Exemple #1
0
#Helena F Deus (helenadeus@gmail.com)
ini_set('display_errors', 0);
if ($_REQUEST['su3d']) {
    ini_set('display_errors', 1);
}
if ($_SERVER['HTTP_X_FORWARDED_HOST'] != '') {
    $def = $_SERVER['HTTP_X_FORWARDED_HOST'];
} else {
    $def = $_SERVER['HTTP_HOST'];
}
if (file_exists('../config.inc.php')) {
    include '../config.inc.php';
} else {
    Header('Location: http://' . $def . '/s3db/');
    exit;
}
$key = $_GET['key'];
#echo '<pre>';print_r($_GET);
#Get the key, send it to check validity
include_once '../core.header.php';
#Universal variables
$class_id = $_REQUEST['collection_id'] != '' ? $_REQUEST['collection_id'] : $_REQUEST['class_id'];
if ($class_id) {
    $pl = permission4Resource(array('uid' => 'C' . $class_id, 'shared_with' => 'U' . $user_id, 'db' => $db, 'user_id' => $user_id));
    #$info['C'.$class_id] = URIinfo('C'.$class_id, $user_id, $key, $db);
    $pl = permission_level($pl, 'C' . $class_id, $user_id, $db);
    if (!$pl['view'] && !$pl['propagate']) {
        echo "User does not have access to view or query this collection";
        exit;
    }
}
Exemple #2
0
function include_all($x)
{
    extract($x);
    #add a few extra variables that will be usefull in the output;
    #x = array('elements'=>, 'element_info'=>, 'user_id'=>, 'db'=>)
    #Example: $data = include_all(compact('elements', 'element_info', 'user_id', 'db'));
    #when there is no resource_class_id, find it from the project where instance was created. WILL ASSUME THAT RESOURCE_CLASS_ID FILLED OUT IS A REQUIREMENT FOR ALL S3DB THAT SHARE RULES
    if ($_REQUEST['project_id'] == '') {
        $project_id = $element_info['project_id'];
    } else {
        $project_id = $_REQUEST['project_id'];
    }
    if (!$model) {
        $model = 'nsy';
    }
    if ($letter == '') {
        $letter = strtoupper(substr($elements, 0, 1));
    }
    if (is_array($GLOBALS['s3map'][$GLOBALS['plurals'][$GLOBALS['s3codes'][$letter]]])) {
        foreach ($GLOBALS['s3map'][$GLOBALS['plurals'][$GLOBALS['s3codes'][$letter]]] as $replace => $with) {
            $element_info[$replace] = $element_info[$with];
        }
    }
    #if element is a class, return the class id
    if ($letter == 'D') {
        $element_info['acl'] = $user_id == '1' ? '222' : (user_is_admin($user_id, $db) ? '212' : (user_is_public($user_id, $db) ? '210' : '211'));
        $element_info['created_by'] = $user_id;
        $element_info['description'] = $GLOBALS['s3db_info']['server']['site_intro'];
        $element_info['name'] = $GLOBALS['s3db_info']['server']['site_title'];
        if ($element_info['deployment_id'] == $GLOBALS['s3db_info']['deployment']['Did']) {
            $element_info['self'] = 1;
        }
    }
    if ($letter == 'G') {
        #echo '<pre>';print_r($x);exit;
        $e = 'groups';
        #$element_info['group_id'] = $element_info['account_id'];
        #$element_info['groupname'] = $element_info['account_uname'];
        #$element_info['acl'] = groupAcl($element_info, $user_id, $db);
        $uid_info = uid($element_info['account_id']);
        $element_info['deployment_id'] = ereg_replace('^D', '', $uid_info['Did']);
        $strictuid = 1;
        $strictsharedwith = 1;
        $uid = 'G' . $element_info['group_id'];
        $shared_with = 'U' . $user_id;
        #$element_info['acl'] = permissionOnResource(compact('user_id', 'shared_with', 'db', 'uid','key','strictsharedwith','strictuid'));
        $element_info['acl'] = groupAcl($element_info, $user_id, $db, $timer);
        if ($timer) {
            $timer->setMarker('Included resource information for ' . $letter);
        }
        #echo '<pre>';print_r($element_info);exit;
    }
    if ($letter == 'U') {
        if ($element_info['account_addr_id'] != '') {
