1: <?php
  2: /**
  3:  * This file contains the group collection and item class.
  4:  *
  5:  * @package Core
  6:  * @subpackage GenericDB_Model
  7:  * @version SVN Revision $Rev:$
  8:  *
  9:  * @author Dominik Ziegler
 10:  * @copyright four for business AG <www.4fb.de>
 11:  * @license http://www.contenido.org/license/LIZENZ.txt
 12:  * @link http://www.4fb.de
 13:  * @link http://www.contenido.org
 14:  */
 15: 
 16: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 17: 
 18: /**
 19:  * Group collection
 20:  *
 21:  * @package Core
 22:  * @subpackage GenericDB_Model
 23:  */
 24: class cApiGroupCollection extends ItemCollection {
 25: 
 26:     /**
 27:      * Constructor
 28:      */
 29:     public function __construct() {
 30:         global $cfg;
 31:         parent::__construct($cfg['tab']['groups'], 'group_id');
 32:         $this->_setItemClass('cApiGroup');
 33:     }
 34: 
 35:     /**
 36:      * Creates a group entry.
 37:      *
 38:      * @param string $groupname
 39:      * @param string $perms
 40:      * @param string $description
 41:      * @return cApiGroup NULL
 42:      */
 43:     public function create($groupname, $perms, $description) {
 44:         $primaryKeyValue = md5($groupname);
 45: 
 46:         $item = parent::createNewItem($primaryKeyValue);
 47:         if (!is_object($item)) {
 48:             return NULL;
 49:         }
 50: 
 51:         $groupname = cApiGroup::prefixedGroupName($groupname);
 52: 
 53:         $item->set('groupname', $this->escape($groupname));
 54:         $item->set('perms', $this->escape($perms));
 55:         $item->set('description', $this->escape($description));
 56:         $item->store();
 57: 
 58:         return $item;
 59:     }
 60: 
 61:     /**
 62:      * Returns the groups a user is in
 63:      *
 64:      * @param string $userid
 65:      * @return cApiGroup[] List of groups
 66:      */
 67:     public function fetchByUserID($userid) {
 68:         global $cfg;
 69: 
 70:         $aIds = array();
 71:         $aGroups = array();
 72: 
 73:         $sql = "SELECT a.group_id FROM `%s` AS a, `%s` AS b " . "WHERE (a.group_id  = b.group_id) AND (b.user_id = '%s')";
 74: 
 75:         $this->db->query($sql, $this->table, $cfg['tab']['groupmembers'], $userid);
 76:         $this->_lastSQL = $sql;
 77: 
 78:         while ($this->db->nextRecord()) {
 79:             $aIds[] = $this->db->f('group_id');
 80:         }
 81: 
 82:         if (0 === count($aIds)) {
 83:             return $aGroups;
 84:         }
 85: 
 86:         $where = "group_id IN ('" . implode("', '", $aIds) . "')";
 87:         $this->select($where);
 88:         while (($oItem = $this->next()) !== false) {
 89:             $aGroups[] = clone $oItem;
 90:         }
 91: 
 92:         return $aGroups;
 93:     }
 94: 
 95:     /**
 96:      * Removes the specified group from the database.
 97:      *
 98:      * @param string $groupname Specifies the groupname
 99:      * @return bool True if the delete was successful
100:      */
101:     public function deleteGroupByGroupname($groupname) {
102:         $groupname = cApiGroup::prefixedGroupName($groupname);
103:         $result = $this->deleteBy('groupname', $groupname);
104:         return ($result > 0) ? true : false;
105:     }
106: 
107:     /**
108:      * Returns all groups which are accessible by the current group.
