mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-05-11 12:11:19 +00:00
add class to handle access controll
This commit is contained in:
Uwe Steinmann
parent
3d76792239
commit
fb95d8f5ed
246
inc/inc.ClassAcl.php
Normal file
246
inc/inc.ClassAcl.php
Normal file
|
|
@ -0,0 +1,246 @@
|
|||
<?php
|
||||
/**
|
||||
* Implementation of a access control list.
|
||||
*
|
||||
* SeedDMS uses access control list for setting permission,
|
||||
* on various operations.
|
||||
*
|
||||
* @category DMS
|
||||
* @package SeedDMS
|
||||
* @license GPL 2
|
||||
* @version @version@
|
||||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||||
* @copyright 2016 Uwe Steinmann
|
||||
* @version Release: @package_version@
|
||||
*/
|
||||
|
||||
/**
|
||||
* Class to represent an access request object
|
||||
*
|
||||
* This class provides a model for access request objects.
|
||||
*
|
||||
* @category DMS
|
||||
* @package SeedDMS
|
||||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||||
* @copyright 2016 Uwe Steinmann
|
||||
* @version Release: @package_version@
|
||||
*/
|
||||
class SeedDMS_Acl {
|
||||
/**
|
||||
* @var object $dms reference to dms object.
|
||||
* @access protected
|
||||
*/
|
||||
protected $dms;
|
||||
|
||||
/**
|
||||
* Create a new instance of an acl
|
||||
*
|
||||
* @param object $dms object of dms
|
||||
* @return object instance of SeedDMS_Acl
|
||||
*/
|
||||
function __construct($dms) { /* {{{ */
|
||||
$this->dmѕ = $dms;
|
||||
} /* }}} */
|
||||
|
||||
public function check($aro, $aco) { /* {{{ */
|
||||
$db = $dms->getDB();
|
||||
$queryStr = "SELECT * FROM tblArosAcos WHERE aro=".$aro->getID()." AND aco=".$aco->getID();
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false)
|
||||
return false;
|
||||
if (count($resArr) != 1)
|
||||
return false;
|
||||
$resArr = $resArr[0];
|
||||
return($resArr['read'] == 1 ? true : false);
|
||||
|
||||
} /* }}} */
|
||||
}
|
||||
|
||||
/**
|
||||
* Class to represent an access request/controll object
|
||||
*
|
||||
* This class provides a model for access request/controll objects.
|
||||
*
|
||||
* @category DMS
|
||||
* @package SeedDMS
|
||||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||||
* @copyright 2016 Uwe Steinmann
|
||||
* @version Release: @package_version@
|
||||
*/
|
||||
class SeedDMS_AroAco { /* {{{ */
|
||||
/**
|
||||
* @var object $dms reference to dms object.
|
||||
* @access protected
|
||||
*/
|
||||
protected $dms;
|
||||
|
||||
/**
|
||||
* @var integer id of access request object
|
||||
*/
|
||||
protected $_id;
|
||||
|
||||
/**
|
||||
* @var string alias of access request object
|
||||
*/
|
||||
protected $_alias;
|
||||
|
||||
/**
|
||||
* @var object object of access request object
|
||||
*/
|
||||
protected $_object;
|
||||
|
||||
/**
|
||||
* Create a new instance of an aro
|
||||
*
|
||||
* @param object $dms object of dms
|
||||
* @return object instance of SeedDMS_Aco
|
||||
*/
|
||||
function __construct($dms, $id, $object, $alias) { /* {{{ */
|
||||
$this->dmѕ = $dms;
|
||||
$this->_id = $id;
|
||||
$this->_object = $object;
|
||||
$this->_alias = $alias;
|
||||
} /* }}} */
|
||||
|
||||
public function ѕetDMS($dms) { /* {{{ */
|
||||
$this->dms = $dms;
|
||||
} /* }}} */
|
||||
|
||||
public function getID() { /* {{{ */
|
||||
return $this->_id;
|
||||
} /* }}} */
|
||||
|
||||
public function getAlias() { /* {{{ */
|
||||
return $this->_alias;
|
||||
} /* }}} */
|
||||
|
||||
public function getObject() { /* {{{ */
|
||||
return $this->_object;
|
||||
} /* }}} */
|
||||
} /* }}} */
|
||||
|
||||
/**
|
||||
* Class to represent an access request object
|
||||
*
|
||||
* This class provides a model for access request objects.
