Ejemplo n.º 1
0
 function saveUser()
 {
     //print_r($_POST);
     // First check if the user exists already
     $user = $this->application->db->query("From UserModel as user where user.name='" . $_POST['name'] . "'");
     if (!$user) {
         // The user doesn't exist
         $user = $this->application->db->create("UserModel");
         $user->name = $_POST['name'];
         $user->password = $_POST['password'];
         $user->email = $_POST['email'];
         $this->application->db->commit($user);
         $data['user'] = $user;
         // Now a new acl request object must be created
         // The ARO must have the same name as the user
         require_once "lib/phpgacl/gacl_api.class.php";
         $api = new gacl_api(array());
         $gid = $api->get_group_id("users");
         $res = $api->add_object("user", $user->name, $user->name, 0, 0, "ARO");
         $res = $api->add_group_object($gid, "user", $user->name, "ARO");
         $this->render("user/created", $data, "SMARTY");
     } else {
         $data['user'] = $_POST;
         $data['user']['password'] = "";
         $data['info'] = "The user name is already used";
         $this->render("user/register", $data, "SMARTY");
     }
 }
Ejemplo n.º 2
0
	function get_group_id( $var_1 = null, $var_2 = null, $var_3 = null ) {
		global $_CB_database;

		if ( checkJversion() == 2 ) {
			$gname		=	( $var_1 ? $var_1 : $var_2 );

			$query		=	'SELECT ' . $_CB_database->NameQuote( 'id' )
						.	"\n FROM " . $_CB_database->NameQuote( '#__usergroups' )
						.	"\n WHERE " . $_CB_database->NameQuote( 'title' ) . " = " . $_CB_database->Quote( $gname );
			$_CB_database->setQuery( $query );
			$return		=	$_CB_database->loadResult();
		} else {
			if ( ! $var_2 ) {
				$var_2	=	'ARO';
			}

			$return		=	$this->_acl->get_group_id( $var_1, $var_2, $var_3 );
		}

		return $return;
	}
Ejemplo n.º 3
0
<?php

global $conf;
global $global;
define('APPROOT', realpath(dirname(__FILE__) . '/../') . '/');
$_SESSION['username'] = '******';
require_once APPROOT . 'conf/sysconf.php';
include APPROOT . '3rd/phpgacl/gacl.class.php';
include APPROOT . '3rd/phpgacl/gacl_api.class.php';
include APPROOT . 'inc/handler_db.inc';
#    	$gacl= new gacl(array('db_host'=> $conf['db_host'] , 'db_name'=> $conf['db_name'] , 'db_user'=> $conf['db_user'], 'db_password'=> $conf['db_pass'] , 'db_table_prefix'=>'gacl_' , 'db_type'=> 'mysql'  ));
#    	$gacl_api = new gacl_api(array('db_host'=> $conf['db_host'] , 'db_name'=> $conf['db_name'] , 'db_user'=> $conf['db_user'], 'db_password'=> $conf['db_pass'] , 'db_table_prefix'=>'gacl_' , 'db_type'=> 'mysql'  ));
$gacl = new gacl(array('db' => $global['db'], 'db_table_prefix' => 'gacl_'));
$gacl_api = new gacl_api(array('db' => $global['db'], 'db_table_prefix' => 'gacl_'));
$g_user_admin = $gacl_api->get_group_id('admin', 'Admin', ' ARO');
$gacl_api->add_object('modules', 'Dashboard', 'dashboard', 8, 0, 'AXO');
$gacl_api->add_acl(array('access' => array('access')), null, array($g_user_admin), array('modules' => array('dashboard')));
Ejemplo n.º 4
0
    $arr_group = $group->selectusergroup();
    $smarty->assign("function_title", 'Edit Group');
} else {
    $smarty->assign("function_title", 'Add Group');
}
$arr_data = $gacl_api->get_objects('', 1, 'aco');
$arr_aco = array();
$arr_tmp = $arr_data['system'];
$arr_checked = array();
for ($i = 0; $i < count($arr_tmp); $i++) {
    $obj_value = $arr_tmp[$i];
    $obj_id = $gacl_api->get_object_id('system', $obj_value, 'aco');
    $arr_obj = $gacl_api->get_object_data($obj_id, 'aco');
    $arr_aco[$obj_value] = $arr_obj[0][3];
