diff --git a/core/trunk/core/class/Security.php b/core/trunk/core/class/Security.php
index c84e6ac654dd0ead555961d1961ec4a4885a3d1d..020381d122796421d4a45d127971e1b38706d013 100644
--- a/core/trunk/core/class/Security.php
+++ b/core/trunk/core/class/Security.php
@@ -20,8 +20,8 @@
/**
* @brief Contains the Security Object (herits of the BaseObject class)
-*
-*
+*
+*
* @file
* @author Claire Figueras <dev@maarch.org>
* @date $date$
@@ -37,7 +37,7 @@ try {
}
/**
-* @brief Security Object, herits of the BaseObject class
+* @brief Security Object, herits of the BaseObject class
*
* @ingroup core
*/
@@ -50,8 +50,8 @@ class SecurityObj extends BaseObject
*/
function __toString()
{
- return $this->maarch_comment ;
+ return $this->maarch_comment ;
}
}
-?>
+
diff --git a/core/trunk/core/class/SecurityControler.php b/core/trunk/core/class/SecurityControler.php
index 209b28cea4900872bb1d0cbd0980fd47753dcd21..efbcb1c2bd45ba4cefadd1ac79cf9e756150f298 100644
--- a/core/trunk/core/class/SecurityControler.php
+++ b/core/trunk/core/class/SecurityControler.php
@@ -29,25 +29,17 @@
* @ingroup core
*/
-
-// To activate de debug mode of the class
-$_ENV['DEBUG'] = false;
-/*
-define("_CODE_SEPARATOR","/");
-define("_CODE_INCREMENT",1);
-*/
-
// Loads the required class
try {
- require_once('core/core_tables.php');
- require_once('core/class/class_db.php');
- require_once('core/class/users_controler.php');
- require_once('core/class/session_security_controler.php');
- require_once('core/class/Security.php');
- if (!defined('_CLASSIFICATION_SCHEME_VIEW')) {
+ require_once 'core/core_tables.php';
+ require_once 'core/class/class_db.php';
+ require_once 'core/class/users_controler.php';
+ require_once 'core/class/session_security_controler.php';
+ require_once 'core/class/Security.php';
+ if (! defined('_CLASSIFICATION_SCHEME_VIEW')) {
define('_CLASSIFICATION_SCHEME_VIEW', 'mr_classification_scheme_view');
}
-} catch (Exception $e){
+} catch (Exception $e) {
echo $e->getMessage() . ' // ';
}
@@ -58,78 +50,44 @@ try {
* <li>Get an security object from an id</li>
* <li>Save in the database a security</li>
* <li>Manage the operation on the security table in the database
-* (insert, select, update, delete)</li>
+* (_insert, select, _update, delete)</li>
*</ul>
* @ingroup core
*/
-class SecurityControler
-{
- /**
- * Dbquery object used to connnect to the database
- */
- private static $db;
-
- /**
- * Security table
- */
- private static $security_table;
- /**
- * Opens a database connexion and values the tables variables
- */
- public function connect()
- {
- $db = new dbquery();
- $db->connect();
-
- self::$security_table = SECURITY_TABLE;
- self::$db=$db;
- }
-
-
- /**
- * Close the database connexion
- */
- public function disconnect()
- {
- self::$db->disconnect();
- }
-
+class SecurityControler
+{
/**
* Returns an Security Object based on a security identifier
*
- * @param $security_id string Security identifier
+ * @param $securityId string Security identifier
* @return Security object with properties from the database or null
*/
- public function get($security_id)
+ public function get($securityId)
{
- if(empty($security_id))
+ if (empty($securityId)) {
return null;
+ }
+ $db = new dbquery();
+ $db->connect();
- self::connect();
-
- $query = "select * from ".self::$security_table." where security_id = ".$security_id;
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
+ $query = "select * from " . SECURITY_TABLE . " where security_id = "
+ . $securityId;
+ try {
+ $db->query($query);
} catch (Exception $e){
- echo _NO_ACCESS_WITH_ID.' '.$security_id.' // ';
+ echo _NO_ACCESS_WITH_ID . ' ' . $securityId . ' // ';
}
- if(self::$db->nb_result() > 0)
- {
- $access=new SecurityObj();
- $queryResult=self::$db->fetch_object();
- foreach($queryResult as $key => $value){
- $access->$key=$value;
+ if ($db->nb_result() > 0) {
+ $access = new SecurityObj();
+ $queryResult = $db->fetch_object();
+ foreach ($queryResult as $key => $value) {
+ $access->$key = $value;
}
- self::disconnect();
return $access;
- }
- else
- {
- self::disconnect();
+ } else {
return null;
}
}
@@ -137,38 +95,36 @@ class SecurityControler
/**
* Returns all security object for a given usergroup
*
- * @param $group_id string Usergroup identifier
+ * @param $groupId string Usergroup identifier
* @return Array of security objects or null
*/
- public function getAccessForGroup($group_id)
+ public function getAccessForGroup($groupId)
{
- if(empty($group_id))
+ if (empty($groupId)) {
return null;
-
- self::connect();
+ }
+ $db = new dbquery();
+ $db->connect();
// Querying database
- $query = "select * from ".self::$security_table." where group_id = '".$group_id."'";
+ $query = "select * from " . SECURITY_TABLE . " where group_id = '"
+ . $groupId . "'";
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- } catch (Exception $e){
- echo _NO_GROUP_WITH_ID.' '.$group_id.' // ';
+ try {
+ $db->query($query);
+ } catch (Exception $e) {
+ echo _NO_GROUP_WITH_ID . ' ' . $groupId . ' // ';
}
$security = array();
- if(self::$db->nb_result() > 0)
- {
- while($queryResult = self::$db->fetch_object())
- {
- $access=new SecurityObj();
- foreach($queryResult as $key => $value){
- $access->$key=$value;
+ if ($db->nb_result() > 0) {
+ while ($queryResult = $db->fetch_object()) {
+ $access = new SecurityObj();
+ foreach ($queryResult as $key => $value) {
+ $access->$key = $value;
}
array_push($security, $access);
}
}
- self::disconnect();
return $security;
}
@@ -181,13 +137,15 @@ class SecurityControler
*/
public function save($security, $mode="add")
{
- if(!isset($security))
+ if (! isset($security)) {
return false;
+ }
- if($mode == "up")
- return self::update($security);
- elseif($mode == "add")
- return self::insert($security);
+ if ($mode == "up") {
+ return $this->_update($security);
+ } else if ($mode == "add") {
+ return $this->_insert($security);
+ }
return false;
}
@@ -196,30 +154,26 @@ class SecurityControler
* Inserts in the database (security table) a Security object
*
* @param $security Security object
- * @return bool true if the insertion is complete, false otherwise
+ * @return bool true if the _insertion is complete, false otherwise
*/
- private function insert($security)
+ private function _insert($security)
{
- if(!isset($security))
+ if (! isset($security)) {
return false;
+ }