            $sql = "select * from s3db_addr where addr_id = '" . $element_info['account_addr_id'] . "'";
            $fields = array('addr1', 'addr2', 'city', 'state', 'postal_code', 'country');
            $db->query($sql);
            while ($db->next_record()) {
                for ($i = 0; $i < count($fields); $i++) {
                    $element_info[$fields[$i]] = $db->f($fields[$i]);
                }
            }
            $element_info = array_delete($element_info, 'account_addr_id');
        }
        $element_info['user_id'] = $element_info['account_id'];
        $element_info['username'] = $element_info['account_uname'];
        $element_info['login'] = $element_info['account_lid'];
        $element_info['address'] = $element_info['addr1'];
        $uid_info = uid($element_info['account_id']);
        $element_info['deployment_id'] = ereg_replace('^D', '', $uid_info['Did']);
        if ($user_id != '1' && $element_info['created_by'] != $user_id && $element_info['account_id'] != $user_id) {
            #if user is not seing himself and user is not admin and user was not the creator of element, then hide address, email, phone, etc.
            $keys2Remove = array('account_email' => '', 'account_phone' => '', 'addr1' => '', 'addr2' => '', 'city' => '', 'state' => '', 'postal_code' => '', 'country' => '');
            if (is_array($element_info)) {
                $element_info = array_diff_key($element_info, $keys2Remove);
            }
        }
        if ($user_id != '1' && $element_info['created_by'] != $user_id && $user_id != $element_info['account_id']) {
            if (is_array($element_info)) {
                $element_info = array_diff_key($element_info, array('account_type' => '', 'account_status' => ''));
            }
        } else {
            //if this user has been created with a filter, what is that filter
            $permission_info = array('uid' => 'U' . $element_info['created_by'], 'shared_with' => 'U' . $element_info['account_id']);
            $hp = has_permission($permission_info, $db);
            if ($hp) {
                $element_info['filter'] = $hp;
            }
        }
        if (is_array($element_info)) {
            $element_info = array_diff_key($element_info, array('account_pwd' => ''));
        }
        $user_id_who_asks = $user_id;
        $uid = 'U' . $element_info['user_id'];
        $shared_with = $user_id_who_asks;
        $strictuid = 1;
        $strictsharedwith = 1;
        $onPermissions = compact('user_id', 'shared_with', 'db', 'uid', 'key', 'strictsharedwith', 'strictuid');
        if ($element_info['acl'] == '') {
            $element_info['acl'] = userAcl(compact('key', 'element_info', 'user_id_who_asks', 'db'));
        }
    }
    if ($letter == 'P') {
        $element_info['name'] = $element_info['project_name'];
        $element_info['description'] = $element_info['project_description'];
        $id = 'P' . $element_info['project_id'];
        $uid = 'P' . $element_info['project_id'];
    }
    if ($letter == 'C') {
        $element_info['class_id'] = $element_info['resource_id'];
        $element_info['collection_id'] = $element_info['class_id'];
        $element_info['name'] = $element_info['entity'];
        $element_info['description'] = $element_info['notes'];
        #project_id to search for rule_id will be the same from the class
        $uid = 'C' . $element_info['resource_id'];
    }
    #if element is a rule, return the class_id of the subject. If the object is a class, return the object_id... to discuss with jonas
    if ($letter == 'R') {
        $uid = 'R' . $element_info['rule_id'];
    }
    #if this is an instance, return the class_id => ASSUMING THAT EVERY S3DB THAT HAS SHARED RULES HAS RESOURCECLASSID IN INSTANCE.
