本文整理汇总了PHP中RBAC::getSingleton方法的典型用法代码示例。如果您正苦于以下问题:PHP RBAC::getSingleton方法的具体用法?PHP RBAC::getSingleton怎么用?PHP RBAC::getSingleton使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类RBAC
的用法示例。
在下文中一共展示了RBAC::getSingleton方法的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: metodillo
function metodillo()
{
$sSQL = "SELECT * FROM PM_PARAMETERS WHERE PRM_ID = 'CAS_URL' ";
$aResSQL = executeQuery($sSQL);
if (count($aResSQL)) {
$sURL = $aResSQL[1]['PRM_VALUE'];
$sURI = $aResSQL[1]['PRM_VALUE_2'];
$res = false;
$RBAC = RBAC::getSingleton();
$RBAC->initRBAC();
require_once 'CAS-1.2.2/CAS.php';
phpCAS::client(CAS_VERSION_2_0, $sURL, 443, $sURI, false);
phpCAS::setNoCasServerValidation();
phpCAS::forceAuthentication();
if (phpCAS::isAuthenticated() == true) {
$sCasUser = phpCAS::getUser();
$sSQL = "SELECT USR_UID FROM USERS WHERE USR_USERNAME = '{$sCasUser}' ";
$aResSQL = executeQuery($sSQL);
if (count($aResSQL)) {
$nUserId = $aResSQL[1]['USR_UID'];
$RBAC->singleSignOn = true;
$RBAC->userObj->fields['USR_UID'] = $nUserId;
$RBAC->userObj->fields['USR_USERNAME'] = $sCasUser;
$res = true;
} else {
$res = false;
}
} else {
$res = false;
}
} else {
$res = false;
}
return $res;
}
示例2: header
$_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI'];
header("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI']));
die;
}
}
//redirect to login, if user changed the workspace in the URL
if (!$avoidChangedWorkspaceValidation && isset($_SESSION['WORKSPACE']) && $_SESSION['WORKSPACE'] != SYS_SYS) {
$_SESSION['WORKSPACE'] = SYS_SYS;
G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', "error");
// verify if the current skin is a 'ux' variant
$urlPart = substr(SYS_SKIN, 0, 2) == 'ux' && SYS_SKIN != 'uxs' ? '/main/login' : '/login/login';
header('Location: /sys' . SYS_SYS . '/' . SYS_LANG . '/' . SYS_SKIN . $urlPart);
die;
}
// enable rbac
$RBAC =& RBAC::getSingleton(PATH_DATA, session_id());
$RBAC->sSystem = 'PROCESSMAKER';
// define and send Headers for all pages
if (!defined('EXECUTE_BY_CRON')) {
header("Expires: " . gmdate("D, d M Y H:i:s", mktime(0, 0, 0, date('m'), date('d') - 1, date('Y'))) . " GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// get the language direction from ServerConf
define('SYS_LANG_DIRECTION', $oServerConf->getLanDirection());
if (isset($_SESSION['USER_LOGGED']) && !isset($_GET['sid'])) {
$RBAC->initRBAC();
//using optimization with memcache, the user data will be in memcache 8 hours, or until session id goes invalid
$memKey = 'rbacSession' . session_id();
if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) {
示例3: roleList
/**
* get all roles, to see all roles
*
* @param none
* @return $result will return an object
*/
public function roleList ()
{
try {
$result = array ();
$RBAC = & RBAC::getSingleton();
$RBAC->initRBAC();
$oCriteria = $RBAC->listAllRoles();
$oDataset = GulliverBasePeer::doSelectRs( $oCriteria );
$oDataset->setFetchmode( ResultSet::FETCHMODE_ASSOC );
$oDataset->next();
while ($aRow = $oDataset->getRow()) {
$result[] = array ('guid' => $aRow['ROL_UID'],'name' => $aRow['ROL_CODE']
);
$oDataset->next();
}
return $result;
} catch (Exception $e) {
$result[] = array ('guid' => $e->getMessage(),'name' => $e->getMessage()
);
return $result;
}
}
示例4: ifPermission
function ifPermission($sessionId, $permission)
{
global $RBAC;
$RBAC->initRBAC();
G::LoadClass('sessions');
$oSession = new Sessions();
$user = $oSession->getSessionUser($sessionId);
$oRBAC = RBAC::getSingleton();
$oRBAC->loadUserRolePermission($oRBAC->sSystem, $user['USR_UID']);
$aPermissions = $oRBAC->aUserInfo[$oRBAC->sSystem]['PERMISSIONS'];
$sw = 0;
foreach ($aPermissions as $aPermission) {
if ($aPermission['PER_CODE'] == $permission) {
$sw = 1;
}
}
return $sw;
}
示例5: upgradeCacheView
/**
* Upgrade the AppCacheView table to the latest system version.
