public function __construct()
{
//zisti, ci uzivatel ma pravo menit dane udaje
$rights = new UserRights(CDatabaza::getInstance());
if (!$rights->approved("EDIT_ENUMS")) {
$this->disable();
return;
}
$this->enable();
//inicializuje premenne
$this->initialize();
//nastavi spustitelne funkcie a prislusne formulare triedy
$this->setFunction("add_topic", "add_topic");
$this->setForm("add_topic", "Pridaj rubriku", "add_topic", "add_topic_form");
$this->setFunction("edit_topic", "edit_topic");
$this->setForm("edit_topic", "Uprav rubriku", "edit_topic", "edit_topic_form");
$this->setFunction("remove_topic", "remove_topic");
$this->setForm("remove_topic", "Odstráň rubriku", "remove_topic", "remove_topic_form");
$this->setFunction("add_theme", "add_theme");
$this->setForm("add_theme", "Pridaj tému", "add_theme", "add_theme_form");
$this->setFunction("edit_theme", "edit_theme");
$this->setForm("edit_theme", "Uprav tému", "edit_theme", "edit_theme_form");
$this->setFunction("remove_theme", "remove_theme");
$this->setForm("remove_theme", "Odstráň tému", "remove_theme", "remove_theme_form");
}
public function __construct()
{
if (!isset($_SESSION['user'])) {
return;
}
$user = $_SESSION['user'];
$hasInfo = true;
//ziska informacie z databazy
$data = CDatabaza::getInstance();
$data->connect();
$rights = new UserRights($data);
//ziska uzivatelske prava
if (mysqli_num_rows($data->query("SELECT * FROM Uzivatel_info WHERE uzivatel_id={$user}")) == 0) {
$hasInfo = false;
}
$data->close();
//prida polia hlavneho menu na zaklade uzivatelskych prav
$this->addItem("Domov", ProgramManager::getId("Intro"));
if ($hasInfo) {
$this->addItem("Môj profil", ProgramManager::getId("User_info"));
}
if ($rights->approved('EDIT_USERS')) {
$this->addItem("Užívatelia", ProgramManager::getId("Users"));
}
if ($rights->approved('EDIT_ENUMS')) {
$this->addItem("Rubriky", ProgramManager::getId("Topics"));
}
$this->addItem("Články", ProgramManager::getId("Article_list"));
//$this->addItem("Príspevky", 0);
//$this->addItem("Nastavenia", 0);
//$this->addItem("Odhlásiť","?id=".ProgramManager::getId("Login")."&func=logout",0);
$this->displayed = true;
}
public function actionRights()
{
$Users = User::model()->findAllByAttributes(['company_id' => Yii::app()->getUser()->getProfile()->company_id]);
if (isset($_POST['save'])) {
foreach ($Users as $User) {
UserRights::model()->deleteAllByAttributes(['user_id' => $User->id]);
}
if (!empty($_POST['rights'])) {
foreach ($_POST['rights'] as $userId => $rights) {
$User = User::model()->findByPK($userId);
if ($User->company_id != Yii::app()->getUser()->getProfile()->company_id) {
break;
}
//TODO переработать обновление
foreach ($rights as $right => $status) {
$UserRights = new UserRights();
$UserRights->user_id = $User->id;
$UserRights->right = $right;
$UserRights->save();
}
}
}
}
$this->render('rights', ['Users' => $Users]);
}
public function IsUserAllowed()
{
$bRet = true;
if (array_key_exists('profile_list', $_SESSION)) {
$aProfiles = $_SESSION['profile_list'];
} else {
$oUser = UserRights::GetUserObject();
$oSet = $oUser->Get('profile_list');
while (($oLnkUserProfile = $oSet->Fetch()) !== null) {
$aProfiles[] = $oLnkUserProfile->Get('profileid_friendlyname');
}
$_SESSION['profile_list'] = $aProfiles;
}
foreach ($this->aData['deny'] as $sDeniedProfile) {
// If one denied profile is present, it's enough => return false
if (in_array($sDeniedProfile, $aProfiles)) {
return false;
}
}
// If there are some "allow" profiles, then by default the result is false
// since the user must have at least one of the profiles to be allowed
if (count($this->aData['allow']) > 0) {
$bRet = false;
}
foreach ($this->aData['allow'] as $sAllowProfile) {
// If one "allow" profile is present, it's enough => return true
if (in_array($sAllowProfile, $aProfiles)) {
return true;
}
}
return $bRet;
}
public static function OnMenuCreation()
{
if (UserRights::IsAdministrator()) {
$oAdminMenu = new MenuGroup('AdminTools', 80);
new WebPageMenuNode('ConfigEditor', utils::GetAbsoluteUrlModulesRoot() . 'itop-config/config.php', $oAdminMenu->GetIndex(), 18);
}
}
/**
* Get the HTML fragment corresponding to the HTML editor widget
* @param WebPage $oP The web page used for all the output
* @param Hash $aArgs Extra context arguments
* @return string The HTML fragment to be inserted into the page
*/
public function Display(WebPage $oPage, $aArgs = array())
{
$iId = $this->m_iId;
$sCode = $this->m_sAttCode . $this->m_sNameSuffix;
$sValue = $this->m_sValue;
$sHelpText = $this->m_sHelpText;
$sValidationField = $this->m_sValidationField;
$sHtmlValue = "<table><tr><td><textarea class=\"htmlEditor\" title=\"{$sHelpText}\" name=\"attr_{$this->m_sFieldPrefix}{$sCode}\" rows=\"10\" cols=\"10\" id=\"{$iId}\">{$sValue}</textarea></td><td>{$sValidationField}</td></tr></table>";
// Replace the text area with CKEditor
// To change the default settings of the editor,
// a) edit the file /js/ckeditor/config.js
// b) or override some of the configuration settings, using the second parameter of ckeditor()
$sLanguage = strtolower(trim(UserRights::GetUserLanguage()));
$oPage->add_ready_script("\$('#{$iId}').ckeditor(function() { /* callback code */ }, { language : '{$sLanguage}' , contentsLanguage : '{$sLanguage}', extraPlugins: 'disabler' });");
// Transform $iId into a CKEdit
// Please read...
