Add new class methods and use them

2023-09-11 01:45:19 -06:00 · 2023-09-11 01:45:19 -06:00 · 2c5724c6ed
parent 6411f50750
commit 2c5724c6ed
8 changed files with 238 additions and 184 deletions
--- a/core/authentication/resources/classes/authentication.php
+++ b/core/authentication/resources/classes/authentication.php
@ -236,63 +236,13 @@ class authentication {
 					$_SESSION["user"]["username"] = $result["username"];
 					$_SESSION["user"]["contact_uuid"] = $result["contact_uuid"];
-				//get the groups assigned to the user and then set the groups in $_SESSION["groups"]
+				//get the groups assigned to the user 
-					$sql = "select ";
+					$group = new groups;
-					$sql .= "u.user_group_uuid, ";
+					$group->session($result["domain_uuid"], $result["user_uuid"]);
 					$sql .= "u.domain_uuid, ";
 					$sql .= "u.user_uuid, ";
 					$sql .= "u.group_uuid, ";
 					$sql .= "g.group_name, ";
 					$sql .= "g.group_level ";
 					$sql .= "from ";
 					$sql .= "v_user_groups as u, ";
 					$sql .= "v_groups as g ";
 					$sql .= "where u.domain_uuid = :domain_uuid ";
 					$sql .= "and u.user_uuid = :user_uuid ";
 					$sql .= "and u.group_uuid = g.group_uuid ";
 					$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
 					$parameters['user_uuid'] = $_SESSION["user_uuid"];
 					$database = new database;
 					$result = $database->select($sql, $parameters, 'all');
 					$_SESSION["groups"] = $result;
 					$_SESSION["user"]["groups"] = $result;
 					unset($sql, $parameters);
-				//get the users group level
+				//get the permissions assigned to the user through the assigned groups
-					$_SESSION["user"]["group_level"] = 0;
+					$permission = new permissions;
-					foreach ($_SESSION['user']['groups'] as $row) {
+					$permission->session($result["domain_uuid"], $_SESSION["groups"]);
 						if ($_SESSION["user"]["group_level"] < $row['group_level']) {
 							$_SESSION["user"]["group_level"] = $row['group_level'];
 						}
 					}
 				//get the permissions assigned to the groups that the user is a member of set the permissions in $_SESSION['permissions']
 					if (is_array($_SESSION["groups"]) && @sizeof($_SESSION["groups"]) != 0) {
 						$x = 0;
 						$sql = "select distinct(permission_name) from v_group_permissions ";
 						$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
 						foreach ($_SESSION["groups"] as $field) {
 							if (!empty($field['group_name'])) {
 								$sql_where_or[] = "group_name = :group_name_".$x;
 								$parameters['group_name_'.$x] = $field['group_name'];
 								$x++;
 							}
 						}
 						if (is_array($sql_where_or) && @sizeof($sql_where_or) != 0) {
 							$sql .= "and (".implode(' or ', $sql_where_or).") ";
 						}
 						$sql .= "and permission_assigned = 'true' ";
 						$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
 						$database = new database;
 						$result = $database->select($sql, $parameters, 'all');
 						if (is_array($result) && @sizeof($result) != 0) {
 							foreach ($result as $row) {
 								$_SESSION['permissions'][$row["permission_name"]] = true;
 								$_SESSION["user"]["permissions"][$row["permission_name"]] = true;
 							}
 						}
 						unset($sql, $parameters, $result, $row);
 					}
 				//get the domains
 					if (file_exists($_SERVER["PROJECT_ROOT"]."/app/domains/app_config.php") && !is_cli()){
--- a/resources/check_auth.php
+++ b/resources/check_auth.php
@ -37,7 +37,35 @@
 	}
 //start the session
-	if (!isset($_SESSION)) { session_start(); }
+	if (function_exists('session_start')) { 
 		if (!isset($_SESSION)) {
 			session_start();
 		}
 	}
 //regenerate sessions to avoid session id attacks such as session fixation
 	if (array_key_exists('security',$_SESSION) && $_SESSION['security']['session_rotate']['boolean'] == "true") {
 		$_SESSION['session']['last_activity'] = time();
 		if (!isset($_SESSION['session']['created'])) {
 			$_SESSION['session']['created'] = time();
 		} else if (time() - $_SESSION['session']['created'] > 28800) {
 			// session started more than 8 hours ago
 			session_regenerate_id(true);    // rotate the session id
 			$_SESSION['session']['created'] = time();  // update creation time
 		}
 	}
 //set the domains session
