Commit 6898184a authored by Jerome Mariette's avatar Jerome Mariette
Browse files

add right management

parent e4883ff3
......@@ -385,6 +385,141 @@ class tx_nG6_eid {
$val .= '</body>';
$val .= '</html>';
print $val;
} else if ($type == 'delete_users') {
$ids = trim(t3lib_div::_GP('ids'));
// users_id to array (1;2;3;...) -> [1;2;3;...]
$tab_ids = explode(";",$ids);
$project_id = trim(t3lib_div::_GP('project_id'));
// try to delete users in project ...
if($project_id != "") {
$none_access = "";
foreach($tab_ids as $id => $del_user_id) {
tx_nG6_db::delete_access_to_project($del_user_id, $project_id);
// find if user can't access to any project
$users_access = tx_nG6_db::count_number_of_project_access($del_user_id);
if($users_access == '0'){
$none_access .= $del_user_id.";";
}
}
if($none_access == ""){ // everybody has at least one access to a project
$others_access = '0';
}else{ // list separate by coma of users who can't access to any project
$others_access = substr($none_access, 0, -1);
}
print $others_access;
// delete users of DB...
}else{
foreach($tab_ids as $k_id => $v_id){
// delete group
$gid = tx_nG6_db::get_user_usergroup($v_id);
// delete user
tx_nG6_db::delete_user($v_id);
if(tx_nG6_db::count_users_in_group($gid) == 0){
tx_nG6_db::delete_group($gid);
}
}
}
// to change users' right on project
} else if ($type == 'change_right') {
$project_id = trim(t3lib_div::_GP('project_id'));
$c_user_id = trim(t3lib_div::_GP('c_user_id'));
$right_id = trim(t3lib_div::_GP('right_id'));
tx_nG6_db::change_access_to_project($c_user_id, $project_id, $right_id);
// jquery autocomplete
} else if ($type == 'autocomplete') {
$col = trim(t3lib_div::_GP('gender'));
$project_id = trim(t3lib_div::_GP('project_id'));
// user search
if($col != 'group'){
$name_start = trim(t3lib_div::_GP('name_start'));
$res = tx_nG6_db::get_all_names_starting_with($name_start, $col);
foreach($res as $res_id => $res_val){
// find right on project
$res[$res_id]['right_id'] = tx_nG6_db::get_user_right_on_project($res_val['uid'], $project_id);
// find creator username
$cruser_infos = tx_nG6_db::get_user_informations($res[$res_id]['cruser_id']);
$res[$res_id]['cruser_username'] = $cruser_infos['username'];
}
// group search
}else{
$group_name_start = trim(t3lib_div::_GP('group_name'));
$res = tx_nG6_db::get_all_group_starting_with($group_name_start);
}
$json_res = json_encode($res);
print $json_res;
// add a new member on project
} else if ($type == 'new_user') {
$part = trim(t3lib_div::_GP('part'));
$user_name = trim(t3lib_div::_GP('username'));
$project_id = trim(t3lib_div::_GP('project_id'));
$right_id = trim(t3lib_div::_GP('right'));
$group_name = trim(t3lib_div::_GP('group'));
// if group not exists, create group
$group_id = tx_nG6_db::get_group_id($group_name);
if( !isset($group_id) ){
$cruser_id = trim(t3lib_div::_GP('creator'));
tx_nG6_db::create_new_group($cruser_id, $group_name);
$group_id = tx_nG6_db::get_group_id($group_name);
}
$c_user_id = tx_nG6_db::get_user_id_by_username($user_name);
// if user not exists in DB
if(!isset($c_user_id)){
$first_name = trim(t3lib_div::_GP('first_name'));
$last_name = trim(t3lib_div::_GP('last_name'));
$email = trim(t3lib_div::_GP('email'));
$password = trim(t3lib_div::_GP('password'));
$cruser_id = trim(t3lib_div::_GP('creator'));
tx_nG6_db::create_new_user($user_name, $first_name, $last_name, $email, $password, $cruser_id, $group_id);
// find the new user id
$new_id = tx_nG6_db::get_user_id_by_username($user_name);
// authorize new access
tx_nG6_db::add_access_to_project($new_id, $project_id, $right_id);
print '2';
// user exists in DB
}else{
// can user access to the project ?
if(tx_nG6_db::get_user_right_on_project($c_user_id, $project_id) == -1){
// authorize new access
tx_nG6_db::add_access_to_project($c_user_id, $project_id, $right_id);
print '0';
} else {
print '1'; // already access to the project
}
}
}
}
......
