function create_resource($R)
{
extract($R);
if ($resource_info['iid'] == '') {
$resource_info['iid'] = '1';
}
$R['resource_info']['resource_id'] = find_latest_UID('resource', $db) + 1;
$resource_id_created = insert_resource($R);
if ($resource_id_created) {
$resource_id = find_latest_UID('resource', $db);
$resource_info['resource_id'] = $resource_id;
if ($resource_info['iid'] == '0') {
#INSERT LINE ON RULES TABLE
$rule_info = array('project_id' => $resource_info['project_id'], 'owner' => $user_id, 'subject' => $resource_info['entity'], 'subject_id' => $resource_info['resource_id'], 'verb' => 'has UID', 'object' => 'UID', 'notes' => nl2br($resource_info['notes']));
$db->query($sql, __LINE__, __FILE__);
$R['rule_info'] = $rule_info;
$rule_inserted = insert_rule($R);
if ($rule_inserted) {
$rule_info['rule_id'] = find_latest_UID('rule', $db);
$inputs = array('newsubject' => $resource_info['entity'], 'newverb' => 'has UID', 'newobject' => 'UID', 'newnotes' => nl2br($resource_info['notes']));
$action = 'create';
$log = compact('action', 'rule_info', 'user_id', 'project_id', 'db', 'inputs');
insert_rule_log($log);
}
#now check if there is any rule in the same project that already has this class as object.
$s3ql = compact('user_id', 'db');
$s3ql['from'] = 'rules';
$s3ql['where']['object'] = $resource_info['entity'];
$s3ql['where']['project_id'] = $resource_info['project_id'];
$object_rules = S3QLaction($s3ql);
if (is_array($object_rules)) {
foreach ($object_rules as $key => $rule_to_change) {
$s3ql = compact('user_id', 'db');
$s3ql['edit'] = 'rule';
$s3ql['where']['rule_id'] = $rule_to_change['rule_id'];
$s3ql['set']['object_id'] = $resource_id;
$done = S3QLaction($s3ql);
}
}
} else {
$statement_info = array('project_id' => $resource_info['project_id'], 'resource_id' => $resource_id, 'rule_id' => get_rule_id_by_entity_id($resource_info['resource_class_id'], $resource_info['project_id'], $db), 'value' => $resource_id, 'notes' => $resource_info['notes'], 'created_by' => $resource_info['owner'], 'db' => $db);
$R['statement_info'] = $statement_info;
insert_statement($R);
}
return $resource_id;
}
}
function update_resource_instance($R)
{
extract($R);
#echo '<pre>';print_r($R);exit;
if (is_array($editing_resource)) {
extract($editing_resource);
}
$modified_by = $user_id;
#$sql ="update s3db_resource set notes='".$notes."', entity='".$entity."', modified_by='".$modified_by."', modified_on=now(), resource_class_id='".$resource_class_id."' where resource_id='".$resource_id."'";
$sql = "update s3db_resource set notes='" . addslashes($inputs['notes']) . "', modified_by='" . $modified_by . "', modified_on=now() where resource_id='" . $info['resource_id'] . "'";
#$echo $sql;exit;
$db->query($sql, __LINE__, __FILE__);
$dbdata = get_object_vars($db);
$old_rule_id = get_rule_id_by_entity_id($info['class_id'], $project_id, $db);
$instance_info = $info;
$Z = compact('instance_info', 'user_id', 'db');
#$L = array('statement_id'=>fastStatementId($Z), 'old_rule_id'=>$old_rule_id, 'old_resource_id'=>$info['resource_id'], 'old_project_id'=>$info['project_id'], 'old_value'=>$info['entity'], 'old_notes'=>$oldvalues['notes'], 'action'=>'modify', 'modified_by'=>$modified_by, 'created_on'=>$info['created_on'], 'created_by'=>$info['created_by'], 'db'=>$db);
