Index: branches/5.2.x/core/units/helpers/user_helper.php =================================================================== diff -u -N -r14630 -r14631 --- branches/5.2.x/core/units/helpers/user_helper.php (.../user_helper.php) (revision 14630) +++ branches/5.2.x/core/units/helpers/user_helper.php (.../user_helper.php) (revision 14631) @@ -1,6 +1,6 @@ GetDBField('UserType') == UserType::USER ) { - array_push($groups, $this->Application->ConfigValue('User_NewGroup')); + $default_group = $this->getUserTypeGroup(); + if ( $default_group !== false ) { + array_push($groups, $default_group); } - elseif ( $object->GetDBField('UserType') == UserType::ADMIN ) { - array_push($groups, $this->Application->ConfigValue('User_AdminGroup')); - } // store groups, because kApplication::CheckPermission will use them! array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup')); @@ -212,6 +210,57 @@ } /** + * Returns default user group for it's type + * + * @return bool|string + * @access protected + */ + protected function getUserTypeGroup() + { + $group_id = false; + $object =& $this->getUserObject(); + + if ( $object->GetDBField('UserType') == UserType::USER ) { + $group_id = $this->Application->ConfigValue('User_NewGroup'); + } + elseif ( $object->GetDBField('UserType') == UserType::ADMIN ) { + $group_id = $this->Application->ConfigValue('User_AdminGroup'); + } + + $ip_restrictions = $this->getGroupsWithIPRestrictions(); + + if ( !isset($ip_restrictions[$group_id]) || kUtil::ipMatch($ip_restrictions[$group_id], "\n") ) { + return $group_id; + } + + return false; + } + + /** + * Returns groups with IP restrictions + * + * @return Array + * @access public + */ + public function getGroupsWithIPRestrictions() + { + static $cache = null; + + if ( $this->Application->isDebugMode() ) { + return Array (); + } + + if ( !isset($cache) ) { + $sql = 'SELECT IPRestrictions, GroupId + FROM ' . TABLE_PREFIX . 'PortalGroup + WHERE IPRestrictions IS NOT NULL'; + $cache = $this->Conn->GetCol($sql, 'GroupId'); + } + + return $cache; + } + + /** * Performs user logout * */ Index: branches/5.2.x/core/units/users/users_item.php =================================================================== diff -u -N -r14630 -r14631 --- branches/5.2.x/core/units/users/users_item.php (.../users_item.php) (revision 14630) +++ branches/5.2.x/core/units/users/users_item.php (.../users_item.php) (revision 14631) @@ -1,6 +1,6 @@ GetID() . ') AND ( (ug.MembershipExpires IS NULL) OR (ug.MembershipExpires >= ' . adodb_mktime() . ') ) - ORDER BY IF(ug.GroupId = ' . $this->GetDBField('PrimaryGroupId') . ', 1, 0) DESC'; - $groups = $this->Conn->GetCol($sql, 'GroupId'); + $sql = 'SELECT GroupId + FROM ' . TABLE_PREFIX . 'UserGroup + WHERE (PortalUserId = ' . $this->GetID() . ') AND ( (MembershipExpires IS NULL) OR (MembershipExpires >= ' . adodb_mktime() . ') ) + ORDER BY IF(GroupId = ' . $this->GetDBField('PrimaryGroupId') . ', 1, 0) DESC'; + $groups = $this->Conn->GetCol($sql); - if ( $this->Application->isDebugMode() ) { - return array_keys($groups); - } - else { - $user_groups = Array (); + $user_helper =& $this->Application->recallObject('UserHelper'); + /* @var $user_helper UserHelper */ - foreach ($groups as $group_id => $ip_restrictions) { - if ( !$ip_restrictions || kUtil::ipMatch($ip_restrictions, "\n") ) { - $user_groups[] = $group_id; - } - } + $user_groups = Array (); + $ip_restrictions = $user_helper->getGroupsWithIPRestrictions(); - return $user_groups; + foreach ($groups as $group_id) { + if ( !isset($ip_restrictions[$group_id]) || kUtil::ipMatch($ip_restrictions[$group_id], "\n") ) { + $user_groups[] = $group_id; + } } + + return $user_groups; } return explode(',', $user_groups);