......@@ -52,7 +52,6 @@ class tx_nG6_db {
}
/*
* Project functions
*------------------------------------------------------------*/
......@@ -1203,7 +1202,7 @@ class tx_nG6_db {
$right = tx_nG6_db::get_user_right_on_project($user_id, $project_id);
if ($right == 0) {
$is_member = true;
}
}
return $is_member;
}
......@@ -1239,6 +1238,356 @@ class tx_nG6_db {
/**
* Get all users with rights on the project.
*
* @param int $project_id the project id
*/
function get_all_users_on_project($project_id){
$users = array();
$queryParts = Array(
'SELECT' => 'fe_users.uid, fe_users.username, fe_users.lastlogin, fe_users.first_name, '
.' fe_users.last_name, fe_users.email, fe_rights.right_id, fe_users.cruser_id ',
'FROM' => 'fe_users INNER JOIN fe_rights ON fe_users.uid=fe_rights.fe_user_id ',
'WHERE' => 'fe_rights.project_id='.$project_id,
'GROUPBY' => '',
'ORDERBY' => '',
'LIMIT' => '',
);
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_queryArray($queryParts);
$res_tab = array();
while($res_row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$user_id = $res_row['uid'];
$lastlogin = date("d-m-Y", $res_row['lastlogin']);
$cruser_infos = tx_nG6_db::get_user_informations($res_row['cruser_id']);
if (!isset ($users['user_'.$user_id])){
$users['user_'.$user_id] = array(
'id' => $user_id,
'username' => $res_row['username'],
'lastlogin' => $lastlogin,
'first_name' => $res_row['first_name'],
'last_name' => $res_row['last_name'],
'email' => $res_row['email'],
'right_id' => $res_row['right_id'],
'cruser_id' => $res_row['cruser_id'],
'cruser_name' => $cruser_infos['username']
);
}
}
return $users;
}
/**
* Delete acces from a project to a specific member
*
* @param int $user_id the user id
* @param int $project_id the project id
*/
function delete_access_to_project($user_id, $project_id){
$GLOBALS['TYPO3_DB']->exec_DELETEquery('fe_rights', 'fe_rights.fe_user_id='.$user_id.' AND fe_rights.project_id='.$project_id);
}
/**
* Change right on project for a member.
*
* @param int $user_id the user id
* @param int $project_id the project id
* @param int $right the right id (0=member, 1=manager, 2=admin)
*/
function change_access_to_project($user_id, $project_id, $right){
$GLOBALS['TYPO3_DB']->exec_UPDATEquery ('fe_rights', 'fe_rights.fe_user_id='.$user_id.' AND fe_rights.project_id='.$project_id, array('fe_rights.right_id' => $right));
}
/**
* Add a new member to the project.
*
* @param int $user_id the user id
* @param int $project_id the project id
* @param int $right the right id (0=member, 1=manager, 2=admin)
*/
function add_access_to_project($user_id, $project_id, $right_id){
$member_tab = array(
'fe_user_id' => $user_id,
'project_id' => $project_id,
'right_id' => $right_id
);
$GLOBALS['TYPO3_DB']->exec_INSERTquery ('fe_rights', $member_tab);
}
/**
* Get all usernames, firstnames and lastnames starting with a string.
