/**
* function viewer_guid_conenct
* <pre>
*
* If user has an exisitng intranet login ($new_viewer == false):
* Given GUID and viewer_id, inject GUID into existing viewer
*
* If user never had an intranet login ($new_viewer == true):
* Given a GUID, create new viewer, person, put into access group, etc.
*
* @param $guid [String] [user's GUID]
* @param $viewer [Int] [user's view_id]
* @param $new_viewer [BOO] [true when user never had an intranet login]
* </pre>
* @return [void]
*
*
*/
function viewer_guid_connect($guid, $viewer, $new_viewer)
{
if ($new_viewer) {
// 1. create new viewer
$viewerManager = new RowManager_ViewerManager();
$viewerManager->setGUID($guid);
// GUID
$viewerManager->setLanguageID(1);
// english
// TODO this value should not be hard-coded for the account group
$viewerManager->setAccountGroupID(15);
// the 'unknown' group
$viewerManager->setIsActive(true);
$viewerManager->createNewEntry();
$viewerID = $viewerManager->getID();
// get the ID of the newly created viewer
// 2. put into the 'all' access group
// PART A
$viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
$viewerAccessGroupManager->setViewerID($viewerID);
$viewerAccessGroupManager->setAccessGroupID(ALL_ACCESS_GROUP);
// add to the 'all' access group
$viewerAccessGroupManager->createNewEntry();
// PART B
$viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
$viewerAccessGroupManager->setViewerID($viewerID);
$viewerAccessGroupManager->setAccessGroupID(SPT_APPLICANT_ACCESS_GROUP);
// add to the 'SPT-Student' access group
$viewerAccessGroupManager->createNewEntry();
// 3. create new person (or grab person_id from existing record)
$personManager = new RowManager_PersonManager();
$personManager->setFirstName('');
$personManager->setLastName('');
$personManager->setEmail('');
$personManager->setSortOrder('person_id');
$personManager->setAscDesc('DESC');
// sort by descending person IDs
$personList = $personManager->getListIterator();
$personArray = $personList->getDataList();
//create new entry
$personManager->createNewEntry();
$personID = $personManager->getID();
// get the ID of the newly created person
// 4. create an access table entry for this (viewer,person) combo
$accessManager = new RowManager_AccessManager();
$accessManager->setViewerID($viewerID);
$accessManager->setPersonID($personID);
$accessManager->createNewEntry();
} else {
$viewerManager = new RowManager_ViewerManager($viewer);
//echo ($viewerManager->getID());
$viewerManager->setGUID($guid);
// GUID
$viewerManager->updateDBTable();
}
}
/**
* function __construct
* <pre>
* Initialize the Class ...
* </pre>
* @param $viewer_id [INTEGER] value used to initialize the list.
* @param $sortBy [STRING] the field name to sort list by
* @return [void]
*/
function __construct($viewer_id = -1, $sortBy = '')
{
$searchManager = new RowManager_ViewerAccessGroupManager();
// NOTE: if you need to narrow the field of the search then uncommnet
// the following and set the proper search criteria.
