File modules/cms/model/Group.class.php
Last commit: Wed Mar 10 23:51:22 2021 +0100 Jan Dankert Refactoring: Cleaned the Request params.
1 <?php 2 namespace cms\model; 3 // OpenRat Content Management System 4 // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de 5 // 6 // This program is free software; you can redistribute it and/or 7 // modify it under the terms of the GNU General Public License 8 // as published by the Free Software Foundation; either version 2 9 // of the License, or (at your option) any later version. 10 // 11 // This program is distributed in the hope that it will be useful, 12 // but WITHOUT ANY WARRANTY; without even the implied warranty of 13 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 // GNU General Public License for more details. 15 // 16 // You should have received a copy of the GNU General Public License 17 // along with this program; if not, write to the Free Software 18 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 19 use cms\base\DB as Db; 20 use util\Session; 21 22 23 /** 24 * Darstellen einer Benutzergruppe. Eine Gruppe enthaelt beliebig viele Benutzer 25 * 26 * @version $Revision$ 27 * @author $Author$ 28 * @package openrat.objects 29 */ 30 class Group extends ModelBase 31 { 32 public $groupid = 0; 33 public $parentid = null; 34 35 public $name = ''; 36 37 38 // Konstruktor 39 function __construct( $groupid='' ) 40 { 41 if ( is_numeric($groupid) ) 42 $this->groupid = $groupid; 43 } 44 45 46 /** 47 * Read all groups 48 */ 49 public static function getAll() 50 { 51 $stmt = Db::sql( 'SELECT id,name FROM {{group}}' ); 52 53 return $stmt->getAssoc(); 54 } 55 56 /** 57 * Read all descendant groups. 58 */ 59 public function getAllDescendantsIds() 60 { 61 $children = []; 62 63 foreach( $this->getChildrenIds() as $groupid ) { 64 $children[] = $groupid; 65 $childGroup = new Group( $groupid ); 66 $children = array_merge( $children, $childGroup->getAllDescendantsIds() ); 67 } 68 69 return $children; 70 } 71 72 73 public function getParentGroups() { 74 75 $parents = []; 76 77 if ( $this->parentid ) { 78 $parents[] = $this->parentid; 79 $parentGroup = new Group( $this->parentid ); 80 $parentGroup->load(); 81 $parents = array_merge( $parents, $parentGroup->getParentGroups() ); 82 } 83 84 return $parents; 85 } 86 87 /** 88 * Read all direct child groups of this group. 89 */ 90 public function getChildrenIds() 91 { 92 $stmt = Db::sql( 'SELECT id FROM {{group}} WHERE parentid = {parentid}' ); 93 $stmt->setInt('parentid',$this->groupid ); 94 95 return $stmt->getCol(); 96 } 97 98 /** 99 * Read all root groups. 100 * 101 * Root groups are groups without a parent group. 102 */ 103 public static function getRootGroups() 104 { 105 $stmt = Db::sql( 'SELECT id,name FROM {{group}} WHERE parentid IS NULL' ); 106 107 return $stmt->getAssoc(); 108 } 109 110 111 /** 112 * Lesen Gruppe aus der Datenbank 113 */ 114 public function load() 115 { 116 $sql = Db::sql( 'SELECT * FROM {{group}}'. 