示例#1
0
 /**
  * Determines whether current user is in a group with the specified role.
  *
  * @access public
  * @param mixed $pm_role The role to test for the current user. Role may be specified by name, code or id.
  * @return bool Returns true if user has the role, false if not.
  */
 public function hasGroupRole($ps_role)
 {
     if (!($pn_user_id = $this->getPrimaryKey())) {
         return false;
     }
     $vb_got_role = 0;
     $t_role = new ca_user_roles();
     if (is_numeric($ps_role)) {
         $vb_got_role = $t_role->load($ps_role);
     }
     if (!$vb_got_role) {
         if (!$t_role->load(array("name" => $ps_role))) {
             if (!$t_role->load(array("code" => $ps_role))) {
                 return false;
             }
         }
         $vb_got_role = 1;
     }
     if ($vb_got_role) {
         $o_db = $this->getDb();
         $qr_res = $o_db->query("\n\t\t\t\tSELECT wgr.role_id \n\t\t\t\tFROM ca_groups_x_roles wgr\n\t\t\t\tINNER JOIN ca_users_x_groups AS wuxg ON wuxg.group_id = wgr.group_id \n\t\t\t\tWHERE\n\t\t\t\t\t(wuxg.user_id = ?) AND\n\t\t\t\t\t(wgr.role_id = ?)\n\t\t\t", (int) $pn_user_id, (int) $t_role->getPrimaryKey());
         if ($qr_res->nextRow()) {
             return true;
         } else {
             return false;
         }
     } else {
         $this->postError(940, _t("Invalid role '%1'", $ps_role), "User->hasGroupRole()");
         return false;
     }
 }
 public function getRolesAsDOM()
 {
     $t_role = new ca_user_roles();
     $vo_roles = $this->opo_dom->createElement("roles");
     $qr_roles = $this->opo_db->query("SELECT * FROM ca_user_roles");
     while ($qr_roles->nextRow()) {
         $t_role->load($qr_roles->get("role_id"));
         $vo_role = $this->opo_dom->createElement("role");
         $vo_role->setAttribute("code", $this->makeIDNO($t_role->get("code")));
         $vo_role->appendChild($this->opo_dom->createElement("name", $t_role->get("name")));
         $vo_role->appendChild($this->opo_dom->createElement("description", $t_role->get("description")));
         if (is_array($va_actions = $t_role->getRoleActions())) {
             $vo_actions = $this->opo_dom->createElement("actions");
             foreach ($va_actions as $vs_action) {
                 $vo_actions->appendChild($this->opo_dom->createElement("action", $vs_action));
             }
             $vo_role->appendChild($vo_actions);
         }
         $vo_roles->appendChild($vo_role);
     }
     return $vo_roles;
 }
 public function getRolesAsDOM()
 {
     $t_role = new ca_user_roles();
     $t_list = new ca_lists();
     $t_ui_screens = new ca_editor_ui_screens();
     $vo_roles = $this->opo_dom->createElement("roles");
     $qr_roles = $this->opo_db->query("SELECT * FROM ca_user_roles");
     while ($qr_roles->nextRow()) {
         $t_role->load($qr_roles->get("role_id"));
         $vo_role = $this->opo_dom->createElement("role");
         $vo_role->setAttribute("code", $this->makeIDNO($t_role->get("code")));
         $vo_role->appendChild($this->opo_dom->createElement("name", $t_role->get("name")));
         $vo_role->appendChild($this->opo_dom->createElement("description", $t_role->get("description")));
         if (is_array($va_actions = $t_role->getRoleActions())) {
             $vo_actions = $this->opo_dom->createElement("actions");
             foreach ($va_actions as $vs_action) {
                 $vo_actions->appendChild($this->opo_dom->createElement("action", $vs_action));
             }
             $vo_role->appendChild($vo_actions);
         }
         $va_vars = $t_role->get('vars');
         // add bundle level ACL items
         if (is_array($va_vars['bundle_access_settings'])) {
             $vo_bundle_lvl_ac = $this->opo_dom->createElement("bundleLevelAccessControl");
