function load()
{
$serialDir = $this->storage->getOption("USERS_DIRPATH");
$this->rights = AJXP_Utils::loadSerialFile($serialDir . "/" . $this->getId() . "/rights.ser");
$this->prefs = AJXP_Utils::loadSerialFile($serialDir . "/" . $this->getId() . "/prefs.ser");
$this->bookmarks = AJXP_Utils::loadSerialFile($serialDir . "/" . $this->getId() . "/bookmarks.ser");
if (isset($this->rights["ajxp.admin"]) && $this->rights["ajxp.admin"] === true) {
$this->setAdmin(true);
}
if (isset($this->rights["ajxp.parent_user"])) {
$this->setParent($this->rights["ajxp.parent_user"]);
}
// Load roles
if (isset($this->rights["ajxp.roles"])) {
//$allRoles = $this->storage->listRoles();
$allRoles = AuthService::getRolesList();
// Maintained as instance variable
foreach (array_keys($this->rights["ajxp.roles"]) as $roleId) {
if (isset($allRoles[$roleId])) {
$this->roles[$roleId] = $allRoles[$roleId];
} else {
unset($this->rights["ajxp.roles"][$roleId]);
}
}
}
}
/**
* Load initial user data (Rights, Preferences and Bookmarks).
*
* @see AbstractAjxpUser#load()
*/
public function load()
{
$this->log('Loading all user data..');
// update group
$res = dibi::query('SELECT [groupPath] FROM [ajxp_users] WHERE [login] = %s', $this->getId());
$this->groupPath = $res->fetchSingle();
if (empty($this->groupPath)) {
// Auto migrate from old version
$this->setGroupPath("/");
}
$result_rights = dibi::query('SELECT [repo_uuid], [rights] FROM [ajxp_user_rights] WHERE [login] = %s', $this->getId());
$this->rights = $result_rights->fetchPairs('repo_uuid', 'rights');
// Db field returns integer or string so we are required to cast it in order to make the comparison
if (isset($this->rights["ajxp.admin"]) && (bool) $this->rights["ajxp.admin"] === true) {
$this->setAdmin(true);
}
if (isset($this->rights["ajxp.parent_user"])) {
$this->setParent($this->rights["ajxp.parent_user"]);
}
if (isset($this->rights["ajxp.hidden"])) {
$this->setHidden(true);
}
if ("postgre" == $this->storage->sqlDriver["driver"]) {
dibi::nativeQuery('SET bytea_output = escape');
}
$result_prefs = dibi::query('SELECT [name], [val] FROM [ajxp_user_prefs] WHERE [login] = %s', $this->getId());
$this->prefs = $result_prefs->fetchPairs('name', 'val');
$result_bookmarks = dibi::query('SELECT [repo_uuid], [path], [title] FROM [ajxp_user_bookmarks] WHERE [login] = %s', $this->getId());
$all_bookmarks = $result_bookmarks->fetchAll();
if (!is_array($this->bookmarks)) {
$this->bookmarks = array();
}
$this->bookmarks = array();
foreach ($all_bookmarks as $b) {
if (!is_array($this->bookmarks[$b['repo_uuid']])) {
$this->bookmarks[$b['repo_uuid']] = array();
}
$this->bookmarks[$b['repo_uuid']][] = array('PATH' => $b['path'], 'TITLE' => $b['title']);
}
// COLLECT ROLES TO LOAD
$rolesToLoad = array();
if (isset($this->rights["ajxp.roles"])) {
if (is_string($this->rights["ajxp.roles"])) {
if (strpos($this->rights["ajxp.roles"], '$phpserial$') === 0) {
$this->rights["ajxp.roles"] = unserialize(str_replace('$phpserial$', '', $this->rights["ajxp.roles"]));
} else {
if (strpos($this->rights["ajxp.roles"], '$json$') === 0) {
$this->rights["ajxp.roles"] = json_decode(str_replace('$json$', '', $this->rights["ajxp.roles"]), true);
} else {
$this->rights["ajxp.roles"] = unserialize($this->rights["ajxp.roles"]);
}
}
}
if (is_array($this->rights["ajxp.roles"])) {
$rolesToLoad = array_keys($this->rights["ajxp.roles"]);
}
}
$rolesToLoad[] = "AJXP_GRP_/";
if ($this->groupPath != null) {
$base = "";
$exp = explode("/", $this->groupPath);
foreach ($exp as $pathPart) {
if (empty($pathPart)) {
continue;
}
$base = $base . "/" . $pathPart;
$rolesToLoad[] = "AJXP_GRP_" . $base;
}
}
$rolesToLoad[] = "AJXP_USR_/" . $this->id;
// NOW LOAD THEM
if (count($rolesToLoad)) {
