seeddms-code/inc/inc.ClassDMS.php

<?php
//    MyDMS. Document Management System
//    Copyright (C) 2010 Uwe Steinmann
//
//    This program is free software; you can redistribute it and/or modify
//    it under the terms of the GNU General Public License as published by
//    the Free Software Foundation; either version 2 of the License, or
//    (at your option) any later version.
//
//    This program is distributed in the hope that it will be useful,
//    but WITHOUT ANY WARRANTY; without even the implied warranty of
//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//    GNU General Public License for more details.
//
//    You should have received a copy of the GNU General Public License
//    along with this program; if not, write to the Free Software
//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

require_once("inc.AccessUtils.php");
require_once("inc.FileUtils.php");
require_once("inc.ClassAccess.php");
require_once("inc.ClassFolder.php");
require_once("inc.ClassDocument.php");
require_once("inc.ClassGroup.php");
require_once("inc.ClassUser.php");
require_once("inc.ClassKeywords.php");

/**
 * Class to represent the complete document management
 *
 * @category   DMS
 * @package    LetoDMS
 * @author     Uwe Steinmann <uwe@steinmann.cx>
 * @copyright  Copyright (C) 2010, Uwe Steinmann
 * @version    Release: @package_version@
 */
class LetoDMS_DMS {
	/**
	 * @var object $db reference to database object
	 * @access protected
	 */
	protected $db;

	/**
	 * @var object $user reference to currently logged in user
	 * @access public
	 */
	public $user;

	/**
	 * @var string $contentDir location in file system where all the
	 *      data stores are located.
	 * @access public
	 */
	public $contentDir;

	/**
	 * @var string $contentOffsetDir location in file system relative to
	 *      @var $contentDir where all the  documents belonging to a
	 *      data stored are saved
	 * @access public
	 */
	public $contentOffsetDir;

	/**
	 * @var integer $guestID ID of user treated as a guest with limited
	 *      access rights
	 * @access public
	 */
	public $guestID;

	/**
	 * @var integer $rootFolderID ID of root folder
	 * @access public
	 */
	public $rootFolderID;

	/**
	 * @var boolean $enableGuestLogin set to true if guest login is allowed
	 * @access public
	 */
	public $enableGuestLogin;

	/**
	 * @var boolean $enableConverting set to true if conversion of content is desired
	 * @access public
	 */
	public $enableConverting;

	/**
	 * @var array $convertFileTypes list of files types that shall be converted
	 * @access public
	 */
	public $convertFileTypes;

	/**
	 * @var array $viewOnlineFileTypes list of files types that can be viewed
	 *      online
	 * @access public
	 */
	public $viewOnlineFileTypes;

	/**
	 * Filter objects out which are not accessible in a given mode by a user.
	 *
	 * @param array $objArr list of objects (either documents or folders)
	 * @param object $user user for which access is checked
	 * @param integer $minMode minimum access mode required
	 * @return array filtered list of objects
	 */
	static function filterAccess($objArr, $user, $minMode) { /* {{{ */
		if (!is_array($objArr)) {
			return array();
		}
		$newArr = array();
		foreach ($objArr as $obj) {
			if ($obj->getAccessMode($user) >= $minMode)
				array_push($newArr, $obj);
		}
		return $newArr;
	} /* }}} */

	/**
	 * Filter users out which cannot access an object in a given mode.
	 *
	 * @param object $obj object that shall be accessed
	 * @param array $users list of users which are to check for sufficient
	 *        access rights
	 * @param integer $minMode minimum access right on the object for each user
	 * @return array filtered list of users
	 */
	static function filterUsersByAccess($obj, $users, $minMode) { /* {{{ */
		$newArr = array();
		foreach ($users as $currUser) {
			if ($obj->getAccessMode($currUser) >= $minMode)
				array_push($newArr, $currUser);
		}
		return $newArr;
	} /* }}} */

	function __construct($db, $contentDir, $contentOffsetDir) { /* {{{ */
		$this->db = $db;
		$this->contentDir = $contentDir;
		$this->contentOffsetDir = $contentOffsetDir;
		$this->rootFolderID = 1;
		$this->guestID = 2;
		$this->enableAdminRevApp = false;
		$this->enableConverting = false;
		$this->convertFileTypes = array();
	} /* }}} */

