return $ERROR->createInvalidConnectionError(); } break; case "editconnectiondescription": $connid = required_param('connid', PARAM_ALPHANUMEXT); $description = optional_param('description', "", PARAM_TEXT); $response = editConnectionDescription($connid, $description); break; case "deleteconnection": $connid = required_param('connid', PARAM_ALPHANUMEXT); $response = deleteConnection($connid); break; /** ROLES aka NODE TYPES **/ /** ROLES aka NODE TYPES **/ case "getuserroles": $response = getUserRoles(); break; /** LINK TYPES **/ /** LINK TYPES **/ case "getlinktypebylabel": $label = required_param('label', PARAM_TEXT); $response = getLinkTypeByLabel($label); break; /** USERS **/ /** USERS **/ case "getuser": $userid = required_param('userid', PARAM_ALPHANUMEXT); $response = getUser($userid, $style); break; case "getactiveconnectionusers": $response = getActiveConnectionUsers($start, $max, $style);
function populate($userId) { // This will contain all of the permissions the user has been specified $permissions = array(); // assuming that $identity has an id column $userPermissions = getUserPermissions(); //$db->query("SELECT * FROM UsersPermissions WHERE UserId = @0", $identity->id); // Go through each user explicit permission foreach ($userPermissions as $permissionName => $values) { // $permission["name"] could be something like "Article1" // $permission["values"] could be something like ""View:true,NewTopic:true,Reply:true,EditSelf:true"" // These are all the access permissions with that permission name $access = array(); // Store that array of permissions in the overall array $permissions[$permissionName] = $values; } // These are all of the permissions specified to the user by roles $rolesPermissions = array(); // Get the permissions on the chains of roles the user is in $roles = getUserRoles($userId); foreach ($roles as $role) { // This is the overall result for the heirarchy of the current role // Something like // [article1] => // [view] => [true] // [edit] => [true] // [delete] => [true] $roleAccess = array(); $parents = getHierarchy($role); foreach ($parents as $parent) { // Foreach node closer to the role the user is in // get the permission //while($permission = getRolesPermissions($parent); $rolePermissions = getRolePermissions($parent); //$db->query("SELECT * FROM RolesPermissions WHERE roleId = @0", $parent); if ($rolePermissions != null) { foreach ($rolePermissions as $name => $values) { // If this key hasn't been initialized, then do it if (!isset($rolesPermissions[$name])) { $rolesPermissions[$name] = array(); } foreach ($values as $key => $value) { $rolesPermissions[$name][$key] = $value; } } } } } // var_dump($permissions); // var_dump($rolesPermissions); // Right now if we get two different answers from different chains, then the result is not gaurenteed. // Aka: Dont have ambiguous ACL trees foreach ($permissions as $name => $values) { if (!isset($rolesPermissions[$name])) { $rolesPermissions[$name] = array(); } foreach ($values as $key => $value) { $rolesPermissions[$name][$key] = $value; } } return $rolesPermissions; //echo "\n"; // var_dump($rolesPermissions); // echo "\n\n\n"; //return $permissions; }
/* Get all the users and their assigned roles */ $q = "select u.username user, r.name role from user u " . " left join user_roles ur on ( u.id=ur.user_id )" . " left join role r on (ur.role_id=r.id)"; if (!currUserHasRole('Admin')) { $q .= " where NOT r.name like 'Admin' and NOT u.username like 'admin'"; } else { $q .= " where NOT u.username like 'admin'"; } $q .= " order by u.id"; $res =& $db->query($q); if (PEAR::isError($res)) { return false; } $userroles = array(); while ($row =& $res->fetchRow()) { $userroles[$row['user']][$row['role']] = 1; } // Free the result $res->free(); return $userroles; } $roles = getRoles(); if ($roles) { $t->assign('roles', $roles); } $userroles = getUserRoles(); if ($userroles) { $t->assign('userroles', $userroles); } //if($opmsg!="") // $t->assign('opmsg', $opmsg); $t->display('adminUserRoles.tpl');
function UserEdit() { $id = $_GET["id"]; if (empty($id)) { displayError("An ID is required for this function."); } else { $row = getUser($id); if ($row == false) { displayError("<p>User ID is not on file.</p> "); } else { $hasAttrResults = getUserRoles($id); $hasNotAttrResults = getNotUserRoles($id); $userID = $row["UserID"]; $firstName = $row["FirstName"]; $lastName = $row["LastName"]; $userName = $row["UserName"]; $email = $row["Email"]; include '../security/modify_user_form.php'; } } }
submitASC(); break; case 'submitnewProduct': submitnewProduct(); break; case 'submitnewGroups': submitnewGroups(); break; case 'submitnewProductType': submitnewProductType(); break; case 'submitnewProductCategory': submitnewProductCategory(); break; case 'getUserRoles': getUserRoles(); break; case 'getSpareParts': getSpareParts(); break; case 'addNoticeBoard': addNoticeBoard(); break; case 'deleteNotices': deleteNotices(); break; case 'deleteDealer': deleteDealer(); break; case 'deleteASC': deleteASC();