X-Git-Url: http://git.dj3c1t.com/?a=blobdiff_plain;f=mw%2Fapp%2Fdata%2Fmodules%2Fsql%2Fmw_data_users.php;h=32bc0c558e7cdd8c1028a5441354fb6d44240050;hb=5dfe5e84a7007ddd9737707ce15f0155e6415066;hp=4288db73c64a552be343f6998561b4d3518571f4;hpb=37006f4b48170e3d2ee7ac4d1e7dd47df57734e9;p=mtweb diff --git a/mw/app/data/modules/sql/mw_data_users.php b/mw/app/data/modules/sql/mw_data_users.php index 4288db7..32bc0c5 100644 --- a/mw/app/data/modules/sql/mw_data_users.php +++ b/mw/app/data/modules/sql/mw_data_users.php @@ -3,24 +3,32 @@ class mw_data_users extends mw_data{ var $users; - var $_user; - var $user_status; - var $action_status; + var $user; + var $roles; + var $actions_roles; # ---------------------------------------------------------------------------------------- # users # - function users($start = 0, $alpha = null, $status = null){ + function users($start = 0, $alpha = null, $id_role = null){ $sgbd = $this->sgbd(); $env = $this->env(); $users = array("list" => array(), "total" => 0); try{ - $SELECT = "SELECT *"; + $SELECT = "SELECT #--users.*"; $FROM = " FROM #--users"; $WHERE = ""; $WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : ""); - $WHERE .= (isset($status) ? ($WHERE ? " AND" : " WHERE")." status=".$this->eq($status) : ""); + if(isset($id_role)){ + $SELECT .= ", #--users_roles.id_role"; + $FROM .= + " LEFT JOIN #--users_roles ON (" + ." #--users_roles.id_user=#--users.id" + ." AND #--users_roles.id_role=".$this->eq($id_role) + .")"; + $WHERE .= ($WHERE ? " AND" : " WHERE")." mw_users_roles.id_role IS NOT NULL"; + } $LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : ""); $sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res"; $rst = $sgbd->query($sql); @@ -31,12 +39,33 @@ $rst = $sgbd->query($sql); while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst; $sgbd->free_result($rst); + foreach($users["list"] as $id_user => $user){ + if(($roles = $this->list_user_roles($id_user)) !== false){ + $users["list"][$id_user]["roles"] = $roles; + } + else{ + $users = false; + break; + } + } } } catch(Exception $e) { $users = false; } return $users; } + function list_user_roles($id_user){ + $sgbd = $this->sgbd(); + $roles = array(); + try{ + $rst = $sgbd->query("SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($id_user)); + while($v_rst = $sgbd->fetch_assoc($rst)) $roles[] = $v_rst["id_role"]; + $sgbd->free_result($rst); + } + catch(Exception $e) { $roles = false; } + return $roles; + } + function user_by_id($id){ $sgbd = $this->sgbd(); $user = array(); @@ -45,6 +74,8 @@ $rst = $sgbd->query($sql); if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst; $sgbd->free_result($rst); + if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles; + else $user = false; } catch(Exception $e) { $user = false; } return $user; @@ -58,6 +89,10 @@ $rst = $sgbd->query($sql); if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst; $sgbd->free_result($rst); + if($user){ + if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles; + else $user = false; + } } catch(Exception $e) { $user = false; } return $user; @@ -76,25 +111,32 @@ return $EXISTS; } - function add_user($login, $password, $email, $status){ + function add_user($login, $password, $email, $roles){ $sgbd = $this->sgbd(); $user_id = false; try{ $sql = - "INSERT INTO #--users(login, password, email, status) VALUES" + "INSERT INTO #--users(login, password, email) VALUES" ."( ".$this->eq($login) .", ".$this->eq($password) .", ".$this->eq($email) - .", ".$status .")"; $sgbd->query($sql); $user_id = $sgbd->insert_id(); + foreach($roles as $id_role){ + $sql = + "INSERT INTO #--users_roles(id_user, id_role) VALUES" + ."( ".$user_id + .", ".