// ValidateCKEditField triggers a timer... calling itself indefinitely
// This design was the quickest way to achieve the field validation (only checking if the field is blank)
// because the ckeditor does not fire events like "change" or "keyup", etc.
// See http://dev.ckeditor.com/ticket/900 => won't fix
// The most relevant solution would be to implement a plugin to CKEdit, and handle the internal events like: setData, insertHtml, insertElement, loadSnapshot, key, afterUndo, afterRedo
// Could also be bound to 'instanceReady.ckeditor'
$oPage->add_ready_script("\$('#{$iId}').bind('validate', function(evt, sFormId) { return ValidateCKEditField('{$iId}', '', {$this->m_sMandatory}, sFormId, '') } );\n");
$oPage->add_ready_script("\$('#{$iId}').bind('update', function() { BlockField('cke_{$iId}', \$('#{$iId}').attr('disabled')); } );\n");
return $sHtmlValue;
}
public function IsUserAllowed()
{
if (array_key_exists('profile_list', $_SESSION)) {
$aProfiles = $_SESSION['profile_list'];
} else {
$oUser = UserRights::GetUserObject();
$oSet = $oUser->Get('profile_list');
while (($oLnkUserProfile = $oSet->Fetch()) !== null) {
$aProfiles[] = $oLnkUserProfile->Get('profileid_friendlyname');
}
$_SESSION['profile_list'] = $aProfiles;
}
foreach ($this->aData['deny'] as $sDeniedProfile) {
// If one denied profile is present, it's enough => return false
if (in_array($sDeniedProfile, $aProfiles)) {
return false;
}
}
foreach ($this->aData['allow'] as $sAllowProfile) {
// if one required profile is missing, it's enough => return false
if (!in_array($sAllowProfile, $aProfiles)) {
return false;
}
}
return true;
}
public static function IsEnabled()
{
if (self::$m_bEnabled_Duration || self::$m_bEnabled_Memory) {
if (self::$m_sAllowedUser == '*' || UserRights::GetUser() == trim(self::$m_sAllowedUser)) {
return true;
}
}
return false;
}
public function GetHeader()
{
$sData = '';
$oSet = new DBObjectSet($this->oSearch);
$this->aStatusInfo['status'] = 'running';
$this->aStatusInfo['position'] = 0;
$this->aStatusInfo['total'] = $oSet->Count();
$aSelectedClasses = $this->oSearch->GetSelectedClasses();
foreach ($aSelectedClasses as $sAlias => $sClassName) {
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_BULK_READ, $oSet) && (UR_ALLOWED_YES || UR_ALLOWED_DEPENDS)) {
$aAuthorizedClasses[$sAlias] = $sClassName;
}
}
$aAliases = array_keys($aAuthorizedClasses);
$aData = array();
foreach ($this->aStatusInfo['fields'] as $sExtendedAttCode) {
if (preg_match('/^([^\\.]+)\\.(.+)$/', $sExtendedAttCode, $aMatches)) {
$sAlias = $aMatches[1];
$sAttCode = $aMatches[2];
} else {
$sAlias = reset($aAliases);
$sAttCode = $sExtendedAttCode;
}
if (!in_array($sAlias, $aAliases)) {
throw new Exception("Invalid alias '{$sAlias}' for the column '{$sExtendedAttCode}'. Availables aliases: '" . implode("', '", $aAliases) . "'");
}
$sClass = $aSelectedClasses[$sAlias];
switch ($sAttCode) {
case 'id':
if (count($aSelectedClasses) > 1) {
$aData[] = $sAlias . '.id';
//@@@
} else {
$aData[] = 'id';
//@@@
}
break;
default:
$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
if (count($aSelectedClasses) > 1) {
$aData[] = $sAlias . '.' . $oAttDef->GetLabel();
} else {
$aData[] = $oAttDef->GetLabel();
}
}
}
$sData .= "<table class=\"listResults\">\n";
$sData .= "<thead>\n";
$sData .= "<tr>\n";
foreach ($aData as $sLabel) {
$sData .= "<th>" . $sLabel . "</th>\n";
}
$sData .= "</tr>\n";
$sData .= "</thead>\n";
$sData .= "<tbody>\n";
return $sData;
}
public static function GetCurrentUserName()
{
if (UserRights::IsImpersonated()) {
$sUserString = Dict::Format('UI:Archive_User_OnBehalfOf_User', UserRights::GetRealUserFriendlyName(), UserRights::GetUserFriendlyName());
} else {
