Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Rename all the files to camelCase and update the class name in the files

Browse Source
This commit is contained in:
Dominique Fournier
2021-05-07 12:19:08 +02:00
parent 276a5c4cbd
commit c8d275be31
82 changed files with 101 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

344
src/Dblayerauthzgroups.php Normal file
View File

@@ -0,0 +1,344 @@
<?php
/** DomFramework
* @package domframework
* @author Dominique Fournier <dominique@fournier38.fr>
* @license BSD
*/
namespace Domframework;
/** DBLayer with authorization
* All the actions in database are conditionned to the rights in authzgroups
*/
class Dblayerauthzgroups extends Dblayer
{
/** The authzgroups object, connected to the database */
public $authzgroups = null;
/** The module name for authzgroups */
public $module = null;
/** The user name for authzgroups */
public $user = null;
/** The auth information (email, lastname, firstname) */
public $auth = null;
/** The default group(s) when creating a new object. Can be a string or an
array with multiple groups */
public $createGroup = null;
/** The default right when creating a new object */
public $createRight = "RW";
/** Pre-Path in object authzgroups */
public $path = "";
/** Flag when primary key is added before search */
private $primaryKeyAdded = false;
////////////////////////
/// MAIN METHODS ///
////////////////////////
/** Hook preread
* This hook is run before selecting the data in the database, after the
* verification
* @param array|null &$select Rows to select with
* $select = array (array ($key, $val, $operator), ...)
* $key=>column, $val=>value to found, $operator=>'LIKE', =...
* @param array|null &$display Columns displayed
* $display = array ($col1, $col2...);
* @param array|null &$order Sort the columns by orientation
* $order = array (array ($key, $orientation), ...)
* $key=>column, $orientation=ASC/DESC
* @param boolean|null &$whereOr The WHERE parameters are separated by OR
* instead of AND
* @param array|null &$foreignSelect Add a filter on foreign keys
*/
public function hookpreread (&$select, &$display, &$order, &$whereOr,
&$foreignSelect)
{
if ($this->module === null)
throw new Exception ("No module defined for dblayerauthzgroups", 500);
if ($this->auth !== null && array_key_exists ("email", $this->auth) &&
$this->user === null)
$this->user = $this->auth["email"];
if ($this->user === null)
throw new Exception ("No user defined for dblayerauthzgroups", 500);
if ($this->authzgroups === null)
throw new Exception ("No authzgroups defined for dblayerauthzgroups",
500);
if ($display === null || ! in_array ($this->primary, $display))
{
// Need the primary key to allow/deny access. Add it and remove the data
// after the access verification
$display[] = $this->primary;
$this->primaryKeyAdded = true;
}
}
/** Hook postread
* This hook is run after selecting the data. Return only the allowed data to
* the user. It must have at least the RO flag.
* @param array $data the data selected by the select
* @return array The data modified by the hook
*/
public function hookpostread ($data)
{
// TODO : If foreign keys, do we check if the access is allowed too ?
if ($this->module === null)
throw new Exception ("No module defined for dblayerauthzgroups", 500);
if ($this->auth !== null && array_key_exists ("email", $this->auth) &&
$this->user === null)
$this->user = $this->auth["email"];
if ($this->user === null)
throw new Exception ("No user defined for dblayerauthzgroups", 500);
if ($this->authzgroups === null)
throw new Exception ("No authzgroups defined for dblayerauthzgroups",
500);
$this->allowPath ();
foreach ($data as $key=>$line)
{
try
{
$this->authzgroups->accessRight ($this->module, $this->user,
$this->path."/".$line[$this->primary]);
}
catch (Exception $e)
{
unset ($data[$key]);
}
if ($this->primaryKeyAdded === true)
unset ($data[$key][$this->primary]);
}
return $data;
}
/** Hook preinsert
* This hook is run before inserting a new data in the database, after the
* verification
* @param array $data the data to insert in the database
* @return the modified data
*/
public function hookpreinsert ($data)
{
if ($this->module === null)
throw new Exception ("No module defined for dblayerauthzgroups", 500);
if ($this->auth !== null && array_key_exists ("email", $this->auth) &&
$this->user === null)
$this->user = $this->auth["email"];
if ($this->user === null)
throw new Exception ("No user defined for dblayerauthzgroups", 500);
if ($this->authzgroups === null)
throw new Exception ("No authzgroups defined for dblayerauthzgroups",
500);
if ($this->createGroup === null)
throw new Exception ("No createGroup defined for dblayerauthzgroups",
500);
$this->allowPath ();
$this->authzgroups->accessWrite ($this->module, $this->user, $this->path);
return $data;
}
/** Hook postinsert
* This hook is run after successfuly insert a new data in the database
* @param array $data The data stored in the database
* @param integer $lastID The lastID stored
* @return the modified lastID
*/
public function hookpostinsert ($data, $lastID)
{
if ($this->module === null)
throw new Exception ("No module defined for dblayerauthzgroups", 500);
if ($this->auth !== null && array_key_exists ("email", $this->auth) &&
$this->user === null)
$this->user = $this->auth["email"];
if ($this->user === null)
throw new Exception ("No user defined for dblayerauthzgroups", 500);