*
* @param string $name_start the string part
* @param string $user_col the fe_users column to use
* @return array
*/
function get_all_names_starting_with($name_start, $user_col) {
$queryParts = Array(
'SELECT' => 'fe_users.uid, fe_users.username, fe_users.last_name, fe_users.first_name, fe_users.password, fe_users.email, fe_users.cruser_id, fe_groups.title',
'FROM' => 'fe_users INNER JOIN fe_groups ON fe_users.usergroup=fe_groups.uid',
'WHERE' => 'fe_users.'.$user_col.' LIKE "'.$name_start.'%"',
'GROUPBY' => '',
'ORDERBY' => '',
'LIMIT' => '',
);
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_queryArray($queryParts);
$res_tab = array();
while($res_row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$res_tab[] = array(
'uid' => $res_row['uid'],
'username' => $res_row['username'],
'first_name' => $res_row['first_name'],
'last_name' => $res_row['last_name'],
'password' => $res_row['password'],
'email' => $res_row['email'],
'group' => $res_row['title'],
'cruser_id' => $res_row['cruser_id']
);
}
return $res_tab;
}
/**
* Get all groupnames starting with a string.
*
* @param string $group_name_start the string part
* @return array
*/
function get_all_group_starting_with($group_name_start) {
$queryParts = Array(
'SELECT' => 'fe_groups.uid, fe_groups.title',
'FROM' => 'fe_groups',
'WHERE' => 'fe_groups.title LIKE "'.$group_name_start.'%"',
'GROUPBY' => '',
'ORDERBY' => '',
'LIMIT' => '',
);
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_queryArray($queryParts);
$res_tab = array();
while($res_row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$res_tab[] = array(
'uid' => $res_row['uid'],
'title' => $res_row['title']
);
}
return $res_tab;
}
/**
* Get user informations.
*
* @param int $user_id the user id
*/
function get_user_informations($user_id){
$queryParts = Array(
'SELECT' => 'fe_users.uid, fe_users.username, fe_users.last_name, fe_users.first_name, fe_users.password, fe_users.email, fe_users.cruser_id',
'FROM' => 'fe_users',
'WHERE' => 'fe_users.uid='.$user_id,
'GROUPBY' => '',
'ORDERBY' => '',
'LIMIT' => '',
);
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_queryArray($queryParts);
$res_tab = null;
while($res_row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$res_tab = array(
'uid' => $res_row['uid'],
'username' => $res_row['username'],
'first_name' => $res_row['first_name'],
'last_name' => $res_row['last_name'],
'password' => $res_row['password'],
'email' => $res_row['email'],
'cruser_id' => $res_row['cruser_id']
);
}
return $res_tab;
}
function get_user_id_by_username($username){
$uid = null;
$queryParts = Array(
'SELECT' => 'fe_users.uid',
'FROM' => 'fe_users',
'WHERE' => 'fe_users.username LIKE "'.$username.'" ',
'GROUPBY' => '',
'ORDERBY' => '',
'LIMIT' => '',
);
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_queryArray($queryParts);
while($res_row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$uid = $res_row['uid'];
}
return $uid;
}
/**
* Create a new user in the DB.
*
* @param array $user_datas the user array
*/
function create_new_user($user_name, $first_name, $last_name, $email, $password, $cruser_id, $group_id){
// Create new user
$user_datas = array(
'username' => $user_name,
'pid' => 8,
'first_name' => $first_name,
'last_name' => $last_name,
'email' => $email,
'password' => $password,
'cruser_id' => $cruser_id,
'usergroup' => $group_id,
'tstamp' => time(),
'crdate' => time()
);
$GLOBALS['TYPO3_DB']->exec_INSERTquery('fe_users', $user_datas);
}
/**
* Tell if the group name exists in the DB.
*
* @param string $group_name the group name
*/
function get_group_id($group_name) {
$exists = null;
$queryParts = Array(
'SELECT' => 'fe_groups.uid',
'FROM' => 'fe_groups',
'WHERE' => 'fe_groups.title="'.$group_name.'" ',
'GROUPBY' => '',
'ORDERBY' => '',
'LIMIT' => '',
);
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_queryArray($queryParts);
while($res_row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
if(isset($res_row['uid'])){
$exists = $res_row['uid'];
}
}
return $exists;
}
/**
* Found the usergroup of a user.