$searchManager->setValueByFieldName("viewer_id", $viewer_id);
//$searchManager->setValueByFieldName('module_isCommonLook', '1' );
$searchManager->setSortOrder($sortBy);
$this->resultSet = $searchManager->find();
}
function process_Form($sqlResult, $template, $agID, $errorMessages)
{
$agID = $_REQUEST['agID'];
$viewerM = new RowManager_ViewerManager();
$viewerAccessGroupM = new RowManager_ViewerAccessGroupManager();
$join = new JoinPair($viewerM->getJoinOnFieldX('viewer_id'), $viewerAccessGroupM->getJoinOnFieldX('viewer_id'));
$MTM = new MultiTableManager();
$MTM->addRowManager($viewerAccessGroupM);
$MTM->addRowManager($viewerM, $join);
$MTM->constructSearchCondition('accessgroup_id', '=', $agID, true);
$MTM->addSortField('viewer_userID');
$sqlResult = $MTM->find();
if (!isset($sqlResult)) {
$errorMessages = 'Failed to join database to get label';
$template->set('sqlResult', null);
} else {
$template->set('sqlResult', $sqlResult);
}
}
function __construct($viewerID)
{
$accessGroupManager = new RowManager_ViewerAccessGroupManager();
// the permissions are scaled if you have n permission you all have any permission < n
$this->isNational = $accessGroupManager->loadByViewerAccessGroup($viewerID, PermissionManager::PERMISSION_NATIONAL);
// echo 'isNational['.$isNational.']<br/>';
$this->isRegional = $accessGroupManager->loadByViewerAccessGroup($viewerID, PermissionManager::PERMISSION_REGIONAL) || $this->isNational;
// echo 'isRegional['.$isRegional.']<br/>';
$this->isCD = $accessGroupManager->loadByViewerAccessGroup($viewerID, PermissionManager::PERMISSION_CAMPUSDIRECTOR) || $this->isRegional;
// echo 'isCD['.$isCD.']<br/>';
$this->isStatsCoordinator = $accessGroupManager->loadByViewerAccessGroup($viewerID, PermissionManager::PERMISSION_STATSCOORDINATOR) || $this->isCD;
// echo 'isStatsCoordinator['.$isStatsCoordinator.']<br/>';
$this->isAllStaff = $accessGroupManager->loadByViewerAccessGroup($viewerID, PermissionManager::PERMISSION_ALLSTAFF) || $this->isStatsCoordinator;
// echo 'isAllStaff['.$isAllStaff.']<br/>';
}
/**
* function processData
* <pre>
* Processes the data for this form.
* </pre>
* @return [void]
*/
function processData()
{
// save the value of the Foriegn Key(s)
$this->formValues['accountgroup_id'] = $this->accountgroup_id;
/*[RAD_ADMINBOX_FOREIGNKEY]*/
// store values in table manager object.
if (!$this->dataManager->isLoaded()) {
$this->dataManager->createNewEntry();
}
$this->dataManager->loadFromArray($this->formValues);
$accessGroupManager = new RowManager_AccessGroupManager();
$allAccessGroupID = $accessGroupManager->getAllAccessGroupID();
// don't need this for CIM stuff - RM
// $hrdbGroupID = $accessGroupManager->getHRDBAccessGroupID();
// echo 'hrdbGroupID['.$hrdbGroupID.']<br/>';
//$this->dataManager->setAccountGroup($allAccessGroupID);
$viewerAccessGroup = new RowManager_ViewerAccessGroupManager();
//$hrdbGroupID = 34;
// $defaultGroups = array($allAccessGroupID, $hrdbGroupID);
$defaultGroups = array($allAccessGroupID);
for ($i = 0; $i < count($defaultGroups); $i++) {
//load values
$values = array();
//print($this->dataManager->getID() . "<br>");
//print($allAccessGroupID);
$values['viewer_id'] = $this->dataManager->getID();
//$values[ 'accessgroup_id' ] = $allAccessGroupID;
$values['accessgroup_id'] = $defaultGroups[$i];
$viewerAccessGroup->loadFromArray($values);
//var_export($viewerAccessGroup);
// update DB Table
$viewerAccessGroup->createNewEntry();
}
// Make sure password is set using the dataManager's routines
// (for encryption)
$pword = $this->formValues['viewer_passWord'];
$this->dataManager->setPassWord($pword);
$this->dataManager->updateDBTable();
// now make sure all the systemAccessObjects have been updated
$moduleManager = new RowManager_siteModuleManager();
$moduleManager->processSystemAccessNewViewer($this->dataManager->getID());
}
/**
* function __construct
* This is the class constructor for Viewer class
* Initialize a Viewer and determine if they are properly authenticated.
* <pre><code>
* Save the DB connection Info
* If no session ID is set then
* set the Session ID to empty string
* end if
* Get current viewer ID from session ID
* If viewer ID is empty then
* if isDestroySession is set then
* Destroy the Session
* end if
* initialize Empty UnAuthorized Viewer ID
* else
* User Credientials are valid so ...
* Mark as Valid Authentication
*
* Prepare an SQL statement to lookup the viewer info from the DB
* Now load the Data from the DB
* end if
* </pre>
* @param $isDestroySession [BOOL] Should we destroy the session data if not authenticated?
