<?php // +-------------------------------------------------+ // © 2002-2004 PMB Services / www.sigb.net pmb@sigb.net et contributeurs (voir www.sigb.net) // +-------------------------------------------------+ // $Id: general.inc.php,v 1.5 2013-04-11 08:02:17 mbertin Exp $ //Administration générale des droits des services externes require_once $class_path . "/external_services.class.php"; require_once $include_path . "/templates/external_services.tpl.php"; $es = new external_services(); $es_rights = new external_services_rights($es); function users_list($group, $method, $users, $parent_users) { global $charset; global $es_rights; global $msg; $list_users = $es_rights->possible_users($group, $method); $count = 0; $result = "<ul>\n"; for ($j = 0; $j < count($list_users); $j++) { if (array_search($list_users[$j], $users) !== false) { //Si l'utilisateur a les droits pour le groupe entier, on ne l'affiche pas dans le détail $group_authorized = in_array($es_rights->users[$list_users[$j]]->userid, $parent_users); if (!$group_authorized) { $page_link_href = 'admin.php?categ=external_services&sub=peruser&iduser='******'#' . urlencode($group) . ($method ? '_' . urlencode($method) : ""); $user_name_display = htmlentities($es_rights->users[$list_users[$j]]->username, ENT_QUOTES, $charset); $result .= "<li><a href=" . $page_link_href . ">" . $user_name_display . "</a></li>\n"; ++$count; } } }
function get_proxy($user, $restrict_use_to_function_list = array()) { if ($this->proxy) { return $this->proxy; } $proxy_desc = array(); $rights = new external_services_rights($this); $proxy = "\nclass es_proxy extends es_base {\n\tvar \$es;\n\tvar \$user" . ($user ? "={$user}" : "") . ";\n\tvar \$isOPAC=false;\n\tvar \$idEmpr=0;\n\tvar \$description=\"\";\n\tvar \$error_callback_function=NULL;\n\tvar \$input_charset='utf-8';\n"; $proxy_method_requires = ""; $proxy_err_calback_set = "\n\t\t\n\tfunction set_error_callback(\$callback_function) {\n\t\t\$this->error_callback_function = \$callback_function;\n\t}\n\t\t"; $proxy_init = "\n\n\tfunction init() {"; //Si on nous soumet une liste de fonctions, il ne faut pas oublier les éventuelles dépendances de celles-ci. if ($restrict_use_to_function_list) { $restrict_use_to_function_list_requirements = array(); foreach ($this->catalog->groups as $group_name => $es_group) { foreach ($es_group->methods as $method_name => $es_method) { if ($restrict_use_to_function_list && !in_array($group_name . '_' . $method_name, $restrict_use_to_function_list)) { continue; } if (!$es_method->recurvised_requirement_list) { continue; } $restrict_use_to_function_list_requirements = array_merge($restrict_use_to_function_list_requirements, $es_method->recurvised_requirement_list); } } if (!$restrict_use_to_function_list_requirements) { $restrict_use_to_function_list_requirements = array(); } $restrict_use_to_function_list = array_merge($restrict_use_to_function_list, $restrict_use_to_function_list_requirements); $restrict_use_to_function_list = array_unique($restrict_use_to_function_list); } $pmb_file_requirements = array(); //Création dess variables des classes correspondantes aux groupes foreach ($this->catalog->groups as $group_name => $es_group) { //Création des fonctions $group_has_method = false; $methods_desc = array(); foreach ($es_group->methods as $method_name => $es_method) { if ($restrict_use_to_function_list && !in_array($group_name . '_' . $method_name, $restrict_use_to_function_list)) { continue; } if (!$es_method->pmb_file_requirements) { $es_method->pmb_file_requirements = array(); } $pmb_file_requirements = array_merge($pmb_file_requirements, $es_method->pmb_file_requirements); //Les droits sont-ils là ? if ($rights->has_rights($user, $group_name, $method_name)) { //Construction des paramètres de la méthode $params = array(); for ($i = 0; $i < count($es_method->inputs); $i++) { $params[] .= "\$" . $es_method->inputs[$i]->name; } $group_has_method = true; $proxy_func .