芝麻web文件管理V1.00

编辑当前文件:/home/mgatv524/public_html/mctv/lib/Factory/PermissionFactory.php
<?php /** * Copyright (C) 2020 Xibo Signage Ltd * * Xibo - Digital Signage - http://www.xibo.org.uk * * This file is part of Xibo. * * Xibo is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * any later version. * * Xibo is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with Xibo. If not, see <http://www.gnu.org/licenses/>. */ namespace Xibo\Factory; use Xibo\Entity\Permission; use Xibo\Entity\User; use Xibo\Helper\SanitizerService; use Xibo\Service\LogServiceInterface; use Xibo\Storage\StorageServiceInterface; use Xibo\Support\Exception\InvalidArgumentException; use Xibo\Support\Exception\NotFoundException; /** * Class PermissionFactory * @package Xibo\Factory */ class PermissionFactory extends BaseFactory { /** * Construct a factory * @param StorageServiceInterface $store * @param LogServiceInterface $log * @param SanitizerService $sanitizerService */ public function __construct($store, $log, $sanitizerService) { $this->setCommonDependencies($store, $log, $sanitizerService); } /** * Create Empty * @return Permission */ public function createEmpty() { return new Permission( $this->getStore(), $this->getLog() ); } /** * Create a new Permission * @param int $groupId * @param string $entity * @param int $objectId * @param int $view * @param int $edit * @param int $delete * @return Permission * @throws InvalidArgumentException */ public function create($groupId, $entity, $objectId, $view, $edit, $delete) { // Lookup the entityId $results = $this->getStore()->select('SELECT entityId FROM permissionentity WHERE entity = :entity', ['entity' => $entity]); if (count($results) <= 0) { throw new InvalidArgumentException(__('Entity not found: ') . $entity); } $permission = $this->createEmpty(); $permission->groupId = $groupId; $permission->entityId = $results[0]['entityId']; $permission->objectId = $objectId; $permission->view =$view; $permission->edit = $edit; $permission->delete = $delete; return $permission; } /** * Create a new Permission * @param UserGroupFactory $userGroupFactory * @param string $entity * @param int $objectId * @param int $view * @param int $edit * @param int $delete * @return Permission * @throws InvalidArgumentException * @throws NotFoundException */ public function createForEveryone($userGroupFactory, $entity, $objectId, $view, $edit, $delete) { // Lookup the entityId $results = $this->getStore()->select('SELECT entityId FROM permissionentity WHERE entity = :entity', ['entity' => $entity]); if (count($results) <= 0) { throw new InvalidArgumentException(__('Entity not found: ') . $entity); } $permission = $this->createEmpty(); $permission->groupId = $userGroupFactory->getEveryone()->groupId; $permission->entityId = $results[0]['entityId']; $permission->objectId = $objectId; $permission->view =$view; $permission->edit = $edit; $permission->delete = $delete; return $permission; } /** * Get Permissions by Entity ObjectId * @param string $entity * @param int $objectId * @return Permission[] */ public function getByObjectId($entity, $objectId) { $permissions = array(); $sql = ' SELECT `permissionId`, `groupId`, `view`, `edit`, `delete`, permissionentity.entityId FROM `permission` INNER JOIN `permissionentity` ON `permissionentity`.entityId = permission.entityId WHERE entity = :entity AND objectId = :objectId '; $params = array('entity' => $entity, 'objectId' => $objectId); foreach ($this->getStore()->select($sql, $params) as $row) { $permission = $this->createEmpty(); $permission->permissionId = $row['permissionId']; $permission->groupId = $row['groupId']; $permission->view = $row['view']; $permission->edit = $row['edit']; $permission->delete = $row['delete']; $permission->objectId = $objectId; $permission->entity = $entity; $permission->entityId = $row['entityId']; $permissions[] = $permission; } return $permissions; } /** * Get All Permissions by Entity ObjectId * @param User $user * @param string $entity * @param int $objectId * @param array[string] $sortOrder * @param array[mixed] $filterBy * @return Permission[] * @throws NotFoundException */ public function getAllByObjectId($user, $entity, $objectId, $sortOrder = null, $filterBy = []) { // Look up the entityId for any add operation that might occur $entityId = $this->getStore()->select('SELECT entityId FROM permissionentity WHERE entity = :entity', ['entity' => $entity]); $sanitizedFilter = $this->getSanitizer($filterBy); if (count($entityId) <= 0) { throw new NotFoundException(__('Entity not found')); } $entityId = $entityId[0]['entityId']; $permissions = []; $params = ['entityId' => $entityId, 'objectId' => $objectId]; // SQL gets all Groups/User Specific Groups for non-retired users // then it joins them to the permission table for the object specified $select = 'SELECT `permissionId`, joinedGroup.`groupId`, `view`, `edit`, `delete`, joinedGroup.isuserspecific, joinedGroup.group '; $body = ' FROM ( SELECT `group`.* FROM `group` WHERE IsUserSpecific = 0 '; // Permissions for the group section if ($sanitizedFilter->getCheckbox('disableUserCheck') == 0) { // Normal users can only see their group if ($user->userTypeId != 1) { $body .= ' AND `group`.groupId IN ( SELECT `group`.groupId FROM `lkusergroup` INNER JOIN `group` ON `group`.groupId = `lkusergroup`.groupId AND `group`.isUserSpecific = 0 WHERE `lkusergroup`.userId = :currentUserId ) '; $params['currentUserId'] = $user->userId; } } $body .= ' UNION ALL SELECT `group`.* FROM `group` INNER JOIN lkusergroup ON lkusergroup.GroupID = group.GroupID AND IsUserSpecific = 1 INNER JOIN `user` ON lkusergroup.UserID = user.UserID AND retired = 0 '; // Permissions for the user section if ($sanitizedFilter->getCheckbox('disableUserCheck') == 0) { // Normal users can only see themselves if ($user->userTypeId == 3) { $body .= ' AND `user`.userId = :currentUserId '; $params['currentUserId'] = $user->userId; } // Group admins can only see users from their groups. else if ($user->userTypeId == 2) { $body .= ' AND user.userId IN ( SELECT `otherUserLinks`.userId FROM `lkusergroup` INNER JOIN `group` ON `group`.groupId = `lkusergroup`.groupId AND `group`.isUserSpecific = 0 INNER JOIN `lkusergroup` `otherUserLinks` ON `otherUserLinks`.groupId = `group`.groupId WHERE `lkusergroup`.userId = :currentUserId ) '; $params['currentUserId'] = $user->userId; } } $body .= ' ) joinedGroup '; if ($sanitizedFilter->getInt('setOnly', ['default' => 0]) == 1) { $body .= ' INNER JOIN '; } else { $body .= ' LEFT OUTER JOIN '; } $body .= ' `permission` ON `permission`.groupId = joinedGroup.groupId AND objectId = :objectId AND entityId = :entityId WHERE 1 = 1 '; if ($sanitizedFilter->getString('name') != null) { $body .= ' AND joinedGroup.group LIKE :name '; $params['name'] = '%' . $sanitizedFilter->getString('name') . '%'; } $order = ''; if ($sortOrder == null) { $order = 'ORDER BY joinedGroup.isEveryone DESC, joinedGroup.isUserSpecific, joinedGroup.`group`'; } else if (is_array($sortOrder)) { $order = 'ORDER BY ' . implode(',', $sortOrder); } $limit = ''; // Paging if ($filterBy !== null && $sanitizedFilter->getInt('start') !== null && $sanitizedFilter->getInt('length') !