* @param $dbName [STRING] The name of the database the viewer info is stored in
* @param $dbPath [STRING] The path of the database the viewer info is stored in
* @param $dbUser [STRING] The login ID for the database the viewer info is stored in
* @param $dbPassword [STRING] The password of the database the viewer info is stored in
*/
function __construct($isDestroySession = true, $dbName = SITE_DB_NAME, $dbPath = SITE_DB_PATH, $dbUser = SITE_DB_USER, $dbPassword = SITE_DB_PWORD)
{
// if no session ID is set then
if (!isset($_SESSION[SESSION_ID_ID])) {
// set the Session ID to empty string
$_SESSION[SESSION_ID_ID] = '';
}
if ($_SESSION[SESSION_ID_ID] == '') {
$_SESSION[SESSION_ID_ID] = 0;
}
// Get current viewer ID from session ID
$this->viewerID = $_SESSION[SESSION_ID_ID];
// attempt to load a viewerManager object with current viewerID
$this->viewerManager = new RowManager_ViewerManager($this->viewerID);
if ($this->viewerManager->isLoaded()) {
// Update current Session ID with current ViewerID
$_SESSION[SESSION_ID_ID] = $this->viewerID;
if ($this->viewerManager->isActive()) {
$this->isAuthenticated = true;
} else {
$this->isAuthenticated = false;
}
} else {
// Info not stored in session, get from GCX
$this->isAuthenticated = false;
if (CASUser::checkAuth()) {
if (!empty($_SESSION['phpCAS']['guid'])) {
if ($this->validateLogin($_SESSION['phpCAS']['guid'])) {
// a user with this GUID exists in our system
$this->isAuthenticated = true;
} else {
// code added by Russ September 11, 2009
// a user with this GUID does not exist in our system - create them
$guid = $_SESSION['phpCAS']['guid'];
// echo "The GUID[".$guid."]<br/>";
$gcxUsername = $_SESSION['phpCAS']['user'];
// echo "The gcxUsername[".$gcxUsername."]<br/>";
// the gcxUsername is (supposed to be) an email
// check to see if there is a cim_hrdb_person record with this email
// the comparison needs to be case insensitive (since mysql is insensitive by default, no special doctoring is needed)
// search for person record
$personManager = new RowManager_PersonManager();
$foundPerson = $personManager->loadByEmail($gcxUsername);
// get the personID of the person that was searched
$personID = $personManager->getID();
// if record does not exist
// create one
// update the personID
if (!$foundPerson) {
// create a new person record
$newpersonManager = new RowManager_PersonManager();
$newpersonManager->setEmail($gcxUsername);
$newpersonManager->createNewEntry();
$personID = $newpersonManager->getID();
}
// link the personID to the GUID/viewer in the cim_hrdb_access table
// first, check to see if any entry already exists in the access table
// if foundPerson is true above, it's possible (may have been linked to old viewer/username but not promoted to GCX account yet)
$accessManager = new RowManager_AccessManager();
$accessEntryFound = $accessManager->loadByPersonID($personID);
$viewerID = -1;
$createNewViewer = true;
if ($accessEntryFound) {
$viewerID = $accessManager->getViewerID();
$viewerManager = new RowManager_ViewerManager($viewerID);
// double check to make sure the viewer referenced in the access table actually exists
$viewerAlreadyExists = $viewerManager->isLoaded();
if ($viewerAlreadyExists) {
// no need to create a new viewer
$createNewViewer = false;
// update the existing viewer with the GUID and gcxUsername
$viewerManager->setGUID($guid);
$viewerManager->setUserID($gcxUsername);
$viewerManager->setLastLogin();
$viewerManager->updateDBTable();
}
// viewerAlreadyExists
}
// accessEntryFound
if ($createNewViewer) {
// create new viewer (user)
$newviewerManager = new RowManager_ViewerManager();
$newviewerManager->setPassWord('xxx');
$newviewerManager->setUserID($gcxUsername);
$newviewerManager->setLanguageID(1);
// english
// TODO this value should not be hard-coded for the account group
$newviewerManager->setAccountGroupID(15);
// the 'unknown' group
$newviewerManager->setIsActive(true);
$newviewerManager->setGUID($guid);
$newviewerManager->setLastLogin();
$newviewerManager->createNewEntry();
$viewerID = $newviewerManager->getID();
// get the ID of the newly created viewer
if ($accessEntryFound) {
// update the access table to reference the newly created viewer for the persoa