 	if (!isset($_SESSION['domains'])) {
 		$domain = new domains();
 		$domain->session();
 		$domain->set();
 	}
 //set the domain_uuid variable from the session
 	if (!empty($_SESSION["domain_uuid"])) {
 		$domain_uuid = $_SESSION["domain_uuid"];
 	}
 //define variables
 	if (!isset($_SESSION['template_content'])) { $_SESSION["template_content"] = null; }
--- a/resources/classes/domains.php
+++ b/resources/classes/domains.php
@ -25,7 +25,6 @@
 	sreis
 */
 /**
 * domains class
 *
@ -803,6 +802,72 @@ if (!class_exists('domains')) {
 				}
 		} //end settings method
 		/**
 		 * get a domain list
 		 */
 		public function all() {
 			//get the domains from the database
 				$database = new database;
 				if ($database->table_exists('v_domains')) {
 					$sql = "select * from v_domains order by domain_name asc;";
 					$database = new database;
 					$result = $database->select($sql, null, 'all');
 					foreach($result as $row) {
 						$domain_names[] = $row['domain_name'];
 					}
 					unset($prep_statement);
 				}
 			//build the domains array in the correct order
 				if (is_array($domain_names)) { 
 					foreach ($domain_names as $dn) {
 						foreach ($result as $row) {
 							if ($row['domain_name'] == $dn) {
 								$domains[] = $row;
 							}
 						}
 					}
 					unset($result);
 				}
 			//return the domains array
 				return $domains;
 		}
 		/**
 		 * get a domain list
 		 */
 		public function session() {
 			//get the list of domains
 				$domains = $this->all();
 			//get the domain
 				$domain_array = explode(":", $_SERVER["HTTP_HOST"] ?? '');
 			//set domain_name and domain_uuid and update domains array with domain_uuid as the key
 				if (!empty($domains) && is_array($domains)) {
 					foreach($domains as $row) {
 						if (!isset($_SESSION['username'])) {
 							if (!empty($domains) && count($domains) == 1) {
 								$domain_uuid = $row["domain_uuid"];
 								$domain_name = $row['domain_name'];
 								$_SESSION["domain_uuid"] = $row["domain_uuid"];
 								$_SESSION["domain_name"] = $row['domain_name'];
 							}
 							else {
 								if ($row['domain_name'] == $domain_array[0] || $row['domain_name'] == 'www.'.$domain_array[0]) {
 									$_SESSION["domain_uuid"] = $row["domain_uuid"];
 									$_SESSION["domain_name"] = $row["domain_name"];
 								}
 							}
 						}	
 						$_SESSION['domains'][$row['domain_uuid']] = $row;
 					}
 					unset($domains, $prep_statement);
 				}
 		}
 	}
 }
--- a/resources/classes/groups.php
+++ b/resources/classes/groups.php
@ -470,6 +470,56 @@ if (!class_exists('groups')) {
 				}
 		}
 		/**
 		 * get the groups assigned to the user
 		 */
 		public function assigned($domain_uuid, $user_uuid) {
 			$sql = "select ";
 			$sql .= "u.user_group_uuid, ";
 			$sql .= "u.domain_uuid, ";
 			$sql .= "u.user_uuid, ";
 			$sql .= "u.group_uuid, ";
 			$sql .= "g.group_name, ";
 			$sql .= "g.group_level ";
 			$sql .= "from ";
 			$sql .= "v_user_groups as u, ";
 			$sql .= "v_groups as g ";
 			$sql .= "where u.domain_uuid = :domain_uuid ";
 			$sql .= "and u.user_uuid = :user_uuid ";
 			$sql .= "and u.group_uuid = g.group_uuid ";
 			$parameters['domain_uuid'] = $domain_uuid;
 			$parameters['user_uuid'] = $user_uuid;
 			$database = new database;
 			$groups = $database->select($sql, $parameters, 'all');
 			unset($sql, $parameters);
 			if (!empty($groups)) {
 				return $groups;
 			}
 			else {
 				return false;
 			}
 		}
 		/**
 		 * add the assigned groups the session array
 		 */
 		public function session($domain_uuid, $user_uuid) {
 			//get the groups
 			$groups = $this->assigned($domain_uuid, $user_uuid);
 			//set the groups in the session
 			$_SESSION["groups"] = $groups;
 			$_SESSION["user"]["groups"] = $groups;
 			//get the users group level
 			$_SESSION["user"]["group_level"] = 0;
 			foreach ($_SESSION['user']['groups'] as $row) {
 				if ($_SESSION["user"]["group_level"] < $row['group_level']) {
 					$_SESSION["user"]["group_level"] = $row['group_level'];
 				}
 			}
 		}
 	}
 }
--- a/resources/classes/permissions.php
+++ b/resources/classes/permissions.php
@ -18,7 +18,6 @@
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
 	Copyright (C) 2016	All Rights Reserved.
