2016-04-26 03:30:23 +02:00
|
|
|
<?php
|
|
|
|
|
/*
|
|
|
|
|
FusionPBX
|
|
|
|
|
Version: MPL 1.1
|
|
|
|
|
|
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
|
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
|
|
|
the License. You may obtain a copy of the License at
|
|
|
|
|
http://www.mozilla.org/MPL/
|
|
|
|
|
|
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
|
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
|
|
|
for the specific language governing rights and limitations under the
|
|
|
|
|
License.
|
|
|
|
|
|
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
|
|
|
|
|
|
The Initial Developer of the Original Code is
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
2024-04-28 03:45:31 +02:00
|
|
|
Copyright (C) 2016 - 2024 All Rights Reserved.
|
2016-04-26 03:30:23 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* permission class
|
|
|
|
|
*
|
|
|
|
|
* @method string add
|
|
|
|
|
* @method string delete
|
|
|
|
|
* @method string exists
|
|
|
|
|
*/
|
2016-09-12 23:40:02 +02:00
|
|
|
if (!class_exists('permissions')) {
|
|
|
|
|
class permissions {
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2024-04-21 00:51:53 +02:00
|
|
|
private $database;
|
|
|
|
|
private $domain_uuid;
|
2024-04-28 03:45:31 +02:00
|
|
|
private $user_uuid;
|
2024-04-21 00:51:53 +02:00
|
|
|
private $groups;
|
|
|
|
|
private $permissions;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* called when the object is created
|
|
|
|
|
*/
|
|
|
|
|
public function __construct($database = null, $domain_uuid = null, $user_uuid = null) {
|
|
|
|
|
|
|
|
|
|
//handle the database object
|
|
|
|
|
if (isset($database)) {
|
|
|
|
|
$this->database = $database;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$this->database = new database;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//set the domain_uuid
|
2024-04-28 03:45:31 +02:00
|
|
|
if (!empty($domain_uuid) && is_uuid($domain_uuid)) {
|
2024-04-21 00:51:53 +02:00
|
|
|
$this->domain_uuid = $domain_uuid;
|
|
|
|
|
}
|
|
|
|
|
elseif (isset($_SESSION['domain_uuid']) && is_uuid($_SESSION['domain_uuid'])) {
|
|
|
|
|
$this->domain_uuid = $_SESSION['domain_uuid'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//set the user_uuid
|
2024-04-28 03:45:31 +02:00
|
|
|
if (!empty($user_uuid) && is_uuid($user_uuid)) {
|
2024-04-21 00:51:53 +02:00
|
|
|
$this->user_uuid = $user_uuid;
|
|
|
|
|
}
|
|
|
|
|
elseif (isset($_SESSION['user_uuid']) && is_uuid($_SESSION['user_uuid'])) {
|
|
|
|
|
$this->user_uuid = $_SESSION['user_uuid'];
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-21 04:54:06 +02:00
|
|
|
//get the permissions
|
|
|
|
|
if (isset($_SESSION['permissions'])) {
|
|
|
|
|
$this->permissions = $_SESSION['permissions'];
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
//create the groups object
|
2024-04-21 05:59:04 +02:00
|
|
|
$groups = new groups($this->database, $this->domain_uuid, $this->user_uuid);
|
|
|
|
|
$this->groups = $groups->assigned();
|
2024-04-21 00:51:53 +02:00
|
|
|
|
2024-04-21 04:54:06 +02:00
|
|
|
//get the list of groups assigned to the user
|
|
|
|
|
$this->permissions = $this->assigned();
|
|
|
|
|
}
|
2024-04-21 00:51:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* get the array of permissions
|
|
|
|
|
*/
|
|
|
|
|
public function get_permissions() {
|
|
|
|
|
return $this->permissions;
|
|
|
|
|
}
|
|
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
/**
|
2016-10-01 20:07:47 +02:00
|
|
|
* Add the permission
|
2016-09-12 23:40:02 +02:00
|
|
|
* @var string $permission
|
|
|
|
|
*/
|
2016-10-01 20:07:47 +02:00
|
|
|
public function add($permission, $type) {
|
|
|
|
|
//add the permission if it is not in array
|
2016-09-12 23:40:02 +02:00
|
|
|
if (!$this->exists($permission)) {
|
2016-10-01 20:07:47 +02:00
|
|
|
$_SESSION["permissions"][$permission] = $type;
|
2016-09-12 23:40:02 +02:00
|
|
|
}
|
|
|
|
|
}
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
/**
|
|
|
|
|
* Remove the permission