+ $db = new dbquery();
+ $db->connect();
+ $prepQuery = $this->_insertPrepare($security);
- self::connect();
- $prep_query = self::insert_prepare($security);
-
- $query="insert into ".self::$security_table." ("
- .$prep_query['COLUMNS']
- .") values("
- .$prep_query['VALUES']
- .")";
- try{
- if($_ENV['DEBUG']){ echo $query.' // '; }
- self::$db->query($query);
+ $query = "insert into " . SECURITY_TABLE . " (" . $prepQuery['COLUMNS']
+ . ") values (" . $prepQuery['VALUES'] . ")";
+ try {
+ $db->query($query);
$ok = true;
- } catch (Exception $e){
- echo _CANNOT_INSERT_ACCESS." ".$security->toString().' // ';
+ } catch (Exception $e) {
+ echo _CANNOT_INSERT_ACCESS . " " . $security->toString() . ' // ';
$ok = false;
}
- self::disconnect();
return $ok;
}
@@ -227,158 +181,158 @@ class SecurityControler
* Updates a security in the database (security table) with a Security object
*
* @param $security Security object
- * @return bool true if the update is complete, false otherwise
+ * @return bool true if the _update is complete, false otherwise
*/
- private function update($security)
+ private function _update($security)
{
- if(!isset($security))
+ if (! isset($security)) {
return false;
+ }
+ $db = new dbquery();
+ $db->connect();
+ $query = "update " . SECURITY_TABLE . " set "
+ . $this->_updatePrepare($security) . " where security_id="
+ . $security->security_id;
- self::connect();
- $query="update ".self::$security_table." set "
- .self::update_prepare($security)
- ." where security_id=".$security->security_id;
-
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
+ try {
+ $db->query($query);
$ok = true;
- } catch (Exception $e){
- echo _CANNOT_UPDATE_ACCESS." ".$security->toString().' // ';
+ } catch (Exception $e) {
+ echo _CANNOT_UPDATE_ACCESS . " " . $security->toString() . ' // ';
$ok = false;
}
- self::disconnect();
return $ok;
}
/**
* Deletes in the database (security table) a given security
*
- * @param $security_id string Security identifier
+ * @param $securityId string Security identifier
* @return bool true if the deletion is complete, false otherwise
*/
- public function delete($security_id)
+ public function delete($securityId)
{
- if(!isset($security_id)|| empty($security_id) )
+ if (! isset($securityId) || empty($securityId)) {
return false;
-
- self::connect();
- $query="delete from ".self::$security_table." where security_id=".$security_id;
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
+ }
+ $db = new dbquery();
+ $db->connect();
+ $query = "delete from " . SECURITY_TABLE . " where security_id="
+ . $securityId;
+ try {
+ $db->query($query);
$ok = true;
- } catch (Exception $e){
- echo _CANNOT_DELETE_SECURITY_ID." ".$security_id.' // ';
+ } catch (Exception $e) {
+ echo _CANNOT_DELETE_SECURITY_ID . " " . $securityId . ' // ';
$ok = false;
}
- self::disconnect();
return $ok;
}
/**
* Deletes in the database (security table) all security of a given usergroup
*
- * @param $group_id string Usergroup identifier
+ * @param $groupId string Usergroup identifier
* @return bool true if the deletion is complete, false otherwise
*/
- public function deleteForGroup($group_id)
+ public function deleteForGroup($groupId)
{
- if(!isset($group_id)|| empty($group_id) )
+ if (! isset($groupId) || empty($groupId)) {
return false;
-
- self::connect();
- $query="delete from ".self::$security_table." where group_id='".$group_id."'";
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
+ }
+ $db = new dbquery();
+ $db->connect();
+ $query = "delete from " . SECURITY_TABLE . " where group_id='"
+ . $groupId . "'";
+ try {
+ $db->query($query);
$ok = true;
- } catch (Exception $e){
- echo _CANNOT_DELETE.' '._GROUP_ID." ".$group_id.' // ';
+ } catch (Exception $e) {
+ echo _CANNOT_DELETE . ' ' . _GROUP_ID . " " . $groupId . ' // ';
$ok = false;
}
- self::disconnect();
return $ok;
}
/**
- * Prepares the update query for a given Security object
+ * Prepares the _update query for a given Security object
*
* @param $security Security object
* @return String containing the fields and the values
*/
- private function update_prepare($security)
+ private function _updatePrepare($security)
{
- $result=array();
- foreach($security->getArray() as $key => $value)
- {
- // For now all fields in the usergroups table are strings or date excepts the security_id
- if(!empty($value))
- {
- if($key <> 'security_id')
- $result[]=$key."='".$value."'";
+ $result = array();
+ foreach ($security->getArray() as $key => $value) {
+ // For now all fields in the usergroups table are strings or date
+ // excepts the security_id
+ if (! empty($value)) {
+ if ($key <> 'security_id') {
+ $result[] = $key . "='" . $value . "'";
+ }
}
}
// Return created string minus last ", "
- return implode(",",$result);
+ return implode(",", $result);
}
/**
- * Prepares the insert query for a given Security object
+ * Prepares the _insert query for a given Security object
*
* @param $security Security object
* @return Array containing the fields and the values
*/
- private function insert_prepare($security)
+ private function _insertPrepare($security)
{
- $columns=array();
- $values=array();
- foreach($security->getArray() as $key => $value)
- {
- // For now all fields in the usergroups table are strings or date excepts the security_id
- if(!empty($value))
- {
- if($key <> 'security_id')
- {
- $columns[]=$key;
- $values[]="'".$value."'";
+ $columns = array();
+ $values = array();
+ foreach ($security->getArray() as $key => $value) {
+ // For now all fields in the security table are strings
+ // or date excepts the security_id
+ if (! empty($value)) {
+ if ($key <> 'security_id') {
+ $columns[] = $key;
+ $values[] = "'" . $value . "'";
}
}
}
- return array('COLUMNS' => implode(",",$columns), 'VALUES' => implode(",",$values));
+ return array(
+ 'COLUMNS' => implode(",", $columns),
+ 'VALUES' => implode(",", $values),
+ );
}
- public function check_where_clause($coll_id, $target, $where_clause,
- $view, $user_id)
+ public function check_where_clause($collId, $target, $whereClause,
+ $view, $userId)
{
$res = array(
'RESULT' => false,
- 'TXT' => ''
+ 'TXT' => '',
);
- if (empty($coll_id) || empty($target) || empty($where_clause)) {
+ if (empty($collId) || empty($target) || empty($whereClause)) {
$res['TXT'] = _ERROR_PARAMETERS_FUNCTION;
return $res;
}
-
- $where = ' ' . $where_clause;
