Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

authzgroups : add rights support

Browse Source 
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@1918 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
Dominique Fournier
2015-01-07 03:26:38 +00:00
parent 53cd221538
commit fdf1e9e6f1
1 changed files with 270 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

285
authzgroups.php
View File

@@ -31,15 +31,26 @@ class authzgroups
throw new Exception (dgettext ("domframework",
"DB for Object is not connected"), 500);
// Do the SQL request in hard to be more performant on jointures
$req = "SELECT o.object,MAX(r.right) AS right
FROM ".$this->tableprefix."authzright AS r,
".$this->tableprefix."authzobject AS o,
".$this->tableprefix."authzgroup AS g,
".$this->tableprefix."authzgroupmember AS gm
WHERE r.idgroup=g.idgroup AND r.idobject=o.idobject AND gm.idgroup=g.idgroup
AND gm.user=:user AND g.module=:module
GROUP BY o.object
ORDER BY o.object";
if ($user === "cli" || $user === "root")
{
$req = "SELECT o.object,'2' AS right
FROM ".$this->tableprefix."authzobject AS o
WHERE o.module=:module";
}
else
{
$req = "SELECT o.object,MAX(r.right) AS right
FROM ".$this->tableprefix."authzright AS r,
".$this->tableprefix."authzobject AS o,
".$this->tableprefix."authzgroup AS g,
".$this->tableprefix."authzgroupmember AS gm
WHERE r.idgroup=g.idgroup AND r.idobject=o.idobject AND
gm.idgroup=g.idgroup
AND gm.user=:user AND g.module=:module
GROUP BY o.object
ORDER BY o.object";
}
if ($this->debug) echo "$req\n";
try
{
@@ -52,7 +63,8 @@ class authzgroups
throw new Exception ($e->getMessage(), 500);
}
$st->bindValue (":user", $user);
if ($user !== "cli" && $user !== "root")
$st->bindValue (":user", $user);
$st->bindValue (":module", $module);
$rc = $st->execute ();
if ($rc === false)
@@ -163,6 +175,10 @@ class authzgroups
$this->dbGroupMember->foreign = array (
"idgroup"=>array ("authzgroup", "idgroup",
"ON UPDATE CASCADE ON DELETE CASCADE"));
$this->dbGroupMember->titles = array ("idgroupmember"=>_("idgroupmember"),
"user"=>_("User"),
"idgroup"=>_("idgroup"),
"comment"=>_("Comment"));
$this->dbRight = new dblayer ($dsn, $username, $password, $driver_options);
$this->dbRight->debug = $this->debug;
@@ -172,7 +188,7 @@ class authzgroups
"idright"=> array ("integer", "not null", "autoincrement"),
"idgroup"=> array ("integer", "not null"),
"idobject"=>array ("integer", "not null"),
"right"=> array ("integer", "not null"), // 1=RO,2=RW
"right"=> array ("varchar", "2", "not null"), // RO,RW
"comment"=> array ("varchar", "255"));
$this->dbRight->primary = "idright";
$this->dbRight->unique = array ("idright", array ("idgroup","idobject"));
@@ -182,6 +198,11 @@ class authzgroups
"idobject"=>array ("authzobject", "idobject",
"ON UPDATE CASCADE ON DELETE CASCADE"),
);
$this->dbRight->titles = array ("idright"=>_("idright"),
"idgroup"=>_("idgroup"),
"idobject"=>_("idobject"),
"right"=>_("Right"),
"comment"=>_("Comment"));
return TRUE;
}
@@ -410,7 +431,7 @@ class authzgroups
$select[] = array ("module", $module);
if ($group !== null)
$select[] = array ("group", $group);
return $this->dbGroup->read ($select);
return $this->dbGroup->read ($select, null, array (array ("group", "ASC")));
}
public function groupReadByID ($module, $idgroup)
@@ -436,6 +457,7 @@ class authzgroups
{
return $this->dbGroup->verify ($datas, $idgroup);
}
//////////////////////
// GROUP MEMBER //
//////////////////////
@@ -477,12 +499,46 @@ class authzgroups
return $this->dbGroupMember->delete ($groupsMembers[0]["idgroupmember"]);
}
/** Remove an groupmember from database and all the rights using it */
public function groupmemberDelByID ($module, $idgroup, $idgroupmember)
{
if ($this->dbGroupMember == null)
throw new Exception (dgettext ("domframework",
"DB for GroupMember is not connected"),
500);
$groups = $this->groupReadByID ($module, $idgroup);
if (! isset ($groups[0]["idgroup"]))
throw new Exception (dgettext ("domframework",
"Wanted group not found"), 404);
$groupsMembers = $this->dbGroupMember->read (array (
array ("idgroupmember",$idgroupmember),
array ("idgroup",$idgroup)));