$sUserString = UserRights::GetUserFriendlyName();
}
return $sUserString;
}
public function __construct()
{
$rights = new UserRights(CDatabaza::getInstance());
if (!$rights->approved("EDIT_USERS")) {
$this->disable();
return;
}
$this->enable();
$this->initialize();
$this->setFunction("add", "add_user");
$this->setForm("add", "Pridaj užívateľa", "add_user", "add_user_form");
$this->setFunction("edit", "edit_user");
$this->setForm("edit", "Uprav informácie o užívateľovi", "edit_user", "edit_user_form");
$this->setFunction("remove", "remove_user");
$this->setForm("remove", "Vymaž užívateľa", "remove_user", "remove_user_form");
$this->setFunction("set_rights", "set_user_rights");
$this->setForm("set_rights", "Nastav užívateľské práva", "set_rights", "set_user_rights_form");
$this->setFunction("reset", "reset_password");
$this->setForm("reset", "Resetuj heslo", "remove_user", "remove_user_form");
}
private static function checkRight($array, $user)
{
if (!is_array($array)) {
return $array == $user;
}
foreach ($array as $right) {
if (UserRights::checkRight($right, $user)) {
return true;
}
}
return false;
}
public static function OnMenuCreation()
{
// Add the admin menus
if (UserRights::IsAdministrator()) {
$oAdminMenu = new MenuGroup('AdminTools', 80);
new OQLMenuNode('UserAccountsMenu', 'SELECT User', $oAdminMenu->GetIndex(), 1, true);
new OQLMenuNode('ProfilesMenu', 'SELECT URP_Profiles', $oAdminMenu->GetIndex(), 2);
new WebPageMenuNode('NotificationsMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/notifications.php', $oAdminMenu->GetIndex(), 3);
new OQLMenuNode('AuditCategories', 'SELECT AuditCategory', $oAdminMenu->GetIndex(), 4);
new WebPageMenuNode('RunQueriesMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/run_query.php', $oAdminMenu->GetIndex(), 8);
new OQLMenuNode('QueryMenu', 'SELECT Query', $oAdminMenu->GetIndex(), 8.5, true);
new WebPageMenuNode('ExportMenu', utils::GetAbsoluteUrlAppRoot() . 'webservices/export-v2.php?interactive=1', $oAdminMenu->GetIndex(), 9);
new WebPageMenuNode('DataModelMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/schema.php', $oAdminMenu->GetIndex(), 10);
new WebPageMenuNode('UniversalSearchMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/UniversalSearch.php', $oAdminMenu->GetIndex(), 11);
}
}
public static function OnMenuCreation()
{
$oToolsMenu = new MenuGroup('DataAdministration', 70, 'Organization', UR_ACTION_MODIFY, UR_ALLOWED_YES | UR_ALLOWED_DEPENDS);
new WebPageMenuNode('CSVImportMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/csvimport.php', $oToolsMenu->GetIndex(), 1);
// Add the admin menus
if (UserRights::IsAdministrator()) {
$oAdminMenu = new MenuGroup('AdminTools', 80);
new OQLMenuNode('UserAccountsMenu', 'SELECT User', $oAdminMenu->GetIndex(), 1);
new OQLMenuNode('ProfilesMenu', 'SELECT URP_Profiles', $oAdminMenu->GetIndex(), 2);
new WebPageMenuNode('NotificationsMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/notifications.php', $oAdminMenu->GetIndex(), 3);
new OQLMenuNode('AuditCategories', 'SELECT AuditCategory', $oAdminMenu->GetIndex(), 4);
new WebPageMenuNode('RunQueriesMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/run_query.php', $oAdminMenu->GetIndex(), 8);
new OQLMenuNode('QueryMenu', 'SELECT Query', $oAdminMenu->GetIndex(), 8.5, true);
new WebPageMenuNode('ExportMenu', utils::GetAbsoluteUrlAppRoot() . 'webservices/export.php', $oAdminMenu->GetIndex(), 9);
new WebPageMenuNode('DataModelMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/schema.php', $oAdminMenu->GetIndex(), 10);
new WebPageMenuNode('UniversalSearchMenu', utils::GetAbsoluteUrlAppRoot() . 'pages/UniversalSearch.php', $oAdminMenu->GetIndex(), 11);
}
}
public function IsUserAllowed()