    if ($letter == 'I') {
        if ($element_info['resource_class_id'] != '') {
            $element_info['class_id'] = $element_info['resource_class_id'];
        }
        $element_info['instance_id'] = $element_info['resource_id'];
        $element_info['item_id'] = $element_info['instance_id'];
        $element_info['collection_id'] = $element_info['class_id'];
        $instance_id = $element_info['instance_id'];
        $uid = 'I' . $element_info['instance_id'];
    }
    if ($letter == 'S') {
        $uid = 'S' . $element_info['statement_id'];
        $info[$id] = $element_info;
        $statement_id = $element_info['statement_id'];
        $element_info['instance_id'] = $element_info['resource_id'];
        $element_info['item_id'] = $element_info['instance_id'];
        $element_info['instance_notes'] = $info['I' . $element_info['instance_id']]['notes'];
        if ($info['R' . $element_info['rule_id']] == '') {
            $info['R' . $element_info['rule_id']] = s3info('rule', $element_info['rule_id'], $db);
        }
        $element_info['object_notes'] = notes($element_info['value'], $db);
        $element_info['project_folder'] = $element_info['value'];
        $element_info = include_fileLinks($element_info, $db);
        $element_info['subject'] = $info['R' . $element_info['rule_id']]['subject'];
        $element_info['verb'] = $info['R' . $element_info['rule_id']]['verb'];
        $element_info['object'] = $info['R' . $element_info['rule_id']]['object'];
        $element_info['subject_id'] = $info['R' . $element_info['rule_id']]['subject_id'];
        $element_info['verb_id'] = $info['R' . $element_info['rule_id']]['verb_id'];
        $element_info['object_id'] = $info['R' . $element_info['rule_id']]['object_id'];
    }
    $strictuid = 1;
    $strictsharedwith = 1;
    $shared_with = 'U' . $user_id;
    $toFindInfo = $element_info;
    $onPermissions = compact('user_id', 'shared_with', 'db', 'uid', 'key', 'strictsharedwith', 'strictuid', 'timer', 'toFindInfo');
    if ($element_info['acl'] == '') {
        $element_info['acl'] = permission4Resource($onPermissions);
    }
    $element_info['permission_level'] = $element_info['acl'];
    if (!$element_info['effective_permission']) {
        $element_info['effective_permission'] = $element_info['acl'];
    }
    if (!$element_info['assigned_permission']) {
        $pp = array('uid' => $uid, 'shared_with' => $shared_with);
        $tmp = has_permission($pp, $db);
        if ($tmp) {
            $element_info['assigned_permission'] = $tmp;
        } else {
            $element_info['assigned_permission'] = '---';
        }
    }
    #Define if ser can view or not view data. View is the first number in the 3d code.
    $permission2user = permissionModelComp($element_info['permission_level']);
    ##According to the model, change the values of assigned_permission from prevous versions
    $element_info['assigned_permission'] = str_replace(array('0', '1', '2'), str_split($model), $element_info['assigned_permission']);
    $isOwner = $element_info['created_by'] == $user_id;
    $element_info['view'] = allowed($permission2user, 0, $isOwner, $state = 3, $model);
    $element_info['change'] = allowed($permission2user, 1, $isOwner, $state = 3, $model);
    $element_info['propagate'] = allowed($permission2user, 2, $isOwner, $state = 3, $model);
    #create the element "delete", in case it is eventually created...For now it is the same as change
    $element_info['delete'] = $element_info['change'];
    $element_info['delete_data'] = $element_info['add_data'];
    $element_info['add_data'] = $element_info['propagate'];
    return $element_info;
}
Exemple #3
0
function includeAllData($pack)
{
    extract($pack);
    $element2query = $element2query == '' ? $s3ql['from'] : $element2query;
    #echo '<pre>';print_r($data);exit;
    $letter = letter($element2query);
    $element = $GLOBALS['s3codes'][$letter];
    if ($user_id != '1') {
        if (count($data) >= 4) {
            if (!ereg('^U|^G', $letter)) {
                $Z = compact('user_id', 'db', 'uidQuery', 'timer', 'WhereInfo', 'shared_with_query');
                $Z['toFind'] = $letter;
                $Z['shared_with_user'] = '******' . $user_id;
                $ids = permissionPropagation($Z);
            }
        }
    }
    if (ereg('^U|^G', $letter) && $WhereInfo) {
        $whereId = array_keys($WhereInfo);
        if (count($whereId) > 1) {
            $array = array();
            return $array;
        } else {
            $whereId = $whereId[0];
            #Tlist provides the list of resources that are shared with the uid of interest, including users & groups
            $Hlist = bottom_up_propagation_list($whereId, $db);
            $Tlist = user_included_bottom_up_propagation_list('U', $whereId, $user_id, $db);
