/** * Establecer las variables para la consulta de usuarios. * * @param int $itemId opcional, con el Id del usuario a consultar * @return false|array con la lista de usuarios */ public static function getUsers($itemId = null) { $data = null; if (!is_null($itemId)) { $query = 'SELECT user_id,' . 'user_name,' . 'user_login,' . 'user_profileId,' . 'user_groupId,' . 'user_email,' . 'user_notes,' . 'BIN(user_isAdminApp) AS user_isAdminApp,' . 'BIN(user_isAdminAcc) AS user_isAdminAcc,' . 'BIN(user_isLdap) AS user_isLdap,' . 'BIN(user_isDisabled) AS user_isDisabled,' . 'BIN(user_isChangePass) AS user_isChangePass,' . 'user_count,' . 'user_lastLogin,' . 'user_lastUpdate, ' . 'FROM_UNIXTIME(user_lastUpdateMPass) as user_lastUpdateMPass ' . 'FROM usrData ' . 'LEFT JOIN usrProfiles ON user_profileId = userprofile_id ' . 'LEFT JOIN usrGroups ON usrData.user_groupId = usergroup_id ' . 'WHERE user_id = :id LIMIT 1'; $data['id'] = $itemId; } else { $query = 'SELECT user_id,' . 'user_name,' . 'user_login,' . 'userprofile_name,' . 'usergroup_name,' . 'BIN(user_isAdminApp) AS user_isAdminApp,' . 'BIN(user_isAdminAcc) AS user_isAdminAcc,' . 'BIN(user_isLdap) AS user_isLdap,' . 'BIN(user_isDisabled) AS user_isDisabled,' . 'BIN(user_isChangePass) AS user_isChangePass ' . 'FROM usrData ' . 'LEFT JOIN usrProfiles ON user_profileId = userprofile_id ' . 'LEFT JOIN usrGroups ON usrData.user_groupId = usergroup_id '; $query .= !Session::getUserIsAdminApp() ? 'WHERE user_isAdminApp = 0 ORDER BY user_name' : 'ORDER BY user_name'; } DB::setReturnArray(); return DB::getResults($query, __FUNCTION__, $data); }
/** * Obtiene el número de cuentas que un usuario puede ver. * * @return false|int con el número de registros */ public function getAccountMax() { $data = null; if (!Session::getUserIsAdminApp() && !Session::getUserIsAdminAcc()) { $query = 'SELECT COUNT(DISTINCT account_id) as numacc ' . 'FROM accounts ' . 'LEFT JOIN accGroups ON account_id = accgroup_accountId ' . 'WHERE account_userGroupId = :userGroupId ' . 'OR account_userId = :userId ' . 'OR accgroup_groupId = :groupId'; $data['userGroupId'] = Session::getUserGroupId(); $data['groupId'] = Session::getUserGroupId(); $data['userId'] = Session::getUserId(); } else { $query = "SELECT COUNT(*) as numacc FROM accounts"; } $queryRes = DB::getResults($query, __FUNCTION__, $data); if ($queryRes === false) { return false; } return $queryRes->numacc; }
/** * Comprueba los permisos de acceso a una cuenta. * * @param string $module con la acción realizada * @param array $accountData con los datos de la cuenta a verificar * @return bool */ public static function checkAccountAccess($module, $accountData) { $userGroupId = Session::getUserGroupId(); $userId = Session::getUserId(); $userIsAdminApp = Session::getUserIsAdminApp(); $userIsAdminAcc = Session::getUserIsAdminAcc(); $userToGroups = in_array($userGroupId, Groups::getUsersForGroup($accountData['group_id'])); if ($userToGroups === false) { foreach ($accountData['groups_id'] as $groupId) { $users = Groups::getUsersForGroup($groupId); if ($userGroupId === $groupId || in_array($userId, $users)) { $userToGroups = true; } } } $okView = $userId == $accountData['user_id'] || $userGroupId == $accountData['group_id'] || in_array($userId, $accountData['users_id']) || $userToGroups || $userIsAdminApp || $userIsAdminAcc; $okEdit = $userId == $accountData['user_id'] || $userGroupId == $accountData['group_id'] || in_array($userId, $accountData['users_id']) && $accountData['otheruser_edit'] || $userToGroups && $accountData['othergroup_edit'] || $userIsAdminApp || $userIsAdminAcc; switch ($module) { case self::ACTION_ACC_VIEW: case self::ACTION_ACC_VIEW_PASS: case self::ACTION_ACC_VIEW_HISTORY: case self::ACTION_ACC_COPY: return $okView; case self::ACTION_ACC_EDIT: case self::ACTION_ACC_DELETE: case self::ACTION_ACC_EDIT_PASS: return $okEdit; } return false; }