+ $where = ' ' . $whereClause;
$where = str_replace('\\', '', $where);
- $where = self::process_security_where_clause($where, $user_id);
- if(str_replace(' ', '', $where) == ''){
+ $where = $this->process_security_where_clause($where, $userId);
+ if (str_replace(' ', '', $where) == '') {
$where = '';
}
$where = str_replace('where', ' ', $where);
- self::connect();
+ $db = new dbquery();
+ $db->connect();
if ($target == 'ALL' || $target == 'DOC') {
$query = 'select res_id from ' . $view . ' where ' . $where;
}
- if($target == 'ALL' || $target == 'CLASS'){
+ if ($target == 'ALL' || $target == 'CLASS') {
$query = 'select mr_aggregation_id from ' . $view
. ' where '. $where;
}
- $ok = self::$db->query($query, true);
+ $ok = $db->query($query, true);
if (!$ok) {
$res['TXT'] = _SYNTAX_ERROR_WHERE_CLAUSE;
return $res;
@@ -386,52 +340,58 @@ class SecurityControler
$res['TXT'] = _SYNTAX_OK;
$res['RESULT'] = true;
}
- self::disconnect();
return $res;
}
/**
- * Process a where clause, using the process_where_clause methods of the modules, the core and the apps
+ * Process a where clause, using the process_where_clause methods of the
+ * modules, the core and the apps
*
- * @param $where_clause string Where clause to process
- * @param $user_id string User identifier
+ * @param $whereClause string Where clause to process
+ * @param $userId string User identifier
* @return string Proper where clause
*/
- public function process_security_where_clause($where_clause, $user_id)
+ public function process_security_where_clause($whereClause, $userId)
{
- if(!empty($where_clause))
- {
- $where = ' where '.$where_clause;
-
+ if (! empty($whereClause)) {
+ $where = ' where ' . $whereClause;
// Process with the core vars
- $where = self::process_where_clause($where, $user_id);
-
+ $where = $this->process_where_clause($where, $userId);
// Process with the modules vars
- foreach(array_keys($_SESSION['modules_loaded']) as $key)
- {
- $path_module_tools = $_SESSION['modules_loaded'][$key]['path']."class".DIRECTORY_SEPARATOR."class_modules_tools.php";
- require_once($path_module_tools);
- $object = new $key;
- if(method_exists($object, 'process_where_clause'))
- {
- $where = $object->process_where_clause($where, $user_id);
+ foreach (array_keys($_SESSION['modules_loaded']) as $key) {
+ $pathModuleTools = $_SESSION['modules_loaded'][$key]['path']
+ . "class" . DIRECTORY_SEPARATOR
+ . "class_modules_tools.php";
+ if (file_exists($pathModuleTools)) {
+ require_once($pathModuleTools);
+ if (class_exists($key)) {
+ $object = new $key;
+ if (method_exists(
+ $object, 'process_where_clause'
+ ) == true
+ ) {
+ $where = $object->process_where_clause(
+ $where, $userId
+ );
+ }
+ }
}
}
+
$where = preg_replace('/, ,/', ',', $where);
$where = preg_replace('/\( ?,/', '(', $where);
$where = preg_replace('/, ?\)/', ')', $where);
// Process with the apps vars
- require_once('apps'.DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR.'class'.DIRECTORY_SEPARATOR.'class_business_app_tools.php');
+ require_once 'apps' . DIRECTORY_SEPARATOR
+ . $_SESSION['config']['app_id'] . DIRECTORY_SEPARATOR . 'class'
+ . DIRECTORY_SEPARATOR . 'class_business_app_tools.php';
$object = new business_app_tools();
- if(method_exists($object, 'process_where_clause'))
- {
- $where = $object->process_where_clause($where, $user_id);
+ if (method_exists($object, 'process_where_clause')) {
+ $where = $object->process_where_clause($where, $userId);
}
return $where;
- }
- else
- {
+ } else {
return '';
}
}
@@ -439,111 +399,131 @@ class SecurityControler
/**
* Process a where clause with the core specific vars
*
- * @param $where_clause string Where clause to process
- * @param $user_id string User identifier
+ * @param $whereClause string Where clause to process
+ * @param $userId string User identifier
* @return string Proper where clause
*/
- public function process_where_clause($where_clause, $user_id)
+ public function process_where_clause($whereClause, $userId)
{
- $where = $where_clause;
- if(preg_match('/@user/', $where_clause))
- {
- $where = str_replace("@user","'".trim($user_id)."'", $where_clause);
+ $where = $whereClause;
+ if (preg_match('/@user/', $whereClause)) {
+ $where = str_replace(
+ "@user", "'" . trim($userId) . "'", $whereClause
+ );
}
return $where;
}
/**
- * Loads into session, the security parameters corresponding to the user groups.
+ * Loads into session, the security parameters corresponding to the user
+ * groups.
*
- * @param $user_id string User Identifier
+ * @param $userId string User Identifier
*/
- public function load_security($user_id)
+ public function load_security($userId)
{
$tab['collections'] = array();
$tab['security'] = array();
$func = new functions();
- self::connect();
+ $db = new dbquery();
+ $db->connect();
- if($user_id == "superadmin")
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
+ if ($userId == "superadmin") {
+ for ($i = 0; $i < count($_SESSION['collections']); $i ++) {
$tab['security'][ $_SESSION['collections'][$i]['id']] = array();
- foreach(array_keys($_ENV['targets']) as $key)
- {
- $tab['security'][ $_SESSION['collections'][$i]['id']][$key] = array('table' => $_SESSION['collections'][$i]['table'], 'label_coll' => $_SESSION['collections'][$i]['label'],'view' => $_SESSION['collections'][$i]['view'], 'where' =>" (1=1) ");
+ foreach (array_keys($_ENV['targets']) as $key) {
+ $tab['security'][ $_SESSION['collections'][$i]['id']][$key] = array(
+ 'table' => $_SESSION['collections'][$i]['table'],
+ 'label_coll' => $_SESSION['collections'][$i]['label'],
+ 'view' => $_SESSION['collections'][$i]['view'],
+ 'where' => " (1=1) ",
+ );
}
- array_push($tab['collections'], $_SESSION['collections'][$i]['id']);
+ array_push(
+ $tab['collections'], $_SESSION['collections'][$i]['id']
+ );
}
- }
- else
- {
+ } else {
$uc = new users_controler();
- $groups = $uc->getGroups($user_id);
+ $groups = $uc->getGroups($userId);
$access = array();
- for($i=0; $i<count($groups); $i++)
- {
- $tmp = self::getAccessForGroup($groups[$i]['GROUP_ID']);
- for($j=0; $j<count($tmp);$j++)
- {
+ for ($i = 0; $i < count($groups); $i ++) {
+ $tmp = $this->getAccessForGroup($groups[$i]['GROUP_ID']);
+ for ($j = 0; $j < count($tmp);$j ++) {
array_push($access, $tmp[$j]);
}
}
- for($i=0; $i<count($access); $i++)
- {
+ for ($i = 0; $i < count($access); $i ++) {
// TO DO : vérifier les dates