117 ' WHERE id={groupid}' ); 118 $sql->setInt( 'groupid',$this->groupid ); 119 120 $row = $sql->getRow(); 121 if ( $row ) { 122 $this->name = $row['name' ]; 123 $this->parentid = $row['parentid']; 124 } 125 else { 126 $this->name = ''; 127 $this->groupid = null; 128 } 129 130 } 131 132 133 public function getParentGroup() 134 { 135 return new Group($this->parentid); 136 } 137 138 public function getParentGroupIds() { 139 $sql = Db::sql( 'SELECT id,parentid FROM {{group}}'. 140 ' WHERE id={groupid}' ); 141 $sql->setInt( 'groupid',$this->parentid ); 142 143 $row = $sql->getRow(); 144 if ( count($row) > 0 ) { 145 $this->name = $row['name' ]; 146 $this->parentid = $row['parentid']; 147 } 148 else { 149 $this->name = ''; 150 $this->groupid = null; 151 } 152 153 } 154 155 156 /** 157 * Read a group. 158 * @param $name string name of the group 159 * @return Group|null 160 */ 161 public static function loadWithName( $name ) 162 { 163 $sql = Db::sql( <<<SQL 164 SELECT id FROM {{group}} 165 WHERE name={name} 166 SQL 167 ); 168 $sql->setString('name',$name ); 169 170 $row = $sql->getRow(); 171 172 if ( $row ) { 173 $group = new Group($row['id']); 174 $group->load(); 175 176 return $group; 177 } 178 179 return null; 180 } 181 182 183 /** 184 * Save a group. 185 */ 186 public function save() 187 { 188 // Recursion check. 189 $descendantGroupoIds = $this->getAllDescendantsIds(); 190 if ( $this->parentid == $this->groupid || in_array($this->parentid, $descendantGroupoIds )) 191 throw new \LogicException('parent group is not allowed to be one of the descendant groups'); 192 193 if ( empty($this->name) ) 194 $this->name = \cms\base\Language::lang('GROUP').' '.$this->groupid; 195 196 // Gruppe speichern 197 $sql = Db::sql( <<<SQL 198 UPDATE {{group}} 199 SET name = {name}, 200 parentid = {parentid} 201 WHERE id={groupid} 202 SQL 203 ); 204 $sql->setInt ('groupid' ,$this->groupid ); 205 $sql->setString ('name' ,$this->name ); 206 $sql->setIntOrNull('parentid',$this->parentid); 207 208 // Datenbankabfrage ausfuehren 209 $sql->execute(); 210 } 211 212 213 /** 214 * Rueckgabe aller Eigenschaften 215 * @return array 216 */ 217 function getProperties() 218 { 219 return [ 'name' =>$this->name, 220 'groupid' =>$this->groupid, 221 'parentid'=>$this->parentid 222 ]; 223 } 224 225 226 // Gruppe hinzufuegen 227 function add( $name = '' ) 228 { 229 $db = \cms\base\DB::get(); 230 231 if ( $name != '' ) 232 $this->name = $name; 233 234 $sql = $db->sql('SELECT MAX(id) FROM {{group}}'); 235 $this->groupid = intval($sql->getOne())+1; 236 237 // Gruppe hinzuf?gen 238 $sql = $db->sql( 'INSERT INTO {{group}} '. 239 '(id,name) VALUES( {groupid},{name} )'); 240 $sql->setInt ('groupid',$this->groupid ); 241 $sql->setString('name' ,$this->name ); 242 243 // Datenbankbefehl ausfuehren 244 $sql->execute(); 245 } 246 247 248 // Gruppe entfernen 249 function delete() 250 { 251 $db = \cms\base\DB::get(); 252 253 // Berechtigungen zu dieser Gruppe loeschen 254 $sql = $db->sql( 'DELETE FROM {{acl}} '. 255 'WHERE groupid={groupid}' ); 256 $sql->setInt ('groupid',$this->groupid ); 257 $sql->execute(); 258 259 260 // Alle Gruppenzugehoerigkeiten zu dieser Gruppe loeschen 261 $sql = $db->sql( 'DELETE FROM {{usergroup}} '. 262 'WHERE groupid={groupid}' ); 263 $sql->setInt ('groupid',$this->groupid ); 264 $sql->execute(); 265 266 // Gruppe loeschen 267 $sql = $db->sql( 'DELETE FROM {{group}} '. 