Location: PHPKode > projects > TEMS -Time and Expense Management System > tems/baseclass/GetAuthorization.php
<?php

/*********************************************************************************
 * TES is a Time and Expense Management program developed by
 * Initechs, LLC. Copyright (C) 2009 - 2010 Initechs LLC.
 *
 * This program is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License version 3 as published by the
 * Free Software Foundation with the addition of the following permission added
 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
 * IN WHICH THE COPYRIGHT IS OWNED BY INITECHS, INITECHS DISCLAIMS THE WARRANTY
 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License along with
 * this program; if not, see http://www.gnu.org/licenses or write to the Free
 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301 USA.
 *
 * You can contact Initechs headquarters at 1841 Piedmont Road, Suite 301,
 * Marietta, GA, USA. or at email address hide@address.com
 *
 * The interactive user interfaces in modified source and object code versions
 * of this program must display Appropriate Legal Notices, as required under
 * Section 5 of the GNU General Public License version 3.
 *
 * In accordance with Section 7(b) of the GNU General Public License version 3,
 * these Appropriate Legal Notices must retain the display od the "Initechs" logo.
 * If the display of the logo is not reasonably feasible for technical reasons,
 * the Appropriate Legal Notices must display the words "Powered by Initechs".

 ********************************************************************************/

$basedir = dirname(__FILE__) . '/..';
require_once("$basedir/baseclass/DBCommonFunctions.php");
require_once("$basedir/menu/menuconfig.php");

class dbObjAuth extends DBCommonFunctions {}

class userauthorization
{
	private static $s_authority = 'none';
	private static $s_module = NULL;
	private static $s_action = NULL;

	public function isauthorized_module_level($module)
	{
		global $menu_config_array;
		
		$module = strtolower($module);
		
		if (strtolower(loggedUserID()) == 'admin')
			return true;

		if ($module == 'about')
			return true;

		$authId = getUserAuthID();
		if ($authId == null)
			return false;
	
		$dbObj = new dbObjAuth();
		$where = "authorizations_id = '$authId' and module = '$module' and authlevel <> '0'";
		$authData = $dbObj->fetchRowbyWhereClause('authorizations', $where);
		if ($authData != null)
			return true;
		
		foreach ($menu_config_array[$module]['actions'] as $submodule => $submenu)
		{
			if (isset($menu_config_array[$submodule])				// This is an iteration, be careful. - Kallol.
				and ($this->isauthorized_module_level($submodule)))
					return true;
		}
		
		return false;
		
	}

	public function isauthorized_module_action_level($module, $action)
	{
		global $authArray;
		
		$module = strtolower($module);
		$action = strtolower($action);

		if (strtolower(loggedUserID()) == 'admin')
			return true;

		if ($module == 'about')
			return true;
			
		$authId = getUserAuthID();
		if ($authId == null)
			return flase;

		$auth_action = isset($authArray[$module][$action]) ? $authArray[$module][$action] : $action;
		$where = " authorizations_id = '$authId' and module = '$module' and action = '$auth_action' and authlevel <> '0'";

		$dbObj = new dbObjAuth();
		$authData = $dbObj->fetchRowbyWhereClause('authorizations', $where);
		return $authData == null ? false : true;
	}
	
	
	public function isauthorized_record_level($module, $action, $createby='')
	{
		global $authArray;
		global $authLevel;
		
		$module = strtolower($module);
		$action = strtolower($action);

		if (strtolower(loggedUserID()) == 'admin')
			return true;

		if ($module == 'about')
			return true;

		$authId = getUserAuthID();
		if ($authId == null)
			return false;

		$auth_action =  isset($authArray[$module][$action]) ? $authArray[$module][$action] : $action;
		$where = " authorizations_id = '$authId' and module = '$module' and action = '$auth_action' and authlevel <> '0'";

		$dbObj = new dbObjAuth();
		$authData = $dbObj->fetchRowbyWhereClause('authorizations', $where);
		if ($authData == null)
			return false;

		$authLevelValue = $authLevel[$authData['authlevel']];
		
		if ($authLevelValue == 'all' or $authLevelValue == 'group')
			return true;
		
		// For own check record creator
		
		if ($createby == '')
			$createby = $_SESSION['postdata']['createby'];

		if (loggedUserID() == $createby)
			return true;
			
		$userID = isset($_SESSION['postdata']['users_id'])? $_SESSION['postdata']['users_id'] : "";
			
		if (($module == 'users')
			and (($action == 'browse')
				or ($action == 'changepassword'))
			and (loggedUserID() == $userID))
			return true;

		return false;
	}
	
	
	public function chkauthorityLevel($module, $action)
	{
		global $authArray;
		global $authLevel;
		
		$module = strtolower($module);
		$action = strtolower($action);
		
		$user = loggedUserID();
		if (strtolower($user) == 'admin')
			return($authLevel['3']);
		
		if ((self::$s_module == $module)
		and (self::$s_action == $action))
			return self::$s_authority;

		$auth_action = $action;
		$authId = getUserAuthID();
		if ($authId == null)
			$authority = $authLevel['0'];
		else
		{
			if (isset($authArray[$module][$action]))
				$auth_action = $authArray[$module][$action];
			$where = "authorizations_id = '$authId' and module = '$module' and action = '$auth_action' ";
			$dbObj = new dbObjAuth();
			$authData = $dbObj->fetchRowbyWhereClause('authorizations', $where);
			$authority = ($authData == null) ? $authLevel['0'] : $authLevel[$authData['authlevel']];
		}

		self::$s_module = $module;
		self::$s_action = $auth_action;
		self::$s_authority = $authority;

		return $authority;
	}
	
	
	public function checkauthority_for_display($ControlDS, $uid)
	{
		if ($ControlDS->action == 'Login')
			return true;
			
		if ($ControlDS->module == 'install')
			return true;

		$loggedinUser = loggedUserID();

		$authority = $this->chkauthorityLevel($ControlDS->module, $ControlDS->action);
		if ($authority == 'none')
			return false;
			
		if ($uid <> null)
		{
			$dbObj = new dbObjAuth();
			$recordCreator = $dbObj->getRecordCreator($ControlDS->table, $uid);
		
			if ($authority == 'own')
			{
				if (($ControlDS->table == 'expensedetails')
				or ($ControlDS->table == 'expenseheaders')
				or ($ControlDS->table == 'times')
				or ($ControlDS->table == 'users'))
				{
					$recordUserId = $dbObj->getRecordUserid($ControlDS->table, $uid);
					if (($recordCreator <> $loggedinUser)
					and ($recordUserId <> $loggedinUser))
						return false;
				}
				else if ($recordCreator <> $loggedinUser)
					return false;
			}
		}

		return true;
	}



}

?>
Return current item: TEMS -Time and Expense Management System