gacl_api.php

Joomla!是一套获得过多个奖项的内容管理系统(Content Management System, CMS)。Joomla!采用PHP+MySQL数据库开发

<?php
/**
 * phpGACL - Generic Access Control List
 * Copyright (C) 2002,2003 Mike Benoit
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 *
 * For questions, help, comments, discussion, etc., please join the
 * phpGACL mailing list. http://sourceforge.net/mail/?group_id=57103
 *
 * You may contact the author of phpGACL by e-mail at:
 * ipso@snappymail.ca
 *
 * The latest version of phpGACL can be obtained from:
 * http://phpgacl.sourceforge.net/
 *
 * @package phpGACL
 *
 */

// Check to ensure this file is within the rest of the framework
defined('JPATH_BASE') or die();

/*
 *
 * For examples, see example.php or the Administration interface,
 * as it makes use of nearly every API Call.
 *
 */
/**
 * gacl_api Extended API Class
 *
 * Class gacl_api should be used for applications that must interface directly with
 * phpGACL's data structures, objects, and rules.
 *
 * @package phpGACL
 * @author Mike Benoit <ipso@snappymail.ca>
 *
 */

class gacl_api extends gacl {

	/*
	 *
	 * Misc helper functions.
	 *
	 */

	/**
	 * showarray()
	 *
	 * Dump all contents of an array in HTML (kinda)
	 *
	 * @param array
	 *
	 */
	function showarray($array) {
		echo "<br><pre>\n";
		var_dump($array);
		echo "</pre><br>\n";
	}

	/**
	 * count_all()
	 *
	 * Recursively counts elements in an array and sub-arrays.
	 *
	 * This is different from count($arg, COUNT_RECURSIVE)
	 * in PHP >= 4.2.0, which includes sub-arrays in the count.
	 *
	 * @return int The returned count is a count of all scalar elements found.
	 *
	 * @param array Array to count
	 */
	function count_all($arg = NULL) {
		switch (TRUE) {
			case is_scalar($arg):
			case is_object($arg):
				// single object
				return 1;
			case is_array($arg):
				// call recursively for all elements of $arg
				$count = 0;
				foreach ($arg as $val) {
					$count += $this->count_all($val);
				}
				return $count;
		}
		return FALSE;
	}

	/**
	 * get_version()
	 *
	 * Grabs phpGACL version from the database.
	 *
	 * @return string Version of phpGACL
	 */
	function get_version() {
		$query = "select value from ".$this->_db_table_prefix."phpgacl where name = 'version'";
		$version = $this->db->GetOne($query);

		return $version;
	}

	/**
	 * get_schema_version()
	 *
	 * Grabs phpGACL schema version from the database.
	 *
	 * @return string Schema Version
	 */
	function get_schema_version() {
		$query = "select value from ".$this->_db_table_prefix."phpgacl where name = 'schema_version'";
		$version = $this->db->GetOne($query);

		return $version;
	}

	/*
	 *
	 * ACL
	 *
	 */

	/**
	 * consolidated_edit_acl()
	 *
	 * Add's an ACL but checks to see if it can consolidate it with another one first.
	 *
	 * This ONLY works with ACO's and ARO's. Groups, and AXO are excluded.
	 * As well this function is designed for handling ACLs with return values,
	 * and consolidating on the return_value, in hopes of keeping the ACL count to a minimum.
	 *
	 * A return value of false must _always_ be handled outside this function.
	 * As this function will remove AROs from ACLs and return false, in most cases
	 * you will need to a create a completely new ACL on a false return.
	 *
	 * @return bool Special boolean return value. See note.
	 *
	 * @param string ACO Section Value
	 * @param string ACO Value
	 * @param string ARO Section Value
	 * @param string ARO Value
	 * @param string Return Value of ACL
	 */
	function consolidated_edit_acl($aco_section_value, $aco_value, $aro_section_value, $aro_value, $return_value) {

		$this->debug_text("consolidated_edit_acl(): ACO Section Value: $aco_section_value ACO Value: $aco_value ARO Section Value: $aro_section_value ARO Value: $aro_value Return Value: $return_value");

		$acl_ids = array();

		if (empty($aco_section_value) ) {
			$this->debug_text("consolidated_edit_acl(): ACO Section Value ($aco_section_value) is empty, this is required!");
			return false;
		}

		if (empty($aco_value) ) {
			$this->debug_text("consolidated_edit_acl(): ACO Value ($aco_value) is empty, this is required!");
			return false;
		}

		if (empty($aro_section_value) ) {
			$this->debug_text("consolidated_edit_acl(): ARO Section Value ($aro_section_value) is empty, this is required!");
			return false;
		}

		if (empty($aro_value) ) {
			$this->debug_text("consolidated_edit_acl(): ARO Value ($aro_value) is empty, this is required!");
			return false;
		}

		if (empty($return_value) ) {
			$this->debug_text("consolidated_edit_acl(): Return Value ($return_value) is empty, this is required!");
			return false;
		}

