Congegni/sintonia
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Pulled out SQL statements into separate lines to allow for easier debugability, fixed up the documentation, prettied up the code to Campware coding conventions.

Browse source
This commit is contained in:
paul 2006-09-01 09:29:52 +00:00
parent 8b40272996
commit 2571cb9fef
1 changed files with 286 additions and 199 deletions
Download patch file Download diff file Expand all files Collapse all files

485
livesupport/src/modules/alib/var/alib.php
View file

@ -2,26 +2,26 @@
/*------------------------------------------------------------------------------ /*------------------------------------------------------------------------------
Copyright (c) 2004 Media Development Loan Fund Copyright (c) 2004 Media Development Loan Fund
This file is part of the LiveSupport project. This file is part of the LiveSupport project.
http://livesupport.campware.org/ http://livesupport.campware.org/
To report bugs, send an e-mail to bugs@campware.org To report bugs, send an e-mail to bugs@campware.org
LiveSupport is free software; you can redistribute it and/or modify LiveSupport is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. (at your option) any later version.
LiveSupport is distributed in the hope that it will be useful, LiveSupport is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with LiveSupport; if not, write to the Free Software along with LiveSupport; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Author : $Author$ Author : $Author$
Version : $Revision$ Version : $Revision$
Location : $URL$ Location : $URL$
@ -50,95 +50,106 @@ class Alib extends Subjects{
var $login=NULL; var $login=NULL;
var $userid=NULL; var $userid=NULL;
var $sessid=NULL; var $sessid=NULL;
/** /**
* Constructor * Constructor
* *
* @param dbc object, DB * @param object $dbc DB
* @param config array * @param array $config
* @return this
*/ */
function Alib(&$dbc, $config) function Alib(&$dbc, $config)
{ {
parent::Subjects($dbc, $config); parent::Subjects($dbc, $config);
$this->permTable = $config['tblNamePrefix'].'perms'; $this->permTable = $config['tblNamePrefix'].'perms';
$this->sessTable = $config['tblNamePrefix'].'sess'; $this->sessTable = $config['tblNamePrefix'].'sess';
} } // constructor
/* ======================================================= public methods */ /* ======================================================= public methods */
/* ----------------------------------------------- session/authentication */ /* ----------------------------------------------- session/authentication */
/** /**
* Authenticate and create session * Authenticate and create session
* *
* @param login string * @param string $login
* @param pass string * @param string $pass
* @return boolean/sessionId/err * @return boolean/sessionId/err
*/ */
function login($login, $pass) function login($login, $pass)
{ {
if(FALSE === $this->authenticate($login, $pass)){ if (FALSE === $this->authenticate($login, $pass)) {
$this->setTimeStamp($login, TRUE); $this->setTimeStamp($login, TRUE);
return FALSE; return FALSE;
} }
$sessid = $this->_createSessid(); $sessid = $this->_createSessid();
if(PEAR::isError($sessid)) return $sessid; if (PEAR::isError($sessid)) {
return $sessid;
}
$userid = $this->getSubjId($login); $userid = $this->getSubjId($login);
$r = $this->dbc->query("INSERT INTO {$this->sessTable} $sql = "INSERT INTO {$this->sessTable} (sessid, userid, login, ts)
(sessid, userid, login, ts) VALUES('$sessid', '$userid', '$login', now())";
VALUES $r = $this->dbc->query($sql);
('$sessid', '$userid', '$login', now())"); if (PEAR::isError($r)) {
if(PEAR::isError($r)) return $r; return $r;
}
$this->login = $login; $this->login = $login;
$this->userid = $userid; $this->userid = $userid;
$this->sessid = $sessid; $this->sessid = $sessid;
$this->setTimeStamp($login, FALSE); $this->setTimeStamp($login, FALSE);
return $sessid; return $sessid;
} } // fn login
/** /**
* Logout and destroy session * Logout and destroy session
* *
