/**
* Show profile form
*
* @param $items_id integer id of the profile
* @param $target value url of target
*
* @return nothing
**/
function showForm($profiles_id = 0, $openform = TRUE, $closeform = TRUE)
{
echo "<div class='firstbloc'>";
if (($canedit = Session::haveRightsOr(self::$rightname, array(CREATE, UPDATE, PURGE))) && $openform) {
$profile = new Profile();
echo "<form method='post' action='" . $profile->getFormURL() . "'>";
}
$profile = new Profile();
$profile->getFromDB($profiles_id);
$rights = array(array('itemtype' => 'PluginAddressingAddressing', 'label' => __('Generate reports', 'addressing'), 'field' => 'plugin_addressing'));
$profile->displayRightsChoiceMatrix($rights, array('canedit' => $canedit, 'default_class' => 'tab_bg_2', 'title' => __('General')));
echo "<table class='tab_cadre_fixehov'>";
$effective_rights = ProfileRight::getProfileRights($profiles_id, array('plugin_addressing_use_ping_in_equipment'));
echo "<tr class='tab_bg_2'>";
echo "<td width='20%'>" . __('Use ping on equipment form', 'addressing') . "</td>";
echo "<td colspan='5'>";
Html::showCheckbox(array('name' => '_plugin_addressing_use_ping_in_equipment[1_0]', 'checked' => $effective_rights['plugin_addressing_use_ping_in_equipment']));
echo "</td></tr>\n";
echo "</table>";
if ($canedit && $closeform) {
echo "<div class='center'>";
echo Html::hidden('id', array('value' => $profiles_id));
echo Html::submit(_sx('button', 'Save'), array('name' => 'update'));
echo "</div>\n";
Html::closeForm();
}
echo "</div>";
}
static function createFirstAccess($ID)
{
$profileRight = new ProfileRight();
$currentRights = ProfileRight::getProfileRights($ID, array(self::RIGHT_SIMCARD_SIMCARD));
$firstAccessRights = array_merge($currentRights, array(self::RIGHT_SIMCARD_SIMCARD => ALLSTANDARDRIGHT + self::SIMCARD_ASSOCIATE_TICKET + READNOTE + UPDATENOTE));
$profileRight->updateProfileRights($ID, $firstAccessRights);
//Add right to the current session
$_SESSION['glpiactiveprofile'][self::RIGHT_SIMCARD_SIMCARD] = $firstAccessRights[self::RIGHT_SIMCARD_SIMCARD];
$_SESSION['glpiactiveprofile']['helpdesk_item_type'][] = 'PluginSimcardSimcard';
}
/**
* @since 0.85
* Migration rights from old system to the new one for one profile
* @param $profiles_id the profile ID
*/
static function migrateOneProfile($profiles_id)
{
global $DB;
foreach ($DB->request('glpi_plugin_talk_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) {
$matching = array('is_active' => 'plugin_talk_is_active');
$current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching));
foreach ($matching as $old => $new) {
if (!isset($current_rights[$old])) {
$query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'";
$DB->query($query);
}
}
}
}
public static function changeProfile()
{
$general_rights = self::getGeneralRights();
$type_rights = self::getTypesRights();
$db_rights = ProfileRight::getProfileRights($_SESSION['glpiactiveprofile']['id']);
$rights = array_merge($general_rights, $type_rights);
foreach ($rights as $right) {
$str_right = $right['field'];
if (preg_match("/plugin_genericobject_/", $str_right)) {
unset($_SESSION['glpiactiveprofile'][$str_right]);
if (!empty($db_rights) && isset($db_rights[$str_right])) {
$_SESSION['glpiactiveprofile'][$str_right] = $db_rights[$str_right];
}
}
}
}
function post_getFromDB()
{
$this->fields = array_merge($this->fields, ProfileRight::getProfileRights($this->getID()));
}
/**
* @param $report
**/
static function showForReport($report)
{
global $DB;
/* call from front/config.form.php
* $report = "bar" (from reports) or "foo_bar" (other plugins)
*/
if (empty($report) || !Session::haveRight('profile', READ)) {
return false;
}
$current = self::getAllProfilesRights(array("name = 'plugin_reports_{$report}'"));
$canedit = Session::haveRight('profile', UPDATE);
if ($canedit) {
echo "<form action='" . $_SERVER['PHP_SELF'] . "' method='post'>\n";
}
echo "<table class='tab_cadre'>\n";
