function getNodeCascadePrivileges($node, $type = "all", $privs = 0) { $key = getKey(array($node, $type, $privs)); if (array_key_exists($key, $_SESSION['cascadenodeprivileges'])) { return $_SESSION['cascadenodeprivileges'][$key]; } if (!$privs) { $privs = array("resources" => array(), "users" => array(), "usergroups" => array()); } # get node's parents $nodelist = getParentNodes($node); if ($type == "resources" || $type == "all") { $mynodelist = $nodelist; # loop through each node, starting at the root while (count($mynodelist)) { $node = array_pop($mynodelist); # get all resource groups with block set at this node and remove any cascaded privs $query = "SELECT g.name AS name, " . "t.name AS type " . "FROM resourcepriv p, " . "resourcetype t, " . "resourcegroup g " . "WHERE p.privnodeid = {$node} AND " . "p.resourcegroupid = g.id AND " . "g.resourcetypeid = t.id AND " . "p.type = 'block'"; $qh = doQuery($query, 353); while ($row = mysql_fetch_assoc($qh)) { $name = $row["type"] . "/" . $row["name"]; unset($privs["resources"][$name]); } # get all privs for users with cascaded privs $query = "SELECT g.id AS id, " . "p.type AS privtype, " . "g.name AS name, " . "t.name AS type " . "FROM resourcepriv p, " . "resourcetype t, " . "resourcegroup g " . "WHERE p.privnodeid = {$node} AND " . "p.resourcegroupid = g.id AND " . "g.resourcetypeid = t.id AND " . "p.type != 'block' AND " . "p.type != 'cascade' AND " . "p.resourcegroupid IN (SELECT resourcegroupid " . "FROM resourcepriv " . "WHERE type = 'cascade' AND " . "privnodeid = {$node})"; $qh = doQuery($query, 354); while ($row = mysql_fetch_assoc($qh)) { $name = $row["type"] . "/" . $row["name"] . "/" . $row["id"]; // if we've already seen this resource group, add it to the # resource group's privs if (array_key_exists($name, $privs["resources"])) { array_push($privs["resources"][$name], $row["privtype"]); } else { $privs["resources"][$name] = array($row["privtype"]); } } } } if ($type == "users" || $type == "all") { $mynodelist = $nodelist; # loop through each node, starting at the root while (count($mynodelist)) { $node = array_pop($mynodelist); # get all users with block set at this node and remove any cascaded privs $query = "SELECT CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "userpriv up, " . "userprivtype t, " . "affiliation a " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.userid = u.id AND " . "up.userid IS NOT NULL AND " . "t.name = 'block' AND " . "u.affiliationid = a.id"; $qh = doQuery($query, 355); while ($row = mysql_fetch_assoc($qh)) { unset($privs["users"][$row["unityid"]]); } # get all privs for users with cascaded privs $query = "SELECT t.name AS name, " . "CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "userpriv up, " . "userprivtype t, " . "affiliation a " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.userid = u.id AND " . "u.affiliationid = a.id AND " . "up.userid IS NOT NULL AND " . "t.name != 'cascade' AND " . "t.name != 'block' AND " . "up.userid IN (SELECT up.userid " . "FROM userpriv up, " . "userprivtype t " . "WHERE up.userprivtypeid = t.id AND " . "t.name = 'cascade' AND " . "up.privnodeid = {$node}) " . "ORDER BY u.unityid"; $qh = doQuery($query, 356); while ($row = mysql_fetch_assoc($qh)) { // if we've already seen this user, add it to the user's privs if (array_key_exists($row["unityid"], $privs["users"])) { array_push($privs["users"][$row["unityid"]], $row["name"]); } else { $privs["users"][$row["unityid"]] = array($row["name"]); } } } } if ($type == "usergroups" || $type == "all") { $mynodelist = $nodelist; # loop through each node, starting at the root while (count($mynodelist)) { $node = array_pop($mynodelist); # get all groups with block set at this node and remove any cascaded privs $query = "SELECT g.name AS groupname " . "FROM usergroup g, " . "userpriv up, " . "userprivtype t " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.usergroupid = g.id AND " . "up.usergroupid IS NOT NULL AND " . "t.name = 'block'"; $qh = doQuery($query, 357); while ($row = mysql_fetch_assoc($qh)) { unset($privs["usergroups"][$row["groupname"]]); } # get all