function getNodeCascadePrivileges($node, $type = "all", $privs = 0)
{
$key = getKey(array($node, $type, $privs));
if (array_key_exists($key, $_SESSION['cascadenodeprivileges'])) {
return $_SESSION['cascadenodeprivileges'][$key];
}
if (!$privs) {
$privs = array("resources" => array(), "users" => array(), "usergroups" => array());
}
# get node's parents
$nodelist = getParentNodes($node);
if ($type == "resources" || $type == "all") {
$mynodelist = $nodelist;
# loop through each node, starting at the root
while (count($mynodelist)) {
$node = array_pop($mynodelist);
# get all resource groups with block set at this node and remove any cascaded privs
$query = "SELECT g.name AS name, " . "t.name AS type " . "FROM resourcepriv p, " . "resourcetype t, " . "resourcegroup g " . "WHERE p.privnodeid = {$node} AND " . "p.resourcegroupid = g.id AND " . "g.resourcetypeid = t.id AND " . "p.type = 'block'";
$qh = doQuery($query, 353);
while ($row = mysql_fetch_assoc($qh)) {
$name = $row["type"] . "/" . $row["name"];
unset($privs["resources"][$name]);
}
# get all privs for users with cascaded privs
$query = "SELECT g.id AS id, " . "p.type AS privtype, " . "g.name AS name, " . "t.name AS type " . "FROM resourcepriv p, " . "resourcetype t, " . "resourcegroup g " . "WHERE p.privnodeid = {$node} AND " . "p.resourcegroupid = g.id AND " . "g.resourcetypeid = t.id AND " . "p.type != 'block' AND " . "p.type != 'cascade' AND " . "p.resourcegroupid IN (SELECT resourcegroupid " . "FROM resourcepriv " . "WHERE type = 'cascade' AND " . "privnodeid = {$node})";
$qh = doQuery($query, 354);
while ($row = mysql_fetch_assoc($qh)) {
$name = $row["type"] . "/" . $row["name"] . "/" . $row["id"];
// if we've already seen this resource group, add it to the
# resource group's privs
if (array_key_exists($name, $privs["resources"])) {
array_push($privs["resources"][$name], $row["privtype"]);
} else {
$privs["resources"][$name] = array($row["privtype"]);
}
}
}
}
if ($type == "users" || $type == "all") {
$mynodelist = $nodelist;
# loop through each node, starting at the root
while (count($mynodelist)) {
$node = array_pop($mynodelist);
# get all users with block set at this node and remove any cascaded privs
$query = "SELECT CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "userpriv up, " . "userprivtype t, " . "affiliation a " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.userid = u.id AND " . "up.userid IS NOT NULL AND " . "t.name = 'block' AND " . "u.affiliationid = a.id";
$qh = doQuery($query, 355);
while ($row = mysql_fetch_assoc($qh)) {
unset($privs["users"][$row["unityid"]]);
}
# get all privs for users with cascaded privs
$query = "SELECT t.name AS name, " . "CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "userpriv up, " . "userprivtype t, " . "affiliation a " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.userid = u.id AND " . "u.affiliationid = a.id AND " . "up.userid IS NOT NULL AND " . "t.name != 'cascade' AND " . "t.name != 'block' AND " . "up.userid IN (SELECT up.userid " . "FROM userpriv up, " . "userprivtype t " . "WHERE up.userprivtypeid = t.id AND " . "t.name = 'cascade' AND " . "up.privnodeid = {$node}) " . "ORDER BY u.unityid";
$qh = doQuery($query, 356);
while ($row = mysql_fetch_assoc($qh)) {
// if we've already seen this user, add it to the user's privs
if (array_key_exists($row["unityid"], $privs["users"])) {
array_push($privs["users"][$row["unityid"]], $row["name"]);
} else {
$privs["users"][$row["unityid"]] = array($row["name"]);
}
}
}
}
if ($type == "usergroups" || $type == "all") {
$mynodelist = $nodelist;
# loop through each node, starting at the root
while (count($mynodelist)) {
$node = array_pop($mynodelist);
# get all groups with block set at this node and remove any cascaded privs
$query = "SELECT g.name AS groupname " . "FROM usergroup g, " . "userpriv up, " . "userprivtype t " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.usergroupid = g.id AND " . "up.usergroupid IS NOT NULL AND " . "t.name = 'block'";
$qh = doQuery($query, 357);
while ($row = mysql_fetch_assoc($qh)) {
unset($privs["usergroups"][$row["groupname"]]);
