Dominique Fournier
17168aaaef
DomCi : remove line too longs on all the files git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5280 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
1395 lines
56 KiB
PHP
1395 lines
56 KiB
PHP
<?php
|
|
/** DomFramework
|
|
* @package domframework
|
|
* @author Dominique Fournier <dominique@fournier38.fr>
|
|
*/
|
|
|
|
require_once ("domframework/dblayeroo.php");
|
|
|
|
/** All the needed functions to authorize or deny access to an authenticated
|
|
* user by its groups membership
|
|
* Based on dblayeroo
|
|
*/
|
|
class authzgroupsoo
|
|
{
|
|
/** The table prefix to use */
|
|
public $tableprefix = "";
|
|
/** The dblayeroo object use to manage the Object table */
|
|
private $dbObject = null;
|
|
/** The dblayeroo object use to manage the Group table */
|
|
private $dbGroup = null;
|
|
/** The dblayeroo object use to manage the GroupMember table */
|
|
private $dbGroupMember = null;
|
|
/** The dblayeroo object use to manage the Right table */
|
|
private $dbRight = null;
|
|
/** Set the debug level */
|
|
public $debug = 0;
|
|
/** A local cache of the rights if multiple tests are needed */
|
|
private $rightCache = null;
|
|
|
|
/** Get the dbObject
|
|
*/
|
|
public function dbObject ()
|
|
// {{{
|
|
{
|
|
return $this->dbObject;
|
|
}
|
|
// }}}
|
|
|
|
/** Get the dbGroup
|
|
*/
|
|
public function dbGroup ()
|
|
// {{{
|
|
{
|
|
return $this->dbGroup;
|
|
}
|
|
// }}}
|
|
|
|
/** Get the dbGroupMember
|
|
*/
|
|
public function dbGroupMember ()
|
|
// {{{
|
|
{
|
|
return $this->dbGroupMember;
|
|
}
|
|
// }}}
|
|
|
|
/** Get the dbRight
|
|
*/
|
|
public function dbRight ()
|
|
// {{{
|
|
{
|
|
return $this->dbRight;
|
|
}
|
|
// }}}
|
|
|
|
/////////////////////
|
|
// USER RIGHTS //
|
|
/////////////////////
|
|
/** Return an array with all the rights of the user in the module.
|
|
* Cache this information to be quicker with next requests
|
|
* Remove the entries where path is not at least readable
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
*/
|
|
public function userrightsget ($module, $user)
|
|
{
|
|
// if (isset ($_SESSION["domframework"]["authzgroups"][$module][$user]))
|
|
// return $_SESSION["domframework"]["authzgroups"][$module][$user];
|
|
if ($this->rightCache !== null)
|
|
return $this->rightCache;
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
// Do the SQL request in hard to be more performant on jointures
|
|
if ($user === "cli" || $user === "root")
|
|
{
|
|
$this->dbObject->clearRequest ();
|
|
$resTmp = $this->dbObject->select ()
|
|
->displayAdd ("object", "object")
|
|
->displayAdd ("2", "right")
|
|
->whereAdd ("module", "=", $module)
|
|
->execute ();
|
|
}
|
|
else
|
|
{
|
|
$this->dbObject->clearRequest ();
|
|
$this->dbGroupMember->clearRequest ();
|
|
$this->dbGroup->clearRequest ();
|
|
$this->dbGroupMember->whereAdd ("user", "=", $user);
|
|
$this->dbGroup->joinInner ($this->dbGroupMember,
|
|
array ("idgroup" => "idgroup"))
|
|
->whereAdd ("module", "=", $module);
|
|
$this->dbRight->displayAdd ("MAX(right)", "right")
|
|
->joinInner ($this->dbGroup,
|
|
array ("idgroup" => "idgroup"));
|
|
$resTmp = $this->dbObject->select ()
|
|
->displayAdd ("object", "object")
|
|
->orderAdd ("object", "ASC")
|
|
->joinInner ($this->dbRight,
|
|
array ("idobject" => "idobject"))
|
|
->execute ();
|
|
}
|
|
|
|
$res = array ();
|
|
foreach ($resTmp as $row)
|
|
$res[$row["object"]] = $row["right"];
|
|
// Transform the numerical rights to RO/RW
|
|
foreach ($res as $k => $r)
|
|
{
|
|
switch ($r)
|
|
{
|
|
case "2": $res[$k] = "RW"; break;
|
|
case "1": $res[$k] = "RO"; break;
|
|
case "0": $res[$k] = "NO"; break;
|
|
default:
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Unknown right stored"), 500);
|
|
}
|
|
}
|
|
if (isset ($_SESSION))
|
|
$_SESSION["domframework"]["authzgroups"][$module][$user] = $res;
|
|
$this->rightCache = $res;
|
|
return $res;
|
|
}
|
|
|
|
/** Return the right defined for this user in the module for one object
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
* @param string $object The object to return the rights for the user
|
|
*/
|
|
public function allow ($module, $user, $object)
|
|
{
|
|
$ressource = $this->userrightsget ($module, $user);
|
|
// The complete tree should not be readable for the user : it can have
|
|
// access to a card, but not to all the cards (group -> reject,
|
|
// group/XXX->allow)
|
|
/*// Limit to allowed trees : if a member of the path is not recorded (is
|
|
// unreadable), return NO.
