query($sql);
if ($r = $db->fetch($res)) {
$_SESSION['ADM_ID'] = $r->ID;
$_SESSION['ADM_INICJALY_HANDLOWCA'] = $r->INICJALY_HANDLOWCA;
$_SESSION['EMPLOYEE_TYPE'] = $r->EMPLOYEE_TYPE;
$_SESSION['DEFAULT_ACL_GROUP'] = $r->DEFAULT_ACL_GROUP;
}
}
public static function logged() {
return (!empty($_SESSION['AUTHORIZE_USER']))? true : false;
}
public static function get( $key ) {
return V::get($key, '', $_SESSION);
}
public static function getGroups() {
$groups = User::_fetchGroups();
return $groups;
}
public static function getGroupsIds() {
$groups = User::_fetchGroups();
return array_keys($groups);
}
public static function _fetchGroups() {
static $_groups;
if (!$_groups) {
$user_id = User::getID();
Lib::loadClass('UsersHelper');
$_groups = UsersHelper::get_group_by_user($user_id);
}
return $_groups;
}
public static function loadProfile($force = false) {
return UserProfile::load($force);
}
public static function saveProfile() {
return UserProfile::save();
}
public static function getProfile($key) {
return UserProfile::get($key);
}
public static function setProfile($key, $val) {
UserProfile::set($key, $val);
}
public static function getProfileColumn($column_name, $key) {
return UserProfile::getColumn($column_name, $key);
}
public static function setProfileColumn($column_name, $key, $value) {
UserProfile::setColumn($column_name, $key, $value);
}
public static function removeProfileColumn($column_name, $key) {
UserProfile::removeColumn($column_name, $key);
}
public static function isAdmin() {
if (in_array(self::get('ADM_ADMIN_LEVEL'), array(0, 1))) {
return true;
}
return false;
}
public static function getRawData() {
$ret = array();
if (self::logged()) {
$ret['id'] = self::getID();
$ret['login'] = self::getName();
$ret['name'] = self::get('ADM_NAME');
$ret['admin_level'] = self::get('ADM_ADMIN_LEVEL');
$ret['opis'] = self::get('ADM_ADMIN_DESC');
}
return $ret;
}
public static function getCurrentUserObject() {
$user = new stdClass();
if (self::logged()) {
$user->ID = $_SESSION['ADM_ID'];
$user->ADM_ACCOUNT = $_SESSION['AUTHORIZE_USER'];
$user->ADM_ACCOUNT = $_SESSION['ADM_ACCOUNT'];
$user->ADM_NAME = $_SESSION['ADM_NAME'];
$user->ADM_TECH_WORKER = $_SESSION['ADM_TECH_WORKER'];
$user->ADM_COMPANY = $_SESSION['ADM_COMPANY'];
$user->ADM_ADMIN_LEVEL = $_SESSION['ADM_ADMIN_LEVEL'];
$user->ADM_PHONE = $_SESSION['ADM_PHONE'];
$user->ADM_ADMIN_EXPIRE = $_SESSION['ADM_ADMIN_EXPIRE'];
$user->ADM_ADMIN_DESC = $_SESSION['ADM_ADMIN_DESC'];
$user->EMPLOYEE_TYPE = $_SESSION['EMPLOYEE_TYPE'];
}
return $user;
}
public static function getAcl() {
static $_acl;
if (!$_acl) {
Lib::loadClass('UserAcl');