*
* This recreates the table and populates with data.
*
* @param bool $checkOnly only check if the upgrade is needed if true
* @param string $lang not currently used
*/
public function upgradeCacheView($fill = true, $checkOnly = false, $lang = "en")
{
$this->initPropel(true);
//require_once ('classes/model/AppCacheView.php');
//check the language, if no info in config about language, the default is 'en'
G::LoadClass("configuration");
$oConf = new Configurations();
$oConf->loadConfig($x, 'APP_CACHE_VIEW_ENGINE', '', '', '', '');
$appCacheViewEngine = $oConf->aConfig;
//setup the appcacheview object, and the path for the sql files
$appCache = new AppCacheView();
$appCache->setPathToAppCacheFiles(PATH_METHODS . 'setup' . PATH_SEP . 'setupSchemas' . PATH_SEP);
$userGrants = $appCache->checkGrantsForUser(false);
$currentUser = $userGrants['user'];
$currentUserIsSuper = $userGrants['super'];
//if user does not have the SUPER privilege we need to use the root user and grant the SUPER priv. to normal user.
if (!$currentUserIsSuper) {
$appCache->checkGrantsForUser(true);
$appCache->setSuperForUser($currentUser);
$currentUserIsSuper = true;
}
CLI::logging("-> Creating tables \n");
//now check if table APPCACHEVIEW exists, and it have correct number of fields, etc.
$res = $appCache->checkAppCacheView();
CLI::logging("-> Update DEL_LAST_INDEX field in APP_DELEGATION table \n");
//Update APP_DELEGATION.DEL_LAST_INDEX data
$res = $appCache->updateAppDelegationDelLastIndex($lang, $checkOnly);
CLI::logging("-> Verifying roles permissions in RBAC \n");
//Update table RBAC permissions
Bootstrap::LoadSystem( 'rbac' );
$RBAC = & RBAC::getSingleton();
$RBAC->initRBAC();
$result = $RBAC->verifyPermissions();
//.........这里部分代码省略.........
示例6: listExtNoProcessesUser
/**
* listExtNoProcessesUser for Extjs
*
* @param string $sProcessUID
* @return array(aAvailableUser) $aAvailableUser
*/
public function listExtNoProcessesUser($sProcessUID)
{
G::LoadSystem('rbac');
$memcache =& PMmemcached::getSingleton(SYS_SYS);
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn(ProcessUserPeer::USR_UID);
$oCriteria->add(ProcessUserPeer::PRO_UID, $sProcessUID);
$oCriteria->add(ProcessUserPeer::PU_TYPE, 'SUPERVISOR');
$oDataset = ProcessUserPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
$aUIDS = array();
while ($aRow = $oDataset->getRow()) {
$aUIDS[] = $aRow['USR_UID'];
$oDataset->next();
}
$sDelimiter = DBAdapter::getStringDelimiter();
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn(UsersPeer::USR_UID);
$oCriteria->add(UsersPeer::USR_UID, $aUIDS, Criteria::NOT_IN);
$oDataset = UsersPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
$aUIDS = array();
$oRBAC = RBAC::getSingleton();
while ($aRow = $oDataset->getRow()) {
$memKey = 'rbacSession' . session_id();
if (($oRBAC->aUserInfo = $memcache->get($memKey)) === false) {
$oRBAC->loadUserRolePermission($oRBAC->sSystem, $aRow['USR_UID']);
$memcache->set($memKey, $oRBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
}
$aPermissions = $oRBAC->aUserInfo[$oRBAC->sSystem]['PERMISSIONS'];
$bInclude = false;
foreach ($aPermissions as $aPermission) {
if ($aPermission['PER_CODE'] == 'PM_SUPERVISOR') {
$bInclude = true;
}
}
if ($bInclude) {
$aUIDS[] = $aRow['USR_UID'];
}
$oDataset->next();
}
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn(UsersPeer::USR_UID);
$oCriteria->addSelectColumn(UsersPeer::USR_FIRSTNAME);
$oCriteria->addSelectColumn(UsersPeer::USR_LASTNAME);
$oCriteria->add(UsersPeer::USR_UID, $aUIDS, Criteria::IN);
