public function GetPermissions($objectId) { $userGroup = new UserGroup(); if (!($result = $userGroup->GetPermissionsForObject('lkcampaigngroup', 'CampaignID', $objectId))) { return $this->SetError($userGroup->GetErrorMessage()); } return $result; }
public function ListSecurity($dataSetId, $groupId) { if ($dataSetId == 0 || $dataSetId == '') { return $this->SetError(25001, __('Missing dataSetId')); } $userGroup = new UserGroup(); if (!($result = $userGroup->GetPermissionsForObject('lkdatasetgroup', 'DataSetID', $dataSetId))) { return $this->SetError($userGroup->GetErrorMessage()); } $security = array(); foreach ($result as $row) { $security[] = array('groupid' => Kit::ValidateParam($row['groupid'], _INT), 'group' => Kit::ValidateParam($row['group'], _STRING), 'view' => Kit::ValidateParam($row['view'], _INT), 'edit' => Kit::ValidateParam($row['edit'], _INT), 'del' => Kit::ValidateParam($row['del'], _INT), 'isuserspecific' => Kit::ValidateParam($row['isuserspecific'], _INT)); } return $security; }
/** * Permissions form */ public function PermissionsForm() { $db =& $this->db; $user =& $this->user; $response = new ResponseManager(); $helpManager = new HelpManager($db, $user); if (!$this->auth->modifyPermissions) { trigger_error(__('You do not have permissions to edit this media'), E_USER_ERROR); } // List of all Groups with a view / edit / delete check box $permissions = new UserGroup(); if ($this->assignedMedia) { if (!($result = $permissions->GetPermissionsForObject('lklayoutmediagroup', NULL, NULL, sprintf(" AND lklayoutmediagroup.MediaID = '%s' AND lklayoutmediagroup.RegionID = '%s' AND lklayoutmediagroup.LayoutID = %d ", $this->mediaid, $this->regionid, $this->layoutid)))) { trigger_error($permissions->GetErrorMessage(), E_USER_ERROR); } } else { if (!($result = $permissions->GetPermissionsForObject('lkmediagroup', 'MediaID', $this->mediaid))) { trigger_error($permissions->GetErrorMessage(), E_USER_ERROR); } } if (count($result) <= 0) { trigger_error(__('Unable to get permissions'), E_USER_ERROR); } $checkboxes = array(); foreach ($result as $row) { $groupId = $row['groupid']; $rowClass = $row['isuserspecific'] == 0 ? 'strong_text' : ''; $checkbox = array('id' => $groupId, 'name' => Kit::ValidateParam($row['group'], _STRING), 'class' => $rowClass, 'value_view' => $groupId . '_view', 'value_view_checked' => $row['view'] == 1 ? 'checked' : '', 'value_edit' => $groupId . '_edit', 'value_edit_checked' => $row['edit'] == 1 ? 'checked' : '', 'value_del' => $groupId . '_del', 'value_del_checked' => $row['del'] == 1 ? 'checked' : ''); $checkboxes[] = $checkbox; } $formFields = array(); $formFields[] = FormManager::AddPermissions('groupids[]', $checkboxes); Theme::Set('form_fields', $formFields); // Set some information about the form Theme::Set('form_id', 'LayoutPermissionsForm'); Theme::Set('form_action', 'index.php?p=module&mod=' . $this->type . '&q=Exec&method=Permissions'); Theme::Set('form_meta', '<input type="hidden" name="layoutid" value="' . $this->layoutid . '" /><input type="hidden" name="regionid" value="' . $this->regionid . '" /><input type="hidden" name="mediaid" value="' . $this->mediaid . '" />'); $response->SetFormRequestResponse(NULL, __('Permissions'), '350px', '500px'); $response->AddButton(__('Help'), 'XiboHelpRender("' . ($this->layoutid != 0 ? $helpManager->Link('LayoutMedia', 'Permissions') : $helpManager->Link('Media', 'Permissions')) . '")'); if ($this->assignedMedia) { $response->AddButton(__('Cancel'), 'XiboSwapDialog("index.php?p=timeline&layoutid=' . $this->layoutid . '®ionid=' . $this->regionid . '&q=RegionOptions")'); } else { $response->AddButton(__('Cancel'), 'XiboDialogClose()'); } $response->AddButton(__('Save'), '$("#LayoutPermissionsForm").submit()'); return $response; }