*
* @param int $user_id user id
* @return the user group, null error
*/
function get_user_usergroup($user_id){
$usergroup = null;
$queryParts = Array(
'SELECT' => 'fe_users.usergroup',
'FROM' => 'fe_users',
'WHERE' => 'fe_users.uid='.$user_id,
'GROUPBY' => '',
'ORDERBY' => '',
'LIMIT' => '',
);
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_queryArray($queryParts);
while($res_row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$usergroup = $res_row['usergroup'];
}
return $usergroup;
}
/**
* Number of project the user can access to
*
* @param int $user_id the user id
* @return string the count
*/
function count_number_of_project_access($user_id) {
$queryParts = array(
'SELECT' => 'COUNT(fe_rights.project_id) AS p_number ',
'FROM' => 'fe_rights',
'WHERE' => 'fe_rights.fe_user_id='.$user_id,
'GROUPBY' => '',
'ORDERBY' => '',
'LIMIT' => ''
);
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_queryArray($queryParts);
while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$number = $row['p_number'];
}
return $number;
}
/**
* Delete a user from database
*
* @param int $user_id the user id
*/
function delete_user($user_id){
$GLOBALS['TYPO3_DB']->exec_DELETEquery('fe_users', 'fe_users.uid='.$user_id);
}
/**
* Count user in a group
*
* @param int $group_id the group id
* @return string the count
*/
function count_users_in_group($group_id){
$queryParts = array(
'SELECT' => 'COUNT(fe_users.usergroup) AS g_count ',
'FROM' => 'fe_users',
'WHERE' => 'fe_users.usergroup='.$group_id,
'GROUPBY' => '',
'ORDERBY' => '',
'LIMIT' => ''
);
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_queryArray($queryParts);
while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$number = $row['g_count'];
}
return $number;
}
/**
* Delete a group from database
*
* @param int $group_id the group id
*/
function delete_group($group_id){
$GLOBALS['TYPO3_DB']->exec_DELETEquery('fe_groups', 'fe_groups.uid='.$group_id);
}
/**
* Create a new group in the DB.
*
* @param array $group_datas the group array
*/
function create_new_group($cruser_id, $group_name) {
// Create new user
$group_datas = array(
'cruser_id' => $cruser_id,
'title' => $group_name,
'hidden' => 0,
'deleted' => 0,
'description' => '',
'subgroup' => '',
'tstamp' => time(),
'crdate' => time()
);
$GLOBALS['TYPO3_DB']->exec_INSERTquery('fe_groups', $group_datas);
}
/*
* DB integrity functions
*------------------------------------------------------------*/
......
......@@ -85,6 +85,7 @@ class tx_nG6_pi1 extends tslib_pibase {
<script type="text/javascript" src="'.t3lib_extMgm::siteRelPath($this->extKey).'res/js/jquery.datePicker.min.js"></script>
<script type="text/javascript" src="'.t3lib_extMgm::siteRelPath($this->extKey).'res/js/jquery.jeditable.min.js"></script>
<script type="text/javascript" src="'.t3lib_extMgm::siteRelPath($this->extKey).'res/js/tx_nG6_table.js"></script>
<script type="text/javascript" src="typo3/md5.js"></script>
<link type="text/css" rel="stylesheet" media="screen" href="'.t3lib_extMgm::siteRelPath($this->extKey).'res/css/unitip.css"/>
<link type="text/css" rel="stylesheet" media="screen" href="'.t3lib_extMgm::siteRelPath($this->extKey).'res/css/jquery.venny.css"/>
<link type="text/css" rel="stylesheet" media="screen" href="'.t3lib_extMgm::siteRelPath($this->extKey).'res/css/jquery.dataTables.css"/>
......@@ -93,11 +94,11 @@ class tx_nG6_pi1 extends tslib_pibase {
<link type="text/css" rel="stylesheet" media="screen" href="'.t3lib_extMgm::siteRelPath($this->extKey).'res/css/jquery.ui.core.css"/>
