Пример #1
0
 /**
  * Crear el nodo con metainformación del archivo XML
  *
  * @throws SPException
  */
 private function createMeta()
 {
     try {
         $nodeMeta = $this->_xml->createElement('Meta');
         $metaGenerator = $this->_xml->createElement('Generator', 'sysPass');
         $metaVersion = $this->_xml->createElement('Version', implode('.', Util::getVersion()));
         $metaTime = $this->_xml->createElement('Time', time());
         $metaUser = $this->_xml->createElement('User', Session::getUserLogin());
         $metaUser->setAttribute('id', Session::getUserId());
         $metaGroup = $this->_xml->createElement('Group', Session::getUserGroupName());
         $metaGroup->setAttribute('id', Session::getUserGroupId());
         $nodeMeta->appendChild($metaGenerator);
         $nodeMeta->appendChild($metaVersion);
         $nodeMeta->appendChild($metaTime);
         $nodeMeta->appendChild($metaUser);
         $nodeMeta->appendChild($metaGroup);
         $this->_root->appendChild($nodeMeta);
     } catch (\DOMException $e) {
         throw new SPException(SPException::SP_WARNING, $e->getMessage(), __FUNCTION__);
     }
 }
Пример #2
0
 /**
  * Obtiene el número de cuentas que un usuario puede ver.
  *
  * @return false|int con el número de registros
  */
 public function getAccountMax()
 {
     $data = null;
     if (!Session::getUserIsAdminApp() && !Session::getUserIsAdminAcc()) {
         $query = 'SELECT COUNT(DISTINCT account_id) as numacc ' . 'FROM accounts ' . 'LEFT JOIN accGroups ON account_id = accgroup_accountId ' . 'WHERE account_userGroupId = :userGroupId ' . 'OR account_userId = :userId ' . 'OR accgroup_groupId = :groupId';
         $data['userGroupId'] = Session::getUserGroupId();
         $data['groupId'] = Session::getUserGroupId();
         $data['userId'] = Session::getUserId();
     } else {
         $query = "SELECT COUNT(*) as numacc FROM accounts";
     }
     $queryRes = DB::getResults($query, __FUNCTION__, $data);
     if ($queryRes === false) {
         return false;
     }
     return $queryRes->numacc;
 }
Пример #3
0
 /**
  * Añadir una cuenta desde un archivo importado.
  *
  * @return bool
  */
 protected function addAccount()
 {
     if (is_null($this->getUserId()) || $this->getUserId() === 0) {
         $this->setUserId(Session::getUserId());
     }
     if (is_null($this->getUserGroupId()) || $this->getUserGroupId() === 0) {
         $this->setUserGroupId(Session::getUserGroupId());
     }
     $account = new Account();
     $account->setAccountName($this->getAccountName());
     $account->setAccountCustomerId($this->getCustomerId());
     $account->setAccountCategoryId($this->getCategoryId());
     $account->setAccountLogin($this->getAccountLogin());
     $account->setAccountUrl($this->getAccountUrl());
     $account->setAccountPass($this->getAccountPass());
     $account->setAccountIV($this->getAccountPassIV());
     $account->setAccountNotes($this->getAccountNotes());
     $account->setAccountUserId($this->getUserId());
     $account->setAccountUserGroupId($this->getUserGroupId());
     return $account->createAccount();
 }
Пример #4
0
 /**
  * Comprueba los permisos de acceso a una cuenta.
  *
  * @param string $module      con la acción realizada
  * @param array  $accountData con los datos de la cuenta a verificar
  * @return bool
  */
 public static function checkAccountAccess($module, $accountData)
 {
     $userGroupId = Session::getUserGroupId();
     $userId = Session::getUserId();
     $userIsAdminApp = Session::getUserIsAdminApp();
     $userIsAdminAcc = Session::getUserIsAdminAcc();
     $userToGroups = in_array($userGroupId, Groups::getUsersForGroup($accountData['group_id']));
     if ($userToGroups === false) {
         foreach ($accountData['groups_id'] as $groupId) {
             $users = Groups::getUsersForGroup($groupId);
             if ($userGroupId === $groupId || in_array($userId, $users)) {
                 $userToGroups = true;
             }
         }
     }
     $okView = $userId == $accountData['user_id'] || $userGroupId == $accountData['group_id'] || in_array($userId, $accountData['users_id']) || $userToGroups || $userIsAdminApp || $userIsAdminAcc;
     $okEdit = $userId == $accountData['user_id'] || $userGroupId == $accountData['group_id'] || in_array($userId, $accountData['users_id']) && $accountData['otheruser_edit'] || $userToGroups && $accountData['othergroup_edit'] || $userIsAdminApp || $userIsAdminAcc;
     switch ($module) {
         case self::ACTION_ACC_VIEW:
         case self::ACTION_ACC_VIEW_PASS:
         case self::ACTION_ACC_VIEW_HISTORY:
         case self::ACTION_ACC_COPY:
             return $okView;
         case self::ACTION_ACC_EDIT:
         case self::ACTION_ACC_DELETE:
         case self::ACTION_ACC_EDIT_PASS:
             return $okEdit;
     }
     return false;
 }