/** * Deprecated, Returns the first userGroup, to which a user belongs to * Returns empty group if no group found * Static function. * * @param CMS_profile_user|integer $user * @return CMS_profile_usersGroup * @access public */ static function getGroupOfUser($user) { CMS_grandFather::raiseError('This function is deprecated since Automne 3.3.0, You must use getGroupsOfUser instead !'); $groups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($user); if (is_array($groups) && $groups) { return array_shift($groups); } else { return new CMS_profile_usersGroup(); } }
$sort = sensitiveIO::request('sort'); $dir = sensitiveIO::request('dir'); $start = sensitiveIO::request('start', 'sensitiveIO::isPositiveInteger', 0); $limit = sensitiveIO::request('limit', 'sensitiveIO::isPositiveInteger', CMS_session::getRecordsPerPage()); $userId = sensitiveIO::request('userId', 'sensitiveIO::isPositiveInteger'); $filter = sensitiveIO::request('filter') ? true : false; $groupsDatas = array(); $groupsDatas['groups'] = array(); if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) { CMS_grandFather::raiseError('User has no users management rights ...'); $view->setContent($groupsDatas); $view->show(); } //load user's groups if any if ($userId) { $userGroups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true); } else { $userGroups = array(); } if ($userId && $filter) { //search users $groups = CMS_profile_usersGroupsCatalog::search($search, $letter, $userId, array(), $sort, $dir, $start, $limit); } else { //search users $groups = CMS_profile_usersGroupsCatalog::search($search, $letter, false, array(), $sort, $dir, $start, $limit); } //loop over groups to get all required infos foreach ($groups as $group) { $datas = array('id' => $group->getGroupId(), 'label' => $group->getLabel(), 'description' => $group->getDescription()); if ($userId) { $datas['belong'] = isset($userGroups[$group->getGroupId()]);
/** * Get user by ID * * @access public * @param integer $userId The user ID * @return string XML definition object */ static function soapGetUser($userId = 0) { $xml = ''; $user = SensitiveIO::isPositiveInteger($userId) ? CMS_profile_usersCatalog::getByID($userId) : new CMS_profile_user(); $user = CMS_profile_usersCatalog::getByID($userId); if ($user && !$user->hasError() && $user->isActive()) { $contactData = $user->getContactData(); $language = $user->getLanguage(); // Groups $xmlGroups = '<groups>'; $userGroupsIds = CMS_profile_usersGroupsCatalog::getGroupsOfUser($user, false, true); if ($userGroupsIds) { foreach ($userGroupsIds as $userGroup) { $xmlGroups .= '<group id="' . $userGroup->getGroupId() . '"> <label><![CDATA[' . $userGroup->getLabel() . ']]></label> <description><![CDATA[' . $userGroup->getDescription() . ']]></description> </group>'; } } else { $xmlGroups .= '<group id=""></group>'; } $xmlGroups .= '</groups>'; // User $xml .= '<user> <firstName><![CDATA[' . $user->getFirstName() . ']]></firstName> <lastName><![CDATA[' . $user->getLastName() . ']]></lastName> <login><![CDATA[' . $user->getLogin() . ']]></login> <active><![CDATA[' . $user->isActive() . ']]></active> <deleted><![CDATA[' . $user->isDeleted() . ']]></deleted> <language label="' . SensitiveIO::sanitizeHTMLString($language->getLabel()) . '"><![CDATA[' . $language->getCode() . ']]></language> <contactData> <email><![CDATA[' . $contactData->getEmail() . ']]></email> <service><![CDATA[' . $contactData->getService() . ']]></service> <jobTitle><![CDATA[' . $contactData->getJobTitle() . ']]></jobTitle> <addressField1><![CDATA[' . $contactData->getAddressField1() . ']]></addressField1> <addressField2><![CDATA[' . $contactData->getAddressField1() . ']]></addressField2> <addressField3><![CDATA[' . $contactData->getAddressField1() . ']]></addressField3> <zip><![CDATA[' . $contactData->getZip() . ']]></zip> <city><![CDATA[' . $contactData->getCity() . ']]></city> <state><![CDATA[' . $contactData->getState() . ']]></state> <country><![CDATA[' . $contactData->getCountry() . ']]></country> <phone><![CDATA[' . $contactData->getPhone() . ']]></phone> <cellphone><![CDATA[' . $contactData->getCellPhone() . ']]></cellphone> <fax><![CDATA[' . $contactData->getFax() . ']]></fax> </contactData>' . $xmlGroups . '</user>'; } return $xml; }
