Dominique Fournier
b55ea95fae
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@3279 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
1233 lines
50 KiB
PHP
1233 lines
50 KiB
PHP
<?php
|
|
/** DomFramework
|
|
@package domframework
|
|
@author Dominique Fournier <dominique@fournier38.fr> */
|
|
|
|
require_once ("domframework/dblayer.php");
|
|
|
|
/** All the needed functions to authorize or deny access to an authenticated
|
|
user by its groups membership */
|
|
class authzgroups
|
|
{
|
|
/** The table prefix to use */
|
|
public $tableprefix = "";
|
|
/** The dblayer object use to manage the Object table */
|
|
private $dbObject = null;
|
|
/** The dblayer object use to manage the Group table */
|
|
private $dbGroup = null;
|
|
/** The dblayer object use to manage the GroupMember table */
|
|
private $dbGroupMember = null;
|
|
/** The dblayer object use to manage the Right table */
|
|
private $dbRight = null;
|
|
/** Set the debug level */
|
|
public $debug = 0;
|
|
/** A local cache of the rights if multiple tests are needed */
|
|
private $rightCache = null;
|
|
|
|
/////////////////////
|
|
// USER RIGHTS //
|
|
/////////////////////
|
|
/** Return an array with all the rights of the user in the module.
|
|
* Cache this information to be quicker with next requests
|
|
* Remove the entries where path is not at least readable
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
*/
|
|
public function userrightsget ($module, $user)
|
|
{
|
|
// if (isset ($_SESSION["domframework"]["authzgroups"][$module][$user]))
|
|
// return $_SESSION["domframework"]["authzgroups"][$module][$user];
|
|
if ($this->rightCache !== null)
|
|
return $this->rightCache;
|
|
if ($this->dbObject == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
// Do the SQL request in hard to be more performant on jointures
|
|
if ($user === "cli" || $user === "root")
|
|
{
|
|
$req = "SELECT o.object,'2' AS right
|
|
FROM ".$this->tableprefix."authzobject AS o
|
|
WHERE o.module=:module";
|
|
}
|
|
else
|
|
{
|
|
$req = "SELECT o.object,MAX(r.right) AS \"right\"
|
|
FROM ".$this->tableprefix."authzright AS r,
|
|
".$this->tableprefix."authzobject AS o,
|
|
".$this->tableprefix."authzgroup AS g,
|
|
".$this->tableprefix."authzgroupmember AS gm
|
|
WHERE r.idgroup=g.idgroup AND r.idobject=o.idobject AND
|
|
gm.idgroup=g.idgroup
|
|
AND gm.user=:user AND g.module=:module
|
|
GROUP BY o.object
|
|
ORDER BY o.object";
|
|
}
|
|
|
|
if ($this->debug) echo "$req\n";
|
|
try
|
|
{
|
|
$st = $this->dbObject->prepare ($req);
|
|
}
|
|
catch (Exception $e)
|
|
{
|
|
if ($this->dbObject->debug) echo "DEBUG : PREPARE ERROR ! Return FALSE".
|
|
$e->getMessage()."\n";
|
|
throw new Exception ($e->getMessage(), 500);
|
|
}
|
|
|
|
if ($user !== "cli" && $user !== "root")
|
|
$st->bindValue (":user", $user);
|
|
$st->bindValue (":module", $module);
|
|
try
|
|
{
|
|
$rc = $st->execute ();
|
|
if ($rc === false)
|
|
throw new Exception ("Can't execute SQL request", 500);
|
|
}
|
|
catch (Exception $e)
|
|
{
|
|
if ($this->dbObject->debug) echo "DEBUG : EXECUTE ERROR ! Return FALSE".
|
|
$e->getMessage()."\n";
|
|
throw new Exception ($e->getMessage(), 500);
|
|
}
|
|
$res = array ();
|
|
while ($d = $st->fetch (PDO::FETCH_ASSOC))
|
|
$res[$d["object"]] = $d["right"];
|
|
// Transform the numerical rights to RO/RW
|
|
foreach ($res as $k=>$r)
|
|
{
|
|
switch ($r)
|
|
{
|
|
case "2": $res[$k] = "RW"; break;
|
|
case "1": $res[$k] = "RO"; break;
|
|
default:
|
|
throw new Exception (dgettext ("domframework",
|
|
"Unknown right stored"), 500);
|
|
}
|
|
}
|
|
if (isset ($_SESSION))
|
|
$_SESSION["domframework"]["authzgroups"][$module][$user] = $res;
|
|
$this->rightCache = $res;
|
|
return $res;
|
|
}
|
|
|
|
/** Return the right defined for this user in the module for one object
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
* @param string $object The object to return the rights for the user
|
|
*/
|
|
public function allow ($module, $user, $object)
|
|
{
|
|
$ressource = $this->userrightsget ($module, $user);
|
|
// The complete tree should not be readable for the user : it can have
|
|
// access to a card, but not to all the cards (group -> reject,
|
|
// group/XXX->allow)
|
|
/*// Limit to allowed trees : if a member of the path is not recorded (is
|
|
// unreadable), return NO.