	function getDB() { /* {{{ */
		return $this->db;
	} /* }}} */

	function setRootFolderID($id) { /* {{{ */
		$this->rootFolderID = $id;
	} /* }}} */

	function setGuestID($id) { /* {{{ */
		$this->guestID = $id;
	} /* }}} */

	function setEnableGuestLogin($enable) { /* {{{ */
		$this->enableGuestLogin = $enable;
	} /* }}} */

	function setEnableAdminRevApp($enable) { /* {{{ */
		$this->enableAdminRevApp = $enable;
	} /* }}} */

	function setEnableConverting($enable) { /* {{{ */
		$this->enableConverting = $enable;
	} /* }}} */

	function setConvertFileTypes($types) { /* {{{ */
		$this->convertFileTypes = $types;
	} /* }}} */

	function setViewOnlineFileTypes($types) { /* {{{ */
		$this->viewOnlineFileTypes = $types;
	} /* }}} */

	/**
	 * Login as a user
	 *
	 * Checks if the given credentials are valid returns a user object.
	 * It also sets the property $user for later access on the currently
	 * logged in user
	 *
	 * @param string $username login name of user
	 * @param string $password password of user
	 *
	 * @return object instance of class LetoDMS_User or false
	 */
	function login($username, $password) { /* {{{ */
	} /* }}} */

	/**
	 * Set the logged in user
	 *
	 * If user authentication was done externally, this function can
	 * be used to tell the dms who is currently logged in.
	 *
	 * @param object $user
	 *
	 */
	function setUser($user) { /* {{{ */
		$this->user = $user;
	} /* }}} */

	/**
	 * Return a document by its id
	 *
	 * This function retrieves a document from the database by its id.
	 *
	 * @param integer $id internal id of document
	 * @return object instance of LetoDMS_Document or false
	 */
	function getDocument($id) { /* {{{ */
		if (!is_numeric($id)) return false;
		
		$queryStr = "SELECT * FROM tblDocuments WHERE id = " . $id;
		$resArr = $this->db->getResultArray($queryStr);
		if (is_bool($resArr) && $resArr == false)
			return false;
		if (count($resArr) != 1)
			return false;
		$resArr = $resArr[0];
	
		// New Locking mechanism uses a separate table to track the lock.
		$queryStr = "SELECT * FROM tblDocumentLocks WHERE document = " . $id;
		$lockArr = $this->db->getResultArray($queryStr);
		if ((is_bool($lockArr) && $lockArr==false) || (count($lockArr)==0)) {
			// Could not find a lock on the selected document.
			$lock = -1;
		}
		else {
			// A lock has been identified for this document.
			$lock = $lockArr[0]["userID"];
		}
	
		$document = new LetoDMS_Document($resArr["id"], $resArr["name"], $resArr["comment"], $resArr["date"], $resArr["expires"], $resArr["owner"], $resArr["folder"], $resArr["inheritAccess"], $resArr["defaultAccess"], $lock, $resArr["keywords"], $resArr["sequence"]);
		$document->setDMS($this);
		return $document;
	} /* }}} */

	/**
	 * Returns all documents of a given user
	 *
	 * @param object $user
	 * @return array list of documents
	 */
	function getDocumentsByUser($user) { /* {{{ */
		$queryStr = "SELECT `tblDocuments`.*, `tblDocumentLocks`.`userID` as `lockUser` ".
			"FROM `tblDocuments` ".
			"LEFT JOIN `tblDocumentLocks` ON `tblDocuments`.`id`=`tblDocumentLocks`.`document` ".
			"WHERE `tblDocuments`.`owner` = " . $user->getID() . " ORDER BY `sequence`";

		$resArr = $this->db->getResultArray($queryStr);
		if (is_bool($resArr) && !$resArr)
			return false;

		$documents = array();
		foreach ($resArr as $row) {
			array_push($documents, new LetoDMS_Document($row["id"], $row["name"], $row["comment"], $row["date"], $row["expires"], $row["owner"], $row["folder"], $row["inheritAccess"], $row["defaultAccess"], $row["lockUser"], $row["keywords"], $row["sequence"]));
		}
		return $documents;
	} /* }}} */

