bn8/ldapsaisie
1
0
Fork 0
mirror of https://gitlab.easter-eggs.com/ee/ldapsaisie.git synced 2024-11-18 08:19:05 +01:00
Code Issues Projects Releases Wiki Activity

Add LSaddon view feature

Browse source
This commit is contained in:
Benjamin Renard 2015-08-21 17:51:52 +02:00
parent f098113720
commit 707c319f15
3 changed files with 167 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
public_html/addon_view.php Normal file
View file

@ -0,0 +1,49 @@
<?php
/*******************************************************************************
* Copyright (C) 2007 Easter-eggs
* http://ldapsaisie.labs.libre-entreprise.org
*
* Author: See AUTHORS file in top-level directory.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License version 2
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
******************************************************************************/
require_once 'core.php';
if(LSsession :: startLSsession()) {
if ((isset($_GET['LSaddon'])) && (isset($_GET['view']))) {
$LSaddon=urldecode($_GET['LSaddon']);
$view=urldecode($_GET['view']);
if (LSsession ::loadLSaddon($LSaddon)) {
if ( LSsession :: canAccessLSaddonView($LSaddon,$view) ) {
LSsession :: showLSaddonView($LSaddon,$view);
}
else {
LSerror :: addErrorCode('LSsession_11');
}
}
}
else {
LSerror :: addErrorCode('LSsession_12');
}
}
else {
LSsession :: setTemplate('login.tpl');
}
// Print template
LSsession :: displayTemplate();

