* FusionForge roles
*
* Copyright 2004, GForge, LLC
+ * Copyright 2009, Roland Mas
*
* This file is part of FusionForge.
*
'docman'=>array('0','1'),
'forumadmin'=>array('0','2'),
'forum'=>array('-1','0','1','2'),
+ 'newforum'=>array('-1','0','1','2'),
'trackeradmin'=>array('0','2'),
'tracker'=>array('-1','0','1','2','3'),
+ 'newtracker'=>array('-1','0','1','2','3'),
'pmadmin'=>array('0','2'),
'pm'=>array('-1','0','1','2','3'),
+ 'newpm'=>array('-1','0','1','2','3'),
'webcal'=>array('0','1','2'));
- var $defaults=array(
- 'Admin'=>array( 'projectadmin'=>'A', 'frs'=>'1', 'scm'=>'1', 'docman'=>'1', 'forumadmin'=>'2', 'forum'=>'2', 'trackeradmin'=>'2', 'tracker'=>'2', 'pmadmin'=>'2', 'pm'=>'2', 'webcal'=>'1' ),
- 'Senior Developer'=>array( 'projectadmin'=>'0', 'frs'=>'1', 'scm'=>'1', 'docman'=>'1', 'forumadmin'=>'2', 'forum'=>'2', 'trackeradmin'=>'2', 'tracker'=>'2', 'pmadmin'=>'2', 'pm'=>'2', 'webcal'=>'2' ),
- 'Junior Developer'=>array( 'projectadmin'=>'0', 'frs'=>'0', 'scm'=>'1', 'docman'=>'0', 'forumadmin'=>'0', 'forum'=>'1', 'trackeradmin'=>'0', 'tracker'=>'1', 'pmadmin'=>'0', 'pm'=>'1', 'webcal'=>'2' ),
- 'Doc Writer'=>array( 'projectadmin'=>'0', 'frs'=>'0', 'scm'=>'0', 'docman'=>'1', 'forumadmin'=>'0', 'forum'=>'1', 'trackeradmin'=>'0', 'tracker'=>'0', 'pmadmin'=>'0', 'pm'=>'0' , 'webcal'=>'2'),
- 'Support Tech'=>array( 'projectadmin'=>'0', 'frs'=>'0', 'scm'=>'0', 'docman'=>'1', 'forumadmin'=>'0', 'forum'=>'1', 'trackeradmin'=>'0', 'tracker'=>'2', 'pmadmin'=>'0', 'pm'=>'0' , 'webcal'=>'2')
- );
-
+ var $defaults;
+
/**
* Role($group,$id) - CONSTRUCTOR.
*
* @param int The role_id.
*/
function Role ($Group,$role_id=false) {
+ # Initialize the default group settings
+ if ($GLOBALS['default_roles']) {
+ $this->defaults=$GLOBALS['default_roles'];
+ } else {
+ $this->defaults=array(
+ 'Admin'=>array( 'projectadmin'=>'A', 'frs'=>'1', 'scm'=>'1', 'docman'=>'1', 'forumadmin'=>'2', 'forum'=>'2', 'newforum'=>'2', 'trackeradmin'=>'2', 'tracker'=>'2', 'newtracker'=>'2', 'pmadmin'=>'2', 'pm'=>'2', 'newpm'=>'2', 'webcal'=>'1' ),
+ 'Senior Developer'=>array( 'projectadmin'=>'0', 'frs'=>'1', 'scm'=>'1', 'docman'=>'1', 'forumadmin'=>'2', 'forum'=>'2', 'newforum'=>'2', 'trackeradmin'=>'2', 'tracker'=>'2', 'newtracker'=>'2', 'pmadmin'=>'2', 'pm'=>'2', 'newpm'=>'2', 'webcal'=>'2' ),
+ 'Junior Developer'=>array( 'projectadmin'=>'0', 'frs'=>'0', 'scm'=>'1', 'docman'=>'0', 'forumadmin'=>'0', 'forum'=>'1', 'newforum'=>'1', 'trackeradmin'=>'0', 'tracker'=>'1', 'newtracker'=>'1', 'pmadmin'=>'0', 'pm'=>'1', 'newpm'=>'1', 'webcal'=>'2' ),
+ 'Doc Writer'=>array( 'projectadmin'=>'0', 'frs'=>'0', 'scm'=>'0', 'docman'=>'1', 'forumadmin'=>'0', 'forum'=>'1', 'newforum'=>'1', 'trackeradmin'=>'0', 'tracker'=>'0', 'newtracker'=>'0', 'pmadmin'=>'0', 'pm'=>'0' , 'newpm'=>'0' , 'webcal'=>'2'),