            $resourceUsers = s3dbPercolate($Hlist, $Tlist, $letter);
            if ($_REQUEST['su3d']) {
            }
        }
    }
    ##Remove from data the uids that do not exist in ids
    $str = $GLOBALS['s3ids'][$GLOBALS['s3codes'][$letter]];
    $re_issued = array();
    if (is_array($data)) {
        foreach ($data as $ind => $array) {
            $uid = $letter . $array[$str];
            if ($uid != '') {
                if ($user_id != '1') {
                    if (is_array($ids)) {
                        if (!ereg('^U|^G', $letter)) {
                            if ($ids[$uid] != '') {
                                $array['acl'] = $ids[$uid];
                            } else {
                                $array = array();
                            }
                        } else {
                            if ($resourceUsers) {
                                if (in_array($uid, array_keys($resourceUsers))) {
                                    $array['permissionOnResource'] = $resourceUsers[$uid];
                                } else {
                                    $array = array();
                                }
                            }
                            #else {
                            #	 $array=array();
                            #}
                        }
                    } else {
                        $strictuid = 1;
                        $strictsharedwith = 1;
                        $shared_with = 'U' . $user_id;
                        $P = compact('uid', 'shared_with', 'user_id', 'db', 'strictuid', 'strictsharedwith', 'stream', 'timer');
                        if (!ereg('^U|^G', $letter)) {
                            $array['acl'] = permission4Resource($P);
                            $array['permission_level'] = $array['acl'];
                            $permission2user = permissionModelComp($array['permission_level']);
                            $isOwner = $array['created_by'] == $user_id;
                            $array['view'] = allowed($permission2user, 0, $isOwner);
                            $array['change'] = allowed($permission2user, 1, $isOwner);
                            $array['propagate'] = allowed($permission2user, 2, $isOwner);
                            #create the element "delete", in case it is eventually created...For now it is the same as change
                            $array['delete'] = $array['change'];
                            $array['add_data'] = $array['propagate'];
                            $array['delete_data'] = $array['add_data'];
                        } else {
                            if ($resourceUsers) {
                                if (in_array($uid, array_keys($resourceUsers))) {
                                    $array['permissionOnResource'] = $resourceUsers[$uid];
                                } else {
                                    $array = array();
                                }
                            }
                            #else {
                            #	 $array=array();
                            #}
                        }
                    }
                } else {
                    $array['acl'] = 'yyy';
                    if (ereg('^U|^G', $letter) && $resourceUsers) {
                        if ($resourceUsers) {
                            if (in_array($uid, array_keys($resourceUsers))) {
                                $array['permissionOnResource'] = $resourceUsers[$uid];
                            } else {
                                $array = array();
                            }
                        }
                        #else {
                        #	 $array=array();
                        #}
                    }
                }
            }
            if (!empty($array)) {
                $re_issued[$uid] = $array;
                $element_info = $re_issued[$uid];
                $info = $WhereInfo;
                $C = compact('letter', 'info', 'elements', 'element_info', 'user_id', 'db', 'key', 'timer', 'model');
                $element_info = include_all($C);
                $element_info['uri'] = S3DB_URI_BASE . '/' . $letter . $array[$str];
                #$element_info['uri'] = str_replace('central', 'TCGA', S3DB_URI_BASE.'/'.$letter.$array[$str]);
                $pack['uid'] = $uid;
                $pack['info'] = $element_info;
                $element_info = filterDataForQuery($pack);
                if ($timer) {
                    $timer->setMarker('Filter Data For The Query');
                }
                $re_issued[$uid] = $element_info;
            }
        }
    }
    $data = array_values(array_filter($re_issued));
    return $data;
}