<link type="text/css" rel="stylesheet" media="screen" href="'.t3lib_extMgm::siteRelPath($this->extKey).'res/css/jquery.ui.theme.css"/>
<link type="text/css" rel="stylesheet" media="screen" href="'.t3lib_extMgm::siteRelPath($this->extKey).'res/css/jquery.ui.dialog.css"/>
<link type="text/css" rel="stylesheet" media="screen" href="'.t3lib_extMgm::siteRelPath($this->extKey).'res/css/jquery.ui.resizable.css"/>';
<link type="text/css" rel="stylesheet" media="screen" href="'.t3lib_extMgm::siteRelPath($this->extKey).'res/css/jquery.ui.resizable.css"/>';
tx_nG6_db::check_db_rights_level();
// if asked to upgrade to version 1.3
// if asked to upgrade to version 1.2
if($this->piVars['upgrade']){
$content = tx_nG6_upgrade::upgrade($this->piVars['upgrade']);
} else {
......@@ -140,8 +141,7 @@ class tx_nG6_pi1 extends tslib_pibase {
/**
* Return the project view
*/
function pi_project_view() {
function pi_project_view() {
$projects = array();
// If a single element
if ($this->piVars['project_id']) {
......@@ -159,11 +159,14 @@ class tx_nG6_pi1 extends tslib_pibase {
// Add some information to the table
$project_ids = "";
foreach($projects as $project_id => $project_values) {
if (tx_nG6_db::is_administrator($GLOBALS['TSFE']->fe_user->user['uid'], 'project', $project_values['id']) ) {
$projects[$project_id]['superuser'] = true;
} else {
$projects[$project_id]['superuser'] = false;
// project admin ?
if (tx_nG6_db::is_project_administrator($GLOBALS['TSFE']->fe_user->user['uid'], $project_values['id']) ) {
$projects[$project_id]['is_project_admin'] = true;
}else{
$projects[$project_id]['is_project_admin'] = false;
}
$project_ids .= $project_values['id'].",";
$projects[$project_id]['href'] = $this->pi_list_linkSingle($project_values['name'],$project_values['id'],1, array('project_id'=>$project_values['id']));
}
......@@ -177,24 +180,49 @@ class tx_nG6_pi1 extends tslib_pibase {
// If it's a single project, add runs and analysis information
if (count($projects) == 1) {
$project_runs = tx_nG6_db::get_project_runs($GLOBALS['TSFE']->fe_user->user['uid'], $projects[key($projects)]['id']);
// Get all users on project
$project_users = tx_nG6_db::get_all_users_on_project($projects[key($projects)]['id']);
$smarty->assign('project_users', $project_users);
// test current user
if (tx_nG6_db::is_project_administrator($GLOBALS['TSFE']->fe_user->user['uid'], $projects[key($projects)]['id']) ) {
$smarty->assign('current_user_is_project_admin', true);
}else{
$smarty->assign('current_user_is_project_admin', false);
}
if (tx_nG6_db::is_project_manager($GLOBALS['TSFE']->fe_user->user['uid'], $projects[key($projects)]['id']) ) {
$smarty->assign('current_user_is_project_manager', true);
}else{
$smarty->assign('current_user_is_project_manager', false);
}
if (tx_nG6_db::is_project_member($GLOBALS['TSFE']->fe_user->user['uid'], $projects[key($projects)]['id']) ) {
$smarty->assign('current_user_is_project_member', true);
}else{
$smarty->assign('current_user_is_project_member', false);
}
// Add some information to the table
$project_runs = tx_nG6_db::get_project_runs($GLOBALS['TSFE']->fe_user->user['uid'], $projects[key($projects)]['id']);
foreach($project_runs as $run_id => $run_values) {
if (tx_nG6_db::is_administrator($GLOBALS['TSFE']->fe_user->user['uid'], 'run', $run_values['id']) ) {
$project_runs[$run_id]['superuser'] = true;
$project_runs[$run_id]['is_run_admin'] = true;
} else {
$project_runs[$run_id]['superuser'] = false;
$project_runs[$run_id]['is_run_admin'] = false;
}