* @param sessid string * @param string $sessid
* @return true/err * @return true/err
*/ */
function logout($sessid) function logout($sessid)
{ {
$ct = $this->checkAuthToken($sessid); $ct = $this->checkAuthToken($sessid);
if($ct === FALSE) if($ct === FALSE) {
return PEAR::raiseError('Alib::logout: not logged ($ct)', return PEAR::raiseError('Alib::logout: not logged ($ct)',
ALIBERR_NOTLOGGED, PEAR_ERROR_RETURN); ALIBERR_NOTLOGGED, PEAR_ERROR_RETURN);
elseif(PEAR::isError($ct)) } elseif (PEAR::isError($ct)) {
return $ct; return $ct;
else{ } else {
$r = $this->dbc->query("DELETE FROM {$this->sessTable} $sql = "DELETE FROM {$this->sessTable}
WHERE sessid='$sessid'"); WHERE sessid='$sessid'";
if(PEAR::isError($r)) return $r; $r = $this->dbc->query($sql);
if (PEAR::isError($r)) {
return $r;
}
$this->login = NULL; $this->login = NULL;
$this->userid = NULL; $this->userid = NULL;
$this->sessid = NULL; $this->sessid = NULL;
return TRUE; return TRUE;
} }
} } // fn logout
/** /**
* Return true if the token is valid * Return true if the token is valid
* *
* @param sessid string * @param string $sessid
* @return boolean/err * @return boolean/err
*/ */
function checkAuthToken($sessid) function checkAuthToken($sessid)
{ {
$c = $this->dbc->getOne("SELECT count(*) as cnt FROM {$this->sessTable} $sql = "SELECT count(*) as cnt FROM {$this->sessTable}
WHERE sessid='$sessid'"); WHERE sessid='$sessid'";
$c = $this->dbc->getOne($sql);
return ($c == 1 ? TRUE : (PEAR::isError($c) ? $c : FALSE )); return ($c == 1 ? TRUE : (PEAR::isError($c) ? $c : FALSE ));
} } //fn checkAuthToken
/** /**
* Set valid token in alib object * Set valid token in alib object
* *
* @param sessid string * @param string $sessid
* @return boolean/err * @return boolean/err
*/ */
function setAuthToken($sessid) function setAuthToken($sessid)
{ {
@ -148,89 +159,111 @@ class Alib extends Subjects{
return PEAR::raiseError("ALib::setAuthToken: invalid token ($sessid)"); return PEAR::raiseError("ALib::setAuthToken: invalid token ($sessid)");
$this->sessid = $sessid; $this->sessid = $sessid;
return TRUE; return TRUE;
} } // fn setAuthToken
/* -------------------------------------------------------- authorization */ /* -------------------------------------------------------- authorization */
/** /**
* Insert permission record * Insert permission record
* *
* @param sid int - local user/group id * @param int $sid - local user/group id
* @param action string * @param string $action
* @param oid int - local object id * @param int $oid - local object id
* @param type char - 'A'|'D' (allow/deny) * @param string $type - 'A'|'D' (allow/deny)
* @return int - local permission id * @return int - local permission id
*/ */
function addPerm($sid, $action, $oid, $type='A') function addPerm($sid, $action, $oid, $type='A')
{ {
$permid = $this->dbc->nextId("{$this->permTable}_id_seq"); $permid = $this->dbc->nextId("{$this->permTable}_id_seq");
$r = $this->dbc->query($q = " $sql = "INSERT INTO {$this->permTable} (permid, subj, action, obj, type)
INSERT INTO {$this->permTable} (permid, subj, action, obj, type) VALUES ($permid, $sid, '$action', $oid, '$type')";
VALUES ($permid, $sid, '$action', $oid, '$type') $r = $this->dbc->query($sql);
"); if (PEAR::isError($r)) {
if(PEAR::isError($r)) return($r); return($r);
}
return $permid; return $permid;
} } // fn addPerm
/** /**
* Remove permission record * Remove permission record
* *
* @param permid int OPT - local permission id * @param int $permid OPT - local permission id
* @param subj int OPT - local user/group id * @param int $subj OPT - local user/group id
* @param obj int OPT - local object id * @param int $obj OPT - local object id
* @return boolean/error * @return boolean/error
*/ */
function removePerm($permid=NULL, $subj=NULL, $obj=NULL) function removePerm($permid=NULL, $subj=NULL, $obj=NULL)
{ {
$ca = array(); $ca = array();
if($permid) $ca[] = "permid=$permid"; if ($permid) {
if($subj) $ca[] = "subj=$subj"; $ca[] = "permid=$permid";
if($obj) $ca[] = "obj=$obj"; }
if ($subj) {
$ca[] = "subj=$subj";
}
