X-Git-Url: http://git.dj3c1t.com/?a=blobdiff_plain;f=mw%2Fapp%2Fdata%2Fmodules%2Fxml%2Fmw_data_users.php;h=3bbffee86f2d74aec564a31bd1f92d2cb52ae68a;hb=e1b64e4088232b9d7b4acb2dc24279bb38fcafba;hp=70287a324fc1815518e79365a19e9095c9b0a020;hpb=677d11e9019f667a974d6f7d3ad464c7b1e09cf7;p=mtweb diff --git a/mw/app/data/modules/xml/mw_data_users.php b/mw/app/data/modules/xml/mw_data_users.php index 70287a3..3bbffee 100644 --- a/mw/app/data/modules/xml/mw_data_users.php +++ b/mw/app/data/modules/xml/mw_data_users.php @@ -3,24 +3,43 @@ class mw_data_users extends mw_data{ var $users; - var $_user; - var $user_status; - var $action_status; + var $user; + var $roles; + var $actions_roles; # ---------------------------------------------------------------------------------------- # users # - function users($start = 0, $alpha = null, $status = null){ + function users($start = 0, $alpha = null, $id_role = null){ $sgbd = $this->sgbd(); $env = $this->env(); $users = array("list" => array(), "total" => 0); + if(isset($id_role)){ + $role_users = array(); + if($rst = $sgbd->open_data("users_roles")){ + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(($v_rst["id_user"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){ + $role_users[] = $v_rst["id_user"]; + } + } + else{ + $role_users = false; + break; + } + } + $sgbd->close_data($rst); + } + else $role_users = false; + if($role_users === false) return false; + } $res = array(); if($rst = $sgbd->open_data("users")){ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ if(!isset($alpha) || (isset($v_rst["login"]) && strtolower(substr($v_rst["login"], 0, 1)) == strtolower($alpha))){ - if(!isset($status) || (isset($v_rst["status"]) && $v_rst["status"] == $status)){ + if(!isset($id_role) || in_array($id_role, $role_users)){ $res[$v_rst["id"]] = $v_rst; $users["total"]++; } @@ -42,6 +61,15 @@ $this->users[$user["id"]] = $user; } } + foreach($users["list"] as $id_user => $user){ + if(($roles = $this->list_user_roles($id_user)) !== false){ + $users["list"][$id_user]["roles"] = $roles; + } + else{ + $users = false; + break; + } + } } else $users = false; } @@ -49,12 +77,35 @@ return $users; } + function list_user_roles($id_user){ + $sgbd = $this->sgbd(); + $roles = array(); + if($rst = $sgbd->open_data("users_roles")){ + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id_user){ + $roles[] = $v_rst["id_role"]; + } + } + else{ + $roles = false; + break; + } + } + $sgbd->close_data($rst); + } + else $roles = false; + return $roles; + } + function user_by_id($id){ if(!isset($this->users)) $this->users = array(); if(isset($this->users[$id])) return $this->users[$id]; $sgbd = $this->sgbd(); if(($user = $sgbd->get_data("users", $id)) !== false){ $this->users[$id] = $user; + if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles; + else $user = false; } return $user; } @@ -73,6 +124,10 @@ else $user = false; } $sgbd->close_data($rst); + if($user){ + if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles; + else $user = false; + } } else $user = false; if($user !== false){ @@ -103,347 +158,370 @@ return $EXISTS; } - function add_user($login, $password, $email, $status){ + function add_user($login, $password, $email, $roles){ $sgbd = $this->sgbd(); - return $sgbd->add_data( - "users", - array( - "login" => $login, - "password" => $password, - "email" => $email, - "status" => $status - ) - ); + if( + ( + $id_user = $sgbd->add_data( + "users", + array( + "login" => $login, + "password" => $password, + "email" => $email + ) + ) + ) === false + ) return false; + $OK = true; + foreach($roles as $id_role){ + $OK = $sgbd->add_data( + "users_roles", + array( + "id_user" => $id_user, + "id_role" => $id_role + ) + ); + if(!$OK) break; + } + if(!$OK) return false; + return $id_user; } - function set_user($id, $login, $password, $email, $status){ + function set_user($id, $login, $password, $email, $roles){ $sgbd = $this->sgbd(); - return $sgbd->set_data( - "users", - $id, - array( - "login" => $login, - "password" => $password, - "email" => $email, - "status" => $status + if( + !$sgbd->set_data( + "users", + $id, + array( + "login" => $login, + "password" => $password, + "email" => $email + ) ) - ); + ) return false; + if($rst = $sgbd->open_data("users_roles")){ + $OK = true; + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id){ + if(!$sgbd->del_data("users_roles", $v_rst["id"])){ + $OK = false; + break; + } + } + } + else $OK = false; + } + $sgbd->close_data($rst); + if(!$OK) return false; + } + else return false; + foreach($roles as $id_role){ + $OK = $sgbd->add_data( + "users_roles", + array( + "id_user" => $id, + "id_role" => $id_role + ) + ); + if(!$OK) break; + } + if(!