<?php
/**
 *
 * @category        admin
 * @package         groups
 * @author          WebsiteBaker Project
 * @copyright       Ryan Djurovich
 * @copyright       WebsiteBaker Org. e.V.
 * @link            http://websitebaker.org/
 * @license         http://www.gnu.org/licenses/gpl.html
 * @platform        WebsiteBaker 2.8.3
 * @requirements    PHP 5.3.6 and higher
 * @version         $Id: get_permissions.php 2 2017-07-02 15:14:29Z Manuela $
 * @filesource      $HeadURL: svn://isteam.dynxs.de/wb/2.10.x/trunk/admin/groups/get_permissions.php $
 * @lastmodified    $Date: 2017-07-02 17:14:29 +0200 (Sun, 02 Jul 2017) $
 *
 */
/*---------------------------------------------------------------------------------------------------------------*/
if(defined('WB_PATH') == false)
{
    die('Cannot access '.basename(__DIR__).'/'.basename(__FILE__).' directly');
} else {
/*---------------------------------------------------------------------------------------------------------------*/
// merge extended system_permission
    $system_permissions = array_flip($system_permissions);
// Get system permissions
    $system_permissions = (@$bResetSystem?array():$system_permissions);
    function getSystemDefaultPermission(){
        global $database;
        $sqlAdmin = 'SELECT `system_permissions` FROM `'.TABLE_PREFIX.'groups` '
                  . 'WHERE `group_id`=\'1\' ';
        $sPermissions = $database->get_one($sqlAdmin);
        return (@$database->get_error()?:$sPermissions);
    }
/*---------------------------------------------------------------------------------------------------------------*/
    function getSystemFromRequest($aRequestVars=null)
    {
        global $bResetSystem;
        if ($bResetSystem){return null;}
        $aPermissions = array_flip(explode(',', getSystemDefaultPermission()));
        // define Lambda-Callback for sanitize POST arguments   secunia 2010-92-2
        $cbSanitize = (function($sValue) { $sValue = preg_replace('/[^a-z0-9_-]/i', '', $sValue); return $sValue;});
        $aPermissions = (is_array($aPermissions) ? $aPermissions : array());
        $aPermissions = array_map($cbSanitize, $aPermissions);
        $aPermissions = array_intersect_key($aRequestVars, $aPermissions);
        return $aPermissions;
    }
/*---------------------------------------------------------------------------------------------------------------*/
    function getSystemPermissions($aRequestVars=null)
    {
        $aPermissions = array();
        if (!$aRequestVars){return $aPermissions;}
        $aValidType = $aValidView = $aValidAddons = $aValidAccess = $aValidSettings = array();
        $aTmpPermissions  = getSystemFromRequest($aRequestVars);
        if (($aTmpPermissions)){
            $aValidType     = preg_replace('/^(.*?)_.*$/', '\1', array_keys($aTmpPermissions));
            $aValidView     = preg_replace('/^(.*)/', '\1_view', $aValidType);
            $aValidAddons   = preg_replace('/^(modules.*|templates.*|languages.*)$/', 'addons', $aValidView);
            $aValidAccess   = preg_replace('/^(groups.*|users.*)$/', 'access', $aValidView);
            $aValidSettings = preg_replace('/^(settings.*)$/', 'settings_basic', $aValidView);
            $aPermissions   = array_merge(
                              $aTmpPermissions,
                              array_flip($aValidType),
                              array_flip($aValidView),
                              array_flip($aValidAccess),
                              array_flip($aValidAddons),
                              array_flip($aValidSettings)
                              );
            $iSortFlags = ((version_compare(PHP_VERSION, '5.4.0', '<'))?SORT_REGULAR:SORT_NATURAL|SORT_FLAG_CASE);
            ksort ($aPermissions, $iSortFlags);
        }
        return $aPermissions;
    }
    $aRequestSystemPermissions = getSystemPermissions($aRequestVars);
/* WB283 SP4 Fixes ***************************************************/
    // clean up system_permission
    $system_permissions = ($bAdvancedSave ? array_intersect_key($aRequestSystemPermissions, $system_permissions):$system_permissions);
    $aSystemPermissions = array_merge($aRequestSystemPermissions, $system_permissions);
    $aSystemPermissions = (@$bResetSystem?array():$aSystemPermissions);
    $iSortFlags = ((version_compare(PHP_VERSION, '5.4.0', '<'))?SORT_REGULAR:SORT_NATURAL|SORT_FLAG_CASE);
    ksort ($aSystemPermissions, $iSortFlags);
    // Implode system permissions
    $aAllowedSystemPermissions = array();
/*------------------------------------------------------------------------------------------------------------*/
    foreach ($aSystemPermissions as $sName => $sValue) {
        $aAllowedSystemPermissions[] = $sName;
    }
    $system_permissions = implode(',', $aAllowedSystemPermissions);
/*------------------------------------------------------------------------------------------------------------*/
    function getPermissionsFromPost($sType, $bReset=false)
    {
        // define Lambda-Callback for sanitize POST arguments   secunia 2010-92-2
        $cbSanitize = function($sValue) { $sValue = preg_replace('/[^a-z0-9_-]/i', '', $sValue); return $sValue; };
        $aPermissions = $GLOBALS['admin']->get_post($sType.'_permissions');
        $aPermissions = is_array($aPermissions) ? $aPermissions : array();
        $aPermissions = array_map($cbSanitize, $aPermissions);
        $sOldWorkingDir = getcwd();
        chdir(WB_PATH.'/'.$sType.'s/');
        $aAvailableItemsList = glob('*', GLOB_ONLYDIR|GLOB_NOSORT);
        chdir($sOldWorkingDir);
        $aPermissions = (@$bReset?array():$aPermissions);
        $aUncheckedItems = array_diff($aAvailableItemsList, $aPermissions);
        return implode(',', $aUncheckedItems);
    }
    // Get module permissions
    $module_permissions   = getPermissionsFromPost('module', $bResetModules);
    // Get template permissions
    $template_permissions = getPermissionsFromPost('template', $bResetTemplates);

}