|
|
// Can be the last entry (the complete object) too
|
|
$path = explode ("/", $object);
|
|
$completePath = "/";
|
|
foreach ($path as $k=>$p)
|
|
{
|
|
if ($k>1)
|
|
$completePath .= "/";
|
|
$completePath .= "$p";
|
|
if (! isset ($ressource[$completePath]))
|
|
{
|
|
if ($this->debug)
|
|
echo "DEBUG allow : REJECT because $completePath is not found\n";
|
|
return "NO";
|
|
}
|
|
}*/
|
|
if (! isset ($ressource[$object]))
|
|
return "NO";
|
|
return $ressource[$object];
|
|
}
|
|
|
|
/** Return TRUE if the user right allow to see the object (RO or RW)
|
|
* Return a 403 Exception if the user don't have the right
|
|
* Return a 401 Exception if the user is not connected
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
* @param string $object The object to check the rights for the user
|
|
*/
|
|
public function accessRight ($module, $user, $object)
|
|
{
|
|
if ($this->dbObject === null)
|
|
throw new Exception ("Can't use authzgroups\\accessRight without ".
|
|
"connected database", 500);
|
|
if ($module === null || ! is_string ($module) || trim ($module) === "")
|
|
throw new Exception ("Module not provided to authzgroups\\accessRight",
|
|
500);
|
|
if ($user === null || ! is_string ($user) || trim ($user) === "")
|
|
throw new Exception ("User not provided to authzgroups\\accessright",
|
|
500);
|
|
if ($object === null || ! is_string ($object))
|
|
throw new Exception ("Object not provided to authzgroups\\accessRight",
|
|
500);
|
|
if ($object{0} !== "/")
|
|
$object = "/$object";
|
|
$rc = $this->allow ($module, $user, "$object");
|
|
if ($this->debug)
|
|
trigger_error ("authzgroups : accessRight ('$module','$user','$object')".
|
|
"=$rc", E_USER_NOTICE);
|
|
if ($rc !== "NO")
|
|
return TRUE;
|
|
if ($user === "anonymous")
|
|
throw new Exception (dgettext("domframework", "Anonymous not allowed"),
|
|
401);
|
|
throw new Exception (dgettext("domframework", "Access forbidden"), 403);
|
|
}
|
|
|
|
/** Return TRUE if the user right allow to edit the object (RW only)
|
|
* Return a 403 Exception if the user don't have the right
|
|
* Return a 401 Exception if the user is not connected
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
* @param string $object The object to check the rights for the user
|
|
*/
|
|
public function accessWrite ($module, $user, $object)
|
|
{
|
|
if ($this->dbObject === null)
|
|
throw new Exception ("Can't use authzgroups\\accessWrite without ".
|
|
"connected database", 500);
|
|
if ($module === null || ! is_string ($module) || trim ($module) === "")
|
|
throw new Exception ("Module not provided to authzgroups\\accessWrite",
|
|
500);
|
|
if ($user === null || ! is_string ($user) || trim ($user) === "")
|
|
throw new Exception ("User not provided to authzgroups\\accessWrite",
|
|
500);
|
|
if ($object === null || ! is_string ($object))
|
|
throw new Exception ("Object not provided to authzgroups\\accessWrite",
|
|
500);
|
|
if ($object{0} !== "/")
|
|
$object = "/$object";
|
|
$rc = $this->allow ($module, $user, $object);
|
|
if ($this->debug)
|
|
trigger_error ("authzgroups : accessWrite ('$module','$user','$object')".
|
|
"=$rc", E_USER_NOTICE);
|
|
if ($rc === "RW")
|
|
return TRUE;
|
|
if ($user === "anonymous")
|
|
throw new Exception (dgettext("domframework", "Anonymous not allowed"),
|
|
401);
|
|
throw new Exception (dgettext("domframework", "Modification forbidden"),
|
|
403);
|
|
}
|
|
|
|
/** Return TRUE if the user right allow to see but without modification
|
|
* the object (RO only)
|
|
* Return a 403 Exception if the user don't have the right
|
|
* Return a 401 Exception if the user is not connected
|
|
* @param string $module The module to use
|
|
* @param string $user The user to get the rights
|
|
* @param string $object The object to check the rights for the user
|
|
*/
|
|
public function accessReadOnly ($module, $user, $object)
|
|
{
|
|
if ($this->dbObject === null)
|
|
throw new Exception ("Can't use authzgroups\\accessReadOnly without ".
|
|
"connected database", 500);
|
|
if ($module === null || ! is_string ($module) || trim ($module) === "")
|
|
throw new Exception ("Module not provided to authzgroups\\accessReadOnly",
|
|
500);
|
|
if ($user === null || ! is_string ($user) || trim ($user) === "")
|
|
throw new Exception ("User not provided to authzgroups\\accessReadOnly",
|
|
500);
|
|
if ($object === null || ! is_string ($object))
|
|
throw new Exception ("Object not provided to authzgroups\\accessReadOnly",
|
|
500);
|
|
if ($object{0} !== "/")
|
|
$object = "/$object";
|
|
$rc = $this->allow ($module, $user, $object);
|
|
if ($this->debug)
|
|
trigger_error ("authzgroups : accessReadOnly ('$module','$user',".