/** * Apply group profile to all users belonging in this group * This method must be as fast as possible * * @return void * @access public */ function applyToUsers() { if (!$this->_users) { return true; } // class users by groups they belong to $usersByGroups = array(); foreach ($this->_users as $userId) { $userGroupsIds = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true); ksort($userGroupsIds); $usersByGroups[implode(',', $userGroupsIds)][] = $userId; } ksort($usersByGroups); $profiles = array(); //then loop through usersByGroups to compute rights of each combination of groups foreach ($usersByGroups as $groupsIds => $usersIds) { $groupIds = explode(',', $groupsIds); $groupStack = $oldGroupStack = ''; $profile = null; foreach ($groupIds as $groupId) { $oldGroupStack = $groupStack; $groupStack .= $groupStack ? ',' . $groupId : $groupId; if ($groupStack && isset($profiles[$groupStack])) { //already computed : do nothing } elseif ($oldGroupStack && isset($profiles[$oldGroupStack])) { $profile = clone $profiles[$oldGroupStack]; //get last computation } else { $profile = new CMS_profile(); } if ($profile) { //add group clearances $group = CMS_profile_usersGroupsCatalog::getById($groupId); if ($group && !$group->hasError()) { $profile->addPageClearances($group->getPageClearances()); $profile->addModuleClearances($group->getModuleClearances()); $profile->addModuleCategoriesClearancesStack($group->getModuleCategoriesClearancesStack()); $profile->addValidationClearances($group->getValidationClearances()); $profile->addAdminClearance($group->getAdminClearance()); $profile->addTemplateGroupsDenied($group->getTemplateGroupsDenied()); $profile->addRowGroupsDenied($group->getRowGroupsDenied()); //store profile $profiles[$groupStack] = $profile; } } } } // Delete old categories clearances first (to speedup further inserts) $q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $this->_users) . ")"); while (($id = $q->getValue('profile_pru')) !== false) { $qdel = new CMS_query("delete from modulesCategories_clearances where profile_mcc ='" . SensitiveIO::sanitizeSQLString($id) . "'"); } //then loop through usersByGroups to apply rights of users by groups foreach ($usersByGroups as $groupsIds => $usersIds) { //get profile for groups if (isset($profiles[$groupsIds])) { $profile = $profiles[$groupsIds]; //get profilesIds for users $q = new CMS_query("select profile_pru from profilesUsers where id_pru in (" . implode(',', $usersIds) . ")"); $usersProfilesIds = array(); while (($id = $q->getValue('profile_pru')) !== false) { $usersProfilesIds[] = $id; } if ($usersProfilesIds) { //Update profiles $pagesClearancesStack = $profile->getPageClearances(); $validationClearancesStack = $profile->getValidationClearances(); $moduleClearancesStack = $profile->getModuleClearances(); $templateGroupsDenied = $profile->getTemplateGroupsDenied(); $rowGroupsDenied = $profile->getRowGroupsDenied(); $q = new CMS_query("\n\t\t\t\t\t\tupdate\n\t\t\t\t\t\t\tprofiles\n\t\t\t\t\t\tset\n\t\t\t\t\t\t\tadministrationClearance_pr='" . SensitiveIO::sanitizeSQLString($profile->getAdminClearance()) . "',\n\t\t\t\t\t\t\tpageClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($pagesClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tvalidationClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($validationClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\tmoduleClearancesStack_pr='" . SensitiveIO::sanitizeSQLString($moduleClearancesStack->getTextDefinition()) . "',\n\t\t\t\t\t\t\ttemplateGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($templateGroupsDenied->getTextDefinition()) . "',\n\t\t\t\t\t\t\trowGroupsDeniedStack_pr='" . SensitiveIO::sanitizeSQLString($rowGroupsDenied->getTextDefinition()) . "'\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\tid_pr in (" . implode(',', $usersProfilesIds) . ")\n\t\t\t\t\t"); //Update categories clearances $moduleCategoriesClearanceStack = $profile->getModuleCategoriesClearancesStack(); // Insert new ones $elements = $moduleCategoriesClearanceStack->getElements(); if (is_array($elements) && $elements) { $values = ''; foreach ($usersProfilesIds as $userProfileId) { foreach ($elements as $v) { $values .= $values ? ',' : ''; $values .= "('" . $userProfileId . "', '" . $v[0] . "', '" . $v[1] . "')"; } } $sql = "\n\t\t\t\t\t\t\tinsert into modulesCategories_clearances\n\t\t\t\t\t\t\t\t(profile_mcc, category_mcc, clearance_mcc)\n\t\t\t\t\t\t\tvalues " . $values . "\n\t\t\t\t\t\t"; $q = new CMS_query($sql); } } } } //Clear polymod cache CMS_cache::clearTypeCache('polymod'); return true; }