             foreach ($va_vars['bundle_access_settings'] as $vs_bundle => $vn_val) {
                 $va_tmp = explode('.', $vs_bundle);
                 $vs_table_name = $va_tmp[0];
                 $vs_bundle_name = $va_tmp[1];
                 if ($t_ui_screens->isAvailableBundle($vs_table_name, $vs_bundle_name)) {
                     // only add this entry to the export if it's actually a valid bundle
                     $vs_access = $this->_convertACLConstantToString(intval($vn_val));
                     $vo_permission = $this->opo_dom->createElement("permission");
                     $vo_bundle_lvl_ac->appendChild($vo_permission);
                     $vo_permission->setAttribute('table', $vs_table_name);
                     $vo_permission->setAttribute('bundle', $vs_bundle_name);
                     $vo_permission->setAttribute('access', $vs_access);
                 }
             }
             $vo_role->appendChild($vo_bundle_lvl_ac);
         }
         // add type level ACL items
         if (is_array($va_vars['type_access_settings'])) {
             $vo_type_lvl_ac = $this->opo_dom->createElement("typeLevelAccessControl");
             foreach ($va_vars['type_access_settings'] as $vs_id => $vn_val) {
                 $va_tmp = explode('.', $vs_id);
                 $vs_table_name = $va_tmp[0];
                 $vn_type_id = $va_tmp[1];
                 $vs_access = $this->_convertACLConstantToString(intval($vn_val));
                 /** @var BaseModelWithAttributes $t_instance */
                 $t_instance = $this->opo_dm->getInstanceByTableName($vs_table_name, true);
                 if (!($vs_list_code = $t_instance->getTypeListCode())) {
                     continue;
                 }
                 $va_item = $t_list->getItemFromListByItemID($vs_list_code, $vn_type_id);
                 if (!isset($va_item['idno'])) {
                     continue;
                 }
                 $vo_permission = $this->opo_dom->createElement("permission");
                 $vo_type_lvl_ac->appendChild($vo_permission);
                 $vo_permission->setAttribute('table', $vs_table_name);
                 $vo_permission->setAttribute('type', $va_item['idno']);
                 $vo_permission->setAttribute('access', $vs_access);
             }
             $vo_role->appendChild($vo_type_lvl_ac);
         }
         $vo_roles->appendChild($vo_role);
     }
     return $vo_roles;
 }
 /**
  * Determines whether current group has a specified role.
  *
  * @access public
  * @param mixed $pm_role The role to test for the current group. Role may be specified by name, code or id.
  * @return bool Returns true if group has the role, false if not.
  */
 function hasGroupRole($ps_role)
 {
     if (!($vn_group_id = $this->getPrimaryKey())) {
         return false;
     }
     $vb_got_role = 0;
     $t_role = new ca_user_roles();
     if (is_numeric($ps_role)) {
         $vb_got_role = $t_role->load($ps_role);
     }
     if (!$vb_got_role) {
         if (!$t_role->load(array("name" => $ps_role))) {
             if (!$t_role->load(array("code" => $ps_role))) {
                 return false;
             }
         }
         $vb_got_role = 1;
     }
     if ($vb_got_role) {
         $o_db = $this->getDb();
         $qr_res = $o_db->query("\n\t\t\t\tSELECT * \n\t\t\t\tFROM ca_groups_x_roles\n\t\t\t\tWHERE\n\t\t\t\t\t(group_id = ?) AND\n\t\t\t\t\t(role_id = ?)\n\t\t\t", (int) $vn_group_id, (int) $t_role->getPrimaryKey());
         if (!$qr_res) {
             return false;
         }
         if ($qr_res->nextRow()) {
             return true;
         } else {
             return false;
         }
     } else {
         $this->postError(940, _t("Invalid role '%1'", $ps_role), "ca_user_groups->hasRole()");
         return false;
     }
 }