/**
* Detailの値があればSessionへセット
* myroom_use_flagをdisabledになるとうまく動かない(現状、myroom_use_flagはdisabledになることはない)
* @param array $detail_arr 詳細情報配列
* @access public
*/
function setSessionDetail($detail_arr, $modselect_flag = true)
{
if (isset($detail_arr['myroom_use_flag'])) {
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "myroom_use_flag"), $this->_getRequest($detail_arr, "myroom_use_flag"));
if (isset($detail_arr['myroom_use_flag']) && $detail_arr['myroom_use_flag'] == _OFF) {
$this->session->removeParameter(array("authority", $this->request->getParameter("role_authority_id"), "enroll_modules"));
}
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "allow_htmltag_flag"), $this->_getRequest($detail_arr, "allow_htmltag_flag"));
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "allow_layout_flag"), $this->_getRequest($detail_arr, "allow_layout_flag"));
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "allow_attachment"), $this->_getRequest($detail_arr, "allow_attachment"));
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "allow_video"), $this->_getRequest($detail_arr, "allow_video"));
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "max_size"), $this->_getRequest($detail_arr, "max_size"));
$this->session->removeParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "modselect"));
if ($modselect_flag == true) {
if (isset($detail_arr['modselect'])) {
$this->session->removeParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "modselect"));
foreach ($detail_arr['modselect'] as $dirname => $modselect) {
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "modselect", $dirname), $modselect);
}
} else {
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "modselect"), array());
}
}
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "usermodule_auth"), $this->_getRequest($detail_arr, "usermodule_auth"));
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "public_createroom_flag"), $this->_getRequest($detail_arr, "public_createroom_flag"));
$this->session->setParameter(array("authority", $this->request->getParameter("role_authority_id"), "detail", "group_createroom_flag"), $this->_getRequest($detail_arr, "group_createroom_flag"));
}
}
/**
* 権限チェックを行う
* @param action_name
* @param page_id
* @param block_id
* @return boolean
* @access public
**/
function AuthCheck($action_name, $page_id, $block_id)
{
if ($action_name != "") {
$pathList = explode("_", $action_name);
} else {
// エラー
return false;
}
//TODO:他サイト間通信で使用予定。現在、未使用。
//$_redirect_url = $this->request->getParameter("_redirect_url");
//$_req_sig = $this->request->getParameter("_sig");
//$_req_ts = $this->request->getParameter("_ts");
//$_req_user_id = $this->request->getParameter("_user_id");
//$_req_auth_id = $this->request->getParameter("_auth_id");
//$_req_token = $this->request->getParameter("_token");
//システム系の画面かいなか
$system_flag = $this->session->getParameter("_system_flag");
//
//携帯チェック
//
$mobile_flag = $this->session->getParameter("_mobile_flag");
$isMobileAction = $pathList[0] == 'common' && $pathList[1] == 'mobile';
$isMobileAction = $isMobileAction || $pathList[2] == 'mobile';
if ($isMobileAction && empty($mobile_flag)) {
return false;
}
$isSystemException = $pathList[0] == 'userinf';
if (!$isSystemException && $mobile_flag == _ON && $system_flag == _ON) {
return false;
}
//
// active_flagチェック
//
$user_id = $this->session->getParameter("_user_id");
if ($user_id !== "0") {
$users =& $this->getdata->getParameter("users");
if (!isset($users[$user_id])) {
$users[$user_id] = $this->usersView->getUserById($user_id);
if ($users[$user_id] === false || !isset($users[$user_id]['user_id'])) {
// 強制ログアウト
$this->session->close();
return false;
}
$this->getdata->setParameter("users", $users);
}
if ($users[$user_id]['active_flag'] != _USER_ACTIVE_FLAG_ON) {
// 強制ログアウト
$this->session->close();
return false;
}
if ($users[$user_id]['system_flag'] == _ON) {
$this->session->setParameter("_system_user_id", $user_id);
}
}
$_system_user_id = $this->session->getParameter("_system_user_id");
if (!isset($_system_user_id)) {
$where_params = array("{users}.active_flag" => _USER_ACTIVE_FLAG_ON, "{users}.system_flag" => _ON);
$sys_users = $this->usersView->getUsers($where_params);
if ($sys_users === false || !isset($sys_users[0]['user_id'])) {
return false;
}
if (isset($sys_users[0]['user_id'])) {
$this->session->setParameter("_system_user_id", $sys_users[0]['user_id']);
}
}
if ($action_name == "control_view_main") {
return true;
}
// リクエストパラメータにblock_idがなければ、
// ショートカットとして評価
$shortcut_flag = _ON;
if ($block_id != 0) {
$blocks = $this->getdata->getParameter("blocks");
if (isset($blocks[$block_id]['action_name'])) {
