public $email; // string(128) not_null
public $company_id; // int(11)
public $role; // string(32) not_null
- public $active; // int(11)
+ public $active; // int(11) not_null
public $remarks; // blob(65535) not_null blob
public $passwd; // string(64) not_null
public $owner_id; // int(11) not_null
public $lang; // string(8)
public $no_reset_sent; // int(11)
- public $project_id; // int(11)
public $action_type; // string(32)
+ public $project_id; // int(11)
+ public $deleted_by; // int(11) not_null
+ public $deleted_dt; // datetime(19) binary
/* the code above is auto generated do not remove the tag below */
{
return empty($this->name) ? $this->email : $this->name;
}
+ function verifyAuth()
+ {
+ $ff= HTML_FlexyFramework::get();
+ if (!empty($ff->Pman['auth_comptype']) && $ff->Pman['auth_comptype'] != $this->company()->comptype) {
+ $ff->page->jerr("Login not permited to outside companies");
+ }
+ return true;
+
+ }
+
// ---------------- authentication / passwords and keys stuff ----------------
function isAuth()
$a = unserialize($_SESSION[__CLASS__][$sesPrefix .'-auth']);
$u = DB_DataObject::factory('Person');
if ($u->get($a->id)) { //&& strlen($u->passwd)) {
+ $u->verifyAuth();
+
return true;
}
+
$_SESSION[__CLASS__][$sesPrefix .'-auth'] = '';
}
function login()
{
$this->isAuth(); // force session start..
+ $this->verifyAuth();
$db = $this->getDatabaseConnection();
$sesPrefix = $db->dsn['database'];
$_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($this);
$aur = $this->toArray();
+ if ($this->id < 1) {
+ return $aur;
+ }
//DB_DataObject::debugLevel(1);
{
//DB_DataObject::debugLevel(1);
// find out all the groups they are a member of.. + Default..
+
+ // ------ INIITIALIZE IF NO GROUPS ARE SET UP.
+
$g = DB_DataObject::Factory('Group_Rights');
if (!$g->count()) {
$g->genDefault();
}
+
if ($this->id < 0) {
return $g->adminRights(); // system is not set up - so they get full rights.
}
}
+ // ------ STANDARD PERMISSION HANDLING.
+
$g = DB_DataObject::Factory('Group_Members');
$grps = $g->listGroupMembership($this);
+ // print_r($grps);
$isAdmin = $g->inAdmin;
- // var_dump($grps);
+ //echo '<PRE>'; print_r($grps);var_dump($isAdmin);
// the load all the perms for those groups, and add them all together..
// then load all those
$g = DB_DataObject::Factory('Group_Rights');
$ret = $g->listPermsFromGroupIds($grps, $isAdmin);
-
// echo '<PRE>';print_r($ret);
+
//echo '<PRE>';print_r($ret);
return $ret;
}
+ /**
+ *Basic group fetching - probably needs to filter by type eventually.
+ *
+ */
+
+ function groups()
+ {
+ $g = DB_DataObject::Factory('Group_Members');
+ $grps = $g->listGroupMembership($this);
+ $g = DB_DataObject::Factory('Groups');
+ $g->whereAddIn('id', $grps, 'int');
+ return $g->fetchAll();
+
+ }
+
function hasPerm($name, $lvl)
{
static $pcache = array();
if (!empty($q['query']['project_member_of'])) {
// this is also a flag to return if they are a member..
- DB_DataObject::debugLevel(1);
+ //DB_DataObject::debugLevel(1);
$do = DB_DataObject::factory('ProjectDirectory');
$do->project_id = $q['query']['project_member_of'];
return "Duplicate Email found";
}
return true;
- }
+ }
+ /**
+ *
+ * before Delete - delete significant dependancies..
+ * this is called after checkPerm..
+ */
+
+ function beforeDelete()
+ {
+
+ $e = DB_DataObject::Factory('Events');
+ $e->whereAdd('person_id = ' . $this->id);
+ $e->delete(true);
+
+ // anything else?
+
+ }
+
+
+ /***
+ * Check if the a user has access to modify this item.
+ * @param String $lvl Level (eg. Core.Projects)
+ * @param Pman_Core_DataObjects_Person $au The authenticated user.
+ * @param boolean $changes alllow changes???
+ *
+ * @return false if no access..
+ */
function checkPerm($lvl, $au, $changes=false) //heck who is trying to access this. false == access denied..
{
projects / Pman.Core / blobdiff