From d4a0e44f4b47b61a040969678830c614a37fdf97 Mon Sep 17 00:00:00 2001
From: Prav <pravin_s@techjoomla.com>
Date: Thu, 9 Jan 2020 14:37:56 +0530
Subject: [PATCH] Feature #155819 chore: Upgrade com_subuser

---
 src/administrator/controllers/mappings.php    |  1 +
 src/administrator/includes/rbacl.php          | 18 +++++----
 src/administrator/models/action.php           | 13 ++++++-
 src/administrator/models/fields/role.php      |  1 +
 src/administrator/models/forms/mapping.xml    | 39 +++++++------------
 src/administrator/models/mapping.php          | 10 ++++-
 src/administrator/models/mappings.php         |  2 +
 src/administrator/models/role.php             |  2 +-
 src/administrator/models/roles.php            |  9 +++++
 src/administrator/models/user.php             | 13 +++++--
 .../views/mappings/tmpl/default.php           |  1 +
 11 files changed, 69 insertions(+), 40 deletions(-)

diff --git a/src/administrator/controllers/mappings.php b/src/administrator/controllers/mappings.php
index 41c6970..f66a489 100755
--- a/src/administrator/controllers/mappings.php
+++ b/src/administrator/controllers/mappings.php
@@ -8,6 +8,7 @@
  * @license     http://www.gnu.org/licenses/gpl-2.0.html GNU/GPL
  */
 
+// No direct access.
 defined('_JEXEC') or die;
 
 use Joomla\CMS\MVC\Controller\AdminController;
diff --git a/src/administrator/includes/rbacl.php b/src/administrator/includes/rbacl.php
index 4717e43..79532ed 100644
--- a/src/administrator/includes/rbacl.php
+++ b/src/administrator/includes/rbacl.php
@@ -64,7 +64,7 @@ public static function table($name)
 	 **/
 	public static function model($name, $config = array())
 	{
-		BaseDatabaseModel::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_subusers/models');
+		BaseDatabaseModel::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_subusers/models', 'SubusersModel');
 
 		// @TODO Add support for cache
 		return BaseDatabaseModel::getInstance($name, 'SubusersModel', $config);
@@ -130,7 +130,9 @@ public static function check($userId, $client, $action, $contentId = null)
 					$userModel = self::model("user");
 					$contentRoleId = $userModel->getAssociatedContentRole($userId, $client, $contentId);
 
-					if (in_array($contentRoleId, $allowedRoles))
+					$rolesAllowed = array_intersect($contentRoleId, $allowedRoles);
+
+					if (!empty($rolesAllowed))
 					{
 						return true;
 					}
@@ -166,15 +168,15 @@ public static function authorise($userId, $client, $action, $contentId = null)
 	/**
 	 * Get user roles by user id and client id
 	 *
-	 * @param   integer  $userId            userId
-	 * @param   string   $client            client for role
-	 * @param   integer  $clientContentIid  content id
+	 * @param   integer  $userId           userId
+	 * @param   string   $client           client for role
+	 * @param   integer  $clientContentId  content id
 	 *
 	 * @return  array
 	 *
 	 * @since   __DEPLOY_VERSION__
 	 */
-	public static function getRoleByUser($userId, $client = '', $clientContentIid = 0)
+	public static function getRoleByUser($userId, $client = '', $clientContentId = null)
 	{
 		$roles = array();
 
@@ -191,9 +193,9 @@ public static function getRoleByUser($userId, $client = '', $clientContentIid =
 				$query->where($db->quoteName('client') . " = " . $db->quote($client));
 			}
 
-			if (!empty($clientContentIid))
+			if (!is_null($clientContentId))
 			{
-				$query->where($db->quoteName('client_id') . " = " . $db->quote($clientContentIid));
+				$query->where($db->quoteName('client_id') . " = " . $db->quote($clientContentId));
 			}
 
 			$db->setQuery($query);
diff --git a/src/administrator/models/action.php b/src/administrator/models/action.php
index 38a8aea..bf44e68 100755
--- a/src/administrator/models/action.php
+++ b/src/administrator/models/action.php
@@ -59,7 +59,7 @@ public function getForm($data = array(), $loadData = true)
 		$form = $this->loadForm(
 			'com_subusers.action', 'action',
 			array('control' => 'jform',
-				'load_data' => $loadData,
+				'load_data' => $loadData
 			)
 		);
 
@@ -112,7 +112,16 @@ public function getAssignedRoles($actionId)
 
 		$query->select('DISTINCT role_id');
 		$query->from($db->quoteName('#__tjsu_role_action_map'));
-		$query->where($db->quoteName('action_id') . " = " . (int) $actionId);
+
+		if (is_array($actionId))
+		{
+			$query->where($db->quoteName('action_id') . 'IN (' . implode(',', $db->quote($actionId)) . ')');
+		}
+		else
+		{
+			$query->where($db->quoteName('action_id') . " = " . (int) $actionId);
+		}
+
 		$db->setQuery($query);
 
 		return $db->loadColumn();
diff --git a/src/administrator/models/fields/role.php b/src/administrator/models/fields/role.php
index dc6afff..7afc333 100644
--- a/src/administrator/models/fields/role.php
+++ b/src/administrator/models/fields/role.php
@@ -8,6 +8,7 @@
  * @license     http://www.gnu.org/licenses/gpl-2.0.html GNU/GPL
  */
 