/** * Sets the Members of a group * @return */ public function SetMembers() { $db =& $this->db; $response = new ResponseManager(); $groupObject = new UserGroup($db); $groupID = Kit::GetParam('GroupID', _REQUEST, _INT); $users = Kit::GetParam('UserID', _POST, _ARRAY, array()); $members = array(); // Users in group $SQL = ""; $SQL .= "SELECT user.UserID, "; $SQL .= " user.UserName "; $SQL .= "FROM `user` "; $SQL .= " INNER JOIN lkusergroup "; $SQL .= " ON lkusergroup.UserID = user.UserID "; $SQL .= sprintf("WHERE lkusergroup.GroupID = %d", $groupID); if (!($resultIn = $db->query($SQL))) { trigger_error($db->error()); trigger_error(__('Error getting Users')); } while ($row = $db->get_assoc_row($resultIn)) { // Test whether this ID is in the array or not $userID = Kit::ValidateParam($row['UserID'], _INT); if (!in_array($userID, $users)) { // Its currently assigned but not in the $displays array // so we unassign if (!$groupObject->Unlink($groupID, $userID)) { trigger_error($groupObject->GetErrorMessage(), E_USER_ERROR); } } else { $members[] = $userID; } } foreach ($users as $userID) { // Add any that are missing if (!in_array($userID, $members)) { if (!$groupObject->Link($groupID, $userID)) { trigger_error($groupObject->GetErrorMessage(), E_USER_ERROR); } } } $response->SetFormSubmitResponse(__('Group membership set'), false); $response->Respond(); }
/** * Show the Permissions for this Display Group */ public function PermissionsForm() { $db =& $this->db; $user =& $this->user; $response = new ResponseManager(); $helpManager = new HelpManager($db, $user); $displayGroupId = Kit::GetParam('DisplayGroupID', _GET, _INT); $auth = $this->user->DisplayGroupAuth($displayGroupId, true); if (!$auth->modifyPermissions) { trigger_error(__('You do not have permissions to edit this display group'), E_USER_ERROR); } // Set some information about the form Theme::Set('form_id', 'DisplayGroupPermissionsForm'); Theme::Set('form_action', 'index.php?p=displaygroup&q=Permissions'); Theme::Set('form_meta', '<input type="hidden" name="displayGroupId" value="' . $displayGroupId . '" />'); // List of all Groups with a view / edit / delete check box $permissions = new UserGroup(); if (!($result = $permissions->GetPermissionsForObject('lkdisplaygroupgroup', 'DisplayGroupID', $displayGroupId))) { trigger_error($permissions->GetErrorMessage(), E_USER_ERROR); } if (count($result) <= 0) { trigger_error(__('Unable to get permissions for this Display Group'), E_USER_ERROR); } $checkboxes = array(); foreach ($result as $row) { $groupId = $row['groupid']; $rowClass = $row['isuserspecific'] == 0 ? 'strong_text' : ''; $checkbox = array('id' => $groupId, 'name' => Kit::ValidateParam($row['group'], _STRING), 'class' => $rowClass, 'value_view' => $groupId . '_view', 'value_view_checked' => $row['view'] == 1 ? 'checked' : '', 'value_edit' => $groupId . '_edit', 'value_edit_checked' => $row['edit'] == 1 ? 'checked' : '', 'value_del' => $groupId . '_del', 'value_del_checked' => $row['del'] == 1 ? 'checked' : ''); $checkboxes[] = $checkbox; } $formFields = array(); $formFields[] = FormManager::AddPermissions('groupids[]', $checkboxes); Theme::Set('form_fields', $formFields); $response->SetFormRequestResponse(NULL, __('Permissions'), '350px', '500px'); $response->AddButton(__('Help'), 'XiboHelpRender("' . HelpManager::Link('DisplayGroup', 'Permissions') . '")'); $response->AddButton(__('Cancel'), 'XiboDialogClose()'); $response->AddButton(__('Save'), '$("#DisplayGroupPermissionsForm").submit()'); $response->Respond(); }