privs for groups with cascaded privs $query = "SELECT t.name AS priv, " . "g.name AS groupname, " . "g.affiliationid, " . "a.name AS affiliation, " . "g.id " . "FROM userpriv up, " . "userprivtype t, " . "usergroup g " . "LEFT JOIN affiliation a ON (g.affiliationid = a.id) " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.usergroupid = g.id AND " . "up.usergroupid IS NOT NULL AND " . "t.name != 'cascade' AND " . "t.name != 'block' AND " . "up.usergroupid IN (SELECT up.usergroupid " . "FROM userpriv up, " . "userprivtype t " . "WHERE up.userprivtypeid = t.id AND " . "t.name = 'cascade' AND " . "up.privnodeid = {$node}) " . "ORDER BY g.name"; $qh = doQuery($query, 358); while ($row = mysql_fetch_assoc($qh)) { // if we've already seen this group, add it to the user's privs if (array_key_exists($row["groupname"], $privs["usergroups"])) { array_push($privs["usergroups"][$row["groupname"]]['privs'], $row["priv"]); } else { $privs["usergroups"][$row["groupname"]] = array('id' => $row['id'], 'affiliationid' => $row['affiliationid'], 'affiliation' => $row['affiliation'], 'privs' => array($row['priv'])); } } } } $_SESSION['cascadenodeprivileges'][$key] = $privs; return $privs; }
function getUserResourcesUp(&$nodeprivs, $nodeid, $userid, $resourceprivs) { # build list of parent nodes # starting at top, get images available at that node and user privs there and # walk down to $nodeid $nodelist = getParentNodes($nodeid); array_unshift($nodelist, $nodeid); $lastid = 0; while (count($nodelist)) { $id = array_pop($nodelist); if (array_key_exists($id, $nodeprivs)) { continue; } addNodeUserResourcePrivs($nodeprivs, $id, $lastid, $userid, $resourceprivs); $lastid = $id; } }
function getNodeCascadePrivileges($node, $type = "all", $privs = 0) { $key = getKey(array($node, $type, $privs)); if (array_key_exists($key, $_SESSION['cascadenodeprivileges'])) { return $_SESSION['cascadenodeprivileges'][$key]; } if (!$privs) { $privs = array("resources" => array(), "users" => array(), "usergroups" => array()); } # get node's parents $nodelist = getParentNodes($node); # get all block data static $allblockdata = array(); if (empty($allblockdata)) { $query = "SELECT g.id, " . "g.name, " . "t.name AS type, " . "p.privnodeid " . "FROM resourcepriv p, " . "resourcetype t, " . "resourcegroup g " . "WHERE p.resourcegroupid = g.id AND " . "g.resourcetypeid = t.id AND " . "p.type = 'block'"; $qh = doQuery($query); while ($row = mysql_fetch_assoc($qh)) { if (!array_key_exists($row['privnodeid'], $allblockdata)) { $allblockdata[$row['privnodeid']] = array(); } # TODO adding the id at the end will fix the bug where blocking cascaded resource # privileges are only blocked at the node and the block is not cascaded to # child nodes $allblockdata[$row['privnodeid']][] = "{$row["type"]}/{$row["name"]}"; #$allblockdata[$row['privnodeid']][] = "{$row["type"]}/{$row["name"]}/{$row['id']}"; } } # get resource group block data $inlist = implode(',', $nodelist); $blockdata = array(); foreach ($nodelist as $nodeid) { if (array_key_exists($nodeid, $allblockdata)) { $blockdata[$nodeid] = $allblockdata[$nodeid]; } } # get all cascade data static $allcascadedata = array(); if (empty($allcascadedata)) { $query = "SELECT g.id AS id, " . "p.type AS privtype, " . "g.name AS name, " . "t.name AS type, " . "p.privnodeid " . "FROM resourcepriv p, " . "resourcetype t, " . "resourcegroup g, " . "resourcepriv p2 " . "WHERE p.resourcegroupid = g.id AND " . "g.resourcetypeid = t.id AND " . "p.type != 'block' AND " . "p.type != 'cascade' AND " . "p.resourcegroupid = p2.resourcegroupid AND " . "p.privnodeid = p2.privnodeid AND " . "p2.type = 'cascade'"; $qh = doQuery($query); while ($row = mysql_fetch_assoc($qh)) { if (!array_key_exists($row['privnodeid'], $allcascadedata)) { $allcascadedata[$row['privnodeid']] = array(); } $allcascadedata[$row['privnodeid']][] = array('name' => "{$row["type"]}/{$row["name"]}/{$row["id"]}", 'type' => $row['privtype']); } } # get all privs for users with cascaded privs $cascadedata = array(); foreach ($nodelist as $nodeid) { if (array_key_exists($nodeid, $allcascadedata)) { $cascadedata[$nodeid] = $allcascadedata[$nodeid]; } } if ($type == "resources" || $type == "all") { $mynodelist = $nodelist; # loop through each node, starting at the root while (count($mynodelist)) { $node = array_pop($mynodelist); # get all resource groups with block set at this node and remove any cascaded privs if (array_key_exists($node, $blockdata)) { foreach ($blockdata[$node] as $name) { unset($privs["resources"][$name]); } } # get all privs for users with cascaded privs if (array_key_exists($node, $cascadedata)) { foreach ($cascadedata[$node] as $data) { if (!array_key_exists($data['name'], $privs["resources"])) { $privs["resources"][$data['name']] = array(); } $privs["resources"][$data['name']][] = $data["type"]; } } } } if ($type == "users" || $type == "all") { $mynodelist = $nodelist; # loop through each node, starting at the root while (count($mynodelist)) { $node = array_pop($mynodelist); # get all users with block set at this node and remove any cascaded privs $query = "SELECT CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "userpriv up, " . "userprivtype t, " . "affiliation a " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.userid = u.id AND " . "up.userid IS NOT NULL AND " . "t.name = 'block' AND " . "u.affiliationid = a.id"; $qh = doQuery($query, 355); while ($row = mysql_fetch_assoc($qh)) { unset($privs["users"][$row["unityid"]]); } # get all privs for users with cascaded privs $query = "SELECT t.name AS name, " . "CONCAT(u.unityid, '@', a.name) AS unityid " . "FROM user u, " . "userpriv up, " . "userprivtype t, " . "affiliation a " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.userid = u.id AND " . "u.affiliationid = a.id AND " . "up.userid IS NOT NULL AND " . "t.name != 'cascade' AND " . "t.name != 'block' AND " . "up.userid IN (SELECT up.userid " . "FROM userpriv up, " . "userprivtype t " . "WHERE up.userprivtypeid = t.id AND " . "t.name = 'cascade' AND " . "up.privnodeid = {$node}) " . "ORDER BY u.unityid"; $qh = doQuery($query, 356); while ($row = mysql_fetch_assoc($qh)) { // if we've already seen this user, add it to the user's privs if (array_key_exists($row["unityid"], $privs["users"])) { array_push($privs["users"][$row["unityid"]], $row["name"]); } else { $privs["users"][$row["unityid"]] = array($row["name"]); } } } } if ($type == "usergroups" || $type == "all") { $mynodelist = $nodelist; # loop through each node, starting at the root while (count($mynodelist)) { $node = array_pop($mynodelist); # get all groups with block set at this node and remove any cascaded privs $query = "SELECT g.id " . "FROM usergroup g, " . "userpriv up, " . "userprivtype t " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.usergroupid = g.id AND " . "up.usergroupid IS NOT NULL AND " . "t.name = 'block'"; $qh = doQuery($query, 357); while ($row = mysql_fetch_assoc($qh)) { unset($privs["usergroups"][$row["id"]]); } # get all privs for groups with cascaded privs $query = "SELECT t.name AS priv, " . "g.name AS groupname, " . "g.affiliationid, " . "a.name AS affiliation, " . "g.id " . "FROM userpriv up, " . "userprivtype t, " . "usergroup g " . "LEFT JOIN affiliation a ON (g.affiliationid = a.id) " . "WHERE up.privnodeid = {$node} AND " . "up.userprivtypeid = t.id AND " . "up.usergroupid = g.id AND " . "up.usergroupid IS NOT NULL AND " . "t.name != 'cascade' AND " . "t.name != 'block' AND " . "up.usergroupid IN (SELECT up.usergroupid " . "FROM userpriv up, " . "userprivtype t " . "WHERE up.userprivtypeid = t.id AND " . "t.name = 'cascade' AND " . "up.privnodeid = {$node}) " . "ORDER BY g.name"; $qh = doQuery($query, 358); while ($row = mysql_fetch_assoc($qh)) { // if we've already seen this group, add it to the user's privs if (array_key_exists($row["id"], $privs["usergroups"])) { array_push($privs["usergroups"][$row["id"]]['privs'], $row["priv"]); } else { $privs["usergroups"][$row["id"]] = array('id' => $row['id'], 'name' => $row['groupname'], 'affiliationid' => $row['affiliationid'], 'affiliation' => $row['affiliation'], 'privs' => array($row['priv'])); } } } } $_SESSION['cascadenodeprivileges'][$key] = $privs; return $privs; }