$oDataset = UsersPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
$aAvailableUser = '';
while ($aRow = $oDataset->getRow()) {
$aAvailableUser[] = array('USR_UID' => $aRow['USR_UID'], 'USR_FIRSTNAME' => $aRow['USR_FIRSTNAME'], 'USR_LASTNAME' => $aRow['USR_LASTNAME']);
$oDataset->next();
}
return $aAvailableUser;
}
示例7: checkUserCredentials
public function checkUserCredentials($username, $password)
{
$RBAC = \RBAC::getSingleton();
$RBAC->initRBAC();
$uid = $RBAC->VerifyLogin($username , $password);
if($uid < 0){
return false;
}
if($uid != ''){
return true;
}
return false;
}
示例8: printf
global $G_ENVIRONMENTS;
if (isset($G_ENVIRONMENTS)) {
$dbfile = $G_ENVIRONMENTS[G_TEST_ENV]['dbfile'];
if (!file_exists($dbfile)) {
printf("%s \n", pakeColor::colorize("dbfile {$dbfile} doesn't exist for environment " . G_ENVIRONMENT, 'ERROR'));
exit(200);
} else {
include $dbfile;
}
} else {
exit(201);
}
G::LoadThirdParty('pear/json', 'class.json');
G::LoadThirdParty('smarty/libs', 'Smarty.class');
G::LoadSystem('xmlform');
G::LoadSystem('xmlDocument');
G::LoadSystem('form');
G::LoadSystem('rbac');
$method = array();
$method = get_class_methods('RBAC');
$t = new lime_test(8, new lime_output_color());
$obj =& RBAC::getSingleton();
$t->diag('class RBAC');
$t->is(count($method), 46, "class RBAC " . count($method) . " methods.");
$t->isa_ok($obj, 'RBAC', 'class RBAC created');
$t->can_ok($obj, 'VerifyLogin', 'VerifyLogin()');
$t->can_ok($obj, 'userCanAccess', 'userCanAccess()');
$t->can_ok($obj, 'load', 'load()');
$t->can_ok($obj, 'createUser', 'createUser()');
$t->can_ok($obj, 'listAllRoles', 'listAllRoles()');
$t->todo('review all pendings in this class');
示例9: getUsersToReassign
/**
* lista de usuarios a reasignar
*/
public function getUsersToReassign($usr_uid, $task_uid)
{
//G::LoadClass( 'tasks' );
G::LoadSystem( 'rbac' );
G::LoadClass( 'memcached' );
$memcache = \PMmemcached::getSingleton( SYS_SYS );
$RBAC = \RBAC::getSingleton( PATH_DATA, session_id() );
$RBAC->sSystem = 'PROCESSMAKER';
$RBAC->initRBAC();
$memKey = 'rbacSession' . session_id();
if (($RBAC->aUserInfo = $memcache->get( $memKey )) === false) {
$RBAC->loadUserRolePermission( $RBAC->sSystem, $usr_uid );
$memcache->set( $memKey, $RBAC->aUserInfo, \PMmemcached::EIGHT_HOURS );
}
$GLOBALS['RBAC'] = $RBAC;
$task = new \Task();
$tasks = $task->load($task_uid);
$case = new \Cases();
$result = new \stdclass();
$result->data = $case->getUsersToReassign($task_uid, $usr_uid, $tasks['PRO_UID']);
return $result;
}
示例10: executeCron
/**
function executed by the cron
this function will synchronize users from ldap/active directory to PM users tables
@return void
*/
public function executeCron($debug)
{
$rbac =& RBAC::getSingleton();
if (is_null($rbac->authSourcesObj)) {
$rbac->authSourcesObj = new AuthenticationSource();
}
$plugin = new ldapAdvanced();
$plugin->sSystem = $rbac->sSystem;
$plugin->setFrontEnd(true);
$plugin->setDebug($debug);
//Get all authsource for this plugin ( ldapAdvanced plugin, because other authsources are not needed )
$arrayAuthenticationSource = $plugin->getAuthSources();
$aDepartments = $plugin->getDepartments("");
$aGroups = $plugin->getGroups();
//$arrayDepartmentUserAd = array(); //(D) Update Users
//$arrayGroupUserAd = array(); //(G) Update Users
//echo "\n";
$plugin->frontEndShow("START");
$plugin->debugLog("START");
foreach ($arrayAuthenticationSource as $value) {
$arrayAuthenticationSourceData = $value;
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$arrayAuthenticationSourceData ---->\n" . print_r($arrayAuthenticationSourceData, true));
