child_name = 'RoleManager'; } /** * Gets role id * * @param int $pid Process id * @param string $name Role name * @access public * @return string */ function get_role_id($pid,$name) { $name = addslashes($name); return ($this->getOne('select wf_role_id from '.GALAXIA_TABLE_PREFIX.'roles where wf_name=? and wf_p_id=?', array($name, $pid))); } /** * Gets a role * * @param int $pId Process Id * @param int $roleId Role Id * @return array * @access public */ function get_role($pId, $roleId) { $query = 'select * from `'.GALAXIA_TABLE_PREFIX.'roles` where `wf_p_id`=? and `wf_role_id`=?'; $result = $this->query($query,array($pId, $roleId)); $res = $result->fetchRow(); return $res; } /** * Indicates if a role exists * * @param int $pid Process Id * @param string $name Role name * @return int Number of roles with this name on this process * @access public */ function role_name_exists($pid,$name) { $name = addslashes($name); return ($this->getOne('select count(*) from '.GALAXIA_TABLE_PREFIX.'roles where wf_p_id=? and wf_name=?', array($pid, $name))); } /** * Maps a user to a role * * @param int $pId Process id * @param int $user User id * @param int $roleId Role id * @param string $account_type User account type * @return void * @access public */ function map_user_to_role($pId,$user,$roleId,$account_type='u') { $query = 'delete from `'.GALAXIA_TABLE_PREFIX.'user_roles` where wf_p_id=? AND wf_account_type=? and `wf_role_id`=? and `wf_user`=?'; $this->query($query,array($pId, $account_type,$roleId, $user)); $query = 'insert into '.GALAXIA_TABLE_PREFIX.'user_roles (wf_p_id, wf_user, wf_role_id ,wf_account_type) values(?,?,?,?)'; $this->query($query,array($pId,$user,$roleId,$account_type)); } /** * Removes a mapping * * @param int $user User id * @param int $roleId Role id * @return void * @access public */ function remove_mapping($user,$roleId) { $query = 'delete from `'.GALAXIA_TABLE_PREFIX.'user_roles` where `wf_user`=? and `wf_role_id`=?'; $this->query($query,array($user, $roleId)); } /** * Deletes all existing mappings concerning one user * * @param int $user User id * @return void * @access public */ function remove_user($user) { $query = 'delete from '.GALAXIA_TABLE_PREFIX.'user_roles where wf_user=?'; $this->query($query,array($user)); } /** * Transfers all existing mappings concerning one user to another user * * @param array $user_array Associative, keys are: 'old_user': current user id and 'new_user', the new user id * @return void * @access public */ function transfer_user($user_array) { $query = 'update '.GALAXIA_TABLE_PREFIX.'user_roles set wf_user=? where wf_user=?'; $this->query($query,array($user_array['new_user'], $user_array['old_user'])); } /** * Gets list of roles/users mappings for a given process * * @param int $pId Process id, mappings are returned for a complete process * @param int $offset Starting record of the returned array * @param int $maxRecords Maximum number of records for the returned array * @param string $sort_mode Sort order for the query, like 'wf_name__ASC' * @param string $find Searched in role name, role description or user/group name * @return array Having for each row [wf_name] (role name),[wf_role_id],[wf_user] and [wf_account_type] ('u' user or 'g' group), * Be aware 'cause you may have the same user or group several times if mapped to several roles * @access public */ function list_mappings($pId,$offset,$maxRecords,$sort_mode,$find) { $sort_mode = $this->convert_sortmode($sort_mode); $whereand = ' and gur.wf_p_id=? '; $bindvars = Array($pId); if($find) { // no more quoting here - this is done in bind vars already $findesc = '%'.$find.'%'; $whereand .= ' and ((wf_name like ?) or (wf_user like ?) or (wf_description like ?)) '; $bindvars[] = $findesc; $bindvars[] = $findesc; $bindvars[] = $findesc; } $query = "select wf_name,gr.wf_role_id,wf_user,wf_account_type from ".GALAXIA_TABLE_PREFIX."roles gr, ".GALAXIA_TABLE_PREFIX."user_roles gur where gr.wf_role_id=gur.wf_role_id $whereand"; $result = $this->query($query,$bindvars, $maxRecords, $offset, true, $sort_mode); $query_cant = "select count(*) from ".GALAXIA_TABLE_PREFIX."roles gr, ".GALAXIA_TABLE_PREFIX."user_roles gur where gr.wf_role_id=gur.wf_role_id $whereand"; $cant = $this->getOne($query_cant,$bindvars); $ret = Array(); while($res = $result->fetchRow()) { $ret[] = $res; } $retval = Array(); $retval["data"] = $ret; $retval["cant"] = $cant; return $retval; } /** * Gets a list of users/groups mapped for a given process. Can expand groups to real users in the result and can restrict mappings to a given subset of roles and or activities * * @param int $pId Process id, mappings are returned for a complete process by default (see param roles_subset or activities_subset) * @param bool $expand_groups If true (false by default) we are not giving the group mappings but instead expand these groups to real users while avoiding repeating users twice * @param array $subset Associative containing a list of roles and/or activities for which we want to restrict the list empty by default. * This array needs to contains the [wf_role_name] key with role names values to restrict roles. * This array needs to contains the [wf_activity_name] key with activity names values to restrict activities * @return array Associative, having for each row the user or group id and an associated name * @access public */ function &list_mapped_users($pId,$expand_groups=false, $subset=Array()) { $whereand = ' where gur.wf_p_id=? '; $bindvars = Array($pId); if (!(count($subset)==0)) { $roles_subset = Array(); $activities_subset =Array(); $activities_id_subset = Array(); foreach($subset as $key => $value ) { if ($key=='wf_role_name') { $roles_subset = $value; } if ($key=='wf_activity_name') { $activities_subset = $value; } if ($key == 'wf_activity_id') { $activities_id_subset = $value; } } if (count($roles_subset)>0) { if (!(is_array($roles_subset))) { $roles_subset = explode(',',$roles_subset); } $whereand .= " and ((gr.wf_name) in ('".implode("','",$roles_subset)."'))"; } if (count($activities_subset)>0) { if (!(is_array($activities_subset))) { $activities_subset = explode(',',$activities_subset); } $whereand .= " and ((ga.wf_name) in ('".implode("','",$activities_subset)."'))"; } if (count($activities_id_subset) > 0) { if (!(is_array($activities_id_subset))) { $activities_id_subset = explode(',',$activities_id_subset); } $whereand .= " and ((ga.wf_activity_id) in ('".implode("','",$activities_id_subset)."'))"; } } $query = "select distinct(wf_user),wf_account_type from ".GALAXIA_TABLE_PREFIX."roles gr INNER JOIN ".GALAXIA_TABLE_PREFIX."user_roles gur ON gr.wf_role_id=gur.wf_role_id LEFT JOIN ".GALAXIA_TABLE_PREFIX."activity_roles gar ON gar.wf_role_id=gr.wf_role_id LEFT JOIN ".GALAXIA_TABLE_PREFIX."activities ga ON ga.wf_activity_id=gar.wf_activity_id $whereand "; $result = $this->query($query,$bindvars); $ret = Array(); $ldap = &Factory::getInstance('WorkflowLDAP'); if (!(empty($result))) { while($res = $result->fetchRow()) { if (($expand_groups) && ($res['wf_account_type']=='g')) { //we have a group instead of a simple user and we want real users $real_users = galaxia_retrieve_group_users($res['wf_user'], true); if (!empty($real_users)) { foreach ($real_users as $key => $value) { $ret[$key]=$value; } } } else { $ret[$res['wf_user']] = $ldap->getName($res['wf_user']); } } } return $ret; } /** * Lists roles at process level * * @param int $pId Process id * @param int $offset Starting resultset row * @param int $maxRecords Maximum number of records * @param string $sort_mode Query sorting mode * @param string $find Search query string * @param string $where Condition query string * @return array Roles list * @access public */ function list_roles($pId,$offset,$maxRecords,$sort_mode,$find,$where='') { $sort_mode = $this->convert_sortmode($sort_mode); if($find) { // no more quoting here - this is done in bind vars already $findesc = '%'.$find.'%'; $mid=' where wf_p_id=? and ((wf_name like ?) or (wf_description like ?))'; $bindvars = array($pId,$findesc,$findesc); } else { $mid=' where wf_p_id=? '; $bindvars = array($pId); } if($where) { $mid.