	/*
	 * Search the database for documents
	 *
	 * @param query string seach query with space separated words
	 * @param limit integer number of items in result set
	 * @param offset integer index of first item in result set
	 * @param mode string either AND or OR
	 * @param searchin array() list of fields to search in
	 * @param startFolder object search in the folder only (null for root folder)
	 * @param owner object search for documents owned by this user
	 * @param status array list of status
	 * @param creationstartdate array search for documents created after this date
	 * @param creationenddate array search for documents created before this date
	 * @return array containing the elements total and docs
	 */
	function search($query, $limit=0, $offset=0, $mode='AND', $searchin=array(), $startFolder=null, $owner=null, $status = array(), $creationstartdate=array(), $creationenddate=array()) { /* {{{ */
		// Split the search string into constituent keywords.
		$tkeys=array();
		if (strlen($query)>0) {
			$tkeys = split("[\t\r\n ,]+", $query);
		}
		
		// if none is checkd search all
		if (count($searchin)==0)
			$searchin=array( 0, 1, 2, 3);

		$searchKey = "";
		// Assemble the arguments for the concatenation function. This allows the
		// search to be carried across all the relevant fields.
		$concatFunction = "";
		if (in_array(1, $searchin)) {
			$concatFunction = "`tblDocuments`.`keywords`";
		}
		if (in_array(2, $searchin)) {
			$concatFunction = (strlen($concatFunction) == 0 ? "" : $concatFunction.", ")."`tblDocuments`.`name`";
		}
		if (in_array(3, $searchin)) {
			$concatFunction = (strlen($concatFunction) == 0 ? "" : $concatFunction.", ")."`tblDocuments`.`comment`";
		}
		
		if (strlen($concatFunction)>0 && count($tkeys)>0) {
			$concatFunction = "CONCAT_WS(' ', ".$concatFunction.")";
			foreach ($tkeys as $key) {
				$key = trim($key);
				if (strlen($key)>0) {
					$searchKey = (strlen($searchKey)==0 ? "" : $searchKey." ".$mode." ").$concatFunction." LIKE '%".$key."%'";
				}
			}
		}
		
		// Check to see if the search has been restricted to a particular sub-tree in
		// the folder hierarchy.
		$searchFolder = "";
		if ($startFolder) {
			$searchFolder = "`tblDocuments`.`folderList` LIKE '%:".$startFolder->getID().":%'";
		}
		
		// Check to see if the search has been restricted to a particular
		// document owner.
		$searchOwner = "";
		if ($owner) {
			$searchOwner = "`tblDocuments`.`owner` = '".$owner->getId()."'";
		}
		
		// Is the search restricted to documents created between two specific dates?
		$searchCreateDate = "";
		if ($creationstartdate) {
			$startdate = makeTimeStamp(0, 0, 0, $createstartdate["year"], $createstartdate["month"], $createstartdate["day"]);
			if ($startdate) {
				$searchCreateDate .= "`tblDocuments`.`date` >= ".$startdate;
			}
		}
		if ($creationenddate) {
			$stopdate = makeTimeStamp(23, 59, 59, $createenddate["year"], $createenddate["month"], $createenddate["day"]);
			if ($stopdate) {
				if($startdate)
					$searchCreateDate .= " AND ";
				$searchCreateDate = "`tblDocuments`.`date` <= ".$stopdate;
			}
		}
		
		// ---------------------- Suche starten ----------------------------------
		
		//
		// Construct the SQL query that will be used to search the database.
		//
		
		if (!$this->db->createTemporaryTable("ttcontentid") || !$this->db->createTemporaryTable("ttstatid")) {
			return false;
		}
		
		$searchQuery = "FROM `tblDocumentContent` ".
			"LEFT JOIN `tblDocuments` ON `tblDocuments`.`id` = `tblDocumentContent`.`document` ".
			"LEFT JOIN `tblDocumentStatus` ON `tblDocumentStatus`.`documentID` = `tblDocumentContent`.`document` ".
			"LEFT JOIN `tblDocumentStatusLog` ON `tblDocumentStatusLog`.`statusID` = `tblDocumentStatus`.`statusID` ".
			"LEFT JOIN `ttstatid` ON `ttstatid`.`maxLogID` = `tblDocumentStatusLog`.`statusLogID` ".
			"LEFT JOIN `ttcontentid` ON `ttcontentid`.`maxVersion` = `tblDocumentStatus`.`version` AND `ttcontentid`.`document` = `tblDocumentStatus`.`documentID` ".
			"LEFT JOIN `tblDocumentLocks` ON `tblDocuments`.`id`=`tblDocumentLocks`.`document` ".
			"WHERE `ttstatid`.`maxLogID`=`tblDocumentStatusLog`.`statusLogID` ".
			"AND `ttcontentid`.`maxVersion` = `tblDocumentContent`.`version`";
		
