Esempio n. 1
0
function render_inserted($S, $statement_id)
{
    $action = $GLOBALS['webaction'];
    extract($S);
    if (is_array($where)) {
        extract($where);
    }
    if ($rule_id != '') {
        $rule_info = s3info('rule', $rule_id, $db);
    }
    if (!$instance_id) {
        $instance_id = $resource_id;
    }
    $message .= sprintf("\n%s\n", '<table width="100%"><tr><td>');
    $message .= sprintf("%s\n", '	<font color="red">Statement inserted</font>');
    $message .= sprintf("%s\n", '	</td></tr>');
    $message .= sprintf("%s\n", '	<tr><td>');
    $message .= sprintf("%s\n", '      <ol>');
    $message .= sprintf("%s\n", '      	<li><i>Resource</i> <b>' . $rule_info['subject'] . '</b> ID #' . str_pad($instance_id, 6, '0', STR_PAD_LEFT) . ' found</li>');
    $message .= sprintf("%s\n", '      	<li><i>Rule</i> <b>' . $rule_info['subject'] . ' + ' . $rule_info['verb'] . ' + ' . $rule_info['object'] . '</b> found</li>');
    if (resourceObject(compact('rule_info', 'project_id', 'db')) && resource_found(compact('rule_info', 'value', 'project_id', 'db', 'user_id'))) {
        $message .= sprintf("%s\n", '      	<li><i>Found Resource </i> <b>' . $rule_info['object'] . '</b> ( UID: <b>' . $value . '</b> )</li>');
    }
    if ($insert != 'file') {
        $display_value = $value;
    } else {
        $display_value = '<a href=' . $action['download'] . '&statement_id=' . $statement_id . '>' . $filename . '</a>';
    }
    $message .= sprintf("%s\n", '      	<li><i>Statement</i> <b>' . $rule_info['subject'] . ' | ' . $rule_info['verb'] . ' | ' . $rule_info['object'] . ' [ ' . urldecode($display_value) . ' ]</b> for the above resource inserted</li>');
    $message .= sprintf("%s\n", '      	<li>Statement ID:  <b>' . $statement_id . '</b></li>');
    $message .= sprintf("%s\n", '      </ol>');
    $message .= sprintf("%s\n", '	<tr><td>');
    #$message .= sprintf("%s\n", '		<br /><input type="button" value="Insert Another" onClick="opener.window.location.reload(); window.history.go(-1); return false;">');
    #$message .= sprintf("%s\n", '		<br /><input type="button" value="Insert Another" onClick="opener.window.location.reload(); history.go(-1); return false;">');
    #$message .= sprintf("%s\n", '		<br /><input type="button" value="Insert Another" onClick="window.location=\''.$action['instanceform'].'\'">');
    #$message .= sprintf("%s\n", '		&nbsp;&nbsp;<input type="button" value="Close Window" onClick="opener.window.location.reload(); self.close();return false;">');
    $message .= sprintf("%s\n", '	</td></tr>');
    $message .= sprintf("%s\n", '	</td></tr>');
    $message .= sprintf("%s\n", '	</table>');
    return $message;
}
Esempio n. 2
0
function create_edge_set($O)
{
    extract($O);
    #Create edges for regular resources
    $edge_set_str = sprintf("\t%s\n", '<EDGESET>');
    #List all classes in project
    //		$s3ql['db'] = $db;
    //		$s3ql['user_id'] = $user_id;
    //		$s3ql['select']='*';
    //		$s3ql['from']='classes';
    //		$s3ql['where']['project_id'] = $_REQUEST['project_id'];
    //		#$resources = s3list($s3ql);
    //		$resources = S3QLaction($s3ql); This was replaced by holding urles and collections in globals
    $resources = $GLOBALS['collections'];
    $C = grab_id('collection', $resources);
    $project_name = str_replace($toReplace, $replace, htmlentities($project_info['project_name']));
    if (!empty($resources)) {
        if (is_array($resources)) {
            foreach ($resources as $resource_info) {
                $project_info = s3info('project', $_REQUEST['project_id'], $db);
                $projectNode = 'P' . $project_info['project_id'];
                $classNode = 'C' . $resource_info['resource_id'];
                $subject = str_replace($toReplace, $replace, htmlentities($resource_info['entity']));
                if ($resource_info['project_id'] == $_REQUEST['project_id']) {
                    $color = 'A0A0A0';
                } else {
                    $color = 'E9E9E9';
                }
                $edge_set_str .= sprintf("\t\t%s\n", '<EDGE fromID="' . $projectNode . '" toID="' . $classNode . '" label="[Project ' . $project_name . '] has resource [' . $subject . ']" type="1" length="20" visible="false" color="' . $color . '"/>');
                #create the edges between remote classes/rules and project_id
                if ($resource_info['project_id'] != $_REQUEST['project_id']) {
                    $edge_set_str .= sprintf("\t\t%s\n", '<EDGE fromID="' . $classNode . '" toID="P' . $resource_info['project_id'] . '" label="[Project ' . $project_name . '] has resource [' . $subject . ']" type="1" length="20" visible="false" color="' . $color . '"/>');
                }
                #build an array with class name as keys and class_id as values for use in the rules
                $classes[$resource_info['entity']] = $resource_info['resource_id'];
            }
        }
    }
    $rules = $GLOBALS['rules'];
    #$rules = include_all_class_id(compact('rules', 'project_id', 'user_id','db'));
    #echo '<pre>';print_r($rules);
    #for($i= 0; $i< count($rules); $i++)
    if (is_array($rules)) {
        foreach ($rules as $rule_info) {
            #echo $classes[$rules[$i]['subject']];
            //echo $rules[$i]['subject'];
            if ($rule_info['project_id'] == $_REQUEST['project_id']) {
                $color = 'A0A0A0';
            } else {
                $color = 'E9E9E9';
            }
            if ($rule_info['object_id'] != '') {
                if (in_array($rule_info['object_id'], $C)) {
                    $toID = 'C' . $rule_info['object_id'];
                } else {
                    $toID = 'R' . $rule_info['rule_id'];
                }
            } else {
                $toID = 'R' . $rule_info['rule_id'];
            }
            #find the class_id where the rule will connect
            if (in_array($rule_info['subject_id'], $C)) {
                if ($rule_info['object'] != 'UID') {
                    #$edge_set_str .= sprintf("\t\t%s\n", '<EDGE fromID="C'.$rule_info['subject_id'].'" toID="'.$toID.'" label="Rule: [('.$rule_info['subject'].') '.$rule_info['verb'].' ('.$rule_info['object'].')] was created_on '.substr($rule_info['created_on'], 0, 19).' by '.find_user_loginID(array('account_id'=>$rule_info['created_by'], 'db'=>$O['db'])).'" type="1" length="40" visible="true" color="'.$color.'"/>');
                    $edge_set_str .= sprintf("\t\t%s\n", '<EDGE fromID="C' . $rule_info['subject_id'] . '" toID="' . $toID . '" label="R' . $rule_info['rule_id'] . ' was created_on ' . substr($rule_info['created_on'], 0, 19) . ' by ' . find_user_loginID(array('account_id' => $rule_info['created_by'], 'db' => $O['db'])) . '" type="1" length="40" visible="true" color="' . $color . '"/>');
                }
            }
        }
    }
    $edge_set_str .= sprintf("\t%s\n", '</EDGESET>');
    return $edge_set_str;
}
Esempio n. 3
0
function delete_resource_instance($R)
{
    extract($R);
    $resource_id = $R['resource_id'];
    $modified_by = $R['user_id'];
    $db = $R['db'];
    $resource_info = s3info('instance', $resource_id, $db);
    $resource_class_id = $resource_info['resource_class_id'];
    $project_id = $resource_info['project_id'];
    $old_rule_id = get_rule_id_by_entity_id($resource_class_id, $project_id, $db);
    #Find all statements on this resource_id
    if (!is_array($statements)) {
        $statements = CORElist(array('child' => 'statement', 'parent_ids' => array('instance_id' => $resource_id), 'user_id' => $user_id, 'db' => $db));
    }
    #Find all statements where this resource_id is object. First we have to figure out which rules point to the object where this instance might have been inserted.
    #$class_id = $resource_info['resource_class_id'];
    $s3ql = compact('user_id', 'db');
    $s3ql['select'] = '*';
    $s3ql['from'] = 'statements';
    $s3ql['where']['value'] = $resource_id;
    $s3ql['where']['object_id'] = $resource_class_id;
    #$borrowedStats = S3QLaction($s3ql); #COMING SOON
    if (is_array($statements)) {
        foreach ($statements as $i => $statement_info) {
            $s3ql = compact('user_id', 'db');
            $s3ql['delete'] = 'statement';
            $s3ql['where']['statement_id'] = $statement_info['statement_id'];
            $s3ql['where']['confirm'] = 'yes';
            $done = S3QLaction($s3ql);
            #$sql = "delete from s3db_statement where statement_id = '".$statement_info['statement_id']."'";
            #$db->query($sql, __LINE__, __FILE__);
            $S = array('statement_id' => $statement_info['statement_id'], 'old_rule_id' => $statement_info['rule_id'], 'old_resource_id' => $statement_info['resource_id'], 'old_project_id' => $statement_info['project_id'], 'old_value' => $statement_info['value'], 'old_notes' => $statement_info['notes'], 'created_by' => $statement_info['created_by'], 'created_on' => $statement_info['created_on'], 'modified_by' => $user_id, 'action' => 'delete', 'db' => $db);
            $logged = insert_statement_log($S);
        }
    }
    #Change the resources table
    #$sql = "delete from s3db_resource where resource_id = '".$resource_id."' and iid='1'";
    $sql = "update s3db_resource set status = 'I', modified_on = now() where resource_id = '" . $resource_id . "' and iid='1'";
    #echo '<pre>';print_r($statements);
    #echo $sql;exit;
    $db->query($sql, __LINE__, __FILE__);
    $dbdata = get_object_vars($db);
    if ($dbdata['Errno'] == 0) {
        $S = array('statement_id' => '0', 'old_rule_id' => $old_rule_id, 'old_resource_id' => $resource_id, 'old_project_id' => $resource_info['project_id'], 'old_value' => $resource_info['entity'], 'old_notes' => $resource_info['notes'], 'created_by' => $resource_info['created_by'], 'created_on' => $resource_info['created_on'], 'modified_by' => $modified_by, 'action' => 'delete', 'db' => $db);
        $logged = insert_statement_log($S);
        #Change in the statements table
        #$sql = "delete from s3db_statement where resource_id = '".$resource_id."'";
        #$db->query($sql, __LINE__, __FILE__);
        $dbdata = get_object_vars($db);
        ##This piece of code is meant to enable the regeneration of the list of resource instances in query result
        $queryresult = $_SESSION['query_result'];
        #echo '<pre>'; print_r($queryresult);
        if (is_array($queryresult)) {
            function resource_id_compare($a, $b)
            {
                if ($a == $b) {
                    return 0;
                }
            }
            foreach ($queryresult as $i => $value) {
                if ($queryresult[$i]['resource_id'] == $resource_id) {
                    unset($queryresult[$i]);
                }
            }
            #if (is_array($deleteme)) #Remove the small array from the big array
            #	$queryresult = array_diff_uassoc($queryresult,$deleteme, "resource_id_compare");
            #echo '<pre>'; print_r($queryresult);
        }
        $_SESSION['query_result'] = $queryresult;
        return True;
    } else {
        return False;
    }
}
Esempio n. 4
0
 $key_valid = authenticate($key, $url);
 switch ($key_valid) {
     case 0:
         $db = CreateObject('s3dbapi.db');
         $db->Halt_On_Error = 'no';
         $db->Host = $GLOBALS['s3db_info']['server']['db']['db_host'];
         $db->Type = $GLOBALS['s3db_info']['server']['db']['db_type'];
         $db->Database = $GLOBALS['s3db_info']['server']['db']['db_name'];
         $db->User = $GLOBALS['s3db_info']['server']['db']['db_user'];
         $db->Password = $GLOBALS['s3db_info']['server']['db']['db_pass'];
         $db->connect();
         #if user has been authenticated, then fire away! he can see data!!