|
|
"'$object')" ."=$rc", E_USER_NOTICE);
|
|
if ($rc === "RO")
|
|
return TRUE;
|
|
if ($user === "anonymous")
|
|
throw new Exception (dgettext("domframework", "Anonymous not allowed"),
|
|
401);
|
|
throw new Exception (dgettext("domframework", "Access forbidden"), 403);
|
|
}
|
|
|
|
/////////////////////////
|
|
// DATABASE STORAGE //
|
|
/////////////////////////
|
|
/** Connect to the database before using it
|
|
* @param string $dsn The DSN to use to connect to the database
|
|
* @param string|null $username The username to use to connect to the
|
|
* database
|
|
* @param string|null $password The password to use to connect to the
|
|
* database
|
|
* @param array|null $driver_options The options to pass to PDO driver
|
|
*/
|
|
public function connect ($dsn, $username=null, $password=null,
|
|
$driver_options=null)
|
|
{
|
|
$this->dbObject = new dblayer ($dsn, $username, $password, $driver_options);
|
|
$this->dbObject->debug = $this->debug;
|
|
$this->dbObject->table = "authzobject";
|
|
$this->dbObject->prefix = $this->tableprefix;
|
|
$this->dbObject->fields = array (
|
|
"idobject"=>array ("integer", "not null", "autoincrement"),
|
|
"module"=> array ("varchar", "255", "not null"),
|
|
"object"=> array ("varchar", "255", "not null"),
|
|
"comment"=> array ("varchar", "255"));
|
|
$this->dbObject->primary = "idobject";
|
|
$this->dbObject->unique = array ("idobject", array ("object", "module"));
|
|
$this->dbObject->titles = array ("idobject"=>dgettext("domframework",
|
|
"idobject"),
|
|
"module"=>dgettext("domframework",
|
|
"Module"),
|
|
"object"=>dgettext("domframework",
|
|
"Object"),
|
|
"comment"=>dgettext("domframework",
|
|
"Comment"));
|
|
|
|
$this->dbGroup = new dblayer ($dsn, $username, $password, $driver_options);
|
|
$this->dbGroup->debug = $this->debug;
|
|
$this->dbGroup->table = "authzgroup";
|
|
$this->dbGroup->prefix = $this->tableprefix;
|
|
$this->dbGroup->fields = array (
|
|
"idgroup"=>array ("integer", "not null", "autoincrement"),
|
|
"module"=> array ("varchar", "255", "not null"),
|
|
"group"=> array ("varchar", "255", "not null"),
|
|
"comment"=>array ("varchar", "255"));
|
|
$this->dbGroup->primary = "idgroup";
|
|
$this->dbGroup->unique = array ("idgroup", array ("module","group"));
|
|
$this->dbGroup->titles = array ("idgroup"=>dgettext("domframework",
|
|
"idgroup"),
|
|
"module"=>dgettext("domframework",
|
|
"Module"),
|
|
"group"=>dgettext("domframework",
|
|
"Group"),
|
|
"comment"=>dgettext("domframework",
|
|
"Comment"));
|
|
|
|
$this->dbGroupMember = new dblayer ($dsn, $username, $password,
|
|
$driver_options);
|
|
$this->dbGroupMember->debug = $this->debug;
|
|
$this->dbGroupMember->table = "authzgroupmember";
|
|
$this->dbGroupMember->prefix = $this->tableprefix;
|
|
$this->dbGroupMember->fields = array (
|
|
"idgroupmember"=>array ("integer", "not null", "autoincrement"),
|
|
"user"=> array ("varchar", "255", "not null"),
|
|
"idgroup"=> array ("integer", "not null"),
|
|
"comment"=> array ("varchar", "255"));
|
|
$this->dbGroupMember->primary = "idgroupmember";
|
|
$this->dbGroupMember->unique = array ("idgroupmember",
|
|
array ("user","idgroup"));
|
|
$this->dbGroupMember->foreign = array (
|
|
"idgroup"=>array ("authzgroup", "idgroup",
|
|
"ON UPDATE CASCADE ON DELETE CASCADE"));
|
|
$this->dbGroupMember->titles = array ("idgroupmember"=>
|
|
dgettext("domframework",
|
|
"idgroupmember"),
|
|
"user"=>dgettext("domframework",
|
|
"User"),
|
|
"idgroup"=>dgettext("domframework",
|
|
"idgroup"),
|
|
"comment"=>dgettext("domframework",
|
|
"Comment"));
|
|
|
|
$this->dbRight = new dblayer ($dsn, $username, $password, $driver_options);
|
|
$this->dbRight->debug = $this->debug;
|
|
$this->dbRight->table = "authzright";
|
|
$this->dbRight->prefix = $this->tableprefix;
|
|
$this->dbRight->fields = array (
|
|
"idright"=> array ("integer", "not null", "autoincrement"),
|
|
"idgroup"=> array ("integer", "not null"),
|
|
"idobject"=>array ("integer", "not null"),
|
|
"right"=> array ("varchar", "2", "not null"), // RO,RW
|
|
"comment"=> array ("varchar", "255"));
|
|
$this->dbRight->primary = "idright";
|
|
$this->dbRight->unique = array ("idright", array ("idgroup","idobject"));
|
|
$this->dbRight->foreign = array (
|
|
"idgroup"=> array ("authzgroup", "idgroup",
|
|
"ON UPDATE CASCADE ON DELETE CASCADE"),
|
|
"idobject"=>array ("authzobject", "idobject",
|
|
"ON UPDATE CASCADE ON DELETE CASCADE"),
|
|
);
|
|
$this->dbRight->titles = array ("idright"=>dgettext("domframework",
|
|
"idright"),
|
|
"idgroup"=>dgettext("domframework",
|
|
"idgroup"),
|
|
"idobject"=>dgettext("domframework",
|
|
"idobject"),
|
|
"right"=>dgettext("domframework", "Right"),
|
|
"comment"=>dgettext("domframework",
|
|
"Comment"));
|
|
return TRUE;
|
|
}
|
|
|
|
/** Disconnect from the database. Should be only used in the unit tests
|
|
*/
|
|
public function disconnect ()
|
|
{
|
|
$this->dbObject->disconnect ();
|
|
}
|
|
|
|
/** Create the tables in the database to store the data