$this->eq($id_role) + .")"; + $sgbd->query($sql); + } } catch(Exception $e) { $user_id = false; } return $user_id; } - function set_user($id, $login, $password, $email, $status){ + function set_user($id, $login, $password, $email, $roles){ $sgbd = $this->sgbd(); try{ $sql = @@ -102,98 +144,269 @@ ." login=".$this->eq($login) .", password=".$this->eq($password) .", email=".$this->eq($email) - .", status=".$status - ." WHERE id=".$id; + ." WHERE id=".$this->eq($id); $sgbd->query($sql); + $sql = "DELETE FROM #--users_roles WHERE id_user=".$this->eq($id); + $sgbd->query($sql); + foreach($roles as $id_role){ + $sql = + "INSERT INTO #--users_roles(id_user, id_role) VALUES" + ."( ".$this->eq($id) + .", ".$this->eq($id_role) + .")"; + $sgbd->query($sql); + } } catch(Exception $e) { return false; } return true; } function del_user($login){ - $sgbd = $this->sgbd(); - try{ - $sql = "DELETE FROM #--users WHERE login=".$this->eq($login); - $sgbd->query($sql); + if(($user = $this->user($login)) !== false){ + $sgbd = $this->sgbd(); + try{ + $sql = "DELETE FROM #--users_roles WHERE id_user=".$user["id"]; + $sgbd->query($sql); + $sql = "DELETE FROM #--users WHERE login=".$this->eq($login)." AND id=".$user["id"]; + $sgbd->query($sql); + } + catch(Exception $e) { return false; } } - catch(Exception $e) { return false; } + else return false; return true; } # ---------------------------------------------------------------------------------------- - # status + # roles # - function status(){ - if(!isset($this->user_status)) return false; - return $this->user_status; + function init_roles(){ + $sgbd = $this->sgbd(); + $this->roles = array(); + try{ + $sql = "SELECT * FROM #--roles"; + $rst = $sgbd->query($sql); + while($v_rst = $sgbd->fetch_assoc($rst)) $this->roles[$v_rst["id"]] = $v_rst; + $sgbd->free_result($rst); + } + catch(Exception $e) { $this->roles = false; } + return $this->roles; + } + + function roles(){ + if(!isset($this->roles)) return false; + return $this->roles; } - function init_user_status($status = array()){ + function add_role($nom, $intitule){ $sgbd = $this->sgbd(); - $this->user_status = array(); try{ - $sql = "SELECT * FROM #--user_status"; + $sql = + "INSERT INTO #--roles(nom, intitule) VALUES(" + ." ".$this->eq($nom) + .", ".$this->eq($intitule) + .")"; $rst = $sgbd->query($sql); - while($v_rst = $sgbd->fetch_assoc($rst)) $this->user_status[$v_rst["id"]] = $v_rst; - $sgbd->free_result($rst); + $id_role = $sgbd->insert_id(); } - catch(Exception $e) { $this->user_status = false; } - return $this->user_status; + catch(Exception $e) { $id_role = false; } + return $id_role; } - function init_action_status($status = array()){ - if(!isset($this->user_status)) return false; + function get_role($id){ + if($id === "0") return array( + "id" => 0, + "nom" => "", + "intitule" => "" + ); $sgbd = $this->sgbd(); - $this->action_status = array(); + $role = array(); try{ - $sql = "SELECT * FROM #--action_status"; + $sql = "SELECT * FROM #--roles WHERE id=".$this->eq($id); $rst = $sgbd->query($sql); - while($v_rst = $sgbd->fetch_assoc($rst)) $this->action_status[$v_rst["id"]] = $v_rst; + if($v_rst = $sgbd->fetch_assoc($rst)) $role = $v_rst; $sgbd->free_result($rst); } - catch(Exception $e) { $this->action_status = false; } - return $this->action_status; + catch(Exception $e) { $role = false; } + return $role; + } + + function set_role($id, $nom, $intitule){ + $sgbd = $this->sgbd(); + try{ + $sql = + "UPDATE #--roles SET" + ." nom=".$this->eq($nom) + .", intitule=".$this->eq($intitule) + ." WHERE id=".$this->eq($id); + $rst = $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; } - function get_user_status(){ + function clear_role_actions($id_role){ + $sgbd = $this->sgbd(); + try{ + $sql = "DELETE FROM #--actions_roles WHERE id_role=".$this->eq($id_role); + $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; + } + + function clear_role_users($id_role){ + $sgbd = $this->sgbd(); + try{ + $sql = "DELETE FROM #--users_roles WHERE id_role=".