         $key_info = get_entry('access_keys', 'account_id,uid', 'key_id', $key, $db);
         $user_id = $key_info['account_id'];
         #if no user_id was found, but it was authenticated, then it is a remote login
         $user_info = s3info('user', $user_id, $db);
         #if a uid was specified for this key, s3ql should NOT ALLOW any more queries other than the ones specified in uid
         $args = '?key=' . $key;
         break;
     case 2:
         list($db, $user_info, $user_id) = loginAsPublic();
         break;
     case 1:
         #echo '<message>Key not valid. If this is a remote key, please provide url where user is located (for example: http://mylocalhost/s3db/U4)</message>';
         $format = $_REQUEST['format'];
         if ($format == '') {
             $format = 'html';
         }
         echo formatReturn('1', 'Key is not valid. If this is a remote key, please provide url where user is managed (for example: user_id=http://mylocalhost/s3db/U4)', $format, '');
         #break;
         exit;
Esempio n. 5
0
function filterByElement($s3ql, $user_id, $db)
{
    switch ($s3ql['from']) {
        case 'users':
            #$user_query_const .= " and account_type !=".$regexp." '(u|p|a|r)'";
            $user_query_const .= " and account_type != 'g'";
            if (!user_is_admin($user_id, $db) || $s3ql['where']['account_status'] == '') {
                $user_query_const .= " and account_status = 'A'";
            }
            if ($s3ql['where']['group_id'] != '') {
                $group_info = s3info('group', $s3ql['where']['group_id'], $db);
                if (!is_array($group_info)) {
                    return False;
                    echo formatReturn($GLOBALS['error_codes']['something_does_not_exist'], 'Group ' . $s3ql['where']['group_id'] . ' does not exist', $s3ql['format'], '');
                } else {
                    #$group_members_query=str_replace("*", "substr(uid, 2, length(uid))", select(array('uid'=>'U'.$s3ql['where']['user_id'], 'shared_with'=>'G'.$s3ql['where']['group_id'])));
                    $group_members_query = str_replace("*", "replace(substr(uid, 2, length(uid)), '" . $GLOBALS['Did'] . '/U' . "', '')", select(array('uid' => 'U' . $s3ql['where']['user_id'], 'shared_with' => 'G' . $s3ql['where']['group_id'])));
                    $user_query_const .= " and account_id in (" . $group_members_query . ")";
                    #group_id is artifical, don't use it in determining output
                    $s3ql['where'] = array_diff_key($s3ql['where'], array('group_id' => ''));
                    $s3ql['where'] = array_filter($s3ql['where']);
                }
            }
            #if there is any coreID, this is a check on permissions. Check first if user can query the resource, then check for permission
            $COREids = $GLOBALS['COREids'];
            foreach ($COREids as $s3code => $s3coreId) {
                if ($s3ql['where'][$s3coreId] != '' && $s3coreId != 'user_id') {
                    $stream = "upstream";
                    $id_name = $s3coreId;
                    $code_id = $s3ql['where'][$s3coreId];
                    $uid = strtoupper(substr($s3code, 0, 1)) . $s3ql['where'][$s3coreId];
                    $element_info = URIinfo($uid, $user_id, $s3ql['key'], $db);
                    if (!is_array($element_info)) {
                        echo formatReturn($GLOBALS['error_codes']['something_missing'], $uid . ' was not found', $s3ql['format'], '');
                        return false;
                    }
                    if (!$element_info['view']) {
                        echo formatReturn($GLOBALS['error_codes']['no_permission_message'], $uid . ' was not found', $s3ql['format'], '');
                        return false;
                    }
                    $user_query_const .= " and account_id in (" . str_replace('*', 'substr(shared_with,2,length(shared_with))', select(array('shared_with' => 'U', 'uid' => $uid, 'stream' => 'upstream'))) . ")";
                }
            }
            break;
        case 'groups':
            #secial query will be pefrformed on listS3DB.
            $user_query_const .= " and account_type " . $GLOBALS['regexp'] . " '(g)'";
            if ($group_id != '1' || $s3ql['where']['account_status'] != 'I') {
                $user_query_const .= " and account_status = 'A'";
            }
            if ($s3ql['where']['user_id'] != '') {
                $user_members = select(array('uid' => 'U' . $s3ql['where']['user_id'], 'shared_with' => 'G' . $s3ql['where']['group_id'], 'stream' => 'upstream'));
                $user_members_query = str_replace("*", "substr(shared_with, 2, length(shared_with))", $user_members);
                $user_query_const .= " and account_id in (" . $user_members_query . ")";
                #$user_query_const .= " and account_id in (select group_id from s3db_account_group where account_id ".$regexp." ".$s3ql['where']['user_id'].")";
                $s3ql['where'] = array_diff_key($s3ql['where'], array('user_id' => ''));
                $s3ql['where'] = array_filter($s3ql['where']);
            }
            #implicated user id. When queried with user_id, this query gives all the groups where user_id is involved, which are all the groups he can change.
            break;
        case 'accesslog':
            #if(!user_is_admin($user_id, $db))
            if ($user_id != '1' && !user_is_admin($user_id, $db)) {
                echo formatReturn($GLOBALS['error_codes']['no_permission_message'], 'User does not have permission to see accesslog', $s3ql['format'], '');
                return False;
            }
            break;
        case 'rulelog':
            if ($user_id != '1') {
                $user_projects = findUserProjects($user_id, $db);
                $user_query_const .= " and project_id " . $regexp . " " . create_list($user_projects) . "";
            }
            break;
        case 'keys':
            $P['table'] = 'access_keys';
            if ($user_id != '1') {
                $user_query_const .= " and account_id = '" . $user_id . "'";
            }
            break;
        case 'filekeys':
            $P['table'] = 'file_transfer';
            if ($user_id != '1') {
                $user_query_const .= " and created_by = '" . $user_id . "'";
            }
            break;
        case 'projects':
            if ($user_id != '1' && $s3ql['where']['project_status'] != 'I') {
                $user_query_const .= " and project_status = 'A'";
            }
            break;
        case 'requests':
            if ($user_id != '1') {
                $user_rules = findUserRules($user_id, $db);
                $user_query_const .= " and rule_id " . $regexp . " '" . create_list($user_rules) . "'";
            }
            break;
        case 'rules':
            if ($s3ql['where']['class_id'] != '') {
                $class_info = URI('C' . $s3ql['where']['class_id'], $user_id, $db);
                $user_query_const .= " and (subject_id = '" . $class_info['resource_id'] . "' or object_id = '" . $class_info['resource_id'] . "')";
            }
            break;
        case 'statements':
            #
            if ($s3ql['where']['class_id'] != '') {
                $class_info = URI('C' . $s3ql['where']['class_id'], $user_id, $db);
                $user_query_const .= " and rule_id = '" . $class_info['rule_id'] . "'";
            }
            break;
        case 'collections':
            $user_query_const .= " and iid = '0'";
            if ($s3ql['where']['rule_id'] != '') {
                $element_info = URI('R' . $s3ql['where']['rule_id'], $user_id, $db);
                $user_query_const .= " and resource_id '^" . $regexp . " " . fastClassID(array('entity' => $element_info['subject'], 'project_id' => $element_info['project_id'], 'db' => $db)) . "'\$'";
            }
            break;
        case 'items':
            $user_query_const .= " and iid = '1'";
            if ($s3ql['where']['rule_id'] != '') {
                $element_info = URI('R' . $s3ql['where']['rule_id'], $user_id, $db);
                $user_query_const .= " and resource_class_id '^" . $regexp . " " . fastClassID(array('entity' => $element_info['subject'], 'project_id' => $element_info['project_id'], 'db' => $db)) . "'\$'";
            }
            break;
    }
    return $user_query_const;
}
Esempio n. 6
0
function s3list($s3ql)
{
    $regexp = $GLOBALS['regexp'];
    $dbstruct = $GLOBALS['dbstruct'];
    extract($s3ql);
    if (is_array($where)) {
        extract($where);
    }
    if (!$user_id) {
        return 'User authentication is required';
        exit;
    }
    if ($order_by) {
        $order_by = ' order by ' . $order_by;
    }
    if (!$select) {
        $select = '*';
    }
    if (!$from) {
        $from = 'projects';
    }
    $equality = '=';
    #by default, equality on query end be this, unless specified that equality should be a regular expression
    $cols = $dbstruct[$from];
    #Error messages
    $syntax_message = "Please provide all the necessary fields. For syntax instructions refer to <a href='http://www.s3db.org/documentation.html'>S3DB Documentation</a>";
    $success = '<error>0</error><message>' . $from . ' ' . $action . 'ed ' . $element_id . '</message>';
    $not_a_query = '<error>1</error><message>' . $from . ' is not a valid S3element. Valid elements: groups, users, keys, projects, rules, statements, classes, instances, rulelog";</message>';
    $something_went_wrong = '<error>2</error><message>Failed to ' . $action . ' ' . $from . '</message>';
    $something_missing = '<error>3</error><message>' . $syntax_message . '</message>';
    $repeating_action = '<error>4</error>';
    $no_permission_message = '<error>5</error>';
    $something_does_not_exist = '<error>5</error>';
    $wrong_query_for_purpose = '<error>6</error>';
    $wrong_input = '<error>7</error>';
    $no_output = '<error>8</error>';
    #alternative IDs that can be used for the query
    $alt = array('keys' => array('key_id'), 'rulelog' => array('rule_id'), 'users' => array('group_id', 'project_id'), 'groups' => array('user_id'), 'projects' => array('user_id'), 'classes' => array('project_id', 'rule_id'), 'rules' => array('project_id', 'class_id'), 'instances' => array('class_id', 'project_id'), 'statements' => array('rule_id', 'instance_id', 'project_id'), 'files' => array('statement_id', 'rule_id', 'instance_id', 'project_id'));
    #if from is not one of these elements, sent the user back, query is invalid!
