function IdentificationDesDroits($groupes_visibles_user, $groupes_interdits_user, $is_admin, $id_fonctions, $refresh) { global $server, $user, $pass, $database, $pre; //include librairies require_once "NestedTree.class.php"; require_once "class.database.php"; $db = new Database($server, $user, $pass, $database, $pre); $db->connect(); //Check if user is ADMINISTRATOR if ($is_admin == 1) { $groupes_visibles = array(); $_SESSION['groupes_visibles'] = array(); $_SESSION['groupes_interdits'] = array(); $_SESSION['personal_visible_groups'] = array(); $_SESSION['groupes_visibles_list'] = ""; $rows = $db->fetch_all_array("SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = '0'"); foreach ($rows as $record) { array_push($groupes_visibles, $record['id']); } $_SESSION['groupes_visibles'] = $groupes_visibles; //Exclude all PF $_SESSION['forbiden_pfs'] = array(); $sql = "SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = 1"; if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1) { $sql .= " AND title != '" . $_SESSION['user_id'] . "'"; } //Get ID of personal folder $pf = $db->fetch_array("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_SESSION['user_id'] . "'"); if (!empty($pf[0])) { if (!in_array($pf[0], $_SESSION['groupes_visibles'])) { array_push($_SESSION['groupes_visibles'], $pf[0]); array_push($_SESSION['personal_visible_groups'], $pf[0]); //get all descendants $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title', 'personal_folder'); $tree->rebuild(); $tst = $tree->getDescendants($pf[0]); foreach ($tst as $t) { array_push($_SESSION['groupes_visibles'], $t->id); array_push($_SESSION['personal_visible_groups'], $t->id); } } } $_SESSION['groupes_visibles_list'] = implode(',', $_SESSION['groupes_visibles']); $_SESSION['is_admin'] = $is_admin; //Check if admin has creating Folders and Roles $ret = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "nested_tree"); $_SESSION['nb_folders'] = $ret[0]; $ret = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "roles_title"); $_SESSION['nb_roles'] = $ret[0]; } else { //init $_SESSION['groupes_visibles'] = array(); $_SESSION['groupes_interdits'] = array(); $_SESSION['personal_visible_groups'] = array(); $groupes_visibles = array(); $groupes_interdits = array(); $groupes_interdits_user = explode(';', TrimElement($groupes_interdits_user, ";")); if (!empty($groupes_interdits_user) && count($groupes_interdits_user) > 0) { $groupes_interdits = $groupes_interdits_user; } $_SESSION['is_admin'] = $is_admin; $fonctions_associees = explode(';', TrimElement($id_fonctions, ";")); $new_liste_gp_visibles = array(); $liste_gp_interdits = array(); $list_allowed_folders = array(); $list_forbiden_folders = array(); //build Tree require_once "NestedTree.class.php"; $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); //rechercher tous les groupes visibles en fonction des roles de l'utilisateur foreach ($fonctions_associees as $role_id) { if (!empty($role_id)) { //Get allowed folders for each Role $rows = $db->fetch_all_array("SELECT folder_id FROM " . $pre . "roles_values WHERE role_id=" . $role_id); foreach ($rows as $record) { if (isset($record['folder_id']) && !in_array($record['folder_id'], $list_allowed_folders)) { array_push($list_allowed_folders, $record['folder_id']); } } } } // => Build final lists //Clean arrays $allowed_folders_tmp = array(); $list_allowed_folders = array_unique($list_allowed_folders); //Add user allowed folders $allowed_folders_tmp = array_unique(array_merge($list_allowed_folders, explode(';', TrimElement($groupes_visibles_user, ";")))); //Exclude from allowed folders all the specific user forbidden folders $allowed_folders = array(); foreach ($allowed_folders_tmp as $id) { if (!in_array($id, $groupes_interdits_user)) { array_push($allowed_folders, $id); } } //Clean array $list_allowed_folders = array_filter(array_unique($list_allowed_folders)); //Exclude all PF $_SESSION['forbiden_pfs'] = array(); $sql = "SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = 1"; if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1) { $sql .