|
|
// Can be the last entry (the complete object) too
|
|
$path = explode ("/", $object);
|
|
$completePath = "/";
|
|
foreach ($path as $k => $p)
|
|
{
|
|
if ($k>1)
|
|
$completePath .= "/";
|
|
$completePath .= "$p";
|
|
if (! isset ($ressource[$completePath]))
|
|
{
|
|
if ($this->debug)
|
|
echo "DEBUG allow : REJECT because $completePath is not found\n";
|
|
return "NO";
|
|
}
|
|
}*/
|
|
if (! isset ($ressource[$object]))
|
|
return "NO";
|
|
return $ressource[$object];
|
|
}
|
|
|
|
/** Return TRUE if the user right allow to see the object (RO or RW)
|
|
* Return a 403 Exception if the user don't have the right
|
|
* Return a 401 Exception if the user is not connected
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
* @param string $object The object to check the rights for the user
|
|
*/
|
|
public function accessRight ($module, $user, $object)
|
|
{
|
|
if ($this->dbObject === null)
|
|
throw new \Exception ("Can't use authzgroups\\accessRight without ".
|
|
"connected database", 500);
|
|
if ($module === null || ! is_string ($module) || trim ($module) === "")
|
|
throw new \Exception ("Module not provided to authzgroups\\accessRight",
|
|
500);
|
|
if ($user === null || ! is_string ($user) || trim ($user) === "")
|
|
throw new \Exception ("User not provided to authzgroups\\accessright",
|
|
500);
|
|
if ($object === null || ! is_string ($object))
|
|
throw new \Exception ("Object not provided to authzgroups\\accessRight",
|
|
500);
|
|
if ($object{0} !== "/")
|
|
$object = "/$object";
|
|
$rc = $this->allow ($module, $user, "$object");
|
|
if ($this->debug)
|
|
trigger_error ("authzgroups : accessRight ('$module','$user','$object')".
|
|
"=$rc", E_USER_NOTICE);
|
|
if ($rc !== "NO")
|
|
return TRUE;
|
|
if ($user === "anonymous")
|
|
throw new \Exception (dgettext ("domframework", "Anonymous not allowed"),
|
|
401);
|
|
throw new \Exception (dgettext ("domframework", "Access forbidden"), 403);
|
|
}
|
|
|
|
/** Return TRUE if the user right allow to edit the object (RW only)
|
|
* Return a 403 Exception if the user don't have the right
|
|
* Return a 401 Exception if the user is not connected
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
* @param string $object The object to check the rights for the user
|
|
*/
|
|
public function accessWrite ($module, $user, $object)
|
|
{
|
|
if ($this->dbObject === null)
|
|
throw new \Exception ("Can't use authzgroups\\accessWrite without ".
|
|
"connected database", 500);
|
|
if ($module === null || ! is_string ($module) || trim ($module) === "")
|
|
throw new \Exception ("Module not provided to authzgroups\\accessWrite",
|
|
500);
|
|
if ($user === null || ! is_string ($user) || trim ($user) === "")
|
|
throw new \Exception ("User not provided to authzgroups\\accessWrite",
|
|
500);
|
|
if ($object === null || ! is_string ($object))
|
|
throw new \Exception ("Object not provided to authzgroups\\accessWrite",
|
|
500);
|
|
if ($object{0} !== "/")
|
|
$object = "/$object";
|
|
$rc = $this->allow ($module, $user, $object);
|
|
if ($this->debug)
|
|
trigger_error ("authzgroups : accessWrite ('$module','$user','$object')".
|
|
"=$rc", E_USER_NOTICE);
|
|
if ($rc === "RW")
|
|
return TRUE;
|
|
if ($user === "anonymous")
|
|
throw new \Exception (dgettext ("domframework", "Anonymous not allowed"),
|
|
401);
|
|
throw new \Exception (dgettext ("domframework", "Modification forbidden"),
|
|
403);
|
|
}
|
|
|
|
/** Return TRUE if the user right allow to see but without modification
|
|
* the object (RO only)
|
|
* Return a 403 Exception if the user don't have the right
|
|
* Return a 401 Exception if the user is not connected
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
* @param string $object The object to check the rights for the user
|
|
*/
|
|
public function accessReadOnly ($module, $user, $object)
|
|
{
|
|
if ($this->dbObject === null)
|
|
throw new \Exception ("Can't use authzgroups\\accessReadOnly without ".
|
|
"connected database", 500);
|
|
if ($module === null || ! is_string ($module) || trim ($module) === "")
|
|
throw new \Exception (
|
|
"Module not provided to authzgroups\\accessReadOnly", 500);
|
|
if ($user === null || ! is_string ($user) || trim ($user) === "")
|
|
throw new \Exception ("User not provided to authzgroups\\accessReadOnly",
|
|
500);
|
|
if ($object === null || ! is_string ($object))
|
|
throw new \Exception (
|
|
"Object not provided to authzgroups\\accessReadOnly", 500);
|
|
if ($object{0} !== "/")
|
|
$object = "/$object";
|
|
$rc = $this->allow ($module, $user, $object);
|
|
if ($this->debug)
|
|
trigger_error ("authzgroups : accessReadOnly ('$module','$user',".