|
|
|
|
|
* @var string $permission
|
|
|
|
|
*/
|
2016-10-01 20:07:47 +02:00
|
|
|
public function delete($permission, $type) {
|
2024-03-28 15:59:30 +01:00
|
|
|
if ($this->exists($permission) && !empty($_SESSION["permissions"][$permission])) {
|
2016-10-01 20:07:47 +02:00
|
|
|
if ($type === "temp") {
|
|
|
|
|
if ($_SESSION["permissions"][$permission] === "temp") {
|
|
|
|
|
unset($_SESSION["permissions"][$permission]);
|
|
|
|
|
}
|
2016-04-26 03:30:23 +02:00
|
|
|
}
|
2016-09-12 23:40:02 +02:00
|
|
|
else {
|
2016-10-01 20:07:47 +02:00
|
|
|
if ($_SESSION["permissions"][$permission] !== "temp") {
|
|
|
|
|
unset($_SESSION["permissions"][$permission]);
|
|
|
|
|
}
|
2016-09-12 23:40:02 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
/**
|
|
|
|
|
* Check to see if the permission exists
|
|
|
|
|
* @var string $permission
|
|
|
|
|
*/
|
2023-09-11 19:54:36 +02:00
|
|
|
public function exists($permission_name) {
|
|
|
|
|
|
2023-09-14 23:42:56 +02:00
|
|
|
//if run from command line then return true
|
2023-09-21 20:07:32 +02:00
|
|
|
if (defined('STDIN')) {
|
2023-09-14 23:42:56 +02:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
//search for the permission
|
2024-09-09 17:14:45 +02:00
|
|
|
if (!empty($permission_name)) {
|
|
|
|
|
return isset($this->permissions[$permission_name]);
|
2023-09-11 09:45:19 +02:00
|
|
|
}
|
|
|
|
|
|
2024-09-09 17:14:45 +02:00
|
|
|
return false;
|
2023-09-11 09:45:19 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* get the assigned permissions
|
|
|
|
|
* @var array $groups
|
|
|
|
|
*/
|
2024-04-21 00:51:53 +02:00
|
|
|
public function assigned() {
|
2024-04-28 03:45:31 +02:00
|
|
|
//define the array
|
|
|
|
|
$parameter_names = [];
|
|
|
|
|
|
2023-11-23 19:51:47 +01:00
|
|
|
//prepare the parameters
|
2023-09-11 09:45:19 +02:00
|
|
|
$x = 0;
|
2024-04-21 00:51:53 +02:00
|
|
|
foreach ($this->groups as $field) {
|
2023-09-11 09:45:19 +02:00
|
|
|
if (!empty($field['group_name'])) {
|
2023-11-23 19:51:47 +01:00
|
|
|
$parameter_names[] = ":group_name_".$x;
|
2023-09-11 09:45:19 +02:00
|
|
|
$parameters['group_name_'.$x] = $field['group_name'];
|
|
|
|
|
$x++;
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-11-23 19:51:47 +01:00
|
|
|
|
|
|
|
|
//get the permissions assigned to the user through the assigned groups
|
|
|
|
|
$sql = "select distinct(permission_name) from v_group_permissions ";
|
|
|
|
|
$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
|
|
|
|
|
if (is_array($parameter_names) && @sizeof($parameter_names) != 0) {
|
|
|
|
|
$sql .= "and group_name in (".implode(", ", $parameter_names).") \n";
|
2023-09-11 09:45:19 +02:00
|
|
|
}
|
|
|
|
|
$sql .= "and permission_assigned = 'true' ";
|
2024-04-21 00:51:53 +02:00
|
|
|
$parameters['domain_uuid'] = $this->domain_uuid;
|
2023-09-11 09:45:19 +02:00
|
|
|
$database = new database;
|
|
|
|
|
$permissions = $database->select($sql, $parameters, 'all');
|
|
|
|
|
unset($sql, $parameters, $result);
|
|
|
|
|
return $permissions;
|
2016-04-26 03:30:23 +02:00
|
|
|
}
|
2023-09-11 09:45:19 +02:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* save the assigned permissions to a session
|
|
|
|
|
*/
|
2024-04-21 00:51:53 +02:00
|
|
|
public function session() {
|
|
|
|
|
if (!empty($this->permissions)) {
|
|
|
|
|
foreach ($this->permissions as $row) {
|
2023-09-11 09:45:19 +02:00
|
|
|
$_SESSION['permissions'][$row["permission_name"]] = true;
|
|
|
|
|
$_SESSION["user"]["permissions"][$row["permission_name"]] = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-26 03:30:23 +02:00
|
|
|
}
|
2016-09-12 23:40:02 +02:00
|
|
|
}
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2016-09-12 23:40:02 +02:00
|
|
|
//examples
|
|
|
|
|
/*
|
|
|
|
|
//add the permission
|
|
|
|
|
$p = new permissions;
|
|
|
|
|
$p->add($permission);
|
|
|
|
|
//delete the permission
|
|
|
|
|
$p = new permissions;
|
|
|
|
|
$p->delete($permission);
|
|
|
|
|
*/
|
2016-04-26 03:30:23 +02:00
|
|
|
|
2024-04-28 03:45:31 +02:00
|
|
|
?>
|
