Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-13 03:46:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
7ddd8eb34a0cde4bcf132fddf52c306a976e901c
sysPass/inc/profiles.class.php
nuxsmin ac9f4543c1 Closes #7 
Closes #15
Multiple users and groups can now be allowed to access to an account.
Upgrade process (requires maintenance mode on).
Split methods on new classes.
Bugfixes.
2014-01-18 14:18:50 +01:00

354 lines
13 KiB
PHP
Raw Blame History

<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Esta clase es la encargada de realizar las operaciones sobre los perfiles de usuarios.
*/
class SP_Profiles {
static $profileId;
static $profileName;
private static $queryLastId;
/**
* @brief Obtener los datos de un perfil
* @param int $id con el Id del perfil a consultar
* @return array con el nombre de la columna como clave y los datos como valor
*/
public static function getProfileData($id = 0) {
$profile = array('userprofile_id' => 0,
'userprofile_name' => '',
'userProfile_pView' => 0,
'userProfile_pViewPass' => 0,
'userProfile_pViewHistory' => 0,
'userProfile_pEdit' => 0,
'userProfile_pEditPass' => 0,
'userProfile_pAdd' => 0,
'userProfile_pDelete' => 0,
'userProfile_pFiles' => 0,
'userProfile_pConfig' => 0,
'userProfile_pConfigCategories' => 0,
'userProfile_pConfigMasterPass' => 0,
'userProfile_pConfigBackup' => 0,
'userProfile_pUsers' => 0,
'userProfile_pGroups' => 0,
'userProfile_pProfiles' => 0,
'userProfile_pEventlog' => 0,
'action' => 1);
if ($id > 0) {
$usersProfiles = self::getProfiles($id);
if ($usersProfiles) {
foreach ($usersProfiles[0] as $name => $value) {
if (preg_match('/^.*_p[A-Z].*$/', $name)) {
$profile[$name] = ( (int) $value === 1 ) ? "CHECKED" : "";
} else {
$profile[$name] = $value;
}
}
$profile['action'] = 2;
}
}
return $profile;
}
/**
* @brief Obtener los datos de un perfil
* @param int $profileId opcional, con el Id del perfil a consultar
* @return array con la lista de perfiles
*/
public static function getProfiles($profileId = NULL) {
if (!is_null($profileId)) {
$query = 'SELECT userprofile_id,'
. 'userprofile_name,'
. 'userProfile_pView,'
. 'userProfile_pViewPass,'
. 'userProfile_pViewHistory,'
. 'userProfile_pEdit,'
. 'userProfile_pEditPass,'
. 'userProfile_pAdd,'
. 'userProfile_pDelete,'
. 'userProfile_pFiles,'
. 'userProfile_pConfig,'
. 'userProfile_pConfigCategories,'
. 'userProfile_pConfigMasterPass,'
. 'userProfile_pConfigBackup,'
. 'userProfile_pUsers,'
. 'userProfile_pGroups,'
. 'userProfile_pProfiles,'
. 'userProfile_pEventlog '
. 'FROM usrProfiles '
. 'WHERE userprofile_id = ' . (int) $profileId . ' LIMIT 1';
} else {
$query = 'SELECT userprofile_id,'
. 'userprofile_name '
. 'FROM usrProfiles '
. 'ORDER BY userprofile_name';
}
$queryRes = DB::getResults($query, __FUNCTION__, TRUE);
if ($queryRes === FALSE) {
return FALSE;
}
return $queryRes;
}
/**
* @brief Comprobar si un perfil existe
* @return bool
*/
public static function checkProfileExist() {
$profileId = (int) strtoupper(self::$profileId);
$profileName = strtoupper(self::$profileName);
if ($profileId) {
$query = "SELECT userprofile_name "
. "FROM usrProfiles "
. "WHERE UPPER(userprofile_name) = '" . DB::escape($profileName) . "' "
. "AND userprofile_id != " . $profileId;
} else {
$query = "SELECT userprofile_name "
. "FROM usrProfiles "
. "WHERE UPPER(userprofile_name) = '" . DB::escape($profileName) . "'";
}
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
}
if (count(DB::$last_result) >= 1) {
return FALSE;
}
return TRUE;
}
/**
* @brief Añadir un nuevo perfil
* @return bool
*/
public static function addProfile($profileProp = '') {
$enableConfig = (int) ( $profileProp["pConfig"] || $profileProp["pConfigCat"] || $profileProp["pConfigMpw"] || $profileProp["pConfigBack"]);
$enableusers = (int) ( $profileProp["pUsers"] || $profileProp["pGroups"] || $profileProp["pProfiles"]);
$query = "INSERT INTO usrProfiles SET "
. "userprofile_name = '" . DB::escape(self::$profileName) . "',"
. "userProfile_pView = " . $profileProp["pAccView"] . ","
. "userProfile_pViewPass = " . $profileProp["pAccViewPass"] . ","
. "userProfile_pViewHistory = " . $profileProp["pAccViewHistory"] . ","
. "userProfile_pEdit = " . $profileProp["pAccEdit"] . ","
. "userProfile_pEditPass = " . $profileProp["pAccEditPass"] . ","
. "userProfile_pAdd = " . $profileProp["pAccAdd"] . ","
. "userProfile_pDelete = " . $profileProp["pAccDel"] . ","
. "userProfile_pFiles = " . $profileProp["pAccFiles"] . ","
. "userProfile_pConfigMenu = " . $enableConfig . ","
. "userProfile_pConfig = " . $profileProp["pConfig"] . ","
. "userProfile_pConfigCategories = " . $profileProp["pConfigCat"] . ","
. "userProfile_pConfigMasterPass = " . $profileProp["pConfigMpw"] . ","
. "userProfile_pConfigBackup = " . $profileProp["pConfigBack"] . ","