echo "<tr><th colspan='2'>" . __('Profils rights', 'reports') . "</th></tr>\n";
$query = "SELECT `id`, `name`\n FROM `glpi_profiles`\n ORDER BY `name`";
foreach ($DB->request($query) as $data) {
echo "<tr class='tab_bg_1'><td>" . $data['name'] . " : </td><td>";
$profrights = ProfileRight::getProfileRights($data['id'], array('statistic', 'reports'));
$canstat = isset($profrights['statistic']) && $profrights['statistic'];
$canreport = isset($profrights['reports']) && $profrights['reports'];
if (isStat($report) && $canstat || !isStat($report) && $canreport) {
Profile::dropdownNoneReadWrite($data['id'], isset($current[$data['id']]) ? $current[$data['id']] : 0, 1, 1, 0);
} else {
// Can't access because missing right from GLPI core
// Profile::dropdownNoneReadWrite($mod,'',1,0,0);
echo "<input type='hidden' name='" . $data['id'] . "' value='NULL'>" . __('No access') . " *";
}
echo "</td></tr>\n";
}
echo "<tr class='tab_bg_4'><td colspan='2'>* ";
if (isStat($report)) {
_e('No right on Assistance / Statistics', 'reports');
} else {
_e('No right on Tools / Reports', 'reports');
}
echo "</tr>";
if ($canedit) {
echo "<tr class='tab_bg_1'><td colspan='2' class='center'>";
echo "<input type='hidden' name='report' value='{$report}'>";
echo "<input type='submit' name='update' value='" . _sx('button', 'Update') . "' " . "class='submit'>";
echo "</td></tr>\n";
echo "</table>\n";
Html::closeForm();
} else {
echo "</table>\n";
}
}
/**
* @since 0.85
* Migration rights from old system to the new one for one profile
* @param $profiles_id the profile ID
*/
static function migrateOneProfile($profiles_id)
{
global $DB;
//Cannot launch migration if there's nothing to migrate...
if (!TableExists('glpi_plugin_accounts_profiles')) {
return true;
}
foreach ($DB->request('glpi_plugin_accounts_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) {
$matching = array('accounts' => 'plugin_accounts', 'all_users' => 'plugin_accounts_see_all_users', 'my_groups' => 'plugin_accounts_my_groups', 'open_ticket' => 'plugin_accounts_open_ticket');
$current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching));
foreach ($matching as $old => $new) {
if (!isset($current_rights[$old])) {
$query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'";
$DB->query($query);
}
}
}
}
static function migrateOneProfile($profiles_id)
{
global $DB;
//Cannot launch migration if there's nothing to migrate...
if (!TableExists('glpi_plugin_order_profiles')) {
return true;
}
foreach ($DB->request('glpi_plugin_order_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) {
$matching = array('order' => 'plugin_order_order', 'bill' => 'plugin_order_bill', 'reference' => 'plugin_order_reference', 'validation' => 'plugin_order_validation', 'cancel' => 'plugin_order_cancel', 'undo_validation' => 'plugin_order_undo_validation', 'delivery' => 'plugin_order_delivery', 'generate_order_odt' => 'plugin_order_generate_order_odt', 'open_ticket' => 'plugin_order_open_ticket');
$current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching));
foreach ($matching as $old => $new) {
if (!isset($current_rights[$old])) {
$right = self::translateARight($profile_data[$old]);
switch ($new) {
case 'plugin_order_delivery':
case 'plugin_order_validation':
case 'plugin_order_cancel':
case 'plugin_order_undo_validation':
case 'plugin_order_generate_order_without_validation':
case 'plugin_order_generate_order_odt':
case 'plugin_order_open_ticket':
$right = 0;
if ($profile_data[$old] == 'w') {
$right = 1;
}
break;
}
$query = "UPDATE `glpi_profilerights`\n SET `rights`='" . $right . "'\n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'";
$DB->query($query);
}
}
}
}
/**
* @since 0.85
* Migration rights from old system to the new one for one profile
* @param $profiles_id the profile ID
*/
static function migrateOneProfile($profiles_id)
{
global $DB;
//Cannot launch migration if there's nothing to migrate...