268 'WHERE id={groupid}' ); 269 $sql->setInt ('groupid',$this->groupid ); 270 $sql->execute(); 271 } 272 273 274 /** 275 * Get all users of this group. 276 * @return array id->name 277 */ 278 function getUsers() 279 { 280 $db = \cms\base\DB::get(); 281 282 $sql = $db->sql( 'SELECT {{user}}.id,{{user}}.name FROM {{user}} '. 283 'LEFT JOIN {{usergroup}} ON {{usergroup}}.userid={{user}}.id '. 284 'WHERE {{usergroup}}.groupid={groupid}' ); 285 $sql->setInt('groupid',$this->groupid ); 286 287 return $sql->getAssoc(); 288 } 289 290 291 // Benutzer ermitteln, die *nicht* Mitglied dieser Gruppe sind 292 function getOtherUsers() 293 { 294 $db = \cms\base\DB::get(); 295 296 $sql = $db->sql( 'SELECT {{user}}.id,{{user}}.name FROM {{user}}'. 297 ' LEFT JOIN {{usergroup}} ON {{usergroup}}.userid={{user}}.id AND {{usergroup}}.groupid={groupid}'. 298 ' WHERE {{usergroup}}.groupid IS NULL' ); 299 $sql->setInt('groupid' ,$this->groupid ); 300 301 return $sql->getAssoc(); 302 } 303 304 305 // Benutzer einer Gruppe hinzufuegen 306 function addUser( $userid ) 307 { 308 $db = \cms\base\DB::get(); 309 310 $sql = $db->sql('SELECT MAX(id) FROM {{usergroup}}'); 311 $usergroupid = intval($sql->getOne())+1; 312 313 $sql = $db->sql( 'INSERT INTO {{usergroup}} '. 314 ' (id,userid,groupid) '. 315 ' VALUES( {usergroupid},{userid},{groupid} )' ); 316 $sql->setInt('usergroupid',$usergroupid ); 317 $sql->setInt('userid' ,$userid ); 318 $sql->setInt('groupid' ,$this->groupid ); 319 320 $sql->execute(); 321 322 } 323 324 325 // Benutzer aus Gruppe entfernen 326 function delUser( $userid ) 327 { 328 $db = \cms\base\DB::get(); 329 330 $sql = $db->sql( 'DELETE FROM {{usergroup}} '. 331 ' WHERE userid={userid} AND groupid={groupid}' ); 332 $sql->setInt ('userid' ,$userid ); 333 $sql->setInt ('groupid' ,$this->groupid ); 334 335 $sql->execute(); 336 } 337 338 339 // Alle Berechtigungen ermitteln 340 function getRights() 341 { 342 $db = \cms\base\DB::get(); 343 $var = array(); 344 345 // Alle Projekte lesen 346 $sql = $db->sql( 'SELECT id,name FROM {{project}}' ); 347 $projects = $sql->getAssoc(); 348 349 foreach( $projects as $projectid=>$projectname ) 350 { 351 $var[$projectid] = array(); 352 $var[$projectid]['name'] = $projectname; 353 $var[$projectid]['folders'] = array(); 354 $var[$projectid]['rights'] = array(); 355 356 $sql = $db->sql( 'SELECT {{acl}}.* FROM {{acl}}'. 357 ' LEFT JOIN {{folder}} ON {{acl}}.folderid = {{folder}}.id'. 358 ' WHERE {{folder}}.projectid={projectid}'. 359 ' AND {{acl}}.groupid={groupid}' ); 360 $sql->setInt('projectid',$projectid ); 361 $sql->setInt('groupid' ,$this->groupid ); 362 363 $acls = $sql->getAll(); 364 365 foreach( $acls as $acl ) 366 { 367 $aclid = $acl['id']; 368 $folder = new Folder( $acl['folderid'] ); 369 $folder->load(); 370 $var[$projectid]['rights'][$aclid] = $acl; 371 $var[$projectid]['rights'][$aclid]['foldername'] = implode(' » ',$folder->parentfolder( false,true )); 372 } 373 374 $sql = $db->sql( 'SELECT id FROM {{folder}}'. 