Главная Обзор Помощь
Вход
fusionpbx
/
fusionpbx-framework
зеркало из https://github.com/fusionpbx/fusionpbx-framework.git
2
0
Ответвить 0
Файлы Задачи 0 Вики
Ветка: master
Ветки Метки
fusionpbx-frame...
/
resources
/
classes
/
permissions.php

permissions.php 5.4 KB
Постоянная ссылка История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219 
  1. <?php
    2. 

  2. /*
    3. 

  3. 	FusionPBX
    4. 

  4. 	Version: MPL 1.1
    5. 

  5. 

  6. 	The contents of this file are subject to the Mozilla Public License Version
    7. 

  7. 	1.1 (the "License"); you may not use this file except in compliance with
    8. 

  8. 	the License. You may obtain a copy of the License at
    9. 

  9. 	http://www.mozilla.org/MPL/
    10. 

  10. 

  11. 	Software distributed under the License is distributed on an "AS IS" basis,
    12. 

  12. 	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    13. 

  13. 	for the specific language governing rights and limitations under the
    14. 

  14. 	License.
    15. 

  15. 

  16. 	The Original Code is FusionPBX
    17. 

  17. 

  18. 	The Initial Developer of the Original Code is
    19. 

  19. 	Mark J Crane <[email protected]>
    20. 

  20. 	Copyright (C) 2016 - 2024	All Rights Reserved.
    21. 

  21. */
    22. 

  22. 

  23. /**
    24. 

  24.  * permission class
    25. 

  25.  *
    26. 

  26.  * @method string add
    27. 

  27.  * @method string delete
    28. 

  28.  * @method string exists
    29. 

  29.  */
    30. 

  30. if (!class_exists('permissions')) {
    31. 

  31. 	class permissions {
    32. 

  32. 

  33. 		private $database;
    34. 

  34. 		private $domain_uuid;
    35. 

  35. 		private $user_uuid;
    36. 

  36. 		private $groups;
    37. 

  37. 		private $permissions;
    38. 

  38. 		private static $permission;
    39. 

  39. 

  40. 		/**
    41. 

  41. 		 * called when the object is created
    42. 

  42. 		 */
    43. 

  43. 		public function __construct($database = null, $domain_uuid = null, $user_uuid = null) {
    44. 

  44. 

  45. 			//intitialize as empty arrays
    46. 

  46. 			$this->groups = [];
    47. 

  47. 			$this->permissions = [];
    48. 

  48. 

  49. 			//handle the database object
    50. 

  50. 			if (isset($database)) {
    51. 

  51. 				$this->database = $database;
    52. 

  52. 			}
    53. 

  53. 			else {
    54. 

  54. 				$this->database = database::new();
    55. 

  55. 			}
    56. 

  56. 

  57. 			//set the domain_uuid
    58. 

  58. 			if (!empty($domain_uuid) && is_uuid($domain_uuid)) {
    59. 

  59. 				$this->domain_uuid = $domain_uuid;
    60. 

  60. 			}
    61. 

  61. 			elseif (isset($_SESSION['domain_uuid']) && is_uuid($_SESSION['domain_uuid'])) {
    62. 

  62. 				$this->domain_uuid = $_SESSION['domain_uuid'];
    63. 

  63. 			}
    64. 

  64. 

  65. 			//set the user_uuid
    66. 

  66. 			if (!empty($user_uuid) && is_uuid($user_uuid)) {
    67. 

  67. 				$this->user_uuid = $user_uuid;
    68. 

  68. 			}
    69. 

  69. 			elseif (isset($_SESSION['user_uuid']) && is_uuid($_SESSION['user_uuid'])) {
    70. 

  70. 				$this->user_uuid = $_SESSION['user_uuid'];
    71. 

  71. 			}
    72. 

  72. 

  73. 			//get the permissions
    74. 

  74. 			if (isset($_SESSION['permissions'])) {
    75. 

  75. 				$this->permissions = $_SESSION['permissions'];
    76. 

  76. 			}
    77. 

  77. 			else {
    78. 

  78. 				//create the groups object
    79. 

  79. 				$groups = new groups($this->database, $this->domain_uuid, $this->user_uuid);
    80. 

  80. 				$this->groups = $groups->assigned();
    81. 

  81. 

  82. 				//get the list of groups assigned to the user
    83. 

  83. 				if (!empty($this->groups)) {
    84. 

  84. 					$this->assigned();
    85. 

  85. 				}
    86. 

  86. 			}
    87. 

  87. 		}
    88. 

  88. 

  89. 		/**
    90. 

  90. 		 * get the array of permissions
    91. 

  91. 		 */
    92. 

  92. 		public function get_permissions() {
    93. 

  93. 			return $this->permissions;
    94. 

  94. 		}
    95. 

  95. 

  96. 		/**
    97. 

  97. 		 * Add the permission
    98. 

  98. 		 * @var string $permission
    99. 

  99. 		 */
    100. 

  100. 		public function add($permission, $type) {
    101. 

  101. 			//add the permission if it is not in array
    102. 

  102. 			if (!$this->exists($permission)) {
    103. 

  103. 				$this->permissions[$permission] = $type;
    104. 