{
$bRet = true;
$aProfiles = UserRights::ListProfiles();
foreach ($this->aData['deny'] as $sDeniedProfile) {
// If one denied profile is present, it's enough => return false
if (in_array($sDeniedProfile, $aProfiles)) {
return false;
}
}
// If there are some "allow" profiles, then by default the result is false
// since the user must have at least one of the profiles to be allowed
if (count($this->aData['allow']) > 0) {
$bRet = false;
}
foreach ($this->aData['allow'] as $sAllowProfile) {
// If one "allow" profile is present, it's enough => return true
if (in_array($sAllowProfile, $aProfiles)) {
return true;
}
}
return $bRet;
}
/**
* Helper function to build a select from the list of valid classes for a given action
* @param string $sName The name of the select in the HTML form
* @param string $sDefaulfValue The defaut value (i.e the value selected by default)
* @param integer $iWidthPx The width (in pixels) of the drop-down list
* @param integer $iActionCode The ActionCode (from UserRights) to check for authorization for the classes
* @return string The HTML fragment corresponding to the select tag
*/
function GetClassesSelect($sName, $sDefaultValue, $iWidthPx, $iActionCode = null)
{
$sHtml = "<select id=\"select_{$sName}\" name=\"{$sName}\">";
$sHtml .= "<option tyle=\"width: " . $iWidthPx . "px;\" title=\"Select the class you want to load\" value=\"\">" . Dict::S('UI:CSVImport:ClassesSelectOne') . "</option>\n";
$aValidClasses = array();
$aClassCategories = array('bizmodel');
if (UserRights::IsAdministrator()) {
$aClassCategories = array('bizmodel', 'application', 'addon/authentication');
}
foreach ($aClassCategories as $sClassCategory) {
foreach (MetaModel::GetClasses($sClassCategory) as $sClassName) {
if ((is_null($iActionCode) || UserRights::IsActionAllowed($sClassName, $iActionCode)) && !MetaModel::IsAbstract($sClassName)) {
$sSelected = $sClassName == $sDefaultValue ? " selected" : "";
$sDescription = MetaModel::GetClassDescription($sClassName);
$sDisplayName = MetaModel::GetName($sClassName);
$aValidClasses[$sDisplayName] = "<option style=\"width: " . $iWidthPx . "px;\" title=\"{$sDescription}\" value=\"{$sClassName}\"{$sSelected}>{$sDisplayName}</option>";
}
}
}
ksort($aValidClasses);
$sHtml .= implode("\n", $aValidClasses);
$sHtml .= "</select>";
return $sHtml;
}
public function DoExecute($oTrigger, $aContextArgs)
{
if (MetaModel::IsLogEnabledNotification()) {
$oLog = new EventNotificationShellExec();
if ($this->IsBeingTested()) {
$oLog->Set('message', 'TEST - Executing script (' . $this->Get('script_path') . ')');
} else {
$oLog->Set('message', 'Executing script');
}
$oLog->Set('userinfo', UserRights::GetUser());
$oLog->Set('trigger_id', $oTrigger->GetKey());
$oLog->Set('action_id', $this->GetKey());
$oLog->Set('object_id', $aContextArgs['this->object()']->GetKey());
// Must be inserted now so that it gets a valid id that will make the link
// between an eventual asynchronous task (queued) and the log
$oLog->DBInsertNoReload();
} else {
$oLog = null;
}
try {
$sRes = $this->_DoExecute($oTrigger, $aContextArgs, $oLog);
if ($this->IsBeingTested()) {
$sPrefix = 'TEST (' . $this->Get('script_path') . ') - ';
} else {
$sPrefix = '';
}
$oLog->Set('message', $sPrefix . $sRes);
} catch (Exception $e) {
if ($oLog) {
$oLog->Set('message', 'Error: ' . $e->getMessage());
}
}
if ($oLog) {
$oLog->DBUpdate();
}
}
function DoShowGrantSumary($oPage)
{
if ($this->GetRawName() == "Administrator") {
// Looks dirty, but ok that's THE ONE
$oPage->p(Dict::S('UI:UserManagement:AdminProfile+'));
return;
}
// Note: for sure, we assume that the instance is derived from UserRightsProjection
$oUserRights = UserRights::GetModuleInstance();
$aDisplayData = array();
