mirror of
https://git.code.sf.net/p/seeddms/code
synced 2024-11-26 15:32:13 +00:00
382 lines
10 KiB
PHP
382 lines
10 KiB
PHP
<?php
|
||
/**
|
||
* Implementation of a access control list.
|
||
*
|
||
* SeedDMS uses access control list for setting permission,
|
||
* on various operations.
|
||
*
|
||
* @category DMS
|
||
* @package SeedDMS
|
||
* @license GPL 2
|
||
* @version @version@
|
||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||
* @copyright 2016 Uwe Steinmann
|
||
* @version Release: @package_version@
|
||
*/
|
||
|
||
/**
|
||
* Class to represent an access request object
|
||
*
|
||
* This class provides a model for access request objects.
|
||
*
|
||
* @category DMS
|
||
* @package SeedDMS
|
||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||
* @copyright 2016 Uwe Steinmann
|
||
* @version Release: @package_version@
|
||
*/
|
||
class SeedDMS_Acl { /* {{{ */
|
||
/**
|
||
* @var object $dms reference to dms object.
|
||
* @access public
|
||
*/
|
||
public $_dms;
|
||
|
||
/**
|
||
* Create a new instance of an acl
|
||
*
|
||
* @param object $dms object of dms
|
||
* @return object instance of SeedDMS_Acl
|
||
*/
|
||
public function __construct($dms) { /* {{{ */
|
||
$this->_dms = $dms;
|
||
} /* }}} */
|
||
|
||
public function check($aro, $aco) { /* {{{ */
|
||
$db = $this->_dms->getDB();
|
||
|
||
while($aco) {
|
||
$acoid = $aco->getID();
|
||
$queryStr = "SELECT * FROM tblArosAcos WHERE aro=".$aro->getID()." AND aco=".$acoid;
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return false;
|
||
if (count($resArr) == 1)
|
||
return($resArr[0]['read'] == 1 ? true : false);
|
||
|
||
$aco = $aco->getParent();
|
||
}
|
||
|
||
return false;
|
||
} /* }}} */
|
||
|
||
public function toggle($aro, $aco) { /* {{{ */
|
||
$db = $this->_dms->getDB();
|
||
$queryStr = "SELECT * FROM tblArosAcos WHERE aro=".$aro->getID()." AND aco=".$aco->getID();
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return false;
|
||
if (count($resArr) != 1)
|
||
return false;
|
||
$resArr = $resArr[0];
|
||
|
||
$newperm = $resArr['read'] == 1 ? -1 : 1;
|
||
$queryStr = "UPDATE tblArosAcos SET `read`=".$newperm." WHERE aro=".$aro->getID()." AND aco=".$aco->getID();
|
||
if (!$db->getResult($queryStr))
|
||
return false;
|
||
return true;
|
||
|
||
} /* }}} */
|
||
|
||
public function add($aro, $aco, $perm=-1) { /* {{{ */
|
||
$db = $this->_dms->getDB();
|
||
$queryStr = "SELECT * FROM tblArosAcos WHERE aro=".$aro->getID()." AND aco=".$aco->getID();
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return false;
|
||
if (count($resArr) == 1) {
|
||
$resArr = $resArr[0];
|
||
|
||
$newperm = $resArr['read'] == 1 ? -1 : 1;
|
||
$queryStr = "UPDATE tblArosAcos SET `read`=".$newperm." WHERE aro=".$aro->getID()." AND aco=".$aco->getID();
|
||
if (!$db->getResult($queryStr))
|
||
return false;
|
||
} else {
|
||
$queryStr = "INSERT INTO tblArosAcos (`aro`, `aco`, `read`) VALUES (".$aro->getID().", ".$aco->getID().", ".$perm.")";
|
||
if (!$db->getResult($queryStr))
|
||
return false;
|
||
}
|
||
return true;
|
||
|
||
} /* }}} */
|
||
|
||
public function remove($aro, $aco) { /* {{{ */
|
||
$db = $this->_dms->getDB();
|
||
$queryStr = "DELETE FROM tblArosAcos WHERE aro=".$aro->getID()." AND aco=".$aco->getID();
|
||
if (!$db->getResult($queryStr))
|
||
return false;
|
||
return true;
|
||
} /* }}} */
|
||
} /* }}} */
|
||
|
||
/**
|
||
* Class to represent an access request/controll object
|
||
*
|
||
* This class provides a model for access request/controll objects.
|
||
*
|
||
* @category DMS
|
||
* @package SeedDMS
|
||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||
* @copyright 2016 Uwe Steinmann
|
||
* @version Release: @package_version@
|
||
*/
|
||
class SeedDMS_AroAco { /* {{{ */
|
||
/**
|
||
* @var object $dms reference to dms object.