#echo '<pre>';print_r($L);exit;
if ($dbdata['Errno'] == 0) {
#echo '<pre>';print_r($olvalues);exit;
$statement_info = $info;
$statement_info['statement_id'] = fastStatementId($Z);
$statement_info['rule_id'] = get_rule_id_by_entity_id($info['class_id'], $project_id, $db);
$statement_info['value'] = $info['resource_id'];
if ($input['notes'] != '') {
$statement_info['notes'] = $info['notes'];
}
$action = 'edit';
if ($inputs['notes'] != $oldvalues['notes']) {
$logged = insert_statement_log(compact('oldvalues', 'inputs', 'action', 'statement_info', 'user_id', 'db'));
}
#nor for the rules. Which rule use this item as verb_id
$sql = "select * from s3db_rule where verb_id = '" . $info['resource_id'] . "'";
#echo $sql;
$db->query($sql, __LINE__, __FILE__);
while ($db->next_record()) {
$rules[] = array('rule_id' => $db->f('rule_id'), 'project_id' => $db->f('project_id'), 'subject' => $db->f('subject'), 'verb' => $db->f('verb'), 'object' => $db->f('object'), 'subject_id' => $db->f('subject_id'), 'verb_id' => $db->f('verb_id'), 'object_id' => $db->f('object_id'), 'notes' => $db->f('notes'), 'created_on' => substr($db->f('created_on'), 0, 19), 'created_by' => $db->f('created_by'), 'modified_on' => $db->f('modified_on'), 'modified_by' => $db->f('modified_by'), 'permission' => $db->f('permission'));
}
$inputs = array('verb' => $inputs['notes']);
if (is_array($rules)) {
foreach ($rules as $rule_info) {
$oldvalues['verb'] = $rule_info['verb'];
$sql = "update s3db_rule set verb = '" . $inputs['verb'] . "' where rule_id = '" . $rule_info['rule_id'] . "'";
#echo $sql.'<BR>';
$db->query($sql, __LINE__, __FILE__);
$action = 'edit';
insert_rule_log(compact('oldvalues', 'inputs', 'rule_info', 'user_id', 'db', 'action'));
}
}
#echo $sql.'<BR>';
##This piece of code is meant to enable the regeneration of the list of resource instances in query result
$queryresult = $_SESSION['query_result'];
if (is_array($queryresult)) {
foreach ($queryresult as $i => $value) {
if ($queryresult[$i]['resource_id'] == $editing_resource['resource_id']) {
$queryresult[$i]['notes'] = $editing_resource['notes'];
}
}
}
$_SESSION['query_result'] = $queryresult;
return True;
} else {
return False;
}
}
function create_nodes($O)
{
$action = $GLOBALS['action'];
extract($O);
$project_info = s3info('project', $project_id, $db);
$project_node .= sprintf("\t\t%s\n", '<NODE nodeID="P' . $project_info['project_id'] . '">');
$project_node .= sprintf("\t\t\t%s\n", '<NODE_LOCATION x="0" y="0" visible="true"/>');
$project_node .= sprintf("\t\t\t%s\n", '<NODE_HINT hint="' . str_replace("\"", "", htmlentities($project_info['project_description'])) . '" width="300" height="-1" isHTML="false"/>');
$project_node .= sprintf("\t\t\t%s\n", '<NODE_LABEL label="' . $project_info['project_name'] . '" shape="3" backColor="0000FF" textColor="FFFF00" fontSize="12"/>');
$project_node .= sprintf("\t\t\t%s\n", '<NODE_URL url="' . htmlentities($action['project']) . '" urlIsLocal="true" urlIsXML="false"/>');
#$project_node.= sprintf("\t\t\t%s\n",'<NODE_URL url="../project/project.php?project_id='.$_REQUEST['project_id'].'" urlIsLocal="true" urlIsXML="false"/>');
$project_node .= sprintf("\t\t%s\n", '</NODE>');
$s3ql['db'] = $db;
$s3ql['user_id'] = $user_id;
