Location: PHPKode > projects > Homeless Mangement Information System > hmis/include/permissions_class.inc
<?php
//*Client Data System, Copyright (C) 2000, 2001, 2002, 2003 Tedd Kelleher.  This is free software, subject to the 
//*GNU GENERAL PUBLIC LICENSE, Version 2, June 1991 (in file named gpl.txt), which should accompany 
//*any distribution of this file.  Tedd Kelleher can be contacted at hide@address.com

class Permissions   {
    var $org_id;
    
    
    function Permissions ( $org_id ) {
    
        $org_id += 0;
        $this->org_id = $org_id;        
        //$this->pull_owned_groups_info();       
    
    }

   
    
    function pull_owned_groups_info ()   {
        GLOBAL $unique_seq;
        
        $sql = "SELECT per_group_id FROM per_group_profile WHERE org_id = '".$this->org_id."'";
        
        $owned_groups = run_query_return_array ( $sql, "Pulling owned groups info" );
        
        foreach ( $owned_groups AS $cur_groups_id ) {
        
            $group_profiles_array[$cur_groups_id['per_group_id']] = $this->pull_group_info ( $cur_groups_id['per_group_id'] );
        }
        
        return $group_profiles_array;
    
    }



    function pull_group_info ( $group_id ) {
        GLOBAL $unique_seq;
        $sql = "SELECT * FROM per_group_profile WHERE per_group_id = '".$group_id."' ";
        $group_info_array = run_query_return_single_row ($sql, "pulling permissions group info");
        
        return $group_info_array;
    
    }
    

    //Put into an array with the report name as a key; the permissions, common name, etc. for report associated with a group
    function pull_group_report_permissions ( $group_id )    {
        GLOBAL $unique_seq;
        $sql = "SELECT * FROM per_group_associated_reports WHERE per_group_id = '".$group_id."' ";
        //echo $sql;
        $report_info_array = run_query_return_array ($sql, "Pulling reports associated with group", 'report_type_id');
        
        if ( is_array ( $report_info_array ) )   {
            foreach ( $report_info_array AS $rpt_id )   {
                //function in reports_class.inc
                $temp_ar = pull_report_type_profile ($rpt_id["report_type_id"]);
                $return_array[$rpt_id['report_type_id']] = array_merge ( $rpt_id, $temp_ar );
            }
        } 
    
        return $return_array;
    }



    //Put user info into an array, with the user id as the key
    function pull_group_user_permissions ( $per_group_id )    {
        GLOBAL $unique_seq;
        $sql = "SELECT * FROM per_associated_users WHERE per_group_id = '".$per_group_id."' ";
        //echo $sql;
        $report_info_array = run_query_return_array ($sql, "Pulling reports associated with group", 'user_id');
        /*
        if ( is_array ( $report_info_array ) )   {
            foreach ( $user_info_array AS $cur_user_id )   {
                //function in reports_class.inc
                $temp_ar = pull_report_type_profile ($rpt_id["report_type_id"]);
                $return_array[$rpt_id['report_type_id']] = array_merge ( $rpt_id, $temp_ar );
            }
        } 
        */
        return $report_info_array;
    }
 
    
    
    //Put user info into an array, with the user id as the key
    function pull_group_user_permissions_notification ( $per_group_id )    {
        GLOBAL $unique_seq;
        $sql = "SELECT * FROM per_associated_users_notificati WHERE per_group_id = '".$per_group_id."' ";
        //echo $sql;
        $report_info_array = run_query_return_array ( $sql, 'Pulling reports associated with group', 'user_id' );
        
        return $report_info_array;
    }
 
    

    function pull_groups_associated_with_user ( $user_id ) {
        GLOBAL $unique_seq;
        $sql = "SELECT * FROM per_associated_users WHERE user_id = '".$user_id."' ";
        $user_info_array = run_query_return_array ( $sql, "Pulling groups associated with user", 'per_group_id' );
        
        return $user_info_array;
    
    }
    
    
    
    function check_permission_to_edit_group ( $group_id )  {
        $group_info = $this->pull_group_info ( $group_id );
        
        if ( $group_info["org_id"] == $this->org_id ) {
            $return_val = 1;
        }  
        else {
            $return_val = 0;
        