== null) { $limit = ' LIMIT ' . intval($sanitizedFilter->getInt('start'), 0) . ', ' . $sanitizedFilter->getInt('length', ['default' => 10]); } $sql = $select . $body . $order . $limit; foreach ($this->getStore()->select($sql, $params) as $row) { // TODO Sanitizer? $permission = $this->createEmpty(); $permission->permissionId = intval($row['permissionId']); $permission->groupId = intval($row['groupId']); $permission->view = intval($row['view']); $permission->edit = intval($row['edit']); $permission->delete = intval($row['delete']); $permission->objectId = intval($objectId); $permission->entity = $entity; $permission->entityId = intval($entityId); $permission->isUser = intval($row['isuserspecific']); $permission->group = ($row['group']); $permissions[] = $permission; } // Paging if ($limit != '' && count($permissions) > 0) { $results = $this->getStore()->select('SELECT COUNT(*) AS total ' . $body, $params); $this->_countLast = intval($results[0]['total']); } return $permissions; } /** * Gets all permissions for a user group * @param string $entity * @param int $groupId * @return Permission[] */ public function getByGroupId($entity, $groupId) { $permissions = array(); $sql = ' SELECT `permission`.`permissionId`, `permission`.`groupId`, `permission`.`objectId`, `permission`.`view`, `permission`.`edit`, `permission`.`delete`, permissionentity.entityId FROM `permission` INNER JOIN `permissionentity` ON `permissionentity`.entityId = permission.entityId INNER JOIN `group` ON `group`.groupId = `permission`.groupId WHERE entity = :entity AND `permission`.`groupId` = :groupId '; $params = array('entity' => 'Xibo\Entity\\' . $entity, 'groupId' => $groupId); foreach ($this->getStore()->select($sql, $params) as $row) { $permission = $this->createEmpty(); $permission->permissionId = $row['permissionId']; $permission->groupId = $row['groupId']; $permission->view = $row['view']; $permission->edit = $row['edit']; $permission->delete = $row['delete']; $permission->objectId = $row['objectId']; $permission->entity = $entity; $permission->entityId = $row['entityId']; $permissions[] = $permission; } return $permissions; } /** * Gets all permissions for a set of user groups * @param string $entity * @param int $userId * @return Permission[] */ public function getByUserId($entity, $userId) { $permissions = []; $sql = ' SELECT `permission`.`permissionId`, `permission`.`groupId`, `permission`.`objectId`, `permission`.`view`, `permission`.`edit`, `permission`.`delete`, `permissionentity`.entityId FROM `permission` INNER JOIN `permissionentity` ON `permissionentity`.entityId = permission.entityId INNER JOIN `group` ON `group`.groupId = `permission`.groupId INNER JOIN `lkusergroup` ON `lkusergroup`.groupId = `group`.groupId INNER JOIN `user` ON lkusergroup.UserID = `user`.UserID WHERE `permissionentity`.entity = :entity AND `user`.userId = :userId UNION SELECT `permission`.`permissionId`, `permission`.`groupId`, `permission`.`objectId`, `permission`.`view`, `permission`.`edit`, `permission`.`delete`, `permissionentity`.entityId FROM `permission` INNER JOIN `permissionentity` ON `permissionentity`.entityId = permission.entityId INNER JOIN `group` ON `group`.groupId = `permission`.groupId WHERE `permissionentity`.entity = :entity AND `group`.IsEveryone = 1 '; $params = ['entity' => $entity, 'userId' => $userId]; foreach ($this->getStore()->select($sql, $params) as $row) { $permission = $this->createEmpty(); $permission->permissionId = $row['permissionId']; $permission->groupId = $row['groupId']; $permission->view = $row['view']; $permission->edit = $row['edit']; $permission->delete = $row['delete']; $permission->objectId = $row['objectId']; $permission->entity = $entity; $permission->entityId = $row['entityId']; $permissions[] = $permission; } return $permissions; } /** * Get Full Permissions * @return Permission */ public function getFullPermissions() { $permission = $this->createEmpty(); $permission->view = 1; $permission->edit = 1; $permission->delete = 1; $permission->modifyPermissions = 1; return $permission; } }