Commit e5460a58039892c0dcc869e966ef4155c3ce0905
1 parent
e274dc0a
changed methods to take userID as a parameter and lookup group information
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@309 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
37 additions
and
38 deletions
lib/SiteMap.inc
| ... | ... | @@ -2,13 +2,12 @@ |
| 2 | 2 | /** |
| 3 | 3 | * $Id$ |
| 4 | 4 | * |
| 5 | - * Maintains page-level access map, as well as section, page map. | |
| 5 | + * Maintains (page, access) access map, as well as (section, page) map. | |
| 6 | 6 | * |
| 7 | 7 | * @version $Revision$ |
| 8 | 8 | * @author michael@jamwarehouse.com |
| 9 | 9 | * @package dms |
| 10 | 10 | */ |
| 11 | - | |
| 12 | 11 | class SiteMap { |
| 13 | 12 | |
| 14 | 13 | /** |
| ... | ... | @@ -26,44 +25,39 @@ class SiteMap { |
| 26 | 25 | /** |
| 27 | 26 | * Adds a site page mapping entry. |
| 28 | 27 | * |
| 29 | - * @param $action | |
| 30 | - * the controller action | |
| 31 | - * @param $page | |
| 32 | - * the corresponding page for this action | |
| 33 | - * @param $sectionName | |
| 34 | - * the section this page falls under | |
| 35 | - * @param $groupID | |
| 36 | - * the user group with access to this page | |
| 28 | + * @param $action the controller action | |
| 29 | + * @param $page the corresponding page for this action | |
| 30 | + * @param $sectionName the section this page falls under | |
| 31 | + * @param $groupName the user group with access to this page | |
| 37 | 32 | */ |
| 38 | - function addPage($action, $page, $sectionName, $groupID) { | |
| 33 | + function addPage($action, $page, $sectionName, $groupName) { | |
| 39 | 34 | // add to map |
| 40 | - $this->siteMapArray[$sectionName][$groupID][$action] = $page; | |
| 35 | + $this->siteMapArray[$sectionName][$groupName][$action] = $page; | |
| 41 | 36 | } |
| 42 | 37 | |
| 43 | 38 | /** |
| 44 | - * Returns the page mapped to the action, userClass pair. | |
| 39 | + * Returns the page mapped to the (action, groupName) pair. | |
| 45 | 40 | * |
| 46 | - * @param $action | |
| 47 | - * the action to lookup pages for | |
| 48 | - * @param $groupIDs | |
| 49 | - * array of user group IDs to perform page level validation against | |
| 50 | - * @return | |
| 51 | - * the page to redirect to, or false if the user class doesn't | |
| 52 | - * have access to the page | |
| 41 | + * @param $action the action to lookup pages for | |
| 42 | + * @param $userID the user requesting the action | |
| 43 | + * @return string the page to redirect to, or false if the user doesn't have access to the page | |
| 53 | 44 | */ |
| 54 | - function getPage($action, $groupIDs) { | |
| 45 | + function getPage($action, $userID) { | |
| 55 | 46 | global $default; |
| 56 | - $default->log->debug("Sitemap::getPage function start; action=$action; groupIDs=" . arrayToString($groupIDs)); | |
| 47 | + $default->log->debug("Sitemap::getPage function start; action=$action; userID=$userID"); | |
| 57 | 48 | // for each section |
| 58 | 49 | foreach ($this->siteMapArray as $section => $valArr) { |
| 59 | 50 | $default->log->debug("Sitemap::getPage section=$section"); |
| 60 | 51 | // for each group, page array combination |
| 61 | - foreach ($valArr as $requiredGroup => $pageArr) { | |
| 62 | - $reqGrpID = lookupID($default->owl_groups_table, "name", "'$requiredGroup'"); | |
| 63 | - $default->log->debug("Sitemap::getPage requiredGroup=$requiredGroup; reqGrpID=$reqGrpID"); | |
| 52 | + foreach ($valArr as $requiredGroupName => $pageArr) { | |
| 53 | + // lookup the id of the group with access to this page | |
| 54 | + $reqGrpID = lookupID($default->owl_groups_table, "name", "$requiredGroupName"); | |
| 55 | + $default->log->debug("Sitemap::getPage requiredGroupName=$requiredGroupName; id=$reqGrpID"); | |