if ($obj) {
$ca[] = "obj=$obj";
}
$cond = join(" AND ", $ca); $cond = join(" AND ", $ca);
if(!$cond) return TRUE; if (!$cond) {
return $this->dbc->query("DELETE FROM {$this->permTable} WHERE $cond"); return TRUE;
} }
$sql = "DELETE FROM {$this->permTable} WHERE $cond";
return $this->dbc->query($sql);
} // fn removePerm
/** /**
* Return object related with permission record * Return object related with permission record
* *
* @param permid int - local permission id * @param int $permid - local permission id
* @return int - local object id * @return int - local object id
*/ */
function _getPermOid($permid) function _getPermOid($permid)
{ {
$res = $this->dbc->getOne( $sql = "SELECT obj FROM {$this->permTable} WHERE permid=$permid";
"SELECT obj FROM {$this->permTable} WHERE permid=$permid"); $res = $this->dbc->getOne($sql);
return $res; return $res;
} } // fn _getPermOid
/** /**
* Check if specified subject have permission to specified action * Check if specified subject have permission to specified action
* on specified object * on specified object
* *
* Look for sequence of correnponding permissions and order it by * Look for sequence of correnponding permissions and order it by
* relevence, then test the most relevant for result. * relevence, then test the most relevant for result.
* High relevence have direct permission (directly for specified subject * High relevence have direct permission (directly for specified subject
* and object. Relevance order is done by level distance in the object * and object. Relevance order is done by level distance in the object
* tree, level distance in subjects (user/group system). * tree, level distance in subjects (user/group system).
* Similar way is used for permissions related to object classes. * Similar way is used for permissions related to object classes.
* But class-related permissions have lower priority then * But class-related permissions have lower priority then
* object-tree-related. * object-tree-related.
* Support for object classes can be disabled by USE_ALIB_CLASSES const. * Support for object classes can be disabled by USE_ALIB_CLASSES const.
* *
* @param sid int, subject id (user or group id) * @param int $sid, subject id (user or group id)
* @param action string, from set defined in config * @param string $action, from set defined in config
* @param oid int, object id, optional (default: root node) * @param int $oid, object id, optional (default: root node)
* @return boolean/err * @return boolean/err
*/ */
function checkPerm($sid, $action, $oid=NULL) function checkPerm($sid, $action, $oid=NULL)
{ {
if(!is_numeric($sid)) return FALSE; if (!is_numeric($sid)) {
if(is_null($oid) or $oid=='') $oid = $this->getRootNode(); return FALSE;
if(PEAR::isError($oid)) return $oid; }
if(!is_numeric($oid)) return FALSE; if (is_null($oid) or $oid=='') {
$oid = $this->getRootNode();
}
if (PEAR::isError($oid)) {
return $oid;
}
if (!is_numeric($oid)) {
return FALSE;
}
// query construction // query construction
// shortcuts: // shortcuts:
// p: permTable, // p: permTable,
// s: subjTable, m smembTable, // s: subjTable, m smembTable,
// t: treeTable ts: structTable, // t: treeTable ts: structTable,
// c: classTable, cm: cmembTable // c: classTable, cm: cmembTable
@ -260,15 +293,19 @@ class Alib extends Subjects{
// query by tree: // query by tree:
$query1 = "SELECT $q_flds FROM $q_from $q_join WHERE $q_cond $q_ordb"; $query1 = "SELECT $q_flds FROM $q_from $q_join WHERE $q_cond $q_ordb";
$r1 = $this->dbc->getAll($query1); $r1 = $this->dbc->getAll($query1);
if(PEAR::isError($r1)) return($r1); if (PEAR::isError($r1)) {
return($r1);
}
// if there is row with type='A' on the top => permit // if there is row with type='A' on the top => permit
$AllowedByTree = $AllowedByTree =
(is_array($r1) && count($r1)>0 && $r1[0]['type']=='A'); (is_array($r1) && count($r1)>0 && $r1[0]['type']=='A');
$DeniedByTree = $DeniedByTree =
(is_array($r1) && count($r1)>0 && $r1[0]['type']=='D'); (is_array($r1) && count($r1)>0 && $r1[0]['type']=='D');
