/** * Obtiene el número de cuentas que un usuario puede ver. * * @return false|int con el número de registros */ public function getAccountMax() { $data = null; if (!Session::getUserIsAdminApp() && !Session::getUserIsAdminAcc()) { $query = 'SELECT COUNT(DISTINCT account_id) as numacc ' . 'FROM accounts ' . 'LEFT JOIN accGroups ON account_id = accgroup_accountId ' . 'WHERE account_userGroupId = :userGroupId ' . 'OR account_userId = :userId ' . 'OR accgroup_groupId = :groupId'; $data['userGroupId'] = Session::getUserGroupId(); $data['groupId'] = Session::getUserGroupId(); $data['userId'] = Session::getUserId(); } else { $query = "SELECT COUNT(*) as numacc FROM accounts"; } $queryRes = DB::getResults($query, __FUNCTION__, $data); if ($queryRes === false) { return false; } return $queryRes->numacc; }
/** * Comprueba los permisos de acceso a una cuenta. * * @param string $module con la acción realizada * @param array $accountData con los datos de la cuenta a verificar * @return bool */ public static function checkAccountAccess($module, $accountData) { $userGroupId = Session::getUserGroupId(); $userId = Session::getUserId(); $userIsAdminApp = Session::getUserIsAdminApp(); $userIsAdminAcc = Session::getUserIsAdminAcc(); $userToGroups = in_array($userGroupId, Groups::getUsersForGroup($accountData['group_id'])); if ($userToGroups === false) { foreach ($accountData['groups_id'] as $groupId) { $users = Groups::getUsersForGroup($groupId); if ($userGroupId === $groupId || in_array($userId, $users)) { $userToGroups = true; } } } $okView = $userId == $accountData['user_id'] || $userGroupId == $accountData['group_id'] || in_array($userId, $accountData['users_id']) || $userToGroups || $userIsAdminApp || $userIsAdminAcc; $okEdit = $userId == $accountData['user_id'] || $userGroupId == $accountData['group_id'] || in_array($userId, $accountData['users_id']) && $accountData['otheruser_edit'] || $userToGroups && $accountData['othergroup_edit'] || $userIsAdminApp || $userIsAdminAcc; switch ($module) { case self::ACTION_ACC_VIEW: case self::ACTION_ACC_VIEW_PASS: case self::ACTION_ACC_VIEW_HISTORY: case self::ACTION_ACC_COPY: return $okView; case self::ACTION_ACC_EDIT: case self::ACTION_ACC_DELETE: case self::ACTION_ACC_EDIT_PASS: return $okEdit; } return false; }