| 64 | 56 | // now loop through pages until we find the right one |
| 65 | 57 | foreach ($pageArr as $ackshin => $page) { |
| 66 | 58 | if ($ackshin == $action) { |
| 59 | + // lookup the groups this user is in | |
| 60 | + $groupIDs = lookupGroupIDs($userID); | |
| 67 | 61 | // now check if we have the right group access by |
| 68 | 62 | // looping through the groupID array and returning the page |
| 69 | 63 | // if the current groupID <= $reqGrpID |
| ... | ... | @@ -72,7 +66,6 @@ class SiteMap { |
| 72 | 66 | // we're assuming that the default groups will be created in the right |
| 73 | 67 | // order, so that groups with sys and unit access have lower ids than |
| 74 | 68 | // the required ones! |
| 75 | - $default->log->debug("Sitemap::getPage groupid array length=" . count($groupIDs)); | |
| 76 | 69 | for ($i = 0; $i<count($groupIDs); $i++) { |
| 77 | 70 | $default->log->debug("Sitemap::getPage current groupid=" . $groupIDs[$i] . "; reqGrpID=$reqGrpID"); |
| 78 | 71 | if ($groupIDs[$i] <= $reqGrpID) { |
| ... | ... | @@ -85,6 +78,7 @@ class SiteMap { |
| 85 | 78 | } |
| 86 | 79 | // if the function hasn't returned already then the specified |
| 87 | 80 | // userGroup does not have access to the action |
| 81 | + $default->log->info("Sitemap::getPage access denied for ($action, $userID)"); | |
| 88 | 82 | return false; |
| 89 | 83 | } |
| 90 | 84 | |
| ... | ... | @@ -92,23 +86,28 @@ class SiteMap { |
| 92 | 86 | * Returns the pages in the specified section accessible to the |
| 93 | 87 | * specified userClass. |
| 94 | 88 | * |
| 95 | - * @param $sectionName | |
| 96 | - * the section to retrieve pages for | |
| 97 | - * @param $userClass | |
| 98 | - * the user class to return pages for | |
| 99 | - * @return | |
| 100 | - * an array containing the actions for the specified section | |
| 89 | + * @param $sectionName the section to retrieve pages for | |
| 90 | + * @param $userID the user class to return pages for | |
| 91 | + * @return array the actions for the specified section | |
| 101 | 92 | */ |
| 102 | - function getSection($sectionName, $userClass) { | |
| 93 | + function getSection($sectionName, $userID) { | |
| 103 | 94 | // check if the section exists |
| 104 | 95 | if (is_array($this->siteMapArray[$sectionName])) { |
| 105 | 96 | // initialise result array |
| 106 | 97 | $results = array(); |
| 107 | - // need to loop through all user class arrays in this section | |
| 108 | - foreach ($this->siteMapArray[$sectionName] as $uc => $pages) { | |
| 109 | - if (constant($userClass) <= constant($uc)) { | |
| 110 | - // add this array to the resultset array | |
| 111 | - $results = array_merge($results, $this->siteMapArray[$sectionName][$uc]); | |
| 98 | + // need to loop through all (groupName, page) arrays in this section | |
| 99 | + foreach ($this->siteMapArray[$sectionName] as $requiredGroupName => $pages) { | |
| 100 | + // lookup groupID for requiredGroupName | |
| 101 | + $reqGrpID = lookupID($default->owl_groups_table, "name", "$requiredGroupName"); | |
| 102 | + // lookup groupIDs for the user | |
| 103 | + $groupIDs = lookupGroupIDs($userID); | |
| 104 | + // loop through the user's groups and check against the requiredGroup | |
| 105 | + for ($i = 0; $i<count($groupIDs); $i++) { | |
| 106 | + $default->log->debug("getPage current groupid=" . $groupIDs[$i] . "; reqGrpID=$reqGrpID"); | |
| 107 | + if ($groupIDs[$i] <= $reqGrpID) { | |
| 108 | + // add this array to the resultset array | |
| 109 | + $results = array_merge($results, $this->siteMapArray[$sectionName][$uc]); | |
| 110 | + } | |
| 112 | 111 | } |
| 113 | 112 | } |
| 114 | 113 | // now check if we have anything in the results array before returning it | ... | ... |