if(!USE_ALIB_CLASSES) return $AllowedbyTree; if (!USE_ALIB_CLASSES) {
return $AllowedbyTree;
}
// joins for solving object classes: // joins for solving object classes:
$q_flds = $q_flds0.", c.cname "; $q_flds = $q_flds0.", c.cname ";
$q_join = $q_join0."LEFT JOIN {$this->classTable} c ON c.id=p.obj "; $q_join = $q_join0."LEFT JOIN {$this->classTable} c ON c.id=p.obj ";
@ -278,7 +315,9 @@ class Alib extends Subjects{
// query by class: // query by class:
$query2 = "SELECT $q_flds FROM $q_from $q_join WHERE $q_cond $q_ordb"; $query2 = "SELECT $q_flds FROM $q_from $q_join WHERE $q_cond $q_ordb";
$r2 = $this->dbc->getAll($query2); $r2 = $this->dbc->getAll($query2);
if(PEAR::isError($r2)) return($r2); if (PEAR::isError($r2)) {
return($r2);
}
$AllowedByClass = $AllowedByClass =
(is_array($r2) && count($r2)>0 && $r2[0]['type']=='A'); (is_array($r2) && count($r2)>0 && $r2[0]['type']=='A');
// not used now: // not used now:
@ -287,169 +326,198 @@ class Alib extends Subjects{
$res = ($AllowedByTree || (!$DeniedByTree && $AllowedByClass)); $res = ($AllowedByTree || (!$DeniedByTree && $AllowedByClass));
# echo"<pre>\nsid=$sid, action=$action, oid=$oid\n"; var_dump($r1); echo"\n---\n$query1\n---\n\n"; var_dump($r2); echo"\n---\n$query2\n---\n\n"; exit; # echo"<pre>\nsid=$sid, action=$action, oid=$oid\n"; var_dump($r1); echo"\n---\n$query1\n---\n\n"; var_dump($r2); echo"\n---\n$query2\n---\n\n"; exit;
return $res; return $res;
} } // fn checkPerm
/* ---------------------------------------------------------- object tree */ /* ---------------------------------------------------------- object tree */
/** /**
* Remove all permissions on object and then remove object itself * Remove all permissions on object and then remove object itself
* *
* @param id int * @param int $id
* @return void/error * @return void/error
*/ */
function removeObj($id) function removeObj($id)
{ {
$r = $this->removePerm(NULL, NULL, $id); $r = $this->removePerm(NULL, NULL, $id);
if(PEAR::isError($r)) return $r; if (PEAR::isError($r)) {
return $r;
}
return parent::removeObj($id); return parent::removeObj($id);
} } // fn removeObj
/* --------------------------------------------------------- users/groups */ /* --------------------------------------------------------- users/groups */
/** /**
* Remove all permissions of subject and then remove subject itself * Remove all permissions of subject and then remove subject itself
* *
* @param login string * @param string $login
* @return void/error * @return void/error
*/ */
function removeSubj($login) function removeSubj($login)
{ {
$uid = $this->getSubjId($login); if(PEAR::isError($uid)) return $uid; $uid = $this->getSubjId($login);
if(is_null($uid)){ if (PEAR::isError($uid)) {
return $uid;
}
if (is_null($uid)){
return $this->dbc->raiseError("Alib::removeSubj: Subj not found ($login)", return $this->dbc->raiseError("Alib::removeSubj: Subj not found ($login)",
ALIBERR_NOTEXISTS, PEAR_ERROR_RETURN); ALIBERR_NOTEXISTS, PEAR_ERROR_RETURN);
} }
$r = $this->removePerm(NULL, $uid); if(PEAR::isError($r)) return $r; $r = $this->removePerm(NULL, $uid);
if (PEAR::isError($r)) {
return $r;
}
return parent::removeSubj($login, $uid); return parent::removeSubj($login, $uid);
} } // fn removeSubj
/* ------------------------------------------------------------- sessions */ /* ------------------------------------------------------------- sessions */
/** /**
* Get login from session id (token) * Get login from session id (token)
* *
* @param sessid string * @param string $sessid
* @return string/error * @return string/error
*/ */
function getSessLogin($sessid) function getSessLogin($sessid)
{ {
$r = $this->dbc->getOne(" $sql = "SELECT login FROM {$this->sessTable} WHERE sessid='$sessid'";
SELECT login FROM {$this->sessTable} WHERE sessid='$sessid'"); $r = $this->dbc->getOne($sql);
if(PEAR::isError($r)) return $r; if (PEAR::isError($r)) {
if(is_null($r)){ return $r;
}
if (is_null($r)){
return PEAR::raiseError("Alib::getSessLogin:". return PEAR::raiseError("Alib::getSessLogin:".