$this->eq($id_role); + $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; + } + + function add_role_action($id_role, $action){ + $sgbd = $this->sgbd(); + try{ + $sql = "INSERT INTO #--actions_roles(action, id_role) VALUES(".$this->eq($action).", ".$this->eq($id_role).")"; + $sgbd->query($sql); + $id_action_role = $sgbd->insert_id(); + } + catch(Exception $e) { $id_action_role = false; } + return $id_action_role; + } + + function del_role($id_role){ + $sgbd = $this->sgbd(); + try{ + $sql = "DELETE FROM #--roles WHERE id=".$this->eq($id_role); + $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; + } + + function get_user_roles(){ + $user_roles = array(); $user = $this->get_session_user(); - if($user && isset($user["status"])) return $user["status"]; - return 0; + if($user && isset($user["id"])){ + $sgbd = $this->sgbd(); + try{ + $sql = "SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($user["id"]); + $rst = $sgbd->query($sql); + while($v_rst = $sgbd->fetch_assoc($rst)) $user_roles[] = $v_rst["id_role"]; + $sgbd->free_result($rst); + } + catch(Exception $_e){ return false; } + } + else $user_roles[] = 0; + if(!$user_roles) $user_roles[] = 0; + return $user_roles; } - function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){ + function init_actions_roles(){ + if(!isset($this->roles)) return false; + $this->actions_roles = $this->read_actions_roles(); + return $this->actions_roles; + } + + function read_actions_roles($params = array()){ + $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false; $sgbd = $this->sgbd(); - $status = array(); + $actions_roles = array(); try{ - $sql = - "SELECT action, id_status" - ." FROM #--action_status" - ." WHERE action=".$this->eq($mod) - ." OR action=".$this->eq($mod."/".$controller) - ." OR action=".$this->eq($mod."/".$controller."/".$action); + $sql = "SELECT * FROM #--actions_roles"; $rst = $sgbd->query($sql); while($v_rst = $sgbd->fetch_assoc($rst)){ - if(!isset($status[$v_rst["action"]])) $status[$v_rst["action"]] = array(); - $status[$v_rst["action"]][$v_rst["id_status"]] = true; + if($group_by_action){ + if(!isset($actions_roles[$v_rst["action"]])) $actions_roles[$v_rst["action"]] = array(); + $actions_roles[$v_rst["action"]][] = $v_rst["id_role"]; + } + else $actions_roles[$v_rst["id"]] = $v_rst; } $sgbd->free_result($rst); } - catch(Exception $e) { $status = false; } - return $status; + catch(Exception $e) { $actions_roles = false; } + return $actions_roles; } - function creation_default_status(){ + function get_action_roles($mod, $controller = "index", $action = "index"){ $sgbd = $this->sgbd(); - $default_status = 0; + $roles = array(); try{ - $sql = "SELECT id FROM #--user_status WHERE creation_default=1 LIMIT 0,1"; + $sql = + "SELECT action, id_role" + ." FROM #--actions_roles" + ." WHERE action=".$this->eq($mod) + ." OR action=".$this->eq($mod."/".$controller) + ." OR action=".$this->eq($mod."/".$controller."/".$action); $rst = $sgbd->query($sql); - if($v_rst = $sgbd->fetch_assoc($rst)) $default_status = $v_rst["id"]; + while($v_rst = $sgbd->fetch_assoc($rst)){ + if(!isset($roles[$v_rst["action"]])) $roles[$v_rst["action"]] = array(); + $roles[$v_rst["action"]][$v_rst["id_role"]] = true; + } $sgbd->free_result($rst); } - catch(Exception $e) { $default_status = false; } - return $default_status; + catch(Exception $e) { $roles = false; } + return $roles; + } + + function get_actions($id_role = null){ + $env = $this->env(); + if($actions = $env->get_actions()){ + if(($actions_roles = $this->read_actions_roles(array("group_by_action" => true))) !