    if (!in_array($from, array_keys($alt))) {
        #check if user is inputing a sigular of one of the alt plurals
        $plurals = array_keys($alt);
        $singulars = array('key', 'rulelog', 'user', 'group', 'project', 'class', 'rule', 'instance', 'statement', 'file');
        $from = str_replace($singulars, $plurals, $from);
        #if still not in array, definitelly exit;
        if (!in_array($from, array_keys($alt))) {
            return $not_a_query;
        }
    }
    #now replace on "where" the correct s3db names
    $s3map = array('users' => array('user_id' => 'account_id', 'login' => 'account_lid', 'password' => 'account_pwd', 'username' => 'account_uname', 'email' => 'account_email', 'phone' => 'account_phone', 'address' => 'addr1', 'address2' => 'addr2', 'city' => 'city', 'state' => 'state', 'postal_code' => 'postal_code', 'country' => 'country'), 'groups' => array('group_id' => 'account_id', 'groupname' => 'account_lid'), 'keys' => array(), 'accesslog' => array('account_lid' => 'login_id', 'time' => 'login_timestamp'), 'projects' => array(), 'project' => array(), 'instances' => array('class_id' => 'resource_class_id', 'instance_id' => 'resource_id'), 'instance' => array('class_id' => 'resource_class_id', 'instance_id' => 'resource_id'), 'classes' => array('class_id' => 'resource_id'), 'class' => array('class_id' => 'resource_id'), 'rules' => array(), 'rule' => array(), 'statements' => array('instance_id' => 'resource_id'), 'statement' => array('instance_id' => 'resource_id'), 'files' => array());
    foreach ($alt[$from] as $s3id) {
        $s3dbId = $s3map[$from][$s3id];
        if ($s3dbId == '') {
            $s3dbId = $s3id;
        }
        if ($where[$s3id] != '') {
            #does it exist? What sort of resource is this? Type of id should be identified in the first letter (Class_id is C, rule_id is R...)
            $CRISP = strtoupper(substr($s3id, 0, 1));
            $id = $CRISP . $where[$s3id];
            $info[$where[$s3id]] = s3info(str_replace('_id', '', $s3id), $where[$s3id], $db);
            if (!is_array($info)) {
                return $something_does_not_exist . '<message>' . $s3id . ' ' . $where[$s3id] . ' does not exist</message>';
            }
            if (!permissionOnResource(compact('user_id', 'db', 'id'))) {
                return $no_permission_message . '<message>user does not have permission on ' . $id . '</message>';
            }
            #does user have permission on this/these resources?
            $query_end .= " and " . $s3dbId . " " . $equality . " '" . $where[$s3id] . "'";
        }
    }
    $toreplace = array_keys($s3map[$from]);
    $replacements = array_values($s3map[$from]);
    $s3ql['select'] = str_replace($toreplace, $replacements, $query_end);
    #restrict the query to the rules where user is allowed
    $user_projects = findUserProjects($user_id, $db);
    #alternative to re-using s3list to query projects - still not sure which is faster...
    $s3ql = compact('user_id', 'db');
    $s3ql['select'] = 'project_id';
    $s3ql['from'] = 'projects';
    #$user_projects = s3list($s3ql);
    if (is_array($user_projects)) {
        $user_permission_list = create_permission_list($user_projects);
        $user_project_list = create_project_id_list($user_projects);
    }
    if (!is_array($user_projects)) {
        return $no_output . '<message>User does not have permission in any project</message>';
    }
    if ($user_id != '1' && ereg('(projects|classes|rules|instances|statements|rulelog)', $from) && $where['project_id'] == '') {
        #If query end is empty, it means no id was supplied. So list all 'resources' where user is allowed, which implies making a query in project.
        $query_end .= " and project_id " . $regexp . " '" . $user_project_list . "'";
    }
    #When rule_id (or class_id) is supplied check if user has permission on a project that has permission on that rule (or class). If rule_id is not supplied
    #When instance_id is supplied, check if user has permission on the rule (or class) of that instance
    #array_keys contains the things to replace and array_values the replacements
    switch ($from) {
        case 'keys':
            $table = 'access_keys';
            $required = "expires > '" . date('Y-m-d') . "'";
            if ($user_id != '1') {
                $required .= " and (account_id = '" . $user_id . "')";
            }
            break;
        case 'rulelog':
            $table = 'rule_change_log';
            $required = "rule_id !=''";
            break;
        case 'users':
            #expecting group_id or project_id
            #remove password from query fields
            $table = 'account';
            $required = "account_type = 'u' and account_status = 'A'";
            break;
        case 'groups':
            $table = 'account';
            $required = "account_type = 'g' and account_status = 'A'";
            break;
        case 'projects':
            $table = 'project';
            $required = "project_status = 'A'";
            #if user is not admin, retrict this query to the projects user can view by extending queryend
            if ($user_id != '1') {
                $required .= " and (project_owner = '" . $user_id . "' or project_id in (select acl_project_id from s3db_project_acl where acl_account = '" . $user_id . "' and acl_rights!='0'))";
            }
            break;
        case 'classes':
            #$table = 'resource';
            $table = 'resource, s3db_rule';
            $required = "iid = '0'";
            $select = str_replace('project_id', 's3db_rule.project_id', $select);
            $select = str_replace('notes', 's3db_resource.notes', $select);
            if ($where['project_id'] != '') {
                $query_end = str_replace("and project_id = '" . $project_id . "'", "and (entity = subject and verb = 'has UID' and object = 'UID' and s3db_resource.project_id = s3db_rule.project_id and (s3db_rule.project_id = '" . $project_id . "' or s3db_rule.permission " . $regexp . " '(_|^)" . $project_id . "_'))", $query_end);
            }
            #restrict the query to the rules where user is allowed
            $query_end = str_replace("and project_id " . $regexp . " '" . $user_project_list . "'", "and subject = entity and object = 'UID' and s3db_rule.project_id = s3db_resource.project_id and (s3db_rule.project_id " . $regexp . " '" . $user_project_list . "' or s3db_rule.permission " . $regexp . " '" . $user_permission_list . "')", $query_end);
            break;
        case 'instances':
            $table = 'resource';
            $required = "iid = '1'";
            #to avoid having to call s3list again, created this function that simulates finding user classes
            $classes = findUserClasses($user_id, $db);
            if (!is_array($classes)) {
                return $no_output . '<message>User does not have permission in any classes</message>';
            }
            $classes_list = create_class_id_list($classes);
            $query_end = str_replace("and project_id " . $regexp . " '" . $user_project_list . "'", "and resource_class_id " . $regexp . " '" . $classes_list . "'", $query_end);
            break;
        case 'rules':
            $table = 'rule';
            $required = "rule_id !='0'";
            if ($where['project_id'] != '') {
                $query_end = str_replace("and project_id = '" . $project_id . "'", "and (project_id " . $regexp . " '^" . $project_id . "\$' or permission " . $regexp . " '(_|^)" . $project_id . "_')", $query_end);
                if ($where['class_id'] != '') {
                    $class_info = s3info('class', $where['class_id'], $db);
                    $query_end = str_replace("and class_id = '" . $where['class_id'] . "'", "and subject = '" . $class_info['entity'] . "'", $query_end);
                }
            } elseif ($where['class_id'] != '') {
                #no project_id but w/ class_id. If no project_id is indicated, it will have to find the correct subjects (which can be repeated if queried on several projects)
                $class_info = s3info('class', $where['class_id'], $db);
                $query_end = str_replace("and class_id = '" . $where['class_id'] . "'", "and (subject_id = '" . $where['class_id'] . "' or (subject = '" . $class_info['entity'] . "' and project_id = '" . $class_info['project_id'] . "'))", $query_end);
                #all that don't belong to this project will have to be queried by class_id.
            } else {
                $query_end = str_replace("and project_id " . $regexp . " '" . $user_project_list . "'", " and (project_id " . $regexp . " '" . $user_project_list . "' or permission " . $regexp . " '" . $user_permission_list . "')", $query_end);
            }
            break;
        case 'statements':
            $table = 'statement';
            $required = "status ='A'";
            #user only has permission to a number of statement, those where he has permission on rule. Permission on rule propagates to permission on statement
            #alternative to calling s3list again:
            $rules = findUserRules($user_id, $db);
            #echo '<pre>';print_r($rules);
            #exit;
            if (!is_array($rules)) {
                return $no_output . '<message>User does not have permission in any rules</message>';
            } else {
                $user_rule_list = create_rule_id_list($rules);
                $query_end = str_replace("and project_id " . $regexp . " '" . $user_project_list . "'", "and rule_id " . $regexp . " '" . $user_rule_list . "'", $query_end);
            }
            break;
    }
    #POSSIBLY MOVE THIS PART TO A SEPARATE FUNCTION!!