		//See if a current ACL exists with the current objects, excluding return value
		$current_acl_ids = $this->search_acl($aco_section_value, $aco_value, $aro_section_value, $aro_value, FALSE, FALSE, FALSE, FALSE, FALSE);
		//showarray($current_acl_ids);

		if (is_array($current_acl_ids)) {
			$this->debug_text("add_consolidated_acl(): Found current ACL_IDs, counting ACOs");

			foreach ($current_acl_ids as $current_acl_id) {
				//Check to make sure these ACLs only have a single ACO mapped to them.
				$current_acl_array = &$this->get_acl($current_acl_id);

				//showarray($current_acl_array);
				$this->debug_text("add_consolidated_acl(): Current Count: ".$this->count_all($current_acl_array['aco'])."");

				if ( $this->count_all($current_acl_array['aco']) == 1) {
					$this->debug_text("add_consolidated_acl(): ACL ID: $current_acl_id has 1 ACO.");

					//Test to see if the return values match, if they do, no need removing or appending ARO. Just return true.
					if ($current_acl_array['return_value'] == $return_value) {
						$this->debug_text("add_consolidated_acl(): ACL ID: $current_acl_id has 1 ACO, and the same return value. No need to modify.");
						return true;
					}

					$acl_ids[] = $current_acl_id;
				}

			}
		}

		//showarray($acl_ids);
		$acl_ids_count = count($acl_ids);

		//If acl_id's turns up more then one ACL, lets remove the ARO from all of them in hopes to
		//eliminate any conflicts.
		if (is_array($acl_ids) AND $acl_ids_count > 0) {
			$this->debug_text("add_consolidated_acl(): Removing specified ARO from existing ACL.");

			foreach ($acl_ids as $acl_id) {
				//Remove ARO from current ACLs, so we don't create conflicting ACLs later on.
				if (!$this->shift_acl($acl_id, array($aro_section_value => array($aro_value)) ) ) {
					$this->debug_text("add_consolidated_acl(): Error removing specified ARO from ACL ID: $acl_id");
					return false;
				}
			}
		} else {
			$this->debug_text("add_consolidated_acl(): Didn't find any current ACLs with a single ACO. ");
		}
		//unset($acl_ids);
    $acl_ids = array();
		unset($acl_ids_count);

		//At this point there should be no conflicting ACLs, searching for an existing ACL with the new values.
		$new_acl_ids = $this->search_acl($aco_section_value, $aco_value, FALSE, FALSE, NULL, NULL, NULL, NULL, $return_value);
		$new_acl_count = count($new_acl_ids);
		//showarray($new_acl_ids);

		if (is_array($new_acl_ids)) {
			$this->debug_text("add_consolidated_acl(): Found new ACL_IDs, counting ACOs");

			foreach ($new_acl_ids as $new_acl_id) {
				//Check to make sure these ACLs only have a single ACO mapped to them.
				$new_acl_array = &$this->get_acl($new_acl_id);
				//showarray($new_acl_array);
				$this->debug_text("add_consolidated_acl(): New Count: ".$this->count_all($new_acl_array['aco'])."");
				if ( $this->count_all($new_acl_array['aco']) == 1) {

					$this->debug_text("add_consolidated_acl(): ACL ID: $new_acl_id has 1 ACO, append should be able to take place.");
					$acl_ids[] = $new_acl_id;
				}

			}
		}

		//showarray($acl_ids);
		$acl_ids_count = count($acl_ids);

		if (is_array($acl_ids) AND $acl_ids_count == 1) {
			$this->debug_text("add_consolidated_acl(): Appending specified ARO to existing ACL.");

			$acl_id=$acl_ids[0];

			if (!$this->append_acl($acl_id, array($aro_section_value => array($aro_value)) ) ) {
				$this->debug_text("add_consolidated_acl(): Error appending specified ARO to ACL ID: $acl_id");
				return false;
			}

			$this->debug_text("add_consolidated_acl(): Hot damn, ACL consolidated!");
			return true;
		} elseif($acl_ids_count > 1) {
			$this->debug_text("add_consolidated_acl(): Found more then one ACL with a single ACO. Possible conflicting ACLs.");
			return false;
		} elseif ($acl_ids_count == 0) {
			$this->debug_text("add_consolidated_acl(): No existing ACLs found, create a new one.");

			if (!$this->add_acl(	array( $aco_section_value => array($aco_value) ),
									array( $aro_section_value => array($aro_value) ),
									NULL,
									NULL,
									NULL,
									TRUE,
									TRUE,
									$return_value,
									NULL)
								) {
				$this->debug_text("add_consolidated_acl(): Error adding new ACL for ACO Section: $aco_section_value ACO Value: $aco_value Return Value: $return_value");
				return false;
			}