        }
        return $return_val;
    }
    
    
    
    function check_permission_to_edit_user ( $user_id )   {
    
        $users_vars = pull_user_variables ($user_id);
        
        if ( $this->org_id == $users_vars['org_id'] )  {
            $return_val = 1;
        }  
        else {
            $return_val = 0;
        
        }
        return $return_val;        
    
    }
    
    
    
    //Pull the info for organizations associated with a group
    function pull_group_organization_permissions ( $per_group_id ) {
        GLOBAL $message, $message_type;
        
        $sql = "SELECT * FROM per_group_associated_orgs WHERE per_group_id = '".$per_group_id."'";
        $orgs_tied_to_group = run_query_return_array ( $sql, "Pulling orgs assoicated with permission group", 'org_id' );
        
        if ( is_array ( $orgs_tied_to_group ) )   {
            foreach ( $orgs_tied_to_group AS $cur_org_info ) {
                $sqlb = "SELECT * FROM organizations WHERE org_id = '".$cur_org_info['org_id']."'";
                $temp_org_info = run_query_return_single_row ( $sql, "Pulling organization info for permissions" );
                $orgs_info_array[$cur_org_info['org_id']] = $temp_org_info;

            }
        }
        
        
        return $orgs_info_array;   
        
    }
 
    
    
    function process_group_report_permission_changes ( $group_id, $report_type_array, $rpt_perms )    {
        GLOBAL $message, $message_type, $unix_date;
        
        if ( $this->check_permission_to_edit_group ( $group_id ) != 1 )  { echo "No permisson to edit this group"; exit; }
        
        foreach ( $report_type_array AS $cur_rpt_array )  {
            //echo "Processing new permissions<p>";
            //If there are answers to permissions on this report type..process
            //if ( $rpt_perms[$cur_rpt_array["report_type_id"]] ) {
            //echo "ys, ans to ".$cur_rpt_array["report_type_id"]."<p>";
            //var_dump ( $rpt_perms[$cur_rpt_array["report_type_id"]]);
                
                if ( $rpt_perms[$cur_rpt_array["report_type_id"]]["create"] == 'yes' )  {
                    
                    $sql_end_create = "1";
                    
                }
                else {
                    $sql_end_create = "0";
                }
                
                if ( $rpt_perms[$cur_rpt_array["report_type_id"]]["read"] == 'yes' )  {
                    
                    $sql_end_read = "1";
                    
                }
                else {
                    $sql_end_read = "0";
                }
                
                if ( $rpt_perms[$cur_rpt_array["report_type_id"]]["edit"] == 'yes' )  {
                    
                    $sql_end_edit = "1";
                    
                }
                else {
                    $sql_end_edit = "0";
                }
            
                transaction_verify ( 'Change permission group settings' );
                $sql_find_existing_entry = " 
                SELECT * 
                    FROM per_group_associated_reports 
                    WHERE per_group_id = '".$group_id."' AND report_type_id LIKE '".$cur_rpt_array["report_type_id"]."'";
                
                $result = run_query ( $sql_find_existing_entry, "Finding existing group form permissions" );
                //echo "Finding existing report permission: ".$sql_find_existing_entry."<p>";
                //if there are existing records...
                if ( num_rows ( $result ) > 0 ) {
                
                    //Move the existing record to the archive table
                    $existing_row = fetch_array ( $result, 'Pulling exiting permission deatils for archive', 0 );
                    $sql_archive = "INSERT INTO per_group_associated_reports_b 
                        ( per_group_id, report_type_id, create_rpt, read_rpt, edit_rpt, date_stamp )
                        VALUES
                        ( '".$group_id."', '".$existing_row['report_type_id']."', '".$existing_row['create_rpt']."',
                        '".$existing_row['read_rpt']."',
                        '".$existing_row['edit_rpt']."', '".$unix_date."' )";
                    run_query ( $sql_archive, 'Archiving associated report permission' );
                        
                        
                    //If all permissons are 0, delete row
                    if ( $sql_end_create == "0" && $sql_end_read == "0" && $sql_end_edit == "0" ) {
                        $sql = "
                        DELETE FROM per_group_associated_reports
                            WHERE per_group_id = '".$group_id."' AND report_type_id LIKE '".$cur_rpt_array["report_type_id"]."'";
                        
