[geeklog-cvs] Auth_Enterprise/Server/providers AEBasePearDBProvider.class.php,1.1.1.1,1.2
tony at iowaoutdoors.org
tony at iowaoutdoors.org
Wed Jun 16 01:25:49 EDT 2004
Update of /var/cvs/Auth_Enterprise/Server/providers
In directory www:/tmp/cvs-serv26662
Modified Files:
AEBasePearDBProvider.class.php
Log Message:
Finished privilege related methods and got the groups ones started
Index: AEBasePearDBProvider.class.php
===================================================================
RCS file: /var/cvs/Auth_Enterprise/Server/providers/AEBasePearDBProvider.class.php,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** AEBasePearDBProvider.class.php 15 Jun 2004 15:19:27 -0000 1.1.1.1
--- AEBasePearDBProvider.class.php 16 Jun 2004 05:25:47 -0000 1.2
***************
*** 163,167 ****
}
! $userName = strtouppper($userName);
// First delete any privileges the user has (and start SQL transaction)
--- 163,167 ----
}
! $userName = strtoupper($userName);
// First delete any privileges the user has (and start SQL transaction)
***************
*** 179,187 ****
// Now add privileges for the user
$prepStmt = $this->db->prepare('INSERT INTO ae_privilege_access
! (pa_priv_cd, pa_priv_desc, pa_user_name, pa_grp_id)
VALUES (?,?,?,NULL)');
foreach ($privArray as $curPriv) {
$result = $this->db->execute($prepStmt, array($curPriv->getPrivilegeCode(),
! $curPriv->getPrivilegeDesc(), $userName));
if (DB::isError($result)) {
if ($this->db->provides('transactions')) {
--- 179,187 ----
// Now add privileges for the user
$prepStmt = $this->db->prepare('INSERT INTO ae_privilege_access
! (pa_priv_cd, pa_app_id, pa_user_name, pa_grp_id)
VALUES (?,?,?,NULL)');
foreach ($privArray as $curPriv) {
$result = $this->db->execute($prepStmt, array($curPriv->getPrivilegeCode(),
! $this->appId, $userName));
if (DB::isError($result)) {
if ($this->db->provides('transactions')) {
***************
*** 208,219 ****
--- 208,382 ----
public function listAppPrivilegesByAdmin($adminUserName, $adminPassword)
{
+ // Make sure admin is authenticated
+ if (!$this->isAuthenticated) {
+ try {
+ $userObj = $this->authenticate($adminUserName, $adminPassword);
+ } catch (AESQLException $e) {
+ throw $e;
+ } catch (AEAccountLocked $e) {
+ throw new AEAccountLocked('Administrator\'s account is locked');
+ } catch (AEPasswordExpired $e) {
+ throw new AEPasswordExpired('Administrator\'s password has expired');
+ }
+ }
+
+ if (!$userObj->authorize('AE_ACCOUNT_MGR')) {
+ throw new AEUserNotAuthorized('This user is not an account manager and is unable to
+ list the privileges for this application');
+ }
+
+ // Get privileges
+ $prepStmt = $this->db->prepare('SELECT ap_priv_cd, ap_priv_desc
+ FROM ae_app_privileges
+ WHERE ap_app_id = ?');
+ $result = $this->db->execute($prepStmt, array($this->appId));
+ //print $result->numRows(); exit;
+ if (DB::isError($result)) {
+ throw new AESQLException($result->toString());
+ }
+
+ return $this->dbResultToPrivilege($result);
}
+ /**
+ * Gets the groups for a given user on behalf of an administrator
+ *
+ * @author Tony Bibbs <tony at geeklog.net>
+ * @access public
+ * @param string $adminUserName Administrator's username
+ * @param string $adminPassword Administrator's password
+ * @param string $userName User to get groups for
+ * @return array Array of AEGroup objects
+ *
+ */
public function getUserGroupsByAdmin($adminUserName, $adminPassword, $userName)
{
+ // Make sure admin is authenticated
+ if (!$this->isAuthenticated) {
+ try {
+ $userObj = $this->authenticate($adminUserName, $adminPassword);
+ } catch (AESQLException $e) {
+ throw $e;
+ } catch (AEAccountLocked $e) {
+ throw new AEAccountLocked('Administrator\'s account is locked');
+ } catch (AEPasswordExpired $e) {
+ throw new AEPasswordExpired('Administrator\'s password has expired');