}
# get all privs for groups with cascaded privs
$query = "SELECT t.name AS priv, " . "g.name AS groupname, " . "g.affiliationid, " . "a.name AS affiliation, " . "g.id " . "FROM userpriv up, " . "userprivtype t, " . "usergroup g " . "LEFT JOIN affiliation a ON (g.affiliationid = a.id) " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.usergroupid = g.id AND " . "up.usergroupid IS NOT NULL AND " . "t.name != 'cascade' AND " . "t.name != 'block' AND " . "up.usergroupid IN (SELECT up.usergroupid " . "FROM userpriv up, " . "userprivtype t " . "WHERE up.userprivtypeid = t.id AND " . "t.name = 'cascade' AND " . "up.privnodeid = {$node}) " . "ORDER BY g.name";
$qh = doQuery($query, 358);
while ($row = mysql_fetch_assoc($qh)) {
// if we've already seen this group, add it to the user's privs
if (array_key_exists($row["groupname"], $privs["usergroups"])) {
array_push($privs["usergroups"][$row["groupname"]]['privs'], $row["priv"]);
} else {
$privs["usergroups"][$row["groupname"]] = array('id' => $row['id'], 'affiliationid' => $row['affiliationid'], 'affiliation' => $row['affiliation'], 'privs' => array($row['priv']));
}
}
}
}
$_SESSION['cascadenodeprivileges'][$key] = $privs;
return $privs;
}
function getUserResourcesUp(&$nodeprivs, $nodeid, $userid, $resourceprivs)
{
# build list of parent nodes
# starting at top, get images available at that node and user privs there and
# walk down to $nodeid
$nodelist = getParentNodes($nodeid);
array_unshift($nodelist, $nodeid);
$lastid = 0;
while (count($nodelist)) {
$id = array_pop($nodelist);
if (array_key_exists($id, $nodeprivs)) {
continue;
}
addNodeUserResourcePrivs($nodeprivs, $id, $lastid, $userid, $resourceprivs);
$lastid = $id;
}
}
function getNodeCascadePrivileges($node, $type = "all", $privs = 0)
{
$key = getKey(array($node, $type, $privs));
if (array_key_exists($key, $_SESSION['cascadenodeprivileges'])) {
return $_SESSION['cascadenodeprivileges'][$key];
}
if (!$privs) {
$privs = array("resources" => array(), "users" => array(), "usergroups" => array());
}
# get node's parents
$nodelist = getParentNodes($node);
# get all block data
static $allblockdata = array();
if (empty($allblockdata)) {
$query = "SELECT g.id, " . "g.name, " . "t.name AS type, " . "p.privnodeid " . "FROM resourcepriv p, " . "resourcetype t, " . "resourcegroup g " . "WHERE p.resourcegroupid = g.id AND " . "g.resourcetypeid = t.id AND " . "p.type = 'block'";
$qh = doQuery($query);
while ($row = mysql_fetch_assoc($qh)) {
if (!array_key_exists($row['privnodeid'], $allblockdata)) {
$allblockdata[$row['privnodeid']] = array();
}
# TODO adding the id at the end will fix the bug where blocking cascaded resource
# privileges are only blocked at the node and the block is not cascaded to
# child nodes
$allblockdata[$row['privnodeid']][] = "{$row["type"]}/{$row["name"]}";
#$allblockdata[$row['privnodeid']][] = "{$row["type"]}/{$row["name"]}/{$row['id']}";
}
}
# get resource group block data
$inlist = implode(',', $nodelist);
$blockdata = array();
foreach ($nodelist as $nodeid) {
if (array_key_exists($nodeid, $allblockdata)) {
$blockdata[$nodeid] = $allblockdata[$nodeid];
}
}
# get all cascade data
static $allcascadedata = array();
if (empty($allcascadedata)) {
$query = "SELECT g.id AS id, " . "p.type AS privtype, " . "g.name AS name, " . "t.name AS type, " . "p.privnodeid " . "FROM resourcepriv p, " . "resourcetype t, " . "resourcegroup g, " . "resourcepriv p2 " . "WHERE p.resourcegroupid = g.id AND " . "g.resourcetypeid = t.id AND " . "p.type != 'block' AND " . "p.type != 'cascade' AND " . "p.resourcegroupid = p2.resourcegroupid AND " . "p.privnodeid = p2.privnodeid AND " . "p2.type = 'cascade'";
$qh = doQuery($query);
while ($row = mysql_fetch_assoc($qh)) {
if (!array_key_exists($row['privnodeid'], $allcascadedata)) {
$allcascadedata[$row['privnodeid']] = array();
}
$allcascadedata[$row['privnodeid']][] = array('name' => "{$row["type"]}/{$row["name"]}/{$row["id"]}", 'type' => $row['privtype']);
}
}
# get all privs for users with cascaded privs
$cascadedata = array();
foreach ($nodelist as $nodeid) {
if (array_key_exists($nodeid, $allcascadedata)) {