$groupId = $profile->getGroupId(); } $profileId = $profile->getId(); if (!isset($profile) || $profile->hasError()) { CMS_grandFather::raiseError('Unknown profile for given Id : ' . $profileId); $view->show(); } //if user is admin, then it has all rights on module $disableFields = $disableFieldsDesc = ''; if ($isUser) { if ($profile->getUserId() == ROOT_PROFILEUSER_ID) { $disableFields = 'disabled:true,'; $disableFieldsDesc = "<br /><br />" . $cms_language->getJSMessage(MESSAGE_PAGE_USER_ADMINISTRATOR); } else { //if user belongs to groups, all fields are disabled $disableFields = sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? 'disabled:true,' : ''; $disableFieldsDesc = ''; if ($disableFields) { $disableFieldsDesc = "<br /><br />" . $cms_language->getJSMessage(MESSAGE_PAGE_USER_RIGHT); } } } $adminTab = ''; // Admin clearance rows $admins = CMS_profile::getAllAdminClearances(); foreach ($admins as $level => $messages) { if ($cms_user->hasAdminClearance($level)) { $checked = $profile->hasAdminClearance($level) ? 'checked:true,' : ''; $adminTab .= "{\n\t\t\t" . $disableFields . "\n\t\t\t" . $checked . "\n\t\t\tboxLabel: \t'<span ext:qtip=\"" . $cms_language->getJSMessage($messages['description']) . "\" class=\"atm-help\">" . $cms_language->getJSMessage($messages['label']) . "</span>',\n\t\t\tname: \t\t'admin[]',\n\t\t\tinputValue:\t'" . $level . "',\n\t\t\tlisteners:\t{'check':function(checkbox, checked){\n\t\t\t\t//enable or disable others checkboxes if admin check if touched\n\t\t\t\tif (checkbox.getRawValue() == 1) {\n\t\t\t\t\tvar form = Ext.getCmp('userAdminPanel-{$profileId}');\n\t\t\t\t\tvar checkboxes = form.findByType('checkbox');\n\t\t\t\t\tfor(var i = 0, checklen = checkboxes.length; i < checklen; i++) {\n\t\t\t\t\t\tif (checkboxes[i].getRawValue() != 1) {\n\t\t\t\t\t\t\tif (checked) {\n\t\t\t\t\t\t\t\tcheckboxes[i].disable();\n\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\tcheckboxes[i].enable();\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}}\n\t\t},"; } }
function getJSonDescription($user, $cms_language) { //groups of user $userGroups = array(); $groups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($this); $userGroups = ''; if ($groups) { foreach ($groups as $group) { $userGroups .= $userGroups ? ', ' : ''; $userGroups .= '<a href="#" onclick="Automne.view.search(\'group:' . $group->getGroupId() . '\');return false;" ext:qtip="' . io::htmlspecialchars($group->getDescription()) . ' (' . $cms_language->getMessage(self::MESSAGE_PAGE_CLICK_TO_VIEW_USER) . ')" class="atm-help">' . $group->getLabel() . '</a>'; } } else { $userGroups = $cms_language->getMessage(self::MESSAGE_PAGE_NONE); } if ($user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) { $edit = array('url' => 'user.php', 'params' => array('userId' => $this->getUserId())); } else { $edit = false; } return array('id' => $this->getUserId(), 'label' => $this->getFullName(), 'type' => $cms_language->getMessage(self::MESSAGE_PAGE_USER), 'description' => ' ' . $cms_language->getMessage(self::MESSAGE_PAGE_NAME) . ' : <strong>' . $this->getLastname() . '</strong><br /> ' . $cms_language->getMessage(self::MESSAGE_PAGE_FIRSTNAME) . ' : <strong>' . $this->getFirstname() . '</strong><br /> ' . $cms_language->getMessage(self::MESSAGE_PAGE_EMAIL) . ' : <a href="mailto:' . $this->getEmail() . '" ext:qtip="' . $cms_language->getMessage(self::MESSAGE_PAGE_WRITE_TO, array(io::htmlspecialchars($this->getFullName()))) . '">' . $this->getEmail() . '</a><br /> ' . $cms_language->getMessage(self::MESSAGE_PAGE_GROUPS) . ' : ' . $userGroups, 'edit' => $edit); }