109:      *
110:      * @param array $perms
111:      * @return cApiGroup Array of group objects
112:      */
113:     public function fetchAccessibleGroups($perms) {
114:         $groups = array();
115:         $limit = array();
116:         $where = '';
117: 
118:         if (!in_array('sysadmin', $perms)) {
119:             // not sysadmin, compose where rules
120:             $oClientColl = new cApiClientCollection();
121:             $allClients = $oClientColl->getAvailableClients();
122:             foreach ($allClients as $key => $value) {
123:                 if (in_array('client[' . $key . ']', $perms) || in_array('admin[' . $key . ']', $perms)) {
124:                     $limit[] = 'perms LIKE "%client[' . $this->escape($key) . ']%"';
125:                 }
126:                 if (in_array('admin[' . $key . ']', $perms)) {
127:                     $limit[] = 'perms LIKE "%admin[' . $this->escape($key) . ']%"';
128:                 }
129:             }
130: 
131:             if (count($limit) > 0) {
132:                 $where = '1 AND ' . implode(' OR ', $limit);
133:             }
134:         }
135: 
136:         $this->select($where);
137:         while (($oItem = $this->next()) !== false) {
138:             $groups[] = clone $oItem;
139:         }
140: 
141:         return $groups;
142:     }
143: 
144:     /**
145:      * Returns all groups which are accessible by the current group.
146:      * Is a wrapper of fetchAccessibleGroups() and returns contrary to that
147:      * function
148:      * a multidimensional array instead of a list of objects.
149:      *
150:      * @param array $perms
151:      * @return array Array of user like $arr[user_id][groupname],
152:      *         $arr[user_id][description]
153:      *         Note: Value of $arr[user_id][groupname] is cleaned from prefix
154:      *         "grp_"
155:      */
156:     public function getAccessibleGroups($perms) {
157:         $groups = array();
158:         $oGroups = $this->fetchAccessibleGroups($perms);
159:         foreach ($oGroups as $oItem) {
160:             $groups[$oItem->get('group_id')] = array(
161:                 'groupname' => $oItem->getGroupName(true),
162:                 'description' => $oItem->get('description')
163:             );
164:         }
165:         return $groups;
166:     }
167: }
168: 
169: /**
170:  * Group item
171:  *
172:  * @package Core
173:  * @subpackage GenericDB_Model
174:  */
175: class cApiGroup extends Item {
176: 
177:     /**
178:      * Prefix to be used for group names.
179:      *
180:      * @var string
181:      */
182:     const PREFIX = 'grp_';
183: 
184:     /**
185:      * Constructor Function
186:      *
187:      * @param mixed $mId Specifies the ID of item to load
188:      */
189:     public function __construct($mId = false) {
190:         global $cfg;
191:         parent::__construct($cfg['tab']['groups'], 'group_id');
192:         $this->setFilters(array(), array());
193:         if ($mId !== false) {
194:             $this->loadByPrimaryKey($mId);
195:         }
196:     }
197: 
198:     /**
199:      * Loads a group from the database by its groupId.
200:      *
201:      * @param string $groupId Specifies the groupId
202:      * @return bool True if the load was successful
203:      */
204:     public function loadGroupByGroupID($groupId) {
205:         return $this->loadByPrimaryKey($groupId);
206:     }
207: 
208:     /**
209:      * Loads a group entry by its groupname.
210:      *
211:      * @param string $groupname Specifies the groupname
212:      * @return bool True if the load was successful
213:      */
214:     public function loadGroupByGroupname($groupname) {
215:         $groupname = cApiGroup::prefixedGroupName($groupname);
216:         return $this->loadBy('groupname', $groupname);
217:     }
218: 
219:     /**
220:      * User defined field value setter.
221:      *
222:      * @param string $sField Field name
223:      * @param string $mValue Value to set
224:      * @param bool $bSafe Flag to run defined inFilter on passed value
225:      * @return bool
226:      * @see Item::setField()
227:      */
228:     public function setField($sField, $mValue, $bSafe = true) {
229:         if ('perms' === $sField) {
230:             if (is_array($mValue)) {
231:                 $mValue = implode(',', $mValue);
232:             }
233:         }
234: 
235:         return parent::setField($sField, $mValue, $bSafe);
236:     }
237: 
238:     /**
239:      * Returns list of group permissions.