$plugin->sAuthSource = $arrayAuthenticationSourceData["AUTH_SOURCE_UID"];
$plugin->ldapcnn = null;
$plugin->setArrayDepartmentUserSynchronizedChecked(array());
$plugin->setArrayUserUpdateChecked(array());
//Get all User (USR_UID, USR_USERNAME, USR_AUTH_USER_DN) registered in RBAC with this Authentication Source
$plugin->setArrayAuthenticationSourceUsers($arrayAuthenticationSourceData["AUTH_SOURCE_UID"]);
//INITIALIZE DATA
$plugin->frontEndShow("TEXT", "Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]);
$plugin->log(null, "Executing cron for Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]);
//Get all departments from Ldap/ActiveDirectory and build a hierarchy using dn (ou->ou parent)
$aLdapDepts = $plugin->searchDepartments();
//Obtain all departments from PM with a valid department in LDAP/ActiveDirectory
$aRegisteredDepts = $plugin->getRegisteredDepartments($aLdapDepts, $aDepartments);
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredDepts ---->\n" . print_r($aRegisteredDepts, true));
//Get all group from Ldap/ActiveDirectory
$aLdapGroups = $plugin->searchGroups();
//Obtain all groups from PM with a valid group in LDAP/ActiveDirectory
$aRegisteredGroups = $plugin->getRegisteredGroups($aLdapGroups, $aGroups);
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredGroups ---->\n" . print_r($aRegisteredGroups, true));
//Get all users from Removed OU
$this->usersRemovedOu = $plugin->getUsersFromRemovedOu($arrayAuthenticationSourceData);
$plugin->deactiveArrayOfUsers($this->usersRemovedOu);
//Variables
$this->deletedRemoved = count($this->usersRemovedOu);
$this->deletedRemovedUsers = "";
$this->dAlready = 0;
$this->dMoved = 0;
$this->dImpossible = 0;
$this->dCreated = 0;
$this->dRemoved = 0;
$this->dAlreadyUsers = "";
$this->dMovedUsers = "";
$this->dImpossibleUsers = "";
$this->dCreatedUsers = "";
$this->dRemovedUsers = "";
$this->gAlready = 0;
$this->gMoved = 0;
$this->gImpossible = 0;
$this->gCreated = 0;
$this->gRemoved = 0;
$this->gAlreadyUsers = "";
$this->gMovedUsers = "";
$this->gImpossibleUsers = "";
$this->gCreatedUsers = "";
$this->gRemovedUsers = "";
//Department - Synchronize Users
$numDepartments = count($aRegisteredDepts);
$count = 0;
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$numDepartments ----> {$numDepartments}");
foreach ($aRegisteredDepts as $registeredDept) {
$count++;
//(D) Update Users
//if (!isset($arrayDepartmentUserAd[$registeredDept["DEP_UID"]])) {
// $arrayDepartmentUserAd[$registeredDept["DEP_UID"]] = array(); //Current users in department based in Active Directory
//}
//
//$arrayAux = $this->departmentSynchronizeUsers($plugin, $numDepartments, $count, $registeredDept);
//$arrayAux = array_merge($arrayDepartmentUserAd[$registeredDept["DEP_UID"]], $arrayAux);
//
//$arrayDepartmentUserAd[$registeredDept["DEP_UID"]] = array_unique($arrayAux);
$arrayAux = $this->departmentSynchronizeUsers($plugin, $numDepartments, $count, $registeredDept);
}
//Department - Print log
$logResults = sprintf("- Departments -> Existing users: %d, moved: %d, impossible: %d, created: %d, removed: %d", $this->dAlready, $this->dMoved, $this->dImpossible, $this->dCreated, $this->dRemoved);
$plugin->frontEndShow("TEXT", $logResults);
$plugin->log(null, $logResults);
//Group - Synchronize Users
$numGroups = count($aRegisteredGroups);
$count = 0;
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$numGroups ----> {$numGroups}");
foreach ($aRegisteredGroups as $registeredGroup) {
$count++;
//(G) Update Users
//.........这里部分代码省略.........
