+++ /dev/null
-<?php
-
- class mw_data_users extends mw_data{
-
- var $users;
- var $user;
- var $roles;
- var $actions_roles;
-
- # ----------------------------------------------------------------------------------------
- # users
- #
-
- function users($start = 0, $alpha = null, $id_role = null){
- $sgbd = $this->sgbd();
- $env = $this->env();
- $users = array("list" => array(), "total" => 0);
- try{
- $SELECT = "SELECT #--users.*";
- $FROM = " FROM #--users";
- $WHERE = "";
- $WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : "");
- if(isset($id_role)){
- $SELECT .= ", #--users_roles.id_role";
- $FROM .=
- " LEFT JOIN #--users_roles ON ("
- ." #--users_roles.id_user=#--users.id"
- ." AND #--users_roles.id_role=".$this->eq($id_role)
- .")";
- $WHERE .= ($WHERE ? " AND" : " WHERE")." mw_users_roles.id_role IS NOT NULL";
- }
- $LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : "");
- $sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res";
- $rst = $sgbd->query($sql);
- if($v_rst = $sgbd->fetch_assoc($rst)) $users["total"] = $v_rst["n"];
- $sgbd->free_result($rst);
- if($users["total"] > 0){
- $sql = "SELECT * FROM(".$SELECT.$FROM.$WHERE.$LIMIT.") res";
- $rst = $sgbd->query($sql);
- while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst;
- $sgbd->free_result($rst);
- foreach($users["list"] as $id_user => $user){
- if(($roles = $this->list_user_roles($id_user)) !== false){
- $users["list"][$id_user]["roles"] = $roles;
- }
- else{
- $users = false;
- break;
- }
- }
- }
- }
- catch(Exception $e) { $users = false; }
- return $users;
- }
-
- function list_user_roles($id_user){
- $sgbd = $this->sgbd();
- $roles = array();
- try{
- $rst = $sgbd->query("SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($id_user));
- while($v_rst = $sgbd->fetch_assoc($rst)) $roles[] = $v_rst["id_role"];
- $sgbd->free_result($rst);
- }
- catch(Exception $e) { $roles = false; }
- return $roles;
- }
-
- function user_by_id($id){
- $env = $this->env();
- $user = $env->get_model("users");
- if($user->load("id", $id) === false) return false;
- return $user->get_values();
- }
-
- function user($login){
- $env = $this->env();
- $user = $env->get_model("users");
- if($user->load("login", $login) === false) return false;
- return $user->get_values();
- }
-
- function user_exists($login){
- $sgbd = $this->sgbd();
- $EXISTS = 0;
- try{
- $sql = "SELECT count(*) as n from #--users WHERE login=".$this->eq($login);
- $rst = $sgbd->query($sql);
- if($v_rst = $sgbd->fetch_assoc($rst)) $EXISTS = $v_rst["n"];
- $sgbd->free_result($rst);
- }
- catch(Exception $e) { $EXISTS = false; }
- return $EXISTS;
- }
-
- function add_user($login, $password, $email, $roles){
- $sgbd = $this->sgbd();
- $user_id = false;
- try{
- $sql =
- "INSERT INTO #--users(login, password, email) VALUES"
- ."( ".$this->eq($login)
- .", ".$this->eq($password)
- .", ".$this->eq($email)
- .")";
- $sgbd->query($sql);
- $user_id = $sgbd->insert_id();
- foreach($roles as $id_role){
- $sql =
- "INSERT INTO #--users_roles(id_user, id_role) VALUES"
- ."( ".$user_id
- .", ".$this->eq($id_role)
- .")";
- $sgbd->query($sql);
- }
- }
- catch(Exception $e) { $user_id = false; }
- return $user_id;
- }
-
- function set_user($id, $login, $password, $email, $roles){
- $sgbd = $this->sgbd();
- try{
- $sql =
- "UPDATE #--users SET"
- ." login=".$this->eq($login)
- .", password=".$this->eq($password)
- .", email=".$this->eq($email)
- ." WHERE id=".$this->eq($id);
- $sgbd->query($sql);
- if(!$this->clear_user_roles($id)) return false;
- foreach($roles as $id_role){
- if(!$this->add_user_role($id, $id_role)) return false;
- }
- }
- catch(Exception $e) { return false; }
- return true;
- }
-
- function clear_user_roles($id_user){
- $sgbd = $this->sgbd();
- try{
- $sql = "DELETE FROM #--users_roles WHERE id_user=".$this->eq($id_user);
- $sgbd->query($sql);
- }
- catch(Exception $e) { return false; }
- return true;
- }
-
- function add_user_role($id_user, $id_role){
- $sgbd = $this->sgbd();
- try{
- $sql =
- "INSERT INTO #--users_roles(id_user, id_role) VALUES"
- ."( ".$this->eq($id_user)
- .", ".$this->eq($id_role)
- .")";
- $sgbd->query($sql);
- }
- catch(Exception $e) { return false; }
- return true;
- }
-
- function del_user($login){
- if(($user = $this->user($login)) !== false){
- $sgbd = $this->sgbd();
- try{
- $sql = "DELETE FROM #--users_roles WHERE id_user=".$user["id"];
- $sgbd->query($sql);
- $sql = "DELETE FROM #--users WHERE login=".$this->eq($login)." AND id=".$user["id"];
- $sgbd->query($sql);
- }
- catch(Exception $e) { return false; }
- }
- else return false;
- return true;
- }
-
- # ----------------------------------------------------------------------------------------
- # roles
- #
-
- function init_roles(){
- $sgbd = $this->sgbd();
- $this->roles = array();
- try{
- $sql = "SELECT * FROM #--roles";
- $rst = $sgbd->query($sql);
- while($v_rst = $sgbd->fetch_assoc($rst)) $this->roles[$v_rst["id"]] = $v_rst;
- $sgbd->free_result($rst);
- }
- catch(Exception $e) { $this->roles = false; }
- return $this->roles;
- }
-
- function roles(){
- if(!isset($this->roles)) return false;
- return $this->roles;
- }
-
- function add_role($nom, $intitule){
- $sgbd = $this->sgbd();
- try{
- $sql =
- "INSERT INTO #--roles(nom, intitule) VALUES("
- ." ".$this->eq($nom)
- .", ".$this->eq($intitule)
- .")";
- $rst = $sgbd->query($sql);
- $id_role = $sgbd->insert_id();
- }
- catch(Exception $e) { $id_role = false; }
- return $id_role;
- }
-
- function get_role($id){
- if($id === "0") return array(
- "id" => 0,
- "nom" => "",
- "intitule" => ""
- );
- $sgbd = $this->sgbd();
- $role = array();
- try{
- $sql = "SELECT * FROM #--roles WHERE id=".$this->eq($id);
- $rst = $sgbd->query($sql);
- if($v_rst = $sgbd->fetch_assoc($rst)) $role = $v_rst;
- $sgbd->free_result($rst);
- }
- catch(Exception $e) { $role = false; }
- return $role;
- }
-
- function set_role($id, $nom, $intitule){
- $sgbd = $this->sgbd();
- try{
- $sql =
- "UPDATE #--roles SET"
- ." nom=".$this->eq($nom)
- .", intitule=".$this->eq($intitule)
- ." WHERE id=".$this->eq($id);
- $rst = $sgbd->query($sql);
- }
- catch(Exception $e) { return false; }
- return true;
- }
-
- function clear_role_actions($id_role){
- $sgbd = $this->sgbd();
- try{
- $sql = "DELETE FROM #--actions_roles WHERE id_role=".$this->eq($id_role);
- $sgbd->query($sql);
- }
- catch(Exception $e) { return false; }
- return true;
- }
-
- function clear_role_users($id_role){
- $sgbd = $this->sgbd();
- try{
- $sql = "DELETE FROM #--users_roles WHERE id_role=".$this->eq($id_role);
- $sgbd->query($sql);
- }
- catch(Exception $e) { return false; }
- return true;
- }
-
- function add_role_action($id_role, $action){
- $sgbd = $this->sgbd();
- try{
- $sql = "INSERT INTO #--actions_roles(action, id_role) VALUES(".$this->eq($action).", ".$this->eq($id_role).")";
- $sgbd->query($sql);
- $id_action_role = $sgbd->insert_id();
- }
- catch(Exception $e) { $id_action_role = false; }
- return $id_action_role;
- }
-
- function del_role($id_role){
- $sgbd = $this->sgbd();
- try{
- $sql = "DELETE FROM #--roles WHERE id=".$this->eq($id_role);
- $sgbd->query($sql);
- }
- catch(Exception $e) { return false; }
- return true;
- }
-
- function get_user_roles(){
- $user_roles = array();
- $user = $this->get_session_user();
- if($user && isset($user["id"])){
- $sgbd = $this->sgbd();
- try{
- $sql = "SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($user["id"]);