|
|
*/
|
|
public function createTables ()
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
if ($this->dbGroup == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
if ($this->dbGroupMember == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$tables = array ("Object", "Group", "GroupMember", "Right");
|
|
foreach ($tables as $table)
|
|
{
|
|
try
|
|
{
|
|
$class= "db$table";
|
|
$this->$class->createTable ();
|
|
}
|
|
catch (Exception $e)
|
|
{
|
|
echo $e->getMessage()."\n";
|
|
}
|
|
}
|
|
return TRUE;
|
|
}
|
|
|
|
/////////////////
|
|
// OBJECTS //
|
|
/////////////////
|
|
/** Add a new object to object list
|
|
* Return the idobject created
|
|
* @param string $module The module to use
|
|
* @param string $object The object to create
|
|
* @param string|null $comment The comment to save
|
|
*/
|
|
public function objectAdd ($module, $object, $comment="")
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
// TODO : Check parameters before saving them
|
|
$this->rightCache = null;
|
|
return $this->dbObject->insert (array ("module"=>$module,
|
|
"object"=>$object,
|
|
"comment"=>$comment));
|
|
}
|
|
|
|
/** Remove an object from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param string $object The object to delete
|
|
*/
|
|
public function objectDel ($module, $object)
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$idobjects = $this->objectRead ($module, $object);
|
|
if (! isset ($idobjects[0]["idobject"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbObject->delete ($idobjects[0]["idobject"]);
|
|
}
|
|
|
|
/** Remove an object from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param integer $idobject The object to delete
|
|
*/
|
|
public function objectDelByID ($module, $idobject)
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$idobjects = $this->objectReadByID ($module, $idobject);
|
|
if (! isset ($idobjects[0]["idobject"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbObject->delete ($idobjects[0]["idobject"]);
|
|
}
|
|
|
|
/** Update an object in the database
|
|
* @param string $module The module to use
|
|
* @param string $object The object to update
|
|
* @param string $newobject The new name of the object
|
|
* @param string|null $newcomment The new comment of the object
|
|
*/
|
|
public function objectUpdate ($module, $object, $newobject, $newcomment="")
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$idobjects = $this->objectRead ($module, $object);
|
|
if (! isset ($idobjects[0]["idobject"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbObject->update ($idobjects[0]["idobject"],
|
|
array ("object"=>$newobject,
|
|
"comment"=>$newcomment));
|
|
}
|
|
|
|
/** Update an object in the database
|
|
* @param string $module The module to use
|
|
* @param integer $idobject The object to update
|
|
* @param string $newobject The new name of the object
|
|
* @param string|null $newcomment The new comment of the object
|
|
*/
|
|
public function objectUpdateByID ($module, $idobject, $newobject,
|
|
$newcomment="")
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$idobjects = $this->objectReadByID ($module, $idobject);
|
|
if (! isset ($idobjects[0]["idobject"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbObject->update ($idobjects[0]["idobject"],
|
|
array ("object"=>$newobject,
|
|
"comment"=>$newcomment));
|
|
}
|
|
|
|
/** Return an array with all the available objects in the module, or only
|
|
* one object if $object is provided
|
|
* @param string $module The module to use
|
|
* @param string $object The name of the object to get
|
|
*/
|
|
public function objectRead ($module, $object=null)
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$select[] = array ("module", $module);
|
|
if ($object !== null)
|
|
$select[] = array ("object", $object);
|
|
return $this->dbObject->read ($select, null, array(array("object","ASC")));
|
|
}
|
|
|
|
/** Return an array with all the available objects in the module, or only
|
|
* one object if $object is provided
|
|
* @param string $module The module to use
|
|
* @param integer $idobject The name of the object to get
|
|
*/
|
|
public function objectReadByID ($module, $idobject=null)
|
|
{
|
|
if ($this->dbObject == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Object is not connected"), 500);
|
|
$select[] = array ("module", $module);
|
|
if ($idobject !== null)
|
|
$select[] = array ("idobject", $idobject);
|
|
return $this->dbObject->read ($select);
|
|
}
|
|
|
|
/** Return an array containing the titles of the table translating in the user
|
|
* language
|
|
*/
|
|
public function objectTitles ()
|
|
{
|
|
return $this->dbObject->titles;
|
|
}
|
|
|
|
/** Check if the provided data are compliant with the object specification
|
|
* @param array $data The name of the object to get
|
|
* @param integer|null $idobject The object to check
|
|
* @return array The errors found in the data
|
|
*/
|
|
public function objectVerify ($data, $idobject=false)