if ($this->authzgroups === null)
throw new Exception ("No authzgroups defined for dblayerauthzgroups",
500);
if ($this->createGroup === null)
throw new Exception ("No createGroup defined for dblayerauthzgroups",
500);
$this->authzgroups->objectAdd ($this->module, $this->path."/$lastID");
if (is_array ($this->createGroup))
{
foreach ($this->createGroup as $group)
{
$this->authzgroups->rightAdd ($this->module, $group,
$this->path."/$lastID",
$this->createRight);
}
}
elseif (is_string ($this->createGroup))
{
$this->authzgroups->rightAdd ($this->module, $this->createGroup,
$this->path."/$lastID", $this->createRight);
}
else
{
throw new Exception ("createGroup defined for dblayerauthzgroups is not ".
"an array or a string", 500);
}
return $lastID;
}
/** Hook preupdate
* This hook is run before updating a data in the database, after the
* verification
* @param integer $updatekey The key which will be updated
* @param array $data The data to store in the provided key
* @return the modified data
*/
public function hookpreupdate ($updatekey, $data)
{
if ($this->module === null)
throw new Exception ("No module defined for dblayerauthzgroups", 500);
if ($this->auth !== null && array_key_exists ("email", $this->auth) &&
$this->user === null)
$this->user = $this->auth["email"];
if ($this->user === null)
throw new Exception ("No user defined for dblayerauthzgroups", 500);
if ($this->authzgroups === null)
throw new Exception ("No authzgroups defined for dblayerauthzgroups",
500);
$this->allowPath ();
$this->authzgroups->accessWrite ($this->module, $this->user, $this->path);
$this->authzgroups->accessWrite ($this->module, $this->user,
$this->path."/$updatekey");
return $data;
}
/** Hook predelete
* This hook is run before deleting a data in the database
* @param string $deletekey The key to delete
* @return the modified $deletekey
*/
public function hookpredelete ($deletekey)
{
if ($this->module === null)
throw new Exception ("No module defined for dblayerauthzgroups", 500);
if ($this->auth !== null && array_key_exists ("email", $this->auth) &&
$this->user === null)
$this->user = $this->auth["email"];
if ($this->user === null)
throw new Exception ("No user defined for dblayerauthzgroups", 500);
if ($this->authzgroups === null)
throw new Exception ("No authzgroups defined for dblayerauthzgroups",
500);
$this->allowPath ();
$this->authzgroups->accessWrite ($this->module, $this->user, $this->path);
$this->authzgroups->accessWrite ($this->module, $this->user,
$this->path."/$deletekey");
return $deletekey;
}
/** Hook postdelete
* This hook is run after successfuly deleting a data in the database
* @param string $deletekey The key to delete
* @param integer $nbLinesDeleted The number of deleted lines
* @return $nbLinesUpdated
*/
public function hookpostdelete ($deletekey, $nbLinesDeleted)
{
if ($this->module === null)
throw new Exception ("No module defined for dblayerauthzgroups", 500);
if ($this->auth !== null && array_key_exists ("email", $this->auth) &&
$this->user === null)
$this->user = $this->auth["email"];
if ($this->user === null)
throw new Exception ("No user defined for dblayerauthzgroups", 500);
if ($this->authzgroups === null)
throw new Exception ("No authzgroups defined for dblayerauthzgroups",
500);
$this->authzgroups->objectDel ($this->module, $this->path."/$deletekey");
return $nbLinesDeleted;
}
/** Return true if all the paths are allowed. Throw an exception elsewhere
*/
private function allowPath ()
{
if ($this->module === null)
throw new Exception ("No module defined for dblayerauthzgroups", 500);
if ($this->auth !== null && array_key_exists ("email", $this->auth) &&
$this->user === null)
$this->user = $this->auth["email"];
if ($this->user === null)
throw new Exception ("No user defined for dblayerauthzgroups", 500);
if ($this->authzgroups === null)
throw new Exception ("No authzgroups defined for dblayerauthzgroups",
500);
if (substr ($this->path, -1) === "/")
$this->path = substr ($this->path, 0, -1);
$paths = explode ("/", $this->path);
$path = "";
foreach ($paths as $pathTmp)
{
$path .= "/$pathTmp";
$path = str_replace ("//", "/", $path);
$this->authzgroups->accessRight ($this->module, $this->user, $path);
}
return true;
}
///////////////////
/// SETTERS ///
///////////////////
/** Set the authzgroups property
* @param object $authzgroups The object of the authzgroups
*/
public function authzgroupsSet ($authzgroups)
{
$this->authzgroups = $authzgroups;
return $this;
}
/** Set the module property
* @param string $module The module name to use
*/
public function moduleSet ($module)
{
$this->module = $module;
return $this;
}
/** Set the auth property
* @param array $auth The auth array
*/
public function authSet ($auth)
{
$this->auth = $auth;
return $this;
}
/** Set the user property
* @param string $user The user to authorize
*/
public function userSet ($user)
{
$this->user = $user;
return $this;
}
/** Set the createGroup property
* @param array|string $createGroup The createGroup to set
*/
public function createGroupSet ($createGroup)
{
$this->createGroup = $createGroup;
return $this;
}
/** Set the createRight property
* @param string $createRight The right to create
*/
public function createRightSet ($createRight)
{
$this->createRight = $createRight;
return $this;
}
/** Set the path property
* @param string $path The pre-path to use
*/
public function pathSet ($path)
{
$this->path = $path;
return $this;
}
}