$cascadedata[$nodeid] = $allcascadedata[$nodeid];
}
}
if ($type == "resources" || $type == "all") {
$mynodelist = $nodelist;
# loop through each node, starting at the root
while (count($mynodelist)) {
$node = array_pop($mynodelist);
# get all resource groups with block set at this node and remove any cascaded privs
if (array_key_exists($node, $blockdata)) {
foreach ($blockdata[$node] as $name) {
unset($privs["resources"][$name]);
}
}
# get all privs for users with cascaded privs
if (array_key_exists($node, $cascadedata)) {
foreach ($cascadedata[$node] as $data) {
if (!array_key_exists($data['name'], $privs["resources"])) {
$privs["resources"][$data['name']] = array();
}
$privs["resources"][$data['name']][] = $data["type"];
}
}
}
}
if ($type == "users" || $type == "all") {
$mynodelist = $nodelist;
# loop through each node, starting at the root
while (count($mynodelist)) {
$node = array_pop($mynodelist);
# get all users with block set at this node and remove any cascaded privs
$query = "SELECT CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "userpriv up, " . "userprivtype t, " . "affiliation a " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.userid = u.id AND " . "up.userid IS NOT NULL AND " . "t.name = 'block' AND " . "u.affiliationid = a.id";
$qh = doQuery($query, 355);
while ($row = mysql_fetch_assoc($qh)) {
unset($privs["users"][$row["unityid"]]);
}
# get all privs for users with cascaded privs
$query = "SELECT t.name AS name, " . "CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "userpriv up, " . "userprivtype t, " . "affiliation a " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.userid = u.id AND " . "u.affiliationid = a.id AND " . "up.userid IS NOT NULL AND " . "t.name != 'cascade' AND " . "t.name != 'block' AND " . "up.userid IN (SELECT up.userid " . "FROM userpriv up, " . "userprivtype t " . "WHERE up.userprivtypeid = t.id AND " . "t.name = 'cascade' AND " . "up.privnodeid = {$node}) " . "ORDER BY u.unityid";
$qh = doQuery($query, 356);
while ($row = mysql_fetch_assoc($qh)) {
// if we've already seen this user, add it to the user's privs
if (array_key_exists($row["unityid"], $privs["users"])) {
array_push($privs["users"][$row["unityid"]], $row["name"]);
} else {
$privs["users"][$row["unityid"]] = array($row["name"]);
}
}
}
}
if ($type == "usergroups" || $type == "all") {
$mynodelist = $nodelist;
# loop through each node, starting at the root
while (count($mynodelist)) {
$node = array_pop($mynodelist);
# get all groups with block set at this node and remove any cascaded privs
$query = "SELECT g.id " . "FROM usergroup g, " . "userpriv up, " . "userprivtype t " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.usergroupid = g.id AND " . "up.usergroupid IS NOT NULL AND " . "t.name = 'block'";
$qh = doQuery($query, 357);
while ($row = mysql_fetch_assoc($qh)) {
unset($privs["usergroups"][$row["id"]]);
}
# get all privs for groups with cascaded privs
$query = "SELECT t.name AS priv, " . "g.name AS groupname, " . "g.affiliationid, " . "a.name AS affiliation, " . "g.id " . "FROM userpriv up, " . "userprivtype t, " . "usergroup g " . "LEFT JOIN affiliation a ON (g.affiliationid = a.id) " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.usergroupid = g.id AND " . "up.usergroupid IS NOT NULL AND " . "t.name != 'cascade' AND " . "t.name != 'block' AND " . "up.usergroupid IN (SELECT up.usergroupid " . "FROM userpriv up, " . "userprivtype t " . "WHERE up.userprivtypeid = t.id AND " . "t.name = 'cascade' AND " . "up.privnodeid = {$node}) " . "ORDER BY g.name";
$qh = doQuery($query, 358);
while ($row = mysql_fetch_assoc($qh)) {
// if we've already seen this group, add it to the user's privs
if (array_key_exists($row["id"], $privs["usergroups"])) {
array_push($privs["usergroups"][$row["id"]]['privs'], $row["priv"]);
} else {
$privs["usergroups"][$row["id"]] = array('id' => $row['id'], 'name' => $row['groupname'], 'affiliationid' => $row['affiliationid'], 'affiliation' => $row['affiliation'], 'privs' => array($row['priv']));
}
}
}
}
$_SESSION['cascadenodeprivileges'][$key] = $privs;
return $privs;
}