= " and ($where) "; } $query = 'select * from '.GALAXIA_TABLE_PREFIX."roles $mid"; $query_cant = 'select count(*) from '.GALAXIA_TABLE_PREFIX."roles $mid"; $result = $this->query($query,$bindvars,$maxRecords,$offset, 1, $sort_mode); $cant = $this->getOne($query_cant,$bindvars); $ret = Array(); while($res = $result->fetchRow()) { $ret[] = $res; } $retval = Array(); $retval['data'] = $ret; $retval['cant'] = $cant; return $retval; } /** * Removes a role * * @param int $pId Process Id * @param int $roleId Role Id * @return bool * @access public */ function remove_role($pId, $roleId) { // start a transaction $this->db->StartTrans(); $query = 'delete from `'.GALAXIA_TABLE_PREFIX.'roles` where `wf_p_id`=? and `wf_role_id`=?'; $this->query($query,array($pId, $roleId)); $query = 'delete from `'.GALAXIA_TABLE_PREFIX.'activity_roles` where `wf_role_id`=?'; $this->query($query,array($roleId)); $query = 'delete from `'.GALAXIA_TABLE_PREFIX.'user_roles` where `wf_role_id`=?'; $this->query($query,array($roleId)); // perform commit (return true) or Rollback (return false) return $this->db->CompleteTrans(); } /** * Updates or inserts a new role in the database * * @param array $vars Associative, having the fields to update or to insert as needed * @param int $pId Process id * @param int $roleId Role id, 0 in insert mode * @return mixed Role id (the new one if in insert mode) if everything was ok, false in the other case */ function replace_role($pId, $roleId, $vars) { // start a transaction $this->db->StartTrans(); $TABLE_NAME = GALAXIA_TABLE_PREFIX.'roles'; $now = date("U"); if (!(isset($vars['wf_last_modif']))) $vars['wf_last_modif']=$now; $vars['wf_p_id']=$pId; foreach($vars as $key=>$value) { $vars[$key]=addslashes($value); } if($roleId) { // update mode $first = true; $query ="update $TABLE_NAME set"; $bindvars = Array(); foreach($vars as $key=>$value) { if(!$first) $query.= ','; //if(!is_numeric($value)) $value="'".$value."'"; $query.= " $key=? "; $bindvars[] = $value; $first = false; } $query .= ' where wf_p_id=? and wf_role_id=? '; $bindvars[] = $pId; $bindvars[] = $roleId; $this->query($query, $bindvars); } else { //check unicity $name = $vars['wf_name']; if ($this->getOne('select count(*) from '.$TABLE_NAME.' where wf_p_id=? and wf_name=?', array($pId,$name))) { return false; } unset($vars['wf_role_id']); // insert mode $bindvars = Array(); $first = true; $query = "insert into $TABLE_NAME("; foreach(array_keys($vars) as $key) { if(!$first) $query.= ','; $query.= "$key"; $first = false; } $query .=') values('; $first = true; foreach(array_values($vars) as $value) { if(!$first) $query.= ','; //if(!is_numeric($value)) $value="'".$value."'"; $query.= '?'; $bindvars[] = $value; $first = false; } $query .=')'; $this->query($query, $bindvars); //get the last inserted row $roleId = $this->getOne('select max(wf_role_id) from '.$TABLE_NAME.' where wf_p_id=?', array($pId)); } // perform commit (return true) or Rollback (return false) if ($this->db->CompleteTrans()) { // Get the id return $roleId; } else { return false; } } /** * Lists all users and groups recorded in the mappings with their status (user or group) * * @return array Associative, containing a row for each user, where each row is an array containing 'wf_user' and 'wf_account_type' keys * @access public */ function get_all_users() { $final = Array(); //query for user mappings affected to groups & vice-versa $query ='select distinct(gur.wf_user), gur.wf_account_type from '.GALAXIA_TABLE_PREFIX.'user_roles gur'; $result = $this->query($query); if (!(empty($result))) { while ($res = $result->fetchRow()) { $final[] = $res; } } return $final; } /** * Get roles for a given user * * @param int $user The given user * @return array Roles for the given user * @access public */ function getUserRoles($user, $pid = null) { /* retrieve user_groups information in an array containing all groups for this user */ $userGroups = galaxia_retrieve_user_groups($user); $values = array($user); $query = 'SELECT wf_role_id FROM ' . GALAXIA_TABLE_PREFIX . 'user_roles WHERE ( (wf_user = ? AND wf_account_type = \'u\')'; if (is_array($userGroups)) { foreach ($userGroups as &$group) $group = "'{$group}'"; $query .= ' OR (wf_user IN (' . implode(',', $userGroups) . ') AND wf_account_type = \'g\')'; } $query .= ')'; if (!is_null($pid)) { $query .= ' AND (wf_p_id = ?)'; $values[] = $pid; } $result = $this->query($query, $values); $output = Array(); while($res = $result->fetchRow()) $output[] = $res['wf_role_id']; return $output; } } ?>