/**
* Deprecated, Returns the first userGroup, to which a user belongs to
* Returns empty group if no group found
* Static function.
*
* @param CMS_profile_user|integer $user
* @return CMS_profile_usersGroup
* @access public
*/
static function getGroupOfUser($user)
{
CMS_grandFather::raiseError('This function is deprecated since Automne 3.3.0, You must use getGroupsOfUser instead !');
$groups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($user);
if (is_array($groups) && $groups) {
return array_shift($groups);
} else {
return new CMS_profile_usersGroup();
}
}
$sort = sensitiveIO::request('sort');
$dir = sensitiveIO::request('dir');
$start = sensitiveIO::request('start', 'sensitiveIO::isPositiveInteger', 0);
$limit = sensitiveIO::request('limit', 'sensitiveIO::isPositiveInteger', CMS_session::getRecordsPerPage());
$userId = sensitiveIO::request('userId', 'sensitiveIO::isPositiveInteger');
$filter = sensitiveIO::request('filter') ? true : false;
$groupsDatas = array();
$groupsDatas['groups'] = array();
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) {
CMS_grandFather::raiseError('User has no users management rights ...');
$view->setContent($groupsDatas);
$view->show();
}
//load user's groups if any
if ($userId) {
$userGroups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true);
} else {
$userGroups = array();
}
if ($userId && $filter) {
//search users
$groups = CMS_profile_usersGroupsCatalog::search($search, $letter, $userId, array(), $sort, $dir, $start, $limit);
} else {
//search users
$groups = CMS_profile_usersGroupsCatalog::search($search, $letter, false, array(), $sort, $dir, $start, $limit);
}
//loop over groups to get all required infos
foreach ($groups as $group) {
$datas = array('id' => $group->getGroupId(), 'label' => $group->getLabel(), 'description' => $group->getDescription());
if ($userId) {
$datas['belong'] = isset($userGroups[$group->getGroupId()]);
/**
* Get user by ID
*
* @access public
* @param integer $userId The user ID
* @return string XML definition object
*/
static function soapGetUser($userId = 0)
{
$xml = '';
$user = SensitiveIO::isPositiveInteger($userId) ? CMS_profile_usersCatalog::getByID($userId) : new CMS_profile_user();
$user = CMS_profile_usersCatalog::getByID($userId);
if ($user && !$user->hasError() && $user->isActive()) {
$contactData = $user->getContactData();
$language = $user->getLanguage();
// Groups
$xmlGroups = '<groups>';
$userGroupsIds = CMS_profile_usersGroupsCatalog::getGroupsOfUser($user, false, true);
if ($userGroupsIds) {
foreach ($userGroupsIds as $userGroup) {
$xmlGroups .= '<group id="' . $userGroup->getGroupId() . '">
<label><![CDATA[' . $userGroup->getLabel() . ']]></label>
<description><![CDATA[' . $userGroup->getDescription() . ']]></description>
</group>';
}
} else {
$xmlGroups .= '<group id=""></group>';
}
$xmlGroups .= '</groups>';
// User
$xml .= '<user>
<firstName><![CDATA[' . $user->getFirstName() . ']]></firstName>
<lastName><![CDATA[' . $user->getLastName() . ']]></lastName>
<login><![CDATA[' . $user->getLogin() . ']]></login>
<active><![CDATA[' . $user->isActive() . ']]></active>
<deleted><![CDATA[' . $user->isDeleted() . ']]></deleted>
<language label="' . SensitiveIO::sanitizeHTMLString($language->getLabel()) . '"><![CDATA[' . $language->getCode() . ']]></language>
<contactData>
<email><![CDATA[' . $contactData->getEmail() . ']]></email>
<service><![CDATA[' . $contactData->getService() . ']]></service>
<jobTitle><![CDATA[' . $contactData->getJobTitle() . ']]></jobTitle>
<addressField1><![CDATA[' . $contactData->getAddressField1() . ']]></addressField1>
<addressField2><![CDATA[' . $contactData->getAddressField1() . ']]></addressField2>
<addressField3><![CDATA[' . $contactData->getAddressField1() . ']]></addressField3>
<zip><![CDATA[' . $contactData->getZip() . ']]></zip>
<city><![CDATA[' . $contactData->getCity() . ']]></city>
<state><![CDATA[' . $contactData->getState() . ']]></state>
<country><![CDATA[' . $contactData->getCountry() . ']]></country>
<phone><![CDATA[' . $contactData->getPhone() . ']]></phone>
<cellphone><![CDATA[' . $contactData->getCellPhone() . ']]></cellphone>