public function RegionPermissionsForm() { $db =& $this->db; $user =& $this->user; $response = new ResponseManager(); $helpManager = new HelpManager($db, $user); $layoutid = Kit::GetParam('layoutid', _GET, _INT); $regionid = Kit::GetParam('regionid', _GET, _STRING); Kit::ClassLoader('region'); $region = new region($db); $ownerId = $region->GetOwnerId($layoutid, $regionid); $regionAuth = $this->user->RegionAssignmentAuth($ownerId, $layoutid, $regionid, true); if (!$regionAuth->modifyPermissions) { trigger_error(__("You do not have permissions to edit this regions permissions"), E_USER_ERROR); } // List of all Groups with a view / edit / delete check box $permissions = new UserGroup(); if (!($result = $permissions->GetPermissionsForObject('lklayoutregiongroup', NULL, NULL, sprintf(" AND lklayoutregiongroup.LayoutID = %d AND lklayoutregiongroup.RegionID = '%s' ", $layoutid, $regionid)))) { trigger_error($permissions->GetErrorMessage(), E_USER_ERROR); } if (count($result) <= 0) { trigger_error(__('Unable to get permissions'), E_USER_ERROR); } $checkboxes = array(); foreach ($result as $row) { $groupId = $row['groupid']; $rowClass = $row['isuserspecific'] == 0 ? 'strong_text' : ''; $checkbox = array('id' => $groupId, 'name' => Kit::ValidateParam($row['group'], _STRING), 'class' => $rowClass, 'value_view' => $groupId . '_view', 'value_view_checked' => $row['view'] == 1 ? 'checked' : '', 'value_edit' => $groupId . '_edit', 'value_edit_checked' => $row['edit'] == 1 ? 'checked' : '', 'value_del' => $groupId . '_del', 'value_del_checked' => $row['del'] == 1 ? 'checked' : ''); $checkboxes[] = $checkbox; } $formFields = array(); $formFields[] = FormManager::AddPermissions('groupids[]', $checkboxes); Theme::Set('form_fields', $formFields); // Set some information about the form Theme::Set('form_id', 'RegionPermissionsForm'); Theme::Set('form_action', 'index.php?p=timeline&q=RegionPermissions'); Theme::Set('form_meta', '<input type="hidden" name="layoutid" value="' . $layoutid . '" /><input type="hidden" name="regionid" value="' . $regionid . '" />'); $response->SetFormRequestResponse(NULL, __('Permissions'), '350px', '500px'); $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Region', 'Permissions') . '")'); $response->AddButton(__('Cancel'), 'XiboDialogClose()'); $response->AddButton(__('Save'), '$("#RegionPermissionsForm").submit()'); $response->Respond(); }
public function edit() { // Validation if ($this->userName == '' || strlen($this->userName) > 50) { return $this->SetError(__('User name must be between 1 and 50 characters.')); } if ($this->homePage == '') { $this->homePage = "dashboard"; } try { $dbh = PDOConnect::init(); // Check for duplicate user name $sth = $dbh->prepare('SELECT UserName FROM `user` WHERE UserName = :userName AND userId <> :userId'); $sth->execute(array('userName' => $this->userName, 'userId' => $this->userId)); $results = $sth->fetchAll(); if (count($results) > 0) { $this->ThrowError(__('There is already a user with this name. Please choose another.')); } // Run the UPDATE statement $SQL = 'UPDATE user SET UserName = :userName, HomePage = :homePage, Email = :email, Retired = :retired, userTypeId = :userTypeId WHERE userId = :userId '; $updateSth = $dbh->prepare($SQL); $updateSth->execute(array('userName' => $this->userName, 'userTypeId' => $this->userTypeId, 'email' => $this->email, 'homePage' => $this->homePage, 'retired' => $this->retired, 'userId' => $this->userId)); // Update the user group $userGroup = new UserGroup(); if (!$userGroup->EditUserGroup($this->userId, $this->userName)) { $this->ThrowError($userGroup->GetErrorNumber(), $userGroup->GetErrorMessage()); } return true; } catch (Exception $e) { Debug::Error($e->getMessage()); if (!$this->IsError()) { $this->SetError(1, __('Unknown Error')); } return false; } }