    $sql = "select " . $select . " from s3db_" . $table . " where " . $required . " " . $query_end . $order_by;
    #echo $sql.'<br>';
    #exit;
    $db->query($sql, __LINE__, __FILE__);
    while ($db->next_record()) {
        $resultStr .= "\$data[] = Array(";
        if ($extracol != '') {
            $resultStr .= "'" . $extracol . "'=>'" . $db->f($SQLfun) . "',";
        }
        foreach ($cols as $col) {
            $resultStr .= "'" . $col . "'=>'" . addslashes($db->f($col)) . "'";
            if ($col != end($cols)) {
                $resultStr .= ",";
            }
        }
        $resultStr .= ");";
    }
    #evaluate the long string
    eval($resultStr);
    #echo '<pre>';print_r($data);
    if (is_array($data)) {
        if (!$nomap) {
            #include stuff relevant for each element
            foreach ($data as $element_info) {
                #$element_info['dataAcl'] = instanceAcl(array('instance_info'=>$element_info, 'user_id'=>$user_id, 'db'=>$db));
                $data1[] = include_all(array('elements' => $from, 'element_info' => $element_info, 'user_id' => $user_id, 'db' => $db));
            }
            $data = $data1;
        }
    } else {
        $data = $no_output . '<message>Your query returned no results</message>';
    }
    #echo '<pre>';print_r($data);
    return $data;
}
Esempio n. 7
0
        $group_select_list .= '<option value="' . $group_info['group_id'] . '"' . $select . '>' . $group_info['groupname'] . '</option>';
    }
}
#$group_select_list= create_group_list($groups, $useredited['account_id']);
//echo $_POST['account_pwd'];
//$manager= 'User Manager';
$edit_message = 'Edit User Account';
$content_width = '70%';
$button = '<input type="submit" name="submit" value="Update User Account">&nbsp;&nbsp;&nbsp;&nbsp;<input type="submit" name="back" value="Back to User Account List">';
$account_lid = $useredited['account_lid'];
if ($useredited['account_status'] == 'A') {
    $checked = 'checked';
} else {
    $checked = '';
}
$useredited = s3info('user', $id, $db);
$account_uname = $useredited['account_uname'];
$account_type = $useredited['account_type'] == 'u' ? 'User' : $useredited['account_type'] == 'p' ? 'Public User' : 'Group';
$public_checked = $useredited['account_type'] == 'p' ? 'Checked' : 'Unchecked';
$account_lastname = $useredited['account_lastname'];
$addr1 = $useredited['addr1'];
$addr2 = $useredited['addr2'];
$city = $useredited['city'];
$state = $useredited['state'];
$postal_code = $useredited['postal_code'];
$country = $useredited['country'];
$account_email = $useredited['account_email'];
$account_phone = $useredited['account_phone'];
$permission_info = array('uid' => 'U' . $user_id, 'shared_with' => 'U' . $id);
if ($user_id == 1 || $user_id == $useredited['created_by']) {
    $has_permission = has_permission($permission_info, $db, $user_id);
Esempio n. 8
0
function bottom_up_propagation_list($toFind, $db, $X = array(), $Hlist = array(), $toFindInfo = array())
{
    #this function will build a list where the keys are the parent ids and the values are the ids to which the permission propagates to
    global $timer;
    if (empty($toFindInfo) && $toFind != letter($toFind)) {
        $toFindInfo = s3info($GLOBALS['s3codes'][letter($toFind)], substr($toFind, 1, strlen($toFind)), $db);
        if (letter($toFind) == 'S') {
            ##Find also info on the rule because that is where object_id will be found
            $ruleInfo = s3info('rule', $toFindInfo['rule_id'], $db);
            $borrowed = array('subject', 'subject_id', 'verb', 'verb_id', 'object', 'object_id');
            foreach ($borrowed as $tmp) {
                $toFindInfo[$tmp] = $ruleInfo[$tmp];
            }
        }
        if (letter($toFind) == 'I') {
            $toFindInfo['collection_id'] = $toFindInfo['resource_class_id'];
            $toFindInfo['item_id'] = $toFindInfo['resource_id'];
        }
    }
    $coreLetter = letter($toFind);
    $idvalue = ereg_replace('^' . $coreLetter, '', $toFind);
    if (is_file($Hlist)) {
        $Hlist = unserialize(file_get_contents($Hlist));
    }
    #build propagation list screen s3db for the corresponding core element and builds the interaction list from the query result
    $element = $GLOBALS['s3codes'][$coreLetter];
    $table = $GLOBALS['s3tables'][$GLOBALS['s3codes'][$coreLetter]];
    $specific_id = $GLOBALS['COREletterInv'][$coreLetter];
    $table_id = $table . '_id';
    $mother_ids = $GLOBALS['inherit'][$specific_id];
    if (letter($toFind) == 'S' && $toFindInfo['object_id'] == '') {
        $mother_ids = array('rule_id', 'item_id');
    }
    if (letter($toFind) == 'R' && $toFindInfo['object_id'] == '') {
        $mother_ids = array('project_id', 'subject_id', 'verb_id');
    }
    if (!empty($mother_ids)) {
        $table_mother_ids = translate_id_to_tables($mother_ids, $element);
    } else {
        $table_mother_ids = array();
    }
    $sql = "select * from s3db_" . $table;
    $connector = " where";
    if ($idvalue) {
        $sql .= " " . $connector . " " . $table_id . " = '" . $idvalue . "'";
        $connector = " and";
    }
    if ($coreLetter == 'I') {
        $sql .= " " . $connector . " iid='1'";
    }
    if ($coreLetter == 'C') {
        $sql .= " " . $connector . " iid='0'";
    }
    $db->query($sql, __FILE__, __LINE__);
    while ($db->next_record()) {
        $id_value = $db->f($table_id);
        $newHlist = array();
        #newHlist is just a way to distinguish those ids whose parent have aleady been found and those that haven't. It should always be smaller or equal sized to Hlist because it only contains data discovered in the present iteration
        #organize Hlist by parent->children
        if (!empty($mother_ids)) {
            $sw_letter = '';
            foreach ($table_mother_ids as $i => $mother) {
                $sw_letter = $GLOBALS['COREletter'][$mother_ids[$i]];
                $sw_value = $db->f($mother);
                if ($mother == 'value') {
                    if (is_uid($sw_value)) {
                        $sw_letter = 'I';
                    }
                }
                if ($sw_letter != '' && $sw_value) {
                    $sw = $sw_letter . $sw_value;
                    $uid = $coreLetter . $id_value;
                    if (!is_array($Hlist[$sw])) {
                        $Hlist[$sw] = array();
                    }
                    if (!is_array($newHlist[$sw])) {
                        $newHlist[$sw] = array();
                    }
                    if (!in_array($uid, $Hlist[$sw])) {
                        array_push($Hlist[$sw], $uid);
                        array_push($newHlist[$sw], $uid);
                    }
                }
            }
        }
    }
    if ($timer) {
        $timer->setMarker('owner id found');
    }
    #There is another way to get to any id. The ones we have just found are the direct inheritance. Now we need to find those that were created on the permissions table - that is, the shared ones
    if ($toFind != $coreLetter) {
        $where_str = "uid='" . $toFind . "'";
    } else {
        $where_str = "uid " . $GLOBALS['regexp'] . " '^" . $toFind . "'";
    }
    $pSql = "select uid,shared_with from s3db_permission where " . $where_str . " and id not in (" . ereg_replace('\\*', $table_id, $sql) . ")";
    $db->query($pSql);
    while ($db->next_record()) {
        $sw = $db->f('shared_with');
        $uid = $db->f('uid');
        $possible_parents = $GLOBALS['inherit_code'][letter($uid)];
        if (in_array(letter($sw), $possible_parents)) {
            if (!is_array($Hlist[$sw])) {
                $Hlist[$sw] = array();
                $newHlist[$sw] = array();
            }
            if (!in_array($uid, $Hlist[$sw])) {
                array_push($Hlist[$sw], $uid);
                array_push($newHlist[$sw], $uid);
            }
        }
    }
    if ($timer) {
        $timer->setMarker('shared id found');
    }
    #now lets get all from parent category. If the range of Hlist keys is small, then it makes sense to only query those; otherwise, a query on all parent makes more sense.
    #save the var in disk
    $Hlist_file = $GLOBALS['uploads'] . 'Hlist' . rand(100, 200);
    @file_put_contents($Hlist_file, serialize($Hlist));
    @chmod($Hlist_file, 0777);
    if (count($newHlist) > 100) {
        #this is where newHlist is important: we avoind going through items in the list that we went through already
        if (!empty($mother_ids)) {
            foreach ($mother_ids as $mother_id) {
                $toFindM = letter($mother_id);
                $Hlist = top_down_propagation_list($toFindM, array($mother_id), $db, $Hlist_file, $toFindInfo);
            }
        }
    } else {
        if (!empty($newHlist) && !empty($mother_ids)) {
            foreach ($newHlist as $parent_id => $kids) {
                #$Hlist = bottom_up_propagation_list($parent_id, $db,$X,$Hlist_file);
                $tmpList = bottom_up_propagation_list($parent_id, $db, $X, $Hlist);
                $Hlist = array_merge($Hlist, $tmpList);
            }
        }
    }
    return $Hlist;
}
Esempio n. 9
0
function getSubClassStats($uid, $subClass_info, $inData, $user_id, $db, $N3coreNames, $inputs)
{
    global $verbs;
    $uid_info = uid($uid);
    $letter = substr($uid, 0, 1);
    $a_class_type = $GLOBALS['s3codes'][substr($uid, 0, 1)];
    $a_class_id = $GLOBALS['COREids'][$a_class_type];
    $CORElabel = $GLOBALS['CORElabel'];
    $N3coreNames = $N3coreNames != '' ? $N3coreNames : $GLOBALS['N3coreNames'];
    if (!$inputs['nocore']) {
        $n3 .= sprintf(n3UID($uid_info['uid']) . ' a ' . $N3coreNames[$a_class_type] . ' .') . chr(10) . chr(10);
    }
    switch ($a_class_type) {
        case 'user':
            if ($uid_info['Did'] == $GLOBALS['s3db_info']['deployment']['Did']) {
                $objectPredicates = array('rdfs:subClassOf' => n3UID($uid_info['Did']), 'rdfs:label' => '"' . $subClass_info[$CORElabel[$a_class_id]] . '"', 'foaf:mbox' => '"' . $subClass_info['account_email'] . '"', 'foaf:name' => '"' . $subClass_info['account_uname'] . '"', 'foaf:password' => $user_id == 1 ? '"' . findPassword(ereg_replace('^' . $letter, '', $uid_info['uid']), $db) . '"' : '', 'dcterms:creator' => n3UID('U' . $subClass_info['created_by']), 'dcterms:created' => '"' . $subClass_info['created_on'] . '"');
            } else {
                $objectPredicates = array('rdfs:subClassOf' => n3UID($GLOBALS['s3db_info']['deployment']['Did']));
            }
            break;
        case 'group':
            $objectPredicates = array('rdfs:subClassOf' => ':' . $uid_info['Did'], 'rdfs:label' => '"' . $subClass_info[$CORElabel[$a_class_id]] . '"', 'dcterms:creator' => n3UID('U' . $subClass_info['created_by']), 'dcterms:created' => '"' . $subClass_info['created_on'] . '"');
            $addStat .= addGroupUsers($user_id, $db, $subClass_info[$a_class_id]);
            break;
        case 'project':
            $objectPredicates = array('rdfs:subClassOf' => n3UID($uid_info['Did']), 'rdfs:label' => '"' . $subClass_info[$CORElabel[$a_class_id]] . '"', 'dcterms:creator' => n3UID('U' . $subClass_info['created_by']), 'dcterms:created' => '"' . $subClass_info['created_on'] . '"');
            $addStat .= addProjectRulesAndCollections($user_id, $db, $url, $subClass_info[$a_class_id], $inData);
            break;
        case 'collection':
            $objectPredicates = array('rdfs:subClassOf' => n3UID('P' . $subClass_info['project_id']), 'rdfs:label' => '"' . $subClass_info['entity'] . '"', 'rdfs:comment' => '"' . $subClass_info['notes'] . '"');
            if (!$inputs['nometa']) {
                $objectPredicates['dcterms:creator'] = n3UID('U' . $subClass_info['created_by']);
                $objectPredicates['dcterms:created'] = '"' . $subClass_info['created_on'] . '"';
            }
            if (in_array('all', array_keys($inputs))) {
                $addStat .= addCollectionItemStats($user_id, $db, $subClass_info[$a_class_id], $inputs);
            }
            #trying to see if the collection declarations are meesing up the query a lot
            if ($inputs['nocore']) {
                $n3 .= sprintf(n3UID($uid_info['uid']) . ' a ' . $N3coreNames[$a_class_type] . ' .') . chr(10) . chr(10);
            }
            break;
        case 'rule':
            $subject_id = n3UID('C' . $subClass_info['subject_id']);
            $verb_id = $subClass_info['verb_id'] == "" ? ":I" . random_string(5) : n3UID("I" . $subClass_info['verb_id']);
            #predicates can't be literals, so create a resource for literal verbs.