" invalid session id ($sessid)", " invalid session id ($sessid)",
ALIBERR_NOTEXISTS, PEAR_ERROR_RETURN); ALIBERR_NOTEXISTS, PEAR_ERROR_RETURN);
} }
return $r; return $r;
} } // fn getSessLogin
/** /**
* Get user id from session id * Get user id from session id.
* *
* @param sessid string * @param string $sessid
* @return int/error * @return int/error
*/ */
function getSessUserId($sessid) function getSessUserId($sessid)
{ {
$r = $this->dbc->getOne(" $sql = "SELECT userid FROM {$this->sessTable} WHERE sessid='$sessid'";
SELECT userid FROM {$this->sessTable} WHERE sessid='$sessid'"); $r = $this->dbc->getOne($sql);
if(PEAR::isError($r)) return $r; if (PEAR::isError($r)) {
if(is_null($r)){ return $r;
}
if (is_null($r)){
return PEAR::raiseError("Alib::getSessUserId:". return PEAR::raiseError("Alib::getSessUserId:".
" invalid session id ($sessid)", " invalid session id ($sessid)",
ALIBERR_NOTEXISTS, PEAR_ERROR_RETURN); ALIBERR_NOTEXISTS, PEAR_ERROR_RETURN);
} }
return $r; return $r;
} } // fn getSessUserId
/* --------------------------------------------------------- info methods */ /* --------------------------------------------------------- info methods */
/** /**
* Get all permissions on object * Get all permissions on object.
* *
* @param id int * @param int $id
* @return array/null/err * @return array/null/err
*/ */
function getObjPerms($id) function getObjPerms($id)
{ {
return $this->dbc->getAll(" $sql = "SELECT s.login, p.* FROM {$this->permTable} p, {$this->subjTable} s
SELECT s.login, p.* FROM {$this->permTable} p, {$this->subjTable} s WHERE s.id=p.subj AND p.obj=$id";
WHERE s.id=p.subj AND p.obj=$id"); return $this->dbc->getAll($sql);
} } // fn getObjPerms
/** /**
* Get all permissions of subject * Get all permissions of subject.
* *
* @param sid int * @param int $sid
* @return array * @return array
*/ */
function getSubjPerms($sid) function getSubjPerms($sid)
{ {
$a1 = $this->dbc->getAll(" $sql = "
SELECT t.name, t.type as otype , p.* SELECT t.name, t.type as otype , p.*
FROM {$this->permTable} p, {$this->treeTable} t FROM {$this->permTable} p, {$this->treeTable} t
WHERE t.id=p.obj AND p.subj=$sid"); WHERE t.id=p.obj AND p.subj=$sid";
if(PEAR::isError($a1)) return $a1; $a1 = $this->dbc->getAll($sql);
$a2 = $this->dbc->getAll(" if (PEAR::isError($a1)) {
return $a1;
}
$sql2 = "
SELECT c.cname as name, 'C'as otype, p.* SELECT c.cname as name, 'C'as otype, p.*
FROM {$this->permTable} p, {$this->classTable} c FROM {$this->permTable} p, {$this->classTable} c
WHERE c.id=p.obj AND p.subj=$sid"); WHERE c.id=p.obj AND p.subj=$sid";
if(PEAR::isError($a2)) return $a2; $a2 = $this->dbc->getAll($sql2);
if (PEAR::isError($a2)) {
return $a2;
}
return array_merge($a1, $a2); return array_merge($a1, $a2);
} } // fn getSubjPerms
/* ------------------------ info methods related to application structure */ /* ------------------------ info methods related to application structure */
/* (this part should be added/rewritten to allow defining/modifying/using /* (this part should be added/rewritten to allow defining/modifying/using
* application structure) * application structure)
* (only very simple structure definition - in $config - supported now) * (only very simple structure definition - in $config - supported now)
*/ */
/** /**
* Get all actions * Get all actions
* *
* @return array * @return array
*/ */
function getAllActions() function getAllActions()
{ {
return $this->config['allActions']; return $this->config['allActions'];
} } // fn getAllActions
/** /**
* Get all allowed actions on specified object type * Get all allowed actions on specified object type.
