oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

merged WebGUI::Groupings with WebGUI::Group and WebGUI::User

Browse source 
changed WebGUI::Group api to work with the new session api
This commit is contained in:
JT Smith 2006-01-11 03:27:07 +00:00
parent 8071a041fa
commit c74c1bdcbc
55 changed files with 866 additions and 994 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/WebGUI/AdminConsole.pm
View file

@ -72,7 +72,7 @@ sub _formatFunction {
icon=>$self->session->config->get("extrasURL")."/adminConsole/".$function->{icon},
'icon.small'=>$self->session->config->get("extrasURL")."/adminConsole/small/".$function->{icon},
url=>$url,
canUse=>WebGUI::Grouping::isInGroup($function->{group}),
canUse=>$self->session->user->isInGroup($function->{group}),
isCurrentOpFunc=>($self->session->form->get("op") eq $function->{op} || $self->session->form->get("func") eq $function->{func})
};
}
@ -121,7 +121,7 @@ sub getAdminConsoleParams {
my $self = shift;
return { 'title' => WebGUI::International::get("admin console","AdminConsole"),
url => $self->session->url->page("op=adminConsole"),
canUse => WebGUI::Grouping::isInGroup("12"),
canUse => $self->session->user->isInGroup("12"),
icon => $self->session->config->get("extrasURL")."/adminConsole/adminConsole.gif"
};
}

16
lib/WebGUI/Asset.pm
View file

@ -80,7 +80,7 @@ sub canAdd {
my $userId = shift || $self->session->user->profileField("userId");
my $subclassGroupId = shift;
my $groupId = $self->session->config->get("assetAddPrivilege"){$className} || $subclassGroupId || '12';
return WebGUI::Grouping::isInGroup($groupId,$userId);
return $self->session->user->isInGroup($groupId,$userId);
}
@ -102,7 +102,7 @@ sub canEdit {
if ($userId eq $self->get("ownerUserId")) {
return 1;
}
return WebGUI::Grouping::isInGroup($self->get("groupIdEdit"),$userId);
return $self->session->user->isInGroup($self->get("groupIdEdit"),$userId);
}
@ -129,7 +129,7 @@ sub canView {
return 1;
} elsif ( $self->get("startDate") <$self->session->datetime->time() &&
$self->get("endDate") >$self->session->datetime->time() &&
WebGUI::Grouping::isInGroup($self->get("groupIdView"),$userId)) {
$self->session->user->isInGroup($self->get("groupIdView"),$userId)) {
return 1;
}
return $self->canEdit($userId);
@ -375,7 +375,7 @@ sub getAssetAdderLinks {
if ($@) {
$self->session->errorHandler->error("Couldn't get UI level of ".$class." because ".$@);
} else {
next if ($uiLevel > $self->session->user->profileField("uiLevel") && !WebGUI::Grouping::isInGroup(3));
next if ($uiLevel > $self->session->user->profileField("uiLevel") && !$self->session->user->isInGroup(3));
}
my $canAdd = eval{$class->canAdd()};
if ($@) {
@ -565,14 +565,14 @@ sub getEditForm {
-uiLevel=>6
);
my $subtext;
if (WebGUI::Grouping::isInGroup(3)) {
if ($self->session->user->isInGroup(3)) {
$subtext = manageIcon('op=listUsers');
} else {
$subtext = "";
}
my $clause;
if (WebGUI::Grouping::isInGroup(3)) {
my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1);
if ($self->session->user->isInGroup(3)) {
my $contentManagers = $group->getUsers(4,1);
push (@$contentManagers, $self->session->user->profileField("userId"));
$clause = "userId in (".$self->session->db->quoteAndJoin($contentManagers).")";
} else {
@ -653,7 +653,7 @@ sub getEditForm {
fieldType=>$fieldType
);
}
if (WebGUI::Grouping::isInGroup(3)) {
if ($self->session->user->isInGroup(3)) {
# Add a quick link to add field
$tabform->getTab("meta")->readOnly(
-value=>'<p><a href="'.$self->session->url->page("func=editMetaDataField;fid=new").'">'.

6
lib/WebGUI/Asset/FilePile.pm
View file

@ -101,14 +101,14 @@ sub edit {
-uiLevel=>6
);
my $subtext;
if (WebGUI::Grouping::isInGroup(3)) {
if ($self->session->user->isInGroup(3)) {
$subtext = manageIcon('op=listUsers');
} else {
$subtext = "";
}
my $clause;
if (WebGUI::Grouping::isInGroup(3)) {
my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1);
if ($self->session->user->isInGroup(3)) {
my $contentManagers = $group->getUsers(4,1);
push (@$contentManagers, $self->session->user->profileField("userId"));
$clause = "userId in (".$self->session->db->quoteAndJoin($contentManagers).")";
} else {