foreach (MetaModel::GetClasses('bizmodel') as $sClass) {
// Skip non instantiable classes
if (MetaModel::IsAbstract($sClass)) {
continue;
}
$aStimuli = array();
foreach (MetaModel::EnumStimuli($sClass) as $sStimulusCode => $oStimulus) {
$oGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
if (is_object($oGrant) && $oGrant->Get('permission') == 'yes') {
$aStimuli[] = '<span title="' . $sStimulusCode . ': ' . htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8') . '">' . htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8') . '</span>';
}
}
$sStimuli = implode(', ', $aStimuli);
$aDisplayData[] = array('class' => MetaModel::GetName($sClass), 'read' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Read'), 'bulkread' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Bulk Read'), 'write' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Modify'), 'bulkwrite' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Bulk Modify'), 'delete' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Delete'), 'bulkdelete' => $this->GetGrantAsHtml($oUserRights, $sClass, 'Bulk Delete'), 'stimuli' => $sStimuli);
}
$aDisplayConfig = array();
$aDisplayConfig['class'] = array('label' => Dict::S('UI:UserManagement:Class'), 'description' => Dict::S('UI:UserManagement:Class+'));
$aDisplayConfig['read'] = array('label' => Dict::S('UI:UserManagement:Action:Read'), 'description' => Dict::S('UI:UserManagement:Action:Read+'));
$aDisplayConfig['bulkread'] = array('label' => Dict::S('UI:UserManagement:Action:BulkRead'), 'description' => Dict::S('UI:UserManagement:Action:BulkRead+'));
$aDisplayConfig['write'] = array('label' => Dict::S('UI:UserManagement:Action:Modify'), 'description' => Dict::S('UI:UserManagement:Action:Modify+'));
$aDisplayConfig['bulkwrite'] = array('label' => Dict::S('UI:UserManagement:Action:BulkModify'), 'description' => Dict::S('UI:UserManagement:Action:BulkModify+'));
$aDisplayConfig['delete'] = array('label' => Dict::S('UI:UserManagement:Action:Delete'), 'description' => Dict::S('UI:UserManagement:Action:Delete+'));
$aDisplayConfig['bulkdelete'] = array('label' => Dict::S('UI:UserManagement:Action:BulkDelete'), 'description' => Dict::S('UI:UserManagement:Action:BulkDelete+'));
$aDisplayConfig['stimuli'] = array('label' => Dict::S('UI:UserManagement:Action:Stimuli'), 'description' => Dict::S('UI:UserManagement:Action:Stimuli+'));
$oPage->table($aDisplayConfig, $aDisplayData);
}
/**
* Describe (as a text string) the modifications corresponding to this change
*/
public function GetDescription()
{
$sResult = '';
$oTargetObjectClass = $this->Get('objclass');
$oTargetObjectKey = $this->Get('objkey');
$oTargetSearch = new DBObjectSearch($oTargetObjectClass);
$oTargetSearch->AddCondition('id', $oTargetObjectKey, '=');
$oMonoObjectSet = new DBObjectSet($oTargetSearch);
if (UserRights::IsActionAllowedOnAttribute($this->Get('objclass'), $this->Get('attcode'), UR_ACTION_READ, $oMonoObjectSet) == UR_ALLOWED_YES) {
if (!MetaModel::IsValidAttCode($this->Get('objclass'), $this->Get('attcode'))) {
return '';
}
// Protects against renamed attributes...
$oAttDef = MetaModel::GetAttributeDef($this->Get('objclass'), $this->Get('attcode'));
$sAttName = $oAttDef->GetLabel();
$sLinkClass = $oAttDef->GetLinkedClass();
$aLinkClasses = MetaModel::EnumChildClasses($sLinkClass, ENUM_CHILD_CLASSES_ALL);
// Search for changes on the corresponding link
//
$oSearch = new DBObjectSearch('CMDBChangeOpSetAttribute');
$oSearch->AddCondition('change', $this->Get('change'), '=');
$oSearch->AddCondition('objkey', $this->Get('link_id'), '=');
if (count($aLinkClasses) == 1) {
// Faster than the whole building of the expression below for just one value ??