$allRoles = AuthService::getRolesList($rolesToLoad);
foreach ($rolesToLoad as $roleId) {
if (isset($allRoles[$roleId])) {
$this->roles[$roleId] = $allRoles[$roleId];
$this->rights["ajxp.roles"][$roleId] = true;
$roleObject = $allRoles[$roleId];
if ($roleObject->alwaysOverrides()) {
if (!isset($this->rights["ajxp.roles.sticky"]) || !is_array($this->rights["ajxp.roles.sticky"])) {
$this->rights["ajxp.roles.sticky"] = array();
}
$this->rights["ajxp.roles.sticky"][$roleId] = true;
}
} else {
if (is_array($this->rights["ajxp.roles"]) && isset($this->rights["ajxp.roles"][$roleId])) {
unset($this->rights["ajxp.roles"][$roleId]);
}
}
}
}
if (!isset($this->rights["ajxp.roles.order"]) && is_array($this->rights["ajxp.roles"])) {
// Create sample order
$this->rights["ajxp.roles.order"] = array();
$index = 0;
foreach ($this->rights["ajxp.roles"] as $id => $rBool) {
$this->rights["ajxp.roles.order"][$id] = $index;
$index++;
}
} else {
$this->rights["ajxp.roles.order"] = unserialize(str_replace('$phpserial$', '', $this->rights["ajxp.roles.order"]));
}
// CHECK USER PERSONAL ROLE
if (isset($this->roles["AJXP_USR_" . "/" . $this->id]) && is_a($this->roles["AJXP_USR_" . "/" . $this->id], "AJXP_Role")) {
$this->personalRole = $this->roles["AJXP_USR_" . "/" . $this->id];
} else {
// MIGRATE NOW !
$originalRights = $this->rights;
$changes = $this->migrateRightsToPersonalRole();
// SAVE RIGHT AND ROLE
if ($changes > 0) {
// There was an actual migration, let's save the changes now.
$removedRights = array_keys(array_diff($originalRights, $this->rights));
if (count($removedRights)) {
// We use (%s) instead of %in to pass everything as string ('1' instead of 1)
dibi::query("DELETE FROM [ajxp_user_rights] WHERE [login] = %s AND [repo_uuid] IN (%s)", $this->getId(), $removedRights);
}
AuthService::updateRole($this->personalRole);
} else {
$this->personalRole = new AJXP_Role("AJXP_USR_" . "/" . $this->id);
}
$this->roles["AJXP_USR_" . "/" . $this->id] = $this->personalRole;
}
$this->recomputeMergedRole();
}
public function reloadRolesIfRequired()
{
if ($this->lastSessionSerialization && count($this->roles) && $this->storage->rolesLastUpdated(array_keys($this->roles)) > $this->lastSessionSerialization) {
$newRoles = AuthService::getRolesList(array_keys($this->roles));
foreach ($newRoles as $rId => $newRole) {
$this->roles[$rId] = $newRoles[$rId];
}
$this->recomputeMergedRole();
return true;
}
return false;
}
/**
* @param $userObject AbstractAjxpUser
* @param $rolePrefix get all roles with prefix
* @param $includeString get roles in this string
* @param $excludeString eliminate roles in this string
* @param bool $byUserRoles
* @return array
*/
public function getUserRoleList($userObject, $rolePrefix, $includeString, $excludeString, $byUserRoles = false)
{
if ($userObject) {
if ($byUserRoles) {
$allUserRoles = $userObject->getRoles();
} else {
$allUserRoles = AuthService::getRolesList(array(), true);
}
$allRoles = array();
if (isset($allUserRoles)) {
// Exclude
if ($excludeString) {
if (strpos($excludeString, "preg:") !== false) {
$matchFilterExclude = "/" . str_replace("preg:", "", $excludeString) . "/i";
} else {
$valueFiltersExclude = array_map("trim", explode(",", $excludeString));
$valueFiltersExclude = array_map("strtolower", $valueFiltersExclude);
}
}
// Include
if ($includeString) {
if (strpos($includeString, "preg:") !== false) {
$matchFilterInclude = "/" . str_replace("preg:", "", $includeString) . "/i";
} else {
$valueFiltersInclude = array_map("trim", explode(",", $includeString));
$valueFiltersInclude = array_map("strtolower", $valueFiltersInclude);
}
}
foreach ($allUserRoles as $roleId => $role) {
if (!empty($rolePrefix) && strpos($roleId, $rolePrefix) === false) {