$pathListBlockobj = explode("_", $blocks[$block_id]['action_name']);
//アクションとブロックオブジェクトのアクションが異なる
//但し、ダイアログ、ページ表示アクションの場合はチェックしない
if ($pathList[0] != $pathListBlockobj[0] && $pathList[0] != "comp" && $pathList[0] != "dialog" && $pathList[0] != "pages") {
//エラー
return false;
}
// block_idがあれば、block_idからpage_idをセット(blocksテーブル優先)
$page_id = $blocks[$block_id]['page_id'];
$shortcut_flag = $blocks[$block_id]['shortcut_flag'];
}
}
if ($block_id == 0 && $pathList[0] == "login") {
//ログイン
$auth_id = _AUTH_GUEST;
$hierarchy = 0;
} else {
if ($system_flag == _ON) {
$auth_id = $this->getPageAuthId($user_id);
} else {
$auth_id = $this->getPageAuthId($user_id, $page_id);
}
$hierarchy = $this->getPageHierarchy($user_id, $page_id);
}
$this->session->setParameter("_auth_id", $auth_id);
$this->session->setParameter("_hierarchy", $hierarchy);
$pages = $this->getdata->getParameter("pages");
$room_id = isset($pages[$page_id]['room_id']) ? $pages[$page_id]['room_id'] : 0;
$space_type = isset($pages[$page_id]['space_type']) ? $pages[$page_id]['space_type'] : _SPACE_TYPE_GROUP;
//TODO:現状、未仕様
//if($_redirect_url && $_req_sig && $_req_user_id && $_req_auth_id && $_req_ts && $_req_token) {
//
// 他サーバショートカット
//
//exit;
//}
//
// 自サイト
//
if ($auth_id == _AUTH_OTHER) {
return false;
}
//if($auth_id ==_AUTH_OTHER && $user_id === "0") {
// 管理系ならば、コントロールパネルに遷移
// それ以外、pages_view_mainに遷移
/*
if($system_flag) {
$redirect_url = "?_sub_action=control_view_main";
$current_page_id = $this->request->getParameter("current_page_id");
if($current_page_id != null && $current_page_id != 0) {
$redirect_url .= "@current_page_id=". $current_page_id;
}
} else {
$redirect_url = "?_sub_action=" . DEFAULT_ACTION;
$page_id = $this->request->getParameter("page_id");
if($page_id != null && $page_id != 0) {
$redirect_url .= "@page_id=". $page_id;
}
}
*/
//ログイン画面表示
//print "<script type=\"text/javascript\">
// location.href = '".BASE_URL.INDEX_FILE_NAME."?action=login_view_main_init&error_mes="._ON."&_redirect_url=".$redirect_url."';
// </script>";
//ログインしていない
//$url = htmlspecialchars(str_replace("?action=","?_sub_action=",str_replace("&","@",BASE_URL.INDEX_FILE_NAME.$this->request->getStrParameters(false))), ENT_QUOTES);
//ログイン画面表示
//print "<script type=\"text/javascript\">
// location.href = '".BASE_URL.INDEX_FILE_NAME."?action=login_view_main_init&error_mes="._ON."&_redirect_url=".str_replace("?action=","?_sub_action=",str_replace("&","@",$url))."';
// </script>";
//エラー
//return false;
//} else if($auth_id ==_AUTH_OTHER) {
// return false;
//}
//
// room_idの値をActionに移す
//
//$buf_room_id = $this->request->getParameter("room_id");
//if(!isset($buf_room_id)) {
$this->request->setParameter("room_id", $room_id);
//}
if ($system_flag == _OFF) {
//------------------------------------------------------------------------
// XXXX_XXXX_Edit_XXXX_・・・のアクションは、権限が主担以上の場合だけ許す
// block_idがパラメータにあり、ショートカットのブロックならばXXXX_XXXX_Edit_Init_・・・のアクションは許さない
// 基本的にmaple.iniでValidateDefのauthcheck,moduleShortcutを行わない仕様とする
//------------------------------------------------------------------------
if (is_array($pathList) && isset($pathList[2])) {
if ($pathList[0] == "menu") {
if ($user_id === "0" && $pathList[2] == "edit") {
return false;
}
} else {
if ($pathList[2] == "edit" && $auth_id < _AUTH_CHIEF) {
return false;
}
//XXX_View(Action)_XXXX_Init_・・・ならばショートカットは許さない
if ($pathList[2] == "edit" && isset($pathList[3]) && $pathList[3] == "init" && $shortcut_flag == _ON) {
return false;
}
}
}
}
//
//レイアウトモード
//
$_layoutmode = $this->request->getParameter("_layoutmode");
//on or off
$_layoutmode_onetime = $this->request->getParameter("_layoutmode_onetime");
if ($auth_id >= _AUTH_CHIEF) {
if ($_layoutmode == "on" || $_layoutmode == "off") {
$this->session->setParameter("_layoutmode", $_layoutmode);
}
//$buf_layoutmode = $this->session->getParameter("_layoutmode");
//if(($buf_layoutmode != "on" && $buf_layoutmode != "off")) {
// $this->session->setParameter("_layoutmode","off");
//}
if (isset($_layoutmode_onetime)) {
if ($_layoutmode_onetime != "on" && $_layoutmode_onetime != "off") {
$this->request->setParameter("_layoutmode_onetime", "off");
}
}
} else {
$this->session->setParameter("_layoutmode", "off");
if (isset($_layoutmode_onetime)) {
$this->request->setParameter("_layoutmode_onetime", "off");
}
}
//
//ショートカットフラグ
//
$this->session->setParameter("_shortcut_flag", $shortcut_flag);
//
// センターカラムに拡大表示しているかどうか
//
$_show_main_flag = $this->request->getParameter("_show_main_flag");
if ($_show_main_flag == _ON) {
$this->session->setParameter("_show_main_flag", _ON);
} else {
$this->session->setParameter("_show_main_flag", _OFF);
}
return true;
}