 */
 /**
@ -65,16 +64,89 @@ if (!class_exists('permissions')) {
 		 * Check to see if the permission exists
 		 * @var string $permission
 		 */
-		function exists($permission) {
+		public function exists($permission) {
-			//set default false
+			//define permissions global variable
 			global $permissions;
 			if (empty($permissions) && empty($_SESSION["permissions"])) {
 				//define additional global variables
 				global $groups, $domain_uuid, $user_uuid;
 				//get the groups assigned to the user
 				if (empty($groups)) {
 					$group = new groups;
 					$groups = $group->assigned($domain_uuid, $user_uuid);
 				}
 				//get the permissions assigned to the user through the assigned groups
 				$permission = new permissions;
 				$permissions = $permission->assigned($domain_uuid, $groups);
 			}
 			if (!empty($_SESSION["permissions"])) {
 				$permissions = $_SESSION["permissions"];
 			}
 			//set default to false
 			$result = false;
 			//search for the permission
-				if (!empty($_SESSION["permissions"]) && is_array($_SESSION["permissions"]) && isset($_SESSION["permissions"][$permission])) {
+			if (!empty($permissions) && !empty($permission)) {
 				foreach($permissions as $field) {
 					if ($permission == $field) {
 						$result = true;
 					}
 				}
 			}
 			//return the result
 			return $result;
 		}
 		/**
 		 * get the assigned permissions
 		 * @var array $groups
 		 */
 		public function assigned($domain_uuid, $groups) {
 			//groups not provided return false
 			if (empty($groups)) {
 				return false;
 			}
 			//get the permissions assigned to the user through the assigned groups
 			$x = 0;
 			$sql = "select distinct(permission_name) from v_group_permissions ";
 			$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
 			foreach ($groups as $field) {
 				if (!empty($field['group_name'])) {
 					$sql_where_or[] = "group_name = :group_name_".$x;
 					$parameters['group_name_'.$x] = $field['group_name'];
 					$x++;
 				}
 			}
 			if (!empty($sql_where_or)) {
 				$sql .= "and (".implode(' or ', $sql_where_or).") ";
 			}
 			$sql .= "and permission_assigned = 'true' ";
 			$parameters['domain_uuid'] = $domain_uuid;
 			$database = new database;
 			$permissions = $database->select($sql, $parameters, 'all');
 			unset($sql, $parameters, $result);
 			return $permissions;
 		}
 		/**
 		 * save the assigned permissions to a session
 		 */
 		public function session($domain_uuid, $groups) {
 			$permissions = $this->assigned($domain_uuid, $groups);
 			if (!empty($permissions)) {
 				foreach ($permissions as $row) {
 					$_SESSION['permissions'][$row["permission_name"]] = true;
 					$_SESSION["user"]["permissions"][$row["permission_name"]] = true;
 				}
 			}
 		}
 	}
 }
--- a/resources/functions.php
+++ b/resources/functions.php
@ -274,44 +274,11 @@
 		}
 	}
 	//check if the permission exists
 	if (!function_exists('permission_exists')) {
 		function permission_exists($permission, $operator = 'or') {
-			//set default
+			$permission = new permissions;
-				$result = false;
+			return $permission->exists($permission);
 			//permissions exist
 				if (!empty($_SESSION["permissions"]) && is_array($_SESSION["permissions"]) && @sizeof($_SESSION['permissions']) != 0) {
 					//array
 					if (is_array($permission) && @sizeof($permission) != 0) {
 						if ($operator == 'and') {
 							$exists_all = true;
 							foreach ($permission as $perm) {
 								if ($_SESSION["permissions"][$permission] != true) {
 									$exists_all = false;
 									break;
 								}
 							}
 							$result = $exists_all;
 						}
 						else {
 							$exists_one = false;
