/**
* Get unit data for current user
*
* @author
**/
function get_data()
{
$out = array();
// Initiate session
$this->authorized();
if (isset($_SESSION['business_unit'])) {
// Get data for this unit
$unit = new Business_unit();
$out = $unit->all($_SESSION['business_unit']);
}
$obj = new View();
$obj->view('json', array('msg' => $out));
}
/**
* Return BU data for unitid or all units if unitid is empty
*
* @return void
* @author
**/
function get_bu_data($unitid = "")
{
$obj = new View();
$bu = new Business_unit();
$obj->view('json', array('msg' => $bu->all($unitid)));
}
/**
* Set session properties
*
**/
function set_session_props($show = false)
{
// Initialize session
$this->authorized();
// Check if we are in a session
if (!isset($_SESSION['auth'])) {
$msg = array('error' => 'unauthorized');
$obj = new View();
$obj->view('json', array('msg' => $msg));
return;
}
// Default role is user
$_SESSION['role'] = 'user';
$_SESSION['role_why'] = 'Default role';
// Find role in config for current user
foreach (conf('roles', array()) as $role => $members) {
// Check for wildcard
if (in_array('*', $members)) {
$_SESSION['role'] = $role;
$_SESSION['role_why'] = 'Matched on wildcard (*) in ' . $role;
break;
}
// Check if user or group is present in members
foreach ($members as $member) {
if (strpos($member, '@') === 0) {
// groups (start with @)
if (in_array(substr($member, 1), $_SESSION['groups'])) {
$_SESSION['role'] = $role;
$_SESSION['role_why'] = 'member of ' . $member;
break 2;
}
} else {
// user
if ($member == $_SESSION['user']) {
$_SESSION['role'] = $role;
$_SESSION['role_why'] = $member . ' in "' . $role . '" role array';
break 2;
}
}
}
}
// Check if Business Units are enabled in the config file
$bu_enabled = conf('enable_business_units', FALSE);
// Check if user is global admin
if ($_SESSION['auth'] == 'noauth' or $_SESSION['role'] == 'admin') {
unset($_SESSION['business_unit']);
} elseif (!$bu_enabled) {
// Regular user w/o business units enabled
unset($_SESSION['business_unit']);
} elseif ($bu_enabled) {
// Authorized user, not in business unit
$_SESSION['role'] = 'nobody';
$_SESSION['role_why'] = 'Default role for Business Units';
$_SESSION['business_unit'] = 0;
// Lookup user in business units
$bu = new Business_unit();
if ($bu->retrieve_one("property IN ('manager', 'user') AND value=?", $_SESSION['user'])) {
$_SESSION['role'] = $bu->property;
// manager, user
$_SESSION['role_why'] = $_SESSION['user'] . ' found in Business Unit ' . $bu->unitid;
$_SESSION['business_unit'] = $bu->unitid;
} else {
// Lookup groups in Business Units
foreach ($_SESSION['groups'] as $group) {
if ($bu->retrieve_one("property IN ('manager', 'user') AND value=?", '@' . $group)) {
$_SESSION['role'] = $bu->property;
// manager, user
$_SESSION['role_why'] = 'Group "' . $group . '" found in Business Unit ' . $bu->unitid;
$_SESSION['business_unit'] = $bu->unitid;
break;
}
}
}
}
// Set machine_groups
if ($_SESSION['role'] == 'admin' or !$bu_enabled) {
// Can access all defined groups (from machine_group)
// and used groups (from reportdata)
$mg = new Machine_group();
$report = new Reportdata_model();
$_SESSION['machine_groups'] = array_unique(array_merge($report->get_groups(), $mg->get_group_ids()));
} else {
// Only get machine_groups for business unit
$_SESSION['machine_groups'] = $bu->get_machine_groups($bu->unitid);
}
// Show current session info
if ($show) {
$obj = new View();
$obj->view('json', array('msg' => $_SESSION));
}
}