6
lib/WebGUI/Asset/Post.pm
View file

@ -615,10 +615,10 @@ Send notifications to the thread and forum subscribers that a new post has been
sub notifySubscribers {
my $self = shift;
my %subscribers;
foreach my $userId (@{WebGUI::Grouping::getUsersInGroup($self->getThread->get("subscriptionGroupId"),undef,1)}) {
foreach my $userId (@{$group->getUsers($self->getThread->get("subscriptionGroupId"),undef,1)}) {
$subscribers{$userId} = $userId unless ($userId eq $self->get("ownerUserId"));
}
foreach my $userId (@{WebGUI::Grouping::getUsersInGroup($self->getThread->getParent->get("subscriptionGroupId"),undef,1)}) {
foreach my $userId (@{$group->getUsers($self->getThread->getParent->get("subscriptionGroupId"),undef,1)}) {
$subscribers{$userId} = $userId unless ($userId eq $self->get("ownerUserId"));
}
my %lang;
@ -836,7 +836,7 @@ Sets the status of this post to pending.
sub setStatusPending {
my ($self) = @_;
if (WebGUI::Grouping::isInGroup($self->getThread->getParent->get("moderateGroupId"))) {
if ($self->session->user->isInGroup($self->getThread->getParent->get("moderateGroupId"))) {
$self->setStatusApproved;
} else {
$self->update({status=>'pending'});

8
lib/WebGUI/Asset/Post/Thread.pm
View file

@ -49,7 +49,7 @@ sub createSubscriptionGroup {
$group->showInForms(0);
$group->deleteGroups(['3']); # admins don't want to be auto subscribed to this thing
$self->update({
subscriptionGroupId=>$group->groupId
subscriptionGroupId=>$group->getId
});
}
@ -403,7 +403,7 @@ Returns a boolean indicating whether the user is subscribed to this thread.
sub isSubscribed {
my $self = shift;
return WebGUI::Grouping::isInGroup($self->get("subscriptionGroupId"));
return $self->session->user->isInGroup($self->get("subscriptionGroupId"));
}
#-------------------------------------------------------------------
@ -550,7 +550,7 @@ sub subscribe {
my $self = shift;
$self->createSubscriptionGroup;
WebGUI::Cache->new($self->session,"cspost_".$self->getId."_".$self->session->user->profileField("userId")."_".$self->session->scratch->get("discussionLayout")."_".$self->session->form->process("pn"))->delete;
WebGUI::Grouping::addUsersToGroups([$self->session->user->profileField("userId")],[$self->get("subscriptionGroupId")]);
$group->addUsers([$self->session->user->profileField("userId")],[$self->get("subscriptionGroupId")]);
}
#-------------------------------------------------------------------
@ -610,7 +610,7 @@ Negates the subscribe method.
sub unsubscribe {
my $self = shift;
WebGUI::Cache->new($self->session,"cspost_".$self->getId."_".$self->session->user->profileField("userId")."_".$self->session->scratch->get("discussionLayout")."_".$self->session->form->process("pn"))->delete;
WebGUI::Grouping::deleteUsersFromGroups([$self->session->user->profileField("userId")],[$self->get("subscriptionGroupId")]);
$group->deleteUsers([$self->session->user->profileField("userId")],[$self->get("subscriptionGroupId")]);
}

12
lib/WebGUI/Asset/Wobject/Collaboration.pm
View file

@ -195,13 +195,13 @@ sub canEdit {
#-------------------------------------------------------------------
sub canModerate {
my $self = shift;
return WebGUI::Grouping::isInGroup($self->get("moderateGroupId"));
return $self->session->user->isInGroup($self->get("moderateGroupId"));
}
#-------------------------------------------------------------------
sub canPost {
my $self = shift;
return WebGUI::Grouping::isInGroup($self->get("postGroupId")) || $self->canModerate;
return $self->session->user->isInGroup($self->get("postGroupId")) || $self->canModerate;
}
@ -227,7 +227,7 @@ sub createSubscriptionGroup {
$group->showInForms(0);
$group->deleteGroups([3]); # admins don't want to be auto subscribed to this thing
$self->update({
subscriptionGroupId=>$group->groupId
subscriptionGroupId=>$group->getId
});
}
@ -785,7 +785,7 @@ Returns a boolean indicating whether the user is subscribed to the forum.
sub isSubscribed {
my $self = shift;
return WebGUI::Grouping::isInGroup($self->get("subscriptionGroupId"));
return $self->session->user->isInGroup($self->get("subscriptionGroupId"));
}
#-------------------------------------------------------------------
@ -871,7 +871,7 @@ Subscribes a user to this collaboration system.
sub subscribe {
my $self = shift;
WebGUI::Cache->new($self->session,"wobject_".$self->getId."_".$self->session->user->profileField("userId"))->delete;
WebGUI::Grouping::addUsersToGroups([$self->session->user->profileField("userId")],[$self->get("subscriptionGroupId")]);
$group->addUsers([$self->session->user->profileField("userId")],[$self->get("subscriptionGroupId")]);
}
#-------------------------------------------------------------------
@ -885,7 +885,7 @@ Unsubscribes a user from this collaboration system
sub unsubscribe {
my $self = shift;
WebGUI::Cache->new($self->session,"wobject_".$self->getId."_".$self->session->user->profileField("userId"))->delete;
WebGUI::Grouping::deleteUsersFromGroups([$self->session->user->profileField("userId")],[$self->get("subscriptionGroupId")]);
$group->deleteUsers([$self->session->user->profileField("userId")],[$self->get("subscriptionGroupId")]);
}

