/** * return the value of the right on the given subject (and on the optional resource) * @param string $subject the key of the subject * @param string $resource the id of a resource * @return array list of values corresponding to the right */ public function getRight($subject, $resource = null) { if ($resource === null && isset(self::$acl[$subject])) { return self::$acl[$subject]; } elseif (isset(self::$aclres[$subject][$resource])) { return self::$aclres[$subject][$resource]; } if (!jAuth::isConnected()) { // not authificated = no rights return array(); } $groups = jAclDbUserGroup::getGroups(); if (count($groups) == 0) { self::$acl[$subject] = array(); self::$aclres[$subject][$resource] = array(); return array(); } // recupère toutes les valeurs correspondant aux groupes auquel appartient le user, // avec le sujet et ressource indiqué $values = array(); $dao = jDao::get('jelix~jaclrights', jAclDb::getProfile()); $list = $dao->getAllGroupRights($subject, $groups); foreach ($list as $right) { $values[] = $right->value; } self::$acl[$subject] = $values; if ($resource !== null) { $list = $dao->getAllGroupRightsWithRes($subject, $groups, $resource); foreach ($list as $right) { $values[] = $right->value; } self::$aclres[$subject][$resource] = $values = array_unique($values); } return $values; }
/** * return a list of group. * * if a login is given, it returns only the groups of the user. * Else it returns all groups (except private groups) * @param string $login an optional login * @return array a list of groups object (dao records) */ public static function getGroupList($login = '') { if ($login === '') { $daogroup = jDao::get('jelix~jaclgroup', jAclDb::getProfile()); return $daogroup->findAllPublicGroup(); } else { $daogroup = jDao::get('jelix~jaclgroupsofuser', jAclDb::getProfile()); return $daogroup->getGroupsUser($login); } }
protected function cmd_delete() { $params = $this->getParam('...'); if (!is_array($params) || count($params) != 2) { throw new Exception("wrong parameter count"); } $cnx = jDb::getConnection(jAclDb::getProfile()); $rs = $cnx->query('SELECT count(*) as n FROM jacl_right_values WHERE id_aclvalgrp=' . intval($params[1]) . ' AND value=' . $cnx->quote($params[0])); if (!$rs) { throw new Exception("not possible count"); } $rec = $rs->fetch(); if (!$rec) { throw new Exception("no count"); } if ($rec->n == 0) { throw new Exception("Unknown value or group id"); } $sql = 'SELECT count(*) as n FROM jacl_subject s, jacl_rights r WHERE s.id_aclvalgrp=' . intval($params[1]) . ' AND s.id_aclsbj = r.id_aclsbj AND r.value = ' . $cnx->quote($params[0]); $rs = $cnx->query($sql); if (!$rs) { throw new Exception("not possible count"); } $rec = $rs->fetch(); if (!$rec) { throw new Exception("no count"); } if ($rec->n > 0) { throw new Exception("This value is used in rights setting. Please remove rights which used this value before deleting the value"); } $sql = "DELETE FROM jacl_right_values WHERE id_aclvalgrp=" . intval($params[1]) . ' AND value=' . $cnx->quote($params[0]); $cnx->exec($sql); echo "OK\n"; }
private function _getGrpId($param) { $cnx = jDb::getConnection(jAclDb::getProfile()); if (is_numeric($param)) { if (intval($param) <= 0) { throw new Exception('invalid group id'); } $sql = "SELECT id_aclgrp FROM jacl2_group WHERE grouptype <2 AND id_aclgrp = " . $param; } else { $sql = "SELECT id_aclgrp FROM jacl2_group WHERE grouptype <2 AND name = " . $cnx->quote($param); } $rs = $cnx->query($sql); if ($rec = $rs->fetch()) { return $rec->id_aclgrp; } else { throw new Exception("this group doesn't exist or is private"); } }
/** * Delete the given subject * @param string $subject the key of the subject */ public static function removeSubject($subject) { // supprime dans jacl_rights // supprime dans jacl_subject $p = jAclDb::getProfile(); $daoright = jDao::get('jelix~jaclrights', $p); $daoright->deleteBySubject($subject); $daosbj = jDao::get('jelix~jaclsubject', $p); $daosbj->delete($subject); jAcl::clearCache(); }
protected function cmd_changename() { $params = $this->getParam('...'); if (!is_array($params) || count($params) != 2) { throw new Exception("wrong parameter count"); } $cnx = jDb::getConnection(jAclDb::getProfile()); $sql = "SELECT id_aclgrp, grouptype FROM jacl_group WHERE id_aclgrp=" . intval($params[0]); $rs = $cnx->query($sql); if ($rec = $rs->fetch()) { if ($rec->grouptype == 2) { throw new Exception("can't change this private group"); } } else { throw new Exception("this group doesn't exist"); } $sql = "UPDATE jacl_group SET name=" . $cnx->quote($params[1]) . " WHERE id_aclgrp=" . intval($params[0]); $cnx->exec($sql); echo "OK\n"; }
protected function cmd_subject_delete() { $params = $this->getParam('...'); if (!is_array($params) || count($params) != 1) { throw new Exception("wrong parameter count"); } $cnx = jDb::getConnection(jAclDb::getProfile()); $sql = "SELECT id_aclsbj FROM jacl_subject WHERE id_aclsbj=" . $cnx->quote($params[0]); $rs = $cnx->query($sql); if (!$rs->fetch()) { throw new Exception("this subject does not exist"); } $sql = "DELETE FROM jacl_rights WHERE id_aclsbj="; $sql .= $cnx->quote($params[0]); $cnx->exec($sql); $sql = "DELETE FROM jacl_subject WHERE id_aclsbj="; $sql .= $cnx->quote($params[0]); $cnx->exec($sql); echo "OK\n"; }