			$this->debug_text("add_consolidated_acl(): ADD_ACL() successfull, returning True.");
			return true;
		}

		$this->debug_text("add_consolidated_acl(): Returning false.");
		return false;
	}

	/**
	 * search_acl()
	 *
	 * Searches for ACL's with specified objects mapped to them.
	 *
	 * NULL values are included in the search, if you want to ignore
	 * for instance aro_groups use FALSE instead of NULL.
	 *
	 * @return array containing ACL IDs if search is successful
	 *
	 * @param string ACO Section Value
	 * @param string ACO Value
	 * @param string ARO Section Value
	 * @param string ARO Value
	 * @param string ARO Group Name
	 * @param string AXO Section Value
	 * @param string AXO Value
	 * @param string AXO Group Name
	 * @param string Return Value
	 */
	function search_acl($aco_section_value=NULL, $aco_value=NULL, $aro_section_value=NULL, $aro_value=NULL, $aro_group_name=NULL, $axo_section_value=NULL, $axo_value=NULL, $axo_group_name=NULL, $return_value=NULL) {
		$this->debug_text("search_acl(): aco_section_value: $aco_section_value aco_value: $aco_value, aro_section_value: $aro_section_value, aro_value: $aro_value, aro_group_name: $aro_group_name, axo_section_value: $axo_section_value, axo_value: $axo_value, axo_group_name: $axo_group_name, return_value: $return_value");

		$query = '
				SELECT		a.id
				FROM		'. $this->_db_table_prefix .'acl a';

		$where_query = array();

		// ACO
		if ($aco_section_value !== FALSE AND $aco_value !== FALSE) {
			$query .= '
				LEFT JOIN	'. $this->_db_table_prefix .'aco_map ac ON a.id=ac.acl_id';

			if ($aco_section_value == NULL AND $aco_value == NULL) {
				$where_query[] = '(ac.section_value IS NULL AND ac.value IS NULL)';
			} else {
				$where_query[] = '(ac.section_value='. $this->db->quote($aco_section_value) .' AND ac.value='. $this->db->quote($aco_value) .')';
			}
		}

		// ARO
		if ($aro_section_value !== FALSE AND $aro_value !== FALSE) {
			$query .= '
				LEFT JOIN	'. $this->_db_table_prefix .'aro_map ar ON a.id=ar.acl_id';

			if ($aro_section_value == NULL AND $aro_value == NULL) {
				$where_query[] = '(ar.section_value IS NULL AND ar.value IS NULL)';
			} else {
				$where_query[] = '(ar.section_value='. $this->db->quote($aro_section_value) .' AND ar.value='. $this->db->quote($aro_value) .')';
			}
		}

		// AXO
		if ($axo_section_value !== FALSE AND $axo_value !== FALSE) {
			$query .= '
				LEFT JOIN	'. $this->_db_table_prefix .'axo_map ax ON a.id=ax.acl_id';

			if ($axo_section_value == NULL AND $axo_value == NULL) {
				$where_query[] = '(ax.section_value IS NULL AND ax.value IS NULL)';
			} else {
				$where_query[] = '(ax.section_value='. $this->db->quote($axo_section_value) .' AND ax.value='. $this->db->quote($axo_value) .')';
			}
		}

		// ARO Group
		if ($aro_group_name !== FALSE) {
			$query .= '
				LEFT JOIN	'. $this->_db_table_prefix .'aro_groups_map arg ON a.id=arg.acl_id
				LEFT JOIN	'. $this->_db_table_prefix .'aro_groups rg ON arg.group_id=rg.id';

			if ($aro_group_name == NULL) {
				$where_query[] = '(rg.name IS NULL)';
			} else {
				$where_query[] = '(rg.name='. $this->db->quote($aro_group_name) .')';
			}
		}

		// AXO Group
		if ($axo_group_name !== FALSE) {
			$query .= '
				LEFT JOIN	'. $this->_db_table_prefix .'axo_groups_map axg ON a.id=axg.acl_id
				LEFT JOIN	'. $this->_db_table_prefix .'axo_groups xg ON axg.group_id=xg.id';

			if ($axo_group_name == NULL) {
				$where_query[] = '(xg.name IS NULL)';
			} else {
				$where_query[] = '(xg.name='. $this->db->quote($axo_group_name) .')';
			}
		}
		if ($return_value != FALSE) {