mirror of
https://github.com/nuxsmin/sysPass.git
synced 2026-03-02 22:54:08 +01:00
398 lines
10 KiB
PHP
398 lines
10 KiB
PHP
<?php
|
|
/**
|
|
* sysPass
|
|
*
|
|
* @author nuxsmin
|
|
* @link http://syspass.org
|
|
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
|
|
*
|
|
* This file is part of sysPass.
|
|
*
|
|
* sysPass is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* sysPass is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
|
|
*
|
|
*/
|
|
|
|
namespace SP;
|
|
|
|
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
|
|
|
|
/**
|
|
* Class AccountSearch para la gestión de búsquedas de cuentas
|
|
*/
|
|
class AccountSearch
|
|
{
|
|
/**
|
|
* Constantes de ordenación
|
|
*/
|
|
const SORT_NAME = 1;
|
|
const SORT_CATEGORY = 2;
|
|
const SORT_LOGIN = 3;
|
|
const SORT_URL = 4;
|
|
const SORT_CUSTOMER = 5;
|
|
|
|
/**
|
|
* @var int El número de registros de la última consulta
|
|
*/
|
|
public static $queryNumRows;
|
|
|
|
/**
|
|
* @var bool
|
|
*/
|
|
private $_globalSearch = false;
|
|
/**
|
|
* @var string
|
|
*/
|
|
private $_txtSearch = '';
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $_customerId = 0;
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $_categoryId = 0;
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $_sortOrder = 0;
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $_sortKey = 0;
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $_limitStart = 0;
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $_limitCount = 12;
|
|
|
|
/**
|
|
* Constructor
|
|
*/
|
|
function __construct()
|
|
{
|
|
$this->setLimitCount(Config::getValue('account_count'));
|
|
}
|
|
|
|
/**
|
|
* @return int
|
|
*/
|
|
public function getGlobalSearch()
|
|
{
|
|
return $this->_globalSearch;
|
|
}
|
|
|
|
/**
|
|
* @param int $globalSearch
|
|
*/
|
|
public function setGlobalSearch($globalSearch)
|
|
{
|
|
$this->_globalSearch = $globalSearch;
|
|
}
|
|
|
|
/**
|
|
* @return string
|
|
*/
|
|
public function getTxtSearch()
|
|
{
|
|
return $this->_txtSearch;
|
|
}
|
|
|
|
/**
|
|
* @param string $txtSearch
|
|
*/
|
|
public function setTxtSearch($txtSearch)
|
|
{
|
|
$this->_txtSearch = $txtSearch;
|
|
}
|
|
|
|
/**
|
|
* @return int
|
|
*/
|
|
public function getCustomerId()
|
|
{
|
|
return $this->_customerId;
|
|
}
|
|
|
|
/**
|
|
* @param int $customerId
|
|
*/
|
|
public function setCustomerId($customerId)
|
|
{
|
|
$this->_customerId = $customerId;
|
|
}
|
|
|
|
/**
|
|
* @return int
|
|
*/
|
|
public function getCategoryId()
|
|
{
|
|
return $this->_categoryId;
|
|
}
|
|
|
|
/**
|
|
* @param int $categoryId
|
|
*/
|
|
public function setCategoryId($categoryId)
|
|
{
|
|
$this->_categoryId = $categoryId;
|
|
}
|
|
|
|
/**
|
|
* @return int
|
|
*/
|
|
public function getSortOrder()
|
|
{
|
|
return $this->_sortOrder;
|
|
}
|
|
|
|
/**
|
|
* @param int $sortOrder
|
|
*/
|
|
public function setSortOrder($sortOrder)
|
|
{
|
|
$this->_sortOrder = $sortOrder;
|
|
}
|
|
|
|
/**
|
|
* @return int
|
|
*/
|
|
public function getSortKey()
|
|
{
|
|
return $this->_sortKey;
|
|
}
|
|
|
|
/**
|
|
* @param int $sortKey
|
|
*/
|
|
public function setSortKey($sortKey)
|
|
{
|
|
$this->_sortKey = $sortKey;
|
|
}
|
|
|
|
/**
|
|
* @return int
|
|
*/
|
|
public function getLimitStart()
|
|
{
|
|
return $this->_limitStart;
|
|
}
|
|
|
|
/**
|
|
* @param int $limitStart
|
|
*/
|
|
public function setLimitStart($limitStart)
|
|
{
|
|
$this->_limitStart = $limitStart;
|
|
}
|
|
|
|
/**
|
|
* @return int
|
|
*/
|
|
public function getLimitCount()
|
|
{
|
|
return $this->_limitCount;
|
|
}
|
|
|
|
/**
|
|
* @param int $limitCount
|
|
*/
|
|
public function setLimitCount($limitCount)
|
|
{
|
|
$this->_limitCount = $limitCount;
|
|
}
|
|
|
|
/**
|
|
* Obtener las cuentas de una búsqueda.