$_acl = new UserAcl(self::getID(), $use_cache = true);
$_acl->fetchGroups();
}
return $_acl;
}
public static function reloadAcl() {
IF('123'==V::get('DBG_ACL','',$_GET)){echo'SESSION KEYS (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): [';echo implode(',', array_keys($_SESSION));echo']';}
/*
* [3] => USER_PROFILE
* [29] => CRM_PROCES_USERA_WYKONANE_TESTY-4517
* [30] => TableAjax_Cache
*/
IF('123'==V::get('DBG_ACL','',$_GET)){echo'CONFIG (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($_SESSION['CONFIG']);echo'';}
IF('123'==V::get('DBG_ACL','',$_GET)){echo'TableAjax_Cache (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($_SESSION['TableAjax_Cache']);echo'';}
unset($_SESSION['TableAcl_cache']);
unset($_SESSION['Typespecial_Cache']);
unset($_SESSION['ADM_INICJALY_HANDLOWCA']);
unset($_SESSION['EMPLOYEE_TYPE']);
unset($_SESSION['DEFAULT_ACL_GROUP']);
IF('123'==V::get('DBG_ACL','',$_GET)){echo'SESSION KEYS (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): [';echo implode(',', array_keys($_SESSION));echo']';}
$testySesKey = 'CRM_PROCES_USERA_WYKONANE_TESTY-' . User::getID();
if (isset($_SESSION[$testySesKey])) unset($_SESSION[$testySesKey]);
$userAcl = User::getAcl();
$userAcl->fetchAllPerms(true);
}
public static function auth() {
$route = V::get('_route', '', $_REQUEST);
if (!empty($route)) {
Router::handleAuth($route);
} else {
self::authByRequest();
}
}
public static function authByRequest() {
$task = V::get('LOGIN', '', $_REQUEST);
$data = array();
$data['errors'] = array();
Lib::loadClass('Config');
$data['ALLOW_GUEST_ACCOUNT'] = (int)Config::get('ALLOW_GUEST_ACCOUNT');
switch ($task) {
case 'LOGIN':
if (!User::logged()) {
$req_ADM_ACCOUNT = (isset($_REQUEST['ADM_ACCOUNT']))? $_REQUEST['ADM_ACCOUNT'] : '';
$req_ADM_PASSWD = (isset($_REQUEST['ADM_PASSWD']))? $_REQUEST['ADM_PASSWD'] : '';
if (empty($req_ADM_ACCOUNT) || empty($req_ADM_PASSWD)) {
$data['errors'][] = "Proszę podać poprawny login i hasło!";
} else {
try {
User::login($req_ADM_ACCOUNT, $req_ADM_PASSWD);
} catch (Exception $e) {
$data['errors'][] = $e->getMessage();
session_destroy();
unset($_SESSION['AUTHORIZE_USER']);
unset($_SESSION['ADM_ACCOUNT']);
Lib::loadClass('SE_Layout');
SE_Layout::gora();
SE_Layout::loadTemplate('logout', $data);
SE_Layout::dol();
exit;
}
}
}
break;
case 'LOGOUT':
if (User::logged()) {
session_destroy();
unset($_SESSION['AUTHORIZE_USER']);
unset($_SESSION['ADM_ACCOUNT']);
Lib::loadClass('SE_Layout');
SE_Layout::gora();
SE_Layout::loadTemplate('logout', $data);
SE_Layout::dol();
exit;
}
break;
case 'PERMS_RELOAD':
if (User::logged()) {
try {
User::reloadAcl();
} catch (Exception $e) {