<fax><![CDATA[' . $contactData->getFax() . ']]></fax>
</contactData>' . $xmlGroups . '</user>';
}
return $xml;
}
/**
* Apply group profile to all users belonging in this group
* This method must be as fast as possible
*
* @return void
* @access public
*/
function applyToUsers()
{
if (!$this->_users) {
return true;
}
// class users by groups they belong to
$usersByGroups = array();
foreach ($this->_users as $userId) {
$userGroupsIds = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true);
ksort($userGroupsIds);
$usersByGroups[implode(',', $userGroupsIds)][] = $userId;
}
ksort($usersByGroups);
$profiles = array();
//then loop through usersByGroups to compute rights of each combination of groups
foreach ($usersByGroups as $groupsIds => $usersIds) {
$groupIds = explode(',', $groupsIds);
$groupStack = $oldGroupStack = '';
$profile = null;
foreach ($groupIds as $groupId) {
$oldGroupStack = $groupStack;
$groupStack .= $groupStack ? ',' . $groupId : $groupId;
if ($groupStack && isset($profiles[$groupStack])) {
//already computed : do nothing
} elseif ($oldGroupStack && isset($profiles[$oldGroupStack])) {
$profile = clone $profiles[$oldGroupStack];
//get last computation
} else {
$profile = new CMS_profile();
}
if ($profile) {
//add group clearances
$group = CMS_profile_usersGroupsCatalog::getById($groupId);
if ($group && !$group->hasError()) {
$profile->addPageClearances($group->getPageClearances());
$profile->addModuleClearances($group->getModuleClearances());
$profile->addModuleCategoriesClearancesStack($group->getModuleCategoriesClearancesStack());
$profile->addValidationClearances($group->getValidationClearances());
$profile->addAdminClearance($group->getAdminClearance());
$profile->addTemplateGroupsDenied($group->getTemplateGroupsDenied());
$profile->addRowGroupsDenied($group->getRowGroupsDenied());
//store profile
$profiles[$groupStack] = $profile;
}
}
}
}
// Delete old categories clearances first (to speedup further inserts)
$q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $this->_users) . ")");
while (($id = $q->getValue('profile_pru')) !== false) {
$qdel = new CMS_query("delete from modulesCategories_clearances where profile_mcc ='" . SensitiveIO::sanitizeSQLString($id) . "'");
}
//then loop through usersByGroups to apply rights of users by groups
foreach ($usersByGroups as $groupsIds => $usersIds) {
//get profile for groups
if (isset($profiles[$groupsIds])) {
$profile = $profiles[$groupsIds];
//get profilesIds for users
$q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $usersIds) . ")");
$usersProfilesIds = array();
while (($id = $q->getValue('profile_pru')) !== false) {
$usersProfilesIds[] = $id;
}
if ($usersProfilesIds) {
//Update profiles
$pagesClearancesStack = $profile->getPageClearances();
$validationClearancesStack = $profile->getValidationClearances();
$moduleClearancesStack = $profile->getModuleClearances();
$templateGroupsDenied = $profile->getTemplateGroupsDenied();
$rowGroupsDenied = $profile->getRowGroupsDenied();
$q = new CMS_query("\n\t\t\t\t\t\tupdate\n\t\t\t\t\t\t\tprofiles\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tadministrationClearance_pr='" . SensitiveIO::sanitizeSQLString($profile->getAdminClearance()) . "',\n\t\t\t\t\t\t\tpageClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($pagesClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tvalidationClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($validationClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tmoduleClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($moduleClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\ttemplateGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($templateGroupsDenied->getTextDefinition()) . "',\n\t\t\t\t\t\t\trowGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($rowGroupsDenied->getTextDefinition()) . "'\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\tid_pr in (" . implode(',', $usersProfilesIds) . ")\n\t\t\t\t\t");
//Update categories clearances
$moduleCategoriesClearanceStack = $profile->getModuleCategoriesClearancesStack();
// Insert new ones