- $start_date = $access[$i]->__get('mr_start_date');
- $stop_date = $access[$i]->__get('mr_stop_date');
+ $startDate = $access[$i]->__get('mr_start_date');
+ $stopDate = $access[$i]->__get('mr_stop_date');
$target = $access[$i]->__get('where_target');
- $coll_id = $access[$i]->__get('coll_id');
- $where_clause = $access[$i]->__get('where_clause');
- $where_clause = self::process_security_where_clause($where_clause, $user_id);
- $where_clause = str_replace('where', '', $where_clause);
+ $collId = $access[$i]->__get('coll_id');
+ $whereClause = $access[$i]->__get('where_clause');
+ $whereClause = $this->process_security_where_clause(
+ $whereClause, $userId
+ );
+ $whereClause = str_replace('where', '', $whereClause);
- $ind = self::get_ind_collection($coll_id);
+ $ind = $this->get_ind_collection($collId);
- if(trim($where_clause) == "")
+ if (trim($whereClause) == "") {
$where = "-1";
- else
- $where = "( ".$func->show_string($where_clause)." )";
-
- if( ! in_array($coll_id, $tab['collections'] ) )
- {
- $tab['security'][$coll_id] = array();
-
- if($target == 'ALL')
- {
- foreach(array_keys($_ENV['targets']) as $key)
- {
- $tab['security'][$coll_id][$key] = array('table' => $_SESSION['collections'][$ind]['table'], 'label_coll' => $_SESSION['collections'][$ind]['label'],'view' => $_SESSION['collections'][$ind]['view'], 'where' => $where);
- }
- }
- else
- {
- $tab['security'][$coll_id][$target] = array('table' => $_SESSION['collections'][$ind]['table'], 'label_coll' => $_SESSION['collections'][$ind]['label'],'view' => $_SESSION['collections'][$ind]['view'], 'where' => $where);
- }
- array_push($tab['collections'] ,$coll_id);
+ } else {
+ $where = "( " . $func->show_string($whereClause) . " )";
}
- else
- {
- if(isset($tab['security'][$coll_id][$target]) && count($tab['security'][$coll_id][$target]) > 0)
- $tab['security'][ $coll_id][$target]['where'] .= " or ".$where;
- elseif($target == 'ALL')
- {
- foreach(array_keys($_ENV['targets']) as $key)
- {
- if(isset($tab['security'][$coll_id][$key]) && count($tab['security'][$coll_id][$key]) > 0)
- $tab['security'][$coll_id][$key]['where'] .= " or ".$where;
- else
- $tab['security'][$coll_id][$key] = array('table' => $_SESSION['collections'][$ind]['table'], 'label_coll' => $_SESSION['collections'][$ind]['label'],'view' => $_SESSION['collections'][$ind]['view'], 'where' => $where);
+ if (! in_array($collId, $tab['collections'])) {
+ $tab['security'][$collId] = array();
+
+ if ($target == 'ALL') {
+ foreach (array_keys($_ENV['targets']) as $key) {
+ $tab['security'][$collId][$key] = array(
+ 'table' => $_SESSION['collections'][$ind]['table'],
+ 'label_coll' => $_SESSION['collections'][$ind]['label'],
+ 'view' => $_SESSION['collections'][$ind]['view'],
+ 'where' => $where,
+ );
}
+ } else {
+ $tab['security'][$collId][$target] = array(
+ 'table' => $_SESSION['collections'][$ind]['table'],
+ 'label_coll' => $_SESSION['collections'][$ind]['label'],
+ 'view' => $_SESSION['collections'][$ind]['view'],
+ 'where' => $where,
+ );
}
- else
- {
- $tab['security'][$coll_id][$target] = array('table' => $_SESSION['collections'][$ind]['table'], 'label_coll' => $_SESSION['collections'][$ind]['label'],'view' => $_SESSION['collections'][$ind]['view'], 'where' => $where);
+ array_push($tab['collections'], $collId);
+ } else {
+ if (isset($tab['security'][$collId][$target])
+ && count($tab['security'][$collId][$target]) > 0
+ ) {
+ $tab['security'][ $collId][$target]['where'] .= " or "
+ . $where;
+ } else if ($target == 'ALL') {
+ foreach (array_keys($_ENV['targets']) as $key) {
+ if (isset($tab['security'][$collId][$key])
+ && count($tab['security'][$collId][$key]) > 0
+ ) {
+ $tab['security'][$collId][$key]['where'] .= " or "
+ . $where;
+ } else {
+ $tab['security'][$collId][$key] = array(
+ 'table' => $_SESSION['collections'][$ind]['table'],
+ 'label_coll' => $_SESSION['collections'][$ind]['label'],
+ 'view' => $_SESSION['collections'][$ind]['view'],
+ 'where' => $where,
+ );
+ }
+ }
+ } else {
+ $tab['security'][$collId][$target] = array(
+ 'table' => $_SESSION['collections'][$ind]['table'],
+ 'label_coll' => $_SESSION['collections'][$ind]['label'],
+ 'view' => $_SESSION['collections'][$ind]['view'],
+ 'where' => $where,
+ );
}
}
}
@@ -554,15 +534,14 @@ class SecurityControler
/**
* Gets the indice of the collection in the $_SESSION['collections'] array
*
- * @param $coll_id string Collection identifier
- * @return integer Indice of the collection in the $_SESSION['collections'] or -1 if not found
+ * @param $collId string Collection identifier
+ * @return integer Indice of the collection in the $_SESSION['collections']
+ * or -1 if not found
*/
- public function get_ind_collection($coll_id)
+ public function get_ind_collection($collId)
{
- for($i=0;$i< count($_SESSION['collections']); $i++)
- {
- if(trim($_SESSION['collections'][$i]['id']) == trim($coll_id))
- {
+ for ($i = 0; $i < count($_SESSION['collections']); $i ++) {
+ if (trim($_SESSION['collections'][$i]['id']) == trim($collId)) {
return $i;
}
}
@@ -570,26 +549,23 @@ class SecurityControler
}
-/**
- * Give action bitmask for given $user_id over given
+ /**
+ * Give action bitmask for given $userId over given
* object
- * @param varchar(32) $user_id
- * @param bigint $object_id
+ * @param varchar(32) $userId
+ * @param bigint $objectId
* @return bitmask
*/
- public function getActions($user_id,$object_id, $object_type = 'aggregation')
+ public function getActions($userId, $objectId, $objectType='aggregation')
{
- $Ctrl = new session_security_controler();
+ $ctrl = new session_security_controler();
// Select from security session table
- $session_sec = $Ctrl->get($user_id);
- if($session_sec->__get('last_object_id') == $object_id)
- return $session_sec->__get('last_available_bitmask');
- else
- return self::setActions($user_id,$object_id, $object_type);
- /********
- * FAKE *
- ********/
- //return ADD_RECORD+CREATE_CLASS+CREATE_OTHER_AGREGATION+DATA_MODIFICATION+DELETE_CLASS+DELETE_OTHER_AGREGATION;
+ $sessionSec = $ctrl->get($userId);
+ if ($sessionSec->__get('last_object_id') == $objectId) {
+ return $sessionSec->__get('last_available_bitmask');
+ } else {
+ return $this->setActions($userId, $objectId, $objectType);
+ }
}
/**
@@ -597,89 +573,100 @@ class SecurityControler
* bitmask, according with given user
* and aggregation.
