mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-05 14:04:57 +02:00
[ticket/16895] Fix role removal for migrator permission tool
PHPBB3-16895
This commit is contained in:
rxu
parent
3547f0bf0e
commit
ca24013470
@ -78,4 +78,5 @@ $lang = array_merge($lang, array(
|
||||
'PERMISSION_NOT_EXIST' => 'The permission setting "%s" unexpectedly does not exist.',
|
||||
|
||||
'ROLE_NOT_EXIST' => 'The permission role "%s" unexpectedly does not exist.',
|
||||
'ROLE_NOT_EXIST_ASSIGNED' => 'The permission role assigned to group "%1$s" unexpectedly does not exist. Role id: "%2$s"',
|
||||
));
|
||||
|
||||
@ -49,6 +49,12 @@ class permission implements \phpbb\db\migration\tool\tool_interface
|
||||
$this->auth = $auth;
|
||||
$this->phpbb_root_path = $phpbb_root_path;
|
||||
$this->php_ext = $php_ext;
|
||||
|
||||
if (!class_exists('auth_admin'))
|
||||
{
|
||||
include($this->phpbb_root_path . 'includes/acp/auth.' . $this->php_ext);
|
||||
}
|
||||
$this->auth_admin = new \auth_admin();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -118,12 +124,6 @@ class permission implements \phpbb\db\migration\tool\tool_interface
|
||||
// We've added permissions, so set to true to notify the user.
|
||||
$this->permissions_added = true;
|
||||
|
||||
if (!class_exists('auth_admin'))
|
||||
{
|
||||
include($this->phpbb_root_path . 'includes/acp/auth.' . $this->php_ext);
|
||||
}
|
||||
$auth_admin = new \auth_admin();
|
||||
|
||||
// We have to add a check to see if the !$global (if global, local, and if local, global) permission already exists. If it does, acl_add_option currently has a bug which would break the ACL system, so we are having a work-around here.
|
||||
if ($this->exists($auth_option, !$global))
|
||||
{
|
||||
@ -140,19 +140,19 @@ class permission implements \phpbb\db\migration\tool\tool_interface
|
||||
{
|
||||
if ($global)
|
||||
{
|
||||
$auth_admin->acl_add_option(array('global' => array($auth_option)));
|
||||
$this->auth_admin->acl_add_option(array('global' => array($auth_option)));
|
||||
}
|
||||
else
|
||||
{
|
||||
$auth_admin->acl_add_option(array('local' => array($auth_option)));
|
||||
$this->auth_admin->acl_add_option(array('local' => array($auth_option)));
|
||||
}
|
||||
}
|
||||
|
||||
// The permission has been added, now we can copy it if needed
|
||||
if ($copy_from && isset($auth_admin->acl_options['id'][$copy_from]))
|
||||
if ($copy_from && isset($this->auth_admin->acl_options['id'][$copy_from]))
|
||||
{
|
||||
$old_id = $auth_admin->acl_options['id'][$copy_from];
|
||||
$new_id = $auth_admin->acl_options['id'][$auth_option];
|
||||
$old_id = $this->auth_admin->acl_options['id'][$copy_from];
|
||||
$new_id = $this->auth_admin->acl_options['id'][$auth_option];
|
||||
|
||||
$tables = array(ACL_GROUPS_TABLE, ACL_ROLES_DATA_TABLE, ACL_USERS_TABLE);
|
||||
|
||||
@ -177,7 +177,7 @@ class permission implements \phpbb\db\migration\tool\tool_interface
|
||||
}
|
||||
}
|
||||
|
||||
$auth_admin->acl_clear_prefetch();
|
||||
$this->auth_admin->acl_clear_prefetch();
|
||||
}
|
||||
}
|
||||
|
||||
@ -327,6 +327,45 @@ class permission implements \phpbb\db\migration\tool\tool_interface
|
||||
return;
|
||||
}
|
||||
|
||||
// Get the role auth settings we need to re-set...
|
||||
$sql = 'SELECT o.auth_option, r.auth_setting
|
||||
FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
|
||||
WHERE o.auth_option_id = r.auth_option_id
|
||||
AND r.role_id = ' . $role_id;
|
||||
$result = $this->db->sql_query($sql);
|
||||
|
||||
while ($row = $this->db->sql_fetchrow($result))
|
||||
{
|
||||
$auth_settings[$row['auth_option']] = $row['auth_setting'];
|
||||
}
|
||||
$this->db->sql_freeresult($result);
|
||||
|
||||
// Get role assignments
|
||||
$hold_ary = $this->auth_admin->get_role_mask($role_id);
|
||||
|
||||
// Re-assign permissions
|
||||
foreach ($hold_ary as $forum_id => $forum_ary)
|
||||
{
|
||||
if (isset($forum_ary['users']))
|
||||
{
|
||||
$this->auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false);
|
||||
}
|
||||
|
||||
if (isset($forum_ary['groups']))
|
||||
{
|
||||
$this->auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false);
|
||||
}
|
||||
}
|
||||
|
||||
// Remove role from users and groups just to be sure (happens through acl_set)
|
||||
$sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
|
||||
WHERE auth_role_id = ' . $role_id;
|
||||
$this->db->sql_query($sql);
|
||||
|
||||
$sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
|
||||
WHERE auth_role_id = ' . $role_id;
|
||||
$this->db->sql_query($sql);
|
||||
|
||||
$sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
|
||||
WHERE role_id = ' . $role_id;
|
||||
$this->db->sql_query($sql);
|
||||
@ -425,6 +464,11 @@ class permission implements \phpbb\db\migration\tool\tool_interface
|
||||
WHERE role_id = ' . $role_id;
|
||||
$this->db->sql_query($sql);
|
||||
$role_data = $this->db->sql_fetchrow();
|
||||
if (!$role_data)
|
||||
{
|
||||
throw new \phpbb\db\migration\exception('ROLE_NOT_EXIST_ASSIGNED', $name, $role_id);
|
||||
}
|
||||
|
||||
$role_name = $role_data['role_name'];
|
||||
$role_type = $role_data['role_type'];
|
||||
|
||||
@ -571,6 +615,10 @@ class permission implements \phpbb\db\migration\tool\tool_interface
|
||||
WHERE role_id = ' . $role_id;
|
||||
$this->db->sql_query($sql);
|
||||
$role_name = $this->db->sql_fetchfield('role_name');
|
||||
if (!$role_name)
|
||||
{
|
||||
throw new \phpbb\db\migration\exception('ROLE_NOT_EXIST_ASSIGNED', $name, $role_id);
|
||||
}
|
||||
|
||||
return $this->permission_unset($role_name, $auth_option, 'role');
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user