continue;
}
if (isset($matchFilterExclude) && preg_match($matchFilterExclude, substr($roleId, strlen($rolePrefix)))) {
continue;
}
if (isset($valueFiltersExclude) && in_array(strtolower(substr($roleId, strlen($rolePrefix))), $valueFiltersExclude)) {
continue;
}
if (isset($matchFilterInclude) && !preg_match($matchFilterInclude, substr($roleId, strlen($rolePrefix)))) {
continue;
}
if (isset($valueFiltersInclude) && !in_array(strtolower(substr($roleId, strlen($rolePrefix))), $valueFiltersInclude)) {
continue;
}
if (is_a($role, "AJXP_Role")) {
$roleObject = $role;
} else {
$roleObject = AuthService::getRole($roleId);
}
$label = $roleObject->getLabel();
$label = !empty($label) ? $label : substr($roleId, strlen($rolePrefix));
$allRoles[$roleId] = $label;
}
}
return $allRoles;
}
}
/**
* Update a user object with the default repositories rights
*
* @param AbstractAjxpUser $userObject
*/
static function updateDefaultRights(&$userObject)
{
if (!$userObject->hasParent()) {
foreach (ConfService::getRepositoriesList() as $repositoryId => $repoObject) {
if ($repoObject->isTemplate) {
continue;
}
if ($repoObject->getDefaultRight() != "") {
$userObject->setRight($repositoryId, $repoObject->getDefaultRight());
}
}
foreach (AuthService::getRolesList() as $roleId => $roleObject) {
if ($roleObject->isDefault()) {
$userObject->addRole($roleId);
}
}
}
}
public function listRoles($root, $child, $hashValue = null, $returnNodes = false)
{
$allNodes = array();
if (!$returnNodes) {
AJXP_XMLWriter::sendFilesListComponentConfig('<columns switchGridMode="filelist" template_name="ajxp_conf.roles">
<column messageId="ajxp_conf.6" attributeName="ajxp_label" sortType="String"/>
<column messageId="ajxp_conf.114" attributeName="is_default" sortType="String"/>
<column messageId="ajxp_conf.62" attributeName="rights_summary" sortType="String"/>
</columns>');
}
if (!AuthService::usersEnabled()) {
return array();
}
$roles = AuthService::getRolesList(array(), !$this->listSpecialRoles);
ksort($roles);
foreach ($roles as $roleId => $roleObject) {
//if(strpos($roleId, "AJXP_GRP_") === 0 && !$this->listSpecialRoles) continue;
$r = array();
if (!AuthService::canAdministrate($roleObject)) {
continue;
}
$count = 0;
$repos = ConfService::listRepositoriesWithCriteria(array("role" => $roleObject), $count);
foreach ($repos as $repoId => $repository) {
if ($repository->getAccessType() == "ajxp_shared") {
continue;
}
if (!$roleObject->canRead($repoId) && !$roleObject->canWrite($repoId)) {
continue;
}
$rs = $roleObject->canRead($repoId) ? "r" : "";
$rs .= $roleObject->canWrite($repoId) ? "w" : "";
$r[] = $repository->getDisplay() . " (" . $rs . ")";
}
$rightsString = implode(", ", $r);
$nodeKey = "/data/roles/" . $roleId;
$meta = array("icon" => "user-acl.png", "rights_summary" => $rightsString, "is_default" => implode(",", $roleObject->listAutoApplies()), "ajxp_mime" => "role", "text" => $roleObject->getLabel());
if (in_array($nodeKey, $this->currentBookmarks)) {
$meta = array_merge($meta, array("ajxp_bookmarked" => "true", "overlay_icon" => "bookmark.png"));
}
$xml = AJXP_XMLWriter::renderNode($nodeKey, $roleId, true, $meta, true, false);
if (!$returnNodes) {
echo $xml;
} else {
$allNodes[$nodeKey] = $xml;
}
}
return $allNodes;
}
/**
* @static
* @param AbstractAjxpUser $userObject
*/
public static function updateAutoApplyRole(&$userObject)
{
foreach (AuthService::getRolesList(array(), true) as $roleId => $roleObject) {
if (!self::allowedForCurrentGroup($roleObject, $userObject)) {
continue;
}
if ($roleObject->autoAppliesTo($userObject->getProfile()) || $roleObject->autoAppliesTo("all")) {
$userObject->addRole($roleObject);
}
}
}
/**
* Load initial user data (Rights, Preferences and Bookmarks).