		if (strlen($searchKey)>0) {
			$searchQuery .= " AND (".$searchKey.")";
		}
		if (strlen($searchFolder)>0) {
			$searchQuery .= " AND ".$searchFolder;
		}
		if (strlen($searchOwner)>0) {
			$searchQuery .= " AND (".$searchOwner.")";
		}
		if (strlen($searchCreateDate)>0) {
			$searchQuery .= " AND (".$searchCreateDate.")";
		}

		// status
		if ($status) {
			$searchQuery .= " AND `tblDocumentStatusLog`.`status` IN (".implode(',', $status).")";
		}

		// Count the number of rows that the search will produce.
		$resArr = $this->db->getResultArray("SELECT COUNT(*) AS num ".$searchQuery);
		$totalDocs = 0;
		if (is_numeric($resArr[0]["num"]) && $resArr[0]["num"]>0) {
			$totalDocs = (integer)$resArr[0]["num"];
		}
		if($limit) {
			$totalPages = (integer)($totalDocs/$limit);
			if (($totalDocs%$limit) > 0) {
				$totalPages++;
			}
		} else {
			$totalPages = 1;
		}
		
		// If there are no results from the count query, then there is no real need
		// to run the full query. TODO: re-structure code to by-pass additional
		// queries when no initial results are found.

		// Prepare the complete search query, including the LIMIT clause.
		$searchQuery = "SELECT `tblDocuments`.*, ".
			"`tblDocumentContent`.`version`, ".
			"`tblDocumentStatusLog`.`status`, `tblDocumentLocks`.`userID` as `lockUser` ".$searchQuery;
		
		if($limit) {
			$searchQuery .= " LIMIT ".$offset.",".$limit;
		}
		
		// Send the complete search query to the database.
		$resArr = $this->db->getResultArray($searchQuery);
		
		// ------------------- Ausgabe der Ergebnisse ----------------------------
		$numResults = count($resArr);
		if ($numResults == 0) {
			return array('totalDocs'=>$totalDocs, 'totalPages'=>$totalPages, 'docs'=>array());
		}
		
		foreach ($resArr as $docArr) {
		
			$document = new LetoDMS_Document(
				$docArr["id"], $docArr["name"],
				$docArr["comment"], $docArr["date"],
				$docArr["expires"], $docArr["owner"],
				$docArr["folder"], $docArr["inheritAccess"],
				$docArr["defaultAccess"], $docArr["lockUser"],
				$docArr["keywords"], $docArr["sequence"]);
			$document->setDMS($this);
			$docs[] = $document;
		}
		return(array('totalDocs'=>$totalDocs, 'totalPages'=>$totalPages, 'docs'=>$docs));
	} /* }}} */

	/**
	 * Return a folder by its id
	 *
	 * This function retrieves a folder from the database by its id.
	 *
	 * @param integer $id internal id of folder
	 * @return object instance of LetoDMS_Folder or false
	 */
	function getFolder($id) { /* {{{ */
		if (!is_numeric($id)) return false;
		
		$queryStr = "SELECT * FROM tblFolders WHERE id = " . $id;
		$resArr = $this->db->getResultArray($queryStr);
	
		if (is_bool($resArr) && $resArr == false)
			return false;
		else if (count($resArr) != 1)
			return false;
			
		$resArr = $resArr[0];
		$folder = new LetoDMS_Folder($resArr["id"], $resArr["name"], $resArr["parent"], $resArr["comment"], $resArr["owner"], $resArr["inheritAccess"], $resArr["defaultAccess"], $resArr["sequence"]);
		$folder->setDMS($this);
		return $folder;
	} /* }}} */

