2016-04-26 03:30:23 +02:00
|
|
|
<?php
|
|
|
|
|
/*
|
|
|
|
|
FusionPBX
|
|
|
|
|
Version: MPL 1.1
|
|
|
|
|
|
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
|
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
|
|
|
the License. You may obtain a copy of the License at
|
|
|
|
|
http://www.mozilla.org/MPL/
|
|
|
|
|
|
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
|
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
|
|
|
for the specific language governing rights and limitations under the
|
|
|
|
|
License.
|
|
|
|
|
|
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
|
|
|
|
|
|
The Initial Developer of the Original Code is
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
2016-09-12 23:42:28 +02:00
|
|
|
Copyright (C) 2016 All Rights Reserved.
|
2016-04-26 03:30:23 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* permission class
|
|
|
|
|
*
|
|
|
|
|
* @method string add
|
|
|
|
|
* @method string delete
|
|
|
|
|
* @method string exists
|
|
|
|
|
*/
|
2016-09-12 23:40:02 +02:00
|
|
|
if (!class_exists('permissions')) {
|
|
|
|
|
class permissions {
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
/**
|
2016-10-01 20:07:47 +02:00
|
|
|
* Add the permission
|
2016-09-12 23:40:02 +02:00
|
|
|
* @var string $permission
|
|
|
|
|
*/
|
2016-10-01 20:07:47 +02:00
|
|
|
public function add($permission, $type) {
|
|
|
|
|
//add the permission if it is not in array
|
2016-09-12 23:40:02 +02:00
|
|
|
if (!$this->exists($permission)) {
|
2016-10-01 20:07:47 +02:00
|
|
|
$_SESSION["permissions"][$permission] = $type;
|
2016-09-12 23:40:02 +02:00
|
|
|
}
|
|
|
|
|
}
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
/**
|
|
|
|
|
* Remove the permission
|
|
|
|
|
* @var string $permission
|
|
|
|
|
*/
|
2016-10-01 20:07:47 +02:00
|
|
|
public function delete($permission, $type) {
|
2016-09-12 23:40:02 +02:00
|
|
|
if ($this->exists($permission)) {
|
2016-10-01 20:07:47 +02:00
|
|
|
if ($type === "temp") {
|
|
|
|
|
if ($_SESSION["permissions"][$permission] === "temp") {
|
|
|
|
|
unset($_SESSION["permissions"][$permission]);
|
|
|
|
|
}
|
2016-04-26 03:30:23 +02:00
|
|
|
}
|
2016-09-12 23:40:02 +02:00
|
|
|
else {
|
2016-10-01 20:07:47 +02:00
|
|
|
if ($_SESSION["permissions"][$permission] !== "temp") {
|
|
|
|
|
unset($_SESSION["permissions"][$permission]);
|
|
|
|
|
}
|
2016-09-12 23:40:02 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
/**
|
|
|
|
|
* Check to see if the permission exists
|
|
|
|
|
* @var string $permission
|
|
|
|
|
*/
|
2023-09-11 19:54:36 +02:00
|
|
|
public function exists($permission_name) {
|
|
|
|
|
|
2023-09-14 23:42:56 +02:00
|
|
|
//if run from command line then return true
|
|
|
|
|
if (defined('STDIN') && empty($_SESSION["permissions"])) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-11 09:45:19 +02:00
|
|
|
//define permissions global variable
|
|
|
|
|
global $permissions;
|
|
|
|
|
|
|
|
|
|
if (empty($permissions) && empty($_SESSION["permissions"])) {
|
|
|
|
|
//define additional global variables
|
|
|
|
|
global $groups, $domain_uuid, $user_uuid;
|
|
|
|
|
|
|
|
|
|
//get the groups assigned to the user
|
|
|
|
|
if (empty($groups)) {
|
|
|
|
|
$group = new groups;
|
|
|
|
|
$groups = $group->assigned($domain_uuid, $user_uuid);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//get the permissions assigned to the user through the assigned groups
|
|
|
|
|
$permission = new permissions;
|
|
|
|
|
$permissions = $permission->assigned($domain_uuid, $groups);
|
|
|
|
|
}
|
2023-09-11 19:54:36 +02:00
|
|
|
|
|
|
|
|
if (empty($permissions)) {
|
2023-09-20 22:49:27 +02:00
|
|
|
$permissions = $_SESSION["permissions"] ?? [];
|
2023-09-11 09:45:19 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//set default to false
|
|
|
|
|
$result = false;
|
|
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
//search for the permission
|
2023-09-11 19:54:36 +02:00
|
|
|
if (!empty($permissions) && !empty($permission_name)) {
|
|
|
|
|
foreach($permissions as $key => $value) {
|
|
|
|
|
if ($key == $permission_name) {
|
2023-09-11 09:45:19 +02:00
|
|
|
$result = true;
|
2023-09-11 19:54:36 +02:00
|
|
|
break;
|
2023-09-11 09:45:19 +02:00
|
|
|
}
|
2016-04-26 03:30:23 +02:00
|
|
|
}
|
2023-09-11 09:45:19 +02:00
|
|
|
}
|
|
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
//return the result
|
2023-09-11 09:45:19 +02:00
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* get the assigned permissions
|
|
|
|
|
* @var array $groups
|
|
|
|
|
*/
|
|
|
|
|
public function assigned($domain_uuid, $groups) {
|
|
|
|
|
//groups not provided return false
|
|
|
|
|
if (empty($groups)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//get the permissions assigned to the user through the assigned groups
|
|
|
|
|
$x = 0;
|
|
|
|
|
$sql = "select distinct(permission_name) from v_group_permissions ";
|
|
|
|
|
$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
|
|
|
|
|
foreach ($groups as $field) {
|
|
|
|
|
if (!empty($field['group_name'])) {
|
|
|
|
|
$sql_where_or[] = "group_name = :group_name_".$x;
|
|
|
|
|
$parameters['group_name_'.$x] = $field['group_name'];
|
|
|
|
|
$x++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (!empty($sql_where_or)) {
|
|
|
|
|
$sql .= "and (".implode(' or ', $sql_where_or).") ";
|
|
|
|
|
}
|
|
|
|
|
$sql .= "and permission_assigned = 'true' ";
|
|
|
|
|
$parameters['domain_uuid'] = $domain_uuid;
|
|
|
|
|
$database = new database;
|
|
|
|
|
$permissions = $database->select($sql, $parameters, 'all');
|
|
|
|
|
unset($sql, $parameters, $result);
|
|
|
|
|
return $permissions;
|
2016-04-26 03:30:23 +02:00
|
|
|
}
|
2023-09-11 09:45:19 +02:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* save the assigned permissions to a session
|
|
|
|
|
*/
|
|
|
|
|
public function session($domain_uuid, $groups) {
|
|
|
|
|
$permissions = $this->assigned($domain_uuid, $groups);
|
|
|
|
|
if (!empty($permissions)) {
|
|
|
|
|
foreach ($permissions as $row) {
|
|
|
|
|
$_SESSION['permissions'][$row["permission_name"]] = true;
|
|
|
|
|
$_SESSION["user"]["permissions"][$row["permission_name"]] = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-26 03:30:23 +02:00
|
|
|
}
|
2016-09-12 23:40:02 +02:00
|
|
|
}
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
//examples
|
|
|
|
|
/*
|
|
|
|
|
//add the permission
|
|
|
|
|
$p = new permissions;
|
|
|
|
|
$p->add($permission);
|
|
|
|
|
//delete the permission
|
|
|
|
|
$p = new permissions;
|
|
|
|
|
$p->delete($permission);
|
|
|
|
|
*/
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
?>
|
