/** * Template function to see if person_can_view_child_forms * @param DOMNode $node * @param I2CE_Template $template * @param string $link */ public function userAccessInstitution($node, $template) { // This should only work for the facility_manager role so ignore any others. if ($template->getUser()->getRole() == "admin") { return false; } if (!$template instanceof I2CE_Template) { return false; } if (!$node instanceof DOMNode) { $node = null; } if (!($person = $template->getForm('person', $node)) instanceof iHRIS_Person) { //No person associated with this node. so this user can have permission return true; } $access = self::getAccessInstitution($template->getUser()); // a list of locations a user is allowed to access if (count($access) == 0) { return false; } $person->populateChildren("registration"); foreach ($person->getChildren('registration') as $registration) { $training_institution = $registration->getField("training_institution")->getDBValue(); } //if the instituion of the user differs the institution of the student then deny access if ($access["training_institution"][0] != $training_institution) { $this->userMessage("You dont have permission to access students from other institutions"); //$this->setRedirect( "home" ); header("Location:home"); return false; } }
/** * Helper method to get forms objects in template * @param I2CE_Template $template * @param DOMNode $node * @param array $forms of string, the name of the forms */ public function getTemplateForms($template, $node, $forms) { $formObjs = array(); if (!$template instanceof I2CE_Template) { return $formObjs; } foreach ($forms as $form) { if (!($formObj = $template->getForm($form, $node)) instanceof I2CE_Form) { continue; } if ($formObj->form() != $form) { continue; } $formObjs[$form] = $formObj; } return $formObjs; }
/** * Template function to see if person_can_view_child_forms * @param DOMNode $node * @param I2CE_Template $template * @param string $link */ public function userAccessDepartment($node, $template) { // This should only work for the facility_manager role so ignore any others. if ($template->getUser()->getRole() != "department_manager") { return false; } if (!$template instanceof I2CE_Template) { return false; } if (!$node instanceof DOMNode) { $node = null; } if (!($person = $template->getForm('person', $node)) instanceof iHRIS_Person) { //No person associated with this node. so this user can have permission return true; } $access = self::getAccessDepartment($template->getUser()); // a list of locations a user is allowed to access if (count($access) == 0) { return false; } //look at the positions this person has had sorted by start date $person->populateLast(array("person_position" => "start_date")); if (!array_key_exists('person_position', $person->children) || !is_array($person->children['person_position']) || count($person->children['person_position']) == 0) { // If there is not person position then access is granted. return true; } foreach ($person->children['person_position'] as $pers_pos) { if ($pers_pos->end_date->isValid() && $pers_pos->end_date->before(I2CE_Date::now())) { // Not a current employee so access is granted. return true; } $position = $pers_pos->getField("position")->getMappedFormObject(); if (!$position instanceof iHRIS_Position) { continue; } if (in_array($position->getField('department')->getDBValue(), $access)) { return true; } } return false; }
/** * See if the person is allowed to view this node based on the provider * @param DOMNode $node * @param I2CE_Template $template * @param string $link */ public function userAccessProvider($node, $template) { // This should only work for the training_provider role so ignore any others. if ($template->getUser()->getRole() != "training_provider") { return false; } if (!$template instanceof I2CE_Template) { return false; } if (!$node instanceof DOMNode) { $node = null; } if (!($provider = $template->getForm('trainingprovider', $node)) instanceof iHRIS_TrainingProvider) { //No provider associated with this node. so this user can't have permission return false; } $access = self::getAccessProvider($template->getUser()); // a list of providers a user is allowed to access if (count($access) == 0) { return false; } if (in_array($provider->getNameId(), $access)) { return true; } return false; }
/** * Template function to see if the user is mapped to a personnel record and if so replace the node with the given link * @param DOMNode $node * @param I2CE_Template $template * @param string $link */ public function userIsPerson($node, $template) { //if (!$node instanceof DOMNode || !$template instanceof I2CE_Template) { if (!$template instanceof I2CE_Template) { return false; } if (!$node instanceof DOMNode) { $node = null; } if (($user_personid = iHRIS_UserMap::getPersonId()) === '|') { return false; } if (!($personObj = $template->getForm('person', $node)) instanceof iHRIS_Person) { return false; } return $personObj->getNameId() == $user_personid; }