	/**
	 * Return a user by its id
	 *
	 * This function retrieves a user from the database by its id.
	 *
	 * @param integer $id internal id of user
	 * @return object instance of LetoDMS_User or false
	 */
	function getUser($id) { /* {{{ */
		if (!is_numeric($id))
			return false;
		
		$queryStr = "SELECT * FROM tblUsers WHERE id = " . $id;
		$resArr = $this->db->getResultArray($queryStr);
		
		if (is_bool($resArr) && $resArr == false) return false;
		if (count($resArr) != 1) return false;
		
		$resArr = $resArr[0];
		
		$user = new LetoDMS_User($resArr["id"], $resArr["login"], $resArr["pwd"], $resArr["fullName"], $resArr["email"], $resArr["language"], $resArr["theme"], $resArr["comment"], $resArr["isAdmin"], $resArr["hidden"]);
		$user->setDMS($this);
		return $user;
	} /* }}} */

	/**
	 * Return a user by its login
	 *
	 * This function retrieves a user from the database by its login.
	 *
	 * @param integer $login internal login of user
	 * @return object instance of LetoDMS_User or false
	 */
	function getUserByLogin($login) { /* {{{ */
		$queryStr = "SELECT * FROM tblUsers WHERE login = '".$login."'";
		$resArr = $this->db->getResultArray($queryStr);
		
		if (is_bool($resArr) && $resArr == false) return false;
		if (count($resArr) != 1) return false;
			
		$resArr = $resArr[0];
		
		$user = new LetoDMS_User($resArr["id"], $resArr["login"], $resArr["pwd"], $resArr["fullName"], $resArr["email"], $resArr["language"], $resArr["theme"], $resArr["comment"], $resArr["isAdmin"], $resArr["hidden"]);
		$user->setDMS($this);
		return $user;
	} /* }}} */

	function getAllUsers() { /* {{{ */
		$queryStr = "SELECT * FROM tblUsers ORDER BY login";
		$resArr = $this->db->getResultArray($queryStr);
		
		if (is_bool($resArr) && $resArr == false)
			return false;
		
		$users = array();
		
		for ($i = 0; $i < count($resArr); $i++) {
			$user = new LetoDMS_User($resArr[$i]["id"], $resArr[$i]["login"], $resArr[$i]["pwd"], $resArr[$i]["fullName"], $resArr[$i]["email"], (isset($resArr["language"])?$resArr["language"]:NULL), (isset($resArr["theme"])?$resArr["theme"]:NULL), $resArr[$i]["comment"], $resArr[$i]["isAdmin"], $resArr[$i]["hidden"]);
			$user->setDMS($this);
			$users[$i] = $user;
		}
		
		return $users;
	} /* }}} */
	
	function addUser($login, $pwd, $fullName, $email, $language, $theme, $comment, $isAdmin=0, $isHidden=0) { /* {{{ */
		if (is_object($this->getUserByLogin($login))) {
			return false;
		}
		$queryStr = "INSERT INTO tblUsers (login, pwd, fullName, email, language, theme, comment, isAdmin, hidden) VALUES ('".$login."', '".$pwd."', '".$fullName."', '".$email."', '".$language."', '".$theme."', '".$comment."', '".$isAdmin."', '".$isHidden."')";
		$res = $this->db->getResult($queryStr);
		if (!$res)
			return false;
		
		return $this->getUser($this->db->getInsertID());
	} /* }}} */

	function getGroup($id) { /* {{{ */
		if (!is_numeric($id))
			die ("invalid groupid");
		
		$queryStr = "SELECT * FROM tblGroups WHERE id = " . $id;
		$resArr = $this->db->getResultArray($queryStr);
		
		if (is_bool($resArr) && $resArr == false)
			return false;
		else if (count($resArr) != 1) //wenn, dann wohl eher 0 als > 1 ;-)
			return false;
		
		$resArr = $resArr[0];
		
		$group = new LetoDMS_Group($resArr["id"], $resArr["name"], $resArr["comment"]);
		$group->setDMS($this);
		return $group;
	} /* }}} */

	function getGroupByName($name) { /* {{{ */
		$queryStr = "SELECT `tblGroups`.* FROM `tblGroups` WHERE `tblGroups`.`name` = '".$name."'";
		$resArr = $this->db->getResultArray($queryStr);
		
		if (is_bool($resArr) && $resArr == false)
			return false;
		else if (count($resArr) != 1) //wenn, dann wohl eher 0 als > 1 ;-)
			return false;
		
