public $email; // string(128) not_null
public $company_id; // int(11)
public $role; // string(32) not_null
- public $active; // int(11)
+ public $active; // int(11) not_null
public $remarks; // blob(65535) not_null blob
public $passwd; // string(64) not_null
public $owner_id; // int(11) not_null
public $lang; // string(8)
public $no_reset_sent; // int(11)
- public $project_id; // int(11)
public $action_type; // string(32)
+ public $project_id; // int(11)
+ public $deleted_by; // int(11) not_null
+ public $deleted_dt; // datetime(19) binary
/* the code above is auto generated do not remove the tag below */
{
return empty($this->name) ? $this->email : $this->name;
}
+ function verifyAuth()
+ {
+ $ff= HTML_FlexyFramework::get();
+ if (!empty($ff->Pman['auth_comptype']) && $ff->Pman['auth_comptype'] != $this->company()->comptype) {
+ $ff->page->jerr("Login not permited to outside companies");
+ }
+ return true;
+
+ }
+
// ---------------- authentication / passwords and keys stuff ----------------
function isAuth()
$a = unserialize($_SESSION[__CLASS__][$sesPrefix .'-auth']);
$u = DB_DataObject::factory('Person');
if ($u->get($a->id)) { //&& strlen($u->passwd)) {
+ $u->verifyAuth();
+
return true;
}
+
$_SESSION[__CLASS__][$sesPrefix .'-auth'] = '';
}
$u = DB_DataObject::factory('Person');
$ff = HTML_FlexyFramework::get();
if (!empty($ff->Pman['local_autoauth']) &&
+ (!empty($_SERVER['SERVER_ADDR'])) &&
($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
$u->get('email', $ff->Pman['local_autoauth'])
function login()
{
$this->isAuth(); // force session start..
+ $this->verifyAuth();
$db = $this->getDatabaseConnection();
$sesPrefix = $db->dsn['database'];
$_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($this);
}
function checkPassword($val)
{
+
if (substr($this->passwd,0,1) == '$') {
return crypt($val,$this->passwd) == $this->passwd ;
}
$aur = $this->toArray();
+ if ($this->id < 1) {
+ return $aur;
+ }
//DB_DataObject::debugLevel(1);
}
}
}
- /*
- now handled by interface...
-
- $lang = empty($this->lang) ? 'en' : $this->lang;
- if (empty($_SESSION['Pman_I18N'][$lang])) {
- require_once 'Pman/I18N.php';
- $x = new Pman_I18N();
- $x->setSession($this);
-
- }
-
- $aur['i18n'] =$_SESSION['Pman_I18N'][$lang];
- */
+
// perms + groups.
$aur['perms'] = $this->getPerms();
$g = DB_DataObject::Factory('Group_Members');
{
//DB_DataObject::debugLevel(1);
// find out all the groups they are a member of.. + Default..
+
+ // ------ INIITIALIZE IF NO GROUPS ARE SET UP.
+
$g = DB_DataObject::Factory('Group_Rights');
if (!$g->count()) {
$g->genDefault();
}
+
if ($this->id < 0) {
- return $g->adminRights();
+ return $g->adminRights(); // system is not set up - so they get full rights.
}
$g = DB_DataObject::Factory('Group_Members');
}
+ // ------ STANDARD PERMISSION HANDLING.
+
$g = DB_DataObject::Factory('Group_Members');
$grps = $g->listGroupMembership($this);
+ // print_r($grps);
$isAdmin = $g->inAdmin;
- // var_dump($grps);
+ //echo '<PRE>'; print_r($grps);var_dump($isAdmin);
// the load all the perms for those groups, and add them all together..
// then load all those
$g = DB_DataObject::Factory('Group_Rights');
$ret = $g->listPermsFromGroupIds($grps, $isAdmin);
- // echo '<PRE>';print_r($ret);
+ //echo '<PRE>';print_r($ret);
return $ret;
}
+ /**
+ *Basic group fetching - probably needs to filter by type eventually.
+ *
+ */
+
+ function groups()
+ {
+ $g = DB_DataObject::Factory('Group_Members');
+ $grps = $g->listGroupMembership($this);
+ $g = DB_DataObject::Factory('Groups');
+ $g->whereAddIn('id', $grps, 'int');
+ return $g->fetchAll();
+
+ }
+
function hasPerm($name, $lvl)
{
static $pcache = array();
}
if (!empty($q['query']['comptype_or_company_id'])) {
+ // DB_DataObject::debugLevel(1);
$bits = explode(',', $q['query']['comptype_or_company_id']);
$id = (int) array_pop($bits);
$ct = $this->escape($bits[0]);
}
}
+
+ if (!empty($q['query']['project_member_of'])) {
+ // this is also a flag to return if they are a member..
+ //DB_DataObject::debugLevel(1);
+ $do = DB_DataObject::factory('ProjectDirectory');
+ $do->project_id = $q['query']['project_member_of'];
+
+ $this->joinAdd($do,array('joinType' => 'LEFT', 'useWhereAsOn' => true));
+ $this->selectAdd('IF(ProjectDirectory.id IS NULL, 0, ProjectDirectory.id ) as is_member');
+
+
+ if (!empty($q['query']['project_member_filter'])) {
+ $this->having('is_member !=0');
+
+ }
+
+ }
+
+
if (!empty($q['query']['search'])) {
$s = $this->escape($q['query']['search']);
$this->whereAdd("
return "Duplicate Email found";
}
return true;
- }
+ }
+ /**
+ *
+ * before Delete - delete significant dependancies..
+ * this is called after checkPerm..
+ */
+
+ function beforeDelete()
+ {
+
+ $e = DB_DataObject::Factory('Events');
+ $e->whereAdd('person_id = ' . $this->id);
+ $e->delete(true);
+
+ // anything else?
+
+ }
+
+
+ /***
+ * Check if the a user has access to modify this item.
+ * @param String $lvl Level (eg. Core.Projects)
+ * @param Pman_Core_DataObjects_Person $au The authenticated user.
+ * @param boolean $changes alllow changes???
+ *
+ * @return false if no access..
+ */
function checkPerm($lvl, $au, $changes=false) //heck who is trying to access this. false == access denied..
{