Example #1
0
 /**
  * Establecer las variables para la consulta de usuarios.
  *
  * @param int $itemId opcional, con el Id del usuario a consultar
  * @return false|array con la lista de usuarios
  */
 public static function getUsers($itemId = null)
 {
     $data = null;
     if (!is_null($itemId)) {
         $query = 'SELECT user_id,' . 'user_name,' . 'user_login,' . 'user_profileId,' . 'user_groupId,' . 'user_email,' . 'user_notes,' . 'BIN(user_isAdminApp) AS user_isAdminApp,' . 'BIN(user_isAdminAcc) AS user_isAdminAcc,' . 'BIN(user_isLdap) AS user_isLdap,' . 'BIN(user_isDisabled) AS user_isDisabled,' . 'BIN(user_isChangePass) AS user_isChangePass,' . 'user_count,' . 'user_lastLogin,' . 'user_lastUpdate, ' . 'FROM_UNIXTIME(user_lastUpdateMPass) as user_lastUpdateMPass ' . 'FROM usrData ' . 'LEFT JOIN usrProfiles ON user_profileId = userprofile_id ' . 'LEFT JOIN usrGroups ON usrData.user_groupId = usergroup_id ' . 'WHERE user_id = :id LIMIT 1';
         $data['id'] = $itemId;
     } else {
         $query = 'SELECT user_id,' . 'user_name,' . 'user_login,' . 'userprofile_name,' . 'usergroup_name,' . 'BIN(user_isAdminApp) AS user_isAdminApp,' . 'BIN(user_isAdminAcc) AS user_isAdminAcc,' . 'BIN(user_isLdap) AS user_isLdap,' . 'BIN(user_isDisabled) AS user_isDisabled,' . 'BIN(user_isChangePass) AS user_isChangePass ' . 'FROM usrData ' . 'LEFT JOIN usrProfiles ON user_profileId = userprofile_id ' . 'LEFT JOIN usrGroups ON usrData.user_groupId = usergroup_id ';
         $query .= !Session::getUserIsAdminApp() ? 'WHERE user_isAdminApp = 0 ORDER BY user_name' : 'ORDER BY user_name';
     }
     DB::setReturnArray();
     return DB::getResults($query, __FUNCTION__, $data);
 }
Example #2
0
 /**
  * Obtiene el número de cuentas que un usuario puede ver.
  *
  * @return false|int con el número de registros
  */
 public function getAccountMax()
 {
     $data = null;
     if (!Session::getUserIsAdminApp() && !Session::getUserIsAdminAcc()) {
         $query = 'SELECT COUNT(DISTINCT account_id) as numacc ' . 'FROM accounts ' . 'LEFT JOIN accGroups ON account_id = accgroup_accountId ' . 'WHERE account_userGroupId = :userGroupId ' . 'OR account_userId = :userId ' . 'OR accgroup_groupId = :groupId';
         $data['userGroupId'] = Session::getUserGroupId();
         $data['groupId'] = Session::getUserGroupId();
         $data['userId'] = Session::getUserId();
     } else {
         $query = "SELECT COUNT(*) as numacc FROM accounts";
     }
     $queryRes = DB::getResults($query, __FUNCTION__, $data);
     if ($queryRes === false) {
         return false;
     }
     return $queryRes->numacc;
 }
Example #3
0
 /**
  * Comprueba los permisos de acceso a una cuenta.
  *
  * @param string $module      con la acción realizada
  * @param array  $accountData con los datos de la cuenta a verificar
  * @return bool
  */
 public static function checkAccountAccess($module, $accountData)
 {
     $userGroupId = Session::getUserGroupId();
     $userId = Session::getUserId();
     $userIsAdminApp = Session::getUserIsAdminApp();
     $userIsAdminAcc = Session::getUserIsAdminAcc();
     $userToGroups = in_array($userGroupId, Groups::getUsersForGroup($accountData['group_id']));
     if ($userToGroups === false) {
         foreach ($accountData['groups_id'] as $groupId) {
             $users = Groups::getUsersForGroup($groupId);
             if ($userGroupId === $groupId || in_array($userId, $users)) {
                 $userToGroups = true;
             }
         }
     }
     $okView = $userId == $accountData['user_id'] || $userGroupId == $accountData['group_id'] || in_array($userId, $accountData['users_id']) || $userToGroups || $userIsAdminApp || $userIsAdminAcc;
     $okEdit = $userId == $accountData['user_id'] || $userGroupId == $accountData['group_id'] || in_array($userId, $accountData['users_id']) && $accountData['otheruser_edit'] || $userToGroups && $accountData['othergroup_edit'] || $userIsAdminApp || $userIsAdminAcc;
     switch ($module) {
         case self::ACTION_ACC_VIEW:
         case self::ACTION_ACC_VIEW_PASS:
         case self::ACTION_ACC_VIEW_HISTORY:
         case self::ACTION_ACC_COPY:
             return $okView;
         case self::ACTION_ACC_EDIT:
         case self::ACTION_ACC_DELETE:
         case self::ACTION_ACC_EDIT_PASS:
             return $okEdit;
     }
     return false;
 }