MIOLO20
Carregando...
Procurando...
Nenhuma entrada encontrada
mpermsmiolo.class
Ir para a documentação deste ficheiro.
1<?php
2
3class MPermsMiolo extends MPerms
4{
5 private $auth;
6 public $perms;
7
8 public function __construct()
9 {
10 parent::__construct();
11
12 $this->auth = $this->manager->GetAuth();
13 $this->perms = array( A_ACCESS => "SELECT",
14 A_INSERT => "INSERT",
15 A_DELETE => "DELETE",
16 A_UPDATE => "UPDATE",
17 A_EXECUTE => "EXECUTE",
18 A_ADMIN => "SYSTEM" );
19 }
20
21 public function checkAccess($module, $action, $deny = false, $group = false)
22 {
23 if ( $this->auth->isLogged() )
24 {
25 $login = $this->auth->getLogin(); // MLogin object
26 $isAdmin = $login->isAdmin(); // Is administrator?
27 $rights = $login->rights[$module]; // user rights
28
29 if( ! $rights )
30 {
31 $login->setRights( $this->getRights($login->id, $action) );
32 }
33
34 $ok = @in_array($action, $this->getRights($login->id, $action) );
35
36 if( ! $ok && $group )
37 {
38 $groups = $this->getGroupsAllowed($module, $action);
39 $ok = sizeof( array_intersect($groups, $login->groups) ) > 0;
40 }
41 }
42
43 if ( ! $ok && $deny )
44 {
45 $msg = _M('Access Denied') . "<br><br>\n" .
46 '<center><big><i><font color=red>' . _M('Transaction: ') . "$module ($action)</font></i></big></center><br><br>\n" .
47 _M('Please inform a valid login/password to access this content.') . "<br>";
48
49 $users = $this->getUsersAllowed($module, $action);
50 $groups = $this->getGroupsAllowed($module, $action);
51
52 if ($users)
53 {
54 $msg .= "<br/>\n" . _M('Users with access rights') . ":<ul><li>" . implode('<li>', $users) . '</ul>';
55 }
56 if ($groups)
57 {
58 $msg .= "<br/>\n" . _M('Groups with access rights') . ":<ul><li>" . implode('<li>', $groups) . '</ul>';
59 }
60
61 $go = $this->manager->history->Back('action');
62 $error = Prompt::Error($msg, $go, $caption, '');
63 $error->addButton( _M(' Login '), $this->manager->getActionURL($this->manager->getConf('login.module'),'login',null,array('return_to'=>urlencode($this->manager->history->Top()))), '');
64
65 $this->manager->Prompt($error,$deny);
66 }
67
68 return $ok;
69 }
70
71 public function getTransactionRights($transaction, $login)
72 {
73 $user = $this->manager->getBusinessMAD('user');
74 $user->getByLogin($login);
75
76 return $user->getTransactionRights($transaction);
77 }
78
79 public function getRights($login)
80 {
81 $this->manager->loadMADConf();
82 $db = $this->manager->getDatabase('admin');
83
84 $sql = "select a.rights from miolo_user u, miolo_groupuser g, miolo_access a where u.iduser = g.iduser and g.idgroup = a.idgroup and u.login = '$login'";
85
86 $result = $db->query($sql);
87
88 $rights = array();
89
90 if ( count($result) )
91 {
92 foreach($result as $r)
93 {
94 $rights[] = $r[0];
95 }
96 }
97
98 return $rights;
99 }
100
101 public function getGroups($login)
102 {
103 $user = $this->manager->getBusinessMAD('user');
104 $user->getByLogin($login);
105
106 return $user->getArrayGroups();
107 }
108
109 public function getUsersAllowed($module, $action = A_ACCESS)
110 {
111 $this->manager->loadMADConf();
112
113 $db = $this->manager->getDatabase('admin');
114 $sql = "select distinct u.login from miolo_user u, miolo_groupuser g, miolo_access a, miolo_transaction t where u.iduser = g.iduser and g.idgroup = a.idgroup and a.idtransaction = t.idtransaction and lower(t.m_transaction) = '" . strtolower($module) ."' and a.rights='$action'";
115
116 $result = $db->query($sql);
117 $users = array();
118
119 if ( $result )
120 {
121 foreach($result as $user)
122 {
123 $users[] = $user[0];
124 }
125 }
126
127 return $users;
128 }
129
130 public function getGroupsAllowed($module, $action = A_ACCESS)
131 {
132 $this->manager->loadMADConf();
133
134 $db = $this->manager->getDatabase('admin');
135 $sql = "select g.m_group from miolo_group g, miolo_access a, miolo_transaction t where g.idgroup = a.idgroup and a.idtransaction = t.idtransaction and lower(t.m_transaction) = '" . strtolower($module) ."' and a.rights='$action'";
136
137 $result = $db->query($sql);
138 $groups = array();
139
140 if ( $result )
141 {
142 foreach($result as $group)
143 {
144 $groups[] = $group[0];
145 }
146 }
147
148 return $groups;
149 }
150}
151?>
MPermsMiolo\checkAccess
checkAccess($module, $action, $deny=false, $group=false)
Definição mpermsmiolo.class:21
MPermsMiolo\getUsersAllowed
getUsersAllowed($module, $action=A_ACCESS)
Definição mpermsmiolo.class:109
MPermsMiolo\getTransactionRights
getTransactionRights($transaction, $login)
Definição mpermsmiolo.class:71
MPermsMiolo\getRights
getRights($login)
Definição mpermsmiolo.class:79
MPermsMiolo\getGroupsAllowed
getGroupsAllowed($module, $action=A_ACCESS)
Definição mpermsmiolo.class:130
MPermsMiolo\getGroups
getGroups($login)
Definição mpermsmiolo.class:101
MPrompt\Error
static Error($msg='', $goto='', $caption='', $event='')
Definição mprompt.class:90
$action
$action
Definição base.php:4