= " AND title != '" . $_SESSION['user_id'] . "'"; } $pfs = $db->fetch_all_array($sql); foreach ($pfs as $pf_id) { array_push($_SESSION['forbiden_pfs'], $pf_id['id']); } //Get ID of personal folder if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1) { $pf = $db->fetch_row("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_SESSION['user_id'] . "'"); if (!empty($pf[0])) { if (!in_array($pf[0], $list_allowed_folders)) { //get all descendants $ids = $tree->getDescendants($pf[0], true); foreach ($ids as $id) { array_push($list_allowed_folders, $id->id); array_push($_SESSION['personal_visible_groups'], $id->id); } } } } $_SESSION['groupes_visibles'] = $list_allowed_folders; $_SESSION['groupes_visibles_list'] = implode(',', $list_allowed_folders); } }
/** * IdentifyUserRights() * * @return */ function IdentifyUserRights($groupes_visibles_user, $groupes_interdits_user, $is_admin, $id_fonctions, $refresh) { global $server, $user, $pass, $database, $pre; //include librairies require_once "NestedTree.class.php"; require_once "class.database.php"; $db = new Database($server, $user, $pass, $database, $pre); $db->connect(); //Check if user is ADMINISTRATOR if ($is_admin == 1) { $groupes_visibles = array(); $_SESSION['groupes_visibles'] = array(); $_SESSION['groupes_interdits'] = array(); $_SESSION['personal_visible_groups'] = array(); $_SESSION['groupes_visibles_list'] = ""; $rows = $db->fetch_all_array("SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = '0'"); foreach ($rows as $record) { array_push($groupes_visibles, $record['id']); } $_SESSION['groupes_visibles'] = $groupes_visibles; $_SESSION['all_non_personal_folders'] = $groupes_visibles; //Exclude all PF $_SESSION['forbiden_pfs'] = array(); $sql = "SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = 1"; if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1) { $sql .= " AND title != '" . $_SESSION['user_id'] . "'"; } //Get ID of personal folder $pf = $db->fetch_row("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_SESSION['user_id'] . "'"); if (!empty($pf[0])) { if (!in_array($pf[0], $_SESSION['groupes_visibles'])) { array_push($_SESSION['groupes_visibles'], $pf[0]); array_push($_SESSION['personal_visible_groups'], $pf[0]); //get all descendants $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title', 'personal_folder'); $tree->rebuild(); $tst = $tree->getDescendants($pf[0]); foreach ($tst as $t) { array_push($_SESSION['groupes_visibles'], $t->id); array_push($_SESSION['personal_visible_groups'], $t->id); } } } $_SESSION['groupes_visibles_list'] = implode(',', $_SESSION['groupes_visibles']); $_SESSION['is_admin'] = $is_admin; //Check if admin has creating Folders and Roles $ret = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "nested_tree"); $_SESSION['nb_folders'] = $ret[0]; $ret = $db->fetch_row("SELECT COUNT(*) FROM " . $pre . "roles_title"); $_SESSION['nb_roles'] = $ret[0]; } else { //init $_SESSION['groupes_visibles'] = array(); $_SESSION['groupes_interdits'] = array(); $_SESSION['personal_visible_groups'] = array(); $groupes_visibles = array(); $groupes_interdits = array(); $groupes_interdits_user = explode(';', TrimElement($groupes_interdits_user, ";")); if (!empty($groupes_interdits_user) && count($groupes_interdits_user) > 0) { $groupes_interdits = $groupes_interdits_user; } $_SESSION['is_admin'] = $is_admin; $fonctions_associees = explode(';', TrimElement($id_fonctions, ";")); $new_liste_gp_visibles = array(); $liste_gp_interdits = array(); $list_allowed_folders = $list_forbiden_folders = $list_folders_limited = $list_folders_editable_by_role = array(); //build Tree require_once "NestedTree.class.php"; $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); //rechercher tous les groupes visibles en fonction des roles de l'utilisateur foreach ($fonctions_associees as $role_id) { if (!empty($role_id)) { //Get allowed folders for each Role $rows = $db->fetch_all_array("\r\n\t\t\t\t\tSELECT folder_id\r\n\t\t\t\t\tFROM " . $pre . "roles_values\r\n\t\t\t\t\tWHERE role_id=" . $role_id); if (count($rows) > 0) { foreach ($rows as $reccord) { if (isset($reccord['folder_id']) && !in_array($reccord['folder_id'], $list_allowed_folders)) { array_push($list_allowed_folders, $reccord['folder_id']); } //Check if this group is allowed to modify any pw in allowed folders $tmp = $db->query_first("\r\n \t\t\t\tSELECT allow_pw_change\r\n\t\t \t\tFROM " . $pre . "roles_title\r\n\t\t \t\tWHERE id = " . $role_id); if ($tmp['allow_pw_change'] == 1 && !in_array($tmp['allow_pw_change'], $list_folders_editable_by_role)) { array_push($list_folders_editable_by_role, $reccord['folder_id']); } } //Check for the users roles if some specific rights exist on items $rows = $db->fetch_all_array("\r\n\t\t\t\t\t\tSELECT i.id_tree, r.item_id\r\n\t\t\t\t\t\tFROM " . $pre . "items AS i\r\n\t\t\t\t\t\tINNER JOIN " . $pre . "restriction_to_roles AS r ON (r.item_id=i.id)\r\n\t\t\t\t\t\tWHERE r.role_id=" . $role_id . "\r\n\t\t\t\t\t\tORDER BY i.id_tree ASC\r\n\t\t\t\t\t"); $x = 0; foreach ($rows as $reccord) { if (isset($reccord['id_tree'])) { $list_folders_limited[$reccord['id_tree']][$x] = $reccord['item_id']; $x++; } } } } } // => Build final lists //Clean arrays $allowed_folders_tmp = array(); $list_allowed_folders = array_unique($list_allowed_folders); //Add user allowed folders $allowed_folders_tmp = array_unique(array_merge($list_allowed_folders, explode(';', TrimElement($groupes_visibles_user, ";")))); //Exclude from allowed folders all the specific user forbidden folders $allowed_folders = array(); foreach ($allowed_folders_tmp as $id) { if (!in_array($id, $groupes_interdits_user)) { array_push($allowed_folders, $id); } } //Clean array $list_allowed_folders = array_filter(array_unique(array_merge($list_allowed_folders, $allowed_folders))); //Exclude all PF $_SESSION['forbiden_pfs'] = array(); $sql = "SELECT id FROM " . $pre . "nested_tree WHERE personal_folder = 1"; if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1 && isset($_SESSION['personal_folder']) && $_SESSION['personal_folder'] == 1) { $sql .= " AND title != '" . $_SESSION['user_id'] . "'"; } $pfs = $db->fetch_all_array($sql); foreach ($pfs as $pf_id) { array_push($_SESSION['forbiden_pfs'], $pf_id['id']); } //Get ID of personal folder if (isset($_SESSION['settings']['enable_pf_feature']) && $_SESSION['settings']['enable_pf_feature'] == 1 && isset($_SESSION['personal_folder']) && $_SESSION['personal_folder'] == 1) { $pf = $db->fetch_row("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_SESSION['user_id'] . "'"); if (!empty($pf[0])) { if (!in_array($pf[0], $list_allowed_folders)) { //get all descendants $ids = $tree->getDescendants($pf[0], true); foreach ($ids as $id) { array_push($list_allowed_folders, $id->id); array_push($_SESSION['personal_visible_groups'], $id->id); } } } } $_SESSION['groupes_visibles'] = $list_allowed_folders; $_SESSION['groupes_visibles_list'] = implode(',', $list_allowed_folders); $_SESSION['list_folders_limited'] = $list_folders_limited; $_SESSION['list_folders_editable_by_role'] = $list_folders_editable_by_role; } }