    if ($op == 'editgroup') {
        $aro_group_id = $gacl_api->get_group_id($group->id, $group->id, 'aco');
        $sqlString = "SELECT a.id, a.allow, a.return_value FROM ooo_acl a LEFT JOIN ooo_aco_map ac ON ac.acl_id=a.id LEFT JOIN ooo_axo_map ax ON ax.acl_id=a.id LEFT JOIN ooo_aro_groups_map arg ON arg.acl_id=a.id LEFT JOIN ooo_aro_groups rg ON rg.id=arg.group_id LEFT JOIN ooo_axo_groups_map axg ON axg.acl_id=a.id WHERE a.enabled=1 AND (ac.section_value='system' AND ac.value='{$obj_value}') AND (rg.id = {$aro_group_id}) AND ((ax.section_value IS NULL AND ax.value IS NULL) AND axg.group_id IS NULL) ORDER BY (rg.rgt-rg.lft) ASC, a.updated_date DESC LIMIT 1";
        $rs = $DB->Execute($sqlString);
        if ($rs) {
            if (!$rs->EOF) {
                $arr_result = $rs->FetchRow();
                if ($arr_result['allow'] == 1) {
                    $arr_checked[] = $obj_value;
                }
            }
        }
    }
}
$form = new Form('form1', 'index.php', 'post');
$text1 =& $form->addElement('text');
$text1->setAttribute('id', 'name');
Ejemplo n.º 5
0
$result = $gacl_api->add_object_section('Jedi', 'jedi', 12, 0, 'ARO');
//Must specifiy Object Type, notice it is ARO now.
if ($outputDebug == TRUE) {
    if ($result !== FALSE) {
        echo "Created Jedi ARO section sucessfully. <br>\n";
    } else {
        echo "Error creating Jedi ARO section.<br>\n";
    }
}
unset($result);
/*
 * Add Jedi Group to Passengers
 *
 * First get the Passengers Groupid.
 */
$result = $gacl_api->get_group_id('passengers');
if ($outputDebug == TRUE) {
    if ($result !== FALSE) {
        echo "Got the groupid for Passengers!<br>\n";
    } else {
        echo "Error failed getting the groupid for passengers.<br>\n";
    }
}
$passengersGroupID = $result;
unset($result);
/* 
 * We add the Jedi Group and use the Passengers groupid for the parent.
 */
$result = $gacl_api->add_group('jedi', 'Jedi', $passengersGroupID, 'aro');
if ($outputDebug == TRUE) {
    if ($result !== FALSE) {
// | missing, please visit Openology homepage: http://www.openology.org/       |
// +---------------------------------------------------------------------------+
//
// $Id:
include_once OOO_APP_MODULES . '/page.php';
include_once OOO_APP_CLASSES . '/usergroup.php';
include_once OOO_APP_CLASSES . '/user.php';
include_once OOO_CORE . '/form/Form.php';
include_once OOO_CORE . '/form/FormController.php';
include_once OOO_CORE . '/gui/SmartyUtil.php';
include_once OOO_LIB . '/phpgacl/gacl.class.php';
include_once OOO_LIB . '/phpgacl/gacl_api.class.php';
$group_id = $_GET['id'];
//group_id
$gacl_api = new gacl_api($gacl_options);
$id = $gacl_api->get_group_id($group_id, $group_id, 'ARO');
//aro group_id
$arr_user = $gacl_api->get_group_objects($id, 'aro');
//aro object value
$group = new usergroup($DB);
if (is_array($arr_user)) {
    if (count($arr_user)) {
        $arr_in = $group->selectInUser($arr_user['users'], 1);
        $arr_out = $group->selectInUser($arr_user['users'], 0);
    } else {
        $user = new user($DB);
        $arr_out = $user->selectAlluser(1000, 1);
    }
}
$smartyutil = new SmartyUtil();
$arr_newin = $smartyutil->toSmartyArray($arr_in, 'name', 'id');
 * | |-Han ARO
 * | '-Chewie ARO
 * '-Passengers Group	[ALLOW: Lounge]
 *   |-Obi-wan ARO
 *   |-Luke ARO
 *   |-R2D2 ARO
 *   '-C3PO ARO
 *
 * add_acl($aco_array, $aro_array, $aro_group_ids=NULL, $axo_array=NULL, $axo_group_ids=NULL, $allow=1, $enabled=1, $return_value=NULL, $note=NULL, $section_value=NULL )
 */
/*
 * First The Crew:
 */
//Associative array, with Object Section Value => array( Object Value ) pairs.