$elements = $moduleCategoriesClearanceStack->getElements();
if (is_array($elements) && $elements) {
$values = '';
foreach ($usersProfilesIds as $userProfileId) {
foreach ($elements as $v) {
$values .= $values ? ',' : '';
$values .= "('" . $userProfileId . "', '" . $v[0] . "', '" . $v[1] . "')";
}
}
$sql = "\n\t\t\t\t\t\t\tinsert into modulesCategories_clearances\n\t\t\t\t\t\t\t\t(profile_mcc, category_mcc, clearance_mcc)\n\t\t\t\t\t\t\tvalues " . $values . "\n\t\t\t\t\t\t";
$q = new CMS_query($sql);
}
}
}
}
//Clear polymod cache
CMS_cache::clearTypeCache('polymod');
return true;
}
$groupId = $profile->getGroupId();
}
$profileId = $profile->getId();
if (!isset($profile) || $profile->hasError()) {
CMS_grandFather::raiseError('Unknown profile for given Id : ' . $profileId);
$view->show();
}
//if user is admin, then it has all rights on module
$disableFields = $disableFieldsDesc = '';
if ($isUser) {
if ($profile->getUserId() == ROOT_PROFILEUSER_ID) {
$disableFields = 'disabled:true,';
$disableFieldsDesc = "<br /><br />" . $cms_language->getJSMessage(MESSAGE_PAGE_USER_ADMINISTRATOR);
} else {
//if user belongs to groups, all fields are disabled
$disableFields = sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? 'disabled:true,' : '';
$disableFieldsDesc = '';
if ($disableFields) {
$disableFieldsDesc = "<br /><br />" . $cms_language->getJSMessage(MESSAGE_PAGE_USER_RIGHT);
}
}
}
$adminTab = '';
// Admin clearance rows
$admins = CMS_profile::getAllAdminClearances();
foreach ($admins as $level => $messages) {
if ($cms_user->hasAdminClearance($level)) {
$checked = $profile->hasAdminClearance($level) ? 'checked:true,' : '';
$adminTab .= "{\n\t\t\t" . $disableFields . "\n\t\t\t" . $checked . "\n\t\t\tboxLabel: \t'<span ext:qtip=\"" . $cms_language->getJSMessage($messages['description']) . "\" class=\"atm-help\">" . $cms_language->getJSMessage($messages['label']) . "</span>',\n\t\t\tname: \t\t'admin[]',\n\t\t\tinputValue:\t'" . $level . "',\n\t\t\tlisteners:\t{'check':function(checkbox, checked){\n\t\t\t\t//enable or disable others checkboxes if admin check if touched\n\t\t\t\tif (checkbox.getRawValue() == 1) {\n\t\t\t\t\tvar form = Ext.getCmp('userAdminPanel-{$profileId}');\n\t\t\t\t\tvar checkboxes = form.findByType('checkbox');\n\t\t\t\t\tfor(var i = 0, checklen = checkboxes.length; i < checklen; i++) {\n\t\t\t\t\t\tif (checkboxes[i].getRawValue() != 1) {\n\t\t\t\t\t\t\tif (checked) {\n\t\t\t\t\t\t\t\tcheckboxes[i].disable();\n\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\tcheckboxes[i].enable();\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}}\n\t\t},";
}
}
function getJSonDescription($user, $cms_language)
{
//groups of user
$userGroups = array();
$groups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($this);
$userGroups = '';
if ($groups) {
foreach ($groups as $group) {
$userGroups .= $userGroups ? ', ' : '';
$userGroups .= '<a href="#" onclick="Automne.view.search(\'group:' . $group->getGroupId() . '\');return false;" ext:qtip="' . io::htmlspecialchars($group->getDescription()) . ' (' . $cms_language->getMessage(self::MESSAGE_PAGE_CLICK_TO_VIEW_USER) . ')" class="atm-help">' . $group->getLabel() . '</a>';
}
} else {
$userGroups = $cms_language->getMessage(self::MESSAGE_PAGE_NONE);
}
if ($user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) {
$edit = array('url' => 'user.php', 'params' => array('userId' => $this->getUserId()));
} else {
$edit = false;
}
return array('id' => $this->getUserId(), 'label' => $this->getFullName(), 'type' => $cms_language->getMessage(self::MESSAGE_PAGE_USER), 'description' => '
' . $cms_language->getMessage(self::MESSAGE_PAGE_NAME) . ' : <strong>' . $this->getLastname() . '</strong><br />
' . $cms_language->getMessage(self::MESSAGE_PAGE_FIRSTNAME) . ' : <strong>' . $this->getFirstname() . '</strong><br />
' . $cms_language->getMessage(self::MESSAGE_PAGE_EMAIL) . ' : <a href="mailto:' . $this->getEmail() . '" ext:qtip="' . $cms_language->getMessage(self::MESSAGE_PAGE_WRITE_TO, array(io::htmlspecialchars($this->getFullName()))) . '">' . $this->getEmail() . '</a><br />
' . $cms_language->getMessage(self::MESSAGE_PAGE_GROUPS) . ' : ' . $userGroups, 'edit' => $edit);