== false){ + foreach($actions as $module_name => $module){ + if(isset($id_role)) $actions[$module_name]["module_allowed"] = + isset($actions_roles[$module_name]) + && in_array($id_role, $actions_roles[$module_name]); + $actions[$module_name]["is_public"] = + isset($actions_roles[$module_name]) + && in_array(0, $actions_roles[$module_name]); + foreach($module["controleurs"] as $controleur_name => $controleur){ + if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] = + isset($actions_roles[$module_name."/".$controleur_name]) + && in_array($id_role, $actions_roles[$module_name."/".$controleur_name]); + $actions[$module_name]["controleurs"][$controleur_name]["is_public"] = + isset($actions_roles[$module_name."/".$controleur_name]) + && in_array(0, $actions_roles[$module_name."/".$controleur_name]); + foreach($controleur["als"] as $index_als => $al){ + if($al["actions"]){ + if(isset($id_role)){ + $HAS_ACTION_NOT_ALLOWED = false; + foreach($al["actions"] as $action_name){ + if( + !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name]) + || !in_array($id_role, $actions_roles[$module_name."/".$controleur_name."/".$action_name]) + ){ + $HAS_ACTION_NOT_ALLOWED = true; + break; + } + } + if(!$HAS_ACTION_NOT_ALLOWED){ + $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true; + } + } + $HAS_ACTION_NOT_ALLOWED = false; + foreach($al["actions"] as $action_name){ + if( + !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name]) + || !in_array(0, $actions_roles[$module_name."/".$controleur_name."/".$action_name]) + ){ + $HAS_ACTION_NOT_ALLOWED = true; + break; + } + } + if(!$HAS_ACTION_NOT_ALLOWED){ + $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true; + } + } + } + } + } + return $actions; + } + } + return array(); } # ---------------------------------------------------------------------------------------- @@ -237,20 +450,24 @@ function load_session(){ @session_start(); if(!isset($_SESSION["id"])) $this->clear_session(); - if( - $user = ( - isset($_COOKIE["user"]) || isset($_SESSION["user"]) ? - $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"]) - : array() - ) - ){ - if(isset($_COOKIE["user"])) $this->set_session($user); + $user = array(); + if(isset($_SESSION["user"])){ + $user = $this->user($_SESSION["user"]); + } + elseif(isset($_COOKIE["user"]) && isset($_COOKIE["pass"])){ + if($user = $this->user($_COOKIE["user"])){ + $user["password"] = $_COOKIE["pass"]; + $this->set_session($user); + } + } + if($user){ if(!$this->user_ok($user)){ $this->clear_session(); $user = array(); } } - $this->_user = $user; + else $user = array(); + $this->user = $user; return $user; } @@ -258,7 +475,9 @@ $_SESSION["user"] = $user["login"]; $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]); $env = $this->env(); - return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web")); + return + setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web")) + && setcookie("pass", $user["password"], time() + (60 * 60 * 24 * 7), $env->path("web")); } function clear_session(){ @@ -267,11 +486,13 @@ $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"]; $_SESSION["id"] = md5(rand()); $env = $this->env(); - return setcookie("user", "", 0, $env->path("web")); + return + setcookie("user", "", 0, $env->path("web")) + && setcookie("pass", "", 0, $env->path("web")); } function get_session_user(){ - return $this->_user; + return $this->user; } # ---------------------------------------------------------------------------------------- @@ -280,7 +501,8 @@ function check_user_uploads_dir($user = null){ $env = $this->env(); - $user_dir = $env->path("content")."uploads/".(isset($user) ? $user : $this->_user["id"]); + if((!isset($user) || !$user) && !isset($this->user["id"])) return false; + $user_dir = $env->path("content")."uploads/".(isset($user) && $user ? $user : $this->user["id"]); if(!file_exists($user_dir)) @mkdir($user_dir); return file_exists($user_dir); }