*
* @see AbstractAjxpUser#load()
*/
function load()
{
$this->log('Loading all user data..');
$result_rights = dibi::query('SELECT [repo_uuid], [rights] FROM [ajxp_user_rights] WHERE [login] = %s', $this->getId());
$this->rights = $result_rights->fetchPairs('repo_uuid', 'rights');
// Db field returns integer or string so we are required to cast it in order to make the comparison
if (isset($this->rights["ajxp.admin"]) && (bool) $this->rights["ajxp.admin"] === true) {
$this->setAdmin(true);
}
if (isset($this->rights["ajxp.parent_user"])) {
$this->setParent($this->rights["ajxp.parent_user"]);
}
$result_prefs = dibi::query('SELECT [name], [val] FROM [ajxp_user_prefs] WHERE [login] = %s', $this->getId());
$this->prefs = $result_prefs->fetchPairs('name', 'val');
$result_bookmarks = dibi::query('SELECT [repo_uuid], [path], [title] FROM [ajxp_user_bookmarks] WHERE [login] = %s', $this->getId());
$all_bookmarks = $result_bookmarks->fetchAll();
if (!is_array($this->bookmarks)) {
$this->bookmarks = array();
}
$this->bookmarks = array();
foreach ($all_bookmarks as $b) {
if (!is_array($this->bookmarks[$b['repo_uuid']])) {
$this->bookmarks[$b['repo_uuid']] = array();
}
$this->bookmarks[$b['repo_uuid']][] = array('PATH' => $b['path'], 'TITLE' => $b['title']);
}
// Load roles
if (isset($this->rights["ajxp.roles"])) {
$object = unserialize($this->rights["ajxp.roles"]);
if (is_array($object)) {
$this->rights["ajxp.roles"] = $object;
$allRoles = AuthService::getRolesList();
// Maintained as instance variable
foreach (array_keys($this->rights["ajxp.roles"]) as $roleId) {
if (isset($allRoles[$roleId])) {
$this->roles[$roleId] = $allRoles[$roleId];
} else {
unset($this->rights["ajxp.roles"][$roleId]);
}
}
} else {
$this->rights["ajxp.roles"] = array();
}
}
if (isset($this->rights["ajxp.actions"])) {
$object = unserialize($this->rights["ajxp.actions"]);
if (is_array($object)) {
$this->rights["ajxp.actions"] = $object;
} else {
unset($this->rights["ajxp.actions"]);
}
}
}
public function load()
{
$groups = AJXP_Utils::loadSerialFile(AJXP_VarsFilter::filter($this->storage->getOption("USERS_DIRPATH")) . "/groups.ser");
if (isset($groups[$this->getId()])) {
$this->groupPath = $groups[$this->getId()];
}
$this->create = false;
$this->rights = AJXP_Utils::loadSerialFile($this->getStoragePath() . "/rights.ser");
if (count($this->rights) == 0) {
$this->create = true;
}
$this->prefs = AJXP_Utils::loadSerialFile($this->getStoragePath() . "/prefs.ser");
$this->bookmarks = AJXP_Utils::loadSerialFile($this->getStoragePath() . "/bookmarks.ser");
if (isset($this->rights["ajxp.admin"]) && $this->rights["ajxp.admin"] === true) {
$this->setAdmin(true);
}
if (isset($this->rights["ajxp.parent_user"])) {
//$this->setParent($this->rights["ajxp.parent_user"]);
parent::setParent($this->rights["ajxp.parent_user"]);
}
if (isset($this->rights["ajxp.group_path"])) {
$this->setGroupPath($this->rights["ajxp.group_path"]);
}
if (isset($this->rights["ajxp.children_pointer"])) {
$this->childrenPointer = $this->rights["ajxp.children_pointer"];
}
// LOAD ROLES
$rolesToLoad = array();
if (isset($this->rights["ajxp.roles"])) {
$rolesToLoad = array_keys($this->rights["ajxp.roles"]);
}
if ($this->groupPath != null) {
$base = "";
$exp = explode("/", $this->groupPath);
foreach ($exp as $pathPart) {
if (empty($pathPart)) {
continue;
}
$base = $base . "/" . $pathPart;
$rolesToLoad[] = "AJXP_GRP_" . $base;
}
}
// Load roles
if (count($rolesToLoad)) {
$allRoles = AuthService::getRolesList($rolesToLoad);
foreach ($rolesToLoad as $roleId) {
if (isset($allRoles[$roleId])) {
$this->roles[$roleId] = $allRoles[$roleId];
$this->rights["ajxp.roles"][$roleId] = true;
} else {
if (is_array($this->rights["ajxp.roles"]) && isset($this->rights["ajxp.roles"][$roleId])) {
unset($this->rights["ajxp.roles"][$roleId]);
}
}
}
}
// LOAD USR ROLE LOCALLY
$personalRole = AJXP_Utils::loadSerialFile($this->getStoragePath() . "/role.ser");
if (is_a($personalRole, "AJXP_Role")) {
$this->personalRole = $personalRole;
$this->roles["AJXP_USR_" . "/" . $this->id] = $personalRole;
} else {
// MIGRATE NOW !