  104. 			}
    105. 

  105. 		}
    106. 

  106. 

  107. 		/**
    108. 

  108. 		 * Remove the permission
    109. 

  109. 		 * @var string $permission
    110. 

  110. 		 */
    111. 

  111. 		public function delete($permission, $type) {
    112. 

  112. 			if ($this->exists($permission) && !empty($this->permissions[$permission])) {
    113. 

  113. 				if ($type === "temp") {
    114. 

  114. 					if ($this->permissions[$permission] === "temp") {
    115. 

  115. 						unset($this->permissions[$permission]);
    116. 

  116. 					}
    117. 

  117. 				}
    118. 

  118. 				else {
    119. 

  119. 					if ($this->permissions[$permission] !== "temp") {
    120. 

  120. 						unset($this->permissions[$permission]);
    121. 

  121. 					}
    122. 

  122. 				}
    123. 

  123. 			}
    124. 

  124. 		}
    125. 

  125. 

  126. 		/**
    127. 

  127. 		 * Check to see if the permission exists
    128. 

  128. 		 * @var string $permission
    129. 

  129. 		 */
    130. 

  130. 		public function exists($permission_name) {
    131. 

  131. 

  132. 			//if run from command line then return true
    133. 

  133. 			if (defined('STDIN')) {
    134. 

  134. 				return true;
    135. 

  135. 			}
    136. 

  136. 

  137. 			//search for the permission
    138. 

  138. 			if (!empty($permission_name)) {
    139. 

  139. 				return isset($this->permissions[$permission_name]);
    140. 

  140. 			}
    141. 

  141. 

  142. 			return false;
    143. 

  143. 		}
    144. 

  144. 

  145. 		/**
    146. 

  146. 		 * get the assigned permissions
    147. 

  147. 		 * @var array $groups
    148. 

  148. 		 */
    149. 

  149. 		private function assigned() {
    150. 

  150. 			//define the array
    151. 

  151. 			$permissions = [];
    152. 

  152. 			$parameter_names = [];
    153. 

  153. 

  154. 			//return empty array if there are no groups
    155. 

  155. 			if (empty($this->groups)) {
    156. 

  156. 				return [];
    157. 

  157. 			}
    158. 

  158. 

  159. 			//prepare the parameters
    160. 

  160. 			$x = 0;
    161. 

  161. 			foreach ($this->groups as $field) {
    162. 

  162. 				if (!empty($field['group_name'])) {
    163. 

  163. 					$parameter_names[] = ":group_name_".$x;
    164. 

  164. 					$parameters['group_name_'.$x] = $field['group_name'];
    165. 

  165. 					$x++;
    166. 

  166. 				}
    167. 

  167. 			}
    168. 

  168. 

  169. 			//get the permissions assigned to the user through the assigned groups
    170. 

  170. 			$sql = "select distinct(permission_name) from v_group_permissions ";
    171. 

  171. 			$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
    172. 

  172. 			$sql .= "and group_name in (".implode(", ", $parameter_names).") \n";
    173. 

  173. 			$sql .= "and permission_assigned = 'true' ";
    174. 

  174. 			$parameters['domain_uuid'] = $this->domain_uuid;
    175. 

  175. 			$group_permissions = $this->database->select($sql, $parameters, 'all');
    176. 

  176. 

  177. 			//format the permission array
    178. 

  178. 			foreach ($group_permissions as $row) {
    179. 

  179. 				$permissions[$row['permission_name']] = 1;
    180. 

  180. 			}
    181. 

  181. 

  182. 			//save permissions to this object
    183. 

  183. 			$this->permissions = $permissions;
    184. 

  184. 		}
    185. 

  185. 

  186. 		/**
    187. 

  187. 		 * save the assigned permissions to a session
    188. 

  188. 		 */
    189. 

  189. 		public function session() {
    190. 

  190. 			if (!empty($this->permissions)) {
    191. 

  191. 				foreach ($this->permissions as $permission_name => $row) {
    192. 

  192. 					$_SESSION['permissions'][$permission_name] = true;
    193. 

  193. 					$_SESSION["user"]["permissions"][$permission_name] = true;
    194. 

  194. 				}
    195. 

  195. 			}
    196. 

  196. 		}
    197. 

  197. 

  198. 		/**
    199. 

  199. 		 * Returns a new permission object
    200. 

  200. 		 */
    201. 

  201. 		public static function new($database = null, $domain_uuid = null, $user_uuid = null) {
    202. 

  202. 			if (self::$permission === null) {
    203. 

  203. 				self::$permission = new permissions($database, $domain_uuid, $user_uuid);
    204. 

  204. 			}
    205. 

  205. 			return self::$permission;
    206. 

  206. 		}
    207. 

  207. 

  208. 	}
    209. 

  209. }
    210. 

  210. 

  211. //examples
    212. 

  212. 	/*
    213. 

  213. 	//add the permission
    214. 

  214. 		$p = permissions::new();
    215. 

  215. 		$p->add($permission);
    216. 

  216. 	//delete the permission
    217. 

  217. 		$p = permissions::new();
    218. 

  218. 		$p->delete($permission);
    219. 

  219. 	*/
    220.