+ 'Support Tech'=>array( 'projectadmin'=>'0', 'frs'=>'0', 'scm'=>'0', 'docman'=>'1', 'forumadmin'=>'0', 'forum'=>'1', 'newforum'=>'1', 'trackeradmin'=>'0', 'tracker'=>'2', 'newtracker'=>'2', 'pmadmin'=>'0', 'pm'=>'0' , 'newpm'=>'0' , 'webcal'=>'2')
+ );
+ }
+
+
$this->Error();
if (!$Group || !is_object($Group) || $Group->isError()) {
$this->setError('Role::'.$Group->getErrorMessage());
return false;
}
+ // Check if role_name is not already used.
+ $res = db_query_params('SELECT role_name FROM role WHERE group_id=$1 AND role_name=$2',
+ array ($this->Group->getID(), htmlspecialchars($role_name)));
+ if (db_numrows($res)) {
+ $this->setError('Cannot create a role with this name (already used)');
+ return false;
+ }
+
db_begin();
- $sql="INSERT INTO role (group_id,role_name)
- VALUES ('".$this->Group->getID()."','".htmlspecialchars($role_name)."')";
-//echo "\n<br>$sql";
- $res=db_query($sql);
+ $res = db_query_params ('INSERT INTO role (group_id, role_name) VALUES ($1, $2)',
+ array ($this->Group->getID(),
+ htmlspecialchars($role_name))) ;
if (!$res) {
$this->setError('create::'.db_error());
db_rollback();
if (!$uvalue) {
$uvalue=0;
}
- $sql="INSERT INTO role_setting (role_id,section_name,ref_id,value)
- values ('$role_id','$usection_name', '$uref_id','$uvalue')";
-//echo "\n<br>$sql";
- $res=db_query($sql);
+ $res = db_query_params ('INSERT INTO role_setting (role_id,section_name,ref_id,value) VALUES ($1,$2,$3,$4)',
+ array ($role_id,
+ $usection_name,
+ $uref_id,
+ $uvalue)) ;
if (!$res) {
$this->setError('create::insertsetting::'.db_error());
db_rollback();
}
}
}
+ if (!$this->fetchData($role_id)) {
+ db_rollback();
+ return false;
+ }
db_commit();
return $role_id;
}
for ($i=0; $i<count($keys); $i++) {
if ($keys[$i] == 'forum') {
- $res=db_query("SELECT group_forum_id
- FROM forum_group_list
- WHERE group_id='".$this->Group->getID()."'");
+ $res = db_query_params ('SELECT group_forum_id FROM forum_group_list WHERE group_id=$1',
+ array ($this->Group->getID())) ;
if (!$res) {
$this->setError('Error: Forum'.db_error());
return false;
$data[$keys[$i]][db_result($res,$j,'group_forum_id')]= $arr[$keys[$i]];
}
} elseif ($keys[$i] == 'pm') {
- $res=db_query("SELECT group_project_id
- FROM project_group_list
- WHERE group_id='".$this->Group->getID()."'");
+ $res = db_query_params ('SELECT group_project_id FROM project_group_list WHERE group_id=$1',
+ array ($this->Group->getID())) ;
if (!$res) {
$this->setError('Error: TaskMgr'.db_error());
return false;
$data[$keys[$i]][db_result($res,$j,'group_project_id')]= $arr[$keys[$i]];
}
} elseif ($keys[$i] == 'tracker') {
- $res=db_query("SELECT group_artifact_id
- FROM artifact_group_list
- WHERE group_id='".$this->Group->getID()."'");
+ $res = db_query_params ('SELECT group_artifact_id FROM artifact_group_list WHERE group_id=$1',
+ array ($this->Group->getID())) ;
if (!$res) {
$this->setError('Error: Tracker'.db_error());
return false;
function fetchData($role_id) {
unset($this->data_array);
unset($this->setting_array);
- $res=db_query("SELECT * FROM role WHERE role_id='$role_id'");
+ $res = db_query_params ('SELECT * FROM role WHERE role_id=$1',
+ array ($role_id)) ;
if (!$res || db_numrows($res) < 1) {
$this->setError('Role::fetchData()::'.db_error());
return false;
}
$this->data_array =& db_fetch_array($res);
- $res=db_query("SELECT * FROM role_setting WHERE role_id='$role_id'");
+ $res = db_query_params ('SELECT * FROM role_setting WHERE role_id=$1',
+ array ($role_id)) ;
if (!$res) {
$this->setError('Role::fetchData()::'.db_error());
return false;
return true;
}
+ function normalizeData($role_id) {
+ db_begin () ;
+ $this->fetchData ($role_id) ;
+
+ $new_sa = array () ;
+
+ // Add missing settings
+ // ...project-wide settings
+ $arr = array ('projectadmin', 'frs', 'scm', 'docman', 'forumadmin', 'trackeradmin', 'newtracker', 'pmadmin', 'newpm', 'webcal') ;
+ foreach ($arr as $section) {
+ if (array_key_exists ($section, $this->setting_array)) {
+ $new_sa[$section][0] = $this->setting_array[$section][0] ;
+ } else {
+ $new_sa[$section][0] = 0 ;
+ }
+ }
+
+ // ...tracker-related settings
+ $new_sa['tracker'] = array () ;
+ $res = db_query_params ('SELECT group_artifact_id FROM artifact_group_list WHERE group_id=$1',
+ array ($this->Group->getID())) ;
+ if (!$res) {
+ $this->setError('Error: Tracker '.db_error());
+ return false;
+ }
+ for ($j=0; $j<db_numrows($res); $j++) {
+ $tid = db_result ($res,$j,'group_artifact_id') ;
+ if (array_key_exists ('tracker', $this->setting_array)
+ && array_key_exists ($tid, $this->setting_array['tracker']) ) {
+ $new_sa[$section][$tid] = $this->setting_array[$section][$tid] ;
+ } else {
+ $new_sa[$section][$tid] = $new_sa['newtracker'] ;
+ }
+ }
+
+ // ...forum-related settings
+ $new_sa['forum'] = array () ;
+ $res = db_query_params ('SELECT group_forum_id FROM forum_group_list WHERE group_id=$1',
+ array ($this->Group->getID())) ;
+ if (!$res) {
+ $this->setError('Error: Forum '.db_error());
+ return false;
+ }
+ for ($j=0; $j<db_numrows($res); $j++) {
+ $tid = db_result ($res,$j,'group_forum_id') ;
+ if (array_key_exists ('forum', $this->setting_array)
+ && array_key_exists ($tid, $this->setting_array['forum']) ) {
+ $new_sa[$section][$tid] = $this->setting_array[$section][$tid] ;
+ } else {
+ $new_sa[$section][$tid] = $new_sa['newforum'] ;
+ }
+ }
+
+ // ...subproject-related settings
+ $new_sa['pm'] = array () ;
+ $res = db_query_params ('SELECT group_project_id FROM project_group_list WHERE group_id=$1',
+ array ($this->Group->getID())) ;
+ if (!$res) {
+ $this->setError('Error: Subproject '.db_error());
+ return false;
+ }
+ for ($j=0; $j<db_numrows($res); $j++) {
+ $tid = db_result ($res,$j,'group_project_id') ;
+ if (array_key_exists ('pm', $this->setting_array)
+ && array_key_exists ($tid, $this->setting_array['pm']) ) {
+ $new_sa[$section][$tid] = $this->setting_array[$section][$tid] ;
+ } else {
+ $new_sa[$section][$tid] = $new_sa['newpm'] ;
+ }
+ }
+
+ // Delete extra settings
+ db_query_params ('DELETE FROM role_settings WHERE role_id=$1 AND section_name <> ALL ($2)',
+ array ($this->getID(),
+ db_string_array_to_any_clause (array_keys ($this->role_values)))) ;
+ db_query_params ('DELETE FROM role_settings WHERE role_id=$1 AND section_name = $2 AND ref_id <> ALL ($3)',
+ array ($this->getID(),
+ 'tracker',
+ db_int_array_to_any_clause (array_keys ($new_sa['tracker'])))) ;
+ db_query_params ('DELETE FROM role_settings WHERE role_id=$1 AND section_name = $2 AND ref_id <> ALL ($3)',
+ array ($this->getID(),
+ 'forum',
+ db_int_array_to_any_clause (array_keys ($new_sa['forum'])))) ;
+ db_query_params ('DELETE FROM role_settings WHERE role_id=$1 AND section_name = $2 AND ref_id <> ALL ($3)',
+ array ($this->getID(),
+ 'pm',
+ db_int_array_to_any_clause (array_keys ($new_sa['pm'])))) ;
+
+ db_commit () ;
+
+ // Save
+ $this->update ($this->data_array['role_name'], $this->setting_array) ;
+
+ return true;
+ }
+
/**
* &getRoleVals - get all the values and language text strings for this section.
*
*/
function &getRoleVals($section) {
global $role_vals, $rbac_permission_names;
+ setup_rbac_strings () ;
//
// Optimization - save array so it is only built once per page view
if (!$ref_id) {
$ref_id=0;
}
- return $this->setting_array[$section][$ref_id];
+ if (array_key_exists ($section, $this->setting_array)) {
+ return $this->setting_array[$section][$ref_id];
+ } else {
+ return 0 ;
+ }
+ }
+
+ function setVal($section, $ref_id, $value) {
+ $this->setting_array[$section][$ref_id] = $value;
+ return $this->update( $this->getName(), $this->setting_array);
+ }
+
+ /**
+ * delVal - delete a value out of the array of settings for this role.
+ *
+ * @param string The name of the role.
+ * @param integer The ref_id (ex: group_artifact_id, group_forum_id) for this item.
+ */
+ function delVal($section, $ref_id) {
+ unset($this->setting_array[$section][$ref_id]);
+
+ $sql = 'DELETE FROM role_setting
+ WHERE role_id=$1
+ AND section_name=$2
+ AND ref_id=$3';
+ $res=db_query_params($sql, array($this->getID(), $section, $ref_id));
+ if (!$res || db_affected_rows($res) < 1) {
+ $this->setError('delVal($section, $ref_id)'.db_error());
+ return false;
+ }
+ return true;
}
/**
db_begin();
if ($this->getName() != stripslashes($role_name)) {
- $sql="UPDATE role
- SET role_name='".htmlspecialchars($role_name)."'
- WHERE group_id='".$this->Group->getID()."'
- AND role_id='".$this->getID()."'";
-//echo "\n<br>$sql";
- $res=db_query($sql);
+ // Check if role_name is not already used.
+ $res = db_query_params('SELECT role_name FROM role WHERE group_id=$1 AND role_name=$2',
+ array ($this->Group->getID(), htmlspecialchars($role_name)));
+ if (db_numrows($res)) {
+ $this->setError('Cannot create a role with this name (already used)');
+ db_rollback();
+ return false;
+ }
+
+ $res = db_query_params ('UPDATE role SET role_name=$1 WHERE group_id=$2 AND role_id=$3',
+ array (htmlspecialchars($role_name),
+ $this->Group->getID(),
+ $this->getID())) ;
if (!$res || db_affected_rows($res) < 1) {
$this->setError('update::name::'.db_error());
db_rollback();
// See if this setting changed. If so, then update it
//
// if ($this->getVal($usection_name,$uref_id) != $uvalue) {
- $sql="UPDATE role_setting
- SET value='$uvalue'
- WHERE role_id='".$this->getID()."'
- AND section_name='$usection_name'
- AND ref_id='$uref_id'";
-//echo "\n<br>$sql";
- $res=db_query($sql);
- if (!$res || db_affected_rows($res) < 1) {
- $sql="INSERT INTO role_setting (role_id,section_name,ref_id,value)
- values ('".$this->getID()."','$usection_name', '$uref_id','$uvalue')";
-//echo "\n<br>$sql";
- $res=db_query($sql);
+ $res = db_query_params ('UPDATE role_setting SET value=$1 WHERE role_id=$2 AND section_name=$3 AND ref_id=$4',
+ array ($uvalue,
+ $this->getID(),
+ $usection_name,
+ $uref_id)) ;
+ if (!$res || db_affected_rows($res) < 1) {
+ $res = db_query_params ('INSERT INTO role_setting (role_id, section_name, ref_id, value) VALUES ($1, $2, $3, $4)',
+ array ($this->getID(),
+ $usection_name,
+ $uref_id,
+ $uvalue)) ;
if (!$res) {
$this->setError('update::rolesettinginsert::'.db_error());
db_rollback();
//$update_usergroup=true;
//iterate all users with this role
- $res=db_query("SELECT user_id
- FROM user_group
- WHERE role_id='".$this->getID()."'");
+ $res = db_query_params ('SELECT user_id FROM user_group WHERE role_id=$1',
+ array ($this->getID())) ;
for ($z=0; $z<db_numrows($res); $z++) {
//TODO - Shell should be separate flag
// else - restricted.
//
$cvs_flags=$data['scm'][0];
- $sql="UPDATE user_group
- SET cvs_flags=".$cvs_flags."
- WHERE user_id=".db_result($res,$z,'user_id')." AND role_id=".$this->getID();
- //echo '<h1>'.$data['scm'][0].'::'.$sql.'</h1>';
- $res2=db_query($sql);
+ $res2 = db_query_params ('UPDATE user_group SET cvs_flags=$1 WHERE user_id=$2',
+ array ($cvs_flags,
+ db_result($res,$z,'user_id')));
if (!$res2) {
$this->setError('update::scm::'.db_error());
db_rollback();
// I have doubt the following is usefull
// This is probably buggy if used
if ($cvs_flags>1) {
- if (!$SYS->sysUserSetAttribute($user_id,"debGforgeCvsShell","/bin/bash")) {
+ if (!$SYS->sysUserSetAttribute(db_result($res,$z,'user_id'),"debGforgeCvsShell","/bin/bash")) {
$this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
} else {
- if (!$SYS->sysUserSetAttribute($user_id,"debGforgeCvsShell","/bin/cvssh")) {
+ if (!$SYS->sysUserSetAttribute(db_result($res,$z,'user_id'),"debGforgeCvsShell","/bin/cvssh")) {
$this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
}
// if ($update_usergroup) {
- $sql="UPDATE user_group
- SET
- admin_flags='".$data['projectadmin'][0]."',
- forum_flags='".$data['forumadmin'][0]."',
- project_flags='".$data['pmadmin'][0]."',
- doc_flags='".$data['docman'][0]."',
- cvs_flags='".$data['scm'][0]."',
- release_flags='".$data['frs'][0]."',
- artifact_flags='".$data['trackeradmin'][0]."'
- WHERE role_id='".$this->getID()."'";
-//echo "\n<br>$sql";
- $res=db_query($sql);
+ $keys = array ('forumadmin', 'pmadmin', 'trackeradmin', 'docman', 'scm', 'frs', 'projectadmin') ;
+ foreach ($keys as $k) {
+ if (!array_key_exists ($k, $data)) {
+ $data[$k] = array(0);
+ }
+ }
+ $res = db_query_params ('UPDATE user_group
+ SET admin_flags=$1,
+ forum_flags=$2,
+ project_flags=$3,
+ doc_flags=$4,
+ cvs_flags=$5,
+ release_flags=$6,
+ artifact_flags=$7
+ WHERE role_id=$8',
+ array ($data['projectadmin'][0],
+ $data['forumadmin'][0],
+ $data['pmadmin'][0],
+ $data['docman'][0],
+ $data['scm'][0],
+ $data['frs'][0],
+ $data['trackeradmin'][0],
+ $this->getID())) ;
if (!$res) {
- $this->setError('update::usergroup::'.db_error());
+ $this->setError('::update::usergroup::'.db_error());
db_rollback();
return false;
}
//
// See if role is actually changing
//
- $res=db_query("SELECT role_id FROM user_group
- WHERE user_id='$user_id'
- AND group_id='".$this->Group->getID()."'");
+ $res = db_query_params ('SELECT role_id FROM user_group WHERE user_id=$1 AND group_id=$2',
+ array ($user_id,
+ $this->Group->getID())) ;
$old_roleid=db_result($res,0,0);
if ($this->getID() == $old_roleid) {
db_commit();
// else - restricted.
//
$cvs_flags=$this->getVal('scm',0);
- $sql="UPDATE user_group
- SET cvs_flags=".$cvs_flags."
- WHERE user_id=".$user_id."
- AND group_id='".$this->Group->getID()."'";
- //echo '<h1>'.$cvs_flags.'::'.$sql.'</h1>';
- $res2=db_query($sql);
+ $res2 = db_query_params ('UPDATE user_group SET cvs_flags=$1 WHERE user_id=$2 AND group_id=$3',
+ array ($cvs_flags,
+ $user_id,
+ $this->Group->getID())) ;
if (!$res2) {
$this->setError('update::scm::'.db_error());
db_rollback();
}
}
// if ($update_usergroup) {
- $sql="UPDATE user_group
- SET
- admin_flags='".$this->getVal('projectadmin',0)."',
- forum_flags='".$this->getVal('forumadmin',0)."',
- project_flags='".$this->getVal('pmadmin',0)."',
- doc_flags='".$this->getVal('docman',0)."',
- cvs_flags='".$this->getVal('scm',0)."',
- release_flags='".$this->getVal('frs',0)."',
- artifact_flags='".$this->getVal('trackeradmin',0)."',
- role_id='".$this->getID()."'
- WHERE
- user_id='".$user_id."'
- AND group_id='".$this->Group->getID()."'";
-//echo "\n<br>$sql";
- $res=db_query($sql);
+ $res = db_query_params ('UPDATE user_group
+ SET admin_flags=$1,
+ forum_flags=$2,
+ project_flags=$3,
+ doc_flags=$4,
+ cvs_flags=$5,
+ release_flags=$6,
+ artifact_flags=$7,
+ role_id=$8
+ WHERE user_id=$9 AND group_id=$10',
+ array ($this->getVal('projectadmin',0),
+ $this->getVal('forumadmin',0),
+ $this->getVal('pmadmin',0),
+ $this->getVal('docman',0),
+ $this->getVal('scm',0),
+ $this->getVal('frs',0),
+ $this->getVal('trackeradmin',0),
+ $this->getID(),
+ $user_id,
+ $this->Group->getID()));
if (!$res) {
- $this->setError('update::usergroup::'.db_error());
+ $this->setError('::update::usergroup::'.db_error());
db_rollback();
return false;
}