/** * Deletes a user * * @param int $id * @return unknown */ function DeleteUser() { // Check the token if (!Kit::CheckToken()) { trigger_error('Token does not match', E_USER_ERROR); } $db =& $this->db; $user =& $this->user; $response = new ResponseManager(); $userid = Kit::GetParam('userid', _POST, _INT, 0); $groupID = $user->getGroupFromID($userid, true); // Can we delete this user? Dont even try if we cant. Check tables that have this userid or this groupid if ($this->db->GetCountOfRows(sprintf('SELECT LayoutID FROM layout WHERE UserID = %d', $userid)) > 0) { trigger_error(__('Cannot delete this user, they have layouts'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT MediaID FROM media WHERE UserID = %d', $userid)) > 0) { trigger_error(__('Cannot delete this user, they have media'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT EventID FROM schedule WHERE UserID = %d', $userid)) > 0) { trigger_error(__('Cannot delete this user, they have scheduled layouts'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT Schedule_DetailID FROM schedule_detail WHERE UserID = %d', $userid)) > 0) { trigger_error(__('Cannot delete this user, they have schedule detail records'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT TemplateID FROM template WHERE UserID = %d', $userid)) > 0) { trigger_error(__('Cannot delete this user, they have templates'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT osr_id FROM oauth_server_registry WHERE osr_usa_id_ref = %d', $userid)) > 0) { trigger_error(__('Cannot delete this user, they have applications'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT GroupID FROM lkdatasetgroup WHERE GroupID = %d', $groupID)) > 0) { trigger_error(__('Cannot delete this user, they have permissions to data sets'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT GroupID FROM lkdisplaygroupgroup WHERE GroupID = %d', $groupID)) > 0) { trigger_error(__('Cannot delete this user, they have permissions to display groups'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT GroupID FROM lklayoutgroup WHERE GroupID = %d', $groupID)) > 0) { trigger_error(__('Cannot delete this user, they have permissions to layouts'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT GroupID FROM lklayoutmediagroup WHERE GroupID = %d', $groupID)) > 0) { trigger_error(__('Cannot delete this user, they have permissions to media on layouts'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT GroupID FROM lklayoutregiongroup WHERE GroupID = %d', $groupID)) > 0) { trigger_error(__('Cannot delete this user, they have permissions to regions on layouts'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT GroupID FROM lkmediagroup WHERE GroupID = %d', $groupID)) > 0) { trigger_error(__('Cannot delete this user, they have permissions to media'), E_USER_ERROR); } if ($this->db->GetCountOfRows(sprintf('SELECT GroupID FROM lktemplategroup WHERE GroupID = %d', $groupID)) > 0) { trigger_error(__('Cannot delete this user, they have permissions to templates'), E_USER_ERROR); } // Firstly delete the group for this user $userGroupObject = new UserGroup($db); // Remove this user from all user groups (including their own) $userGroupObject->UnlinkAllGroups($userid); // Delete the user specific group if (!$userGroupObject->Delete($groupID)) { trigger_error($userGroupObject->GetErrorMessage(), E_USER_ERROR); } // Delete the user $sqldel = "DELETE FROM user"; $sqldel .= " WHERE UserID = %d"; if (!$db->query(sprintf($sqldel, $userid))) { trigger_error($db->error()); trigger_error(__("This user has been active, you may only retire them."), E_USER_ERROR); } // We should delete this users sessions record. $SQL = "DELETE FROM session WHERE userID = %d "; if (!$db->query(sprintf($SQL, $userid))) { trigger_error($db->error()); trigger_error(__("If logged in, this user will be deleted once they log out."), E_USER_ERROR); } $response->SetFormSubmitResponse(__('User Deleted.')); $response->Respond(); }