$aco_array = array('access' => array('cockpit', 'engines', 'guns', 'lounge'));
$aro_array_GroupID = array($gacl_api->get_group_id('crew'));
$allow = TRUE;
$enabled = TRUE;
$return_value = NULL;
$note = "Allowing the Crew to have Access to: cockpit, engines, guns and lounge!";
//The NULL values are for the more advanced options such as groups, and AXOs. Refer to the manual for more info.
$result = $gacl_api->add_acl($aco_array, NULL, $aro_array_GroupID, NULL, NULL, $allow, $enabled, $return_value, $note, 'user');
if ($outputDebug == TRUE) {
    if ($result !== FALSE) {
        echo "Created our first ACL sucessfully!<br>\n";
    } else {
        echo "Error creating ACL.<br>\n";
    }
}
unset($result);
/*
Ejemplo n.º 8
0
//
// $Id:
include_once OOO_APP_MODULES . '/page.php';
include_once OOO_APP_CLASSES . '/usergroup.php';
include_once OOO_CORE . '/form/Form.php';
include_once OOO_CORE . '/form/FormController.php';
include_once OOO_LIB . '/phpgacl/gacl.class.php';
include_once OOO_LIB . '/phpgacl/gacl_api.class.php';
$gacl_api = new gacl_api($gacl_options);
$usergroup = new usergroup($DB);
if ($op == 'deletegroup') {
    $arr_id = $_POST['delete'];
    for ($i = 0; $i < count($arr_id); $i++) {
        $usergroup->id = $arr_id[$i];
        $usergroup->deleteusergroup();
        $id = $gacl_api->get_group_id($group->id, $group->id, 'ARO');
        $gacl_api->del_group($id, true, 'ARO');
    }
} else {
    $usergroup->name = $_POST['name'];
    $usergroup->description = $_POST['description'];
    $aco_array = array();
    $aco_array['system'] = array();
    $aco_array['system'] = $_POST['permission'];
    if ($op == 'creategroup') {
        $usergroup->insertusergroup();
        $id = $usergroup->getInsert_ID();
        $group_id = $gacl_api->add_group($id, $id, 10, 'aro');
        $arr_group = array();
        $arr_group[] = $group_id;
        $gacl_api->add_acl($aco_array, NULL, $arr_group, NULL, NULL, true, true, NULL, NULL);
Ejemplo n.º 9
0
            require_once APPROOT . '3rd/Zend/ ' . $class_name . '.php';
        }
        if (file_exists(APPROOT . 'data/' . $class_name . '.php')) {
            require_once APPROOT . 'data/' . $class_name . '.php';
        }
    }
}
spl_autoload_register(array('AutoLoadClass', '__autoload'));
//include(APPROOT.'3rd/phpgacl/gacl.class.php');
include APPROOT . '3rd/phpgacl/gacl_api.class.php';
include APPROOT . 'inc/handler_db.inc';
#    	$gacl= new gacl(array('db_host'=> $conf['db_host'] , 'db_name'=> $conf['db_name'] , 'db_user'=> $conf['db_user'], 'db_password'=> $conf['db_pass'] , 'db_table_prefix'=>'gacl_' , 'db_type'=> 'mysql'  ));
#    	$gacl_api = new gacl_api(array('db_host'=> $conf['db_host'] , 'db_name'=> $conf['db_name'] , 'db_user'=> $conf['db_user'], 'db_password'=> $conf['db_pass'] , 'db_table_prefix'=>'gacl_' , 'db_type'=> 'mysql'  ));
$gacl = new gacl(array('db' => $global['db'], 'db_table_prefix' => 'gacl_'));
$gacl_api = new gacl_api(array('db' => $global['db'], 'db_table_prefix' => 'gacl_'));
$root_aro = $gacl_api->get_group_id('root', 'OpenEvSysUser', 'ARO');
//var_dump('root_aro' , $root_aro); exit(0);
$root_axo = $gacl_api->get_group_id('root', 'root', 'AXO');
//var_dump($root_axo);
$g_person = $gacl_api->add_group('person', 'Person', $root_axo, 'AXO');
$gacl_api->add_object_section('Person', 'person', 3, 0, 'AXO');
$gacl_api->add_acl(array('access' => array('access')), null, array($root_aro), null, array($g_person));
$persons = Browse::getPersonConf();
//var_dump($persons); exit(0);
foreach ($persons as $person) {
    acl_add_person($person['person_record_number']);
    //if event is marked as confidential limit it to this user and admin.