+// No direct access.
 defined('_JEXEC') or die();
 use Joomla\CMS\Factory;
 use Joomla\CMS\HTML\HTMLHelper;
diff --git a/src/administrator/models/forms/mapping.xml b/src/administrator/models/forms/mapping.xml
index a09657d..d9678e8 100755
--- a/src/administrator/models/forms/mapping.xml
+++ b/src/administrator/models/forms/mapping.xml
@@ -1,27 +1,18 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <form>
-	<fieldset>
-		<field
-			name="id"
-			type="hidden"
-			default="0"
-			filter="int"
-		/>
-		<field
-			name="role_id"
-			type="role"
-			label="COM_SUBUSERS_TITLE_ROLE"
-			description="COM_SUBUSERS_TITLE_ROLE"
-			required="true"
-			filter="integer"
-		/>
-		<field
-			name="action_id"
-			type="action"
-			label="COM_SUBUSERS_FORM_LBL_MAPPING_ACTION_ID"
-			description="COM_SUBUSERS_FORM_LBL_MAPPING_ACTION_ID"
-			required="true"
-			filter="integer"
-		/>
-	</fieldset>
+    <fieldset>
+        <field name="id" type="text" default="0" label="COM_SUBUSERS_FORM_LBL_MAPPING_ID" readonly="true" class="readonly" description="JGLOBAL_FIELD_ID_DESC" />
+        <field name="role_id" type="text" size="40" class="inputbox" label="COM_SUBUSERS_FORM_LBL_MAPPING_ROLE_ID" description="COM_SUBUSERS_FORM_DESC_MAPPING_ROLE_ID" required="true" filter="safehtml" />
+        <field name="action_id" type="text" size="40" class="inputbox" label="COM_SUBUSERS_FORM_LBL_MAPPING_ACTION_ID" description="COM_SUBUSERS_FORM_DESC_MAPPING_ACTION_ID" required="true" filter="safehtml" />
+        <field name="client" type="text" size="40" class="inputbox" label="COM_SUBUSERS_FORM_LBL_MAPPING_CLIENT" description="COM_SUBUSERS_FORM_DESC_MAPPING_CLIENT" filter="safehtml" />
+        <field name="created_by" type="createdby" default="" label="COM_SUBUSERS_FORM_LBL_MAPPING_CREATED_BY" description="COM_SUBUSERS_FORM_DESC_MAPPING_CREATED_BY" />
+        <field name="state" type="list" label="JSTATUS" description="JFIELD_PUBLISHED_DESC" class="inputbox" size="1" default="1">
+            <option value="1">JPUBLISHED</option>
+            <option value="0">JUNPUBLISHED</option>
+            <option value="2">JARCHIVED</option>
+            <option value="-2">JTRASHED</option>
+        </field>
+        <field name="checked_out" type="hidden" filter="unset" />
+        <field name="checked_out_time" type="hidden" filter="unset" />
+    </fieldset>
 </form>
\ No newline at end of file
diff --git a/src/administrator/models/mapping.php b/src/administrator/models/mapping.php
index 94db96b..ba3ac80 100755
--- a/src/administrator/models/mapping.php
+++ b/src/administrator/models/mapping.php
@@ -8,6 +8,7 @@
  * @license     http://www.gnu.org/licenses/gpl-2.0.html GNU/GPL
  */
 
+// No direct access.
 defined('_JEXEC') or die;
 
 use Joomla\CMS\Factory;
@@ -55,7 +56,13 @@ public function getTable($type = 'Mapping', $prefix = 'SubusersTable', $config =
 	 */
 	public function getForm($data = array(), $loadData = true)
 	{
-		$form = $this->loadForm('com_subusers.mapping', 'mapping', array('control' => 'jform', 'load_data' => $loadData));
+		// Get the form.
+		$form = $this->loadForm(
+			'com_subusers.mapping', 'mapping',
+			array('control' => 'jform',
+				'load_data' => $loadData
+			)
+		);
 
 		if (empty($form))
 		{
@@ -74,6 +81,7 @@ public function getForm($data = array(), $loadData = true)
 	 */
 	protected function loadFormData()
 	{
+		// Check the session for previously entered form data.
 		$data = Factory::getApplication()->getUserState('com_subusers.edit.mapping.data', array());
 
 		if (empty($data))
diff --git a/src/administrator/models/mappings.php b/src/administrator/models/mappings.php
index 4a0ef5a..f0510c0 100755
--- a/src/administrator/models/mappings.php
+++ b/src/administrator/models/mappings.php
@@ -61,6 +61,7 @@ protected function populateState($ordering = 'a.id', $direction = 'desc')
 	{
 		$app = Factory::getApplication('administrator');
 
