Exemplo n.º 1
0
    function ResourcesUserRoots($range_id='') {
        global $user, $perm, $auth;

        if($range_id){
            $this->range_id = $range_id;
        }

        if (!$this->range_id)
            $this->range_id=$user->id;

        if (get_object_type($this->range_id) == "user") {
            //load the global perms in the resources-system (check if the user ist resources-root)
            $this->resources_global_perm=getGlobalPerms($this->range_id);
            //load the global studip perms (check, if user id root)
            $this->user_global_perm=get_global_perm($this->range_id);

            if ($this->resources_global_perm == "admin")
                $global_perm="root";
            else
                $global_perm=$this->user_global_perm;
        }

        //root or resoures root are able to see all resources (roots in tree)
        if ($global_perm == "root") {
            $query = "SELECT resource_id FROM resources_objects WHERE resource_id = root_id ORDER BY name";
            $statement = DBManager::get()->query($query);
            while ($resource_id = $statement->fetchColumn()) {
                $this->my_roots[$resource_id] = $resource_id;
            }
        } else {
            $my_objects            = search_administrable_objects();
            $my_objects[$user->id] = TRUE;
            $my_objects["global"]  = TRUE;

            //create the clause with all my id's
            $i=0;
            $clause = " (";
            foreach ($my_objects as $key=>$val) {
                if ($i)
                    $clause .= ", ";
                $clause .= "'$key'";
                $i++;
            }
            $clause .= ") ";

            //all objects where I have owner perms...
            $query = "SELECT resource_id, parent_id, root_id, level
                      FROM resources_objects
                      WHERE owner_id IN (?)
                      ORDER BY level DESC";
            $statement = DBManager::get()->prepare($query);
            $statement->execute(array(
                array_keys($my_objects)
            ));
            while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                $my_resources[$row['resource_id']] = array(
                    'root_id'   => $row['root_id'],
                    'parent_id' => $row['parent_id'],
                    'level'     => $row['level']
                );
                $roots[$row['root_id']][] = $row['resource_id'];
            }

            //...and all objects where I have add perms...
            $query = "SELECT resource_id, parent_id, root_id, level
                      FROM resources_user_resources
                      LEFT JOIN resources_objects USING (resource_id)
                      WHERE user_id IN ('all', ?)
                      ORDER BY level DESC";
            $statement = DBManager::get()->prepare($query);
            $statement->execute(array(
                array_keys($my_objects)
            ));
            while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                $my_resources[$row['resource_id']] = array(
                    'root_id'   => $row['root_id'],
                    'parent_id' => $row['parent_id'],
                    'level'     => $row['level']
                );
                $roots[$row['root_id']][] = $row['resource_id'];
            }

            if (is_array($my_resources)) {
                $query = "SELECT parent_id FROM resources_objects WHERE resource_id = ?";
                $statement = DBManager::get()->prepare($query);

                foreach ($my_resources as $key => $val) {
                    if (!$this->checked[$key]) {
                        if (sizeof($roots[$val["root_id"]]) == 1) {
                            $this->my_roots[$key] = $key;
                        } else {
                            //there are more than 2 resources in one thread...
                            $statement->execute(array($key));
                            $superordinated_id = $statement->fetchColumn();
                            $statement->closeCursor();

                            $top        = FALSE;
                            $last_found = $key;
                            while (!$top && $superordinated_id) {
                                $statement->execute(array($superordinated_id));
                                $parent_id = $statement->fetchColumn();
                                $statement->closeCursor();

                                if ($my_resources[$superordinated_id]) {
                                    $checked[$last_found] = TRUE;
                                    $last_found           = $superordinated_id;
                                }

                                $superordinated_id = $parent_id;
                                if ($parent_id == "0") {
                                    $top = TRUE;
                                }
                            }
                            $this->my_roots[$last_found] = $last_found;
                        }
                    }
                }
            }
        }

    }
Exemplo n.º 2
0
    function ResourceObjectPerms ($resource_id, $user_id='') {
        global $user, $perm;

        if ($user_id)
            $this->user_id=$user_id;
        else
            $this->user_id=$user->id;