$s3ql['select'] = '*';
$s3ql['from'] = 'rules';
$s3ql['where']['project_id'] = $_REQUEST['project_id'];
$s3ql['where']['object'] = "!=UID";
#$rules = s3list($s3ql);
$rules = S3QLaction($s3ql);
$GLOBALS['rules'] = $rules;
#Create the node for the regular resources
#List all classes in project
$s3ql = compact('user_id', 'db');
$s3ql['select'] = '*';
$s3ql['from'] = 'classes';
$s3ql['where']['project_id'] = $_REQUEST['project_id'];
#$resources = s3list($s3ql);
$resources = S3QLaction($s3ql);
$GLOBALS['collections'] = $resources;
if (is_array($resources)) {
$C = grab_id('collection', $resources);
#=>these are the ids of all allowed nodes
foreach ($resources as $resource_info) {
//Lena -created this session because map doesn't allow more than 1 get, but for queryresource to run properly we need at least 2 get's
$rule_id = get_rule_id_by_entity_id($resource_info['resource_id'], $resource_info['project_id'], $db);
$subject = str_replace($toReplace, $replace, htmlentities($resource_info['entity']));
$notes = str_replace($toReplace, $replace, htmlentities($resource_info['notes']));
if ($resource_info['project_id'] == $_REQUEST['project_id']) {
$color = 'FF0000';
} else {
$color = 'FF6600';
}
$resource_id = $resource_info['resource_id'];
$subject_node .= sprintf("\t\t%s\n", '<NODE nodeID="C' . $resource_id . '">');
$subject_node .= sprintf("\t\t\t%s\n", '<NODE_LOCATION x="0" y="0" visible="false"/>');
$subject_node .= sprintf("\t\t\t%s\n", '<NODE_HINT hint="' . $notes . '" width="300" height="-1" isHTML="true"/>');
$subject_node .= sprintf("\t\t\t%s\n", '<NODE_LABEL label="' . $subject . '" shape="2" backColor="' . $color . '" textColor="FFFFFF" fontSize="14"/>');
$subject_node .= sprintf("\t\t\t%s\n", '<NODE_URL url="' . htmlentities($action['resource']) . '&class_id=' . $resource_info['resource_id'] . '" urlIsLocal="true" urlIsXML="false"/>');
$subject_node .= sprintf("\t\t%s\n", '</NODE>');
}
#and finally... the nodes for the objects...
if (is_array($rules)) {
#foreach($objects as $object)
foreach ($rules as $rule_info) {
$subject = str_replace($toReplace, $replace, htmlentities($rule_info['subject']));
$verb = str_replace($toReplace, $replace, htmlentities($rule_info['verb']));
$object = str_replace($toReplace, $replace, htmlentities($rule_info['object']));
$notes = str_replace($toReplace, $replace, htmlentities($rule_info['notes']));
#is the rule from this project? if not, print a different color
if ($rule_info['project_id'] == $_REQUEST['project_id']) {
$objcolor = '336600';
$classColor = 'FF0000';
} else {
$objcolor = '009900';
$classColor = 'FF6600';
}
if ($rule_info['object'] != 'UID' || $rule_info['verb'] != 'has UID') {
$object_node .= sprintf("\t\t%s\n", '<NODE nodeID="R' . $rule_info['rule_id'] . '">');
$object_node .= sprintf("\t\t\t%s\n", '<NODE_LOCATION x="0" y="0" visible="false"/>');
if ($rule_info['object_id'] == '') {
$object_node .= sprintf("\t\t\t%s\n", '<NODE_LABEL label="' . $object . '" shape="1" backColor="' . $objcolor . '" textColor="FFFF00" fontSize="12"/>');
$object_node .= sprintf("\t\t\t%s\n", '<NODE_URL url="' . htmlentities($action['rule']) . '&class_id=' . $rule_info['subject_id'] . '&rule_id=' . $rule_info['rule_id'] . '" urlIsLocal="true" urlIsXML="false"/>');
