path: root/modules-available/permissionmanager/inc/getpermissiondata.inc.php

<?php

class GetPermissionData
{

	const WITH_USER_COUNT = 1;
	const WITH_LOCATION_COUNT = 2;

	/**
	 * Get data for all users.
	 *
	 * @return array array of users (each with userid, username and roles (each with roleid and rolename))
	 */
	public static function getUserData(): array
	{
		$res = Database::simpleQuery("SELECT user.userid AS userid, user.login AS login, role.rolename AS rolename, role.roleid AS roleid
												FROM user
												LEFT JOIN role_x_user ON user.userid = role_x_user.userid
												LEFT JOIN role ON role_x_user.roleid = role.roleid
												");
		$userdata = array();
		foreach ($res as $row) {
			$userdata[$row['userid'] . ' ' . $row['login']][] = array(
				'roleid' => $row['roleid'],
				'rolename' => $row['rolename']
			);
		}
		$data = array();
		foreach ($userdata AS $user => $roles) {
			$user = explode(" ", $user, 2);
			$data[] = array(
				'userid' => $user[0],
				'username' => $user[1],
				'roles' => $roles
			);
		}
		return $data;
	}

	/**
	 * Get data for all locations.
	 *
	 * @return array array of locations (each including the roles that have permissions for them)
	 */
	public static function getLocationData(): array
	{
		$res = Database::simpleQuery("SELECT role.roleid AS roleid, rolename, GROUP_CONCAT(COALESCE(locationid, 0)) AS locationids FROM role
 												INNER JOIN role_x_location ON role.roleid = role_x_location.roleid GROUP BY roleid ORDER BY rolename ASC");
		$locations = Location::getLocations(0, 0, false, true);
		foreach ($res as $row) {
			$locationids = explode(",", $row['locationids']);
			if (in_array("0", $locationids)) {
				$locationids = array_map("intval", Location::extractIds(Location::getTree()));
			} else {
				$locationids = PermissionUtil::getSublocations(Location::getTree(), $locationids);
			}
			foreach ($locationids as $locationid) {
				$locations[$locationid]['roles'][] = array(
					'roleid' => $row['roleid'],
					'rolename' => $row['rolename']
				);
			}
		}
		return array_values($locations);
	}

	/**
	 * Get all roles.
	 *
	 * @param int $flags Bitmask specifying additional data to fetch (WITH_* constants of this class)
	 * @return array array roles (each with roleid and rolename)
	 */
	public static function getRoles(int $flags = 0): array
	{
		$cols = $joins = '';
		if ($flags & self::WITH_USER_COUNT) {
			$cols .= ', Count(DISTINCT rxu.userid) AS users';
			$joins .= ' LEFT JOIN role_x_user rxu ON (r.roleid = rxu.roleid)';
		}
		if ($flags & self::WITH_LOCATION_COUNT) {
			$cols .= ', Count(DISTINCT rxl.locationid) AS locations';
			$joins .= ' LEFT JOIN role_x_location rxl ON (r.roleid = rxl.roleid)';
		}
		if (!empty($joins)) {
			$joins .= ' GROUP BY r.roleid';
		}
		return Database::queryAll("SELECT r.roleid, r.rolename, r.builtin, r.roledescription $cols FROM role r
			$joins
			ORDER BY rolename ASC");
	}

	/**
	 * Get permissions and locations for a given role.
	 *
	 * @param string $roleid id of the role
	 * @return ?array array containing an array of permissions and an array of locations, null if not found
	 */
	public static function getRoleData(string $roleid): ?array
	{
		$data = self::getRole($roleid);
		$res = Database::simpleQuery("SELECT roleid, locationid FROM role_x_location WHERE roleid = :roleid",
			array("roleid" => $roleid));
		if ($res === false)
			return null;
		$data["locations"] = array();
		foreach ($res as $row) {
			$data["locations"][] = $row['locationid'];
		}
		$res = Database::simpleQuery("SELECT roleid, permissionid FROM role_x_permission WHERE roleid = :roleid",
			array("roleid" => $roleid));
		$data["permissions"] = array();
		foreach ($res as $row) {
			$data["permissions"][] = $row['permissionid'];
		}
		return $data;
	}

	public static function getRole($roleId)
	{
		return Database::queryFirst("SELECT roleid, rolename, builtin, roledescription FROM role
				WHERE roleid = :roleid", ['roleid' => $roleId]);
	}

}