$data['errors'][] = $e->getMessage();
}
SE_Layout::gora();
SE_Layout::menu();
SE_Layout::loadTemplate('defaultPage', $data);
SE_Layout::dol();
exit;
}
break;
case 'PASSEDIT':
if (User::logged()) {
$data = array();
if (!empty($_POST)) {
if (empty($_POST['ADM_PASSWD_NEW']) || empty($_POST['ADM_PASSWD'])) {
$data['msg'] = "Proszę podać stare i nowe hasło.";
}
}
if (!empty($_POST['ADM_PASSWD_NEW']) && !empty($_POST['ADM_PASSWD'])) {
$ret = User::changePasswd($_POST['ADM_PASSWD'], $_POST['ADM_PASSWD_NEW']);
if ($ret) {
$data['info'] = "Hasło zostało zmienione";
} else {
$data['error'] = "Nie udało się zmienić hasła";
}
}
SE_Layout::gora();
SE_Layout::loadTemplate('passedit', $data);
SE_Layout::dol();
exit;
}
break;
case 'ANONYMOUS_LOGIN':
if (!User::logged()) {
if ($data['ALLOW_GUEST_ACCOUNT'] != 1) {
$data['errors'][] = "Zablokowane logowaniwe na konto gościa!";
}
else {
$anonim = User::getAnonymousAccount();
if (!$anonim) {
$data['errors'][] = "Konto gościa nie istnieje!";
} else {
try {
User::login($anonim->ADM_ACCOUNT, $anonim->ADM_PASSWD);
} catch (Exception $e) {
$data['errors'][] = $e->getMessage();
}
}
}
}
break;
default:
}
if (!User::logged()) {
Lib::loadClass('SE_Layout');
SE_Layout::gora();
SE_Layout::loadTemplate('login', $data);
SE_Layout::dol();
exit;
}
}
public static function kandydatLogin($kandydatId, &$errors = array()) {
$user = self::kandydatLoginByDB($kandydatId, $errors);
if ($user) {
$_SESSION['ADM_ID'] = $user->ID;
$_SESSION['AUTHORIZE_USER'] = $user->ADM_ACCOUNT;
$_SESSION['ADM_ACCOUNT'] = $user->ADM_ACCOUNT;
//$_SESSION['ADM_AREA'] = $user->ADM_AREA;
$_SESSION['ADM_NAME'] = $user->ADM_NAME;
$_SESSION['ADM_TECH_WORKER'] = $user->ADM_TECH_WORKER;
$_SESSION['ADM_COMPANY'] = $user->ADM_COMPANY;
$_SESSION['ADM_ADMIN_LEVEL'] = $user->ADM_ADMIN_LEVEL;
$_SESSION['ADM_PHONE'] = $user->ADM_PHONE;
$_SESSION['ADM_ADMIN_EXPIRE'] = $user->ADM_ADMIN_EXPIRE;
$_SESSION['ADM_ADMIN_DESC'] = $user->ADM_ADMIN_DESC;
$_SESSION['EMPLOYEE_TYPE'] = $user->EMPLOYEE_TYPE;
// save user pass in encrypted form
Lib::loadClass('Crypt');
$_SESSION['ADM_PASS_HASH'] = Crypt::encrypt($pass);
$_SESSION['EMAIL_IMAP_IMPORT_PASSWD_HASH'] = Crypt::encrypt($user->EMAIL_IMAP_IMPORT_PASSWD);
$_SESSION['EMAIL_IMAP_IMPORT_HOST'] = $user->EMAIL_IMAP_IMPORT_HOST;
$_SESSION['EMAIL_IMAP_IMPORT_USERNAME'] = $user->EMAIL_IMAP_IMPORT_USERNAME;
//$keyFromHash = Crypt::decrypt($_SESSION['ADM_PASS_HASH']);
$userAcl = User::getAcl();
$userAcl->fetchAllPerms();
return true;
}
return false;
}
public static function login($login, $pass) {
Lib::loadClass('LDAP');
$ldap = LDAP::getInstance();
if ($ldap != null && $ldap->isConnected()) {
$user = self::loginByLDAP($login, $pass);
} else {
$user = self::loginByDB($login, $pass);
}
if ($user) {
$_SESSION['ADM_ID'] = $user->ID;
$_SESSION['AUTHORIZE_USER'] = $user->ADM_ACCOUNT;
$_SESSION['ADM_ACCOUNT'] = $user->ADM_ACCOUNT;
//$_SESSION['ADM_AREA'] = $user->ADM_AREA;
$_SESSION['ADM_NAME'] = $user->ADM_NAME;
$_SESSION['ADM_TECH_WORKER'] = $user->ADM_TECH_WORKER;
$_SESSION['ADM_COMPANY'] = $user->ADM_COMPANY;
$_SESSION['ADM_ADMIN_LEVEL'] = $user->ADM_ADMIN_LEVEL;
$_SESSION['ADM_PHONE'] = $user->ADM_PHONE;
$_SESSION['ADM_ADMIN_EXPIRE'] = $user->ADM_ADMIN_EXPIRE;
$_SESSION['ADM_ADMIN_DESC'] = $user->ADM_ADMIN_DESC;
$_SESSION['EMPLOYEE_TYPE'] = $user->EMPLOYEE_TYPE;
// save user pass in encrypted form
Lib::loadClass('Crypt');
$_SESSION['ADM_PASS_HASH'] = Crypt::encrypt($pass);
$_SESSION['EMAIL_IMAP_IMPORT_PASSWD_HASH'] = Crypt::encrypt($user->EMAIL_IMAP_IMPORT_PASSWD);
$_SESSION['EMAIL_IMAP_IMPORT_HOST'] = $user->EMAIL_IMAP_IMPORT_HOST;
$_SESSION['EMAIL_IMAP_IMPORT_USERNAME'] = $user->EMAIL_IMAP_IMPORT_USERNAME;
//$keyFromHash = Crypt::decrypt($_SESSION['ADM_PASS_HASH']);
$userAcl = User::getAcl();
$userAcl->fetchAllPerms();
return true;
}
return false;
}
public static function loginByLDAP($login, $pass) {
$ldapUser = array();
$DBG = false;
Lib::loadClass('LDAP');
$ldap = LDAP::getInstance();
if (!$ldap->isConnected()) {
throw new Exception("Wystąpiły błędy podczas połączenia do bazy LDAP. Spróbuj ponownie za chwilę.");
}
$filter = (false !== strpos($login, '@'))? "(mail={$login})" : "(uid={$login})";
//$filter = "cn=*";// show all ldap accounts
$justthese = array();//array("uid", "givenName", "mail", "*");
if($DBG){echo'ldap_search (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array('ldaprdn'=>$ldap->getBaseDN(), 'filter'=>$filter, 'justthese'=>$justthese));echo'';}
$res = $ldap->search($filter, 'cn=users', $justthese);
if ($ldap->count_entries($res) > 0) {
$entry = $ldap->first_entry($res);
if ($entry) {
$ldapUser['user_dn'] = $ldap->get_dn($entry);
$val = $ldap->get_values($entry, 'uid');
$ldapUser['uid'] = $val[0];
$val = $ldap->get_values($entry, 'mail');
$ldapUser['mail'] = $val[0];
$val = $ldap->get_values($entry, 'cn');
$ldapUser['cn'] = $val[0];
} else {
throw new Exception("Login nie istnieje");
}
if($DBG){// test
echo'';
// print number of entries found
echo "Number of entries found: " . $ldap->count_entries($res) . "\n";
while ( $entry ) {
$dn = $ldap->get_dn($entry);
echo "$dn\n";
$attrs = $ldap->get_attributes($entry);
for ( $i=0; $i < $attrs['count']; $i++) {
echo "$attrs[$i]: ";
for ( $j=0; $j < $attrs[$attrs[$i]]['count']; $j++ ) {
echo $attrs[$attrs[$i]][$j] . " ";
}
echo "\n";
}
echo "\n";
$entry = $ldap->next_entry($entry);
}
$ldap->free_result($res);
echo'';
}// test
}
if (!$ldapUser['user_dn']) {
throw new Exception("Proszę podać poprawny login i hasło!");
}
if($DBG){echo'LDAP user (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($ldapUser);echo'';}
if($DBG){echo'ldap_bind (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array('ldaprdn'=>$ldapUser['user_dn'], 'pass'=>'***'));echo'';}
$ldapbind = $ldap->bind($ldapUser['user_dn'], $pass, $errorMsg);
if (!$ldapbind) {
throw new Exception("Wystąpiły błędy podczas próby logowania. {$errorMsg}");
}
$user = new stdClass();
$user->AUTHORIZE_USER = $ldapUser['uid'];
$user->ADM_ACCOUNT = $ldapUser['uid'];
$user->ADM_NAME = $ldapUser['cn'];
$user->OTHER_INFO = $ldapUser['mail'];
// get ID, ... from DB
$db = DB::getDB();
$sql = "SELECT u.*
from `ADMIN_USERS` as u
where
u.`ADM_ACCOUNT`='{$user->ADM_ACCOUNT}'
and u.`A_STATUS` in('WAITING','NORMAL')
";
// LIMIT 0, 1;
$res = $db->query($sql);
if (!$res) {
throw new Exception("Wystąpiły błędy podczas próby logowania. Błąd bazy danych.");
}
$num_rows = $db->num_rows($res);
if ($num_rows == 0) {
throw new Exception("Wystąpiły błędy podczas próby logowania. Brak użytkownika w bazie danych.");
}
else if ($num_rows == 1) {
if ($r = $db->fetch($res)) {
$user->ID = $r->ID;
$user->ADM_TECH_WORKER = $r->ADM_TECH_WORKER;
$user->ADM_COMPANY = $r->ADM_COMPANY;
$user->ADM_ADMIN_LEVEL = $r->ADM_ADMIN_LEVEL;
$user->ADM_PHONE = $r->ADM_PHONE;
$user->ADM_ADMIN_EXPIRE = $r->ADM_ADMIN_EXPIRE;
$user->ADM_ADMIN_DESC = $r->ADM_ADMIN_DESC;
$user->EMAIL_IMAP_IMPORT_PASSWD = $r->EMAIL_IMAP_IMPORT_PASSWD;
$user->EMAIL_IMAP_IMPORT_HOST = $r->EMAIL_IMAP_IMPORT_HOST;
$user->EMAIL_IMAP_IMPORT_USERNAME = $r->EMAIL_IMAP_IMPORT_USERNAME;
$user->EMPLOYEE_TYPE = $r->EMPLOYEE_TYPE;
return $user;
}
}
return $user;
}
public static function loginByDB($login, $pass) {
$db = DB::getDB();
$login = $db->_($login);
$pass = $db->_($pass);
$sql = "SELECT u.*
from `ADMIN_USERS` as u
where
u.`ADM_ACCOUNT`='{$login}'
and ( u.`ADM_PASSWD`='{$pass}' or u.`ADM_PASSWD`=md5('{$pass}') )
and u.`A_STATUS` in('WAITING','NORMAL')
LIMIT 0, 1;
";
$res = $db->query($sql);
if (!$res) {
throw new Exception("Wystąpiły błędy podczas próby logowania. Błąd bazy danych.");
}
$num_rows = $db->num_rows($res);
if ($num_rows == 0) {
throw new Exception("Proszę podać poprawny login i hasło!");
}
else if ($num_rows == 1) {
if ($r = $db->fetch($res)) {
$user = new stdClass();
$user->ID = $r->ID;
$user->ADM_TECH_WORKER = $r->ADM_TECH_WORKER;
$user->ADM_COMPANY = $r->ADM_COMPANY;
$user->AUTHORIZE_USER = $r->ADM_ACCOUNT;
$user->ADM_ACCOUNT = $r->ADM_ACCOUNT;
$user->ADM_NAME = $r->ADM_NAME;
$user->ADM_ADMIN_LEVEL = $r->ADM_ADMIN_LEVEL;
$user->ADM_PHONE = $r->ADM_PHONE;
$user->ADM_ADMIN_EXPIRE = $r->ADM_ADMIN_EXPIRE;
$user->ADM_ADMIN_DESC = $r->ADM_ADMIN_DESC;
$user->EMAIL_IMAP_IMPORT_PASSWD = $r->EMAIL_IMAP_IMPORT_PASSWD;
$user->EMAIL_IMAP_IMPORT_HOST = $r->EMAIL_IMAP_IMPORT_HOST;
$user->EMAIL_IMAP_IMPORT_USERNAME = $r->EMAIL_IMAP_IMPORT_USERNAME;
$user->EMPLOYEE_TYPE = $r->EMPLOYEE_TYPE;
//$user->ADM_AREA = "$r->ADM_AREA";
//$_SESSION['ADM_PASSWD'] = $pass;
return $user;
}
}
return false;
}
public static function kandydatLoginByDB($kandydatId, &$errors) {
$db = DB::getDB();
$kandydatId = (int)$kandydatId;
$sql = "SELECT u.*
from `ADMIN_USERS` as u
where
u.`ID`='{$kandydatId}'
and u.`A_STATUS` in('WAITING','NORMAL')
LIMIT 0, 1;
";
$res = $db->query($sql);
if (!$res) {
die("Error SQL login!");
}
$num_rows = $db->num_rows($res);
if ($num_rows == 0) {
$errors[] = "Podales zlego uzytkownika lub/i haslo()";
}
else if ($num_rows == 1) {
if ($r = $db->fetch($res)) {
$user = new stdClass();
$user->ID = $r->ID;
$user->ADM_TECH_WORKER = $r->ADM_TECH_WORKER;
$user->ADM_COMPANY = $r->ADM_COMPANY;
$user->AUTHORIZE_USER = $r->ADM_ACCOUNT;
$user->ADM_ACCOUNT = $r->ADM_ACCOUNT;
$user->ADM_NAME = $r->ADM_NAME;
$user->ADM_ADMIN_LEVEL = $r->ADM_ADMIN_LEVEL;
$user->ADM_PHONE = $r->ADM_PHONE;
$user->ADM_ADMIN_EXPIRE = $r->ADM_ADMIN_EXPIRE;
$user->ADM_ADMIN_DESC = $r->ADM_ADMIN_DESC;
$user->EMAIL_IMAP_IMPORT_PASSWD = $r->EMAIL_IMAP_IMPORT_PASSWD;
$user->EMAIL_IMAP_IMPORT_HOST = $r->EMAIL_IMAP_IMPORT_HOST;
$user->EMAIL_IMAP_IMPORT_USERNAME = $r->EMAIL_IMAP_IMPORT_USERNAME;
$user->EMPLOYEE_TYPE = $r->EMPLOYEE_TYPE;
//$user->ADM_AREA = "$r->ADM_AREA";
//$_SESSION['ADM_PASSWD'] = $pass;
return $user;
}
}
return false;
}
public static function changePasswd($oldPass, $newPass) {
$db = DB::getDB();
$newPass = $db->_($newPass);
$oldPass = $db->_($oldPass);
$username = $db->_(self::getName());
$sql = "update `ADMIN_USERS` set
`ADM_PASSWD`=md5('{$newPass}')
where
`ADM_ACCOUNT`='{$username}' and
(`ADM_PASSWD`='{$oldPass}' or `ADM_PASSWD`=md5('{$oldPass}'))
limit 1;
";
$db->query($sql);
return ($db->affected_rows() > 0);
}
/**
* Check user access.
* @param string $name
* 'menu' - access to view menu
*
* @from [4101] ADM_ADMIN_LEVEL
* Poziom uprawnień - każdy powinien mieć poziom o numerze 3
* kierownicy powinni mieć 2
* a administratorzy 0
* kandydaci poziom 6.
* Poziom 1 umożliwia edycje procesów i zasobów
* poziom 2 umożliwia ocenę testów
* poziom 3 umożliwia widzenie systemu jakości.
*/
public static function hasAccess($name) {
switch ($name) {
case 'menu': {
if (User::get('ADM_ADMIN_LEVEL') < 6) {
return true;
}
else {
Lib::loadClass('Config');
$ALLOW_GUEST_ACCOUNT = (int)Config::get('ALLOW_GUEST_ACCOUNT');
if ($ALLOW_GUEST_ACCOUNT && User::getLogin() == 'anonymous') {
return true;
}
}
break;
}
case 'dbg': {
return (0 == User::get('ADM_ADMIN_LEVEL'));
break;
}
case 'procesy': {
if (User::get('ADM_ADMIN_LEVEL') < 4) return true;
break;
}
case 'procesy_admin': {
if (User::get('ADM_ADMIN_LEVEL') < 2) return true;
break;
}
case 'testy': {
if (User::get('ADM_ADMIN_LEVEL') <= 6) return true;
break;
}
case 'testy_wyniki': {
if (User::get('ADM_ADMIN_LEVEL') < 3) return true;
break;
}
case 'testy_wyniki_edit': {
if (User::get('ADM_ADMIN_LEVEL') < 3) return true;
break;
}
case 'testy_wyniki_read': {
if (User::get('ADM_ADMIN_LEVEL') < 3) return true;
break;
}
case 'user_add_group': {
if (User::get('ADM_ADMIN_LEVEL') < 1) return true;
break;
}
default:
}
return false;
}
public static function hasAccessToEditTable($tableName) {
if (empty($tableName)) return;
$userAcl = User::getAcl();
$userAcl->fetchGroups();
Lib::loadClass('ProcesHelper');
$zasobID = ProcesHelper::getZasobTableID($tableName);
if (!$userAcl->hasTableAcl($zasobID)) {
return false;
}
$tblAcl = $userAcl->getTableAcl($zasobID);
if (empty($tblAcl)) {
echo "Brak dostępu do tabeli nr {$zasobID} '{$tableName}'"; return;
//throw new Exception("Brak dostępu do tabeli nr {$zasobID} '{$tableName}'");
}
$tblAcl->init();
return $tblAcl->hasEditPerms();
}
public static function hasGroup($groupName) {
// TODO: find group by name @see self::getGroups() @used in SchemaReaderProcess
return false;
}
public static function getAnonymousAccount() {
$db = DB::getDB();
if (!$db) die("Error DB connection!");
$sql = "select u.*
from `ADMIN_USERS` as u
where
u.`ADM_ACCOUNT`='anonymous'
and u.`EMPLOYEE_TYPE`='Anonymous'
and u.`A_STATUS` in('NORMAL')
order by u.`ID` asc
limit 1
";
$res = $db->query($sql);
if (!$res) die("Error SQL login!");
$num_rows = $db->num_rows($res);
if ($r = $db->fetch($res)) {
//$_SESSION['ADM_PASSWD'] = $pass;
$user = new stdClass();
$user->ID = "$r->ID";
$user->AUTHORIZE_USER = "$r->ADM_ACCOUNT";
$user->ADM_ACCOUNT = "$r->ADM_ACCOUNT";
$user->ADM_PASSWD = "$r->ADM_PASSWD";
//$user->ADM_AREA = "$r->ADM_AREA";
$user->ADM_NAME = "$r->ADM_NAME";
$user->ADM_TECH_WORKER = "$r->ADM_TECH_WORKER";
$user->ADM_COMPANY = "$r->ADM_COMPANY";
$user->ADM_ADMIN_LEVEL = "$r->ADM_ADMIN_LEVEL";
$user->ADM_PHONE = "$r->ADM_PHONE";
$user->ADM_ADMIN_EXPIRE = "$r->ADM_ADMIN_EXPIRE";
$user->ADM_ADMIN_DESC = "$r->ADM_ADMIN_DESC";
return $user;
}
return false;
}
public static function getLdapGroups() {
$ldapGroups = User::_fetchLdapGroups();
return $ldapGroups;
}
public static function getLdapGroupsNames() {
$ldapGroupsNames = array();
$ldapGroups = User::_fetchLdapGroups();
foreach ($ldapGroups as $kID => $vLDAPGroup) {
$ldapGroupsNames[$kID] = $vLDAPGroup->cn;
}
return $ldapGroupsNames;
}
public static function getLdapGroupsIds() {
$ldapGroups = User::_fetchLdapGroups();
$gidNumbers = array();
if (!empty($ldapGroups)) {
foreach ($ldapGroups as $vLdapGroup) {
$gidNumbers[] = $vLdapGroup->gidNumber;
}
}
return $gidNumbers;
}
public static function _fetchLdapGroups() {
static $_groups;
if (!$_groups) {
$login = User::getLogin();
Lib::loadClass('UsersLdapHelper');
$_groups = UsersLdapHelper::getUserGroups($login, 3);
//echo'getLDAPGroupByUserName (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($_groups);echo'';
}
return $_groups;
}
}