function filterByElement($s3ql, $user_id, $db)
{
switch ($s3ql['from']) {
case 'users':
#$user_query_const .= " and account_type !=".$regexp." '(u|p|a|r)'";
$user_query_const .= " and account_type != 'g'";
if (!user_is_admin($user_id, $db) || $s3ql['where']['account_status'] == '') {
$user_query_const .= " and account_status = 'A'";
}
if ($s3ql['where']['group_id'] != '') {
$group_info = s3info('group', $s3ql['where']['group_id'], $db);
if (!is_array($group_info)) {
return False;
echo formatReturn($GLOBALS['error_codes']['something_does_not_exist'], 'Group ' . $s3ql['where']['group_id'] . ' does not exist', $s3ql['format'], '');
} else {
#$group_members_query=str_replace("*", "substr(uid, 2, length(uid))", select(array('uid'=>'U'.$s3ql['where']['user_id'], 'shared_with'=>'G'.$s3ql['where']['group_id'])));
#$group_members_query=str_replace("*", "replace(substr(uid, 2, length(uid)), '".$GLOBALS['Did'].'/U'."', '')", select(array('uid'=>'U'.$s3ql['where']['user_id'], 'shared_with'=>'G'.$s3ql['where']['group_id'])));
$group_members_query = "select id from s3db_permission where shared_with = 'G" . $s3ql['where']['group_id'] . "' and uid " . $GLOBALS['regexp'] . " '^U'";
$user_query_const .= " and account_id in (" . $group_members_query . ")";
#group_id is artifical, don't use it in determining output
$s3ql['where'] = array_diff_key($s3ql['where'], array('group_id' => ''));
$s3ql['where'] = array_filter($s3ql['where']);
}
}
break;
case 'groups':
#secial query will be pefrformed on listS3DB.
$user_query_const .= " and account_type " . $GLOBALS['regexp'] . " '(g)'";
if ($group_id != '1' || $s3ql['where']['account_status'] != 'I') {
$user_query_const .= " and account_status = 'A'";
}
if ($s3ql['where']['user_id'] != '') {
$user2query = $s3ql['where']['user_id'];
$user_members_query = "select shared_with_num from s3db_permission where shared_with " . $GLOBALS['regexp'] . " '^G' and uid = 'U" . $user2query . "'";
$user_query_const .= " and account_id in (" . $user_members_query . ")";
#$user_members = select(array('uid'=>'U'.$s3ql['where']['user_id'], 'shared_with'=>'G'.$s3ql['where']['group_id'], 'stream'=>'upstream'));
#$user_members_query=str_replace("*", "substr(shared_with, 2, length(shared_with))", $user_members);
#$user_query_const .= " and account_id in (select group_id from s3db_account_group where account_id ".$regexp." ".$s3ql['where']['user_id'].")";
$s3ql['where'] = array_diff_key($s3ql['where'], array('user_id' => ''));
$s3ql['where'] = array_filter($s3ql['where']);
}
#implicated user id. When queried with user_id, this query gives all the groups where user_id is involved, which are all the groups he can change.