		$resArr = $resArr[0];
		
		$group = new LetoDMS_Group($resArr["id"], $resArr["name"], $resArr["comment"]);
		$group->setDMS($this);
		return $group;
	} /* }}} */

	function getAllGroups() { /* {{{ */
		$queryStr = "SELECT * FROM tblGroups ORDER BY name";
		$resArr = $this->db->getResultArray($queryStr);
		
		if (is_bool($resArr) && $resArr == false)
			return false;
		
		$groups = array();
		
		for ($i = 0; $i < count($resArr); $i++) {
			
			$group = new LetoDMS_Group($resArr[$i]["id"], $resArr[$i]["name"], $resArr[$i]["comment"]);
			$group->setDMS($this);
			$groups[$i] = $group;
		}
		
		return $groups;
	} /* }}} */

	function addGroup($name, $comment) { /* {{{ */
		if (is_object($this->getGroupByName($name))) {
			return false;
		}

		$queryStr = "INSERT INTO tblGroups (name, comment) VALUES ('".$name."', '" . $comment . "')";
		if (!$this->db->getResult($queryStr))
			return false;
		
		return $this->getGroup($this->db->getInsertID());
	} /* }}} */

	function getKeywordCategory($id) { /* {{{ */
		if (!is_numeric($id))
			die ("invalid id");

		$queryStr = "SELECT * FROM tblKeywordCategories WHERE id = " . $id;
		$resArr = $this->db->getResultArray($queryStr);
		if ((is_bool($resArr) && !$resArr) || (count($resArr) != 1))
			return false;

		$resArr = $resArr[0];
		$cat = new LetoDMS_Keywordcategory($resArr["id"], $resArr["owner"], $resArr["name"]);
		$cat->setDMS($this);
		return $cat;
	} /* }}} */

	function getKeywordCategoryByName($name, $owner) { /* {{{ */
		$queryStr = "SELECT * FROM tblKeywordCategories WHERE name = '" . $name . "' AND owner = '" . $owner. "'";
		$resArr = $this->db->getResultArray($queryStr);
		if ((is_bool($resArr) && !$resArr) || (count($resArr) != 1))
			return false;

		$resArr = $resArr[0];
		$cat = new LetoDMS_Keywordcategory($resArr["id"], $resArr["owner"], $resArr["name"]);
		$cat->setDMS($this);
		return $cat;
	} /* }}} */

	function getAllKeywordCategories($userIDs = array()) { /* {{{ */
		$queryStr = "SELECT * FROM tblKeywordCategories";
		if ($userIDs)
			$queryStr .= " WHERE owner in (".implode(',', $userIDs).")";

		$resArr = $this->db->getResultArray($queryStr);
		if (is_bool($resArr) && !$resArr)
			return false;

		$categories = array();
		foreach ($resArr as $row) {
			$cat = new LetoDMS_KeywordCategory($row["id"], $row["owner"], $row["name"]);
			$cat->setDMS($this);
			array_push($categories, $cat);
		}

		return $categories;
	} /* }}} */

	function getAllUserKeywordCategories($userID) { /* {{{ */
		$queryStr = "SELECT * FROM tblKeywordCategories";
		if ($userID != -1)
			$queryStr .= " WHERE owner = " . $userID;

		$resArr = $this->db->getResultArray($queryStr);
		if (is_bool($resArr) && !$resArr)
			return false;

		$categories = array();
		foreach ($resArr as $row) {
			$cat = new LetoDMS_KeywordCategory($row["id"], $row["owner"], $row["name"]);
			$cat->setDMS($this);
			array_push($categories, $cat);
		}

		return $categories;
	} /* }}} */

	function addKeywordCategory($owner, $name) { /* {{{ */
		if (is_object($this->getKeywordCategoryByName($name, $owner))) {
			return false;
		}
		$queryStr = "INSERT INTO tblKeywordCategories (owner, name) VALUES ($owner, '$name')";
		if (!$this->db->getResult($queryStr))
			return false;

		return $this->getKeywordCategory($this->db->getInsertID());
	} /* }}} */

}
?>