miolo_doc/html/mpermsldap_8class_source.html

<?php


class MPermsLdap extends MPerms

{

    private $auth;

    public  $perms;


    function __construct()

    {

        parent::__construct();

        $this->auth = $this->manager->GetAuth();

        $this->perms = array

            (

            A_ACCESS  => "SELECT",

            A_INSERT  => "INSERT",

            A_DELETE  => "DELETE",

            A_UPDATE  => "UPDATE",

            A_EXECUTE => "EXECUTE",

            A_ADMIN   => "SYSTEM"

            );

    }


    function setAuth($auth)

    {

        $this->auth = $auth;

    }


    function CheckAccess($module, $action, $deny = false, $group = false)

    {

        if ($this->auth->IsLogged())

        {

            $login       = $this->auth->GetLogin();  // MLogin object

            $isAdmin     = $login->IsAdmin(); // Is administrator?

            $rights      = $login->rights[$module]; // user rights

            if( ! $rights )

            {

                $login->setRights( $this->getRights($login->id) );

            }

            $ok = @in_array($action, $login->rights[$module] );


            if(!$ok && $group)

            {

                $groups = $this->GetGroupsAllowed($module, $action);

                $ok = sizeof(array_intersect($groups, $login->groups)) > 0;

            }

        }


        if (!$ok && $deny)

        {


            $msg = _M('Access Denied') . "<br><br>\n" .

                   '<center><big><i><font color=red>' . _M('Transaction: ') . "$transaction</font></i></big></center><br><br>\n" .

                   _M('Please inform a valid login/password to access this content.') . "<br>";


            $users = $this->getUsersAllowed($module, $action);


            if ($users)

            {

                $msg .= "<br><br>\n" . _M('Users with access rights') . ":<ul><li>" . implode('<li>', $users) . '</ul>';

            }


            $go = $this->manager->history->Back('action');

            $error = Prompt::Error($msg, $go, $caption, '');

            $error->AddButton(_M('   Login   '), $this->manager->getActionURL($this->manager->getConf('login.module'),'login',null,array('return_to'=>urlencode($this->manager->history->Top()))), '');

            $this->manager->Prompt($error,$deny);

            //$this->manager->Error($msg, $go);

        }

        return $ok;

    }


    function GetTransactionRights($transaction, $login)

    {

        $user = $this->manager->GetBusinessMAD('user');

        $user->GetByLogin($login);

        return $user->GetTransactionRights($transaction);

    }


    function GetRights($login)

    {

        $MIOLO  = $this->manager;

        $base   = $MIOLO->getConf('login.ldap.base');

        $filter = "(&(objectClass=mioloUserPermission)(login=$login))";


        $MIOLO->auth->connect();


        $sr     = ldap_search($MIOLO->auth->conn, $base, $filter, array('miolomodulename', 'miolomoduleaction') );

        $info   = ldap_get_entries($MIOLO->auth->conn, $sr);


        $rights = array();

        for($i=0; $i<$info['count']; $i++)

        {

            $module = $info[$i]['miolomodulename'][0];

            $rights[$module] = array();

            for($j=0; $j<$info[$i]['miolomoduleaction']['count']; $j++)

            {

                $rights[$module][] = $info[$i]['miolomoduleaction'][$j];

            }

        }

        return $rights;

    }


    function GetGroups($login)

    {

        $user = $this->manager->GetBusinessMAD('user');

        $user->GetByLogin($login);

        return $user->GetArrayGroups();

    }


    function GetUsersAllowed($module, $action = A_ACCESS)

    {

        $MIOLO  = $this->manager;

        $base   = $MIOLO->getConf('login.ldap.base');

        $filter = "(&(objectClass=mioloUserPermission)(mioloModuleName=$module)(mioloModuleAction=$action))";

        $sr     = ldap_search($MIOLO->auth->conn, $base, $filter, array('login') );

        $info   = ldap_get_entries($MIOLO->auth->conn, $sr);


        $users = array();

        for($i=0; $i<$info['count']; $i++)

        {

            $users[] = $info[$i]['login'][0];

        }

        return $users;

    }


    function GetGroupsAllowed($module, $action = A_ACCESS)

    {

        $MIOLO  = $this->manager;

        $base   = $MIOLO->getConf('login.ldap.base');

        $filter = "(&(objectClass=mioloGroupPermission)(mioloModuleName=$module)(mioloModuleAction=$action))";

        $sr     = ldap_search($MIOLO->auth->conn, $base, $filter, array('miologroup') );

        $info   = ldap_get_entries($MIOLO->auth->conn, $sr);


        $groups = array();

        for($i=0; $i<$info['count']; $i++)

        {

            $groups[] = $info[$i]['miologroup'][0];

        }

        return $groups;

    }


}


?>

MPermsLdap
Definição mpermsldap.class:3

MPermsLdap\__construct
__construct()
Definição mpermsldap.class:7

MPermsLdap\CheckAccess
CheckAccess($module, $action, $deny=false, $group=false)
Definição mpermsldap.class:27

MPermsLdap\GetUsersAllowed
GetUsersAllowed($module, $action=A_ACCESS)
Definição mpermsldap.class:108

MPermsLdap\GetRights
GetRights($login)
Definição mpermsldap.class:77

MPermsLdap\$perms
$perms
Definição mpermsldap.class:5

MPermsLdap\GetGroupsAllowed
GetGroupsAllowed($module, $action=A_ACCESS)
Definição mpermsldap.class:124

MPermsLdap\GetTransactionRights
GetTransactionRights($transaction, $login)
Definição mpermsldap.class:70

MPermsLdap\GetGroups
GetGroups($login)
Definição mpermsldap.class:101

MPermsLdap\setAuth
setAuth($auth)
Definição mpermsldap.class:22

MPerms
Definição mperms.class:3

MPrompt\Error
static Error($msg='', $goto='', $caption='', $event='')
Definição mprompt.class:90

MService\$manager
$manager
Definição mservice.class:11

$MIOLO
$MIOLO
Definição mdatetimefield.class:25

$action
$action
Definição base.php:4