Index: branches/5.1.x/core/units/helpers/permissions_helper.php =================================================================== diff -u -r13168 -r13461 --- branches/5.1.x/core/units/helpers/permissions_helper.php (.../permissions_helper.php) (revision 13168) +++ branches/5.1.x/core/units/helpers/permissions_helper.php (.../permissions_helper.php) (revision 13461) @@ -1,6 +1,6 @@ Application->RecallVar('UserGroups'); + + // get categories, where given permission is explicitely defined + $sql = 'SELECT SUM(PermissionValue), CatId + FROM ' . TABLE_PREFIX . 'Permissions + WHERE Permission = "' . $permission_name . '" AND GroupId IN (' . $groups . ') AND Type = 0 + GROUP BY CatId'; + $permissions = $this->Conn->GetCol($sql, 'CatId'); + + // get all categories along with their parent path + $sql = 'SELECT ParentPath, CategoryId + FROM ' . TABLE_PREFIX . 'Category'; + $parent_paths = $this->Conn->GetCol($sql, 'CategoryId'); + + foreach ($parent_paths as $category_id => $parent_path) { + if (array_key_exists($category_id, $permissions)) { + // permission for given category is set explicitly + continue; + } + + $perm_value = 0; + $parent_path = explode('|', substr($parent_path, 1, -1)); + $parent_path = array_reverse($parent_path); + array_push($parent_path, 0); + + foreach ($parent_path as $parent_category_id) { + if (array_key_exists($parent_category_id, $permissions)) { + $perm_value = $permissions[$parent_category_id] ? 1 : 0; + break; + } + } + + $permissions[$category_id] = $perm_value; + } + + // remove categories, where given permissions is denied + foreach ($permissions as $category_id => $perm_value) { + if (!$perm_value) { + unset($permissions[$category_id]); + } + } + + return array_keys($permissions); + } + + /** * Allows to check MODIFY & OWNER.MODFY +/- PENDING permission combinations on item * * @param int $owner_id user_id, that is owner of the item