<?php
session_start();
ini_set("include_path", ".:/usr/share/ossim/include:/usr/share/phpgacl");
include "gacl.class.php";
require_once 'ossim_conf.inc';
$conf = $GLOBALS["CONF"];
/* include default $gacl_options */
//require_once ("$phpgacl_path/admin/gacl_admin.inc.php");
$ACL_OPTIONS = array('db_type' => $conf->get_conf("ossim_type"), 'db_host' => $conf->get_conf("ossim_host"), 'db_port' => $conf->get_conf("ossim_port"), 'db_user' => $conf->get_conf("ossim_user"), 'db_password' => $conf->get_conf("ossim_pass"), 'db_name' => "ossim_acl");
$user = $argv[1];
if (preg_match("/pro|demo/", $conf->get_conf("ossim_server_version", FALSE))) {
require_once 'classes/Session.inc';
$allowedSensors = Session::allowedSensors($user);
} else {
$gacl = new gacl($ACL_OPTIONS);
$allowedSensors = $gacl->acl_return_value("DomainAccess", "Sensors", "users", $user);
}
$requested = array();
if ($argv[2] != "") {
$requested = explode("|", $argv[2]);
}
$sensors = array();
if ($allowedSensors != "") {
$sensors_aux = explode(",", str_replace(",,", ",", $allowedSensors));
foreach ($sensors_aux as $s) {
if ($s != "") {
$sensors[$s]++;
}
}
} else {
/**
* User access level
*/
function getAccessGid()
{
static $access;
if (!isset($access)) {
$acl = new gacl();
$access = $this->id > 0 ? 1 : 0;
$access += $acl->acl_check('action', 'access', 'users', $this->usertype, 'frontend', 'special');
}
return $access;
}
echo "Error creating ACL.<br>\n";
}
unset($result);
echo "<br>\n<br>\n";
echo "-- Lets test our work --<br>\n";
/*
* Awesome, we've setup our ACL system just the way we want it. Now for the easy part,
* the code to check ACLs.
*
* Keep in the mind the API class does not need to be included in scripts that just
* check ACLs. This is for performance reasons of course.
*
* I'm including gacl.class.php again here just to give you the full picture of what you
* need in each script to check ACLs.
*/
require_once AMP_PATH_PHPGACL . '/gacl.class.php';
$gacl = new gacl($gacl_options);
//Use the same options as above.
if ($gacl->acl_check('system', 'login', 'users', 'john_doe')) {
echo "John Doe has been granted access to login!<br>\n";
} else {
echo "John Doe has been denied access to login!<br>\n";
}
if ($gacl->acl_check('system', 'login', 'users', 'jane_doe')) {
echo "Jane Doe has been granted access to login!<br>\n";
} else {
echo "Jane Doe has been denied access to login!<br>\n";
}
echo "<br>\n<br>\nDone! Now how easy was that? <br>\n";
echo "Remember to check out the <a href=admin/acl_list.php>Administration Interface</a> which can do all of the above in a few simple clicks.<br>\n<br>\n";
echo "<b>If you run this script more then once, you may get some errors, as duplicate object entries can not be created.</b><br>\n";
echo "=================================================================================================<br>\n";
echo "-- Good stuff thats it all done as of the top of Page 8! - so lets test a couple of scenarios --<br>\n";
echo "=================================================================================================<br>\n";
}
/*
* Awesome, we've setup our ACL system just the way we want it. Now for the easy part,
* the code to check ACLs.
*
* Keep in the mind the API class does not need to be included in scripts that just
* check ACLs. This is for performance reasons of course.
*
* I'm including gacl.class.php again here just to give you the full picture of what you
* need in each script to check ACLs.
*/
require_once dirname(__FILE__) . '/../../../gacl.class.php';
$gacl = new gacl($gacl_options);
//Use the same options as above.
// Lets check Han has access to the cockpit
if ($gacl->acl_check('access', 'cockpit', 'crew', 'han')) {
if ($outputDebug == TRUE) {
echo "Han has been granted access to the cockpit!<br>\n";
}
} else {
if ($outputDebug == TRUE) {
echo "Han has been denied access to the cockpit!<br>\n";
}
}
// Lets check Luke has access to the cockpit *should fail!
if ($gacl->acl_check('access', 'cockpit', 'crew', 'Luke')) {
if ($outputDebug == TRUE) {
echo "Luke has been granted access to the cockpit!<br>\n";