        $this->resource_id=$resource_id;
        if (!$this->resource_id){
            $this->perm = false;
            return;
        }

        $resObject = ResourceObject::Factory($this->resource_id);
        $is_room = $resObject->isRoom();

        if ($is_room) {
            $inheritance = Config::get()->RESOURCES_INHERITANCE_PERMS_ROOMS;
        } else {
            $inheritance = Config::get()->RESOURCES_INHERITANCE_PERMS;
        }

        //check if user is root
        if ($perm->have_perm('root')) {
            $this->changePerm('admin');
        }
        //check if resources admin
        elseif (getGlobalPerms($this->user_id) === 'admin') {
            $this->changePerm('admin');
        }

        //check, if the resource is locked at the moment (only rooms!)
        if (($this->perm != "admin") && ($resObject->isLocked())) {
            $this->perm = FALSE;
            return;
        }

        //check if the user is owner of the object
        if ($this->perm != "admin") {
            $result = DBManager::get()->query("SELECT owner_id FROM resources_objects WHERE owner_id='$this->user_id' AND resource_id = '$this->resource_id' ");
            if ($result->fetch()) {
                $this->owner=TRUE;
                $this->changePerm("admin");
            } else {
                $this->owner=FALSE;
            }
        }

        //else check all the other possibilities
        if ($this->perm != "admin") {
            $my_administrable_objects = search_administrable_objects(); //the administrative ones....
            $my_objects=search_my_objects();                //...and the other, where the user is autor.
            $my_objects["all"] = TRUE;
            $my_objects = array_merge((array)$my_administrable_objects, (array)$my_objects);
            //check if one of my administrable (system) objects owner of the resourcen object, so that I am too...

            if (is_array($my_objects) && count($my_objects)){
                $objects_sql = " ('" . join("','", array_keys($my_objects)) . "') ";

                $superordinated_id = $this->resource_id;
                $top=FALSE;

                while ((!$top) && ($k<10000) && ($superordinated_id)) {
                    $result = DBManager::get()->query("SELECT owner_id, resource_id
                        FROM resources_objects
                        WHERE owner_id IN $objects_sql AND resource_id = '$superordinated_id' ");

                    while ($data = $result->fetch(PDO::FETCH_ASSOC)) {
                        if ($my_objects[$data['owner_id']]["perms"] == "admin"){
                            $this->changePerm("admin");
                        } else {
                            switch ($inheritance) {
                                case "1":
                                    $this->changePerm($my_objects[$data['owner_id']]["perms"]);
                                break;
                                default:
                                case "2":
                                    $this->changePerm("autor");
                                break;
                            }
                        }
                        if ($this->perm == "admin")
                        break;
                    }
                    ++$k;
                    if ($this->perm == "admin")
                        break;

                    //also check the additional perms...
                    $result = DBManager::get()->query("SELECT user_id,perms
                        FROM resources_user_resources
                        WHERE user_id IN $objects_sql AND resource_id = '$superordinated_id' ");

                    while ($data = $result->fetch(PDO::FETCH_ASSOC)){
                        $this->changePerm($data['perms']);
                        if ($this->perm == "admin")
                            break;
                    }
                    if ($this->perm == "admin")
                        break;

                    //select the next superordinated object
                    $result = DBManager::get()->query("SELECT parent_id FROM resources_objects WHERE resource_id = '$superordinated_id'");
                    $data = $result->fetch(PDO::FETCH_ASSOC);
                    $superordinated_id = $data['parent_id'];
                    if ($data['parent_id'] == "0")
                        $top = TRUE;
                }