117
public_html/includes/class/class.LSsession.php
View file

@ -49,6 +49,10 @@ class LSsession {
// Les droits d'accès de l'utilisateur
private static $LSaccess = array();
// LSaddons views
private static $LSaddonsViews = array();
private static $LSaddonsViewsAccess = array();
// Les fichiers temporaires
private static $tmp_file = array();
@ -506,6 +510,7 @@ class LSsession {
}
self :: $LSprofiles = $_SESSION['LSsession']['LSprofiles'];
self :: $LSaccess = $_SESSION['LSsession']['LSaccess'];
self :: $LSaddonsViewsAccess = $_SESSION['LSsession']['LSaddonsViewsAccess'];
if (!self :: LSldapConnect())
return;
}
@ -545,6 +550,7 @@ class LSsession {
if ( !self :: cacheLSprofiles() || isset($_REQUEST['LSsession_refresh']) ) {
self :: loadLSprofiles();
self :: loadLSaccess();
self :: loadLSaddonsViewsAccess();
$_SESSION['LSsession']=self :: getContextInfos();
}
@ -617,6 +623,7 @@ class LSsession {
}
self :: loadLSprofiles();
self :: loadLSaccess();
self :: loadLSaddonsViewsAccess();
LStemplate :: assign('LSsession_username',self :: getLSuserObject() -> getDisplayName());
$_SESSION['LSsession']=self :: getContextInfos();
return true;
@ -886,7 +893,8 @@ class LSsession {
'ldapServerId' => self :: $ldapServerId,
'ldapServer' => self :: $ldapServer,
'LSprofiles' => self :: $LSprofiles,
'LSaccess' => self :: $LSaccess
'LSaccess' => self :: $LSaccess,
'LSaddonsViewsAccess' => self :: $LSaddonsViewsAccess
);
}
@ -946,6 +954,7 @@ class LSsession {
if(self :: loadLSprofiles()) {
self :: loadLSaccess();
self :: loadLSaddonsViewsAccess();
$_SESSION['LSsession']=self :: getContextInfos();
return true;
}
@ -1379,6 +1388,7 @@ class LSsession {
if (isset(self :: $LSaccess[self :: $topDn])) {
LStemplate :: assign('LSaccess',self :: $LSaccess[self :: $topDn]);
}
LStemplate :: assign('LSaddonsViewsAccess',self :: $LSaddonsViewsAccess);
// Niveau
$listTopDn = self :: getSubDnLdapServer();
@ -1758,7 +1768,30 @@ class LSsession {
self :: $LSaccess = $LSaccess;
$_SESSION['LSsession']['LSaccess'] = $LSaccess;
}
/**
* Load user access to LSaddons views
*
* @retval void
*/
private static function loadLSaddonsViewsAccess() {
$LSaddonsViewsAccess=array();
foreach (self :: $LSaddonsViews as $addon => $conf) {
foreach ($conf as $viewId => $viewConf) {
if (self :: canAccessLSaddonView($addon,$viewId)) {
$LSaddonsViewsAccess[]=array (
'LSaddon' => $addon,
'id' => $viewId,
'label' => $viewConf['label']
);
}
}
}
self :: $LSaddonsViewsAccess = $LSaddonsViewsAccess;
$_SESSION['LSsession']['LSaddonsViewsAccess'] = $LSaddonsViewsAccess;
}
/**
* Dit si l'utilisateur est du profil pour le DN spécifié
*
@ -2053,6 +2086,35 @@ class LSsession {
return;
}
/**
* Return user right to access to a LSaddon view
*
* @param[in] string $LSaddon The LSaddon
* @param[in] string $viewId The LSaddon view ID
*
* @retval boolean True if user is allowed, false otherwise
*/
public static function canAccessLSaddonView($LSaddon,$viewId) {
if (self :: loadLSaddon($LSaddon)) {
if (!isset(self :: $LSaddonsViews[$LSaddon]) || !isset(self :: $LSaddonsViews[$LSaddon][$viewId]))
return;
if (!is_array(self :: $LSaddonsViews[$LSaddon][$viewId]['allowedLSprofiles'])) {
return true;
}
$whoami = self :: whoami(self :: $topDn);
if (isset(self :: $LSaddonsViews[$LSaddon][$viewId]['allowedLSprofiles']) && is_array(self :: $LSaddonsViews[$LSaddon][$viewId]['allowedLSprofiles'])) {
foreach($whoami as $who) {
if (in_array($who,self :: $LSaddonsViews[$LSaddon][$viewId]['allowedLSprofiles'])) {
return True;
}
}
}
}
return;
}
/**
* Ajoute un fichier temporaire
*
@ -2368,6 +2430,9 @@ class LSsession {
LSerror :: defineError('LSsession_22',
_("LSsession : problem during initialisation.")
);
LSerror :: defineError('LSsession_23',
_("LSsession : view function %{func} for LSaddon %{addon} doet not exist.")
);
}
/**
@ -2426,3 +2491,51 @@ class LSsession {
}
}
/**
* Register a LSaddon view
*
* @param[in] $LSaddon string The LSaddon
* @param[in] $viewId string The view ID
* @param[in] $label string The view's label
* @param[in] $viewFunction string The view's function name
* @param[in] $allowedLSprofiles array|null Array listing allowed profiles.
* If null, no access control will
* be done for this view.
* @retval bool True is the view have been registred, false otherwise
**/
public static function registerLSaddonView($LSaddon,$viewId,$label,$viewFunction,$allowedLSprofiles=null) {
if (function_exists($viewFunction)) {
$func = new ReflectionFunction($viewFunction);
if (basename($func->getFileName())=="LSaddons.$LSaddon.php") {
self :: $LSaddonsViews[$LSaddon][$viewId]=array (
'LSaddon' => $LSaddon,
'label' => $label,
'function' => $viewFunction,
'allowedLSprofiles' => $allowedLSprofiles
);
return True;
}
else {
LSerror :: addErrorCode('LSsession_21',array('func' => $func -> getName(),'addon' => $addon));
}
}
else {
LSerror :: addErrorCode('LSsession_23',array('func' => $viewFunction,'addon' => $LSaddon));
}
return False;
}
/**
* Show LSaddon view
*
* @param[in] $LSaddon string The LSaddon
* @param[in] $viewId string The view ID
*
* @retval void
**/
public static function showLSaddonView($LSaddon,$viewId) {
if (self :: canAccessLSaddonView($LSaddon,$viewId)) {
call_user_func(self :: $LSaddonsViews[$LSaddon][$viewId]['function']);
}
}
}

3
public_html/templates/default/top.tpl
View file

@ -33,6 +33,9 @@
{foreach from=$LSaccess item=label key=LSobject_type}
<li class='menu'><a href='view.php?LSobject={$LSobject_type}' class='menu'>{tr msg=$label}</a></li>
{/foreach}
{foreach from=$LSaddonsViewsAccess item=access}
<li class='menu'><a href='addon_view.php?LSaddon={$access.LSaddon}&view={$access.id}' class='menu'>{tr msg=$access.label}</a></li>
{/foreach}
</ul>
</td>
<td id='status'>