|
|
*
|
|
* @return bool Resultado de la consulta
|
|
*/
|
|
public function getAccounts()
|
|
{
|
|
$isAdmin = (Session::getUserIsAdminApp() || Session::getUserIsAdminAcc());
|
|
|
|
$arrFilterCommon = array();
|
|
$arrFilterSelect = array();
|
|
$arrFilterUser = array();
|
|
$arrQueryWhere = array();
|
|
|
|
switch ($this->getSortKey()) {
|
|
case self::SORT_NAME:
|
|
$orderKey = 'account_name';
|
|
break;
|
|
case self::SORT_CATEGORY:
|
|
$orderKey = 'category_name';
|
|
break;
|
|
case self::SORT_LOGIN:
|
|
$orderKey = 'account_login';
|
|
break;
|
|
case self::SORT_URL:
|
|
$orderKey = 'account_url';
|
|
break;
|
|
case self::SORT_CUSTOMER:
|
|
$orderKey = 'customer_name';
|
|
break;
|
|
default :
|
|
$orderKey = 'customer_name, account_name';
|
|
break;
|
|
}
|
|
|
|
$querySelect = 'SELECT DISTINCT '
|
|
. 'account_id,'
|
|
. 'account_customerId,'
|
|
. 'category_name,'
|
|
. 'account_name,'
|
|
. 'account_login,'
|
|
. 'account_url,'
|
|
. 'account_notes,'
|
|
. 'account_userId,'
|
|
. 'account_userGroupId,'
|
|
. 'BIN(account_otherUserEdit) AS account_otherUserEdit,'
|
|
. 'BIN(account_otherGroupEdit) AS account_otherGroupEdit,'
|
|
. 'usergroup_name,'
|
|
. 'customer_name '
|
|
. 'FROM accounts '
|
|
. 'LEFT JOIN categories ON account_categoryId = category_id '
|
|
. 'LEFT JOIN usrGroups ug ON account_userGroupId = usergroup_id '
|
|
. 'LEFT JOIN customers ON customer_id = account_customerId '
|
|
. 'LEFT JOIN accUsers ON accuser_accountId = account_id '
|
|
. 'LEFT JOIN accGroups ON accgroup_accountId = account_id';
|
|
|
|
if ($this->getTxtSearch()) {
|
|
$arrFilterCommon[] = 'account_name LIKE :name';
|
|
$arrFilterCommon[] = 'account_login LIKE :login';
|
|
$arrFilterCommon[] = 'account_url LIKE :url';
|
|
$arrFilterCommon[] = 'account_notes LIKE :notes';
|
|
|
|
$data['name'] = '%' . $this->getTxtSearch() . '%';
|
|
$data['login'] = '%' . $this->getTxtSearch() . '%';
|
|
$data['url'] = '%' . $this->getTxtSearch() . '%';
|
|
$data['notes'] = '%' . $this->getTxtSearch() . '%';
|
|
}
|
|
|
|
if ($this->getCategoryId() !== 0) {
|
|
$arrFilterSelect[] = 'category_id = :categoryId';
|
|
|
|
$data['categoryId'] = $this->getCategoryId();
|
|
}
|
|
|
|
if ($this->getCustomerId() !== 0) {
|
|
$arrFilterSelect[] = 'account_customerId = :customerId';
|
|
|
|
$data['customerId'] = $this->getCustomerId();
|
|
}
|
|
|
|
if (count($arrFilterCommon) > 0) {
|
|
$arrQueryWhere[] = '(' . implode(' OR ', $arrFilterCommon) . ')';
|
|
}
|
|
|
|
if (count($arrFilterSelect) > 0) {
|
|
$arrQueryWhere[] = '(' . implode(' AND ', $arrFilterSelect) . ')';
|
|
}
|
|
|
|
if (!$isAdmin && !$this->getGlobalSearch()) {
|
|
$arrFilterUser[] = 'account_userGroupId = :userGroupId';
|
|
$arrFilterUser[] = 'account_userId = :userId';
|
|
$arrFilterUser[] = 'accgroup_groupId = :accgroup_groupId';