//search users $users = CMS_profile_usersCatalog::search($search, $letter, $groupId, $sort, $dir, $start, $limit); } else { //search users $users = CMS_profile_usersCatalog::search($search, $letter, false, $sort, $dir, $start, $limit); } //loop over users to get all required infos foreach ($users as $user) { $datas = array('id' => $user->getUserId(), 'firstName' => $user->getFirstName(), 'lastName' => $user->getLastName(), 'login' => $user->getLogin(), 'email' => $user->getEmail(), 'active' => $user->isActive()); if ($groupId) { $datas['belong'] = isset($groupUsers[$user->getUserId()]); } if ($withGroups) { //groups of user $userGroups = array(); $groups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($user); foreach ($groups as $group) { $userGroups[] = array('id' => $group->getGroupId(), 'label' => $group->getLabel(), 'description' => $group->getDescription()); } $datas['groups'] = $userGroups; } $usersDatas['users'][] = $datas; } //total users count for search if ($groupId && $filter) { $usersDatas['totalCount'] = sizeof(CMS_profile_usersCatalog::search($search, $letter, $groupId, $sort, $dir, 0, 0, false, false)); } else { $usersDatas['totalCount'] = sizeof(CMS_profile_usersCatalog::search($search, $letter, false, $sort, $dir, 0, 0, false, false)); } $view->setContent($usersDatas); $view->show();
// +----------------------------------------------------------------------+ // | Session management | // +----------------------------------------------------------------------+ //Set max depth (iterations count) if ($maxDepth) { CMS_session::setSessionVar("modules_clearances_max_depth", $maxDepth); } if (!sensitiveIO::isPositiveInteger(CMS_session::getSessionVar("modules_clearances_max_depth"))) { CMS_session::setSessionVar("modules_clearances_max_depth", 3); } $maxDepth = CMS_session::getSessionVar("modules_clearances_max_depth"); // Colors used to visualize access level $clearance_colors = array(CLEARANCE_MODULE_NONE => '#FF7E71', CLEARANCE_MODULE_VIEW => '#e2faaa', CLEARANCE_MODULE_EDIT => '#CFE779', CLEARANCE_MODULE_MANAGE => '#85A122'); $bg_color_selected = "#fdf5a2"; //if user belongs to groups, all fields are disabled $disableFields = $profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL) || $isUser && sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? true : false; //unique hash relative to user module $hash = md5($moduleCodename . '-' . $profileId); /** * Module Elements rights * (This is recycled code from the V3) */ if (!function_exists("build_items_tree")) { /** * Recursive function to build items tree. * * @param mixed $items : current category or page * @param integer $count, to determine item in-tree depth * @param integer $parent_clearance, immediate parent item clearance * @return string HTML formated */
if (!$moduleClearance) { $moduleClearance = CLEARANCE_MODULE_NONE; } if ($moduleCodename == MOD_STANDARD_CODENAME && $moduleClearance == CLEARANCE_MODULE_NONE) { $moduleClearance = CLEARANCE_PAGE_VIEW; //users has always this right on standard module } //if user is admin, then it has all rights on module if ($isUser) { if ($profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) { $disableFields = true; $moduleClearance = CLEARANCE_MODULE_EDIT; $disableFieldsDesc = "{\n\t\t\tcls:\t'atm-text-alert',\n\t\t\thtml:\t'{$cms_language->getJSMessage(MESSAGE_PAGE_USER_ADMINISTRATOR_MODULE)}'\n\t\t},"; } else { //if user belongs to groups, all fields are disabled $disableFields = sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? true : false; $disableFieldsDesc = ''; if ($disableFields) { $disableFieldsDesc = "{\n\t\t\t\tcls:\t'atm-text-alert',\n\t\t\t\thtml:\t'{$cms_language->getJSMessage(MESSAGE_PAGE_NO_RIGHTS_MODIFY)}'\n\t\t\t},"; } } } else { $disableFields = false; $disableFieldsDesc = ''; if ($profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) { $disableFields = true; $moduleClearance = CLEARANCE_MODULE_EDIT; $disableFieldsDesc = "{\n\t\t\tcls:\t'atm-text-alert',\n\t\t\thtml:\t'{$cms_language->getJSMessage(MESSAGE_PAGE_GROUP_ADMINISTRATOR_MODULE)}'\n\t\t},"; } } //Module clearances