|
||
* @access protected
|
||
*/
|
||
public $_dms;
|
||
|
||
/**
|
||
* @var integer id of access request object
|
||
*/
|
||
protected $_id;
|
||
|
||
/**
|
||
* @var integer id of parent of access request object
|
||
*/
|
||
protected $_parent;
|
||
|
||
/**
|
||
* @var string alias of access request object
|
||
*/
|
||
protected $_alias;
|
||
|
||
/**
|
||
* @var object object of access request object
|
||
*/
|
||
protected $_object;
|
||
|
||
/**
|
||
* Create a new instance of an aro
|
||
*
|
||
* @param object $dms object of dms
|
||
* @return object instance of SeedDMS_Aco
|
||
*/
|
||
function __construct($dms, $id, $parent, $object, $alias) { /* {{{ */
|
||
$this->_dmѕ = $dms;
|
||
$this->_id = $id;
|
||
$this->_parent = $parent;
|
||
$this->_object = $object;
|
||
$this->_alias = $alias;
|
||
} /* }}} */
|
||
|
||
public function setDMS($dms) { /* {{{ */
|
||
$this->_dms = $dms;
|
||
} /* }}} */
|
||
|
||
public function getDMS() { /* {{{ */
|
||
return($this->_dms);
|
||
} /* }}} */
|
||
|
||
public function getID() { /* {{{ */
|
||
return $this->_id;
|
||
} /* }}} */
|
||
|
||
public function getAlias() { /* {{{ */
|
||
return $this->_alias;
|
||
} /* }}} */
|
||
|
||
public function getObject() { /* {{{ */
|
||
return $this->_object;
|
||
} /* }}} */
|
||
} /* }}} */
|
||
|
||
/**
|
||
* Class to represent an access request object
|
||
*
|
||
* This class provides a model for access request objects.
|
||
*
|
||
* @category DMS
|
||
* @package SeedDMS
|
||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||
* @copyright 2016 Uwe Steinmann
|
||
* @version Release: @package_version@
|
||
*/
|
||
class SeedDMS_Aro extends SeedDMS_AroAco { /* {{{ */
|
||
|
||
/**
|
||
* Create a new instance of an aro
|
||
*
|
||
* @param object $dms object to access the underlying database
|
||
* @return object instance of SeedDMS_Aro
|
||
*/
|
||
public static function getInstance($id, $dms) { /* {{{ */
|
||
$db = $dms->getDB();
|
||
if(is_int($id)) {
|
||
$queryStr = "SELECT * FROM tblAros WHERE id = " . (int) $id;
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return null;
|
||
if (count($resArr) != 1)
|
||
return null;
|
||
$resArr = $resArr[0];
|
||
} elseif(is_object($id)) {
|
||
if($dms->getClassname('role') == get_class($id)) {
|
||
$model = 'Role';
|
||
$queryStr = "SELECT * FROM tblAros WHERE model=".$db->qstr($model)." AND foreignid=".$id->getID();
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return null;
|
||
if (count($resArr) == 0) {
|
||
$queryStr = "INSERT INTO tblAros (parent, model, foreignid) VALUES (0, ".$db->qstr($model).", ".$id->getID().")";
|
||
if (!$db->getResult($queryStr))
|
||
return null;
|
||
$id = $db->getInsertID();
|
||
$queryStr = "SELECT * FROM tblAros WHERE id = " . $id;
|
||
$resArr = $db->getResultArray($queryStr);
|
||
}
|
||
$resArr = $resArr[0];
|
||
} else {
|
||
return null;
|
||
}
|
||
}
|
||
|
||
if($resArr['model'] == 'Role') {
|
||
$classname = $dms->getClassname('role');
|
||
$object = $classname::getInstance($resArr['foreignid'], $dms);
|
||
} else {
|
||
$object = null;
|
||
}
|
||
|
||
$aro = new SeedDMS_Aro($dms, $resArr["id"], $resArr['parent'], $object, $resArr['alias']);
|
||
$aro->setDMS($dms);
|
||
return $aro;
|
||
} /* }}} */
|
||
|
||
} /* }}} */
|
||
|
||
/**
|
||
* Class to represent an access control object
|
||
*
|
||
* This class provides a model for access control objects.