// this is the case where an access table entry may have been orphaned due to the deletion of a viewer
$accessManager->setViewerID($viewerID);
$accessManager->updateDBTable();
} else {
// create an access table entry
$newaccessManager = new RowManager_AccessManager();
$newaccessManager->setViewerID($viewerID);
$newaccessManager->setPersonID($personID);
$newaccessManager->createNewEntry();
}
}
// put into the 'all' access group
$viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
$viewerAccessGroupManager->setViewerID($viewerID);
$viewerAccessGroupManager->setAccessGroupID(ALL_ACCESS_GROUP);
// add to the 'all' access group
$viewerAccessGroupManager->createNewEntry();
// Debugging code added by Russ Martin
// echo "validate login failed<br/>";
// echo "<pre>".print_r($_SESSION,true)."</pre>";
// try again to see if everything updated correctly
if ($this->validateLogin($guid)) {
// a user/viewer with this GUID now exists in our system
$this->isAuthenticated = true;
} else {
echo "Something has gone wrong: gcxUsername[" . $gcxUsername . "], guid[" . $guid . "]<br/>";
}
}
} else {
// Debugging code added by Russ Martin
// echo "session variable for storing GUID is empty<br/>";
}
} else {
// Debugging code added by Russ Martin
// echo "CASUser::checkAuth() failed<br/>";
}
}
// set hasSession
$this->hasSession = $this->viewerID != '';
// if no session
if (!$this->hasSession) {
// User Credentials are invalid so
// if they want me to destroy the session then
if ($isDestroySession == true) {
// Remove session
// session_destroy();
}
}
}
/**
* function deleteEntry
* <pre>
* Removes the DB table entry. Also, since this table also has linked
* items in the viewer access group table, it makes sure those are removed
* as well.
* </pre>
* @return [void]
*/
function deleteEntry()
{
// get a viewerAccessGroup manager
$viewerAccess = new RowManager_ViewerAccessGroupManager();
// now update it so that it's condition is based on this viewer id
$condition = $this->getPrimaryKeyField() . '=' . $this->getID();
$viewerAccess->setDBCondition($condition);
$viewerAccess->deleteEntry();
// now continue with remove of this entry...
parent::deleteEntry();
}
/**
* function getGroupLinks
* <pre>
* Returns an array of links linked directly to groups this viewer is
* linked to.
* </pre>
* @param $viewerID [INTEGER] the viewer_id of the person to make a cache
* entry for.
* @param $languageID [INTEGER] the language_id of the cache entry
* @return [ARRAY]
*/
function getGroupLinks($viewerID, $languageID)
{
$resultArray = array();
// create Link RowLabelBridge
$linkManager = new RowManager_NavBarLinksManager();
$multiLingualContext = new MultilingualManager($languageID, 'moduleNavBar', 'navBarLinks');
$bridgeManager = $linkManager->getRowLabelBridge($multiLingualContext);
// add to it the LinkAccessGroup table
$linkGroup = new RowManager_NavLinkAccessGroupManager();
$joinPair = new JoinPair($linkGroup->getJoinOnLinkID(), $linkManager->getJoinOnLinkID());
$bridgeManager->addRowManager($linkGroup, $joinPair);
// add to it the ViewerAccessGroup Table
$viewerAccessGroup = new RowManager_ViewerAccessGroupManager();
$viewerAccessGroup->setViewerID($viewerID);
$joinPair = new JoinPair($viewerAccessGroup->getJoinOnGroupID(), $linkGroup->getJoinOnGroupID());
$bridgeManager->addRowManager($viewerAccessGroup, $joinPair);
// get list of entries
$list = $bridgeManager->getListIterator();
// for each item
$list->setFirst();
while ($link = $list->getNext()) {
// add to resultArray
$resultArray[] = $link->getArrayOfValues();
}
// next item
return $resultArray;
}
/**
* function getHTML
* <pre>
* This method returns the HTML data generated by this object.
* </pre>
* @param $pageContentHTML [STRING] the html generated by the pageDisplay
* object.
* @return [STRING] HTML Display data.
*/
function getHTML($pageContentHTML)
{
// Create a new Template Object
$this->template = new Template($this->pathModuleRoot . 'templates/');
// store the page labels
$this->template->setXML('pageLabels', $this->labels->getLabelXML());
// store the pageDisplay object's html
$this->template->set('pageContent', $pageContentHTML);
// store the path to root. Useful for accessing site images and
// resources.