|
|
$arrFilterUser[] = 'accuser_userId = :accuser_userId';
|
|
|
|
// Usuario/Grupo principal de la cuenta
|
|
$data['userId'] = Session::getUserId();
|
|
$data['accuser_userId'] = Session::getUserId();
|
|
|
|
// Usuario/Grupo secundario de la cuenta
|
|
$data['userGroupId'] = Session::getUserGroupId();
|
|
$data['accgroup_groupId'] = Session::getUserGroupId();
|
|
|
|
$arrQueryWhere[] = '(' . implode(' OR ', $arrFilterUser) . ')';
|
|
}
|
|
|
|
$orderDir = ($this->getSortOrder() === 0) ? 'ASC' : 'DESC';
|
|
$queryOrder = 'ORDER BY ' . $orderKey . ' ' . $orderDir;
|
|
|
|
if ($this->getLimitCount() != 99) {
|
|
$queryLimit = 'LIMIT :limitStart,:limitCount';
|
|
|
|
$data['limitStart'] = $this->getLimitStart();
|
|
$data['limitCount'] = $this->getLimitCount();
|
|
}
|
|
|
|
if (count($arrQueryWhere) === 1) {
|
|
$query = $querySelect . ' WHERE ' . implode($arrQueryWhere) . ' ' . $queryOrder . ' ' . $queryLimit;
|
|
} elseif (count($arrQueryWhere) > 1) {
|
|
$query = $querySelect . ' WHERE ' . implode(' AND ', $arrQueryWhere) . ' ' . $queryOrder . ' ' . $queryLimit;
|
|
} else {
|
|
$query = $querySelect . ' ' . $queryOrder . ' ' . $queryLimit;
|
|
}
|
|
|
|
// Obtener el número total de cuentas visibles por el usuario
|
|
DB::setFullRowCount();
|
|
|
|
// Obtener los resultados siempre en array de objetos
|
|
DB::setReturnArray();
|
|
|
|
// Consulta de la búsqueda de cuentas
|
|
$queryRes = DB::getResults($query, __FUNCTION__, $data);
|
|
|
|
if ($queryRes === false) {
|
|
// print_r($query);
|
|
// var_dump($data);
|
|
return false;
|
|
}
|
|
|
|
// Obtenemos el número de registros totales de la consulta sin contar el LIMIT
|
|
self::$queryNumRows = DB::$lastNumRows;
|
|
|
|
// Establecer el filtro de búsqueda en la sesión como un objeto
|
|
Session::setSearchFilters($this);
|
|
|
|
return $queryRes;
|
|
}
|
|
|
|
/**
|
|
* Obtiene el número de cuentas que un usuario puede ver.
|
|
*
|
|
* @return false|int con el número de registros
|
|
*/
|
|
public function getAccountMax()
|
|
{
|
|
$data = null;
|
|
|
|
if (!Session::getUserIsAdminApp() && !Session::getUserIsAdminAcc()) {
|
|
$query = 'SELECT COUNT(DISTINCT account_id) as numacc '
|
|
. 'FROM accounts '
|
|
. 'LEFT JOIN accGroups ON account_id = accgroup_accountId '
|
|
. 'WHERE account_userGroupId = :userGroupId '
|
|
. 'OR account_userId = :userId '
|
|
. 'OR accgroup_groupId = :groupId';
|
|
|
|
$data['userGroupId'] = Session::getUserGroupId();
|
|
$data['groupId'] = Session::getUserGroupId();
|
|
$data['userId'] = Session::getUserId();
|
|
|
|
} else {
|
|
$query = "SELECT COUNT(*) as numacc FROM accounts";
|
|
}
|
|
|
|
$queryRes = DB::getResults($query, __FUNCTION__, $data);
|
|
|
|
if ($queryRes === false) {
|
|
return false;
|
|
}
|
|
|
|
return $queryRes->numacc;
|
|
}
|
|
} |