375 ' WHERE projectid={projectid}' ); 376 $sql->setInt('projectid',$projectid); 377 $folders = $sql->getCol(); 378 379 $var[$projectid]['folders'] = array(); 380 381 foreach( $folders as $folderid ) 382 { 383 $folder = new Folder( $folderid ); 384 $folder->load(); 385 $var[$projectid]['folders'][$folderid] = implode(' » ',$folder->parentfolder( false,true )); 386 } 387 388 asort( $var[$projectid]['folders'] ); 389 } 390 391 return $var; 392 } 393 394 395 396 /** 397 * Ermitteln aller Berechtigungen dieser Gruppe.<br> 398 * Diese Daten werden auf der Gruppenseite in der Administration angezeigt. 399 * 400 * @return mixed 401 */ 402 function getAllAcls() 403 { 404 $db = \cms\base\DB::get(); 405 $sql = $db->sql( 'SELECT {{acl}}.*,{{object}}.projectid,{{language}}.name AS languagename FROM {{acl}}'. 406 ' LEFT JOIN {{object}} '. 407 ' ON {{object}}.id={{acl}}.objectid '. 408 ' LEFT JOIN {{language}} '. 409 ' ON {{language}}.id={{acl}}.languageid '. 410 ' WHERE ( {{acl}}.groupid={groupid} OR ({{acl}}.userid IS NULL AND {{acl}}.groupid IS NULL) )'. 411 ' ORDER BY {{object}}.projectid,{{acl}}.languageid' ); 412 $sql->setInt ( 'groupid' ,$this->groupid ); 413 414 $aclList = array(); 415 416 foreach($sql->getAll() as $row ) 417 { 418 $permission = new Permission(); 419 $permission->setDatabaseRow( $row ); 420 $permission->projectid = $row['projectid' ]; 421 if ( intval($permission->languageid) == 0 ) 422 $permission->languagename = \cms\base\Language::lang('ALL_LANGUAGES'); 423 else 424 $permission->languagename = $row['languagename']; 425 $aclList[] = $permission; 426 } 427 428 return $aclList; 429 } 430 431 432 public function getName() 433 { 434 return $this->name; 435 } 436 437 public function getId() 438 { 439 return $this->groupid; 440 } 441 442 }
Downloadmodules/cms/model/Group.class.php
History Wed, 10 Mar 2021 23:51:22 +0100 Jan Dankert Refactoring: Cleaned the Request params. Sun, 7 Mar 2021 00:10:20 +0100 Jan Dankert Refactoring: Hopefully more performance while accessing the database resultsets. Mon, 4 Jan 2021 23:14:09 +0100 Jan Dankert New: Groups may contain subgroups. Users within a group inherit the permissions of all parent groups. Mon, 4 Jan 2021 19:03:18 +0100 Jan Dankert Refactoring: ACL class is renamed to Permission, because most RBAC/DMAC concepts are calling it a permission. Wed, 18 Nov 2020 01:46:36 +0100 Jan Dankert Refactoring of model classes: New method persist() and some other cleanups. Sat, 31 Oct 2020 00:43:29 +0100 Jan Dankert New: Support for OpenId Connect; Removed: Support for LDAP. Fri, 2 Oct 2020 23:11:48 +0200 Jan Dankert Cleanup: No '.inputholder' any more, notices with links to objects. Tue, 29 Sep 2020 22:17:11 +0200 Jan Dankert Refactoring: Do not use global constants. Sat, 26 Sep 2020 12:20:43 +0200 Jan Dankert Refactoring: No global variables like $SESS any more. All constants are capsulated by classes. Sat, 26 Sep 2020 04:03:53 +0200 Jan Dankert Refactoring: read language keys with a class. Sat, 26 Sep 2020 02:26:39 +0200 Jan Dankert Refactoring: No global functions any more, the database object is read from the Db class. Mon, 17 Aug 2020 22:52:37 +0200 Jan Dankert Cleanup: Killing the old odd 'GLOBAL_' message prefixes. Sun, 23 Feb 2020 04:01:30 +0100 Jan Dankert Refactoring with Namespaces for the cms modules, part 1: moving.