            #when the verb is not an ID, a random string is generated that will simulate the ID of an instance.
            if (!in_array($subClass_info['verb'], array_keys($verbs))) {
                $addStat .= sprintf($verb_id);
                $addStat .= sprintf(' rdfs:label "' . $subClass_info['verb'] . '" ;') . chr(10);
                if (!$inputs['nocore']) {
                    $addStat .= chr(9) . sprintf(' a s3db:s3dbItem ;') . chr(10);
                }
                ##Find collection of this item and output this information
                $item_info = s3info('item', $subClass_info['verb_id'], $db);
                if (is_array($item_info)) {
                    $addStat .= chr(9) . sprintf(' a ' . n3UID("C" . $item_info['resource_class_id']) . ' .') . chr(10) . chr(10);
                } else {
                    #find a collection for the verbs
                    $verbCollection = projectVerbClass(array('project_id' => $subClass_info['project_id'], 'db' => $db, 'user_id' => $user_id));
                    $addStat .= chr(9) . sprintf(' a ' . n3UID("C" . $verbCollection['resource_id']) . ' .') . chr(10) . chr(10);
                }
                $verbs[$subClass_info['verb']] = $verb_id;
            } else {
                $verb_id = $verbs[$subClass_info['verb']];
            }
            $object_id = $subClass_info['object_id'] == "" ? '"' . $subClass_info['object'] . '"' : n3UID("C" . $subClass_info['object_id']);
            $objectPredicates = array('rdfs:label' => '"' . $subClass_info['subject'] . ' ' . $subClass_info['verb'] . ' ' . $subClass_info['object'] . '"', 'rdfs:subClassOf' => n3UID('P' . $subClass_info['project_id']), 'rdf:subject' => $subject_id, 'rdf:predicate' => $verb_id, 'rdf:object' => $object_id);
            if (!$inputs['nometa']) {
                $objectPredicates['dcterms:creator'] = n3UID('U' . $subClass_info['created_by']);
                $objectPredicates['dcterms:created'] = '"' . $subClass_info['created_on'] . '"';
            }
            ##When no core is needed (when the document is not meant to be reloaded, there is no need for
            $addStat .= sprintf($subject_id . ' ' . $verb_id . ' ' . $object_id . ' .') . chr(10);
            if (in_array('all', array_keys($inputs))) {
                $addStat .= addRuleStats($user_id, $db, $url, $subClass_info[$a_class_id], $inputs);
            }
            #trying to see if the collection declarations are meesing up the query a lot
            if ($inputs['nocore']) {
                $n3 .= sprintf(n3UID($uid_info['uid']) . ' a ' . $N3coreNames[$a_class_type] . ' .') . chr(10) . chr(10);
            }
            break;
        case 'item':
            $objectPredicates = array('rdfs:label' => '"' . $subClass_info['notes'] . '"', 'a' => n3UID('C' . $subClass_info['class_id']));
            if (!$inputs['nometa']) {
                $objectPredicates['dcterms:creator'] = ':U' . $subClass_info['created_by'];
                $objectPredicates['dcterms:created'] = '"' . $subClass_info['created_on'] . '"';
            }
            #trying to see if the collection declarations are meesing up the query a lot
            if ($inputs['nocore']) {
                $n3 .= sprintf(n3UID($uid_info['uid']) . ' a ' . $N3coreNames[$a_class_type] . ' .') . chr(10) . chr(10);
            }
            break;
        case 'statement':
            $subject_name = 'instance_id';
            $predicate_name = 'rule_id';
            $object_name = 'instance_id';
            if ($subClass_info['file_name'] != '') {
                #find the file. Write it as base64encoded
                #echo '<pre>';print_r($subClass_info);
                $fileLocation = fileLocation($subClass_info, $db);
                if ($fileLocation != '') {
                    if (!$inputs['files']) {
                        $content = @fread(@fopen($fileLocation, 'r'), @filesize($fileLocation));
                        $content = base64_encode($content);
                        $object = '"s3dbFile_' . $subClass_info['file_name'] . '_' . $content . '"';
                    } else {
                        $object = '"s3dbLink_' . $subClass_info['file_name'] . '_' . S3DB_URI_BASE . '/download.php?key=' . $inputs['key'] . '&statement_id=' . $subClass_info['statement_id'] . '"';
                    }
                    #echo $object;exit;
                    #echo $subClass_info['file_name'].chr(13).chr(10);
                }
                #echo $object;exit;
                #ereg('<a href(.*)download.php(.*)>(.*)</a>', $stat_info['value'], $linkdata);
                #$statfilelink='<'.$url.'download.php'.str_replace('"', '', $linkdata[2]).'>';
                #$object=$statfilelink;
            } elseif ($subClass_info['object_id'] != '') {
                $object = n3UID($COREletter[$object_name] . $subClass_info['value']);
            } else {
                ereg('<a href=(.*)>(.*)</a>', $subClass_info['value'], $links);
                if (!empty($links)) {
                    $object = '"' . str_replace(array('"', '\''), array('', ''), $links[1]) . '"';
                } else {
                    $object = '"' . $subClass_info['value'] . '"';
                }
            }
            $objectPredicates = array('rdf:subject' => n3UID('I' . $subClass_info[$subject_name]), 'rdf:predicate' => n3UID('R' . $subClass_info[$predicate_name]), 'rdf:object' => $object, 'dcterms:creator' => n3UID('U' . $subClass_info['created_by']), 'dcterms:created' => '"' . $subClass_info['created_on'] . '"');
            #$objectPredicates['rdfs:label'] ='"'.$subClass_info['subject'].' '.$subClass_info['instance_notes'].' (I'.$subClass_info['instance_id'].') '.$subClass_info['verb'].' '.$subClass_info['object'].' '.(($subClass_info['object_id']!='')?($subClass_info['object_notes'].' (I'.$subClass_info['value'].')'):(($subClass_info['file_name']=='')?str_replace('"', '', $objectPredicates['rdf:object']):$subClass_info['file_name'])).'"';
            $objectPredicates['rdfs:label'] = '"' . $subClass_info['subject'] . ' ' . $subClass_info['instance_notes'] . ' I' . $subClass_info['instance_id'] . ' ' . $subClass_info['verb'] . ' ' . $subClass_info['object'] . ' ' . ($subClass_info['object_id'] != '' ? $subClass_info['object_notes'] . ' I' . $subClass_info['value'] . '' : ($subClass_info['file_name'] == '' ? str_replace('"', '', $objectPredicates['rdf:object']) : $subClass_info['file_name'])) . '"';
            #when no core is requested, return just the reified stat
            if ($inputs['nocore']) {
                $objectPredicates = array();
            }
            #unreified statement
            $addStat .= sprintf("%s", $objectPredicates['rdf:subject']);
            $addStat .= chr(9) . sprintf("%s", $objectPredicates['rdf:predicate'] . ' ' . ($subClass_info['object_id'] != '' ? $objectPredicates['rdf:object'] : $objectPredicates['rdf:object']) . ' .') . chr(10);
            break;
    }
    #export user permissions in rdf
    if (in_array('p', array_keys($inData))) {
        $s3ql = compact('user_id', 'db');
        $s3ql['from'] = 'users';
        $s3ql['where'][$GLOBALS['COREids'][$a_class_type]] = $subClass_info[$GLOBALS['COREids'][$a_class_type]];
        $users = S3QLaction($s3ql);
        if (is_array($users)) {
            $permissions = array_map('grab_permission', $users);
            $users = grab_id('user', $users);
            $specified_id_info['permissions'] = array_combine($users, $permissions);
        }
        if (is_array($specified_id_info['permissions'])) {
            $n3permissions .= chr(10);
            foreach ($specified_id_info['permissions'] as $user_code => $pcode) {
                $n3permissions .= sprintf(n3UID('U' . $user_code) . ' s3dbpc:VCU' . $pcode . ' ' . n3UID($uid_info['uid']) . ' .') . chr(10);
            }
        }
    }
    $objectPredicates = array_filter($objectPredicates);
    if (is_array($objectPredicates) && !empty($objectPredicates)) {
        #Global "this is a resource" statement
        $n3 .= sprintf(n3UID($uid_info['uid']));
        foreach ($objectPredicates as $predicate => $object) {
            if ($object != '""') {
                $n3 .= sprintf("%s", ' ' . $predicate . ' ' . $object . ($predicate == end(array_keys($objectPredicates)) ? ' .' . chr(10) . chr(10) : ' ;' . chr(10) . chr(9)));
            }
        }
    }
    if (is_array($user2declare)) {
        foreach ($user2declare as $user => $toDeclare) {
            $uid_info = uid($user);
            $addStat .= sprintf(n3UID('U' . $user), 'rdfs:label "' . getUserName($user, $db) . '"') . chr(10);
        }
    }
    $n3 .= $addStat . $n3permissions;
    #echo $n3;exit;
    return $n3;
}
Esempio n. 10
0
function display_option($C)
{
    extract($C);
    #echo '<pre>';print_r($cells);
    $action = $GLOBALS['webaction'];
    $tablecells .= '';
    $tablecells .= '<form name = "importform" action = "' . $action['excelimport'] . '" method="POST">';
    $tablecells .= "<table width='100%'><tr bgcolor=lightyellow><td>3. Select fields to be updated</td></tr></table>";
    $tablecells .= "<TABLE border=1>";
    $tablecells .= "<TR>";
    #start the row where the rule are displayed
    #echo '<pre>';print_r($cells);exit;
    foreach ($cells['rules'] as $col => $rules) {
        if ($col == 0) {
            $tablecells .= '<TD><BR>UID<BR><br>';
            $tablecells .= '<input type="button" value="Check all" name="fieldcheck' . $col . '" onClick="this.value=check_rule(' . $col . ')" checked><BR></TD>';
        } elseif ($col == 1) {
            $tablecells .= '<TD>';
            $tablecells .= 'Notes';
            $tablecells .= '<BR><br><br><input type="button"  value="Check all" "fieldcheck' . $col . '" onClick="this.value=check_rule(' . $col . ')" checked><BR>';
            $tablecells .= '</TD>';
        } elseif ($col >= 2) {
            if (is_array($rules['rule_info'])) {
                $tablecells .= '<TD>' . $rules['rule_info']['verb'] . '<BR><font color=blue>' . $rules['rule_info']['object'] . '<BR>(rule id ' . $rules['rule_info']['rule_id'] . ')</font><BR><input type="button"  value="Check all" name="fieldcheck' . $col . '" onClick="this.value=check_rule(' . $col . ')"  checked></TD>';