|
|
{
|
|
return $this->dbObject->verify ($data, $idobject);
|
|
}
|
|
|
|
////////////////
|
|
// GROUPS //
|
|
////////////////
|
|
/** Add a new group to group list
|
|
* Return the idgroup created
|
|
* @param string $module The module to use
|
|
* @param string $group The group to create
|
|
* @param string|null $comment The comment to add with the group
|
|
*/
|
|
public function groupAdd ($module, $group, $comment="")
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
// TODO : Check parameters before saving them
|
|
return $this->dbGroup->insert (array ("module"=>$module,
|
|
"group"=>$group,
|
|
"comment"=>$comment));
|
|
}
|
|
|
|
/** Remove an group from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param string $group The group to delete
|
|
*/
|
|
public function groupDel ($module, $group)
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$idgroups = $this->groupRead ($module, $group);
|
|
if (! isset ($idgroups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
return $this->dbGroup->delete ($idgroups[0]["idgroup"]);
|
|
}
|
|
|
|
/** Remove an group from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to delete
|
|
*/
|
|
public function groupDelByID ($module, $idgroup)
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$idgroups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($idgroups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
return $this->dbGroup->delete ($idgroups[0]["idgroup"]);
|
|
}
|
|
|
|
/** Update an group in the database
|
|
* @param string $module The module to use
|
|
* @param string $group The group to update
|
|
* @param string $newgroup The new group name
|
|
* @param string|null $comment The comment for the group
|
|
*/
|
|
public function groupUpdate ($module, $group, $newgroup, $comment="")
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$idgroups = $this->groupRead ($module, $group);
|
|
if (! isset ($idgroups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
return $this->dbGroup->update ($idgroups[0]["idgroup"],
|
|
array ("group"=>$newgroup,
|
|
"comment"=>$comment));
|
|
}
|
|
|
|
/** Update an group in the database
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to update
|
|
* @param string $newgroup The new group name
|
|
* @param string|null $comment The comment for the group
|
|
*/
|
|
public function groupUpdateByID ($module, $idgroup, $newgroup, $comment="")
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$idgroups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($idgroups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
return $this->dbGroup->update ($idgroups[0]["idgroup"],
|
|
array ("group"=>$newgroup,
|
|
"comment"=>$comment));
|
|
}
|
|
|
|
/** Return an array with all the available groups in the module
|
|
* @param string $module The module to use
|
|
* @param string|null $group The group to check if exists
|
|
*/
|
|
public function groupRead ($module, $group=null)
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$select[] = array ("module", $module);
|
|
if ($group !== null)
|
|
$select[] = array ("group", $group);
|
|
return $this->dbGroup->read ($select, null, array (array ("group", "ASC")));
|
|
}
|
|
|
|
|
|
/** Return an array with all the available groups in the module
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to check if exists
|
|
*/
|
|
public function groupReadByID ($module, $idgroup)
|
|
{
|
|
if ($this->dbGroup == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Group is not connected"), 500);
|
|
$select[] = array ("module", $module);
|
|
$select[] = array ("idgroup", $idgroup);
|
|
return $this->dbGroup->read ($select);
|
|
}
|
|
|
|
/** Return an array containing the titles of the table translating in the user
|
|
* language
|
|
*/
|
|
public function groupTitles ()
|
|
{
|
|
return $this->dbGroup->titles;
|
|
}
|
|
|
|
/** Check if the provided data are compilant with the group specification
|
|
* @param array $data The data to check
|
|
* @param integer|null $idgroup The idgroup to check
|
|
* @return array The errors found in the data
|
|
*/
|
|
public function groupVerify ($data, $idgroup=false)
|
|
{
|
|
return $this->dbGroup->verify ($data, $idgroup);
|
|
}
|
|
|
|
//////////////////////
|
|
// GROUP MEMBER //
|
|
//////////////////////
|
|
/** Add a new groupmember to groupmember list
|
|
* Return the idgroupmember created
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $user The user to add in group
|
|
* @param string|null $comment The comment to save
|
|
*/
|
|
public function groupmemberAdd ($module, $group, $user, $comment="")
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbGroupMember->insert (array (
|
|
"user"=>$user,
|
|
"idgroup"=>$groups[0]["idgroup"],
|
|
"comment"=>$comment));
|
|
}
|
|
|
|
/** Remove an groupmember from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $user The user to remove
|
|
*/
|
|