$oSearch->AddCondition('objclass', $sLinkClass, '=');
} else {
$oField = new FieldExpression('objclass', $oSearch->GetClassAlias());
$sListExpr = '(' . implode(', ', CMDBSource::Quote($aLinkClasses)) . ')';
$sOQLCondition = $oField->Render() . " IN {$sListExpr}";
$oNewCondition = Expression::FromOQL($sOQLCondition);
$oSearch->AddConditionExpression($oNewCondition);
}
$oSet = new DBObjectSet($oSearch);
$aChanges = array();
while ($oChangeOp = $oSet->Fetch()) {
$aChanges[] = $oChangeOp->GetDescription();
}
if (count($aChanges) == 0) {
return '';
}
$sItemDesc = MetaModel::GetHyperLink($this->Get('item_class'), $this->Get('item_id'));
$sResult = $sAttName . ' - ';
$sResult .= Dict::Format('Change:LinkSet:Modified', $sItemDesc);
$sResult .= ' : ' . implode(', ', $aChanges);
}
return $sResult;
}
public function DisplaySearchForm($sClass, $aAttList, $aExtraParams, $sPrefix, $bClosed = true)
{
$oUserOrg = $this->GetUserOrg();
$aFilterParams = array('org_id' => $oUserOrg->GetKey(), 'contact_id' => UserRights::GetContactId());
$sCSSClass = $bClosed ? 'DrawerClosed' : '';
$this->add("<div id=\"ds_{$sPrefix}\" class=\"SearchDrawer {$sCSSClass}\">\n");
$this->add_ready_script(<<<EOF
\t\t\$("#dh_{$sPrefix}").click( function() {
\t\t\$("#ds_{$sPrefix}").slideToggle('normal', function() { \$("#ds_{$sPrefix}").parent().resize(); } );
\t\t\$("#dh_{$sPrefix}").toggleClass('open');
\t});
EOF
);
$this->add("<form id=\"search_{$sClass}\" action=\"\" method=\"post\">\n");
// Don't use $_SERVER['SCRIPT_NAME'] since the form may be called asynchronously (from ajax.php)
// $this->add("<h2>".Dict::Format('UI:SearchFor_Class_Objects', 'xxxxxx')."</h2>\n");
$this->add("<p>\n");
foreach ($aAttList as $sAttSpec) {
//$oAppContext->Reset($sAttSpec); // Make sure the same parameter will not be passed twice
$this->DisplaySearchField($sClass, $sAttSpec, $aExtraParams, $sPrefix, null, $aFilterParams);
}
$this->add("</p>\n");
$this->add("<p align=\"right\"><input type=\"submit\" value=\"" . Dict::S('UI:Button:Search') . "\"></p>\n");
foreach ($aExtraParams as $sName => $sValue) {
// Note: use DumpHiddenParams() to transmit arrays as hidden params
if (is_scalar($sValue)) {
$this->add("<input type=\"hidden\" name=\"{$sName}\" value=\"{$sValue}\" />\n");
}
}
// $this->add($oAppContext->GetForForm());
$this->add("</form>\n");
$this->add("</div>\n");
$this->add("<div class=\"HRDrawer\"></div>\n");
$this->add("<div id=\"dh_{$sPrefix}\" class=\"DrawerHandle\">" . Dict::S('UI:SearchToggle') . "</div>\n");
}
}
$oP = new CLIPage(Dict::S("TitleSynchroExecution"));
try {
utils::UseParamFile();
} catch (Exception $e) {
$oP->p("Error: " . $e->GetMessage());
$oP->output();
exit - 2;
}
// Next steps:
// specific arguments: 'csvfile'
//
$sAuthUser = ReadMandatoryParam($oP, 'auth_user', 'raw_data');
$sAuthPwd = ReadMandatoryParam($oP, 'auth_pwd', 'raw_data');
if (UserRights::CheckCredentials($sAuthUser, $sAuthPwd)) {
UserRights::Login($sAuthUser);
// Login & set the user's language
} else {
$oP->p("Access restricted or wrong credentials ('{$sAuthUser}')");
$oP->output();
exit - 1;
}
$iStepCount = ReadMandatoryParam($oP, 'step_count');
$oP->p('Executing a partial synchro - step ' . $iStepCount);
$iSource = ReadMandatoryParam($oP, 'source');
$iStatLog = ReadMandatoryParam($oP, 'log');
$iChange = ReadMandatoryParam($oP, 'change');
$sLastFullLoad = ReadMandatoryParam($oP, 'last_full_load', 'raw_data');
$iChunkSize = ReadMandatoryParam($oP, 'chunk');
$oP->p('Last full load: ' . $sLastFullLoad);
$oP->p('Chunk size: ' . $iChunkSize);
protected function RenderTag($oPage, $sTag, $aAttributes, $sContent)
{
static $iTabContainerCount = 0;
switch ($sTag) {
case 'itoptabs':
$oPage->AddTabContainer('Tabs_' . $iTabContainerCount);
$oPage->SetCurrentTabContainer('Tabs_' . $iTabContainerCount);
$iTabContainerCount++;
//$oPage->p('Content:<pre>'.htmlentities($sContent, ENT_QUOTES, 'UTF-8').'</pre>');
$oTemplate = new DisplayTemplate($sContent);
$oTemplate->Render($oPage, array());
// no params to apply, they have already been applied
$oPage->SetCurrentTabContainer('');
break;