- $rst = $sgbd->query($sql);
- while($v_rst = $sgbd->fetch_assoc($rst)) $user_roles[] = $v_rst["id_role"];
- $sgbd->free_result($rst);
- }
- catch(Exception $_e){ return false; }
- }
- else $user_roles[] = 0;
- if(!$user_roles) $user_roles[] = 0;
- return $user_roles;
- }
-
- function init_actions_roles(){
- if(!isset($this->roles)) return false;
- $this->actions_roles = $this->read_actions_roles();
- return $this->actions_roles;
- }
-
- function read_actions_roles($params = array()){
- $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false;
- $sgbd = $this->sgbd();
- $actions_roles = array();
- try{
- $sql = "SELECT * FROM #--actions_roles";
- $rst = $sgbd->query($sql);
- while($v_rst = $sgbd->fetch_assoc($rst)){
- if($group_by_action){
- if(!isset($actions_roles[$v_rst["action"]])) $actions_roles[$v_rst["action"]] = array();
- $actions_roles[$v_rst["action"]][] = $v_rst["id_role"];
- }
- else $actions_roles[$v_rst["id"]] = $v_rst;
- }
- $sgbd->free_result($rst);
- }
- catch(Exception $e) { $actions_roles = false; }
- return $actions_roles;
- }
-
- function get_action_roles($mod, $controller = "index", $action = "index"){
- $sgbd = $this->sgbd();
- $roles = array();
- try{
- $sql =
- "SELECT action, id_role"
- ." FROM #--actions_roles"
- ." WHERE action=".$this->eq($mod)
- ." OR action=".$this->eq($mod."/".$controller)
- ." OR action=".$this->eq($mod."/".$controller."/".$action);
- $rst = $sgbd->query($sql);
- while($v_rst = $sgbd->fetch_assoc($rst)){
- if(!isset($roles[$v_rst["action"]])) $roles[$v_rst["action"]] = array();
- $roles[$v_rst["action"]][$v_rst["id_role"]] = true;
- }
- $sgbd->free_result($rst);
- }
- catch(Exception $e) { $roles = false; }
- return $roles;
- }
-
- function get_actions($id_role = null){
- $env = $this->env();
- if($actions = $env->get_actions()){
- if(($actions_roles = $this->read_actions_roles(array("group_by_action" => true))) !== false){
- foreach($actions as $module_name => $module){
- if(isset($id_role)) $actions[$module_name]["module_allowed"] =
- isset($actions_roles[$module_name])
- && in_array($id_role, $actions_roles[$module_name]);
- $actions[$module_name]["is_public"] =
- isset($actions_roles[$module_name])
- && in_array(0, $actions_roles[$module_name]);
- foreach($module["controleurs"] as $controleur_name => $controleur){
- if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] =
- isset($actions_roles[$module_name."/".$controleur_name])
- && in_array($id_role, $actions_roles[$module_name."/".$controleur_name]);
- $actions[$module_name]["controleurs"][$controleur_name]["is_public"] =
- isset($actions_roles[$module_name."/".$controleur_name])
- && in_array(0, $actions_roles[$module_name."/".$controleur_name]);
- foreach($controleur["als"] as $index_als => $al){
- if($al["actions"]){
- if(isset($id_role)){
- $HAS_ACTION_NOT_ALLOWED = false;
- foreach($al["actions"] as $action_name){
- if(
- !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name])
- || !in_array($id_role, $actions_roles[$module_name."/".$controleur_name."/".$action_name])
- ){
- $HAS_ACTION_NOT_ALLOWED = true;
- break;
- }
- }
- if(!$HAS_ACTION_NOT_ALLOWED){
- $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true;
- }
- }
- $HAS_ACTION_NOT_ALLOWED = false;
- foreach($al["actions"] as $action_name){
- if(
- !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name])
- || !in_array(0, $actions_roles[$module_name."/".$controleur_name."/".$action_name])
- ){
- $HAS_ACTION_NOT_ALLOWED = true;
- break;
- }
- }
- if(!$HAS_ACTION_NOT_ALLOWED){
- $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true;
- }
- }
- }
- }
- }
- return $actions;
- }
- }
- return array();
- }
-
- }
-
-?>
\ No newline at end of file