|
|
"'$object')" ."=$rc", E_USER_NOTICE);
|
|
if ($rc === "RO")
|
|
return TRUE;
|
|
if ($user === "anonymous")
|
|
throw new \Exception (dgettext ("domframework", "Anonymous not allowed"),
|
|
401);
|
|
throw new \Exception (dgettext ("domframework", "Access forbidden"), 403);
|
|
}
|
|
|
|
/////////////////////////
|
|
// DATABASE STORAGE //
|
|
/////////////////////////
|
|
/** Connect to the database before using it
|
|
* @param string $dsn The DSN to use to connect to the database
|
|
* @param string|null $username The username to use to connect to the
|
|
* database
|
|
* @param string|null $password The password to use to connect to the
|
|
* database
|
|
* @param array|null $driver_options The options to pass to PDO driver
|
|
*/
|
|
public function connect ($dsn, $username=null, $password=null,
|
|
$driver_options=null)
|
|
{
|
|
$this->dbObject = new dblayeroo ($dsn, $username, $password,
|
|
$driver_options);
|
|
$this->dbObject->debug ($this->debug);
|
|
$this->dbObject->table ("authzobject");
|
|
$this->dbObject->tableprefix ($this->tableprefix);
|
|
$this->dbObject->fields (array (
|
|
"idobject" => array ("integer", "not null", "autoincrement"),
|
|
"module" => array ("varchar(255)", "not null"),
|
|
"object" => array ("varchar(255)", "not null"),
|
|
"comment" => array ("varchar(255)")));
|
|
$this->dbObject->primary ("idobject");
|
|
$this->dbObject->unique (array ("idobject", array ("object", "module")));
|
|
$this->dbObject->titles (array (
|
|
"idobject" => dgettext ("domframework", "idobject"),
|
|
"module" => dgettext ("domframework", "Module"),
|
|
"object" => dgettext ("domframework", "Object"),
|
|
"comment" => dgettext ("domframework", "Comment")));
|
|
|
|
$this->dbGroup = new dblayeroo ($dsn, $username, $password,
|
|
$driver_options);
|
|
$this->dbGroup->debug ($this->debug);
|
|
$this->dbGroup->table ("authzgroup");
|
|
$this->dbGroup->tableprefix ($this->tableprefix);
|
|
$this->dbGroup->fields (array (
|
|
"idgroup" => array ("integer", "not null", "autoincrement"),
|
|
"module" => array ("varchar(255)", "not null"),
|
|
"group" => array ("varchar(255)", "not null"),
|
|
"comment" => array ("varchar(255)")));
|
|
$this->dbGroup->primary ("idgroup");
|
|
$this->dbGroup->unique (array ("idgroup", array ("module","group")));
|
|
$this->dbGroup->titles (array (
|
|
"idgroup" => dgettext ("domframework", "idgroup"),
|
|
"module" => dgettext ("domframework", "Module"),
|
|
"group" => dgettext ("domframework", "Group"),
|
|
"comment" => dgettext ("domframework", "Comment")));
|
|
|
|
$this->dbGroupMember = new dblayeroo ($dsn, $username, $password,
|
|
$driver_options);
|
|
$this->dbGroupMember->debug ($this->debug);
|
|
$this->dbGroupMember->table ("authzgroupmember");
|
|
$this->dbGroupMember->tableprefix ($this->tableprefix);
|
|
$this->dbGroupMember->fields (array (
|
|
"idgroupmember" => array ("integer", "not null", "autoincrement"),
|
|
"user" => array ("varchar(255)", "not null"),
|
|
"idgroup" => array ("integer", "not null"),
|
|
"comment" => array ("varchar(255)")));
|
|
$this->dbGroupMember->primary ("idgroupmember");
|
|
$this->dbGroupMember->unique (array ("idgroupmember",
|
|
array ("user","idgroup")));
|
|
$this->dbGroupMember->foreign (array (
|
|
"idgroup" => array ($this->tableprefix."authzgroup", "idgroup",
|
|
"ON UPDATE CASCADE ON DELETE CASCADE")));
|
|
$this->dbGroupMember->setForeignObj ($this->dbGroup);
|
|
$this->dbGroupMember->titles (array (
|
|
"idgroupmember" => dgettext ("domframework", "idgroupmember"),
|
|
"user" => dgettext ("domframework", "User"),
|
|
"idgroup" => dgettext ("domframework", "idgroup"),
|
|
"comment" => dgettext ("domframework", "Comment")));
|
|
|
|
$this->dbRight = new dblayeroo ($dsn, $username, $password,
|
|
$driver_options);
|
|
$this->dbRight->debug ($this->debug);
|
|
$this->dbRight->table ("authzright");
|
|
$this->dbRight->tableprefix ($this->tableprefix);
|
|
$this->dbRight->fields (array (
|
|
"idright" => array ("integer", "not null", "autoincrement"),
|
|
"idgroup" => array ("integer", "not null"),
|
|
"idobject" => array ("integer", "not null"),
|
|
"right" => array ("varchar(2)", "not null"), // NO, RO,RW
|
|
"comment" => array ("varchar(255)")));
|
|
$this->dbRight->primary ("idright");
|
|
$this->dbRight->unique (array ("idright", array ("idgroup","idobject")));
|
|
$this->dbRight->foreign (array (
|
|
"idgroup" => array ($this->tableprefix."authzgroup", "idgroup",
|
|
"ON UPDATE CASCADE ON DELETE CASCADE"),
|
|
"idobject" => array ($this->tableprefix."authzobject", "idobject",
|
|
"ON UPDATE CASCADE ON DELETE CASCADE"),
|
|
));
|
|
$this->dbRight->setForeignObj ($this->dbGroup);
|
|
$this->dbRight->setForeignObj ($this->dbObject);
|
|
$this->dbRight->titles (array (
|
|
"idright" => dgettext ("domframework", "idright"),
|
|
"idgroup" => dgettext ("domframework", "idgroup"),
|
|
"idobject" => dgettext ("domframework", "idobject"),
|
|
"right" => dgettext ("domframework", "Right"),
|
|
"comment" => dgettext ("domframework", "Comment")));
|
|
return TRUE;
|
|
}
|
|
|
|
/** Disconnect from the database. Should be only used in the unit tests
|
|
*/
|
|
public function disconnect ()
|
|
{
|
|
$this->dbObject->disconnect ();
|
|
}
|
|
|
|
/** Create the tables in the database to store the data
|
|
*/
|
|
public function createTables ()
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
if ($this->dbGroup == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
if ($this->dbGroupMember == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$tables = array ("Object", "Group", "GroupMember", "Right");