            } else {
                $tablecells .= '<TD><BR>' . $rules['verb'] . '<BR><font color=red>' . $rules['object'] . '<BR>(rule id NOT FOUND)</font>';
                $tablecells .= '<br>';
                $tablecells .= 'create rule?';
                $tablecells .= '<input type="checkbox" name="newrule_0_' . $col . '" checked>';
                $tablecells .= '<input type="button"  value="Check all" name="fieldcheck' . $col . '" onClick="this.value=check_rule(' . $col . ')" checked></TD>';
            }
        }
    }
    $tablecells .= "</TR>";
    foreach ($cells['data'] as $row => $row_data) {
        $tablecells .= '<TR>';
        for ($col = 0; $col < count($cells['rules']); $col++) {
            if ($col == 0) {
                $tablecells .= '<TD>';
                if ($row_data['UID'] == '') {
                    $tablecells .= '(no UID)';
                    $tablecells .= '<input type="checkbox" name="newinstance_' . $row . '" id="confirm_me' . $col . '[]" checked>';
                } elseif ($row_data['UID'] != '' && !is_array($row_data['instance_info'])) {
                    #so, the instance was not found?
                    $tablecells .= '<font color=red>';
                    $tablecells .= '(UID not found)';
                    $tablecells .= '</font>';
                    $tablecells .= '<br>new?';
                    $tablecells .= '<input type="checkbox" name="newinstance_' . $row . '" id="confirm_me' . $col . '[]" checked>';
                } else {
                    $tablecells .= instanceButton($row_data['instance_info']);
                    $tablecells .= '<input type="checkbox" name="confirminstance_' . $row . '" id="confirm_me' . $col . '[]" checked>';
                }
                $tablecells .= '</TD>';
            } elseif ($col == 1) {
                $tablecells .= '<TD>';
                if (!is_array($row_data['instance_info']) && $row_data[1] == '') {
                    #no a ,no b
                    $tablecells .= '(notes empty)';
                } elseif ($row_data[1] != '' && !is_array($row_data['instance_info'])) {
                    #a but no b
                    $tablecells .= $row_data[1];
                    $tablecells .= '<input type="checkbox" name="confirmnotes_' . $row . '" id="confirm_me' . $col . '[]" checked>';
                } elseif ($row_data[1] == '' && is_array($row_data['instance_info']) && $row_data['instance_info']['notes'] != '') {
                    #b but no a
                    $tablecells .= 'old:' . $row_data['instance_info']['notes'] . '<br>';
                    $tablecells .= 'new: (empty)<br>';
                    if ($row_data['instance_info']['add_data']) {
                        $tablecells .= '<font color=red>';
                        $tablecells .= 'delete?';
                        $tablecells .= '</font>';
                        $tablecells .= '<input type="checkbox" name="confirmnotes_' . $row . '" value="editnotes_' . $row_data['instance_info']['resource_id'] . '" id="confirm_me' . $col . '[]" checked>';
                    } else {
                        #uh ho, you're not allowed!
                        $tablecells .= '<font color=red>';
                        $tablecells .= 'User is not allowed to change instance_id ' . $row_data['instance_info']['resource_id'];
                        $tablecells .= '</font>';
                    }
                } elseif ($row_data[1] != '' && is_array($row_data['instance_info']) && $row_data['instance_info']['notes'] == $row_data[1]) {
                    #a==b
                    #this is an intance where notes were NOT modified
                    $tablecells .= $row_data[1];
                    $tablecells .= '<br>';
                    $tablecells .= '<font color=navy>';
                    $tablecells .= '(no change)';
                    $tablecells .= '</font>';
                } elseif ($row_data[1] != '' && is_array($row_data['instance_info']) && $row_data[1] != $row_data['instance_info']['notes']) {
                    #a!=b this is an intance where notes were modified
                    $tablecells .= 'old:' . $row_data['instance_info']['notes'] . '<br>';
                    if ($row_data['instance_info']['add_data']) {
                        $tablecells .= '<font color=DarkGreen>';
                        $tablecells .= 'new:' . $row_data[1] . '';
                        $tablecells .= '</font>';
                        $tablecells .= '<br>edit?';
                        $tablecells .= '<input type="checkbox" name="confirmnotes_' . $row . '" value="editnotes_' . $row_data['instance_info']['resource_id'] . '" id="confirm_me' . $col . '[]" checked>';
                    } else {
                        $tablecells .= '<font color=red>';
                        $tablecells .= 'User is not allowed to change instance_id ' . $row_data['instance_info']['resource_id'];
                        $tablecells .= '</font>';
                    }
                }
                $tablecells .= '</TD>';
            } elseif ($col >= 2) {
                $tablecells .= '<TD>';
                $statement_info = $row_data[$col]['statement_info'];
                #if ($rules['rule_info']['rule_id']=='') {#no rule
                #$tablecells .='(Data will NOT be imported)';
                #}
                #else
                if ($statement_info['value'] == '' && $row_data[$col]['newvalue'] == '') {
                    $tablecells .= '';
                } elseif ($row_data[$col]['newvalue'] != '' && empty($statement_info['value'])) {
                    #a but not b this means nothing was there, no checking required except for rule
                    if (!is_array($cells['rules'][$col]['rule_info'])) {
                        $tablecells .= $row_data[$col]['newvalue'];
                    } elseif ($cells['rules'][$col]['rule_info']['object_id'] == '') {
                        $tablecells .= $row_data[$col]['newvalue'];
                    } else {
                        $IN_instance_info = s3info('instance', $row_data[$col]['newvalue'], $db);
                        if (!is_array($IN_instance_info)) {
                            $tablecells .= '<font color=red>';
                            $tablecells .= '(UID ' . $row_data[$col]['newvalue'] . ' not found)';
                            $tablecells .= '<br>';
                            $tablecells .= 'Please insert a valid resource';
                            $tablecells .= '</font>';
                            $tablecells .= get_rule_drop_down_menu(array('select_name' => 'selectstatement_' . $row . '_' . $col, 'rule_info' => $cells['rules'][$col]['rule_info'], 'db' => $db, 'user_id' => $user_id, 'project_id' => $project_id, 'instance_id' => $row_data['instance_info']['resource_id']));
                        } else {
                            #object is a resource and instance was found
                            $tablecells .= instanceButton($IN_instance_info);
                        }
                    }
                    $tablecells .= '<br>';
                    $tablecells .= '<input type="checkbox" name="insertstatement_' . $row . '_' . $col . '" value="insertstatement_' . $row_data['instance_info']['resource_id'] . '_' . $rule_id . '" id="confirm_me' . $col . '[]" checked>';
                } elseif ($row_data[$col]['newvalue'] == '' && is_array($statement_info) && $statement_info['value'] != '') {
                    #b but not a #here is something being deleted
                    if ($statement_info['change']) {
                        if ($statement_info['file_name'] != '') {
                            $tablecells .= '<font color=red>';
                            $tablecells .= '(statement contains a file, please change it in the interface)<br /><a href=# onClick="window.open(\'' . $action['instance'] . '&instance_id=' . $statement_info['resource_id'] . '\')">Edit</a>';
                            $tablecells .= '</font>';
                        } else {
                            if ($cells['rules'][$col]['rule_info']['object_id'] == '') {
                                $tablecells .= 'old: ' . $statement_info['value'];
                            } else {
                                $OUT_instance_info = get_info('instance', $statement_info['value'], $db);
                                $tablecells .= 'old: ' . instanceButton($OUT_instance_info);
                            }
                            $tablecells .= '<br>';
                            $tablecells .= '<font color=red>';
                            $tablecells .= 'new: (empty)<br>';
                            $tablecells .= 'delete?';
                            $tablecells .= '</font>';
                            $tablecells .= '<input type="checkbox" name="deletestatement_' . $row . '_' . $col . '" value="deletestatement_' . $row_data['instance_info']['resource_id'] . '_' . $rule_id . '" id="confirm_me' . $col . '[]">';
                        }
                    } else {
                        $tablecells .= 'old: ' . $statement_info['value'];
                        $tablecells .= '<font color=red>';
                        $tablecells .= 'User does not have permission to delete statement_id ' . $statement_info['statement_id'] . '!!';
                        $tablecells .= '</font>';
                    }
                } elseif ($row_data[$col]['newvalue'] != '' && is_array($statement_info) && $statement_info['value'] == $row_data[$col]['newvalue']) {
                    #a==b nothing to change
                    if ($cells['rules'][$col]['rule_info']['object_id'] == '') {
                        $tablecells .= $statement_info['value'];
                    } else {
                        $OUT_instance_info = get_info('instance', $statement_info['value'], $db);
                        $tablecells .= instanceButton($OUT_instance_info);
                    }
                    $tablecells .= '<font color=navy>';
                    $tablecells .= '<br>';