$changes = $this->migrateRightsToPersonalRole();
if ($changes) {
AJXP_Utils::saveSerialFile($this->getStoragePath() . "/role.ser", $this->personalRole, true);
AJXP_Utils::saveSerialFile($this->getStoragePath() . "/rights.ser", $this->rights, true);
}
}
$this->recomputeMergedRole();
}
function listRoles()
{
AJXP_XMLWriter::sendFilesListComponentConfig('<columns switchGridMode="filelist" template_name="ajxp_conf.roles">
<column messageId="ajxp_conf.6" attributeName="ajxp_label" sortType="String"/>
<column messageId="ajxp_conf.114" attributeName="is_default" sortType="String"/>
<column messageId="ajxp_conf.62" attributeName="rights_summary" sortType="String"/>
</columns>');
if (!AuthService::usersEnabled()) {
return;
}
$roles = AuthService::getRolesList();
$mess = ConfService::getMessages();
$repos = ConfService::getRepositoriesList();
ksort($roles);
foreach ($roles as $roleId => $roleObject) {
$r = array();
foreach ($repos as $repoId => $repository) {
if ($repository->getAccessType() == "ajxp_shared") {
continue;
}
if (!$roleObject->canRead($repoId) && !$roleObject->canWrite($repoId)) {
continue;
}
$rs = $roleObject->canRead($repoId) ? "r" : "";
$rs .= $roleObject->canWrite($repoId) ? "w" : "";
$r[] = $repository->getDisplay() . " (" . $rs . ")";
}
$rightsString = implode(", ", $r);
AJXP_XMLWriter::renderNode("/roles/" . $roleId, $roleId, true, array("icon" => "user_group_new.png", "rights_summary" => $rightsString, "is_default" => $roleObject->isDefault() ? $mess[440] : $mess[441], "ajxp_mime" => "role"));
}
}
function listRoles()
{
AJXP_XMLWriter::sendFilesListComponentConfig('<columns switchGridMode="filelist">
<column messageId="ajxp_conf.6" attributeName="ajxp_label" sortType="String"/>
<column messageId="ajxp_conf.62" attributeName="rights_summary" sortType="String"/>
</columns>');
if (!ENABLE_USERS) {
return;
}
$roles = AuthService::getRolesList();
$mess = ConfService::getMessages();
$repos = ConfService::getRepositoriesList();
ksort($roles);
foreach ($roles as $roleId => $roleObject) {
$icon = "user";
$rightsString = "";
$r = array();
foreach ($repos as $repoId => $repository) {
if ($repository->getAccessType() == "ajxp_shared") {
continue;
}
if ($roleObject->canWrite($repoId)) {
$r[] = $repository->getDisplay() . " (rw)";
} else {
if ($roleObject->canRead($repoId)) {
$r[] = $repository->getDisplay() . " (r)";
}
}
}
$rightsString = implode(", ", $r);
AJXP_XMLWriter::renderNode("/roles/" . $roleId, $roleId, true, array("icon" => "user_group_new.png", "rights_summary" => AJXP_Utils::xmlEntities($rightsString, true), "ajxp_mime" => "role"));
}
}
