowedLocations = array(); - while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + foreach ($res as $row) { if (in_array($row['permissionid'], $compare, true) || ($wildcard !== false && strncmp($row['permissionid'], $wildcard, $wclen) === 0)) { $allowedLocations[(int)$row['locationid']] = true; @@ -201,10 +201,10 @@ class PermissionUtil * Extend an array of locations by adding all sublocations. * * @param array $tree tree of all locations (structured like Location::getTree()) - * @param array $allowedLocations the array of locationids to extend + * @param int[] $allowedLocations the array of locationids to extend * @return array extended array of locationids */ - public static function getSublocations($tree, $allowedLocations) + public static function getSublocations(array $tree, array $allowedLocations): array { $result = $allowedLocations; foreach ($tree as $location) { @@ -226,7 +226,7 @@ class PermissionUtil * * @param string $permissionId permission to check */ - private static function validatePermission($permissionId) + private static function validatePermission(string $permissionId): void { if (!CONFIG_DEBUG || $permissionId === '*') return; @@ -255,7 +255,7 @@ class PermissionUtil * * @return array permission tree as a multidimensional array */ - public static function getPermissions() + public static function getPermissions(): array { $permissions = array(); foreach (glob("modules/*/permissions/permissions.json", GLOB_NOSORT) as $file) { @@ -268,7 +268,8 @@ class PermissionUtil continue; foreach ($data as $perm => $permissionFlags) { $description = Dictionary::translateFileModule($moduleId, "permissions", $perm); - self::putInPermissionTree($moduleId . "." . $perm, $permissionFlags['location-aware'], $description, $permissions); + self::putInPermissionTree($moduleId . "." . $perm, $permissionFlags['location-aware'] ?? false, + $description, $permissions); } } ksort($permissions); @@ -277,6 +278,7 @@ class PermissionUtil foreach ($permissions as $module => $v) { $sortingOrder[Module::get($module)->getCategory()][] = $module; } + $sortingOrder = array_values($sortingOrder); $permissions = array_replace(array_flip(call_user_func_array('array_merge', $sortingOrder)), $permissions); foreach ($permissions as $module => $v) { if (is_int($v)) { @@ -291,18 +293,17 @@ class PermissionUtil /** * Get all existing roles. * - * @param int|false $userid Which user to consider, false = none - * @param bool $onlyMatching true = filter roles the user doesn't have + * @param ?int $userid Which user to consider, false = none (list all) * @return array list of roles */ - public static function getRoles($userid = false, $onlyMatching = true) + public static function getRoles(?int $userid = null): array { if ($userid === false) { return Database::queryAll('SELECT roleid, rolename FROM role ORDER BY rolename ASC'); } $ret = Database::queryAll('SELECT r.roleid, r.rolename, u.userid AS hasRole FROM role r LEFT JOIN role_x_user u ON (r.roleid = u.roleid AND u.userid = :userid) - GROUP BY r.roleid + GROUP BY r.roleid, r.rolename ORDER BY rolename ASC', ['userid' => $userid]); foreach ($ret as &$role) { settype($role['hasRole'], 'bool'); @@ -318,7 +319,7 @@ class PermissionUtil * @param string $description the description of the permission * @param array $tree the permission tree to modify */ - private static function putInPermissionTree($permission, $locationAware, $description, &$tree) + private static function putInPermissionTree(string $permission, bool $locationAware, string $description, array &$tree): void { $subPermissions = explode('.', $permission); foreach ($subPermissions as $subPermission) { |