                    $tablecells .= '(no change)';
                    $tablecells .= '</font>';
                } elseif ($row_data[$col]['newvalue'] != '' && is_array($statement_info) && $statement_info['value'] != '' && $statement_info['value'] != $row_data[$col]['newvalue']) {
                    #a!=b
                    if ($statement_info['change']) {
                        if ($statement_info['file_name'] != '') {
                            $tablecells .= '<font color=red>';
                            $tablecells .= '(statement contains a file, please change it in the interface)<br /><a href=# onClick="window.open(\'' . $action['instance'] . '&instance_id=' . $statement_info['resource_id'] . '\')">Edit</a>';
                            $tablecells .= '</font>';
                        } else {
                            if ($cells['rules'][$col]['rule_info']['object_id'] == '') {
                                $tablecells .= 'old: ' . $statement_info['value'];
                                $tablecells .= '<br>';
                                $tablecells .= 'new: ' . $row_data[$col]['newvalue'];
                            } else {
                                $OLD_instance_info = URIinfo('I' . $statement_info['value'], $user_id, $key, $db);
                                $NEW_instance_info = URIinfo('I' . $row_data[$col]['newvalue'], $user_id, $key, $db);
                                $tablecells .= 'old: ' . instanceButton($OLD_instance_info);
                                $tablecells .= '<br>';
                                if (!is_array($NEW_instance_info)) {
                                    $tablecells .= '<font color=red>';
                                    $tablecells .= '(UID ' . $row_data[$col]['newvalue'] . ' not found)';
                                    $tablecells .= '<br>';
                                    $tablecells .= 'Please insert a valid resource';
                                    $tablecells .= '</font>';
                                    $tablecells .= get_rule_drop_down_menu(array('select_name' => 'selectstatement_' . $row . '_' . $col, 'rule_info' => $cells['rules'][$col]['rule_info'], 'db' => $db, 'user_id' => $user_id, 'project_id' => $project_id, 'instance_id' => $row_data['instance_info']['resource_id']));
                                } else {
                                    $NEW_instance_info = URIinfo('I' . $row_data[$col]['newvalue'], $user_id, $key, $db);
                                    $tablecells .= 'new: ' . instanceButton($NEW_instance_info);
                                }
                            }
                            $tablecells .= '<br>';
                            $tablecells .= '<font color=DarkGreen>';
                            $tablecells .= 'edit?';
                            $tablecells .= '</font>';
                            $tablecells .= '<input type="checkbox" name="editstatement_' . $row . '_' . $col . '" value="editstatement_' . $row_data['instance_info']['resource_id'] . '_' . $rule_id . '" id="confirm_me' . $col . '[]" checked>';
                        }
                    } else {
                        $tablecells .= 'old: ' . $statement_info['value'];
                        $tablecells .= '<font color=red>';
                        $tablecells .= 'User does not have permission to delete statement_id ' . $statement_info['statement_id'] . '!!';
                        $tablecells .= '</font>';
                    }
                }
                $tablecells .= '</TD>';
            }
        }
        $tablecells .= '</TR>';
    }
    $tablecells .= '<input type="submit" name="InsertinDB" value="Import ' . $resource_info['entity'] . '"><BR>';
    $tablecells .= '</table>';
    return $tablecells;
}
Esempio n. 11
0
<?php

#editgroup.php is the interface for changing a pre-existing group (group name or existing users). Is contains the tabs.php file with links to project, etc
include 'adminheader.php';
#edit group info
$group_id = $_REQUEST['group_id'];
$group_info = s3info('group', $group_id, $db);
if ($group_id == '' || !is_array($group_info)) {
    echo "Please provide a valid group_id";
    exit;
}
#group users
$s3ql = compact('user_id', 'db');
$s3ql['select'] = '*';
$s3ql['from'] = 'users';
$s3ql['where']['group_id'] = $group_id;
$group_users = S3QLaction($s3ql);
#from these, I only need their account_ids
if (is_array($group_users)) {
    $group_users = account_id_as_key($group_users);
    $group_users_ids = array_keys($group_users);
} else {
    $group_users_ids = array();
}
#html variables
$group_name_required = '*';
$message = '* required';
#and finally all possible users, concatenate the list with myself
$s3ql = compact('user_id', 'db');
$s3ql['select'] = '*';
$s3ql['from'] = 'users';
Esempio n. 12
0
function bindRemoteUser($I)
{
    global $timer;
    ##$bound = bindRemoteUser(compact('remote_user_id', 'user_id', 'db','user_info'))
    ###Create a binding account for remote users; although this is not mandatory for authentication, it maintains consistency within the deployment, and giving parent user (user_id) power to change the default permission level
    extract($I);
    $element = 'user';
    ##Does this remote user exist already locally? This may have been checked before; remove this part if that is true
    $local_info = s3info($element, $remote_user_id, $db);
    if ($timer) {
        $timer->setMarker('Binding remote user');
    }
    if (!$local_info) {
        $password = random_string(15);
        foreach ($GLOBALS['dbstruct']['users'] as $inp_name) {
            $to_create[$inp_name] = $remote_user_info[$inp_name];
        }
        ##Replace here to create with data that need to be local for this deployment
        $to_create['account_lid'] = $to_create['account_lid'] . '@D' . ereg_replace('^D', '', $GLOBALS['Did']);
        ##Account login must be different
        $to_create['account_type'] = 'r';
        $to_create['account_group'] = 'r';
        $to_create['created_by'] = $user_id;
        $to_create['password'] = $password;
        ##Temporarily create an account email for this user; to email will be sent but user email does need to be updated upon first login
        $to_create['account_email'] = $remote_user_id . '@D' . ereg_replace('^D', '', $GLOBALS['Did']);
        $inputs = gatherInputs(compact('element', 'user_id', 'db', 'format', 'to_create'));
        $inputs['account_id'] = $remote_user_id;
        list($valid, $message, $id) = insert_s3db(compact('element', 'inputs', 'user_id', 'db'));
        ##Send the user's owner an email with the password for the new user
        include_once S3DB_SERVER_ROOT . '/s3dbcore/s3email.php';
        ##Small fix for google emails, as authority = google email does get the '.com' portion
        $user_email = ereg_replace('@gmail$', '@gmail.com', $user_email);
        $message .= sprintf("%s\n\n", 'Dear ' . $username);
        $message .= sprintf("%s\n", "You have created an account for remote user " . $remote_user_id . " in S3DB deployment " . S3DB_URI_BASE);
        $message .= sprintf("%s\n", $inputs['account_uname'] . " can now login at " . S3DB_URI_BASE . 'login.php');
        $message .= sprintf("%s\n", "Login: "******"%\n\n", 'Password: '******'The S3DB team.(http://www.s3db.org)');
        $message .= sprintf("%s\n\n", 'Note: Please do not reply to this email, this is an automated message');
        #send_email(array('email'=>array($user_email), 'subject'=>'Account for remote user created', 'message'=>$message));
        if ($valid) {
            return true;
        } else {
            return false;
        }
    } else {
        return true;
    }
}
Esempio n. 13
0
        $instances = includeStatementLink($instances);
    }
    #echo '<pre>';print_r($instances);exit;
    #$instances = include_data_acl(compact('instances', 'user_id', 'db'));
    #$instances = include_statements(compact('db', 'user_id', 'rules', 'instances'));
    $_SESSION[$user_id]['instances'][$class_id] = $instances;
    $_SESSION['queryresult'] = $instances;
    $datagrid = render_elements($instances, $acl, array('ResourceID', 'ResourceNotes', 'Form', 'Statements', 'CreatedOn', 'Owner'), 'statements');
} else {
    $message_report .= 'Your query returned no results.';
}
#print the form
#include('queryResultForm.php');
#exit;
if ($_REQUEST['main_resID'] != '') {
    $main_class_info = s3info('class', $_REQUEST['main_resID'], $db);
    $action['query_page'] = str_replace('&class_id=' . $_REQUEST['class_id'], '&class_id=' . $_REQUEST['main_resID'], $action['query_page']);
    echo '<input type="button" value="Send result to ' . $main_class_info['entity'] . '" onclick="window.location=\'' . $action['query_page'] . '\'">';
}
if ($_SESSION['query_result'] != '' && $_GET['action'] != 'listall') {
    #echo '<pre>';print_r($_SESSION['query_result']);
    $entity = $class_info['entity'];
    #Do a little trick to order the array by the intended order, by naming the key the same as the element by which we are to sort and then sorting by key
    if ($sortorder != '') {
        foreach ($_SESSION['query_result'] as $key => $instance) {
            $unsortedinstances[strtolower($instance[$sortorder]) . $key] = $instance;
        }
        if ($direction == 'ASC' && is_array($unsortedinstances)) {
            ksort($unsortedinstances);
        } elseif ($direction == 'DESC' && is_array($unsortedinstances)) {
            krsort($unsortedinstances);
Esempio n. 14
0
function URIinfo($uid, $user_id, $key, $db, $timer = array())
{
    $uid_info = uid($uid);
    $element = $GLOBALS['s3codes'][substr($uid, 0, 1)];
    $local_info = s3info($element, ereg_replace('^' . letter($uid), '', $uid), $db);
    #echo $uid.'<pre>';print_r($local_info);exit;
    if (is_array($local_info) && !empty($local_info)) {
        $uid_info['Did'] = $GLOBALS['Did'];
        $uid_info['uid'] = $uid;
        $element_info = $local_info;
        $letter = strtoupper(substr($element, 0, 1));
        $info = include_all(compact('elements', 'letter', 'element_info', 'user_id', 'db', 'key', 'timer'));
        $info['remote_uri'] = 0;