示例11: run_new_project
function run_new_project($task, $args)
{
global $pathHome;
global $projectName;
//the class filename in the first argument
$projectName = $args[0];
if (trim($projectName) == '') {
printf("Error: %s\n", pakeColor::colorize("you must specify a valid name for the project", 'ERROR'));
exit(0);
}
$createProject = strtolower(prompt("Do you want to create the project '{$projectName}' ? [Y/n]"));
if ($createProject == 'n') {
die;
}
G::LoadSystem('templatePower');
define('PATH_SHARED', PATH_SEP . 'shared' . PATH_SEP . $projectName . '_data' . PATH_SEP);
$pathHome = PATH_TRUNK . $projectName;
printf("creating project %s in %s\n", pakeColor::colorize($projectName, 'INFO'), pakeColor::colorize($pathHome, 'INFO'));
define('G_ENVIRONMENT', G_DEV_ENV);
require_once "propel/Propel.php";
//create project.conf for httpd conf
//$dbFile = PATH_TRUNK . $projectName . PATH_SEP . 'shared' . PATH_SEP . 'sites'. PATH_SEP . 'dev'. PATH_SEP . 'db.php';
$dbFile = PATH_SEP . PATH_SHARED . 'sites' . PATH_SEP . $projectName . PATH_SEP . 'db.php';
$dbn = "db_" . $projectName;
$dbrn = "rb_" . $projectName;
$dbnpass = substr(G::GenerateUniqueId(), 0, 8);
if (1 || !file_exists($dbFile)) {
if (!defined('HASH_INSTALLATION')) {
printf("%s\n", pakeColor::colorize('HASH INSTALLATION is invalid or does not exist. Please check the paths_installed.php file', 'ERROR'));
exit(0);
}
$dbOpt = @explode(SYSTEM_HASH, G::decrypt(HASH_INSTALLATION, SYSTEM_HASH));
$connectionDatabase = mysql_connect($dbOpt[0], $dbOpt[1], $dbOpt[2]);
if (!$connectionDatabase) {
printf("%s\n", pakeColor::colorize('HASH INSTALLATION has invalid credentials. Please check the paths_installed.php file', 'ERROR'));
exit(0);
}
printf("creating database %s \n", pakeColor::colorize($dbn, 'INFO'));
$q = "CREATE DATABASE IF NOT EXISTS {$dbn} DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci";
$ac = @mysql_query($q, $connectionDatabase);
if (!$ac) {
printf("%s\n", pakeColor::colorize(mysql_error(), 'ERROR'));
exit(0);
}
printf("creating database %s \n", pakeColor::colorize($dbrn, 'INFO'));
$q = "CREATE DATABASE IF NOT EXISTS {$dbrn} DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci";
$ac = @mysql_query($q, $connectionDatabase);
if (!$ac) {
printf("%s\n", pakeColor::colorize(mysql_error(), 'ERROR'));
exit(0);
}
$q = "GRANT ALL PRIVILEGES ON `{$dbn}`.* TO {$dbn}@'localhost' IDENTIFIED BY '{$dbnpass}' WITH GRANT OPTION";
$ac = @mysql_query($q, $connectionDatabase);
if (!$ac) {
printf("%s\n", pakeColor::colorize(mysql_error(), 'ERROR'));
exit(0);
}
$q = "GRANT ALL PRIVILEGES ON `{$dbrn}`.* TO {$dbn}@'localhost' IDENTIFIED BY '{$dbnpass}' WITH GRANT OPTION";
$ac = @mysql_query($q, $connectionDatabase);
if (!$ac) {
printf("%s\n", pakeColor::colorize(mysql_error(), 'ERROR'));
exit(0);
}
$rbSql = PATH_RBAC_MYSQL_DATA . 'schema.sql';
printf("executing %s \n", pakeColor::colorize($rbSql, 'INFO'));
mysql_select_db($dbrn, $connectionDatabase);
$qrs = query_sql_file($rbSql, $connectionDatabase);