                    }
                    else {
                                       
                        //...update them
                        $sql = "
                        UPDATE per_group_associated_reports 
                            SET create_rpt = '".$sql_end_create."', read_rpt = '".$sql_end_read."', edit_rpt = '".$sql_end_edit."',
                            date_stamp = '".$unix_date."'
                            WHERE per_group_id = '".$group_id."' AND report_type_id LIKE '".$cur_rpt_array['report_type_id']."'"; 
                    }

                }
                //if any of the answers are 1
                elseif ( $sql_end_create == "1" || $sql_end_read == "1" || $sql_end_edit == "1" ) {
                    //..insert a new record
                    $sql = "
                    INSERT INTO per_group_associated_reports 
                        ( per_group_id, report_type_id, create_rpt, read_rpt, edit_rpt, date_stamp )
                        VALUES
                        ( '".$group_id."', '".$cur_rpt_array["report_type_id"]."', '".$sql_end_create."', '".$sql_end_read."',
                        '".$sql_end_edit."','".$unix_date."' )";
                    
                   

                }
            
                if ( $sql ) {
                    run_query ( $sql, "Changing group report permission" );
                    //echo "Inserting new repot perms ". $sql."<p>";
                    $message_type = "Ok";
                    $message = "Permissions have successfuly been changed";
                    unset ( $sql );
                                
                }
                                
            //}
                   
        }
  
    
    }

    
    
    function process_group_user_permission_changes ( $user_id, $per_group_id, $user_perms_from_form )    {
        GLOBAL $message, $message_type, $unix_date;
        //$perms = new Permissions ( $org_id );
        
                  
        if ( $this->check_permission_to_edit_group ( $per_group_id ) == 1 )    {
        
            //From user_info_functions.inc
            $users_in_org_array = pull_associated_users_variables ( $user_id, 30 );
            $users_in_org_array_temp['1']['user_id'] = 1;
            $users_in_org_array = array_merge ( $users_in_org_array, $users_in_org_array_temp ); 
            $users_in_group = $this->pull_group_user_permissions ( $per_group_id );
            transaction_verify ( 'Change permission group user settings' );
            
            foreach ( $users_in_org_array AS $cur_user_id ) {
                //echo "Current user check: ". $cur_user_id['user_id']."<p>";                             
                //If there is a request to give the user permission, and there is no current permission, insert permission
                if ( $user_perms_from_form[$cur_user_id['user_id']] == 'yes' && !$users_in_group[$cur_user_id['user_id']] ) {
                    //echo "Yes, add user ".$cur_user_id['user_id']."<p>";
                                       
                    $sqlb = "INSERT INTO per_associated_users ( per_group_id, user_id, date_stamp ) VALUES ( '".$per_group_id."',
                    '".$cur_user_id['user_id']."', '".$unix_date."' )";
                    run_query ( $sqlb, 'Inserting group user permission' );
                    //echo $sqlb."<p>";                    
                
                    
                }
                //There is an existing record, but not a matching request in form, so delete existing permission 
                elseif ( !$user_perms_from_form[$cur_user_id['user_id']] && $users_in_group[$cur_user_id['user_id']] )   {
                    //Put the old result into the archive records table
                    $sqlb = "INSERT INTO per_associated_users_b ( per_group_id, user_id, date_stamp ) VALUES ( '".$per_group_id."',
                    '".$cur_user_id['user_id']."', '".$unix_date."' )";
                    run_query ( $sqlb, 'Inserting old group user permission' );
                    //echo $sqlb."<p>";

                    //Delete the old permission
                    $sqlc = "DELETE FROM per_associated_users WHERE per_group_id = '".$per_group_id."' AND user_id =
                    '".$cur_user_id['user_id']."'";
                    run_query ( $sqlc, 'Deleting group user permission' );
                    //echo $sqlc."<p>";
                    
                }              
                    
            }

            $message_type = "ok";
            $message = "Permissions have successfuly been changed";
                   