        #echo '<pre>';print_r($info);exit;
    }
    if ($uid_info['Did'] == $GLOBALS['Did'] || $uid_info['Did'] == S3DB_URI_BASE) {
        if (is_array($local_info) && !empty($local_info)) {
            $uid = str_replace(S3DB_URI_BASE . '/', '', $uid_info['uid']);
            $uid_info['Did'] = $GLOBALS['Did'];
            $uid_info['uid'] = $uid;
            $element_info = s3info($element, ereg_replace('^' . letter($uid), '', $uid), $db);
            $letter = strtoupper(substr($element, 0, 1));
            $info = include_all(compact('elements', 'letter', 'element_info', 'user_id', 'db', 'key'));
            $info['remote_uri'] = 0;
        } else {
            $info = false;
        }
        #echo 'loca'.$uid;exit;
        #$info = URI($uid_info['uid'], $user_id, $db);
        #$info['remote_uri']=0;
    } else {
        #echo 'ola'.$uid;exit;
        $key = $key != '' ? $key : get_user_key($user_id, $db);
        #echo $user_id;exit;
        $info = remoteURI($letter . $uid_info['uid'], $key, $user_id, $db);
        #echo '<pre>';print_r($info);exit;
        $info['remote_uri'] = 1;
        if (!is_array($info) || empty($info)) {
            $info = URI($uid, $user_id, $db);
        }
        if (!is_array($info)) {
            $info = false;
        }
    }
    #echo '<pre>';print_r($info);exit;
    return $info;
}
Esempio n. 15
0
function filterByElement($s3ql, $user_id, $db)
{
    switch ($s3ql['from']) {
        case 'users':
            #$user_query_const .= " and account_type !=".$regexp." '(u|p|a|r)'";
            $user_query_const .= " and account_type != 'g'";
            if (!user_is_admin($user_id, $db) || $s3ql['where']['account_status'] == '') {
                $user_query_const .= " and account_status = 'A'";
            }
            if ($s3ql['where']['group_id'] != '') {
                $group_info = s3info('group', $s3ql['where']['group_id'], $db);
                if (!is_array($group_info)) {
                    return False;
                    echo formatReturn($GLOBALS['error_codes']['something_does_not_exist'], 'Group ' . $s3ql['where']['group_id'] . ' does not exist', $s3ql['format'], '');
                } else {
                    #$group_members_query=str_replace("*", "substr(uid, 2, length(uid))", select(array('uid'=>'U'.$s3ql['where']['user_id'], 'shared_with'=>'G'.$s3ql['where']['group_id'])));
                    #$group_members_query=str_replace("*", "replace(substr(uid, 2, length(uid)), '".$GLOBALS['Did'].'/U'."', '')", select(array('uid'=>'U'.$s3ql['where']['user_id'], 'shared_with'=>'G'.$s3ql['where']['group_id'])));
                    $group_members_query = "select id from s3db_permission where shared_with = 'G" . $s3ql['where']['group_id'] . "' and uid " . $GLOBALS['regexp'] . " '^U'";
                    $user_query_const .= " and account_id in (" . $group_members_query . ")";
                    #group_id is artifical, don't use it in determining output
                    $s3ql['where'] = array_diff_key($s3ql['where'], array('group_id' => ''));
                    $s3ql['where'] = array_filter($s3ql['where']);
                }
            }
            break;
        case 'groups':
            #secial query will be pefrformed on listS3DB.
            $user_query_const .= " and account_type " . $GLOBALS['regexp'] . " '(g)'";
            if ($group_id != '1' || $s3ql['where']['account_status'] != 'I') {
                $user_query_const .= " and account_status = 'A'";
            }
            if ($s3ql['where']['user_id'] != '') {
                $user2query = $s3ql['where']['user_id'];
                $user_members_query = "select shared_with_num from s3db_permission where shared_with " . $GLOBALS['regexp'] . " '^G' and uid = 'U" . $user2query . "'";
                $user_query_const .= " and account_id in (" . $user_members_query . ")";
                #$user_members =  select(array('uid'=>'U'.$s3ql['where']['user_id'], 'shared_with'=>'G'.$s3ql['where']['group_id'], 'stream'=>'upstream'));
                #$user_members_query=str_replace("*", "substr(shared_with, 2, length(shared_with))", $user_members);
                #$user_query_const .= " and account_id in (select group_id from s3db_account_group where account_id ".$regexp." ".$s3ql['where']['user_id'].")";
                $s3ql['where'] = array_diff_key($s3ql['where'], array('user_id' => ''));
                $s3ql['where'] = array_filter($s3ql['where']);
            }
            #implicated user id. When queried with user_id, this query gives all the groups where user_id is involved, which are all the groups he can change.
            break;
        case 'accesslog':
            #if(!user_is_admin($user_id, $db))
            if ($user_id != '1' && !user_is_admin($user_id, $db)) {
                echo formatReturn($GLOBALS['error_codes']['no_permission_message'], 'User does not have permission to see accesslog', $s3ql['format'], '');
                exit;
                //return (False);
            }
            break;
        case 'rulelog':
            if ($user_id != '1') {
                $user_projects = findUserProjects($user_id, $db);
                $user_query_const .= " and project_id " . $GLOBALS['regexp'] . " '" . create_list($user_projects) . "'";
            }
            break;
        case 'keys':
            $P['table'] = 'access_keys';
            if ($user_id != '1') {
                $user_query_const .= " and account_id = '" . $user_id . "'";
            }
            break;
        case 'filekeys':
            $P['table'] = 'file_transfer';
            if ($user_id != '1') {
                $user_query_const .= " and created_by = '" . $user_id . "'";
            }
            break;
        case 'projects':
            if ($user_id != '1' && $s3ql['where']['project_status'] != 'I') {
                $user_query_const .= " and project_status = 'A'";
            }
            break;
        case 'requests':
            if ($user_id != '1') {
                $user_rules = findUserRules($user_id, $db);
                $user_query_const .= " and rule_id " . $regexp . " '" . create_list($user_rules) . "'";
            }
            break;
        case 'rules':
            if ($s3ql['where']['class_id'] != '') {
                $class_info = URI('C' . $s3ql['where']['class_id'], $user_id, $db);
                $user_query_const .= " and (subject_id = '" . $class_info['resource_id'] . "' or object_id = '" . $class_info['resource_id'] . "')";
            }
            $user_query_const .= " and object!='UID'";
            break;
        case 'statements':
            #
            if ($s3ql['where']['class_id'] != '') {
                $class_info = URI('C' . $s3ql['where']['class_id'], $user_id, $db);
                $user_query_const .= " and rule_id = '" . $class_info['rule_id'] . "'";
            }
            $user_query_const .= " and rule_id not in (select rule_id from s3db_rule where object='UID')";
            $user_query_const .= " and rule_id!=''";
            break;
        case 'collections':
            $user_query_const .= " and iid = '0'";
            if ($s3ql['where']['rule_id'] != '') {
                $element_info = URI('R' . $s3ql['where']['rule_id'], $user_id, $db);
                $user_query_const .= " and resource_id '^" . $regexp . " " . fastClassID(array('entity' => $element_info['subject'], 'project_id' => $element_info['project_id'], 'db' => $db)) . "'\$'";
            }
            break;
        case 'items':
            $user_query_const .= " and iid = '1'";
            if ($s3ql['where']['rule_id'] != '') {
                $element_info = URI('R' . $s3ql['where']['rule_id'], $user_id, $db);
                $user_query_const .= " and resource_class_id '^" . $regexp . " " . fastClassID(array('entity' => $element_info['subject'], 'project_id' => $element_info['project_id'], 'db' => $db)) . "'\$'";
            }
            break;
    }
    return $user_query_const;
}
Esempio n. 16
0
<?php

#deleteeuser.php is the interface for deleting a user. Includes tabs, and link to userlist.
#Helena F Deus (helenadeus@gmail.com)
include 'adminheader.php';
$imp_user_id = $_REQUEST['id'];
$deleteduser = s3info('user', $imp_user_id, $db);
#find a list of user to whom ownership of projects can be given to
$s3ql = compact('user_id', 'db');
$s3ql['select'] = '*';
$s3ql['from'] = 'users';
$users = S3QLaction($s3ql);
if ($_POST['back']) {
    Header('Location: ' . $action['listusers']);
}
if ($_POST['deleteuser']) {
    #and make the user inactive
    $s3ql = compact('user_id', 'db');
    if ($_POST['deleteuser'] == 'Remove from Deployment') {
        $s3ql['delete'] = 'user';
        $s3ql['where']['user_id'] = $imp_user_id;
        $s3ql['flag'] = 'resource';
    } elseif ($_POST['deleteuser'] == 'Deactivate Account') {
        $s3ql['update'] = 'user';
        $s3ql['where']['user_id'] = $imp_user_id;
        $s3ql['where']['account_status'] = 'I';
        #$s3ql['where']['permission_level']='000';
    }
    $s3ql['format'] = 'html';
    #echo '<pre>';print_r($s3ql);exit;
    $deleted = S3QLaction($s3ql);
Esempio n. 17
0
<?php

#deletegroup.php is the interface for deleteing a group
#can only be performed by admins
#includes link to group list and navigation tabs
#	Helena F Deus (hdeus@s3db.org)
include 'adminheader.php';
$group_id = $_REQUEST['group_id'];
$deletedgroup = s3info('group', $group_id, $db);
if ($_POST['back']) {
    Header('Location: ' . $action['listgroups']);
}
if ($_POST['deletegroup']) {
    $s3ql = compact('user_id', 'db');
    $s3ql['delete'] = 'group';
    $s3ql['where']['group_id'] = $group_id;
    $s3ql['where']['confirm'] = 'yes';
    $s3ql['format'] = 'html';
    $done = S3QLaction($s3ql);
    ereg('<error>(.*)</error><message>(.*)</message>', $done, $s3qlout);
    if ($s3qlout[1] == '0') {
        Header('Location: ' . $action['listgroups']);
        exit;
    } else {
        $message = $s3qlout[2];
    }
}
$section_num = '2';
$action_url = $actions['deletegroup'];
$delete_message = 'Delete Group Account -- ' . $deletedgroup['account_uname'] . ' (' . $deletedgroup['account_lid'] . ')';
$content_width = '60%';