1<?php
2/**
3 * Copyright since 2007 PrestaShop SA and Contributors
4 * PrestaShop is an International Registered Trademark & Property of PrestaShop SA
5 *
6 * NOTICE OF LICENSE
7 *
8 * This source file is subject to the Open Software License (OSL 3.0)
9 * that is bundled with this package in the file LICENSE.md.
10 * It is also available through the world-wide-web at this URL:
11 * https://opensource.org/licenses/OSL-3.0
12 * If you did not receive a copy of the license and are unable to
13 * obtain it through the world-wide-web, please send an email
14 * to license@prestashop.com so we can send you a copy immediately.
15 *
16 * DISCLAIMER
17 *
18 * Do not edit or add to this file if you wish to upgrade PrestaShop to newer
19 * versions in the future. If you wish to customize PrestaShop for your
20 * needs please refer to https://devdocs.prestashop.com/ for more information.
21 *
22 * @author    PrestaShop SA and Contributors <contact@prestashop.com>
23 * @copyright Since 2007 PrestaShop SA and Contributors
24 * @license   https://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
25 */
26
27use PrestaShopBundle\Security\Voter\PageVoter;
28
29function copy_tab_rights($fromTabName, $toTabName)
30{
31    if (empty($fromTabName) || empty($toTabName)) {
32        return;
33    }
34    foreach (array(PageVoter::CREATE, PageVoter::READ, PageVoter::UPDATE, PageVoter::DELETE) as $role) {
35        // 1- Add role
36        $roleToAdd = strtoupper('ROLE_MOD_TAB_' . $toTabName . '_' . $role);
37        Db::getInstance()->execute('INSERT IGNORE INTO `' . _DB_PREFIX_ . 'authorization_role` (`slug`)
38            VALUES ("' . pSQL($roleToAdd) . '")');
39        $newID = Db::getInstance()->Insert_ID();
40        if (!$newID) {
41            $newID = Db::getInstance()->getValue('
42                SELECT `id_authorization_role`
43                FROM `' . _DB_PREFIX_ . 'authorization_role`
44                WHERE `slug` = "' . pSQL($roleToAdd) . '"
45            ');
46        }
47
48        // 2- Copy access
49        if (!empty($newID)) {
50            $parentRole = strtoupper('ROLE_MOD_TAB_' . pSQL($fromTabName) . '_' . $role);
51            Db::getInstance()->execute(
52                'INSERT IGNORE INTO `' . _DB_PREFIX_ . 'access` (`id_profile`, `id_authorization_role`)
53                SELECT a.`id_profile`, ' . (int) $newID . ' as `id_authorization_role`
54                FROM `' . _DB_PREFIX_ . 'access` a join `' . _DB_PREFIX_ . 'authorization_role` ar on a.`id_authorization_role` = ar.`id_authorization_role`
55                WHERE ar.`slug` = "' . pSQL($parentRole) . '"'
56            );
57        }
58    }
59}
60