                    
        }                  
          
    
    }
    
    
    
    function process_group_user_permission_changes_notification ( $user_id, $per_group_id, $user_perms_from_form )    {
        GLOBAL $message, $message_type, $unix_date;
        //$perms = new Permissions ( $org_id );
        
                  
        if ( $this->check_permission_to_edit_group ( $per_group_id ) == 1 )    {
        
            //From user_info_functions.inc
            $users_in_org_array = pull_associated_users_variables ( $user_id, 30 );
            $users_in_org_array_temp['1']['user_id'] = 1;
            $users_in_org_array = array_merge ( $users_in_org_array, $users_in_org_array_temp ); 
            $users_in_group = $this->pull_group_user_permissions_notification ( $per_group_id );
            transaction_verify ( 'Change permission group user settings' );
            
            foreach ( $users_in_org_array AS $cur_user_id ) {
                //echo "Current user check: ". $cur_user_id['user_id']."<p>";                             
                //If there is a request to give the user permission, and there is no current permission, insert permission
                if ( $user_perms_from_form[$cur_user_id['user_id']] == 'yes' && !$users_in_group[$cur_user_id['user_id']] ) {
                    //echo "Yes, add user ".$cur_user_id['user_id']."<p>";
                                       
                    $sqlb = "INSERT INTO per_associated_users_notificati ( per_group_id, user_id, date_stamp ) VALUES ( '".$per_group_id."',
                    '".$cur_user_id['user_id']."', '".$unix_date."' )";
                    run_query ( $sqlb, 'Inserting group user permission notification' );
                    //echo $sqlb."<p>";                    
                
                    
                }
                //There is an existing record, but not a matching request in form, so delete existing permission 
                elseif ( !$user_perms_from_form[$cur_user_id['user_id']] && $users_in_group[$cur_user_id['user_id']] )   {
                    //Put the old result into the archive records table
                    $sqlb = "INSERT INTO per_assocted_usr_notif_b ( per_group_id, user_id, date_stamp ) VALUES ( '".$per_group_id."',
                    '".$cur_user_id['user_id']."', '".$unix_date."' )";
                    run_query ( $sqlb, 'Inserting old group user permission notif' );
                    //echo $sqlb."<p>";

                    //Delete the old permission
                    $sqlc = "DELETE FROM per_associated_users_notificati WHERE per_group_id = '".$per_group_id."' AND user_id =
                    '".$cur_user_id['user_id']."'";
                    run_query ( $sqlc, 'Deleting group user permission notif' );
                    //echo $sqlc."<p>";
                    
                }              
                    
            }
                   
                    
            $message_type = "ok";
            $message = "Permissions have successfuly been changed";
        }                  
          
    
    }
    
    
    
    
    function process_group_org_permission_changes ( $per_group_id, $org_perms_from_form )    {
        GLOBAL $message, $message_type, $unix_date;
                
        if ( $this->check_permission_to_edit_group ( $per_group_id ) == 1 )    {
        
            //From user_info_functions.inc
            //$orgs_array = pull_associated_users_variables ( $user_id, 30 );
            $sql = "SELECT * FROM organizations WHERE org_type = 'org' ORDER BY org_name";
            $orgs_array = run_query_return_array ($sql, 'Pulling array of orgs', 'org_id') ;
            $orgs_array_temp['1']['org_id'] = 1;
            $orgs_array = array_merge ( $orgs_array, $orgs_array_temp ); 
            $orgs_in_group = $this->pull_group_organization_permissions ( $per_group_id );
            transaction_verify ( 'Change permission group org settings' );
            
            foreach ( $orgs_array AS $cur_org_id ) {
                //echo "Current user check: ". $cur_user_id['user_id']."<p>";                             
                //If there is a request to give the org permission, and there is no current permission, insert permission
                if ( $org_perms_from_form[$cur_org_id['org_id']] == 'yes' && !$orgs_in_group[$cur_org_id['org_id']] ) {
                    //echo "Yes, add org ".$cur_org_id['org_id']."<p>";
                                       
                    $sqlb = "INSERT INTO per_group_associated_orgs ( per_group_id, org_id, date_stamp ) VALUES ( '".$per_group_id."',
                    '".$cur_org_id['org_id']."', '".$unix_date."' )";
                    run_query ( $sqlb, 'Inserting group org permission' );
                    //echo $sqlb."<p>";                    
                
