From 7dc7a49e3704b52c4a40909050bf831826b3c41b Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 20 Feb 2018 15:20:26 +0100
Subject: [permissionmanager] Ensure uniqueness in role_x_location table,
 consistent table naming, drop unused id field

---
 .../inc/getpermissiondata.inc.php                  |  6 +++---
 .../inc/permissiondbupdate.inc.php                 | 22 +++++++++++-----------
 .../permissionmanager/inc/permissionutil.inc.php   | 12 ++++++------
 3 files changed, 20 insertions(+), 20 deletions(-)

(limited to 'modules-available/permissionmanager/inc')

diff --git a/modules-available/permissionmanager/inc/getpermissiondata.inc.php b/modules-available/permissionmanager/inc/getpermissiondata.inc.php
index 496c8224..fc18de99 100644
--- a/modules-available/permissionmanager/inc/getpermissiondata.inc.php
+++ b/modules-available/permissionmanager/inc/getpermissiondata.inc.php
@@ -15,8 +15,8 @@ class GetPermissionData
 	{
 		$res = Database::simpleQuery("SELECT user.userid AS userid, user.login AS login, role.rolename AS rolename, role.roleid AS roleid
 												FROM user
-												LEFT JOIN user_x_role ON user.userid = user_x_role.userid
-												LEFT JOIN role ON user_x_role.roleid = role.roleid
+												LEFT JOIN role_x_user ON user.userid = role_x_user.userid
+												LEFT JOIN role ON role_x_user.roleid = role.roleid
 												");
 		$userdata = array();
 		while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
@@ -75,7 +75,7 @@ class GetPermissionData
 		$cols = $joins = '';
 		if ($flags & self::WITH_USER_COUNT) {
 			$cols .= ', Count(DISTINCT rxu.userid) AS users';
-			$joins .= ' LEFT JOIN user_x_role rxu ON (r.roleid = rxu.roleid)';
+			$joins .= ' LEFT JOIN role_x_user rxu ON (r.roleid = rxu.roleid)';
 		}
 		if ($flags & self::WITH_LOCATION_COUNT) {
 			$cols .= ', Count(DISTINCT rxl.locationid) AS locations';
diff --git a/modules-available/permissionmanager/inc/permissiondbupdate.inc.php b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php
index 8a67bf24..1f56f4ea 100644
--- a/modules-available/permissionmanager/inc/permissiondbupdate.inc.php
+++ b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php
@@ -4,10 +4,10 @@ class PermissionDbUpdate
 {
 
 	/**
-	 * Insert all user/role combinations into the user_x_role table.
+	 * Insert all user/role combinations into the role_x_user table.
 	 *
-	 * @param array $users userids
-	 * @param array $roles roleids
+	 * @param int[] $users userids
+	 * @param string[] $roles roleids
 	 */
 	public static function addRoleToUser($users, $roles)
 	{
@@ -17,19 +17,19 @@ class PermissionDbUpdate
 				$arg[] = compact('userid', 'roleid');
 			}
 		}
-		Database::exec("INSERT IGNORE INTO user_x_role (userid, roleid) VALUES :arg",
+		Database::exec("INSERT IGNORE INTO role_x_user (userid, roleid) VALUES :arg",
 			['arg' => $arg]);
 	}
 
 	/**
-	 * Remove all user/role combinations from the user_x_role table.
+	 * Remove all user/role combinations from the role_x_user table.
 	 *
-	 * @param array $users userids
-	 * @param array $roles roleids
+	 * @param int[] $users userids
+	 * @param string[] $roles roleids
 	 */
 	public static function removeRoleFromUser($users, $roles)
 	{
-		$query = "DELETE FROM user_x_role WHERE userid IN (:users) AND roleid IN (:roles)";
+		$query = "DELETE FROM role_x_user WHERE userid IN (:users) AND roleid IN (:roles)";
 		Database::exec($query, array("users" => $users, "roles" => $roles));
 	}
 
@@ -47,8 +47,8 @@ class PermissionDbUpdate
 	 * Save changes to a role or create a new one.
 	 *
 	 * @param string $rolename rolename
-	 * @param array $locations array of locations
-	 * @param array $permissions array of permissions
+	 * @param int[] $locations array of locations
+	 * @param string[] $permissions array of permissions
 	 * @param string|null $roleid roleid or null if the role does not exist yet
 	 */
 	public static function saveRole($rolename, $locations, $permissions, $roleid = null)
@@ -61,7 +61,7 @@ class PermissionDbUpdate
 			Database::exec("UPDATE role SET rolename = :rolename WHERE roleid = :roleid",
 				array("rolename" => $rolename, "roleid" => $roleid));
 			Database::exec("DELETE FROM role_x_location
-					WHERE roleid = :roleid AND locationid NOT IN (:locations)",
+					WHERE roleid = :roleid AND (locationid NOT IN (:locations) OR locationid IS NULL)",
 				array("roleid" => $roleid, 'locations' => $locations));
 			Database::exec("DELETE FROM role_x_permission
 					WHERE roleid = :roleid AND permissionid NOT IN (:permissions)",
diff --git a/modules-available/permissionmanager/inc/permissionutil.inc.php b/modules-available/permissionmanager/inc/permissionutil.inc.php
index bc42c5a0..29663ed9 100644
--- a/modules-available/permissionmanager/inc/permissionutil.inc.php
+++ b/modules-available/permissionmanager/inc/permissionutil.inc.php
@@ -60,8 +60,8 @@ class PermissionUtil
 		$prefix = $parts[0] . '.%';
 		if (is_null($locationid)) {
 			$res = Database::simpleQuery("SELECT permissionid FROM role_x_permission
-					INNER JOIN user_x_role USING (roleid)
-					WHERE user_x_role.userid = :userid AND (permissionid LIKE :prefix OR permissionid LIKE '*')",
+					INNER JOIN role_x_user USING (roleid)
+					WHERE role_x_user.userid = :userid AND (permissionid LIKE :prefix OR permissionid LIKE '*')",
 				compact('userid', 'prefix'));
 		} else {
 			if ($locationid === 0) {
@@ -73,9 +73,9 @@ class PermissionUtil
 				}
 			}
 			$res = Database::simpleQuery("SELECT permissionid FROM role_x_permission
-					INNER JOIN user_x_role USING (roleid)
+					INNER JOIN role_x_user USING (roleid)
 					INNER JOIN role_x_location USING (roleid)
-					WHERE user_x_role.userid = :userid AND (permissionid LIKE :prefix OR permissionid LIKE '*')
+					WHERE role_x_user.userid = :userid AND (permissionid LIKE :prefix OR permissionid LIKE '*')
 						AND (locationid IN (:locations) OR locationid IS NULL)",
 				compact('userid', 'prefix', 'locations'));
 		}
@@ -113,9 +113,9 @@ class PermissionUtil
 			// Limit query to first part of permissionid, which is always the module id
 			$prefix = $parts[0] . '.%';
 			$res = Database::simpleQuery("SELECT permissionid, locationid FROM role_x_permission
-						INNER JOIN user_x_role USING (roleid)
+						INNER JOIN role_x_user USING (roleid)
 						INNER JOIN role_x_location USING (roleid)
-						WHERE user_x_role.userid = :userid AND (permissionid LIKE :prefix OR permissionid LIKE '*')",
+						WHERE role_x_user.userid = :userid AND (permissionid LIKE :prefix OR permissionid LIKE '*')",
 				compact('userid', 'prefix'));
 
 			// Gather locationid from relevant rows
-- 
cgit v1.2.3-55-g7522