public function groupmemberDel ($module, $group, $user)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$groupsMembers = $this->dbGroupMember->read (array (
|
|
array ("user",$user),
|
|
array ("idgroup",$groups[0]["idgroup"])));
|
|
if (! isset ($groupsMembers[0]["idgroupmember"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted GroupMember not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbGroupMember->delete ($groupsMembers[0]["idgroupmember"]);
|
|
}
|
|
|
|
/** Remove an groupmember from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to use
|
|
* @param integer $idgroupmember The user to remove
|
|
*/
|
|
public function groupmemberDelByID ($module, $idgroup, $idgroupmember)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$groupsMembers = $this->dbGroupMember->read (array (
|
|
array ("idgroupmember",$idgroupmember),
|
|
array ("idgroup",$idgroup)));
|
|
if (! isset ($groupsMembers[0]["idgroupmember"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted GroupMember not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbGroupMember->delete ($groupsMembers[0]["idgroupmember"]);
|
|
}
|
|
|
|
/** Update an groupmember in the database
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $user The user to update
|
|
* @param string|null $comment The comment to update
|
|
*/
|
|
public function groupmemberUpdate ($module, $group, $user, $comment="")
|
|
{
|
|
$this->rightCache = null;
|
|
die ("This function is not available : contact us if you need it\n");
|
|
}
|
|
|
|
/** Update an groupmember in the database
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to use
|
|
* @param integer $iduser The user to update
|
|
* @param string $user The new user name
|
|
* @param string|null $comment The comment to update
|
|
*/
|
|
public function groupmemberUpdateByID ($module, $idgroup, $iduser, $user,
|
|
$comment="")
|
|
{
|
|
$data = $this->groupmemberReadUserDataByID ($module, $idgroup, $iduser);
|
|
if (count ($data) === 0)
|
|
throw new Exception (dgettext ("domframework",
|
|
"IDUser in IDGroup not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbGroupMember->update ($iduser,
|
|
array ("user"=>$user,
|
|
"comment"=>$comment));
|
|
}
|
|
|
|
|
|
/** Return an array with all the groups where the user is in and in the module
|
|
* @param string $module The module to use
|
|
* @param string $user The user to search
|
|
*/
|
|
public function groupmemberReadUser ($module, $user)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$idgrouptmps = $this->groupRead ($module);
|
|
// Create an array with idgroup=>group
|
|
$idgroups = array ();
|
|
foreach ($idgrouptmps as $val)
|
|
$idgroups[$val["idgroup"]] = $val["group"];
|
|
$select = array ();
|
|
$select[] = array ("user", $user);
|
|
$idgroupmembers = $this->dbGroupMember->read ($select);
|
|
$res = array ();
|
|
foreach ($idgroupmembers as $idmembers)
|
|
{
|
|
$res[$idmembers["idgroup"]] = $idgroups[$idmembers["idgroup"]];
|
|
}
|
|
return $res;
|
|
}
|
|
|
|
/** Return an array with all the groups where the user is in and in the module
|
|
* @param string $module The module to use
|
|
* @param integer $idgroupmember The user to search
|
|
*/
|
|
public function groupmemberReadUserByID ($module, $idgroupmember)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$idgrouptmps = $this->groupRead ($module);
|
|
// Create an array with idgroup=>group
|
|
$idgroups = array ();
|
|
foreach ($idgrouptmps as $val)
|
|
$idgroups[$val["idgroup"]] = $val["group"];
|
|
$select = array ();
|
|
$select[] = array ("idgroupmember", $idgroupmember);
|
|
$idgroupmembers = $this->dbGroupMember->read ($select);
|
|
$res = array ();
|
|
foreach ($idgroupmembers as $idmembers)
|
|
{
|
|
$res[$idmembers["idgroup"]] = $idgroups[$idmembers["idgroup"]];
|
|
}
|
|
return $res;
|
|
}
|
|
|
|
/** Return an array with all the available users in the group and in the
|
|
* module
|
|
* @param string $module The module to use
|
|
* @param string $group The group to search
|
|
*/
|
|
public function groupmemberReadGroup ($module, $group)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$select[] = array ("idgroup", $groups[0]["idgroup"]);
|
|
return $this->dbGroupMember->read ($select, array ("user"));
|
|
}
|
|
|
|
/** Return an array with all the available users in the group and in the
|
|
* module
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to search
|
|
*/
|
|
public function groupmemberReadGroupByID ($module, $idgroup)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$select[] = array ("idgroup", $groups[0]["idgroup"]);
|
|
return $this->dbGroupMember->read ($select);
|
|
}
|
|
|
|
/** Return an array containing the information of a user in a specific group
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to search
|
|
* @param integer $iduser The user to search
|
|
*/
|
|
public function groupmemberReadUserDataByID ($module, $idgroup, $iduser)
|
|
{
|
|
if ($this->dbGroupMember == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for GroupMember is not connected"),
|
|
500);
|
|