240:      *
241:      * @return array
242:      */
243:     public function getPermsArray() {
244:         return explode(',', $this->get('perms'));
245:     }
246: 
247:     /**
248:      * Returns name of group.
249:      *
250:      * @param bool $removePrefix Flag to remove "grp_" prefix from group name
251:      * @return Ambigous <string, mixed, bool>
252:      */
253:     public function getGroupName($removePrefix = false) {
254:         $groupname = $this->get('groupname');
255:         return (false === $removePrefix) ? $groupname : self::getUnprefixedGroupName($groupname);
256:     }
257: 
258:     /**
259:      * Returns name of a group cleaned from prefix "grp_".
260:      *
261:      * @param string $groupname
262:      * @return string
263:      */
264:     public static function getUnprefixedGroupName($groupname) {
265:         return substr($groupname, strlen(self::PREFIX));
266:     }
267: 
268:     /**
269:      * Returns the passed groupname prefixed with "grp_", if not exists.
270:      *
271:      * @param string $groupname
272:      * @return string
273:      */
274:     public static function prefixedGroupName($groupname) {
275:         if (substr($groupname, 0, strlen(cApiGroup::PREFIX)) != cApiGroup::PREFIX) {
276:             return cApiGroup::PREFIX . $groupname;
277:         }
278:         return $groupname;
279:     }
280: 
281:     /**
282:      * Returns group property by its type and name
283:      *
284:      * @param string $type
285:      * @param string $name
286:      * @return string bool value or false
287:      */
288:     public function getGroupProperty($type, $name) {
289:         $groupPropColl = new cApiGroupPropertyCollection($this->values['group_id']);
290:         $groupProp = $groupPropColl->fetchByGroupIdTypeName($type, $name);
291:         return ($groupProp) ? $groupProp->get('value') : false;
292:     }
293: 
294:     /**
295:      * Retrieves all available properties of the group.
296:      *
297:      * @return array Returns assoziative properties array as follows:
298:      *         - $arr[idgroupprop][name]
299:      *         - $arr[idgroupprop][type]
300:      *         - $arr[idgroupprop][value]
301:      */
302:     public function getGroupProperties() {
303:         $props = array();
304: 
305:         $groupPropColl = new cApiGroupPropertyCollection($this->values['group_id']);
306:         $groupProps = $groupPropColl->fetchByGroupId();
307:         foreach ($groupProps as $groupProp) {
308:             $props[$groupProp->get('idgroupprop')] = array(
309:                 'name' => $groupProp->get('name'),
310:                 'type' => $groupProp->get('type'),
311:                 'value' => $groupProp->get('value')
312:             );
313:         }
314: 
315:         return $props;
316:     }
317: 
318:     /**
319:      * Stores a property to the database.
320:      *
321:      * @param string $type Type (class, category etc) for the property to
322:      *        retrieve
323:      * @param string $name Name of the property to retrieve
324:      * @param string $value Value to insert
325:      * @return cApiGroupProperty
326:      */
327:     public function setGroupProperty($type, $name, $value) {
328:         $groupPropColl = new cApiGroupPropertyCollection($this->values['group_id']);
329:         return $groupPropColl->setValueByTypeName($type, $name, $value);
330:     }
331: 
332:     /**
333:      * Deletes a group property from the table.
334:      *
335:      * @param string $type Type (class, category etc) for the property to delete
336:      * @param string $name Name of the property to delete
337:      * @return bool
338:      */
339:     public function deleteGroupProperty($type, $name) {
340:         $groupPropColl = new cApiGroupPropertyCollection($this->values['group_id']);
341:         return $groupPropColl->deleteByGroupIdTypeName($type, $name);
342:     }
343: }
344: