FOSSology  4.4.0
Open Source License Compliance by Open Source Software
common-perms.php
Go to the documentation of this file.
1 <?php
2 /*
3  SPDX-FileCopyrightText: © 2011-2013 Hewlett-Packard Development Company, L.P.
4 
5  SPDX-License-Identifier: LGPL-2.1-only
6 */
7 
8 use Fossology\Lib\Auth\Auth;
9 
22 function GetUploadsFromFolder($folder_pk)
23 {
24  $uploads = array();
25  if (empty($folder_pk)) {
26  return $uploads;
27  }
28  GetUploadsFromFolder_recurse($folder_pk, $uploads);
29  return $uploads;
30 } /* GetUploadsFromFolder */
31 
43 function GetUploadsFromFolder_recurse($folder_pk, &$uploads)
44 {
45  global $PG_CONN;
46 
47  $sql = "select * from foldercontents where parent_fk=$folder_pk";
48  $result = pg_query($PG_CONN, $sql);
49  DBCheckResult($result, $sql, __FILE__, __LINE__);
50  while ($row = pg_fetch_assoc($result)) {
51  switch ($row["foldercontents_mode"]) {
52  case 1: // Child is folder
53  GetUploadsFromFolder_recurse($row["child_id"], $uploads);
54  break;
55  case 2: // Child is upload
56  $uploads[] = $row["child_id"];
57  break;
58  default:
59  // Other modes not used at this time
60  }
61  }
62  pg_free_result($result);
63 } /* GetUploadsFromFolder_recurse */
64 
65 
76 function AddUserToGroupArray($GroupRow, &$GroupArray)
77 {
78  /* loop throught $GroupArray to see if the user is already present */
79  $found = false;
80  foreach ($GroupArray as &$Grec) {
81  if ($Grec['user_pk'] == $GroupRow['user_fk']) {
82  /* user already exists in $GroupArray, so make sure they have the highest
83  * permission granted to them.
84  */
85  if ($Grec['group_perm'] < $GroupRow['group_perm']) {
86  $Grec['group_perm'] = $GroupRow['group_perm'];
87  }
88  $found = true;
89  break;
90  }
91  }
92 
93  if (! $found) {
94  $NewGroup = array();
95  $NewGroup['user_pk'] = $GroupRow['user_fk'];
96  $NewGroup['group_pk'] = $GroupRow['group_pk'];
97  $NewGroup['group_name'] = $GroupRow['group_name'];
98  $NewGroup['group_perm'] = $GroupRow['group_perm'];
99  $GroupArray[] = $NewGroup;
100  }
101 }
102 
114 function GetGroupUsers($user_pk, $group_pk, &$GroupArray)
115 {
116  global $PG_CONN;
117  $GroupArray = array();
118 
119  $user_pk = GetArrayVal("UserId", $_SESSION);
120  if (empty($user_pk)) {
121  return $GroupArray;
122  }
123 
124  /****** For this group, get its users ******/
125  if (empty($user_pk)) {
126  $UserCondition = "";
127  } else {
128  $UserCondition = " and user_fk=$user_pk ";
129  }
130 
131  $sql = "select group_pk, group_name, group_perm, user_fk from group_user_member, groups where group_pk=$group_pk and group_pk=group_fk $UserCondition";
132  $result = pg_query($PG_CONN, $sql);
133  DBCheckResult($result, $sql, __FILE__, __LINE__);
134  while ($row = pg_fetch_assoc($result)) {
135  /* Add the user(s) to $GroupArray */
136  AddUserToGroupArray($row, $GroupArray);
137  }
138 }
139 
150 function GetUsersGroups($user_pk='')
151 {
152  global $PG_CONN;
153 
154  $GroupArray = array();
155 
156  if (empty($user_pk)) {
157  $user_pk = GetArrayVal("UserId", $_SESSION);
158  }
159  if (empty($user_pk)) {
160  return $GroupArray; /* user has no groups */
161  }
162  /* find all groups with this user */
163  $sql = "select group_fk as group_pk from group_user_member where user_fk=$user_pk";
164  $result = pg_query($PG_CONN, $sql);
165  DBCheckResult($result, $sql, __FILE__, __LINE__);
166  while ($row = pg_fetch_assoc($result)) {
167  /* Now find all the groups that contain this group */
168  GetGroupUsers($user_pk, $row['group_pk'], $GroupArray);
169  }
170  pg_free_result($result);
171  return $GroupArray;
172 }
173 
182 function GetGroupArray($user_pk)
183 {
184  global $PG_CONN;
185 
186  $GroupArray = array();
187 
188  if ($_SESSION[Auth::USER_LEVEL] == PLUGIN_DB_ADMIN) {
189  $sql = "select group_pk, group_name from groups";
190  } else {
191  $sql = "select group_pk, group_name from groups, group_user_member
192  where group_pk=group_fk and user_fk='$user_pk' and group_perm=1";
193  }
194  $result = pg_query($PG_CONN, $sql);
195  DBCheckResult($result, $sql, __FILE__, __LINE__);
196  if (pg_num_rows($result) > 0) {
197  while ($row = pg_fetch_assoc($result)) {
198  $GroupArray[$row['group_pk']] = $row['group_name'];
199  }
200  }
201  pg_free_result($result);
202 
203  natcasesort($GroupArray);
204  return $GroupArray;
205 }
206 
207 
213 function DeleteGroup($group_pk)
214 {
215  global $PG_CONN;
216 
217  $user_pk = Auth::getUserId();
218 
219  /* Make sure groupname looks valid */
220  if (empty($group_pk)) {
221  $text = _("Error: Group name must be specified.");
222  return ($text);
223  }
224 
225  /* See if the group already exists */
226  $sql = "SELECT group_pk FROM groups WHERE group_pk = '$group_pk'";
227  $result = pg_query($PG_CONN, $sql);
228  DBCheckResult($result, $sql, __FILE__, __LINE__);
229  if (pg_num_rows($result) < 1) {
230  pg_free_result($result);
231  $text = _("Group does not exist. Not deleted.");
232  return ($text);
233  }
234  pg_free_result($result);
235 
236  /* Make sure the user has permission to delete this group
237  * Look through all the group users (table group_user_member)
238  * and make sure the user has admin access.