$OK) return false; + return true; } function del_user($login){ if(($user = $this->user($login)) !== false){ $sgbd = $this->sgbd(); - return $sgbd->del_data("users", $user["id"]); + if(!$sgbd->del_data("users", $user["id"])) return false; + if($rst = $sgbd->open_data("users_roles")){ + $OK = true; + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){ + if(!$sgbd->del_data("users_roles", $v_rst["id"])){ + $OK = false; + break; + } + } + } + else $OK = false; + } + $sgbd->close_data($rst); + return $OK; + } } return false; } # ---------------------------------------------------------------------------------------- - # status + # roles # - function status(){ - if(!isset($this->user_status)) return false; - return $this->user_status; - } - - function init_user_status($status = array()){ + function init_roles(){ $sgbd = $this->sgbd(); - $this->user_status = array(); - if($rst = $sgbd->open_data("user_status")){ + $this->roles = array(); + if($rst = $sgbd->open_data("roles")){ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ - $this->user_status[$v_rst["id"]] = $v_rst; + $this->roles[$v_rst["id"]] = $v_rst; } else{ - $this->user_status = false; + $this->roles = false; break; } } $sgbd->close_data($rst); } - else $this->user_status = false; - if($status && $this->user_status !== false){ - foreach($status as $new_user_status){ - $id_status = false; - foreach($this->user_status as $user_status) if($new_user_status["nom"] == $user_status["nom"]){ - $id_status = $user_status["id"]; - break; - } - if($id_status){ - $SAME = true; - foreach($new_user_status as $status_key => $status_value){ - if(!isset($this->user_status[$id_status][$status_key]) || $this->user_status[$id_status][$status_key] != $status_value){ - $SAME = false; - break; - } - } - if(!$SAME){ - if($sgbd->set_data("user_status", $id_status, $new_user_status)) $this->user_status[$id_status] = $new_user_status; - else{ - $this->user_status = false; + else $this->roles = false; + return $this->roles; + } + + function roles(){ + if(!isset($this->roles)) return false; + return $this->roles; + } + + function add_role($nom, $intitule){ + $sgbd = $this->sgbd(); + $id_role = $sgbd->add_data( + "roles", + array( + "nom" => $nom, + "intitule" => $intitule + ) + ); + if(!isset($id_role)) return false; + return $id_role; + } + + function get_role($id){ + if($id === "0") return array( + "id" => 0, + "nom" => "", + "intitule" => "" + ); + $sgbd = $this->sgbd(); + $role = $sgbd->get_data("roles", $id); + if(!isset($role)) return false; + return $role ? $role : array(); + } + + function set_role($id, $nom, $intitule){ + $sgbd = $this->sgbd(); + if( + !$sgbd->set_data( + "roles", + $id, + array( + "nom" => $nom, + "intitule" => $intitule + ) + ) + ) return false; + return true; + } + + function clear_role_actions($id_role){ + $sgbd = $this->sgbd(); + if($rst = $sgbd->open_data("actions_roles")){ + $OK = true; + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){ + if(!$sgbd->del_data("actions_roles", $v_rst["id"])){ + $OK = false; break; } } } - else{ - if($id_status = $sgbd->add_data("user_status", $new_user_status)) $this->user_status[$id_status] = $new_user_status; - else{ - $this->user_status = false; - break; - } - } + else $OK = false; } + $sgbd->close_data($rst); + return $OK; } - return $this->user_status; + return false; } - function init_action_status($status = array()){ - if(!isset($this->user_status)) return false; + function clear_role_users($id_role){ $sgbd = $this->sgbd(); - $this->action_status = array(); - if($rst = $sgbd->open_data("action_status")){ + if($rst = $sgbd->open_data("users_roles")){ + $OK = true; while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ - $this->action_status[$v_rst["id"]] = $v_rst; - } - else{ - $this->action_status = false; - break; - } - } - $sgbd->close_data($rst); - } - else $this->action_status = false; - if($status && $this->action_status !== false){ - $STATUS_OK = true; - foreach($status as $id_new_action_status => $new_action_status){ - $FOUND = $new_action_status["id_status"] == "0"; - if(!$FOUND) foreach($this->user_status as $user_status){ - if($new_action_status["id_status"] == $user_status["nom"]){ - $FOUND = true; - $status[$id_new_action_status]["id_status"] = $user_status["id"]; - } - } - if(!$FOUND){ - $STATUS_OK = false; - break; - } - } - if($STATUS_OK){ - foreach($status as $new_action_status){ - $id_status = false; - foreach($this->action_status as $action_status){ - if( - $new_action_status["action"] == $action_status["action"] - && $new_action_status["id_status"] == $action_status["id_status"] - ){ - $id_status = $action_status["id"]; - break; - } - } - if($id_status){ - $SAME = true; - foreach($new_action_status as $status_key => $status_value){ - if(!isset($this->action_status[$id_status][$status_key]) || $this->action_status[$id_status][$status_key] != $status_value){ - $SAME = false; - break; - } - } - if(!