|
|
foreach ($tables as $table)
|
|
{
|
|
try
|
|
{
|
|
$class= "db$table";
|
|
$this->$class->createTable ();
|
|
}
|
|
catch (\Exception $e)
|
|
{
|
|
echo $e->getMessage()."\n";
|
|
}
|
|
}
|
|
return TRUE;
|
|
}
|
|
|
|
/** Return true if all the tables are created, false otherwise
|
|
*/
|
|
public function stateTables ()
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$tables = $this->dbObject->listTables ();
|
|
$needed = array ("authzobject", "authzgroup", "authzgroupmember",
|
|
"authzright");
|
|
foreach ($needed as $table)
|
|
{
|
|
if (! in_array ($this->tableprefix.$table, $tables))
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/** Return true if all the tables are deleted, false otherwise
|
|
*/
|
|
public function deleteTables ()
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$tables = $this->dbObject->listTables ();
|
|
$needed = array ("Object", "Group", "GroupMember", "Right");
|
|
$needed = array_reverse ($needed);
|
|
foreach ($needed as $table)
|
|
{
|
|
$class= "db$table";
|
|
$this->$class->dropTable ();
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/////////////////
|
|
// OBJECTS //
|
|
/////////////////
|
|
/** Add a new object to object list
|
|
* Return the idobject created
|
|
* @param string $module The module to use
|
|
* @param string $object The object to create
|
|
* @param string|null $comment The comment to save
|
|
*/
|
|
public function objectAdd ($module, $object, $comment="")
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
// TODO : Check parameters before saving them
|
|
$this->rightCache = null;
|
|
$this->dbObject->clearRequest ();
|
|
return $this->dbObject->insert ()
|
|
->setValues (array ("module" => $module,
|
|
"object" => $object,
|
|
"comment" => $comment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Remove an object from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param string $object The object to delete
|
|
*/
|
|
public function objectDel ($module, $object)
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$idobjects = $this->objectRead ($module, $object);
|
|
if (! isset ($idobjects[0]["idobject"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbObject->clearRequest ();
|
|
return $this->dbObject->delete ()
|
|
->whereAdd ("idobject", "=",
|
|
$idobjects[0]["idobject"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Remove an object from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param integer $idobject The object to delete
|
|
*/
|
|
public function objectDelByID ($module, $idobject)
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$idobjects = $this->objectReadByID ($module, $idobject);
|
|
if (! isset ($idobjects[0]["idobject"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbObject->clearRequest ();
|
|
return $this->dbObject->delete ()
|
|
->whereAdd ("idobject", "=",
|
|
$idobjects[0]["idobject"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Update an object in the database
|
|
* @param string $module The module to use
|
|
* @param string $object The object to update
|
|
* @param string $newobject The new name of the object
|
|
* @param string|null $newcomment The new comment of the object
|
|
*/
|
|
public function objectUpdate ($module, $object, $newobject, $newcomment="")
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$idobjects = $this->objectRead ($module, $object);
|
|
if (! isset ($idobjects[0]["idobject"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbObject->clearRequest ();
|
|
return $this->dbObject->update ()
|
|
->whereAdd ("idobject", "=",
|
|
$idobjects[0]["idobject"])
|
|
->setValues (array ("object" => $newobject,
|
|
"comment" => $newcomment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Update an object in the database
|
|
* @param string $module The module to use
|
|
* @param integer $idobject The object to update
|
|
* @param string $newobject The new name of the object
|
|
* @param string|null $newcomment The new comment of the object
|
|
*/
|
|
public function objectUpdateByID ($module, $idobject, $newobject,
|
|
$newcomment="")
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$idobjects = $this->objectReadByID ($module, $idobject);
|
|
if (! isset ($idobjects[0]["idobject"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbObject->clearRequest ();
|
|
return $this->dbObject->update ()
|
|
->whereAdd ("idobject", "=",
|
|
$idobjects[0]["idobject"])
|
|
->setValues (array ("object" => $newobject,
|
|
"comment" => $newcomment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array with all the available objects in the module, or only
|
|
* one object if $object is provided
|
|
* @param string $module The module to use
|
|
* @param string $object The name of the object to get
|
|
*/
|
|
public function objectRead ($module, $object=null)
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$this->dbObject->clearRequest ();
|
|
if ($object !== null)
|
|
$this->dbObject->whereAdd ("object", "=", $object);
|
|
return $this->dbObject->select ()
|
|
->whereAdd ("module", "=", $module)
|
|
->orderAdd ("object","ASC")
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array with all the available objects in the module, or only
|
|
* one object if $object is provided
|
|
* @param string $module The module to use
|
|
* @param integer $idobject The name of the object to get
|
|
*/
|
|
public function objectReadByID ($module, $idobject=null)
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$this->dbObject->clearRequest ();