$this->template->set('pathToRoot', $this->pathModuleRoot);
// special variables added by RM
$this->template->set('viewerID', $this->viewer->getUserID());
$viewerID = $this->viewer->getViewerID();
// the permissions are scaled if you have n permission you all have any permission < n
$accessLevel = 'unknown';
$accessGroupManager = new RowManager_ViewerAccessGroupManager();
if ($accessGroupManager->loadByViewerAccessGroup($viewerID, 45)) {
$accessLevel = 'National';
} else {
if ($accessGroupManager->loadByViewerAccessGroup($viewerID, 44)) {
$accessLevel = 'Regional';
} else {
if ($accessGroupManager->loadByViewerAccessGroup($viewerID, 43)) {
$accessLevel = 'Campus Director';
} else {
if ($accessGroupManager->loadByViewerAccessGroup($viewerID, 42)) {
$accessLevel = 'Stats Coordinator';
} else {
if ($accessGroupManager->loadByViewerAccessGroup($viewerID, 41)) {
$accessLevel = 'Staff Level';
}
}
}
}
}
$this->template->set('accessLevel', $accessLevel);
// return the html from the commong display template
return $this->template->fetch('obj_CommonDisplay.php');
}
/**
* function processData
* <pre>
* Processes the data for this form.
* </pre>
* @return [void]
*/
function processData()
{
// now get list of NEW Groups added to this Account
$addedList = array();
for ($indx = 0; $indx < count($this->submittedGroups); $indx++) {
$id = $this->submittedGroups[$indx];
// if id not in currentGroupList then add to addList
if (!isset($this->currentGroupList[$id])) {
$addedList[] = $id;
}
}
// foreach added group
$viewerAccessGroup = new RowManager_ViewerAccessGroupManager();
$accessGroupManager = new RowManager_AccessGroupManager();
$adminAccessGroupID = $accessGroupManager->getAdminAccessGroupID();
//print($adminAccessGroupID . "<br>");
for ($indx = 0; $indx < count($addedList); $indx++) {
// create new entry
$viewerAccessGroup->createNewEntry();
// load values
$values = array();
$values['viewer_id'] = $this->viewer_id;
$values['accessgroup_id'] = $addedList[$indx];
$viewerAccessGroup->loadFromArray($values);
// update DB Table
$viewerAccessGroup->updateDBTable();
//add to table accountadmin_accountadminaccess if acces group is adminAccesGroup
if ($values['accessgroup_id'] == $adminAccessGroupID) {
$aam = new RowManager_AccountAdminAccessManager();
$aam->setViewerID($this->viewer_id);
$aam->setGroupPrivilege();
$aam->createNewEntry();
}
}
// next group
$languageManager = new RowManager_LanguageManager();
$languageList = $languageManager->getListIterator();
$languageList->setFirst();
while ($language = $languageList->getNext()) {
$navbar = new RowManager_NavBarCacheManager();
$navbar->loadByViewerID($this->viewer_id, $language->getID());
if ($navbar->getID() != -1) {
$navbar->setCacheInvalid();
$navbar->updateDBTable();
}
}
// get list of DELETED Groups from this account
$deletedList = array();
foreach ($this->currentGroupList as $key => $value) {
if (!in_array($key, $this->submittedGroups)) {
$deletedList[] = $key;
}
}
// foreach deleted group
for ($indx = 0; $indx < count($deletedList); $indx++) {
// if we can load a manager for this account with this group then
if ($viewerAccessGroup->loadByViewerAccessGroup($this->viewer_id, $deletedList[$indx])) {
// delete
$viewerAccessGroup->deleteEntry();
if ($deletedList[$indx] == $adminAccessGroupID) {
$aam = new RowManager_AccountAdminAccessManager();
$aam->setViewerID($this->viewer_id);
//$aam->setGroupPrivilege();
//print("before delete");
$aam->deleteEntry();
}
}
}
// next group
// update currentGroupList with submittedGroupList
$groupList = new ViewerAccessGroupList($this->viewer_id, $this->sortBy);
$this->currentGroupList = $groupList->getAccessGroupArray();
}