if (!TableExists('glpi_plugin_environment_profiles')) {
return true;
}
foreach ($DB->request('glpi_plugin_environment_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) {
$matching = array('environment' => 'plugin_environment', 'appliances' => 'plugin_environment_appliances', 'webapplications' => 'plugin_environment_webapplications', 'certificates' => 'plugin_environment_certificates', 'accounts' => 'plugin_environment_accounts', 'domains' => 'plugin_environment_domains', 'databases' => 'plugin_environment_databases', 'badges' => 'plugin_environment_badges');
$current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching));
foreach ($matching as $old => $new) {
if (!isset($current_rights[$old])) {
$query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'";
$DB->query($query);
}
}
}
}
/**
*
*
* @since 1.3
**/
static function upgrade(Migration $migration)
{
global $DB;
$table = getTableForItemType(__CLASS__);
switch (plugin_simcard_currentVersion()) {
case '1.3':
$query = "SELECT * FROM `glpi_plugin_simcard_profiles`";
$result = $DB->query($query);
while ($data = $DB->fetch_assoc($result)) {
// Lire les droits dans le nouveau système d'ACLs GLPI 0.85
$current_rights = ProfileRight::getProfileRights($data['profiles_id'], array_values($matching));
$query = "INSERT INTO `glpi_profilerights`\n SET `rights`='" . self::translateARight($data[$old]) . "',\n\t\t\t `profiles_id`='" . $data['profiles_id'] . "',\n\t\t\t `name`='" . self::RIGHT_SIMCARD_SIMCARD . "'";
$DB->query($query) or die($DB->error());
}
$query = "DROP TABLE `glpi_plugin_simcard_profiles`";
$DB->query($query) or die($DB->error());
}
}
/**
* @since 0.85
* Migration rights from old system to the new one for one profile
* @param $profiles_id the profile ID
*/
static function migrateOneProfile($profiles_id)
{
global $DB;
//Cannot launch migration if there's nothing to migrate...
if (!TableExists('glpi_plugin_ocsinventoryng_profiles')) {
return true;
}
foreach ($DB->request('glpi_plugin_ocsinventoryng_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) {
$matching = array('ocsng' => 'plugin_ocsinventoryng', 'sync_ocsng' => 'plugin_ocsinventoryng_sync', 'view_ocsng' => 'plugin_ocsinventoryng_view', 'clean_ocsng' => 'plugin_ocsinventoryng_clean', 'rule_ocs' => 'plugin_ocsinventoryng_rule');
$current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching));
foreach ($matching as $old => $new) {
if (!isset($current_rights[$old])) {
$query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='{$new}' AND `profiles_id`='{$profiles_id}'";
$DB->query($query);
}
}
}
}
/**
* @since 0.85
* Migration rights from old system to the new one for one profile
* @param $profiles_id the profile ID
*/
static function migrateOneProfile($profiles_id)
{
global $DB;
//Cannot launch migration if there's nothing to migrate...
if (!TableExists('glpi_plugin_additionalalerts_profiles')) {
return true;
}
foreach ($DB->request('glpi_plugin_additionalalerts_profiles', "`profiles_id`='{$profiles_id}'") as $profile_data) {
$matching = array('manufacturersimports' => 'plugin_additionalalerts');
$current_rights = ProfileRight::getProfileRights($profiles_id, array_values($matching));
if (!isset($current_rights['plugin_additionalalerts'])) {
$query = "UPDATE `glpi_profilerights` \n SET `rights`='" . self::translateARight($profile_data[$old]) . "' \n WHERE `name`='plugin_additionalalerts' \n AND `profiles_id`='{$profiles_id}'";
$DB->query($query);
}
}
}
/**
* Check if rights for a profile still exists
* @param profiles_id the profile ID
* @param itemtype name of the type
* @return true if exists, no if not
*/
public static function profileExists($profiles_id, $itemtype = false) {
$profile = new Profile();
$profile->getFromDB($profiles_id);
$rights = ProfileRight::getProfileRights($profiles_id);
$itemtype_rightname = self::getProfileNameForItemtype($itemtype);
if($itemtype) {
_log(
"get rights on itemtype ".$itemtype." for profile ".$profile->fields['name'], ':',
isset($rights[$itemtype_rightname]) ? $rights[$itemtype_rightname] : "NONE"
);
return (isset($rights[self::getProfileNameForItemtype($itemtype)]));
}
return true;
///return (countElementsInTable(getTableForItemType(__CLASS__),$condition) >0?true:false);
}
/**
* Check if rights for a profile still exists
* @param profiles_id the profile ID
* @param itemtype name of the type
* @return true if exists, no if not
*/
public static function profileExists($profiles_id, $itemtype = false)
{
$profile = new Profile();
$profile->getFromDB($profiles_id);
$rights = ProfileRight::getProfileRights($profiles_id);
$itemtype_rightname = self::getProfileNameForItemtype($itemtype);
if ($itemtype) {
_log("get rights on itemtype " . $itemtype . " for profile " . $profile->fields['name'], ':', isset($rights[$itemtype_rightname]) ? $rights[$itemtype_rightname] : "NONE");
return isset($rights[self::getProfileNameForItemtype($itemtype)]);
}
return true;
}