case 'itopcheck':
$sClassName = $aAttributes['class'];
if (MetaModel::IsValidClass($sClassName) && UserRights::IsActionAllowed($sClassName, UR_ACTION_READ)) {
$oTemplate = new DisplayTemplate($sContent);
$oTemplate->Render($oPage, array());
// no params to apply, they have already been applied
} else {
// Leave a trace for those who'd like to understand why nothing is displayed
$oPage->add("<!-- class {$sClassName} does not exist, skipping some part of the template -->\n");
}
break;
case 'itoptab':
$oPage->SetCurrentTab(Dict::S(str_replace('_', ' ', $aAttributes['name'])));
$oTemplate = new DisplayTemplate($sContent);
$oTemplate->Render($oPage, array());
// no params to apply, they have already been applied
//$oPage->p('iTop Tab Content:<pre>'.htmlentities($sContent, ENT_QUOTES, 'UTF-8').'</pre>');
$oPage->SetCurrentTab('');
break;
case 'itoptoggle':
$sName = isset($aAttributes['name']) ? $aAttributes['name'] : 'Tagada';
$bOpen = isset($aAttributes['open']) ? $aAttributes['open'] : true;
$oPage->StartCollapsibleSection(Dict::S($sName), $bOpen);
$oTemplate = new DisplayTemplate($sContent);
$oTemplate->Render($oPage, array());
// no params to apply, they have already been applied
//$oPage->p('iTop Tab Content:<pre>'.htmlentities($sContent, ENT_QUOTES, 'UTF-8').'</pre>');
$oPage->EndCollapsibleSection();
break;
case 'itopstring':
$oPage->add(Dict::S($sContent));
break;
case 'sqlblock':
$oBlock = SqlBlock::FromTemplate($sContent);
$oBlock->RenderContent($oPage);
break;
case 'itopblock':
// No longer used, handled by DisplayBlock::FromTemplate see above
$oPage->add("<!-- Application Error: should be handled by DisplayBlock::FromTemplate -->");
break;
default:
// Unknown tag, just ignore it or now -- output an HTML comment
$oPage->add("<!-- unsupported tag: {$sTag} -->");
}
}
protected function DoCheckToDelete(&$oDeletionPlan)
{
parent::DoCheckToDelete($oDeletionPlan);
// Plugins
//
foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) {
$aNewIssues = $oExtensionInstance->OnCheckToDelete($this);
if (count($aNewIssues) > 0) {
$this->m_aDeleteIssues = array_merge($this->m_aDeleteIssues, $aNewIssues);
}
}
// User rights
//
$bDeleteAllowed = UserRights::IsActionAllowed(get_class($this), UR_ACTION_DELETE, DBObjectSet::FromObject($this));
if (!$bDeleteAllowed) {
// Security issue
$this->m_bSecurityIssue = true;
$this->m_aDeleteIssues[] = Dict::S('UI:Delete:NotAllowedToDelete');
}
}
protected static function HandleOperations($operation)
{
$sMessage = '';
// most of the operations never return, but some can return a message to be displayed
if ($operation == 'logoff') {
if (isset($_SESSION['login_mode'])) {
$sLoginMode = $_SESSION['login_mode'];
} else {
$aAllowedLoginTypes = MetaModel::GetConfig()->GetAllowedLoginTypes();
if (count($aAllowedLoginTypes) > 0) {
$sLoginMode = $aAllowedLoginTypes[0];
} else {
$sLoginMode = 'form';
}
}
self::ResetSession();
$oPage = self::NewLoginWebPage();
$oPage->DisplayLoginForm($sLoginMode, false);
$oPage->output();
exit;
} else {
if ($operation == 'forgot_pwd') {
$oPage = self::NewLoginWebPage();
$oPage->DisplayForgotPwdForm();
$oPage->output();
exit;
} else {
if ($operation == 'forgot_pwd_go') {
$oPage = self::NewLoginWebPage();
$oPage->ForgotPwdGo();
$oPage->output();
exit;
} else {
if ($operation == 'reset_pwd') {
$oPage = self::NewLoginWebPage();
$oPage->DisplayResetPwdForm();
$oPage->output();
exit;
} else {
if ($operation == 'do_reset_pwd') {
$oPage = self::NewLoginWebPage();
$oPage->DoResetPassword();
$oPage->output();
exit;
} else {
if ($operation == 'change_pwd') {
$sAuthUser = $_SESSION['auth_user'];
UserRights::Login($sAuthUser);
// Set the user's language
$oPage = self::NewLoginWebPage();
$oPage->DisplayChangePwdForm();
$oPage->output();
exit;
}
}
}
}
}
}
if ($operation == 'do_change_pwd') {
$sAuthUser = $_SESSION['auth_user'];
UserRights::Login($sAuthUser);
// Set the user's language
$sOldPwd = utils::ReadPostedParam('old_pwd', '', false, 'raw_data');
$sNewPwd = utils::ReadPostedParam('new_pwd', '', false, 'raw_data');