|
|
if ($idobject !== null)
|
|
$this->dbObject->whereAdd ("idobject", "=", $idobject);
|
|
return $this->dbObject->select ()
|
|
->whereAdd ("module", "=", $module)
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array containing the titles of the table translating in the user
|
|
* language
|
|
*/
|
|
public function objectTitles ()
|
|
{
|
|
return $this->dbObject->titles ();
|
|
}
|
|
|
|
/** Check if the provided data are compliant with the object specification
|
|
* @param array $data The name of the object to get
|
|
* @param integer|null $idobject The object to check
|
|
* @return array The errors found in the data
|
|
*/
|
|
public function objectVerify ($data, $idobject=false)
|
|
{
|
|
return $this->dbObject->verify ($data, $idobject);
|
|
}
|
|
|
|
////////////////
|
|
// GROUPS //
|
|
////////////////
|
|
/** Add a new group to group list
|
|
* Return the idgroup created
|
|
* @param string $module The module to use
|
|
* @param string $group The group to create
|
|
* @param string|null $comment The comment to add with the group
|
|
*/
|
|
public function groupAdd ($module, $group, $comment="")
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$this->dbGroup->clearRequest ();
|
|
// TODO : Check parameters before saving them
|
|
return $this->dbGroup->insert ()
|
|
->setValues (array ("module" => $module,
|
|
"group" => $group,
|
|
"comment" => $comment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Remove an group from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param string $group The group to delete
|
|
*/
|
|
public function groupDel ($module, $group)
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$idgroups = $this->groupRead ($module, $group);
|
|
if (! isset ($idgroups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->dbGroup->clearRequest ();
|
|
return $this->dbGroup->delete ()
|
|
->whereAdd ("idgroup", "=", $idgroups[0]["idgroup"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Remove an group from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to delete
|
|
*/
|
|
public function groupDelByID ($module, $idgroup)
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$idgroups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($idgroups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->dbGroup->clearRequest ();
|
|
return $this->dbGroup->delete ()
|
|
->whereAdd ("idgroup", "=", $idgroups[0]["idgroup"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Update an group in the database
|
|
* @param string $module The module to use
|
|
* @param string $group The group to update
|
|
* @param string $newgroup The new group name
|
|
* @param string|null $comment The comment for the group
|
|
*/
|
|
public function groupUpdate ($module, $group, $newgroup, $comment="")
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$idgroups = $this->groupRead ($module, $group);
|
|
if (! isset ($idgroups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->dbGroup->clearRequest ();
|
|
return $this->dbGroup->update ()
|
|
->whereAdd ("idgroup", "=", $idgroups[0]["idgroup"])
|
|
->setValues (array ("group" => $newgroup,
|
|
"comment" => $comment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Update an group in the database
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to update
|
|
* @param string $newgroup The new group name
|
|
* @param string|null $comment The comment for the group
|
|
*/
|
|
public function groupUpdateByID ($module, $idgroup, $newgroup, $comment="")
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$idgroups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($idgroups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->dbGroup->clearRequest ();
|
|
return $this->dbGroup->update ()
|
|
->whereAdd ("idgroup", "=", $idgroups[0]["idgroup"])
|
|
->setValues (array ("group" => $newgroup,
|
|
"comment" => $comment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array with all the available groups in the module
|
|
* @param string $module The module to use
|
|
* @param string|null $group The group to check if exists
|
|
*/
|
|
public function groupRead ($module, $group=null)
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$this->dbGroup->clearRequest ();
|
|
if ($group !== null)
|
|
$this->dbGroup->whereAdd ("group", "=", $group);
|
|
return $this->dbGroup->select ()
|
|
->whereAdd ("module", "=", $module)
|
|
->orderAdd ("group", "ASC")
|
|
->execute ();
|
|
}
|
|
|
|
|
|
/** Return an array with all the available groups in the module
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to check if exists
|
|
*/
|
|
public function groupReadByID ($module, $idgroup)
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$this->dbGroup->clearRequest ();
|
|
return $this->dbGroup->select ()
|
|
->whereAdd ("module", "=", $module)
|
|
->whereAdd ("idgroup", "=", $idgroup)
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array containing the titles of the table translating in the user
|
|
* language
|
|
*/
|
|
public function groupTitles ()
|
|
{
|
|
return $this->dbGroup->titles ();
|
|
}
|
|
|
|
/** Check if the provided data are compilant with the group specification
|
|
* @param array $data The data to check
|
|
* @param integer|null $idgroup The idgroup to check
|
|
* @return array The errors found in the data
|
|
*/
|
|
public function groupVerify ($data, $idgroup=false)
|
|
{
|
|
return $this->dbGroup->verify ($data, $idgroup);
|
|
}
|
|
|
|
//////////////////////
|
|
// GROUP MEMBER //
|
|
//////////////////////
|
|