}
//search users
$users = CMS_profile_usersCatalog::search($search, $letter, $groupId, $sort, $dir, $start, $limit);
} else {
//search users
$users = CMS_profile_usersCatalog::search($search, $letter, false, $sort, $dir, $start, $limit);
}
//loop over users to get all required infos
foreach ($users as $user) {
$datas = array('id' => $user->getUserId(), 'firstName' => $user->getFirstName(), 'lastName' => $user->getLastName(), 'login' => $user->getLogin(), 'email' => $user->getEmail(), 'active' => $user->isActive());
if ($groupId) {
$datas['belong'] = isset($groupUsers[$user->getUserId()]);
}
if ($withGroups) {
//groups of user
$userGroups = array();
$groups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($user);
foreach ($groups as $group) {
$userGroups[] = array('id' => $group->getGroupId(), 'label' => $group->getLabel(), 'description' => $group->getDescription());
}
$datas['groups'] = $userGroups;
}
$usersDatas['users'][] = $datas;
}
//total users count for search
if ($groupId && $filter) {
$usersDatas['totalCount'] = sizeof(CMS_profile_usersCatalog::search($search, $letter, $groupId, $sort, $dir, 0, 0, false, false));
} else {
$usersDatas['totalCount'] = sizeof(CMS_profile_usersCatalog::search($search, $letter, false, $sort, $dir, 0, 0, false, false));
}
$view->setContent($usersDatas);
$view->show();
// +----------------------------------------------------------------------+
// | Session management |
// +----------------------------------------------------------------------+
//Set max depth (iterations count)
if ($maxDepth) {
CMS_session::setSessionVar("modules_clearances_max_depth", $maxDepth);
}
if (!sensitiveIO::isPositiveInteger(CMS_session::getSessionVar("modules_clearances_max_depth"))) {
CMS_session::setSessionVar("modules_clearances_max_depth", 3);
}
$maxDepth = CMS_session::getSessionVar("modules_clearances_max_depth");
// Colors used to visualize access level
$clearance_colors = array(CLEARANCE_MODULE_NONE => '#FF7E71', CLEARANCE_MODULE_VIEW => '#e2faaa', CLEARANCE_MODULE_EDIT => '#CFE779', CLEARANCE_MODULE_MANAGE => '#85A122');
$bg_color_selected = "#fdf5a2";
//if user belongs to groups, all fields are disabled
$disableFields = $profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL) || $isUser && sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? true : false;
//unique hash relative to user module
$hash = md5($moduleCodename . '-' . $profileId);
/**
* Module Elements rights
* (This is recycled code from the V3)
*/
if (!function_exists("build_items_tree")) {
/**
* Recursive function to build items tree.
*
* @param mixed $items : current category or page
* @param integer $count, to determine item in-tree depth
* @param integer $parent_clearance, immediate parent item clearance
* @return string HTML formated
*/
if (!$moduleClearance) {
$moduleClearance = CLEARANCE_MODULE_NONE;
}
if ($moduleCodename == MOD_STANDARD_CODENAME && $moduleClearance == CLEARANCE_MODULE_NONE) {
$moduleClearance = CLEARANCE_PAGE_VIEW;
//users has always this right on standard module
}
//if user is admin, then it has all rights on module
if ($isUser) {
if ($profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
$disableFields = true;
$moduleClearance = CLEARANCE_MODULE_EDIT;
$disableFieldsDesc = "{\n\t\t\tcls:\t'atm-text-alert',\n\t\t\thtml:\t'{$cms_language->getJSMessage(MESSAGE_PAGE_USER_ADMINISTRATOR_MODULE)}'\n\t\t},";
} else {
//if user belongs to groups, all fields are disabled
$disableFields = sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? true : false;
$disableFieldsDesc = '';
if ($disableFields) {
$disableFieldsDesc = "{\n\t\t\t\tcls:\t'atm-text-alert',\n\t\t\t\thtml:\t'{$cms_language->getJSMessage(MESSAGE_PAGE_NO_RIGHTS_MODIFY)}'\n\t\t\t},";
}
}
} else {
$disableFields = false;
$disableFieldsDesc = '';
if ($profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
$disableFields = true;
$moduleClearance = CLEARANCE_MODULE_EDIT;
$disableFieldsDesc = "{\n\t\t\tcls:\t'atm-text-alert',\n\t\t\thtml:\t'{$cms_language->getJSMessage(MESSAGE_PAGE_GROUP_ADMINISTRATOR_MODULE)}'\n\t\t},";
}
}
//Module clearances