$groups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$select[] = array ("idgroup", $groups[0]["idgroup"]);
|
|
$select[] = array ("idgroupmember", $iduser);
|
|
return $this->dbGroupMember->read ($select);
|
|
}
|
|
|
|
/** Return an array containing the titles of the table translating in the user
|
|
* language
|
|
*/
|
|
public function groupmembersTitles ()
|
|
{
|
|
return $this->dbGroupMember->titles;
|
|
}
|
|
|
|
/** Check if the provided data are compilant with the group specification
|
|
* @param array $data The data to check
|
|
* @param integer|null $idgroupmember The group member associated to verify
|
|
* @return array The errors found in the data
|
|
*/
|
|
public function groupmembersVerify ($data, $idgroupmember=false)
|
|
{
|
|
return $this->dbGroupMember->verify ($data, $idgroupmember);
|
|
}
|
|
|
|
////////////////
|
|
// RIGHTS //
|
|
////////////////
|
|
/** Add a new right to right list
|
|
* Return the idright created
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $object The object to use
|
|
* @param string $right The right to add
|
|
* @param string|null $comment The comment to add
|
|
*/
|
|
public function rightAdd ($module, $group, $object, $right, $comment="")
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
switch ($right)
|
|
{
|
|
case "RW": $right=2;break;
|
|
case "RO": $right=1;break;
|
|
default:
|
|
throw new Exception (dgettext ("domframework",
|
|
"Unknown right provided (RO/RW only)"),
|
|
500);
|
|
}
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$objects = $this->objectRead ($module, $object);
|
|
if (! isset ($objects[0]["idobject"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbRight->insert (array ("idgroup"=>$groups[0]["idgroup"],
|
|
"idobject"=>$objects[0]["idobject"],
|
|
"right"=>$right,
|
|
"comment"=>$comment));
|
|
}
|
|
|
|
/** Add a new right to right list by ID
|
|
* Return the idright created
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to use
|
|
* @param integer $idobject The object to use
|
|
* @param integer $idright The right to add
|
|
* @param string|null $comment The comment to add
|
|
*/
|
|
public function rightAddByID ($module, $idgroup, $idobject, $idright,
|
|
$comment="")
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
switch ($idright)
|
|
{
|
|
case "2": $right=2;break;
|
|
case "1": $right=1;break;
|
|
default:
|
|
throw new Exception (dgettext ("domframework",
|
|
"Unknown right provided (RO/RW only)"),
|
|
500);
|
|
}
|
|
$groups = $this->groupReadByID ($module, $idgroup);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$objects = $this->objectReadByID ($module, $idobject);
|
|
if (! isset ($objects[0]["idobject"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbRight->insert (array ("idgroup"=>$groups[0]["idgroup"],
|
|
"idobject"=>$objects[0]["idobject"],
|
|
"right"=>$right,
|
|
"comment"=>$comment));
|
|
}
|
|
|
|
/** Remove an right from database and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param string $group The group to use
|
|
* @param string $object The object to remove the rights
|
|
*/
|
|
public function rightDel ($module, $group, $object)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$idrights = $this->rightRead ($module, $group, $object);
|
|
if (!isset ($idrights[0]["idright"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted right not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbRight->delete ($idrights[0]["idright"]);
|
|
}
|
|
|
|
/** Remove an right from database by ID and all the rights using it
|
|
* @param string $module The module to use
|
|
* @param integer $idright The idright to be deleted
|
|
*/
|
|
public function rightDelByID ($module, $idright)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$idrights = $this->rightReadByID ($module, $idright);
|
|
if (!isset ($idrights[0]["idright"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted right not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbRight->delete ($idrights[0]["idright"]);
|
|
}
|
|
|
|
/** Update a right in the database
|
|
* @param string $module The module to use
|
|
* @param string $group The group to update the right
|
|
* @param string $object The object ot update the right
|
|
* @param string $newright The new right to save
|
|
* @param string|null $newcomment The new comment to save
|
|
*/
|
|
public function rightUpdate ($module, $group, $object, $newright,
|
|
$newcomment="")
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
switch ($newright)
|
|
{
|
|
case "RW": $newright=2;break;
|
|
case "RO": $newright=1;break;
|
|
default:
|
|
throw new Exception (dgettext ("domframework",
|
|
"Unknown right provided (RO/RW only)"),
|
|
500);
|
|
}
|
|
$idrights = $this->rightRead ($module, $group, $object);
|
|
if (!isset ($idrights[0]["idright"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted right not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbRight->update ($idrights[0]["idright"],
|
|
array ("right"=>$newright,