* Return computed bitmask
- * @param varchar(32) $user_id
- * @param bigint $object_id
+ * @param varchar(32) $userId
+ * @param bigint $objectId
* @return bitmask
*/
- public function setActions($user_id,$object_id, $object_type)
+ public function setActions($userId, $objectId, $objectType)
{
- if($user_id == 'superadmin')
- {
+ if ($userId == 'superadmin') {
return MAX_BITMASK;
}
// Compute action bitmask
- $full_bitmask = 0;
+ $fullBitmask = 0;
$uc = new users_controler();
- $groups = $uc->getGroups($user_id);
+ $groups = $uc->getGroups($userId);
//print_r($groups);
- $full_where = "";
- for($i=0; $i<count($groups); $i++)
- {
- $access = self::getAccessForGroup($groups[$i]['GROUP_ID']);
+ $fullWhere = "";
+ for ($i = 0; $i < count($groups); $i ++) {
+ $access = $this->getAccessForGroup($groups[$i]['GROUP_ID']);
//var_dump($access);
- for($j=0; $j<count($access);$j++)
- {
+ for ($j = 0; $j < count($access); $j ++) {
$target = $access[$j]->__get('where_target');
- $coll_id = $access[$j]->__get('coll_id');
- $where_clause = $access[$j]->__get('where_clause');
- $where_clause = self::process_security_where_clause($where_clause, $user_id);
- $where_clause = str_replace('where', '', $where_clause);
+ $collId = $access[$j]->__get('coll_id');
+ $whereClause = $access[$j]->__get('where_clause');
+ $whereClause = $this->process_security_where_clause(
+ $whereClause, $userId
+ );
+ $whereClause = str_replace('where', '', $whereClause);
$bitmask = $access[$j]->__get('rights_bitmask');
- $ind = self::get_ind_collection($coll_id);
- if(trim($where_clause) == "")
+ $ind = $this->get_ind_collection($collId);
+ if (trim($whereClause) == "") {
$where = "-1";
- else
- $where = "( ".$this->show_string($where_clause)." )";
+ } else {
+ $where = "( " . $this->show_string($whereClause) . " )";
+ }
- //echo 'target : '.$target.', coll_id : '.$coll_id.', where : '.$where.', bitmask : '.decbin($bitmask).'';
$query = '';
- if($object_type == 'aggregation' && ($target == 'CLASS' || $target == 'ALL'))
- {
- $query = "select mr_aggregation_id from "._CLASSIFICATION_SCHEME_VIEW." where (".$where.') ';
- if(isset($object_id) && !empty($object_id))
- {
- $query .= 'and mr_aggregation_id = '.$object_id;
+ if ($objectType == 'aggregation'
+ && ($target == 'CLASS' || $target == 'ALL')
+ ) {
+ $query = "select mr_aggregation_id from "
+ . _CLASSIFICATION_SCHEME_VIEW . " where (" . $where
+ . ') ';
+ if (isset($objectId) && ! empty($objectId)) {
+ $query .= 'and mr_aggregation_id = ' . $objectId;
}
- }
- elseif($object_type == 'classification_scheme' && ($target == 'CLASS' || $target == 'ALL'))
- {
- $query = "select mr_classification_scheme_id from "._CLASSIFICATION_SCHEME_VIEW." where (".$where.') and mr_classification_scheme_id = '.$object_id;
- }
- else if($object_type == 'doc' && ($target == 'DOC' || $target == 'ALL'))
- {
- $query = "select res_id from ".$_SESSION['collections'][$ind]['view']." where (".$where.') and res_id = '.$object_id;
+ } else if ($objectType == 'classification_scheme'
+ && ($target == 'CLASS' || $target == 'ALL')
+ ) {
+ $query = "select mr_classification_scheme_id from "
+ . _CLASSIFICATION_SCHEME_VIEW . " where (" . $where
+ . ') and mr_classification_scheme_id = ' . $objectId;
+ } else if ($objectType == 'doc'
+ && ($target == 'DOC' || $target == 'ALL')
+ ) {
+ $query = "select res_id from "
+ . $_SESSION['collections'][$ind]['view'] . " where ("
+ . $where . ') and res_id = ' . $objectId;
}
//echo $query;
- self::connect();
- if(!empty($query))
- self::$db->query($query);
-
- if(self::$db->nb_result() > 0)
- {
- if($bitmask > 0)
- {
- $full_bitmask = set_right($full_bitmask, $bitmask);
+ $db = new dbquery();
+ $db->connect();
+ if (! empty($query)) {
+ $db->query($query);
+ }
+ if ($db->nb_result() > 0) {
+ if ($bitmask > 0) {
+ $fullBitmask = set_right($fullBitmask, $bitmask);
}
- if(!empty($full_where))
- $full_where .= " and (".$where.") ";
- else
- $full_where .= $where;
+ if (! empty($fullWhere)) {
+ $fullWhere .= " and (" . $where . ") ";
+ } else {
+ $fullWhere .= $where;
+ }
}
- self::disconnect();
}
}
// Update security session table
$func = new functions();
- $session_security = new session_security();
- $session_security->setArray(array('user_id' => $func->protect_string_db($user_id), 'session_begin_date' => date("Y-m-d H:i"), 'full_where_clause' => functions::protect_string_db($full_where), 'last_available_bitmask' => $full_bitmask, 'last_object_id' => functions::protect_string_db($object_id))); // TO DO : calculate the session_end_date
+ $sessionSecurity = new session_security();
+ $sessionSecurity->setArray(
+ array(
+ 'user_id' => $func->protect_string_db($userId),
+ 'session_begin_date' => date("Y-m-d H:i"),
+ 'full_where_clause' => $func->protect_string_db($fullWhere),
+ 'last_available_bitmask' => $fullBitmask,
+ 'last_object_id' => $func->protect_string_db($objectId)
+ )
+ ); // TO DO : calculate the session_end_date
$ctrl = new session_security_controler();
- $ctrl->save($session_security);
+ $ctrl->save($sessionSecurity);
- return $full_bitmask;
+ return $fullBitmask;
}
}
-?>
diff --git a/core/trunk/core/class/usergroups_controler.php b/core/trunk/core/class/usergroups_controler.php
index e1298ec7309a708adfc6930db2f78240e0c6fab0..44bfe1842dbe45cf18118de232cebc6293f2b992 100644
--- a/core/trunk/core/class/usergroups_controler.php
+++ b/core/trunk/core/class/usergroups_controler.php
@@ -59,147 +59,147 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
/**
* Returns an usergroup object based on a usegroup identifier
*
- * @param $group_id string Usergroup identifier
- * @param $can_be_disabled bool if true gets the group even if it is
+ * @param $groupId string Usergroup identifier
+ * @param $canBeDisabled bool if true gets the group even if it is
* disabled in the database (false by default)
* @return usergroup object with properties from the database or null
*/
- public function get($group_id, $can_be_disabled = false)
+ public function get($groupId, $canBeDisabled=false)
{
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
- return self::advanced_get($group_id,USERGROUPS_TABLE);
+ $this->set_foolish_ids(array('group_id'));
+ $this->set_specific_id('group_id');
+ return $this->advanced_get($groupId, USERGROUPS_TABLE);
}
/**
* Returns all usergroups (enabled by default) from the database in an array
* of usergroup objects (ordered by group_desc by default)
*
- * @param $order_str string Order string passed to the query
+ * @param $orderStr string Order string passed to the query
* ("order by group_desc asc" by default)
- * @param $enabled_only bool if true returns only the enabled usergroups,
+ * @param $enabledOnly bool if true returns only the enabled usergroups,
* otherwise returns even the disabled (true by default)
* @return Array of usergroup objects with properties from the database
*/
- public function getAllUsergroups($order_str = 'order by group_desc asc',
- $enabled_only = true)