    if ($person['confidentiality'] == 'y') {
        acl_set_person_permissions($person['person_record_number']);
    }
}
Ejemplo n.º 10
0
 public function act_permissions()
 {
     global $global;
     include_once APPROOT . '3rd/phpgacl/gacl_api.class.php';
     $gacl = new gacl_api(array('db' => $global['db'], 'db_table_prefix' => 'gacl_'));
     //select role
     $this->roles = acl_get_roles();
     if (isset($_REQUEST['role'])) {
         $this->role = $_REQUEST['role'];
     }
     //change role if requested
     if (isset($_POST['change_role'])) {
         $this->role = $_POST['role'];
     }
     if (!array_key_exists($this->role, $this->roles)) {
         $this->role = key($this->roles);
     }
     $role_id = $gacl->get_group_id($this->role, NULL, 'ARO');
     $role_name = $gacl->get_group_data($role_id, 'ARO');
     $role_name = $role_name[3];
     //list accessible modules
     $options = $gacl->get_objects('crud', 0, 'ACO');
     $this->crud = $options['crud'];
     $group_id = $gacl->get_group_id('entities', 'Entities', 'AXO');
     $entity_groups = $gacl->get_group_children($group_id, 'AXO', 'NO_RECURSE');
     $this->entity_groups = array();
     foreach ($entity_groups as $id) {
         $group = $gacl->get_group_data($id, 'AXO');
         $this->entity_groups[$group[2]] = _t($group[3]);
     }
     //get the deny list
     $acl_list = array();
     $this->select = array();
     foreach ($this->entity_groups as $key => $group) {
         $acl_id = $gacl->search_acl('crud', FALSE, FALSE, FALSE, $role_name, FALSE, FALSE, $group, FALSE);
         if ($acl_id) {
             $acl_list = array_merge($acl_list, $acl_id);
         }
         $acl = $gacl->get_acl($acl_id[0]);
         if ($acl['allow'] == 0) {
             $crud = $acl['aco']['crud'];
         }
         foreach ($this->crud as $opt) {
             $this->select[$key . "_" . $opt] = true;
             if (is_array($crud) && in_array($opt, $crud)) {
                 $this->select[$key . "_" . $opt] = false;
             }
         }
     }
     //list accessible entities
     if ($_POST['change_permissions']) {
         if ($this->role == 'admin') {
             shnMessageQueue::addInformation(_t('YOU_CANNOT_CHANGE_THE_ADMINISTRATOR_PERMISSIONS_'));
         } else {
             $this->select = array();
             foreach ($this->entity_groups as $key => $group) {
                 $crud = array();
                 foreach ($this->crud as $opt) {
                     if (!isset($_POST[$key . '_' . $opt])) {
                         array_push($crud, $opt);
                     }
                     $this->select[$key . "_" . $opt] = true;
                     if (is_array($crud) && in_array($opt, $crud)) {
                         $this->select[$key . "_" . $opt] = false;
                     }
                 }
                 $axo_id = $gacl->get_group_id($key, $group, 'AXO');
                 if (count($crud) > 0) {
                     $gacl->add_acl(array('crud' => $crud), NULL, array($role_id), NULL, array($axo_id), 0, 1);
                 }
             }
             //delete previous acls
             foreach ($acl_list as $acl_id) {
                 $gacl->del_acl($acl_id);
             }
         }
     }
 }