|
|
"comment"=>$newcomment));
|
|
}
|
|
|
|
/** Update a right by ID in the database
|
|
* @param string $module The module to use
|
|
* @param integer $idright The idright to update the right
|
|
* @param integer $newidobject The object ot update the right
|
|
* @param integer $newright The new right to save
|
|
* @param string|null $newcomment The new comment to save
|
|
*/
|
|
public function rightUpdateByID ($module, $idright, $newidobject, $newright,
|
|
$newcomment="")
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
switch ($newright)
|
|
{
|
|
case "2": $newright=2;break;
|
|
case "1": $newright=1;break;
|
|
default:
|
|
throw new Exception (dgettext ("domframework",
|
|
"Unknown right provided (RO/RW only)"),
|
|
500);
|
|
}
|
|
$idrights = $this->rightReadByID ($module, $idright);
|
|
if (!isset ($idrights[0]["idright"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted right not found"), 404);
|
|
$this->rightCache = null;
|
|
return $this->dbRight->update ($idrights[0]["idright"],
|
|
array ("idobject"=>$newidobject,
|
|
"right"=>$newright,
|
|
"comment"=>$newcomment));
|
|
}
|
|
|
|
|
|
/** Return an array with all the available rights in the module, for a group,
|
|
* and concerning an object
|
|
* @param string $module The module to use
|
|
* @param string $group The group to get the rights
|
|
* @param string $object The object to get the rights
|
|
*/
|
|
public function rightRead ($module, $group, $object)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
$objects = $this->objectRead ($module, $object);
|
|
if (! isset ($objects[0]["idobject"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$select[] = array ("idgroup",$groups[0]["idgroup"]);
|
|
$select[] = array ("idobject",$objects[0]["idobject"]);
|
|
return $this->dbRight->read ($select);
|
|
}
|
|
|
|
/** Return an array with all the available rights for a module and a group
|
|
* @param string $module The module to use
|
|
* @param string $group The group to get the rights
|
|
*/
|
|
public function rightReadByGroup ($module, $group)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$groups = $this->groupRead ($module, $group);
|
|
if (! isset ($groups[0]["idgroup"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted group not found"), 404);
|
|
return $this->rightReadByGroupByID ($module, $objects[0]["idgroup"]);
|
|
}
|
|
|
|
/** Return an array with all the available rights for a module and a group
|
|
* @param string $module The module to use
|
|
* @param integer $idgroup The group to get the rights
|
|
*/
|
|
public function rightReadByGroupByID ($module, $idgroup)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$select[] = array ("idgroup", $idgroup);
|
|
return $this->dbRight->read ($select);
|
|
}
|
|
|
|
/** Return an array with all the information concerning a right selected by
|
|
* @param string $module The module to use
|
|
* @param integer $idright The right to search
|
|
* ID
|
|
*/
|
|
public function rightReadByID ($module, $idright)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$select[] = array ("idright", $idright);
|
|
return $this->dbRight->read ($select);
|
|
}
|
|
|
|
/** Return an array with all the available rights for a module and an object
|
|
* @param string $module The module to use
|
|
* @param string $object The object to search
|
|
*/
|
|
public function rightReadByObject ($module, $object)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
$objects = $this->objectRead ($module, $object);
|
|
if (! isset ($objects[0]["idobject"]))
|
|
throw new Exception (dgettext ("domframework",
|
|
"Wanted object not found"), 404);
|
|
$select[] = array ("idobject", $objects[0]["idobject"]);
|
|
return $this->dbRight->read ($select);
|
|
}
|
|
|
|
/** Return an array with all the available rights for a module and an idobject
|
|
* @param string $module The module to use
|
|
* @param integer $idobject The object to search
|
|
*/
|
|
public function rightReadByObjectByID ($module, $idobject)
|
|
{
|
|
if ($this->dbRight == null)
|
|
throw new Exception (dgettext ("domframework",
|
|
"DB for Right is not connected"), 500);
|
|
// FIXME : Do not use $module ?
|
|
$select[] = array ("idobject", $idobject);
|
|
return $this->dbRight->read ($select);
|
|
}
|
|
|
|
|
|
/** Return an array containing the titles of the table translating in the user
|
|
* language
|
|
*/
|
|
public function rightTitles ()
|
|
{
|
|
return $this->dbRight->titles;
|
|
}
|
|
|
|
/** Return all the types of rights available (RO and RW)
|
|
*/
|
|
public function rightTypes ()
|
|
{
|
|
return array ("1"=>"RO", "2"=>"RW");
|
|
}
|
|
|
|
/** Check if the provided data are compilant with the group specification
|
|
* @param array $data The data of the right to check
|
|
* @param integer $idright The right to search
|
|
* @return array The errors found in the data
|
|
*/
|
|
public function rightVerify ($data, $idright=false)
|
|
{
|
|
return $this->dbRight->verify ($data, $idright);
|
|
}
|
|
}
|