if (! isset ($groupsMembers[0]["idgroupmember"]))
throw new Exception (dgettext ("domframework",
"Wanted GroupMember not found"), 404);
return $this->dbGroupMember->delete ($groupsMembers[0]["idgroupmember"]);
}
/** Update an groupmember in the database */
public function groupmemberUpdate ($module, $group, $user, $comment="")
{
die ("This function is not available : contact us if you need it\n");
}
/** Update an groupmember in the database */
public function groupmemberUpdateByID ($module, $idgroup, $iduser, $user,
$comment="")
{
$datas = $this->groupmemberReadUserDataByID ($module, $idgroup, $iduser);
if (count ($datas) === 0)
throw new Exception (dgettext ("domframework",
"IDUser in IDGroup not found"), 404);
return $this->dbGroupMember->update ($iduser,
array ("user"=>$user,
"comment"=>$comment));
}
/** Return an array with all the groups where the user is in and in the module
*/
public function groupmemberReadUser ($module, $user)
@@ -523,6 +579,53 @@ class authzgroups
return $this->dbGroupMember->read ($select, array ("user"));
}
/** Return an array with all the available users in the group and in the
module */
public function groupmemberReadGroupByID ($module, $idgroup)
{
if ($this->dbGroupMember == null)
throw new Exception (dgettext ("domframework",
"DB for GroupMember is not connected"),
500);
$groups = $this->groupReadByID ($module, $idgroup);
if (! isset ($groups[0]["idgroup"]))
throw new Exception (dgettext ("domframework",
"Wanted group not found"), 404);
$select[] = array ("idgroup", $groups[0]["idgroup"]);
return $this->dbGroupMember->read ($select);
}
/** Return an array containing the informations of a user in a specific group
*/
public function groupmemberReadUserDataByID ($module, $idgroup, $iduser)
{
if ($this->dbGroupMember == null)
throw new Exception (dgettext ("domframework",
"DB for GroupMember is not connected"),
500);
$groups = $this->groupReadByID ($module, $idgroup);
if (! isset ($groups[0]["idgroup"]))
throw new Exception (dgettext ("domframework",
"Wanted group not found"), 404);
$select[] = array ("idgroup", $groups[0]["idgroup"]);
$select[] = array ("idgroupmember", $iduser);
return $this->dbGroupMember->read ($select);
}
/** Return an array containing the titles of the table translating in the user
language */
public function groupmembersTitles ()
{
return $this->dbGroupMember->titles;
}
/** Check if the provided datas are compilant with the group specification
@return array The errors found in the datas */
public function groupmembersVerify ($datas, $idgroupmember=false)
{
return $this->dbGroupMember->verify ($datas, $idgroupmember);
}
////////////////
// RIGHTS //
////////////////
@@ -555,6 +658,37 @@ class authzgroups
"right"=>$right,
"comment"=>$comment));
}
/** Add a new right to right list by ID
Return the idright created */
public function rightAddByID ($module, $idgroup, $idobject, $idright,
$comment="")
{
if ($this->dbRight == null)
throw new Exception (dgettext ("domframework",
"DB for Right is not connected"), 500);
switch ($idright)
{
case "2": $right=2;break;
case "1": $right=1;break;
default:
throw new Exception (dgettext ("domframework",
"Unknown right provided (RO/RW only)"),
500);
}
$groups = $this->groupReadByID ($module, $idgroup);
if (! isset ($groups[0]["idgroup"]))
throw new Exception (dgettext ("domframework",
"Wanted group not found"), 404);
$objects = $this->objectReadByID ($module, $idobject);
if (! isset ($objects[0]["idobject"]))
throw new Exception (dgettext ("domframework",
"Wanted object not found"), 404);
return $this->dbRight->insert (array ("idgroup"=>$groups[0]["idgroup"],
"idobject"=>$objects[0]["idobject"],
"right"=>$right,
"comment"=>$comment));
}
/** Remove an right from database and all the rights using it */
public function rightDel ($module, $group, $object)
@@ -569,7 +703,20 @@ class authzgroups
return $this->dbRight->delete ($idrights[0]["idright"]);
}
/** Update an right in the database */
/** Remove an right from database by ID and all the rights using it */
public function rightDelByID ($module, $idright)
{
if ($this->dbRight == null)
throw new Exception (dgettext ("domframework",