239  */
240  if ($_SESSION[Auth::USER_LEVEL] != PLUGIN_DB_ADMIN) {
241  $sql = "SELECT * FROM group_user_member WHERE group_fk = '$group_pk' and user_fk='$user_pk' and group_perm=1";
242  $result = pg_query($PG_CONN, $sql);
243  DBCheckResult($result, $sql, __FILE__, __LINE__);
244  if (pg_num_rows($result) < 1) {
245  pg_free_result($result);
246  $text = _("Permission Denied.");
247  return ($text);
248  }
249  pg_free_result($result);
250  }
251 
252  /* Start transaction */
253  $sql = "begin";
254  $result = pg_query($PG_CONN, $sql);
255  DBCheckResult($result, $sql, __FILE__, __LINE__);
256  pg_free_result($result);
257 
258  /* Delete group records from perm_upload */
259  $sql = "delete from perm_upload where group_fk='$group_pk'";
260  $result = pg_query($PG_CONN, $sql);
261  DBCheckResult($result, $sql, __FILE__, __LINE__);
262  pg_free_result($result);
263 
264  /* Delete group records from group_user_member */
265  $sql = "delete from group_user_member where group_fk='$group_pk'";
266  $result = pg_query($PG_CONN, $sql);
267  DBCheckResult($result, $sql, __FILE__, __LINE__);
268  pg_free_result($result);
269 
270  /* Update new_upload_group_fk and new_upload_perm in users table */
271  $sql = "update users set new_upload_group_fk=NULL, new_upload_perm=NULL where new_upload_group_fk='$group_pk'";
272  $result = pg_query($PG_CONN, $sql);
273  DBCheckResult($result, $sql, __FILE__, __LINE__);
274  pg_free_result($result);
275 
276  /* Delete group records from groups table */
277  $sql = "delete from groups where group_pk='$group_pk'";
278  $result = pg_query($PG_CONN, $sql);
279  DBCheckResult($result, $sql, __FILE__, __LINE__);
280  pg_free_result($result);
281 
282  /* End transaction */
283  $sql = "commit";
284  $result = pg_query($PG_CONN, $sql);
285  DBCheckResult($result, $sql, __FILE__, __LINE__);
286  pg_free_result($result);
287 
288  return (null);
289 }
Fossology\Lib\Auth\Auth
Contains the constants and helpers for authentication of user.
Definition: Auth.php:24
DBCheckResult
DBCheckResult($result, $sql, $filenm, $lineno)
Check the postgres result for unexpected errors. If found, treat them as fatal.
Definition: common-db.php:187
GetUsersGroups
GetUsersGroups($user_pk='')
Find all the groups a user belongs to.
Definition: common-perms.php:150
DeleteGroup
DeleteGroup($group_pk)
Delete a group.
Definition: common-perms.php:213
GetUploadsFromFolder
GetUploadsFromFolder($folder_pk)
Definition: common-perms.php:22
GetGroupUsers
GetGroupUsers($user_pk, $group_pk, &$GroupArray)
Get all the users users of this group.
Definition: common-perms.php:114
AddUserToGroupArray
AddUserToGroupArray($GroupRow, &$GroupArray)
Check if User is already in the $GroupArray.
Definition: common-perms.php:76
GetGroupArray
GetGroupArray($user_pk)
Get array of groups that this user has admin access to @depricated use UserDao::getAdminGroupMap()
Definition: common-perms.php:182
GetUploadsFromFolder_recurse
GetUploadsFromFolder_recurse($folder_pk, &$uploads)
Definition: common-perms.php:43
GetArrayVal
GetArrayVal($Key, $Arr)
Get the value from a array(map)
Definition: common-ui.php:157
PLUGIN_DB_ADMIN
#define PLUGIN_DB_ADMIN
Plugin requires admin level permission on DB.
Definition: libfossology.h:39
$PG_CONN
foreach($Options as $Option=> $OptVal) if(0==$reference_flag &&0==$nomos_flag) $PG_CONN
Definition: list_license.php:50