. "userProfile_pUsersMenu = " . $enableusers . ","
. "userProfile_pUsers = " . $profileProp["pUsers"] . ","
. "userProfile_pGroups = " . $profileProp["pGroups"] . ","
. "userProfile_pProfiles = " . $profileProp["pProfiles"] . ","
. "userProfile_pEventlog = " . $profileProp["pEventlog"];
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
}
self::$queryLastId = DB::$lastId;
return TRUE;
}
/**
* @brief Modificar un perfil
* @return bool
*/
public static function updateProfile($profileProp = '') {
$enableConfig = (int) ( $profileProp["pConfig"] || $profileProp["pConfigCat"] || $profileProp["pConfigMpw"] || $profileProp["pConfigBack"]);
$enableusers = (int) ( $profileProp["pUsers"] || $profileProp["pGroups"] || $profileProp["pProfiles"]);
$query = "UPDATE usrProfiles SET "
. "userprofile_name = '" . DB::escape(self::$profileName) . "',"
. "userProfile_pView = " . $profileProp["pAccView"] . ","
. "userProfile_pViewPass = " . $profileProp["pAccViewPass"] . ","
. "userProfile_pViewHistory = " . $profileProp["pAccViewHistory"] . ","
. "userProfile_pEdit = " . $profileProp["pAccEdit"] . ","
. "userProfile_pEditPass = " . $profileProp["pAccEditPass"] . ","
. "userProfile_pAdd = " . $profileProp["pAccAdd"] . ","
. "userProfile_pDelete = " . $profileProp["pAccDel"] . ","
. "userProfile_pFiles = " . $profileProp["pAccFiles"] . ","
. "userProfile_pConfigMenu = " . $enableConfig . ","
. "userProfile_pConfig = " . $profileProp["pConfig"] . ","
. "userProfile_pConfigCategories = " . $profileProp["pConfigCat"] . ","
. "userProfile_pConfigMasterPass = " . $profileProp["pConfigMpw"] . ","
. "userProfile_pConfigBackup = " . $profileProp["pConfigBack"] . ","
. "userProfile_pUsersMenu = " . $enableusers . ","
. "userProfile_pUsers = " . $profileProp["pUsers"] . ","
. "userProfile_pGroups = " . $profileProp["pGroups"] . ","
. "userProfile_pProfiles = " . $profileProp["pProfiles"] . ","
. "userProfile_pEventlog = " . $profileProp["pEventlog"] . " "
. "WHERE userprofile_id = " . (int) self::$profileId . " LIMIT 1";
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
}
self::$queryLastId = DB::$lastId;
return TRUE;
}
/**
* @brief Eliminar un perfil
* @return bool
*/
public static function deleteProfile() {
$query = "DELETE FROM usrProfiles "
. "WHERE userprofile_id = " . (int) self::$profileId . " LIMIT 1";
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
}
self::$queryLastId = DB::$lastId;
return TRUE;
}
/**
* @brief Comprobar si un perfil está en uso
* @return mixed string con el número de usuarios, o bool si no está en uso
*/
public static function checkProfileInUse() {
$numUsers = self::getProfileInUsers();
$out = '';
if ($numUsers) {
$out[] = _('Usuarios') . " (" . $numUsers . ")";
}
if (is_array($out)) {
return implode('<br>', $out);
}
return TRUE;
}
/**
* @brief Obtener el número de usuarios que usan un perfil
* @return int con el número total de cuentas
*/
private static function getProfileInUsers() {
$query = "SELECT COUNT(*) as uses "
. "FROM usrData "
. "WHERE user_profileId = " . (int) self::$profileId;
$queryRes = DB::getResults($query, __FUNCTION__);
if ($queryRes === FALSE) {
return FALSE;
}
return $queryRes->uses;
}
/**
* @brief Obtener el nombre de un perfil por a partir del Id
* @return string con el nombre del perfil
*/
public static function getProfileNameById($id) {
$query = "SELECT userprofile_name "
. "FROM usrProfiles "
. "WHERE userprofile_id = " . (int)$id . " LIMIT 1";
$queryRes = DB::getResults($query, __FUNCTION__);
if ($queryRes === FALSE) {
return FALSE;
}
return $queryRes->userprofile_name;
}
/**
* @brief Obtener el perfil de un usuario
* @param int $userId opcional con el Id del usuario
* @return object con los permisos del perfil del usuario
*
* Si el usuario no es indicado, se obtiene el perfil del suuario de la sesión actual
*/
public static function getProfileForUser($userId = 0) {
$userId = SP_Common::parseParams('s', 'uid', 0);
if ( ! $userId ){
return FALSE;
}
$query = "SELECT user_profileId,"
. "userProfile_pView,"
. "userProfile_pViewPass,"
. "userProfile_pViewHistory,"
. "userProfile_pEdit,"
. "userProfile_pEditPass,"
. "userProfile_pAdd,"
. "userProfile_pDelete,"
. "userProfile_pFiles,"
. "userProfile_pConfigMenu,"
. "userProfile_pConfig,"
. "userProfile_pConfigCategories,"
. "userProfile_pConfigMasterPass,"
. "userProfile_pConfigBackup,"
. "userProfile_pUsersMenu,"
. "userProfile_pUsers,"
. "userProfile_pGroups,"
. "userProfile_pProfiles,"
. "userProfile_pEventlog "
. "FROM usrData "
. "JOIN usrProfiles ON userProfile_Id = user_profileId "
. "WHERE user_id = " . $userId . " LIMIT 1";
$queryRes = DB::getResults($query, __FUNCTION__);
if ($queryRes === FALSE) {
return FALSE;
}
return $queryRes;
}
}
Reference in New Issue View Git Blame Copy Permalink