= "\n\tfunction " . $group_name . "_" . $method_name . "(" . implode(",", $params) . ") {\n\t\ttry {\n\t\t\$result = \$this->" . $group_name . "->" . $method_name . "(" . implode(",", $params) . ");\n\t\t} catch(Exception \$e) {\n\t\t\tif (\$this->error_callback_function)\n\t\t\t\tcall_user_func(\$this->error_callback_function, \$e);\n\t\t}\n\t\treturn \$result;\n\t}\n"; $mdesc = array(); $mdesc["name"] = $method_name; $mdesc["description"] = $this->get_text($es_method->description, $group_name); $mdesc["inputs_description"] = $this->get_text($es_method->input_description, $group_name); $mdesc["outputs_description"] = $this->get_text($es_method->output_description, $group_name); $methods_desc[] = $mdesc; } } if ($group_has_method) { //Fonction d'initialisation $proxy_init .= "\n\t\t\$this->" . $group_name . "=new " . $group_name . "(\$this->es, '" . $group_name . "', \$this);"; //Variable pour la classe du groupe $proxy .= "\n\tvar \$" . $group_name . ";"; //Require pour le groupe $proxy_require .= "require_once(\$base_path.\"/external_services/" . $group_name . "/" . $group_name . ".class.php\");\n"; //Description du groupe $gdesc = array(); $gdesc["name"] = $group_name; $gdesc["description"] = $this->get_text($es_group->description, $group_name); $gdesc["methods"] = $methods_desc; $proxy_desc[] = $gdesc; } } $pmb_file_requirements = array_unique($pmb_file_requirements); $name_variable_correspondance = array("class" => '$class_path', "base" => '$base_path', "include" => '$include_path'); foreach ($pmb_file_requirements as $arequirement) { if (!$name_variable_correspondance[$arequirement->start_path]) { continue; } $proxy_method_requires .= 'require_once("' . $name_variable_correspondance[$arequirement->start_path] . '/' . $arequirement->file . '");' . "\n"; } $proxy_init .= "\n\t}\n"; $proxy_end = "\n\tfunction es_proxy(\$external_services) {\n\t\t\$this->es=\$external_services;\n\t\t\$this->init();\n\t}\n}\n"; //Instanciation de la classe proxy ! $proxy = $proxy_method_requires . $proxy_require . $proxy . $proxy_init . $proxy_err_calback_set . $proxy_func . $proxy_end; //Restauration de l'environnement global foreach ($GLOBALS as $var_name => $value) { global ${$var_name}; } //Enregistrons le nom des variables qui existent déjà avant l'eval $before_eval_vars = get_defined_vars(); try { //error_reporting(E_ALL); $re = eval("try { {$proxy} } catch (Exception \$e) { }"); } catch (Exception $e) { //print $e->getMessage(); } $this->proxy = new es_proxy($this); //Affectation des descriptions $this->proxy->description = $proxy_desc; //Affectation du charset global $charset; $this->proxy->input_charset = $charset; //Maintenant nous avons sortir toutes les variables globales générée par l'eval du contexte de la fonction $function_variable_names = array("function_variable_names" => 0, "before_eval_vars" => 0, "created" => 0); $created = array_diff_key(get_defined_vars(), $GLOBALS, $function_variable_names, $before_eval_vars); foreach ($created as $created_name => $on_sen_fiche) { global ${$created_name}; } extract($created); return $this->proxy; }
<?php // +-------------------------------------------------+ // | 2002-2007 PMB Services / www.sigb.net pmb@sigb.net et contributeurs (voir www.sigb.net) // +-------------------------------------------------+ // $Id: peruser.inc.php,v 1.4 2011-09-07 07:40:45 jpermanne Exp $ if (stristr($_SERVER['REQUEST_URI'], ".inc.php")) { die("no access"); } //Initialisation des classes require_once $class_path . "/external_services.class.php"; require_once $include_path . "/templates/external_services.tpl.php"; $es = new external_services(); $es_rights = new external_services_rights($es); //Mise à jour des droits d'un objet en fonction de la demande particulière d'un utilisateur function update_rights_for_user(&$es_r, $val) { global $iduser; //Selon la valeur de $val : 0=pas de droits, 1=droit normal, 2=anonyme switch ($val) { case 0: if ($es_r->anonymous_user == $iduser) { $es_r->anonymous_user = 0; } else { if (array_search($iduser, $es_r->users) !== false) { //Réécriture du tableau des users //Copie $tusers = $es_r->users; $es_r->users = array(); for ($j = 0; $j < count($tusers); $j++) { if ($tusers[$j] != $iduser) {