diff options
author | Udo Walter | 2017-04-07 15:49:54 +0200 |
---|---|---|
committer | Udo Walter | 2017-04-07 15:49:54 +0200 |
commit | d033483d3ed9e05f1109a3713ec6a3df883a1dae (patch) | |
tree | 13df2276d6c137901d87ea5daf23464e5c7bb869 /modules-available/permissionmanager/inc | |
parent | [permission-manager] added possibility to select all permissions (diff) | |
download | slx-admin-d033483d3ed9e05f1109a3713ec6a3df883a1dae.tar.gz slx-admin-d033483d3ed9e05f1109a3713ec6a3df883a1dae.tar.xz slx-admin-d033483d3ed9e05f1109a3713ec6a3df883a1dae.zip |
[permission-manager] renamed some files, moved html generation to templates,
using bind variables in mysql code, changed order of modules in role editor
Diffstat (limited to 'modules-available/permissionmanager/inc')
-rw-r--r-- | modules-available/permissionmanager/inc/dbupdate.inc.php | 54 | ||||
-rw-r--r-- | modules-available/permissionmanager/inc/getpermissiondata.inc.php (renamed from modules-available/permissionmanager/inc/getdata.inc.php) | 24 | ||||
-rw-r--r-- | modules-available/permissionmanager/inc/permissiondbupdate.inc.php | 57 | ||||
-rw-r--r-- | modules-available/permissionmanager/inc/permissionutil.inc.php | 10 |
4 files changed, 78 insertions, 67 deletions
diff --git a/modules-available/permissionmanager/inc/dbupdate.inc.php b/modules-available/permissionmanager/inc/dbupdate.inc.php deleted file mode 100644 index 1101e4f7..00000000 --- a/modules-available/permissionmanager/inc/dbupdate.inc.php +++ /dev/null @@ -1,54 +0,0 @@ -<?php - -class DbUpdate { - - // insert new userXrole to database. "ignore" to ignore duplicate entry try - public static function addRoleToUser($users, $roles) { - foreach($users AS $user) { - foreach ($roles AS $role) { - $query = "INSERT IGNORE INTO userXrole (userid, roleid) VALUES ($user, $role)"; - Database::exec($query); - } - } - } - - // remove userXrole entry from database - public static function removeRoleFromUser($users, $roles) { - foreach($users AS $user) { - foreach ($roles AS $role) { - $query = "DELETE FROM userXrole WHERE userid = $user AND roleid = $role"; - Database::exec($query); - } - } - } - - // delete role, delete userXrole relationships, delete roleXlocation relationships, delete roleXpermission relationships - public static function deleteRole($id) { - $query = "DELETE FROM role WHERE id = $id"; - Database::exec($query); - $query = "DELETE FROM userXrole WHERE roleid = $id"; - Database::exec($query); - $query = "DELETE FROM roleXlocation WHERE roleid = $id"; - Database::exec($query); - $query = "DELETE FROM roleXpermission WHERE roleid = $id"; - Database::exec($query); - } - - public static function saveRole($roleName, $locations, $permissions, $role = NULL) { - if ($role) { - Database::exec("UPDATE role SET name = '$roleName' WHERE id = $role"); - Database::exec("DELETE FROM roleXlocation WHERE roleid = $role"); - Database::exec("DELETE FROM roleXpermission WHERE roleid = $role"); - } else { - Database::exec("INSERT INTO role (name) VALUES ('$roleName')"); - $role = Database::lastInsertId(); - } - foreach ($locations as $locID) { - Database::exec("INSERT INTO roleXlocation (roleid, locid) VALUES ($role, $locID)"); - } - foreach ($permissions as $permission) { - Database::exec("INSERT INTO roleXpermission (roleid, permissionid) VALUES ($role, '$permission')"); - } - } - -} diff --git a/modules-available/permissionmanager/inc/getdata.inc.php b/modules-available/permissionmanager/inc/getpermissiondata.inc.php index caa50215..be7ddb1c 100644 --- a/modules-available/permissionmanager/inc/getdata.inc.php +++ b/modules-available/permissionmanager/inc/getpermissiondata.inc.php @@ -1,6 +1,6 @@ <?php -class GetData { +class GetPermissionData { // get UserIDs, User Login Names, User Roles public static function getUserData() { @@ -53,17 +53,17 @@ class GetData { return $data; } - public static function getRoleData($roleID) { - $query = "SELECT id, name FROM role WHERE id = $roleID"; - $data = Database::queryFirst($query); - $query = "SELECT roleid, locid FROM roleXlocation WHERE roleid = $roleID"; - $res = Database::simpleQuery($query); + public static function getRoleData($roleId) { + $query = "SELECT id, name FROM role WHERE id = :roleId"; + $data = Database::queryFirst($query, array("roleId" => $roleId)); + $query = "SELECT roleid, locid FROM role_x_location WHERE roleid = :roleId"; + $res = Database::simpleQuery($query, array("roleId" => $roleId)); $data["locations"] = array(); while ($row = $res->fetch(PDO::FETCH_ASSOC)) { $data["locations"][] = $row['locid']; } - $query = "SELECT roleid, permissionid FROM roleXpermission WHERE roleid = $roleID"; - $res = Database::simpleQuery($query); + $query = "SELECT roleid, permissionid FROM role_x_permission WHERE roleid = :roleId"; + $res = Database::simpleQuery($query, array("roleId" => $roleId)); $data["permissions"] = array(); while ($row = $res->fetch(PDO::FETCH_ASSOC)) { $data["permissions"][] = $row['permissionid']; @@ -75,8 +75,8 @@ class GetData { private static function queryUserData() { $res = Database::simpleQuery("SELECT user.userid AS userid, user.login AS login, GROUP_CONCAT(role.name ORDER BY role.name ASC) AS role FROM user - LEFT JOIN userXrole ON user.userid = userXrole.userid - LEFT JOIN role ON userXrole.roleid = role.id + LEFT JOIN user_x_role ON user.userid = user_x_role.userid + LEFT JOIN role ON user_x_role.roleid = role.id GROUP BY user.userid "); return $res; @@ -86,8 +86,8 @@ class GetData { private static function queryLocationData() { $res = Database::simpleQuery("SELECT location.locationid AS locid, location.locationname AS locname, GROUP_CONCAT(role.name ORDER BY role.name ASC) AS role FROM location - LEFT JOIN roleXlocation ON location.locationid = roleXlocation.locid - LEFT JOIN role ON roleXlocation.roleid = role.id + LEFT JOIN role_x_location ON location.locationid = role_x_location.locid + LEFT JOIN role ON role_x_location.roleid = role.id GROUP BY location.locationid ORDER BY location.locationname "); diff --git a/modules-available/permissionmanager/inc/permissiondbupdate.inc.php b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php new file mode 100644 index 00000000..87c989fa --- /dev/null +++ b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php @@ -0,0 +1,57 @@ +<?php + +class PermissionDbUpdate { + + // insert new user_x_role to database. "ignore" to ignore duplicate entry try + public static function addRoleToUser($users, $roles) { + foreach($users AS $user) { + foreach ($roles AS $role) { + $query = "INSERT IGNORE INTO user_x_role (userid, roleid) VALUES (:user, :role)"; + Database::exec($query, array("user" => $user, "role" => $role)); + } + } + } + + // remove user_x_role entry from database + public static function removeRoleFromUser($users, $roles) { + foreach($users AS $user) { + foreach ($roles AS $role) { + $query = "DELETE FROM user_x_role WHERE userid = :user AND roleid = :role"; + Database::exec($query, array("user" => $user, "role" => $role)); + } + } + } + + // delete role, delete user_x_role relationships, delete role_x_location relationships, delete role_x_permission relationships + public static function deleteRole($id) { + $query = "DELETE FROM role WHERE id = :id"; + Database::exec($query, array("id" => $id)); + $query = "DELETE FROM user_x_role WHERE roleid = :id"; + Database::exec($query, array("id" => $id)); + $query = "DELETE FROM role_x_location WHERE roleid = :id"; + Database::exec($query, array("id" => $id)); + $query = "DELETE FROM role_x_permission WHERE roleid = :id"; + Database::exec($query, array("id" => $id)); + } + + public static function saveRole($roleName, $locations, $permissions, $role = NULL) { + if ($role) { + Database::exec("UPDATE role SET name = :roleName WHERE id = :role", + array("roleName" => $roleName, "role" => $role)); + Database::exec("DELETE FROM role_x_location WHERE roleid = :role", array("role" => $role)); + Database::exec("DELETE FROM role_x_permission WHERE roleid = :role", array("role" => $role)); + } else { + Database::exec("INSERT INTO role (name) VALUES (:roleName)", array("roleName" => $roleName)); + $role = Database::lastInsertId(); + } + foreach ($locations as $locID) { + Database::exec("INSERT INTO role_x_location (roleid, locid) VALUES (:role, :locid)", + array("role" => $role, "locid" => $locID)); + } + foreach ($permissions as $permission) { + Database::exec("INSERT INTO role_x_permission (roleid, permissionid) VALUES (:role, :permission)", + array("role" => $role, "permission" => $permission)); + } + } + +} diff --git a/modules-available/permissionmanager/inc/permissionutil.inc.php b/modules-available/permissionmanager/inc/permissionutil.inc.php index 10f2a61a..d6adf2bf 100644 --- a/modules-available/permissionmanager/inc/permissionutil.inc.php +++ b/modules-available/permissionmanager/inc/permissionutil.inc.php @@ -16,10 +16,18 @@ class PermissionUtil $permissions = self::putInPermissionTree($out[1].".".$k, $v, $permissions); } } + ksort($permissions); + global $MENU_CAT_OVERRIDE; + $sortingOrder = $MENU_CAT_OVERRIDE; + foreach ($permissions as $module => $v) $sortingOrder[Module::get($module)->getCategory()][] = $module; + $permissions = array_replace(array_flip(call_user_func_array('array_merge', $sortingOrder)), $permissions); + foreach ($permissions as $module => $v) if (is_int($v)) unset($permissions[$module]); + + return $permissions; } - private function putInPermissionTree($permission, $description, $tree) + private static function putInPermissionTree($permission, $description, $tree) { $subPermissions = explode('.', $permission); $original =& $tree; |