+		// Load the filter state.
 		$search = $app->getUserStateFromRequest($this->context . '.filter.search', 'filter_search');
 		$this->setState('filter.search', $search);
 
@@ -79,6 +80,7 @@ protected function populateState($ordering = 'a.id', $direction = 'desc')
 	 */
 	protected function getListQuery()
 	{
+		// Create a new query object.
 		$db    = $this->getDbo();
 		$query = $db->getQuery(true);
 
diff --git a/src/administrator/models/role.php b/src/administrator/models/role.php
index 400a81b..64ce006 100755
--- a/src/administrator/models/role.php
+++ b/src/administrator/models/role.php
@@ -59,7 +59,7 @@ public function getForm($data = array(), $loadData = true)
 		$form = $this->loadForm(
 			'com_subusers.role', 'role',
 			array('control' => 'jform',
-				'load_data' => $loadData,
+				'load_data' => $loadData
 			)
 		);
 
diff --git a/src/administrator/models/roles.php b/src/administrator/models/roles.php
index 3366df1..691b0f5 100755
--- a/src/administrator/models/roles.php
+++ b/src/administrator/models/roles.php
@@ -58,9 +58,11 @@ protected function populateState($ordering = 'a.id', $direction = 'desc')
 	{
 		$app = Factory::getApplication('administrator');
 
+		// Load the filter state.
 		$search = $app->getUserStateFromRequest($this->context . '.filter.search', 'filter_search');
 		$this->setState('filter.search', $search);
 
+		// Load the parameters.
 		$params = JComponentHelper::getParams('com_subusers');
 		$this->setState('params', $params);
 
@@ -76,18 +78,23 @@ protected function populateState($ordering = 'a.id', $direction = 'desc')
 	 */
 	protected function getListQuery()
 	{
+		// Create a new query object.
 		$db    = $this->getDbo();
 		$query = $db->getQuery(true);
 
+		// Select the required fields from the table.
 		$query->select(
 			$this->getState(
 				'list.select', 'DISTINCT a.*'
 			)
 		);
 		$query->from('`#__tjsu_roles` AS a');
+
+		// Join over the user field 'created_by'
 		$query->select('`created_by`.name AS `created_by`');
 		$query->join('LEFT', '#__users AS `created_by` ON `created_by`.id = a.`created_by`');
 
+		// Filter by search in title
 		$search = $this->getState('filter.search');
 
 		if (!empty($search))
@@ -107,11 +114,13 @@ protected function getListQuery()
 
 		$client = $this->getState('filter.client');
 
+		// Filter by client
 		if (!empty($client))
 		{
 			$query->where($db->quoteName('a.client') . ' = ' . $db->quote($client));
 		}
 
+		// Add the list ordering clause.
 		$orderCol  = $this->state->get('list.ordering');
 		$orderDirn = $this->state->get('list.direction');
 
diff --git a/src/administrator/models/user.php b/src/administrator/models/user.php
index f36d0fe..7c31e52 100755
--- a/src/administrator/models/user.php
+++ b/src/administrator/models/user.php
@@ -61,7 +61,7 @@ public function getForm($data = array(), $loadData = true)
 		$form = $this->loadForm(
 			'com_subusers.user', 'user',
 			array('control' => 'jform',
-				'load_data' => $loadData,
+				'load_data' => $loadData
 			)
 		);
 
@@ -109,7 +109,7 @@ protected function loadFormData()
 	 *
 	 * @since   __DEPLOY_VERSION__
 	 */
-	public function getAssociatedContentRole($userId, $client, $contentId)
+	public function getAssociatedContentRole($userId, $client, $contentId = null)
 	{
 		$db = Factory::getDbo();
 		$query = $db->getQuery(true);
@@ -118,9 +118,14 @@ public function getAssociatedContentRole($userId, $client, $contentId)
 		$query->from($db->quoteName('#__tjsu_users'));
 		$query->where($db->quoteName('user_id') . " = " . (int) $userId);
 		$query->where($db->quoteName('client') . " = " . $db->q($client));
-		$query->where($db->quoteName('client_id') . " = " . (int) $contentId);
+
+		if (!is_null($contentId))
+		{
+			$query->where($db->quoteName('client_id') . " = " . $db->quote($contentId));
+		}
+
 		$db->setQuery($query);
 
-		return $db->loadResult();
+		return $db->loadColumn();
 	}
 }
diff --git a/src/administrator/views/mappings/tmpl/default.php b/src/administrator/views/mappings/tmpl/default.php
index 3ed67ff..c08cb13 100755
--- a/src/administrator/views/mappings/tmpl/default.php
+++ b/src/administrator/views/mappings/tmpl/default.php
@@ -7,6 +7,7 @@
  * @license    GNU General Public License version 2 or later; see LICENSE.txt
  */
 
+// No direct access
 defined('_JEXEC') or die;
 
 use Joomla\CMS\HTML\HTMLHelper;