$object_node .= sprintf("\t\t\t%s\n", '<NODE_HINT hint="' . $notes . '" width="300" height="-1" isHTML="false"/>');
} elseif (in_array($rule_info['object_id'], $C)) {
##Collection must either exist already as a visible node or the map will crash
$object_node .= sprintf("\t\t\t%s\n", '<NODE_LABEL label="' . $object . '" shape="1" backColor="' . $classColor . '" textColor="FFFFFF" fontSize="12"/>');
$object_node .= sprintf("\t\t\t%s\n", '<NODE_URL url="' . htmlentities($action['resource']) . '&class_id=' . $rule_info['object_id'] . '" urlIsLocal="true" urlIsXML="false"/>');
$object_node .= sprintf("\t\t\t%s\n", '<NODE_HINT hint="' . $notes . '" width="300" height="-1" isHTML="false"/>');
} else {
$object_node .= sprintf("\t\t\t%s\n", '<NODE_LABEL label="' . $object . '" shape="1" backColor="#EFEFEF" textColor="FFFF00" fontSize="12"/>');
$object_node .= sprintf("\t\t\t%s\n", '<NODE_HINT hint="User is not allowed in this Collection" width="300" height="-1" isHTML="false"/>');
}
$object_node .= sprintf("\t\t%s\n", '</NODE>');
}
}
}
#find all projects involved in the rules of this project
#find out how many project_ids there are
if (is_array($rules)) {
$extraproject_ids = array_map('grab_project_id', $rules);
$extraproject_ids = array_diff(array_unique($extraproject_ids), array($_REQUEST['project_id']));
#echo '<pre>';print_r($extraproject_ids);
#Create extra projects nodes
if (is_array($extraproject_ids)) {
foreach ($extraproject_ids as $extra_project_id) {
$project_info = get_info('project', $extra_project_id, $db);
$extra_project_node .= sprintf("\t\t%s\n", '<NODE nodeID="P' . $extra_project_id . '">');
$extra_project_node .= sprintf("\t\t\t%s\n", '<NODE_LOCATION x="1" y="1" visible="true"/>');
$extra_project_node .= sprintf("\t\t\t%s\n", '<NODE_HINT hint="' . str_replace("\"", "", $project_info['project_description']) . '" width="300" height="-1" isHTML="false"/>');
$extra_project_node .= sprintf("\t\t\t%s\n", '<NODE_LABEL label="' . $project_info['project_name'] . '" shape="3" backColor="406AFD" textColor="FFFF00" fontSize="12"/>');
#$extra_project_node .= sprintf("\t\t\t%s\n", '<NODE_URL url="'.$action['project'].'" urlIsLocal="true" urlIsXML="false"/>');
#$project_node.= sprintf("\t\t\t%s\n",'<NODE_URL url="../project/project.php?project_id='.$_REQUEST['project_id'].'" urlIsLocal="true" urlIsXML="false"/>');
$extra_project_node .= sprintf("\t\t%s\n", '</NODE>');
}
}
}
return $project_node . $extra_project_node . $subject_node . $object_node;
}
}
function delete_resource_instance($R)
{
extract($R);
$resource_id = $R['resource_id'];
$modified_by = $R['user_id'];
$db = $R['db'];
$resource_info = s3info('instance', $resource_id, $db);
$resource_class_id = $resource_info['resource_class_id'];
$project_id = $resource_info['project_id'];
$old_rule_id = get_rule_id_by_entity_id($resource_class_id, $project_id, $db);
#Find all statements on this resource_id
if (!is_array($statements)) {
$statements = CORElist(array('child' => 'statement', 'parent_ids' => array('instance_id' => $resource_id), 'user_id' => $user_id, 'db' => $db));
}
#Find all statements where this resource_id is object. First we have to figure out which rules point to the object where this instance might have been inserted.