$q = "INSERT INTO `USERS` VALUES ('00000000000000000000000000000001','admin',md5('admin'),'Administrator','','admin@colosa.com','2020-01-01','2007-08-03 12:24:36','2008-02-13 07:24:07',1);";
$ac = @mysql_query($q, $connectionDatabase);
$q = "INSERT INTO `USERS` VALUES ('00000000000000000000000000000002','operator',md5('operator'),'Operator','','operator@colosa.com','2020-01-01','2007-08-03 12:24:36','2008-02-13 07:24:07',1);";
$ac = @mysql_query($q, $connectionDatabase);
//database wf_ db_
$dbInsertSql = PATH_GULLIVER_HOME . 'bin' . PATH_SEP . 'tasks' . PATH_SEP . 'templates' . PATH_SEP . 'db_insert.sql';
printf("executing %s \n", pakeColor::colorize($dbInsertSql, 'INFO'));
mysql_select_db($dbn, $connectionDatabase);
$qrs = query_sql_file($dbInsertSql, $connectionDatabase);
G::mk_dir(PATH_SHARED . 'sites' . PATH_SEP);
G::mk_dir(PATH_SHARED . 'sites' . PATH_SEP . $projectName);
$dbFields['rootUser'] = $dbn;
$dbFields['rootPass'] = $dbnpass;
create_file_from_tpl('db.php', $dbFile, $dbFields);
}
global $G_ENVIRONMENTS;
$G_ENVIRONMENTS['DEVELOPMENT']['dbfile'] = $dbFile;
//print_r ( $G_ENVIRONMENTS );
Propel::init(PATH_CORE . "config/databases.php");
$configuration = Propel::getConfiguration();
$connectionDSN = $configuration['datasources']['workflow']['connection'];
printf("using DSN Connection %s \n", pakeColor::colorize($connectionDSN, 'INFO'));
$rbacProjectName = strtoupper($projectName);
G::LoadSystem('rbac');
$RBAC = RBAC::getSingleton();
$RBAC->sSystem = $rbacProjectName;
$RBAC->initRBAC();
$RBAC->createSystem($rbacProjectName);
$RBAC->createPermision(substr($rbacProjectName, 0, 3) . '_LOGIN');
$RBAC->createPermision(substr($rbacProjectName, 0, 3) . '_ADMIN');
$RBAC->createPermision(substr($rbacProjectName, 0, 3) . '_OPERATOR');
$systemData = $RBAC->systemObj->LoadByCode($rbacProjectName);
$roleData['ROL_UID'] = G::GenerateUniqueId();
//.........这里部分代码省略.........
示例12: putExecuteTriggerCase
/**
* Put execute trigger case
*
* @access public
* @param string $app_uid , Uid for case
* @param string $usr_uid , Uid for user
* @param bool|string $del_index , Index for case
*
* @author Brayan Pereyra (Cochalo) <brayan@colosa.com>
* @copyright Colosa - Bolivia
*/
public function putExecuteTriggerCase($app_uid, $tri_uid, $usr_uid, $del_index = false)
{
Validator::isString($app_uid, '$app_uid');
Validator::isString($tri_uid, '$tri_uid');
Validator::isString($usr_uid, '$usr_uid');
Validator::appUid($app_uid, '$app_uid');
Validator::triUid($tri_uid, '$tri_uid');
Validator::usrUid($usr_uid, '$usr_uid');
if ($del_index === false) {
$del_index = \AppDelegation::getCurrentIndex($app_uid);
}
Validator::isInteger($del_index, '$del_index');
global $RBAC;
if (!method_exists($RBAC, 'initRBAC')) {
$RBAC = \RBAC::getSingleton( PATH_DATA, session_id() );
$RBAC->sSystem = 'PROCESSMAKER';
}
$case = new \wsBase();
$result = $case->executeTrigger($usr_uid, $app_uid, $tri_uid, $del_index);
if ($result->status_code != 0) {
throw new \Exception($result->message);
}
}
示例13: upgradeCacheView
/**
* Upgrade the AppCacheView table to the latest system version.