/** Add a new groupmember to groupmember list
|
|
* Return the idgroupmember created
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $user The user to add in group
|
|
* @param string|null $comment The comment to save
|
|
*/
|
|
public function groupmemberAdd ($module, $group, $user, $comment="")
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbGroupMember->clearRequest ();
|
|
return $this->dbGroupMember->insert ()
|
|
->setValues (array (
|
|
"user" => $user,
|
|
"idgroup" => $groups[0]["idgroup"],
|
|
"comment" => $comment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Remove an groupmember from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $user The user to remove
|
|
*/
|
|
public function groupmemberDel ($module, $group, $user)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->dbGroupMember->clearRequest ();
|
|
$groupsMembers = $this->dbGroupMember->select ()
|
|
->whereAdd ("user", "=", $user)
|
|
->whereAdd ("idgroup", "=",
|
|
$groups[0]["idgroup"])
|
|
->execute ();
|
|
if (! isset ($groupsMembers[0]["idgroupmember"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted GroupMember not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbGroupMember->clearRequest ();
|
|
return $this->dbGroupMember->delete ()
|
|
->whereAdd ("idgroupmember", "=",
|
|
$groupsMembers[0]["idgroupmember"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Remove an groupmember from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to use
|
|
* @param integer $idgroupmember The user to remove
|
|
*/
|
|
public function groupmemberDelByID ($module, $idgroup, $idgroupmember)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->dbGroupMember->clearRequest ();
|
|
$groupsMembers = $this->dbGroupMember->select ()
|
|
->whereAdd ("idgroupmember", "=",
|
|
$idgroupmember)
|
|
->whereAdd ("idgroup", "=", $idgroup)
|
|
->execute ();
|
|
if (! isset ($groupsMembers[0]["idgroupmember"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted GroupMember not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbGroupMember->clearRequest ();
|
|
return $this->dbGroupMember->delete ()
|
|
->whereAdd ("idgroupmember", "=",
|
|
$groupsMembers[0]["idgroupmember"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Update an groupmember in the database
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $user The user to update
|
|
* @param string|null $comment The comment to update
|
|
*/
|
|
public function groupmemberUpdate ($module, $group, $user, $comment="")
|
|
{
|
|
$this->rightCache = null;
|
|
die ("This function is not available : contact us if you need it\n");
|
|
}
|
|
|
|
/** Update an groupmember in the database
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to use
|
|
* @param integer $iduser The user to update
|
|
* @param string $user The new user name
|
|
* @param string|null $comment The comment to update
|
|
*/
|
|
public function groupmemberUpdateByID ($module, $idgroup, $iduser, $user,
|
|
$comment="")
|
|
{
|
|
$data = $this->groupmemberReadUserDataByID ($module, $idgroup, $iduser);
|
|
if (count ($data) === 0)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"IDUser in IDGroup not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbGroupMember->clearRequest ();
|
|
return $this->dbGroupMember->update ()
|
|
->whereAdd ("idgroupmember", "=",
|
|
$data[0]["idgroupmember"])
|
|
->setValues (array ("user" => $user,
|
|
"comment" => $comment))
|
|
->execute ();
|
|
}
|
|
|
|
|
|
/** Return an array with all the groups where the user is in and in the module
|
|
* @param string $module The module to use
|
|
* @param string $user The user to search
|
|
*/
|
|
public function groupmemberReadUser ($module, $user)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$idgrouptmps = $this->groupRead ($module);
|
|
// Create an array with idgroup=>group
|
|
$idgroups = array ();
|
|
foreach ($idgrouptmps as $val)
|
|
$idgroups[$val["idgroup"]] = $val["group"];
|
|
$this->dbGroupMember->clearRequest ();
|
|
$idgroupmembers = $this->dbGroupMember->select ()
|
|
->whereAdd ("user", "=", $user)
|
|
->execute ();
|
|
$res = array ();
|
|
foreach ($idgroupmembers as $idmembers)
|
|
{
|
|
$res[$idmembers["idgroup"]] = $idgroups[$idmembers["idgroup"]];
|
|
}
|
|
return $res;
|
|
}
|
|
|
|
/** Return an array with all the groups where the user is in and in the module
|
|
* @param string $module The module to use
|
|
* @param integer $idgroupmember The user to search
|
|
*/
|
|
public function groupmemberReadUserByID ($module, $idgroupmember)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$idgrouptmps = $this->groupRead ($module);
|
|
// Create an array with idgroup=>group
|
|
$idgroups = array ();
|
|
foreach ($idgrouptmps as $val)
|
|
$idgroups[$val["idgroup"]] = $val["group"];
|
|
$this->dbGroupMember->clearRequest ();
|
|
$this->dbGroupMember->whereAdd ("idgroupmember", "=", $idgroupmember);
|
|
$idgroupmembers = $this->dbGroupMember->select ()->execute ();
|
|
$res = array ();
|
|
foreach ($idgroupmembers as $idmembers)
|
|
{
|
|
$res[$idmembers["idgroup"]] = $idgroups[$idmembers["idgroup"]];
|
|
}
|
|
return $res;
|
|
}
|
|
|
|
/** Return an array with all the available users in the group and in the
|
|
* module
|
|
* @param string $module The module to use
|
|
* @param string $group The group to search
|
|
*/
|
|
public function groupmemberReadGroup ($module, $group)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->dbGroupMember->clearRequest ();
|
|
return $this->dbGroupMember->select ()
|
|
->whereAdd ("idgroup", "=",
|
|