                    
                }
                //There is an existing record, but not a matching request in form, so delete existing permission 
                elseif ( !$org_perms_from_form[$cur_org_id['org_id']] && $orgs_in_group[$cur_org_id['org_id']] )   {
                    //Put the old result into the archive records table
                    $sqlb = "INSERT INTO per_group_associated_orgs_b ( per_group_id, org_id, date_stamp ) VALUES ( '".$per_group_id."',
                    '".$cur_org_id['org_id']."', '".$unix_date."' )";
                    run_query ( $sqlb, 'Inserting old group org permission' );
                    //echo $sqlb."<p>";

                    //Delete the old permission
                    $sqlc = "DELETE FROM per_group_associated_orgs WHERE per_group_id = '".$per_group_id."' AND org_id =
                    '".$cur_org_id['org_id']."'";
                    run_query ( $sqlc, 'Deleting group org permission' );
                    //echo $sqlc."<p>";
                    
                }              
                    
            }
                   
                    
            $message_type = "ok";
            $message = "Permissions have successfuly been changed";
       }                  
          
    
    }
    
    

    
    
    function process_new_group_creation ( $org_id, $user_id, $new_per_group ) {
        GLOBAL $message, $message_type, $unique_seq, $unix_date;
        
        $user_profile_array = pull_user_variables ($user_id);
        //echo "User org id is: ".$user_profile_array["org_id"]."<p/>";
        if ( $org_id != $user_profile_array["org_id"] )   {
            //echo "a".$org_id;
            //echo "b".$user_profile_array["org_id"];
            //echo "No permission to edit, not member of organization"; exit;
        }
        
        if ( $user_profile_array["user_access_level"] != "30")   {
            //echo "No permission to edit, not organization administrator"; exit;
        }
        
        //Check the variables for inappropriate characters
        if ( ereg ( "[^0-9]", $org_id ) || ereg ( "[^0-9]", $user_id ) || ereg ( "[^a-zA-Z0-9 ]", $user_id ) )    {
            //echo "Bad entry attempted"; exit;
        }
        
        //Check for duplicate per group titles
        $sql = "SELECT * FROM per_group_profile WHERE org_id = '".$org_id."' AND group_name LIKE '".$new_per_group."' ";
        transaction_verify ( 'Start of creating new permission group' );
        $result = run_query ( $sql, "Pulling any existing groups" );
        
        if ( num_rows ( $result ) == 0 ) {
            //No existing groups with the same name, so insert new name
            $sqlb = "INSERT INTO per_group_profile ( org_id, group_name, user_id, date_stamp  ) VALUES ( '".$org_id."',
            '".$new_per_group."','".$user_id."', '".$unix_date."' )";      
            run_query ( $sqlb, "inserting new permission group name" );
            $message = "New permission group sucessfully created. ";
            $message_type = "ok";
        }
        
        else {
            $message = "Permission group with that name already exists";
            $message_type = "error";
        
        }
        
        //Find id of newly created group
        $sqlc = "SELECT per_group_id FROM per_group_profile WHERE org_id = '".$org_id."' AND group_name LIKE
        '".$new_per_group."' AND date_stamp = '".$unix_date."'";
        $resultc = run_query ( $sqlc, "Pulling id of newly creatd permissions group" );
        $new_group_id = fetch_result ( $resultc, " Fetching the newly created permission group" );
        
        //Share group with current own organization
        $sqld = "INSERT INTO per_group_associated_orgs ( per_group_id, org_id, date_stamp ) 
         VALUES ( '".$new_group_id."', '".$org_id."', '".$unix_date."' )";
        run_query ( $sqld, "Adding default sharing with org permission" );
        
        
        //transaction_commit ( "End of creating new permission group" );
        
        return $new_group_id;
    
    
    }

 /*   
    function process_group_user_permission_change ( $group_id, $included_users )    {
    
        foreach ( $included_users AS $cur_user )    {
        
            $this->check_permission_to_edit_user ( $user_id );
            
        
        }
    
    
    }
 */
    
}
?>
Return current item: Homeless Mangement Information System