+ }
+ }
+
+ $userName = strtoupper($userName);
+
+ if (!$userObj->authorize('AE_ACCOUNT_MGR')) {
+ throw new AEUserNotAuthorized('This user is not an account manager and is unable to
+ get the groups for the given user');
+ }
+
+ try {
+ return $this->getGroups($userName);
+ } catch (AESQLException $e) {
+ throw $e;
+ }
}
+ /**
+ * Gets the groups for a given user on behalf of an administrator
+ *
+ * @author Tony Bibbs <tony at geeklog.net>
+ * @access public
+ * @param string $adminUserName Administrator's username
+ * @param string $adminPassword Administrator's password
+ * @param string $userName User to set groups for
+ * @param array $groupArray Array of AEGroup objects
+ *
+ */
public function setUserGroupsByAdmin($adminUserName, $adminPassword, $userName, $groupArray)
{
+ // Make sure admin is authenticated
+ if (!$this->isAuthenticated) {
+ try {
+ $userObj = $this->authenticate($adminUserName, $adminPassword);
+ } catch (AESQLException $e) {
+ throw $e;
+ } catch (AEAccountLocked $e) {
+ throw new AEAccountLocked('Administrator\'s account is locked');
+ } catch (AEPasswordExpired $e) {
+ throw new AEPasswordExpired('Administrator\'s password has expired');
+ }
+ }
+
+ // Verify privileges given even exist
+ foreach ($groupArray as $curGroup) {
+ try {
+ if (!$this->groupExists($curGroup)) {
+ throw new AEInvalidGroup(sprintf('Group %s does not exist
+ for application %s', $curGroup->getGroupLogicalName(), $this->appId));
+ }
+ } catch (AESQLException $e) {
+ throw $e;
+ }
+ }
+
+ $userName = strtoupper($userName);
+
+ // First delete any privileges the user has (and start SQL transaction)
+ if ($this->db->provides('transactions')) {
+ $this->db->autoCommit(false);
+ }
+
+ $prepStmt = $this->db->prepare('DELETE FROM ae_group_assignment
+ WHERE ga_assigned_user_name = ?');
+ $result = $this->db->execute($prepStmt, array($userName));
+ if (DB::isError($result)) {
+ $this->db->autoCommit(true);
+ throw new AESQLException($result->toString());
+ }
+
+ // Now add privileges for the user
+ $prepStmt = $this->db->prepare('INSERT INTO ae_group_assignment
+ (ga_main_grp_id, ga_assigned_user_name, ga_assigned_grp_id)
+ VALUES (?,?,?,NULL)');
+ foreach ($groupArray as $groupPriv) {
+ $result = $this->db->execute($prepStmt, array($curGroup->getGroupId(),$userName));
+ if (DB::isError($result)) {
+ if ($this->db->provides('transactions')) {
+ $this->db->rollback();
+ $this->db->autoCommit(true);
+ }
+ throw new AESQLException($result->toString());
+ }
+ }
+
+ if ($this->db->provides('transactions')) {
+ $this->db->commit();
+ $this->db->autoCommit(true);
+ }
+ }
+
+ /**
+ * Determines if a given group exists for the current application
+ *
+ * @author Tony Bibbs <tony at geeklog.net>
+ * @access private
+ * @param object $groupObj AEGroup instance
+ * @return boolean
+ *
+ */
+ private function groupExists($groupObj)
+ {
+ $prepStmt = $this->db->prepare('SELECT count(*)
+ FROM ae_group
+ WHERE grp_app_id = ?
+ AND grp_id = ?');
+ $result = $this->db->execute($prepStmt, array($this->appId, $groupObj->getGroupId()));
+ if (DB::isError($result)) {
+ throw new AESQLException($result->toString());
+ }
+ $row = $result->fetchRow($this->fetchMode);
+
+ if ($row[0] == 1) {
+ return true;
+ }
+
+ return false;
}
***************
*** 313,317 ****
return $userGroups;
}
-
$curGroup = new AEGroup();
while ($row = $result->fetchRow($this->_fetchMode)) {
--- 476,479 ----
***************
*** 492,497 ****
--- 654,661 ----
for ($i = 1; $i <= $numRows; $i++) {
$row = $sqlResult->fetchRow($this->fetchMode);
+ $tmpPriv = new AEPrivilege();
$tmpPriv->setPrivilegeCode($row[0]);
$tmpPriv->setPrivilegeDesc($row[1]);
+
$privArray[] = $tmpPriv;
}
More information about the geeklog-cvs
mailing list