+ public function getAllUsergroups($orderStr='order by group_desc asc',
+ $enabledOnly=true)
{
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'select * from ' . USERGROUPS_TABLE .' ';
- if ($enabled_only) {
+ if ($enabledOnly) {
$query .= "where enabled = 'Y'";
}
- $query.= $order_str;
+ $query .= $orderStr;
try{
- self::$db->query($query);
+ $db->query($query);
} catch (Exception $e){}
$groups = array();
- while ($res = self::$db->fetch_object()) {
+ while ($res = $db->fetch_object()) {
$group = new usergroups();
- $tmp_array = array(
+ $tmpArray = array(
'group_id' => $res->group_id,
'group_desc' => $res->group_desc,
- 'enabled' => $res->enabled
+ 'enabled' => $res->enabled,
);
- $group->setArray($tmp_array);
+ $group->setArray($tmpArray);
array_push($groups, $group);
}
- self::$db->disconnect();
+ $db->disconnect();
return $groups;
}
/**
* Returns in an array all the members of a usergroup (user_id only)
*
- * @param $group_id string Usergroup identifier
+ * @param $groupId string Usergroup identifier
* @return Array of user_id or null
*/
- public function getUsers($group_id)
+ public function getUsers($groupId)
{
- if (empty($group_id)) {
+ if (empty($groupId)) {
return null;
}
$users = array();
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'select user_id from ' . USERGROUP_CONTENT_TABLE
- . " where group_id = '" . $group_id . "'";
+ . " where group_id = '" . $groupId . "'";
try{
- self::$db->query($query);
+ $db->query($query);
} catch (Exception $e){
- echo _NO_GROUP_WITH_ID . ' ' . $group_id . ' // ';
+ echo _NO_GROUP_WITH_ID . ' ' . $groupId . ' // ';
}
- while ($res = self::$db->fetch_object()) {
+ while ($res = $db->fetch_object()) {
array_push($users, $res->user_id);
}
- self::$db->disconnect();
+ $db->disconnect();
return $users;
}
/**
* Returns the id of the primary group for a given user_id
*
- * @param $user_id string User identifier
+ * @param $userId string User identifier
* @return String group_id or null
*/
- public function getPrimaryGroup($user_id)
+ public function getPrimaryGroup($userId)
{
- if (empty($user_id)) {
+ if (empty($userId)) {
return null;
}
$users = array();
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'select group_id from ' . USERGROUP_CONTENT_TABLE
- . " where user_id = '" . $user_id . "' and primary_group = 'Y'";
+ . " where user_id = '" . $userId . "' and primary_group = 'Y'";
try {
- self::$db->query($query);
+ $db->query($query);
} catch (Exception $e){
- echo _NO_USER_WITH_ID.' '.$user_id.' // ';
+ echo _NO_USER_WITH_ID.' '.$userId.' // ';
}
- $res = self::$db->fetch_object();
+ $res = $db->fetch_object();
if (isset($res->group_id)) {
- $group_id = $res->group_id;
+ $groupId = $res->group_id;
} else {
return null;
}
- self::$db->disconnect();
- return $group_id;
+ $db->disconnect();
+ return $groupId;
}
/**
* Returns in an array all the baskets associated with a usergroup
* (basket_id only)
*
- * @param $group_id string Usergroup identifier
+ * @param $groupId string Usergroup identifier
* @return Array of basket_id or null
*/
- public function getBaskets($group_id)
+ public function getBaskets($groupId)
{
- if (empty($group_id)) {
+ if (empty($groupId)) {
return null;
}
$baskets = array();
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'select basket_id from ' . GROUPBASKET_TABLE
- . " where group_id = '" . $group_id . "'";
+ . " where group_id = '" . $groupId . "'";
try{
- self::$db->query($query);
+ $db->query($query);
} catch (Exception $e){
- echo _NO_GROUP_WITH_ID.' '.$group_id.' // ';
+ echo _NO_GROUP_WITH_ID.' '.$groupId.' // ';
}
- while ($res = self::$db->fetch_object()) {
+ while ($res = $db->fetch_object()) {
array_push($baskets, $res->basket_id);
}
- self::$db->disconnect();
+ $db->disconnect();
return $baskets;
}
@@ -207,29 +207,29 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
* Returns in an array all the services linked to a usergroup
* (service_id only)
*
- * @param $group_id string Usergroup identifier
+ * @param $groupId string Usergroup identifier
* @return Array of service_id or null
*/
- public function getServices($group_id)
+ public function getServices($groupId)
{
- if (empty($group_id)) {
+ if (empty($groupId)) {
return null;
}
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'select service_id from ' . USERGROUPS_SERVICES_TABLE
- . " where group_id = '" . $group_id . "'";
+ . " where group_id = '" . $groupId . "'";
try {
- self::$db->query($query);
+ $db->query($query);
} catch (Exception $e){
- echo _NO_GROUP_WITH_ID . ' ' . $group_id . ' // ';
+ echo _NO_GROUP_WITH_ID . ' ' . $groupId . ' // ';
}
$services = array();
- while ($queryResult=self::$db->fetch_object()) {
- array_push($services,trim($queryResult->service_id));
+ while ($queryResult = $db->fetch_object()) {
+ array_push($services, trim($queryResult->service_id));
}
- self::$db->disconnect();
+ $db->disconnect();
return $services;
}
@@ -268,7 +268,7 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$mode = '', $params = array())
{
$control = array();
- $sec_ctrl = new SecurityControler();
+ $secCtrl = new SecurityControler();
$sec = new security();
$func = new functions();
// If usergroup not defined or empty, return an error
@@ -276,35 +276,35 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _GROUP_EMPTY
+ 'error' => _GROUP_EMPTY,
);
return $control;
}
// If mode not up or add, return an error
if (!isset($mode) || empty($mode)
- || ($mode <> 'add' && $mode <> 'up' )) {
+ || ($mode <> 'add' && $mode <> 'up' )
+ ) {
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _MODE . ' ' . _UNKNOWN
+ 'error' => _MODE . ' ' . _UNKNOWN,
);
return $control;
}
- $group = self::isAGroup($group);
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
-
+ $group = $this->_isAGroup($group);
+ $this->set_foolish_ids(array('group_id'));
+ $this->set_specific_id('group_id');
// Data checks
- $control = self::control($group, $security,$services, $mode, $params);
-
+ $control = $this->control($group, $security, $services, $mode, $params);
// Security checks
- for ($i=0; $i < count($security ); $i++) {
+ for ($i = 0; $i < count($security); $i ++) {
$view = $sec->retrieve_view_from_coll_id(
$security[$i]['COLL_ID']
);
- $res = $sec_ctrl->check_where_clause(
+ $res = $secCtrl->check_where_clause(
$security[$i]['COLL_ID'], $security[$i]['WHERE_TARGET'],
- $security[$i]['WHERE_CLAUSE'], $view, $params['user_id']);
+ $security[$i]['WHERE_CLAUSE'], $view, $params['user_id']
+ );
if ($res['RESULT'] == false) {
$control = array(
'status' => 'ko',
@@ -315,10 +315,8 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
}
}
if ($control['status'] == 'ok') {
-
- $sec_ctrl->deleteForGroup($group->group_id);
-
- for ($i=0; $i < count($security ); $i++) {
+ $secCtrl->deleteForGroup($group->group_id);
+ for ($i = 0; $i < count($security); $i ++) {
if ($security[$i] <> "") {
$values = array(
'group_id' => $group->group_id,
@@ -338,19 +336,22 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$bitmask = '0';