            }
        }
    }
Exemplo n.º 3
0
function showSearchForm($name, $search_string = '', $user_only = FALSE, $administrable_objects_only = FALSE, $admins = FALSE, $allow_all = FALSE, $sem = TRUE, $img_dir = "left")
{
    $template = $GLOBALS['template_factory']->open('resources/search_form');
    $template->set_attributes(compact(words('name search_string img_dir allow_all')));
    if ($search_string) {
        if ($user_only) {
            //Nur in Personen suchen
            if ($admins) {
                //nur admins anzeigen
                $my_objects = search_admin_user($search_string);
            } else {
                //auch andere...
            }
        } else {
            if ($administrable_objects_only) {
                $my_objects = search_administrable_objects($search_string, FALSE, $sem);
            } else {
                //komplett in allen Objekten suchen
                $my_objects = search_objects($search_string, FALSE, $sem);
            }
        }
        // We need the results grouped by 'art'
        $temp = $my_objects ?: array();
        $results = array();
        foreach ($temp as $key => $val) {
            $art = $val['art'] ?: $val['name'];
            if (!isset($results[$art])) {
                $results[$art] = array();
            }
            $results[$art][$key] = $val;
        }
        $template->results = $results;
    }
    echo $template->render();
}
Exemplo n.º 4
0
    function restore()
    {
        global $perm, $user;

        //if perm is root or resources admin, load all rooms/objects
        if (($perm->have_perm ("root")) || ($this->global_perms == "admin")) { //hier muss auch admin rein!! {
            if ($this->only_rooms) {
                $query = "SELECT resource_id, resources_objects.name
                          FROM resources_categories
                          LEFT JOIN resources_objects USING (category_id)
                          WHERE resources_categories.is_room = 1
                            AND resource_id IS NOT NULL
                          ORDER BY resources_objects.name";
            } else {
                $query = "SELECT resource_id, resources_objects.name
                          FROM resources_objects
                          ORDER BY resources_objects.name";
            }
            $statement = DBManager::get()->query($query);
            while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                $this->insertResource($row['resource_id'], $row['name']);
            }
        //if tutor, dozent or admin, load all the rooms of all his administrable objects
        } elseif  ($perm->have_perm ("tutor")) {
            $my_objects=search_administrable_objects();
            $my_objects[$this->user_id]=TRUE;
            $my_objects["all"]=TRUE;
            if (is_array($my_objects) && count($my_objects)){
                $query = "SELECT is_room, resource_id, resources_objects.name, lockable
                          FROM resources_objects
                          LEFT JOIN resources_categories USING (category_id)
                          WHERE owner_id IN (?)";
                $statement = DBManager::get()->prepare($query);
                $statement->execute(array(
                    array_keys($my_objects)
                ));
                while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                    if (!$this->only_rooms || ($this->only_rooms && $row['is_room'])) {
                        $this->insertResource($row['resource_id'], $row['name'], $row['lockable']);
                    }
                    $my_resources[$row['resource_id']] = true;
                }

                $query = "SELECT is_room, resources_user_resources.resource_id, resources_objects.name, lockable
                          FROM resources_user_resources
                          INNER JOIN resources_objects USING (resource_id)
                          LEFT JOIN resources_categories USING (category_id)
                          WHERE resources_user_resources.user_id IN (?)";
                $statement = DBManager::get()->prepare($query);
                $statement->execute(array(
                    array_keys($my_objects)
                ));
                while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
                    if (!isset($my_resources[$row['resource_id']])){
                        if (!$this->only_rooms || ($this->only_rooms && $row['is_room'])) {
                            $this->insertResource($row['resource_id'], $row['name'], $row['lockable']);
                        }
                        $my_resources[$row['resource_id']] = true;
                    }
                }
                if (is_array($my_resources)){
                    $this->walkThread(array_keys($my_resources));
                }
            }
        }
        /*
        if (!$perm->have_perm("admin")) {
            $query = "SELECT resource_id FROM resources_objects WHERE owner_id = ?";
            $statement = DBManager::get()->prepare($query);
            $statement->execute(array($this->user_id));
            while ($resource_id = $statement->fetchColumn()) {
                $this->walkThread($resource_id);
            }

            $query = "SELECT resource_id FROM resources_user_resources WHERE user_id = ?";
            $statement = DBManager::get()->prepare($query);
            $statement->execute(array($this->user_id));
            while ($resource_id = $statement->fetchColumn()) {
                $this->walkThread($resource_id);
            }
        }
        */
    }