break;
case 'accesslog':
#if(!user_is_admin($user_id, $db))
if ($user_id != '1' && !user_is_admin($user_id, $db)) {
echo formatReturn($GLOBALS['error_codes']['no_permission_message'], 'User does not have permission to see accesslog', $s3ql['format'], '');
exit;
//return (False);
}
break;
case 'rulelog':
if ($user_id != '1') {
$user_projects = findUserProjects($user_id, $db);
$user_query_const .= " and project_id " . $GLOBALS['regexp'] . " '" . create_list($user_projects) . "'";
}
break;
case 'keys':
$P['table'] = 'access_keys';
if ($user_id != '1') {
$user_query_const .= " and account_id = '" . $user_id . "'";
}
break;
case 'filekeys':
$P['table'] = 'file_transfer';
if ($user_id != '1') {
$user_query_const .= " and created_by = '" . $user_id . "'";
}
break;
case 'projects':
if ($user_id != '1' && $s3ql['where']['project_status'] != 'I') {
$user_query_const .= " and project_status = 'A'";
}
break;
case 'requests':
if ($user_id != '1') {
$user_rules = findUserRules($user_id, $db);
$user_query_const .= " and rule_id " . $regexp . " '" . create_list($user_rules) . "'";
}
break;
case 'rules':
if ($s3ql['where']['class_id'] != '') {
$class_info = URI('C' . $s3ql['where']['class_id'], $user_id, $db);
$user_query_const .= " and (subject_id = '" . $class_info['resource_id'] . "' or object_id = '" . $class_info['resource_id'] . "')";
}
$user_query_const .= " and object!='UID'";
break;
case 'statements':
#
if ($s3ql['where']['class_id'] != '') {
$class_info = URI('C' . $s3ql['where']['class_id'], $user_id, $db);
$user_query_const .= " and rule_id = '" . $class_info['rule_id'] . "'";
}
$user_query_const .= " and rule_id not in (select rule_id from s3db_rule where object='UID')";
$user_query_const .= " and rule_id!=''";
break;
case 'collections':
$user_query_const .= " and iid = '0'";
if ($s3ql['where']['rule_id'] != '') {
$element_info = URI('R' . $s3ql['where']['rule_id'], $user_id, $db);
$user_query_const .= " and resource_id '^" . $regexp . " " . fastClassID(array('entity' => $element_info['subject'], 'project_id' => $element_info['project_id'], 'db' => $db)) . "'\$'";
}
break;
case 'items':
$user_query_const .= " and iid = '1'";
if ($s3ql['where']['rule_id'] != '') {
$element_info = URI('R' . $s3ql['where']['rule_id'], $user_id, $db);
$user_query_const .= " and resource_class_id '^" . $regexp . " " . fastClassID(array('entity' => $element_info['subject'], 'project_id' => $element_info['project_id'], 'db' => $db)) . "'\$'";
}
break;
}
return $user_query_const;
}
function filterByElement($s3ql, $user_id, $db)
{
switch ($s3ql['from']) {
case 'users':
#$user_query_const .= " and account_type !=".$regexp." '(u|p|a|r)'";
$user_query_const .= " and account_type != 'g'";
if (!user_is_admin($user_id, $db) || $s3ql['where']['account_status'] == '') {
$user_query_const .= " and account_status = 'A'";
}
if ($s3ql['where']['group_id'] != '') {
$group_info = s3info('group', $s3ql['where']['group_id'], $db);
if (!is_array($group_info)) {
return False;
echo formatReturn($GLOBALS['error_codes']['something_does_not_exist'], 'Group ' . $s3ql['where']['group_id'] . ' does not exist', $s3ql['format'], '');
} else {
#$group_members_query=str_replace("*", "substr(uid, 2, length(uid))", select(array('uid'=>'U'.$s3ql['where']['user_id'], 'shared_with'=>'G'.$s3ql['where']['group_id'])));
$group_members_query = str_replace("*", "replace(substr(uid, 2, length(uid)), '" . $GLOBALS['Did'] . '/U' . "', '')", select(array('uid' => 'U' . $s3ql['where']['user_id'], 'shared_with' => 'G' . $s3ql['where']['group_id'])));
$user_query_const .= " and account_id in (" . $group_members_query . ")";
#group_id is artifical, don't use it in determining output
$s3ql['where'] = array_diff_key($s3ql['where'], array('group_id' => ''));
$s3ql['where'] = array_filter($s3ql['where']);
}
}
#if there is any coreID, this is a check on permissions. Check first if user can query the resource, then check for permission
$COREids = $GLOBALS['COREids'];
foreach ($COREids as $s3code => $s3coreId) {
if ($s3ql['where'][$s3coreId] != '' && $s3coreId != 'user_id') {
$stream = "upstream";
$id_name = $s3coreId;
$code_id = $s3ql['where'][$s3coreId];
$uid = strtoupper(substr($s3code, 0, 1)) . $s3ql['where'][$s3coreId];
$element_info = URIinfo($uid, $user_id, $s3ql['key'], $db);
if (!is_array($element_info)) {
echo formatReturn($GLOBALS['error_codes']['something_missing'], $uid . ' was not found', $s3ql['format'], '');
return false;
}
if (!$element_info['view']) {
echo formatReturn($GLOBALS['error_codes']['no_permission_message'], $uid . ' was not found', $s3ql['format'], '');
return false;
}
$user_query_const .= " and account_id in (" . str_replace('*', 'substr(shared_with,2,length(shared_with))', select(array('shared_with' => 'U', 'uid' => $uid, 'stream' => 'upstream'))) . ")";
}
}
break;
case 'groups':
#secial query will be pefrformed on listS3DB.