if (isset($security[$i]['RIGHTS_BITMASK'])
- && !empty($security[$i]['RIGHTS_BITMASK'])) {
+ && !empty($security[$i]['RIGHTS_BITMASK'])
+ ) {
$bitmask = (string) $security[$i]['RIGHTS_BITMASK'];
}
$values['rights_bitmask'] = $bitmask;
if (isset($security[$i]['START_DATE'])
- && !empty($security[$i]['START_DATE'])) {
+ && !empty($security[$i]['START_DATE'])
+ ) {
$values['mr_start_date'] = $func->format_date_db(
$security[$i]['START_DATE']
);
}
if (isset($security[$i]['STOP_DATE'])
- && !empty($security[$i]['STOP_DATE'])) {
+ && !empty($security[$i]['STOP_DATE'])
+ ) {
$values['mr_stop_date'] = $func->format_date_db(
$security[$i]['STOP_DATE']
);
@@ -358,13 +359,13 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$sec = new SecurityObj();
$sec->setArray($values);
- $sec_ctrl->save($sec);
+ $secCtrl->save($sec);
}
}
- self::deleteServicesForGroup($group->group_id);
- for ($i=0; $i<count($services); $i++) {
+ $this->deleteServicesForGroup($group->group_id);
+ for ($i = 0; $i < count($services); $i ++) {
if (!empty($services[$i])) {
- self::insertServiceForGroup(
+ $this->insertServiceForGroup(
$group->group_id, $services[$i]
);
}
@@ -378,7 +379,7 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
if ($mode == 'up') {
//Update existing group
- if (self::update($group)) {
+ if ($this->update($group)) {
$control = array(
'status' => 'ok',
'value' => $group->group_id
@@ -396,11 +397,11 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _PB_WITH_GROUP_UPDATE
+ 'error' => _PB_WITH_GROUP_UPDATE,
);
}
} else { //mode == add
- if (self::insert($group)) {
+ if ($this->insert($group)) {
$control = array(
'status' => 'ok',
'value' => $group->group_id
@@ -418,7 +419,7 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _PB_WITH_USERGROUP
+ 'error' => _PB_WITH_USERGROUP,
);
}
}
@@ -468,9 +469,9 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
);
}
- if ($mode == "add" && self::groupExists($group->group_id)) {
+ if ($mode == "add" && $this->groupExists($group->group_id)) {
$func->add_error(
- $group->group_id . ' '. _ALREADY_EXISTS . "<br />"
+ $group->group_id . ' ' . _ALREADY_EXISTS . "<br />"
);
}
@@ -508,7 +509,7 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
*/
private function insert($group)
{
- return self::advanced_insert($group);
+ return $this->advanced_insert($group);
}
/**
@@ -520,7 +521,7 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
*/
private function update($group)
{
- return self::advanced_update($group);
+ return $this->advanced_update($group);
}
/**
@@ -536,69 +537,71 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _GROUP_EMPTY
+ 'error' => _GROUP_EMPTY,
);
return $control;
}
- $group = self::isAGroup($group);
- if (!self::groupExists($group->group_id)) {
+ $group = $this->_isAGroup($group);
+ if (!$this->groupExists($group->group_id)) {
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _GROUP_NOT_EXISTS
+ 'error' => _GROUP_NOT_EXISTS,
);
return $control;
}
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
+ $this->set_foolish_ids(array('group_id'));
+ $this->set_specific_id('group_id');
- $group_id = $group->__get('group_id');
- $ok = self::advanced_delete($group);
+ $groupId = $group->__get('group_id');
+ $ok = $this->advanced_delete($group);
if ($ok) {
- $ok = self::cleanUsergroupContent($group_id);
+ $ok = $this->_cleanUsergroupContent($groupId);
} else {
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _IMPOSSIBLE_TO_DELETE_USER
+ 'error' => _IMPOSSIBLE_TO_DELETE_USER,
);
}
if ($ok) {
- $ok = self::deleteServicesForGroup($group_id);
+ $ok = $this->deleteServicesForGroup($groupId);
} elseif (!isset($control['status']) || $control['status'] <> 'ko' ) {
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _PB_WITH_USERGROUP_CONTENT_CLEANING
+ 'error' => _PB_WITH_USERGROUP_CONTENT_CLEANING,
);
}
if ($ok) {
- $sec_ctrl = new SecurityControler();
- $ok = $sec_ctrl->deleteForGroup($group_id);
+ $secCtrl = new SecurityControler();
+ $ok = $secCtrl->deleteForGroup($groupId);
} elseif (!isset($control['status']) || $control['status'] <> 'ko' ) {
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _PB_WITH_USERGROUP_CONTENT_CLEANING
+ 'error' => _PB_WITH_USERGROUP_CONTENT_CLEANING,
);
}
if (!$ok
- && (!isset($control['status']) || $control['status'] <> 'ko' )) {
+ && (!isset($control['status']) || $control['status'] <> 'ko' )
+ ) {
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _PB_WITH_SECURITY_CLEANING
+ 'error' => _PB_WITH_SECURITY_CLEANING,
);
}
if (isset($control['status']) && $control['status'] == 'ok') {
if (isset($params['log_group_del'])
&& ($params['log_group_del'] == 'true'
- || $params['log_group_del'] == true)) {
+ || $params['log_group_del'] == true)
+ ) {
$history = new history();
$history->add(
USERGROUPS_TABLE, $group->group_id, 'DEL',
@@ -611,25 +614,26 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
}
/**
- * Cleans the usergroup_content table in the database from a given usergroup (group_id)
+ * Cleans the usergroup_content table in the database from a given usergroup
+ * (group_id)
*
- * @param $group_id string Usergroup identifier
+ * @param $groupId string Usergroup identifier
* @return bool true if the cleaning is complete, false otherwise
*/
- private function cleanUsergroupContent($group_id)
+ private function _cleanUsergroupContent($groupId)
{
- if (!isset($group_id)|| empty($group_id)) {
+ if (!isset($groupId)|| empty($groupId)) {
return false;
}
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'delete from ' . USERGROUP_CONTENT_TABLE . " where group_id='"
- . $group_id . "'";
+ . $groupId . "'";
try {
- self::$db->query($query);
+ $db->query($query);
$ok = true;
} catch (Exception $e){
- echo _CANNOT_DELETE_GROUP_ID . ' ' . $group_id . ' // ';
+ echo _CANNOT_DELETE_GROUP_ID . ' ' . $groupId . ' // ';
$ok = false;
}
@@ -643,29 +647,30 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
* @param $group usergroup object
* @return bool true if the disabling is complete, false otherwise
*/
- public function disable($group, $params = array())
+ public function disable($group, $params=array())
{
$control = array();
if (!isset($group) || empty($group)) {
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _GROUP_EMPTY
+ 'error' => _GROUP_EMPTY,
);
return $control;
}
- $group = self::isAGroup($group);
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
+ $group = $this->_isAGroup($group);
+ $this->set_foolish_ids(array('group_id'));
+ $this->set_specific_id('group_id');
- if (self::advanced_disable($group)) {
+ if ($this->advanced_disable($group)) {
$control = array(
'status' => 'ok',
'value' => $group->group_id
);
if (isset($params['log_group_disabled'])
&& ($params['log_group_disabled'] == 'true'
- || $params['log_group_disabled'] == true)) {
+ || $params['log_group_disabled'] == true)
+ ) {
$history = new history();
$history->add(
USERGROUPS_TABLE, $group->group_id, 'BAN',
@@ -677,7 +682,7 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _PB_WITH_GROUP_ID