$groups[0]["idgroup"])
|
|
->displayAdd ("user")
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array with all the available users in the group and in the
|
|
* module
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to search
|
|
*/
|
|
public function groupmemberReadGroupByID ($module, $idgroup)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->dbGroupMember->clearRequest ();
|
|
return $this->dbGroupMember->select ()
|
|
->whereAdd ("idgroup", "=",
|
|
$groups[0]["idgroup"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array containing the information of a user in a specific group
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to search
|
|
* @param integer $iduser The user to search
|
|
*/
|
|
public function groupmemberReadUserDataByID ($module, $idgroup, $iduser)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->dbGroupMember->clearRequest ();
|
|
return $this->dbGroupMember->select ()
|
|
->whereAdd ("idgroup", "=",
|
|
$groups[0]["idgroup"])
|
|
->whereAdd ("idgroupmember", "=", $iduser)
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array containing the titles of the table translating in the user
|
|
* language
|
|
*/
|
|
public function groupmembersTitles ()
|
|
{
|
|
return $this->dbGroupMember->titles ();
|
|
}
|
|
|
|
/** Check if the provided data are compilant with the group specification
|
|
* @param array $data The data to check
|
|
* @param integer|null $idgroupmember The group member associated to verify
|
|
* @return array The errors found in the data
|
|
*/
|
|
public function groupmembersVerify ($data, $idgroupmember=false)
|
|
{
|
|
return $this->dbGroupMember->verify ($data, $idgroupmember);
|
|
}
|
|
|
|
////////////////
|
|
// RIGHTS //
|
|
////////////////
|
|
/** Add a new right to right list
|
|
* Return the idright created
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $object The object to use
|
|
* @param string $right The right to add
|
|
* @param string|null $comment The comment to add
|
|
*/
|
|
public function rightAdd ($module, $group, $object, $right, $comment="")
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
switch ($right)
|
|
{
|
|
case "RW": $right=2;break;
|
|
case "RO": $right=1;break;
|
|
// Normally, the NO is not used as the entry should be removed and the user
|
|
// will have the same result. The NO allow to force the value.
|
|
case "NO": $right=0;break;
|
|
default:
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Unknown right provided (NO/RO/RW only)"),
|
|
500);
|
|
}
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$objects = $this->objectRead ($module, $object);
|
|
if (! isset ($objects[0]["idobject"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->insert ()
|
|
->setValues (array (
|
|
"idgroup" => $groups[0]["idgroup"],
|
|
"idobject" => $objects[0]["idobject"],
|
|
"right" => $right,
|
|
"comment" => $comment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Add a new right to right list by ID
|
|
* Return the idright created
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to use
|
|
* @param integer $idobject The object to use
|
|
* @param integer $idright The right to add
|
|
* @param string|null $comment The comment to add
|
|
*/
|
|
public function rightAddByID ($module, $idgroup, $idobject, $idright,
|
|
$comment="")
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
switch ($idright)
|
|
{
|
|
case "2": $right=2;break;
|
|
case "1": $right=1;break;
|
|
case "0": $right=0;break;
|
|
default:
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Unknown right provided (0/1/2 only)"),
|
|
500);
|
|
}
|
|
$groups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$objects = $this->objectReadByID ($module, $idobject);
|
|
if (! isset ($objects[0]["idobject"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->insert ()
|
|
->setValues (array (
|
|
"idgroup" => $groups[0]["idgroup"],
|
|
"idobject" => $objects[0]["idobject"],
|
|
"right" => $right,
|
|
"comment" => $comment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Remove an right from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $object The object to remove the rights
|
|
*/
|
|
public function rightDel ($module, $group, $object)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$idrights = $this->rightRead ($module, $group, $object);
|
|
if (!isset ($idrights[0]["idright"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted right not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->delete ()
|
|
->whereAdd ("idright", "=", $idrights[0]["idright"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Remove an right from database by ID and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param integer $idright The idright to be deleted
|
|
*/
|
|
public function rightDelByID ($module, $idright)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$idrights = $this->rightReadByID ($module, $idright);
|
|
if (!isset ($idrights[0]["idright"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted right not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->delete ()
|
|
->whereAdd ("idright", "=", $idrights[0]["idright"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Update a right in the database
|
|
* @param string $module The module to use
|
|
* @param string $group The group to update the right
|
|
* @param string $object The object ot update the right
|
|
* @param string $newright The new right to save
|
|
* @param string|null $newcomment The new comment to save
|
|
*/
|
|
public function rightUpdate ($module, $group, $object, $newright,