 							foreach ($permission as $perm) {
 								if (isset($_SESSION["permissions"][$perm]) && $_SESSION["permissions"][$perm] != true) {
 									$exists_one = true;
 									break;
 								}
 							}
 							$result = $exists_one;
 						}
 					}
 					//single
 					else {
 						if (isset($_SESSION["permissions"][$permission]) && $_SESSION["permissions"][$permission] == true) {
 							$result = true;
 						}
 					}
 				}
 			//return the result
 				return $result;
 		}
 	}
--- a/resources/pdo.php
+++ b/resources/pdo.php
@ -279,84 +279,4 @@ if ($db_type == "odbc") {
 	}
 } //end if db_type pgsql
 //get the domain list
 	if (empty($_SESSION['domains']) or empty($_SESSION["domain_uuid"])) {
 		//get the domain
 			$domain_array = explode(":", $_SERVER["HTTP_HOST"] ?? '');
 		//get the domains from the database
 			$database = new database;
 			if ($database->table_exists('v_domains')) {
 				$sql = "select * from v_domains order by domain_name asc;";
 				$prep_statement = $db->prepare($sql);
 				$prep_statement->execute();
 				$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
 				foreach($result as $row) {
 					$domain_names[] = $row['domain_name'];
 				}
 				unset($prep_statement);
 			}
 		//build the domains array in the correct order
 			if (is_array($domain_names)) { 
 				foreach ($domain_names as $dn) {
 					foreach ($result as $row) {
 						if ($row['domain_name'] == $dn) {
 							$domains[] = $row;
 						}
 					}
 				}
 				unset($result);
 			}
 			if (is_array($domains)) {
 				foreach($domains as $row) {
 					if (!isset($_SESSION['username'])) {
 						if (count($domains) == 1) {
 							$_SESSION["domain_uuid"] = $row["domain_uuid"];
 							$_SESSION["domain_name"] = $row['domain_name'];
 						}
 						else {
 							if ($row['domain_name'] == $domain_array[0] || $row['domain_name'] == 'www.'.$domain_array[0]) {
 								$_SESSION["domain_uuid"] = $row["domain_uuid"];
 								$_SESSION["domain_name"] = $row["domain_name"];
 							}
 						}
 					}	
 					$_SESSION['domains'][$row['domain_uuid']] = $row;
 				}
 				unset($domains, $prep_statement);
 			}
 	}
 //get the software name
 	if (!isset($_SESSION["software_name"])) {
 		$database = new database;
 		if ($database->table_exists('v_software')) {
 			$sql = "select * from v_software ";
 			$prep_statement = $db->prepare(check_sql($sql));
 			if ($prep_statement) {
 				$prep_statement->execute();
 				$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
 				$_SESSION["software_name"] = $row['software_name'];
 			}
 			unset($prep_statement, $result);
 		}
 	}
 //set the setting arrays
 	if (!isset($_SESSION['domain']['menu'])) {
 		$domain = new domains();
 		$domain->set();
 	}
 //set the domain_uuid variable from the session
 	if (!empty($_SESSION["domain_uuid"])) {
 		$domain_uuid = $_SESSION["domain_uuid"];
 	}
 	else {
 		$domain_uuid = uuid();
 	}
 ?>
--- a/resources/require.php
+++ b/resources/require.php
@ -123,14 +123,16 @@
 	require_once "resources/functions.php";
 	if (is_array($conf) && count($conf) > 0) {
 		require_once "resources/pdo.php";
 		if (!defined('STDIN')) {
 			require_once "resources/cidr.php";
 		}
 		if (file_exists($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/resources/switch.php")) {
 			require_once "resources/switch.php";
 		}
 	}
 //change language on the fly - for translate tool (if available)
-	if (isset($_REQUEST['view_lang_code']) && ($_REQUEST['view_lang_code']) != '') {
+	if (!defined('STDIN') && isset($_REQUEST['view_lang_code']) && ($_REQUEST['view_lang_code']) != '') {
 		$_SESSION['domain']['language']['code'] = $_REQUEST['view_lang_code'];
 	}