$SAME){ - if($id_status = $sgbd->add_data("action_status", $new_action_status)) $this->action_status[$id_status] = $new_action_status; - else{ - $this->action_status = false; - break; - } - } - } - else{ - if($id_status = $sgbd->add_data("action_status", $new_action_status)) $this->action_status[$id_status] = $new_action_status; - else{ - $this->action_status = false; + if(isset($v_rst["id"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){ + if(!$sgbd->del_data("users_roles", $v_rst["id"])){ + $OK = false; break; } } } + else $OK = false; } - else $this->action_status = false; + $sgbd->close_data($rst); + return $OK; } - return $this->action_status; + return false; } - function get_user_status(){ - $user = $this->get_session_user(); - if($user && isset($user["status"])) return $user["status"]; - return 0; + function add_role_action($id_role, $action){ + $sgbd = $this->sgbd(); + $id_action_role = $sgbd->add_data( + "actions_roles", + array( + "action" => $action, + "id_role" => $id_role + ) + ); + if(!isset($id_action_role)) return false; + return $id_action_role; } - function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){ + function del_role($id_role){ $sgbd = $this->sgbd(); - $status = array(); - if($rst = $sgbd->open_data("action_status")){ - while($status !==false && $v_rst = $sgbd->fetch_data($rst)){ - if(isset($v_rst) && isset($v_rst["action"]) && isset($v_rst["id_status"])){ - if( - $v_rst["action"] == $mod - || $v_rst["action"] == $mod."/".$controller - || $v_rst["action"] == $mod."/".$controller."/".$action - ){ - if(!isset($status[$v_rst["action"]])) $status[$v_rst["action"]] = array(); - $status[$v_rst["action"]][$v_rst["id_status"]] = true; - } - } - else $status = false; - } - $sgbd->close_data($rst); - } - else $status = false; - if($status !== false){ - if($set_status){ - foreach($set_status as $new_action_status){ - $id_status = false; - foreach($status as $user_status) if($new_user_status["nom"] == $user_status["nom"]){ - $id_status = $user_status["id"]; - break; - } - if($id_status){ - $SAME = true; - foreach($new_user_status as $status_key => $status_value){ - if(!isset($status[$id_status][$status_key]) || $status[$id_status][$status_key] != $status_value){ - $SAME = false; - break; - } - } - if(!$SAME){ - if($sgbd->set_data("user_status", $id_status, $new_user_status)) $status[$id_status] = $new_user_status; - else{ - $status = false; - break; - } + return $sgbd->del_data("roles", $id_role) ? true : false; + } + + function get_user_roles(){ + $user_roles = array(); + $user = $this->get_session_user(); + if($user && isset($user["id"])){ + $sgbd = $this->sgbd(); + if($rst = $sgbd->open_data("users_roles")){ + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){ + $user_roles[] = $v_rst["id_role"]; } } else{ - if($id_status = $sgbd->add_data("user_status", $new_user_status)) $status[$id_status] = $new_user_status; - else{ - $status = false; - break; - } + $user_roles = false; + break; } } + $sgbd->close_data($rst); } + else $user_roles = false; + if($user_roles === false) return false; } - return $status; + else $user_roles[] = 0; + if(!$user_roles) $user_roles[] = 0; + return $user_roles; + } + + function init_actions_roles(){ + if(!isset($this->roles)) return false; + $this->actions_roles = $this->read_actions_roles(); + return $this->actions_roles; } - function creation_default_status(){ + function read_actions_roles($params = array()){ + if(!isset($this->roles)) return false; + $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false; $sgbd = $this->sgbd(); - $default_status = 0; - if($rst = $sgbd->open_data("user_status")){ + $actions_roles = array(); + if($rst = $sgbd->open_data("actions_roles")){ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ - if(isset($v_rst["creation_default"]) && $v_rst["creation_default"] == 1){ - $default_status = $v_rst["id"]; - break; + if(isset($v_rst["action"]) && isset($v_rst["id_role"])){ + if($group_by_action){ + if(!isset($actions_roles[$v_rst["action"]])) $actions_roles[$v_rst["action"]] = array(); + $actions_roles[$v_rst["action"]][] = $v_rst["id_role"]; + } + else $actions_roles[$v_rst["id"]] = $v_rst; } } else{ - $default_status = false; + $actions_roles = false; break; } } $sgbd->close_data($rst); } - else $default_status = false; - return $default_status; + else $actions_roles = false; + return $actions_roles; } - # ---------------------------------------------------------------------------------------- - # log in / out - # - - function login($login, $password){ - if(($user = $this->user($login)) !