#$class_id = $resource_info['resource_class_id'];
$s3ql = compact('user_id', 'db');
$s3ql['select'] = '*';
$s3ql['from'] = 'statements';
$s3ql['where']['value'] = $resource_id;
$s3ql['where']['object_id'] = $resource_class_id;
#$borrowedStats = S3QLaction($s3ql); #COMING SOON
if (is_array($statements)) {
foreach ($statements as $i => $statement_info) {
$s3ql = compact('user_id', 'db');
$s3ql['delete'] = 'statement';
$s3ql['where']['statement_id'] = $statement_info['statement_id'];
$s3ql['where']['confirm'] = 'yes';
$done = S3QLaction($s3ql);
#$sql = "delete from s3db_statement where statement_id = '".$statement_info['statement_id']."'";
#$db->query($sql, __LINE__, __FILE__);
$S = array('statement_id' => $statement_info['statement_id'], 'old_rule_id' => $statement_info['rule_id'], 'old_resource_id' => $statement_info['resource_id'], 'old_project_id' => $statement_info['project_id'], 'old_value' => $statement_info['value'], 'old_notes' => $statement_info['notes'], 'created_by' => $statement_info['created_by'], 'created_on' => $statement_info['created_on'], 'modified_by' => $user_id, 'action' => 'delete', 'db' => $db);
$logged = insert_statement_log($S);
}
}
#Change the resources table
#$sql = "delete from s3db_resource where resource_id = '".$resource_id."' and iid='1'";
$sql = "update s3db_resource set status = 'I', modified_on = now() where resource_id = '" . $resource_id . "' and iid='1'";
#echo '<pre>';print_r($statements);
#echo $sql;exit;
$db->query($sql, __LINE__, __FILE__);
$dbdata = get_object_vars($db);
if ($dbdata['Errno'] == 0) {
$S = array('statement_id' => '0', 'old_rule_id' => $old_rule_id, 'old_resource_id' => $resource_id, 'old_project_id' => $resource_info['project_id'], 'old_value' => $resource_info['entity'], 'old_notes' => $resource_info['notes'], 'created_by' => $resource_info['created_by'], 'created_on' => $resource_info['created_on'], 'modified_by' => $modified_by, 'action' => 'delete', 'db' => $db);
$logged = insert_statement_log($S);
#Change in the statements table
#$sql = "delete from s3db_statement where resource_id = '".$resource_id."'";
#$db->query($sql, __LINE__, __FILE__);
$dbdata = get_object_vars($db);
##This piece of code is meant to enable the regeneration of the list of resource instances in query result
$queryresult = $_SESSION['query_result'];
#echo '<pre>'; print_r($queryresult);
if (is_array($queryresult)) {
function resource_id_compare($a, $b)
{
if ($a == $b) {
return 0;
}
}
foreach ($queryresult as $i => $value) {
if ($queryresult[$i]['resource_id'] == $resource_id) {
unset($queryresult[$i]);
}
}
#if (is_array($deleteme)) #Remove the small array from the big array
# $queryresult = array_diff_uassoc($queryresult,$deleteme, "resource_id_compare");
#echo '<pre>'; print_r($queryresult);
}
$_SESSION['query_result'] = $queryresult;
return True;
} else {
return False;
}
}
include_once '../core.header.php';
$rule_id = $_REQUEST['rule_id'];
$rule_info = URIinfo('R' . $rule_id, $user_id, $key, $db);
$ruleAcl = find_final_acl($user_id, $rule_info['project_id'], $db);
$class_id = $_REQUEST['class_id'];
$class_info = get_info('class', $class_id, $db);
$classAcl = find_final_acl($user_id, $class_info['project_id'], $db);
#echo '<pre>';print_r($class_info);
$project_id = $_REQUEST['project_id'];
$project_info = get_info('project', $project_id, $db);
$acl = find_final_acl($user_id, $project_id, $db);
if ($ruleAcl == '' && $classAcl == '') {
#check acl of the provided project
#find permission of this project on this resource
if ($class_id != '') {
$rule_id = get_rule_id_by_entity_id($class_id, $project_id, $db);
$rule_info = get_info('rule', $rule_id, $db);
}
if ($acl == '1' || $acl == '2' || $acl == '3') {
#this is a class, permission can only be found on rules
#echo $rule_info['permission'];
$ruleOnProject = ereg('(^|_)' . $project_id . '_', $rule_info['permission']);
if (!$ruleOnProject) {
echo "User does not have access to this resource";
exit;
}
} else {
echo "User does not have access to this project";
exit;
}
}