|
||||
*
|
||||
* @category DMS
|
||||
* @package SeedDMS
|
||||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||||
* @copyright 2016 Uwe Steinmann
|
||||
* @version Release: @package_version@
|
||||
*/
|
||||
class SeedDMS_Aro extends SeedDMS_AroAco { /* {{{ */
|
||||
|
||||
/**
|
||||
* Create a new instance of an aro
|
||||
*
|
||||
* @param object $dms object to access the underlying database
|
||||
* @return object instance of SeedDMS_Aro
|
||||
*/
|
||||
function __construct($dms, $id, $object, $alias) { /* {{{ */
|
||||
parent::__construct($dms, $id, $object, $alias);
|
||||
} /* }}} */
|
||||
|
||||
public static function getInstance($id, $dms) { /* {{{ */
|
||||
$db = $dms->getDB();
|
||||
if(is_int($id)) {
|
||||
$queryStr = "SELECT * FROM tblAros WHERE id = " . (int) $id;
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false)
|
||||
return null;
|
||||
if (count($resArr) != 1)
|
||||
return null;
|
||||
$resArr = $resArr[0];
|
||||
} elseif(is_object($id)) {
|
||||
if($dms->getClassname('role') == get_class($id)) {
|
||||
$model = 'Role';
|
||||
$queryStr = "SELECT * FROM tblAros WHERE model=".$model." AND foreignid=".$id->getID();
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false)
|
||||
return null;
|
||||
if (count($resArr) != 1)
|
||||
return null;
|
||||
$parentid = $resArr[0]['parent'];
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
if($resArr['model'] == 'Group') {
|
||||
$classname = $dms->getClassname('group');
|
||||
$object = $classname::getInstance($resArr['foreignid'], $dms);
|
||||
} else {
|
||||
$object = null;
|
||||
}
|
||||
|
||||
$aro = new self($dms, $resArr["id"], $object, $resArr['alias']);
|
||||
return $aro;
|
||||
} /* }}} */
|
||||
|
||||
} /* }}} */
|
||||
|
||||
/**
|
||||
* Class to represent an access control object
|
||||
*
|
||||
* This class provides a model for access control objects.
|
||||
*
|
||||
* @category DMS
|
||||
* @package SeedDMS
|
||||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||||
* @copyright 2016 Uwe Steinmann
|
||||
* @version Release: @package_version@
|
||||
*/
|
||||
class SeedDMS_Aco extends SeedDMS_AroAco{ /* {{{ */
|
||||
|
||||
/**
|
||||
* Create a new instance of an aco
|
||||
*
|
||||
* @param object $dms object to access the underlying database
|
||||
* @return object instance of SeedDMS_Aco
|
||||
*/
|
||||
function __construct($dms, $id, $object, $alias) { /* {{{ */
|
||||
parent::__construct($dms, $id, $object, $alias);
|
||||
} /* }}} */
|
||||
|
||||
public static function getInstance($id, $dms) { /* {{{ */
|
||||
$db = $dms->getDB();
|
||||
if(is_int($id)) {
|
||||
$queryStr = "SELECT * FROM tblAcos WHERE id = " . (int) $id;
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false)
|
||||
return null;
|
||||
if (count($resArr) != 1)
|
||||
return null;
|
||||
$resArr = $resArr[0];
|
||||
} elseif(is_string($id)) {
|
||||
$tmp = explode('/', $id);
|
||||
$parentid = 0;
|
||||
foreach($tmp as $part) {
|
||||
$queryStr = "SELECT * FROM tblAcos WHERE alias = " . $db->qstr($part);
|
||||
if($parentid)
|
||||
$queryStr .= " AND parent=".$parentid;
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false)
|
||||
return null;
|
||||
if (count($resArr) != 1)
|
||||
return null;
|
||||
$parentid = $resArr[0]['parent'];
|
||||
}
|
||||
$resArr = $resArr[0];
|
||||
}
|
||||
|
||||
if($resArr['model'] == 'Document') {
|
||||
$classname = $dms->getClassname('document');
|
||||
$object = $classname::getInstance($resArr['foreignid'], $dms);
|
||||
} elseif($resArr['model'] == 'Folder') {
|
||||
$classname = $dms->getClassname('focument');
|
||||
$object = $classname::getInstance($resArr['foreignid'], $dms);
|
||||
} else {
|
||||
$object = null;
|
||||
}
|
||||
|
||||
$aco = new self($dms, $resArr["id"], $object, $resArr['alias']);
|
||||
return $aco;
|
||||
} /* }}} */
|
||||
} /* }}} */
|
||||
Loading…
Reference in New Issue
Block a user