== false){ - if($this->password_ok($user, $password)){ - if(!$this->set_session($user)) $user = false; - } - else{ - $this->clear_session(); - $user = array(); + function get_action_roles($mod, $controller = "index", $action = "index"){ + $sgbd = $this->sgbd(); + $roles = array(); + if($rst = $sgbd->open_data("actions_roles")){ + while($roles !==false && $v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst) && isset($v_rst["action"]) && isset($v_rst["id_role"])){ + if( + $v_rst["action"] == $mod + || $v_rst["action"] == $mod."/".$controller + || $v_rst["action"] == $mod."/".$controller."/".$action + ){ + if(!isset($roles[$v_rst["action"]])) $roles[$v_rst["action"]] = array(); + $roles[$v_rst["action"]][$v_rst["id_role"]] = true; + } + } + else $roles = false; } + $sgbd->close_data($rst); } - return $user; - } - - function logout(){ - return $this->clear_session(); - } - - function user_ok($user){ - return - strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0 - && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"]; + else $roles = false; + return $roles; } - function password_ok($user, $password){ - if(!$user) return false; - return - strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0 - && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"]; - } - - # ---------------------------------------------------------------------------------------- - # session - # - - function load_session(){ - session_start(); - if(!isset($_SESSION["id"])) $this->clear_session(); - if( - $user = ( - isset($_COOKIE["user"]) || isset($_SESSION["user"]) ? - $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"]) - : array() - ) - ){ - if(isset($_COOKIE["user"])) $this->set_session($user); - if(!$this->user_ok($user)){ - $this->clear_session(); - $user = array(); + function get_actions($id_role = null){ + $env = $this->env(); + if($actions = $env->get_actions()){ + if(($actions_roles = $this->read_actions_roles(array("group_by_action" => true))) !== false){ + foreach($actions as $module_name => $module){ + if(isset($id_role)) $actions[$module_name]["module_allowed"] = + isset($actions_roles[$module_name]) + && in_array($id_role, $actions_roles[$module_name]); + $actions[$module_name]["is_public"] = + isset($actions_roles[$module_name]) + && in_array(0, $actions_roles[$module_name]); + foreach($module["controleurs"] as $controleur_name => $controleur){ + if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] = + isset($actions_roles[$module_name."/".$controleur_name]) + && in_array($id_role, $actions_roles[$module_name."/".$controleur_name]); + $actions[$module_name]["controleurs"][$controleur_name]["is_public"] = + isset($actions_roles[$module_name."/".$controleur_name]) + && in_array(0, $actions_roles[$module_name."/".$controleur_name]); + foreach($controleur["als"] as $index_als => $al){ + if($al["actions"]){ + if(isset($id_role)){ + $HAS_ACTION_NOT_ALLOWED = false; + foreach($al["actions"] as $action_name){ + if( + !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name]) + || !in_array($id_role, $actions_roles[$module_name."/".$controleur_name."/".$action_name]) + ){ + $HAS_ACTION_NOT_ALLOWED = true; + break; + } + } + if(!$HAS_ACTION_NOT_ALLOWED){ + $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true; + } + } + $HAS_ACTION_NOT_ALLOWED = false; + foreach($al["actions"] as $action_name){ + if( + !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name]) + || !in_array(0, $actions_roles[$module_name."/".$controleur_name."/".$action_name]) + ){ + $HAS_ACTION_NOT_ALLOWED = true; + break; + } + } + if(!$HAS_ACTION_NOT_ALLOWED){ + $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true; + } + } + } + } + } + return $actions; } } - $this->_user = $user; - return $user; - } - - function set_session($user){ - $_SESSION["user"] = $user["login"]; - $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]); - $env = $this->env(); - return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web")); - } - - function clear_session(){ - unset($_SESSION["user"]); - unset($_SESSION["pass"]); - $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"]; - $_SESSION["id"] = md5(rand()); - $env = $this->env(); - return setcookie("user", "", 0, $env->path("web")); - } - - function get_session_user(){ - return $this->_user; - } - - # ---------------------------------------------------------------------------------------- - # uploads - # - - function check_user_uploads_dir($user = null){ - $env = $this->env(); - $user_dir = $env->path("content")."uploads/".(isset($user) ? $user : $this->_user["id"]); - if(!file_exists($user_dir)) @mkdir($user_dir); - return file_exists($user_dir); + return array(); } }