"DB for Right is not connected"), 500);
$idrights = $this->rightReadByID ($module, $idright);
if (!isset ($idrights[0]["idright"]))
throw new Exception (dgettext ("domframework",
"Wanted right not found"), 404);
return $this->dbRight->delete ($idrights[0]["idright"]);
}
/** Update a right in the database */
public function rightUpdate ($module, $group, $object, $newright,
$newcomment="")
{
@@ -594,8 +741,35 @@ class authzgroups
"comment"=>$newcomment));
}
/** Return an array with all the available rights in the module, or the
right if provided */
/** Update a right by ID in the database */
public function rightUpdateByID ($module, $idright, $newidobject, $newright,
$newcomment="")
{
if ($this->dbRight == null)
throw new Exception (dgettext ("domframework",
"DB for Right is not connected"), 500);
switch ($newright)
{
case "2": $newright=2;break;
case "1": $newright=1;break;
default:
throw new Exception (dgettext ("domframework",
"Unknown right provided (RO/RW only)"),
500);
}
$idrights = $this->rightReadByID ($module, $idright);
if (!isset ($idrights[0]["idright"]))
throw new Exception (dgettext ("domframework",
"Wanted right not found"), 404);
return $this->dbRight->update ($idrights[0]["idright"],
array ("idobject"=>$newidobject,
"right"=>$newright,
"comment"=>$newcomment));
}
/** Return an array with all the available rights in the module, for a group,
and concerning an object */
public function rightRead ($module, $group, $object)
{
if ($this->dbRight == null)
@@ -613,4 +787,85 @@ class authzgroups
$select[] = array ("idobject",$objects[0]["idobject"]);
return $this->dbRight->read ($select);
}
/** Return an array with all the available rights for a module and a group */
public function rightReadByGroup ($module, $group)
{
if ($this->dbRight == null)
throw new Exception (dgettext ("domframework",
"DB for Right is not connected"), 500);
$groups = $this->groupRead ($module, $group);
if (! isset ($groups[0]["idgroup"]))
throw new Exception (dgettext ("domframework",
"Wanted group not found"), 404);
return $this->rightReadByGroupByID ($module, $objects[0]["idgroup"]);
}
/** Return an array with all the available rights for a module and a group */
public function rightReadByGroupByID ($module, $idgroup)
{
if ($this->dbRight == null)
throw new Exception (dgettext ("domframework",
"DB for Right is not connected"), 500);
$select[] = array ("idgroup", $idgroup);
return $this->dbRight->read ($select);
}
/** Return an array with all the informations concerning a right selected by
ID*/
public function rightReadByID ($module, $idright)
{
if ($this->dbRight == null)
throw new Exception (dgettext ("domframework",
"DB for Right is not connected"), 500);
$select[] = array ("idright", $idright);
return $this->dbRight->read ($select);
}
/** Return an array with all the available rights for a module and an object
*/
public function rightReadByObject ($module, $object)
{
if ($this->dbRight == null)
throw new Exception (dgettext ("domframework",
"DB for Right is not connected"), 500);
$objects = $this->objectRead ($module, $object);
if (! isset ($objects[0]["idobject"]))
throw new Exception (dgettext ("domframework",
"Wanted object not found"), 404);
$select[] = array ("idobject", $objects[0]["idobject"]);
return $this->dbRight->read ($select);
}
/** Return an array with all the available rights for a module and an idobject
*/
public function rightReadByObjectByID ($module, $idobject)
{
if ($this->dbRight == null)
throw new Exception (dgettext ("domframework",
"DB for Right is not connected"), 500);
$select[] = array ("idobject", $idobject);
return $this->dbRight->read ($select);
}
/** Return an array containing the titles of the table translating in the user
language */
public function rightTitles ()
{
return $this->dbRight->titles;
}
/** Return all the types of rights available (RO and RW) */
public function rightTypes ()
{
return array ("1"=>"RO", "2"=>"RW");
}
/** Check if the provided datas are compilant with the group specification
@return array The errors found in the datas */
public function rightVerify ($datas, $idright=false)
{
return $this->dbRight->verify ($datas, $idright);
}
}