/** * Deletes a user */ function DeleteUser() { // Check the token if (!Kit::CheckToken()) { trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR); } $response = new ResponseManager(); $deleteAllItems = Kit::GetParam('deleteAllItems', _POST, _CHECKBOX) == 1; $userId = Kit::GetParam('userid', _POST, _INT, 0); $groupId = $this->user->getGroupFromID($userId, true); $user = new Userdata(); $user->userId = $userId; $userGroup = new UserGroup(); if (!$deleteAllItems) { // Can we delete this user? Don't even try if we cant. $children = $user->getChildTypes(); if (count($children) > 0) { trigger_error(sprintf(__('Cannot delete user, they own %s'), implode(', ', $children)), E_USER_ERROR); } // Can we delete this group? $children = $userGroup->getChildTypes($groupId); if (count($children) > 0) { trigger_error(sprintf(__('Cannot delete user, they own %s'), implode(', ', $children)), E_USER_ERROR); } } // Delete all items has been selected, so call delete on the group, then the user $userGroup->UnlinkAllGroups($userId); // Delete the user specific group if (!$userGroup->Delete($groupId)) { trigger_error($userGroup->GetErrorMessage(), E_USER_ERROR); } // Delete the user if (!$user->Delete()) { trigger_error($user->GetErrorMessage(), E_USER_ERROR); } $response->SetFormSubmitResponse(__('User Deleted.')); $response->Respond(); }
/** * Sets the Members of a group */ public function SetMembers() { $db =& $this->db; $response = new ResponseManager(); $groupObject = new UserGroup($db); $groupId = Kit::GetParam('GroupID', _REQUEST, _INT); $users = Kit::GetParam('UserID', _POST, _ARRAY, array()); // We will receive a list of users from the UI which are in the "assign column" at the time the form is // submitted. // We want to go through and unlink any users that are NOT in that list, but that the current user has access // to edit. // We want to add any users that are in that list (but aren't already assigned) // All users that this session has access to if (!($allUsers = $this->user->userList())) { trigger_error(__('Error getting all users'), E_USER_ERROR); } // Convert to an array of ID's for convenience $allUserIds = array_map(function ($array) { return $array['userid']; }, $allUsers); // Users in group $usersAssigned = UserData::entries(null, array('groupIds' => array($groupId))); Debug::Audit('All userIds we want to assign: ' . var_export($users, true)); Debug::Audit('All userIds we have access to: ' . var_export($allUserIds, true)); foreach ($usersAssigned as $user) { /* @var Userdata $user */ // Did this session have permission to do anything to this user? // If not, move on if (!in_array($user->userId, $allUserIds)) { continue; } Debug::Audit('Logged in user has permission to make changes to this assigned user ' . $user->userId); // Is this user in the provided list of users? if (in_array($user->userId, $users)) { // This user is already assigned, so we remove it from the $users array Debug::Audit('This user is already assigned ' . $user->userId); if (($key = array_search($user->userId, $users)) !== false) { unset($users[$key]); } } else { Debug::Audit('This user is assigned, but not in the list of assignments ' . $user->userId); // It isn't therefore needs to be removed if (!$groupObject->Unlink($groupId, $user->userId)) { trigger_error($groupObject->GetErrorMessage(), E_USER_ERROR); } } } Debug::Audit('All userIds we want to assign after sorting: ' . var_export($users, true)); // Add any users that are still missing after tha assignment process foreach ($users as $userId) { Debug::Audit('User was missing, linking them: ' . $userId); // Add any that are missing if (!$groupObject->Link($groupId, $userId)) { trigger_error($groupObject->GetErrorMessage(), E_USER_ERROR); } } $response->SetFormSubmitResponse(__('Group membership set'), false); $response->Respond(); }