|
|
$newcomment="")
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
switch ($newright)
|
|
{
|
|
case "RW": $newright=2;break;
|
|
case "RO": $newright=1;break;
|
|
case "NO": $newright=0;break;
|
|
default:
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Unknown right provided (NO/RO/RW only)"),
|
|
500);
|
|
}
|
|
$idrights = $this->rightRead ($module, $group, $object);
|
|
if (!isset ($idrights[0]["idright"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted right not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->update ()
|
|
->whereAdd ("idright", "=", $idrights[0]["idright"])
|
|
->setValues (array ("right" => $newright,
|
|
"comment" => $newcomment))
|
|
->execute ();
|
|
}
|
|
|
|
/** Update a right by ID in the database
|
|
* @param string $module The module to use
|
|
* @param integer $idright The idright to update the right
|
|
* @param integer $newidobject The object ot update the right
|
|
* @param integer $newright The new right to save
|
|
* @param string|null $newcomment The new comment to save
|
|
*/
|
|
public function rightUpdateByID ($module, $idright, $newidobject, $newright,
|
|
$newcomment="")
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
switch ($newright)
|
|
{
|
|
case "2": $newright=2;break;
|
|
case "1": $newright=1;break;
|
|
case "0": $newright=0;break;
|
|
default:
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Unknown right provided (0/1/2 only)"),
|
|
500);
|
|
}
|
|
$idrights = $this->rightReadByID ($module, $idright);
|
|
if (!isset ($idrights[0]["idright"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted right not found"), 404);
|
|
$this->rightCache = null;
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->update ()
|
|
->whereAdd ("idright", "=", $idrights[0]["idright"])
|
|
->setValues (array ("idobject" => $newidobject,
|
|
"right" => $newright,
|
|
"comment" => $newcomment))
|
|
->execute ();
|
|
}
|
|
|
|
|
|
/** Return an array with all the available rights in the module, for a group,
|
|
* and concerning an object
|
|
* @param string $module The module to use
|
|
* @param string $group The group to get the rights
|
|
* @param string $object The object to get the rights
|
|
*/
|
|
public function rightRead ($module, $group, $object)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$objects = $this->objectRead ($module, $object);
|
|
if (! isset ($objects[0]["idobject"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->select ()
|
|
->whereAdd ("idgroup", "=", $groups[0]["idgroup"])
|
|
->whereAdd ("idobject", "=", $objects[0]["idobject"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array with all the available rights for a module and a group
|
|
* @param string $module The module to use
|
|
* @param string $group The group to get the rights
|
|
*/
|
|
public function rightReadByGroup ($module, $group)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
return $this->rightReadByGroupByID ($module, $objects[0]["idgroup"]);
|
|
}
|
|
|
|
/** Return an array with all the available rights for a module and a group
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to get the rights
|
|
*/
|
|
public function rightReadByGroupByID ($module, $idgroup)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->select ()
|
|
->whereAdd ("idgroup", "=", $idgroup)
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array with all the information concerning a right selected by
|
|
* @param string $module The module to use
|
|
* @param integer $idright The right to search
|
|
* ID
|
|
*/
|
|
public function rightReadByID ($module, $idright)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->select ()
|
|
->whereAdd ("idright", "=", $idright)
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array with all the available rights for a module and an object
|
|
* @param string $module The module to use
|
|
* @param string $object The object to search
|
|
*/
|
|
public function rightReadByObject ($module, $object)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$objects = $this->objectRead ($module, $object);
|
|
if (! isset ($objects[0]["idobject"]))
|
|
throw new \Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->select ()
|
|
->whereAdd ("idobject", "=", $objects[0]["idobject"])
|
|
->execute ();
|
|
}
|
|
|
|
/** Return an array with all the available rights for a module and an idobject
|
|
* @param string $module The module to use
|
|
* @param integer $idobject The object to search
|
|
*/
|
|
public function rightReadByObjectByID ($module, $idobject)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new \Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$this->dbRight->clearRequest ();
|
|
return $this->dbRight->select ()
|
|
->whereAdd ("idobject", "=", $idobject)
|
|
->execute ();
|
|
}
|
|
|
|
|
|
/** Return an array containing the titles of the table translating in the user
|
|
* language
|
|
*/
|
|
public function rightTitles ()
|
|
{
|
|
return $this->dbRight->titles ();
|
|
}
|
|
|
|
/** Return all the types of rights available (RO and RW)
|
|
*/
|
|
public function rightTypes ()
|
|
{
|
|
return array ("0" => "NO", "1" => "RO", "2" => "RW");
|
|
}
|
|
|
|
/** Check if the provided data are compilant with the group specification
|
|
* @param array $data The data of the right to check
|
|
* @param integer $idright The right to search
|
|
* @return array The errors found in the data
|
|
*/
|
|
public function rightVerify ($data, $idright=false)
|
|
{
|
|
return $this->dbRight->verify ($data, $idright);
|
|
}
|
|
}
|