*
* This recreates the table and populates with data.
*
* @param bool $checkOnly only check if the upgrade is needed if true
* @param string $lang not currently used
*/
public function upgradeCacheView($fill = true, $checkOnly = false, $lang = "en")
{
$this->initPropel(true);
//require_once ('classes/model/AppCacheView.php');
//check the language, if no info in config about language, the default is 'en'
G::LoadClass("configuration");
$oConf = new Configurations();
$oConf->loadConfig($x, 'APP_CACHE_VIEW_ENGINE', '', '', '', '');
$appCacheViewEngine = $oConf->aConfig;
//setup the appcacheview object, and the path for the sql files
$appCache = new AppCacheView();
$appCache->setPathToAppCacheFiles(PATH_METHODS . 'setup' . PATH_SEP . 'setupSchemas' . PATH_SEP);
$userGrants = $appCache->checkGrantsForUser(false);
$currentUser = $userGrants['user'];
$currentUserIsSuper = $userGrants['super'];
//if user does not have the SUPER privilege we need to use the root user and grant the SUPER priv. to normal user.
if (!$currentUserIsSuper) {
$appCache->checkGrantsForUser(true);
$appCache->setSuperForUser($currentUser);
$currentUserIsSuper = true;
}
CLI::logging("-> Creating table\n");
//now check if table APPCACHEVIEW exists, and it have correct number of fields, etc.
$res = $appCache->checkAppCacheView();
CLI::logging("-> Update DEL_LAST_INDEX field in APP_DELEGATION table\n");
//Update APP_DELEGATION.DEL_LAST_INDEX data
$res = $appCache->updateAppDelegationDelLastIndex($lang, $checkOnly);
CLI::logging("-> Verifying roles permissions in RBAC \n");
//Update table RBAC permissions
Bootstrap::LoadSystem('rbac');
$RBAC =& RBAC::getSingleton();
$RBAC->initRBAC();
$result = $RBAC->verifyPermissions();
if (count($result) > 1) {
foreach ($result as $item) {
CLI::logging(" {$item}... \n");
}
} else {
CLI::logging(" All roles permissions already updated \n");
}
CLI::logging("-> Creating triggers\n");
//now check if we have the triggers installed
$triggers = array();
$triggers[] = $appCache->triggerAppDelegationInsert($lang, $checkOnly);
$triggers[] = $appCache->triggerAppDelegationUpdate($lang, $checkOnly);
$triggers[] = $appCache->triggerApplicationUpdate($lang, $checkOnly);
$triggers[] = $appCache->triggerApplicationDelete($lang, $checkOnly);
$triggers[] = $appCache->triggerSubApplicationInsert($lang, $checkOnly);
$triggers[] = $appCache->triggerContentUpdate($lang, $checkOnly);
if ($fill) {
CLI::logging("-> Rebuild Cache View with language {$lang}...\n");
//build using the method in AppCacheView Class
$res = $appCache->fillAppCacheView($lang);
//set status in config table
$confParams = array('LANG' => $lang, 'STATUS' => 'active');
}
$oConf->aConfig = $confParams;
$oConf->saveConfig('APP_CACHE_VIEW_ENGINE', '', '', '');
// removing casesList configuration records. TODO: removing these lines that resets all the configurations records
$oCriteria = new Criteria();
$oCriteria->add(ConfigurationPeer::CFG_UID, "casesList");
$oCriteria->add(ConfigurationPeer::OBJ_UID, array("todo", "draft", "sent", "unassigned", "paused", "cancelled"), Criteria::NOT_IN);
ConfigurationPeer::doDelete($oCriteria);
