Changeset 175 for trunk/lib/ACL.inc.php
- Timestamp:
- Jun 21, 2006 4:48:45 AM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/ACL.inc.php
r174 r175 487 487 * 488 488 * @access public 489 * @param string $aro Identifier of an existing ARO object.490 * @param string $aco Identifier of an existing ACO object (or null to use root).491 * @param string $axo Identifier of an existing AXO object (or null to use root).489 * @param string|null $aro Identifier of an existing ARO object (or null to use root). 490 * @param string|null $aco Identifier of an existing ACO object (or null to use root). 491 * @param string|null $axo Identifier of an existing AXO object (or null to use root). 492 492 * @return bool False on error, true on success. 493 493 * @author Quinn Comendant <quinn@strangecode.com> … … 539 539 * 540 540 * @access public 541 * @param string $aro Identifier of an existing ARO object.542 * @param string $aco Identifier of an existing ACO object (or null to use root).543 * @param string $axo Identifier of an existing AXO object (or null to use root).541 * @param string|null $aro Identifier of an existing ARO object (or null to use root). 542 * @param string|null $aco Identifier of an existing ACO object (or null to use root). 543 * @param string|null $axo Identifier of an existing AXO object (or null to use root). 544 544 * @return bool False on error, true on success. 545 545 * @author Quinn Comendant <quinn@strangecode.com> … … 550 550 { 551 551 return $this->grant($aro, $aco, $axo, 'deny'); 552 } 553 554 /* 555 * Delete an entry from the acl_tbl completely to allow other permissions to cascade down. 556 * Null values act as a "wildcard" and will cause ALL matches in that column to be deleted. 557 * 558 * @access public 559 * @param string|null $aro Identifier of an existing ARO object (or null for *). 560 * @param string|null $aco Identifier of an existing ACO object (or null for *). 561 * @param string|null $axo Identifier of an existing AXO object (or null for *). 562 * @return bool False on error, true on success. 563 * @author Quinn Comendant <quinn@strangecode.com> 564 * @version 1.0 565 * @since 20 Jun 2006 20:16:12 566 */ 567 function delete($aro=null, $aco=null, $axo=null) 568 { 569 $app =& App::getInstance(); 570 $db =& DB::getInstance(); 571 572 $this->initDB(); 573 574 // If any access objects are null, assume using root values. 575 // However if they're empty we don't want to escalate the grant command to root! 576 $where = array(); 577 $where[] = is_null($aro) ? "aro_tbl.name IS NOT NULL" : "aro_tbl.name = '" . $db->escapeString($aro) . "' "; 578 $where[] = is_null($aco) ? "aco_tbl.name IS NOT NULL" : "aco_tbl.name = '" . $db->escapeString($aco) . "' "; 579 $where[] = is_null($axo) ? "axo_tbl.name IS NOT NULL" : "axo_tbl.name = '" . $db->escapeString($axo) . "' "; 580 581 $final_where = join(' AND ', $where); 582 if (substr_count($final_where, 'IS NOT NULL') == 3) { 583 // Null on all three tables will delete ALL entries including the root -> root -> root = deny. 584 $app->logMsg(sprintf('Cannot allow deletion of all acl entries.', null), LOG_NOTICE, __FILE__, __LINE__); 585 return false; 586 } 587 588 $qid = $db->query(" 589 DELETE acl_tbl 590 FROM acl_tbl 591 LEFT JOIN aro_tbl ON (acl_tbl.aro_id = aro_tbl.aro_id) 592 LEFT JOIN aco_tbl ON (acl_tbl.aco_id = aco_tbl.aco_id) 593 LEFT JOIN axo_tbl ON (acl_tbl.axo_id = axo_tbl.axo_id) 594 WHERE $final_where 595 "); 596 597 $app->logMsg(sprintf('Deleted %s acl_tbl links: %s -> %s -> %s', mysql_affected_rows($db->getDBH()), $aro, $aco, $axo), LOG_INFO, __FILE__, __LINE__); 598 599 return true; 552 600 } 553 601
Note: See TracChangeset
for help on using the changeset viewer.