+ 'error' => _PB_WITH_GROUP_ID,
);
}
return $control;
@@ -696,21 +701,22 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _GROUP_EMPTY
+ 'error' => _GROUP_EMPTY,
);
return $control;
}
- $group = self::isAGroup($group);
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
- if (self::advanced_enable($group)) {
+ $group = $this->_isAGroup($group);
+ $this->set_foolish_ids(array('group_id'));
+ $this->set_specific_id('group_id');
+ if ($this->advanced_enable($group)) {
$control = array(
'status' => 'ok',
- 'value' => $group->group_id
+ 'value' => $group->group_id,
);
if (isset($params['log_group_enabled'])
&& ($params['log_group_enabled'] == 'true'
- || $params['log_group_enabled'] == true)) {
+ || $params['log_group_enabled'] == true)
+ ) {
$history = new history();
$history->add(
USERGROUPS_TABLE, $group->group_id, 'VAL',
@@ -722,7 +728,7 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
$control = array(
'status' => 'ko',
'value' => '',
- 'error' => _PB_WITH_GROUP_ID
+ 'error' => _PB_WITH_GROUP_ID,
);
}
return $control;
@@ -731,31 +737,31 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
/**
* Asserts if a given usergroup (group_id) exists in the database
*
- * @param $group_id String Usergroup identifier
+ * @param $groupId String Usergroup identifier
* @return bool true if the usergroup exists, false otherwise
*/
- public function groupExists($group_id)
+ public function groupExists($groupId)
{
- if (!isset($group_id) || empty($group_id)) {
+ if (!isset($groupId) || empty($groupId)) {
return false;
}
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'select group_id from ' . USERGROUPS_TABLE
- . " where group_id = '" . $group_id . "'";
+ . " where group_id = '" . $groupId . "'";
try {
- self::$db->query($query);
+ $db->query($query);
} catch (Exception $e) {
- echo _UNKNOWN . _GROUP . ' ' . $group_id . ' // ';
+ echo _UNKNOWN . _GROUP . ' ' . $groupId . ' // ';
}
- if (self::$db->nb_result() > 0) {
- self::$db->disconnect();
+ if ($db->nb_result() > 0) {
+ $db->disconnect();
return true;
}
- self::$db->disconnect();
+ $db->disconnect();
return false;
}
@@ -763,26 +769,26 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
* Deletes all the services for a given usergroup in the usergroups_service
* table
*
- * @param $group_id String Usergroup identifier
+ * @param $groupId String Usergroup identifier
* @return bool true if the deleting is complete, false otherwise
*/
- public function deleteServicesForGroup($group_id)
+ public function deleteServicesForGroup($groupId)
{
- if (!isset($group_id)|| empty($group_id)) {
+ if (!isset($groupId)|| empty($groupId)) {
return false;
}
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'delete from ' . USERGROUPS_SERVICES_TABLE
- . " where group_id='" . $group_id . "'";
+ . " where group_id='" . $groupId . "'";
try {
- self::$db->query($query);
+ $db->query($query);
$ok = true;
} catch (Exception $e) {
- echo _CANNOT_DELETE_GROUP_ID . ' ' . $group_id . ' // ';
+ echo _CANNOT_DELETE_GROUP_ID . ' ' . $groupId . ' // ';
$ok = false;
}
- self::$db->disconnect();
+ $db->disconnect();
return $ok;
}
@@ -790,59 +796,61 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
* Inserts a given service for a given group into the usergroups_services
* table
*
- * @param $group_id String Usergroup identifier
- * @param $service_id String Service identifier
+ * @param $groupId String Usergroup identifier
+ * @param $serviceId String Service identifier
* @return bool true if the insertion is complete, false otherwise
*/
- public function insertServiceForGroup($group_id, $service_id)
+ public function insertServiceForGroup($groupId, $serviceId)
{
- if (!isset($group_id)|| empty($group_id) || !isset($service_id)
- || empty($service_id)) {
+ if (!isset($groupId)|| empty($groupId) || !isset($serviceId)
+ || empty($serviceId)
+ ) {
return false;
}
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'insert into ' . USERGROUPS_SERVICES_TABLE
- . " (group_id, service_id) values ('" . $group_id . "', '"
- . $service_id . "')";
+ . " (group_id, service_id) values ('" . $groupId . "', '"
+ . $serviceId . "')";
try {
- self::$db->query($query);
+ $db->query($query);
$ok = true;
} catch (Exception $e) {
- echo _CANNOT_INSERT . ' ' . $group_id . ' ' . $service_id . ' // ';
+ echo _CANNOT_INSERT . ' ' . $groupId . ' ' . $serviceId . ' // ';
$ok = false;
}
- self::$db->disconnect();
+ $db->disconnect();
return $ok;
}
/**
* Checks if a given user is a member of the given group
*
- * @param $user_id String User identifier
- * @param $group_id String Usergroup identifier
+ * @param $userId String User identifier
+ * @param $groupId String Usergroup identifier
* @return bool true if the user is a member, false otherwise
*/
- public function inGroup($user_id, $group_id)
+ public function inGroup($userId, $groupId)
{
- if (!isset($group_id) || empty($group_id) || !isset($user_id)
- || empty($user_id)) {
+ if (!isset($groupId) || empty($groupId) || !isset($userId)
+ || empty($userId)
+ ) {
return false;
}
- self::$db=new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'select user_id from ' . USERGROUP_CONTENT_TABLE
- . " where user_id ='" . $user_id . "' and group_id = '"
- . $group_id . "'";
+ . " where user_id ='" . $userId . "' and group_id = '"
+ . $groupId . "'";
try {
- self::$db->query($query);
+ $db->query($query);
} catch (Exception $e) {
- echo _CANNOT_FIND . ' ' . $group_id . ' ' . $user_id . ' // ';
+ echo _CANNOT_FIND . ' ' . $groupId . ' ' . $userId . ' // ';
}
- self::$db->disconnect();
+ $db->disconnect();
- if (self::$db->nb_result() > 0) {
+ if ($db->nb_result() > 0) {
return true;
} else {
return false;
@@ -853,29 +861,29 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
* Returns the number of usergroup of the usergroups table
* (only the enabled by default)
*
- * @param $enabled_only Bool if true counts only the enabled ones,
+ * @param $enabledOnly Bool if true counts only the enabled ones,
* otherwise counts all usergroups even the disabled ones (true by default)
* @return Integer the number of usergroups in the usergroups table
*/
- public function getUsergroupsCount($enabled_only = true)
+ public function getUsergroupsCount($enabledOnly=true)
{
$nb = 0;
- self::$db = new dbquery();
- self::$db->connect();
+ $db = new dbquery();
+ $db->connect();
$query = 'select group_id from ' . USERGROUPS_TABLE . ' ' ;
- if ($enabled_only) {
+ if ($enabledOnly) {
$query .= "where enabled ='Y'";
}
try {
- self::$db->query($query);
+ $db->query($query);
} catch (Exception $e) {
}
- $nb = self::$db->nb_result();
- self::$db->disconnect();
+ $nb = $db->nb_result();
+ $db->disconnect();
return $nb;
}
@@ -885,7 +893,7 @@ class usergroups_controler extends ObjectControler implements ObjectControlerIF
* @param $object ws group object
* @return object usergroups
*/
- private function isAGroup($object)
+ private function _isAGroup($object)
{
if (get_class($object) <> 'usergroups') {
$func = new functions();