// end of reset
}
示例14: searchUsers
function searchUsers($sKeyword)
{
$sKeyword = trim($sKeyword);
$RBAC = RBAC::getSingleton();
$aAuthSource = $RBAC->authSourcesObj->load($this->sAuthSource);
$pass = explode("_", $aAuthSource['AUTH_SOURCE_PASSWORD']);
foreach ($pass as $index => $value) {
if ($value == '2NnV3ujj3w') {
$aAuthSource['AUTH_SOURCE_PASSWORD'] = G::decrypt($pass[0], $aAuthSource['AUTH_SOURCE_SERVER_NAME']);
}
}
$oLink = @ldap_connect($aAuthSource['AUTH_SOURCE_SERVER_NAME'], $aAuthSource['AUTH_SOURCE_PORT']);
@ldap_set_option($oLink, LDAP_OPT_PROTOCOL_VERSION, $aAuthSource['AUTH_SOURCE_VERSION']);
@ldap_set_option($oLink, LDAP_OPT_REFERRALS, 0);
if (isset($aAuthSource['AUTH_SOURCE_ENABLED_TLS']) && $aAuthSource['AUTH_SOURCE_ENABLED_TLS']) {
@ldap_start_tls($oLink);
}
if ($aAuthSource['AUTH_ANONYMOUS'] == '1') {
$bBind = @ldap_bind($oLink);
} else {
$bBind = @ldap_bind($oLink, $aAuthSource['AUTH_SOURCE_SEARCH_USER'], $aAuthSource['AUTH_SOURCE_PASSWORD']);
}
if (!$bBind) {
throw new Exception('Unable to bind to server : ' . $aAuthSource['AUTH_SOURCE_SERVER_NAME'] . ' in port ' . $aAuthSource['AUTH_SOURCE_PORT']);
}
if (substr($sKeyword, -1) != '*') {
if ($sKeyword != '') {
$sKeyword = '*' . $sKeyword . '*';
} else {
$sKeyword .= '*';
}
}
$additionalFilter = isset($aAuthSource['AUTH_SOURCE_DATA']['AUTH_SOURCE_ADDITIONAL_FILTER']) ? trim($aAuthSource['AUTH_SOURCE_DATA']['AUTH_SOURCE_ADDITIONAL_FILTER']) : '';
$sFilter = '(&(|(objectClass=*))';
if (isset($aAuthSource['AUTH_SOURCE_DATA']['LDAP_TYPE']) && $aAuthSource['AUTH_SOURCE_DATA']['LDAP_TYPE'] == 'ad') {
$sFilter = "(&(|(objectClass=*))(|(samaccountname={$sKeyword})(userprincipalname={$sKeyword})){$additionalFilter})";
} else {
$sFilter = "(&(|(objectClass=*))(|(uid={$sKeyword})(cn={$sKeyword})){$additionalFilter})";
}
//G::pr($sFilter);
$aUsers = array();
$oSearch = @ldap_search($oLink, $aAuthSource['AUTH_SOURCE_BASE_DN'], $sFilter, array('dn', 'uid', 'samaccountname', 'cn', 'givenname', 'sn', 'mail', 'userprincipalname', 'objectcategory', 'manager'));
if ($oError = @ldap_errno($oLink)) {
return $aUsers;
} else {
if ($oSearch) {
if (@ldap_count_entries($oLink, $oSearch) > 0) {
$sUsername = '';
$oEntry = @ldap_first_entry($oLink, $oSearch);
$uidUser = isset($aAuthSource['AUTH_SOURCE_DATA']['AUTH_SOURCE_IDENTIFIER_FOR_USER']) ? $aAuthSource['AUTH_SOURCE_DATA']['AUTH_SOURCE_IDENTIFIER_FOR_USER'] : 'uid';
do {
$aAttr = $this->getLdapAttributes($oLink, $oEntry);
$sUsername = isset($aAttr[$uidUser]) ? $aAttr[$uidUser] : '';
if ($sUsername != '') {
// note added by gustavo cruz gustavo-at-colosa.com
// assign the givenname and sn fields if these are set
$aUsers[] = array('sUsername' => $sUsername, 'sFullname' => $aAttr['cn'], 'sFirstname' => isset($aAttr['givenname']) ? $aAttr['givenname'] : '', 'sLastname' => isset($aAttr['sn']) ? $aAttr['sn'] : '', 'sEmail' => isset($aAttr['mail']) ? $aAttr['mail'] : (isset($aAttr['userprincipalname']) ? $aAttr['userprincipalname'] : ''), 'sDN' => $aAttr['dn']);
}
} while ($oEntry = @ldap_next_entry($oLink, $oEntry));
}
}
return $aUsers;
}
}