if (UserRights::CanChangePassword() && (!UserRights::CheckCredentials($sAuthUser, $sOldPwd) || !UserRights::ChangePassword($sOldPwd, $sNewPwd))) {
$oPage = self::NewLoginWebPage();
$oPage->DisplayChangePwdForm(true);
// old pwd was wrong
$oPage->output();
exit;
}
$sMessage = Dict::S('UI:Login:PasswordChanged');
}
return $sMessage;
}
/**
* Helper to log a service delivery
*
* @param string sVerb
* @param array aArgs
* @param WebServiceResult oRes
*
*/
protected function LogUsage($sVerb, $oRes)
{
if (!MetaModel::IsLogEnabledWebService()) {
return;
}
$oLog = new EventWebService();
if ($oRes->IsOk()) {
$oLog->Set('message', $sVerb . ' was successfully invoked');
} else {
$oLog->Set('message', $sVerb . ' returned errors');
}
$oLog->Set('userinfo', UserRights::GetUser());
$oLog->Set('verb', $sVerb);
$oLog->Set('result', $oRes->IsOk());
$this->TrimAndSetValue($oLog, 'log_info', (string) $oRes->GetInfoAsText());
$this->TrimAndSetValue($oLog, 'log_warning', (string) $oRes->GetWarningsAsText());
$this->TrimAndSetValue($oLog, 'log_error', (string) $oRes->GetErrorsAsText());
$this->TrimAndSetValue($oLog, 'data', (string) $oRes->GetReturnedDataAsText());
$oLog->DBInsertNoReload();
}
protected static function GetUserPrefix()
{
$sPrefix = substr(UserRights::GetUser(), 0, 10);
$sPrefix = preg_replace('/[^a-zA-Z0-9-_]/', '_', $sPrefix);
return $sPrefix . '-';
}
public function PopulateChildMenus()
{
// Load user shortcuts in DB
//
$oBMSearch = new DBObjectSearch('Shortcut');
$oBMSearch->AddCondition('user_id', UserRights::GetUserId(), '=');
$oBMSet = new DBObjectSet($oBMSearch, array('friendlyname' => true));
// ascending on friendlyname
$fRank = 1;
while ($oShortcut = $oBMSet->Fetch()) {
$sName = $this->GetMenuId() . '_' . $oShortcut->GetKey();
$oShortcutMenu = new ShortcutMenuNode($sName, $oShortcut, $this->GetIndex(), $fRank++);
}
// Complete the tree
//
parent::PopulateChildMenus();
}
public function checkRight($rightName)
{
$result = UserRights::model()->findByPk(['user_id' => $this->id, 'right' => $rightName]);
return !empty($result);
}
public function MakeClassesSelect($sName, $sDefaultValue, $iWidthPx, $iActionCode = null)
{
// $aTopLevelClasses = array('bizService', 'bizContact', 'logInfra', 'bizDocument');
// These are classes wich root class is cmdbAbstractObject !
$this->add("<select id=\"select_{$sName}\" name=\"{$sName}\">");
$aValidClasses = array();
foreach (MetaModel::GetClasses('bizmodel') as $sClassName) {
if (is_null($iActionCode) || UserRights::IsActionAllowed($sClassName, $iActionCode)) {
$sSelected = $sClassName == $sDefaultValue ? " SELECTED" : "";
$sDescription = MetaModel::GetClassDescription($sClassName);
$sDisplayName = MetaModel::GetName($sClassName);
$aValidClasses[$sDisplayName] = "<option style=\"width: " . $iWidthPx . " px;\" title=\"{$sDescription}\" value=\"{$sClassName}\"{$sSelected}>{$sDisplayName}</option>";
}
}
ksort($aValidClasses);
$this->add(implode("\n", $aValidClasses));
$this->add("</select>");
}
$oShortcut = MetaModel::GetObject('Shortcut', $iShortcut);
$oShortcut->StartRenameDialog($oPage);
break;
case 'shortcut_rename_go':
$iShortcut = utils::ReadParam('id', 0);
$oShortcut = MetaModel::GetObject('Shortcut', $iShortcut);
$sName = utils::ReadParam('attr_name', '', false, 'raw_data');
if (strlen($sName) > 0) {
$oShortcut->Set('name', $sName);
$oShortcut->DBUpdate();
$oPage->add_ready_script('window.location.reload();');
}
break;
case 'shortcut_delete_go':
$oSearch = new DBObjectSearch('Shortcut');
$oSearch->AddCondition('user_id', UserRights::GetUserId(), '=');
$aShortcuts = utils::ReadMultipleSelection($oSearch);
foreach ($aShortcuts as $iShortcut) {
$oShortcut = MetaModel::GetObject('Shortcut', $iShortcut);
$oShortcut->DBDelete();
$oPage->add_ready_script('window.location.reload();');
}
break;
case 'export_dashboard':
$sMenuId = utils::ReadParam('id', '', false, 'raw_data');
ApplicationMenu::LoadAdditionalMenus();
$index = ApplicationMenu::GetMenuIndexById($sMenuId);
$oMenu = ApplicationMenu::GetMenuNode($index);
if ($oMenu instanceof DashboardMenuNode) {
$oDashboard = $oMenu->GetDashboard();
$oPage->TrashUnexpectedOutput();