$user_query_const .= " and account_type " . $GLOBALS['regexp'] . " '(g)'";
if ($group_id != '1' || $s3ql['where']['account_status'] != 'I') {
$user_query_const .= " and account_status = 'A'";
}
if ($s3ql['where']['user_id'] != '') {
$user_members = select(array('uid' => 'U' . $s3ql['where']['user_id'], 'shared_with' => 'G' . $s3ql['where']['group_id'], 'stream' => 'upstream'));
$user_members_query = str_replace("*", "substr(shared_with, 2, length(shared_with))", $user_members);
$user_query_const .= " and account_id in (" . $user_members_query . ")";
#$user_query_const .= " and account_id in (select group_id from s3db_account_group where account_id ".$regexp." ".$s3ql['where']['user_id'].")";
$s3ql['where'] = array_diff_key($s3ql['where'], array('user_id' => ''));
$s3ql['where'] = array_filter($s3ql['where']);
}
#implicated user id. When queried with user_id, this query gives all the groups where user_id is involved, which are all the groups he can change.
break;
case 'accesslog':
#if(!user_is_admin($user_id, $db))
if ($user_id != '1' && !user_is_admin($user_id, $db)) {
echo formatReturn($GLOBALS['error_codes']['no_permission_message'], 'User does not have permission to see accesslog', $s3ql['format'], '');
return False;
}
break;
case 'rulelog':
if ($user_id != '1') {
$user_projects = findUserProjects($user_id, $db);
$user_query_const .= " and project_id " . $regexp . " " . create_list($user_projects) . "";
}
break;
case 'keys':
$P['table'] = 'access_keys';
if ($user_id != '1') {
$user_query_const .= " and account_id = '" . $user_id . "'";
}
break;
case 'filekeys':
$P['table'] = 'file_transfer';
if ($user_id != '1') {
$user_query_const .= " and created_by = '" . $user_id . "'";
}
break;
case 'projects':
if ($user_id != '1' && $s3ql['where']['project_status'] != 'I') {
$user_query_const .= " and project_status = 'A'";
}
break;
case 'requests':
if ($user_id != '1') {
$user_rules = findUserRules($user_id, $db);
$user_query_const .= " and rule_id " . $regexp . " '" . create_list($user_rules) . "'";
}
break;
case 'rules':
if ($s3ql['where']['class_id'] != '') {
$class_info = URI('C' . $s3ql['where']['class_id'], $user_id, $db);
$user_query_const .= " and (subject_id = '" . $class_info['resource_id'] . "' or object_id = '" . $class_info['resource_id'] . "')";
}
break;
case 'statements':
#
if ($s3ql['where']['class_id'] != '') {
$class_info = URI('C' . $s3ql['where']['class_id'], $user_id, $db);
$user_query_const .= " and rule_id = '" . $class_info['rule_id'] . "'";
}
break;
case 'collections':
$user_query_const .= " and iid = '0'";
if ($s3ql['where']['rule_id'] != '') {
$element_info = URI('R' . $s3ql['where']['rule_id'], $user_id, $db);
$user_query_const .= " and resource_id '^" . $regexp . " " . fastClassID(array('entity' => $element_info['subject'], 'project_id' => $element_info['project_id'], 'db' => $db)) . "'\$'";
}
break;
case 'items':
$user_query_const .= " and iid = '1'";
if ($s3ql['where']['rule_id'] != '') {
$element_info = URI('R' . $s3ql['where']['rule_id'], $user_id, $db);
$user_query_const .= " and resource_class_id '^" . $regexp . " " . fastClassID(array('entity' => $element_info['subject'], 'project_id' => $element_info['project_id'], 'db' => $db)) . "'\$'";
}
break;
}
return $user_query_const;
}
function include_all_class_id($S)
{
extract($S);
if (is_array($rules)) {
foreach ($rules as $rule_info) {
$rule_id = $rule_info['rule_id'];
$entity = $rule_info['subject'];
$rule_info['subject_class_id'] = fastClassID(compact('db', 'entity', 'project_id'));
$entity = $rule_info['object'];
$rule_info['object_class_id'] = fastClassID(compact('entity', 'project_id', 'db'));
$data[] = $rule_info;
}
}
#echo '<pre>class';print_r($data);
return $data;
}