* *
* @param type string * @param string $type
* @return array * @return array
*/ */
function getAllowedActions($type) function getAllowedActions($type)
{ {
return $this->config['allowedActions'][$type]; return $this->config['allowedActions'][$type];
} } // fn getAllowedActions
/* ====================================================== private methods */ /* ====================================================== private methods */
/** /**
* Create new session id * Create new session id. Return the new session ID.
* *
* @return string sessid * @return string
*/ */
function _createSessid() function _createSessid()
{ {
for($c=1; $c>0;){ for ($c=1; $c>0;){
$sessid = md5(uniqid(rand())); $sessid = md5(uniqid(rand()));
$c = $this->dbc->getOne("SELECT count(*) FROM {$this->sessTable} $sql = "SELECT count(*) FROM {$this->sessTable}
WHERE sessid='$sessid'"); WHERE sessid='$sessid'";
if(PEAR::isError($c)) return $c; $c = $this->dbc->getOne($sql);
if (PEAR::isError($c)) {
return $c;
}
} }
return $sessid; return $sessid;
} } // fn _createSessid
/* =============================================== test and debug methods */ /* =============================================== test and debug methods */
/** /**
* Dump all permissions for debug * Dump all permissions for debug
* *
* @param indstr string // indentation string * @param string $indstr // indentation string
* @param ind string // aktual indentation * @param string $ind // actual indentation
* @return string * @return string
*/ */
function dumpPerms($indstr=' ', $ind='') function dumpPerms($indstr=' ', $ind='')
{ {
@ -459,30 +527,35 @@ class Alib extends Subjects{
WHERE s.id=p.subj WHERE s.id=p.subj
ORDER BY p.permid ORDER BY p.permid
"); ");
if(PEAR::isError($arr)) return $arr; if (PEAR::isError($arr)) {
return $arr;
}
$r = $ind.join(', ', array_map(create_function('$v', $r = $ind.join(', ', array_map(create_function('$v',
'return "{$v[\'login\']}/{$v[\'action\']}/{$v[\'type\']}";' 'return "{$v[\'login\']}/{$v[\'action\']}/{$v[\'type\']}";'
), ),
$arr $arr
))."\n"; ))."\n";
return $r; return $r;
} } // fn dumpPerms
/** /**
* deleteData * Delete everything form the permission table and session table.
* *
* @return void * @return void
*/ */
function deleteData() function deleteData()
{ {
$this->dbc->query("DELETE FROM {$this->permTable}"); $this->dbc->query("DELETE FROM {$this->permTable}");
$this->dbc->query("DELETE FROM {$this->sessTable}"); $this->dbc->query("DELETE FROM {$this->sessTable}");
parent::deleteData(); parent::deleteData();
} } // fn deleteData
/** /**
* Insert test permissions * Insert test permissions
* *
* @return array * @return array
*/ */
function testData() function testData()
{ {
@ -503,38 +576,47 @@ class Alib extends Subjects{
array($s['gr2'], 'addChilds', $t['i2'], 'A'), array($s['gr2'], 'addChilds', $t['i2'], 'A'),
array($s['test3'], '_all', $t['t1'], 'D'), array($s['test3'], '_all', $t['t1'], 'D'),
); );
if(USE_ALIB_CLASSES){ if (USE_ALIB_CLASSES){
$perms[] = array($s['test3'], 'read', $c['cl_sa'], 'D'); $perms[] = array($s['test3'], 'read', $c['cl_sa'], 'D');
$perms[] = array($s['test4'], 'editPerms', $c['cl2'], 'A'); $perms[] = array($s['test4'], 'editPerms', $c['cl2'], 'A');
} }
foreach($perms as $p){ foreach ($perms as $p){
$o[] = $r = $this->addPerm($p[0], $p[1], $p[2], $p[3]); $o[] = $r = $this->addPerm($p[0], $p[1], $p[2], $p[3]);
if(PEAR::isError($r)) return $r; if (PEAR::isError($r)) {
return $r;
}
} }
$this->tdata['perms'] = $o; $this->tdata['perms'] = $o;
} } // fn testData
/** /**
* Make basic test * Make basic test
* *
* @return boolean/error * @return boolean/error
*/ */
function test() function test()
{ {
if(PEAR::isError($p = parent::test())) return $p; if (PEAR::isError($p = parent::test())) {
return $p;
}
$this->deleteData(); $this->deleteData();
$r = $this->testData(); $r = $this->testData();
if(PEAR::isError($r)) return $r; if (PEAR::isError($r)) {
return $r;
}
$this->test_correct = "root/_all/A, test1/_all/A, test1/read/D,". $this->test_correct = "root/_all/A, test1/_all/A, test1/read/D,".