|
||
*
|
||
* @category DMS
|
||
* @package SeedDMS
|
||
* @author Uwe Steinmann <uwe@steinmann.cx>
|
||
* @copyright 2016 Uwe Steinmann
|
||
* @version Release: @package_version@
|
||
*/
|
||
class SeedDMS_Aco extends SeedDMS_AroAco{ /* {{{ */
|
||
|
||
/**
|
||
* Create a new instance of an aco
|
||
*
|
||
* @param object $dms object to access the underlying database
|
||
* @return object instance of SeedDMS_Aco
|
||
*/
|
||
public static function getInstance($id, $dms) { /* {{{ */
|
||
$db = $dms->getDB();
|
||
if(is_int($id)) {
|
||
$queryStr = "SELECT * FROM tblAcos WHERE id = " . (int) $id;
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return null;
|
||
if (count($resArr) == 0) {
|
||
return null;
|
||
}
|
||
$resArr = $resArr[0];
|
||
} elseif(is_string($id)) {
|
||
$tmp = explode('/', $id);
|
||
$parentid = 0;
|
||
foreach($tmp as $part) {
|
||
$queryStr = "SELECT * FROM tblAcos WHERE alias = " . $db->qstr($part);
|
||
// if($parentid)
|
||
$queryStr .= " AND parent=".$parentid;
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return null;
|
||
if (count($resArr) == 0) {
|
||
$queryStr = "INSERT INTO tblAcos (parent, alias) VALUES (".$parentid.",".$db->qstr($part).")";
|
||
if (!$db->getResult($queryStr))
|
||
return null;
|
||
$id = $db->getInsertID();
|
||
$queryStr = "SELECT * FROM tblAcos WHERE id = " . $id;
|
||
$resArr = $db->getResultArray($queryStr);
|
||
}
|
||
$parentid = (int) $resArr[0]['id'];
|
||
}
|
||
$resArr = $resArr[0];
|
||
}
|
||
|
||
if($resArr['model'] == 'Document') {
|
||
$classname = $dms->getClassname('document');
|
||
$object = $classname::getInstance($resArr['foreignid'], $dms);
|
||
} elseif($resArr['model'] == 'Folder') {
|
||
$classname = $dms->getClassname('focument');
|
||
$object = $classname::getInstance($resArr['foreignid'], $dms);
|
||
} else {
|
||
$object = null;
|
||
}
|
||
|
||
$aco = new SeedDMS_Aco($dms, $resArr["id"], $resArr['parent'], $object, $resArr['alias']);
|
||
$aco->setDMS($dms);
|
||
return $aco;
|
||
} /* }}} */
|
||
|
||
public function getChildren() { /* {{{ */
|
||
$dms = $this->getDMS();
|
||
$db = $dms->getDB();
|
||
$queryStr = "SELECT * FROM tblAcos WHERE parent = ".$this->_id." ORDER BY alias";
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return null;
|
||
if (count($resArr) == 0)
|
||
return null;
|
||
|
||
$acos = array();
|
||
foreach($resArr as $row) {
|
||
$aco = new SeedDMS_Aco($dms, $row["id"], $row['parent'], null, $row['alias']);
|
||
$aco->setDMS($dms);
|
||
$acos[] = $aco;
|
||
}
|
||
return $acos;
|
||
} /* }}} */
|
||
|
||
public function getPermission($aro) { /* {{{ */
|
||
if(!$aro)
|
||
return 0;
|
||
$dms = $this->getDMS();
|
||
$db = $dms->getDB();
|
||
$queryStr = "SELECT * FROM tblArosAcos WHERE aro=".$aro->getID()." AND aco=".$this->_id;
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return false;
|
||
if (count($resArr) != 1)
|
||
return 0;
|
||
return $resArr[0]['read'];
|
||
} /* }}} */
|
||
|
||
public static function getRoot($dms) { /* {{{ */
|
||
$db = $dms->getDB();
|
||
$queryStr = "SELECT * FROM tblAcos WHERE parent = 0 ORDER BY alias";
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return null;
|
||
|
||
$acos = array();
|
||
foreach($resArr as $row) {
|
||
$aco = new SeedDMS_Aco($dms, $row["id"], $row['parent'], null, $row['alias']);
|
||
$aco->setDMS($dms);
|
||
$acos[] = $aco;
|
||
}
|
||
return $acos;
|
||
} /* }}} */
|
||
|
||
public function getParent() { /* {{{ */
|
||
$dms = $this->getDMS();
|
||
$db = $dms->getDB();
|
||
$queryStr = "SELECT * FROM tblAcos WHERE id = ".$this->_parent;
|
||
$resArr = $db->getResultArray($queryStr);
|
||
if (is_bool($resArr) && $resArr === false)
|
||
return null;
|
||
if (count($resArr) != 1)
|
||
return null;
|
||
|
||
$row = $resArr[0];
|
||
$aco = new SeedDMS_Aco($dms, $row["id"], $row['parent'], null, $row['alias']);
|
||
$aco->setDMS($dms);
|
||
return $aco;
|
||
} /* }}} */
|
||
} /* }}} */
|