" test2/addChilds/D, test2/read/A, test2/edit/A,". " test2/addChilds/D, test2/read/A, test2/edit/A,".
" test1/addChilds/D, test1/addChilds/D, gr2/addChilds/A,". " test1/addChilds/D, test1/addChilds/D, gr2/addChilds/A,".
" test3/_all/D"; " test3/_all/D";
if(USE_ALIB_CLASSES){ if (USE_ALIB_CLASSES){
$this->test_correct .= ", test3/read/D, test4/editPerms/A"; $this->test_correct .= ", test3/read/D, test4/editPerms/A";
} }
$this->test_correct .= "\nno, yes\n"; $this->test_correct .= "\nno, yes\n";
$r = $this->dumpPerms(); $r = $this->dumpPerms();
if(PEAR::isError($r)) return $r; if (PEAR::isError($r)) {
return $r;
}
$this->test_dump = $r. $this->test_dump = $r.
($this->checkPerm( ($this->checkPerm(
$this->tdata['subjects']['test1'], 'read', $this->tdata['subjects']['test1'], 'read',
@ -551,23 +633,26 @@ class Alib extends Subjects{
" test2/read/A, test2/edit/A,". " test2/read/A, test2/edit/A,".
" test1/addChilds/D, test1/addChilds/D, gr2/addChilds/A,". " test1/addChilds/D, test1/addChilds/D, gr2/addChilds/A,".
" test3/_all/D"; " test3/_all/D";
if(USE_ALIB_CLASSES){ if (USE_ALIB_CLASSES){
$this->test_correct .= ", test3/read/D, test4/editPerms/A"; $this->test_correct .= ", test3/read/D, test4/editPerms/A";
} }
$this->test_correct .= "\n"; $this->test_correct .= "\n";
$this->test_dump .= $this->dumpPerms(); $this->test_dump .= $this->dumpPerms();
$this->deleteData(); $this->deleteData();
if($this->test_dump==$this->test_correct) if ($this->test_dump==$this->test_correct) {
{ $this->test_log.="alib: OK\n"; return TRUE; $this->test_log.="alib: OK\n"; return TRUE;
}else return PEAR::raiseError('Alib::test', 1, PEAR_ERROR_DIE, '%s'. } else {
return PEAR::raiseError('Alib::test', 1, PEAR_ERROR_DIE, '%s'.
"<pre>\ncorrect:\n{$this->test_correct}\n". "<pre>\ncorrect:\n{$this->test_correct}\n".
"dump:\n{$this->test_dump}\n</pre>\n"); "dump:\n{$this->test_dump}\n</pre>\n");
} }
} // fn test
/** /**
* Create tables + initialize * Create tables + initialize
* *
* @return void * @return void
*/ */
function install() function install()
{ {
@ -599,7 +684,8 @@ class Alib extends Subjects{
ON {$this->sessTable} (userid)"); ON {$this->sessTable} (userid)");
$this->dbc->query("CREATE INDEX {$this->sessTable}_login_idx $this->dbc->query("CREATE INDEX {$this->sessTable}_login_idx
ON {$this->sessTable} (login)"); ON {$this->sessTable} (login)");
} } // fn install
/** /**
* Drop tables etc. * Drop tables etc.
@ -612,6 +698,7 @@ class Alib extends Subjects{
$this->dbc->dropSequence("{$this->permTable}_id_seq"); $this->dbc->dropSequence("{$this->permTable}_id_seq");
$this->dbc->query("DROP TABLE {$this->sessTable}"); $this->dbc->query("DROP TABLE {$this->sessTable}");
parent::uninstall(); parent::uninstall();
} } // fn uninstall
}
?> } // class Alib
?>