4
lib/WebGUI/Asset/Wobject/Dashboard.pm
View file

@ -30,14 +30,14 @@ our @ISA = qw(WebGUI::Asset::Wobject);
sub canManage {
my $self = shift;
return 0 if $self->session->user->profileField("userId") == 1;
return WebGUI::Grouping::isInGroup($self->get("adminsGroupId"));
return $self->session->user->isInGroup($self->get("adminsGroupId"));
}
#-------------------------------------------------------------------
sub canPersonalize {
my $self = shift;
return 0 if $self->session->user->profileField("userId") == 1;
return WebGUI::Grouping::isInGroup($self->get("usersGroupId"));
return $self->session->user->isInGroup($self->get("usersGroupId"));
}
#-------------------------------------------------------------------

2
lib/WebGUI/Asset/Wobject/EventsCalendar.pm
View file

@ -34,7 +34,7 @@ our @ISA = qw(WebGUI::Asset::Wobject);
# return 1;
# }
# return 0 unless $self->canView($userId);
# return WebGUI::Grouping::isInGroup($self->getValue("groupIdManage"),$userId);
# return $self->session->user->isInGroup($self->getValue("groupIdManage"),$userId);
#}

4
lib/WebGUI/Asset/Wobject/InOutBoard.pm
View file

@ -149,7 +149,7 @@ sub view {
my %var;
my $url = $self->getUrl('func=view');
if (WebGUI::Grouping::isInGroup($self->getValue("reportViewerGroup"))) {
if ($self->session->user->isInGroup($self->getValue("reportViewerGroup"))) {
$var{'viewReportURL'} = $self->getUrl("func=viewReport");
$var{canViewReport} = 1;
}
@ -377,7 +377,7 @@ sub www_view {
#-------------------------------------------------------------------
sub www_viewReport {
my $self = shift;
return "" unless (WebGUI::Grouping::isInGroup($self->getValue("reportViewerGroup")));
return "" unless ($self->session->user->isInGroup($self->getValue("reportViewerGroup")));
my %var;
my $f = WebGUI::HTMLForm->new(-action=>$self->getUrl, -method=>"GET");
my %changedBy = ();

2
lib/WebGUI/Asset/Wobject/IndexedSearch/Search.pm
View file

@ -619,7 +619,7 @@ Returns an array reference containing all groupIds of groups the user is in.
sub _getGroups {
my @groups;
foreach my $groupId ($self->session->db->buildArray("select groupId from groups")) {
push(@groups, $groupId) if (WebGUI::Grouping::isInGroup($groupId));
push(@groups, $groupId) if ($self->session->user->isInGroup($groupId));
}
return \@groups;
}

12
lib/WebGUI/Asset/Wobject/Matrix.pm
View file

@ -148,8 +148,8 @@ sub getCompareForm {
sub hasRated {
my $self = shift;
my $listingId = shift;
return 1 unless (WebGUI::Grouping::isInGroup($self->get("groupToRate")));
my $ratingTimeout = WebGUI::Grouping::isInGroup($self->get("privilegedGroup")) ? $self->get("ratingTimeoutPrivileged") : $self->get("ratingTimeout");
return 1 unless ($self->session->user->isInGroup($self->get("groupToRate")));
my $ratingTimeout = $self->session->user->isInGroup($self->get("privilegedGroup")) ? $self->get("ratingTimeoutPrivileged") : $self->get("ratingTimeout");
my ($hasRated) = $self->session->db->quickArray("select count(*) from Matrix_rating where
((userId=".$self->session->db->quote($self->session->user->profileField("userId"))." and userId<>'1') or (userId='1' and ipAddress=".$self->session->db->quote($self->session->env->get("HTTP_X_FORWARDED_FOR")).")) and
listingId=".$self->session->db->quote($listingId)." and timeStamp>".($self->session->datetime->time()-$ratingTimeout));
@ -234,7 +234,7 @@ sub www_compare {
@cmsList = $self->session->form->checkList("listingId");
}
my ( %var, @prodcol, @datecol);
my $max = WebGUI::Grouping::isInGroup($self->get("privilegedGroup")) ? $self->get("maxComparisonsPrivileged") : $self->get("maxComparisons");
my $max = $self->session->user->isInGroup($self->get("privilegedGroup")) ? $self->get("maxComparisonsPrivileged") : $self->get("maxComparisons");
$var{isTooMany} = (scalar(@cmsList)>$max);
$var{isTooFew} = (scalar(@cmsList)<2);
$var{'compare.form'} = $self->getCompareForm(@cmsList);
@ -441,7 +441,7 @@ sub www_edit {
sub www_editListing {
my $self = shift;
my $listing= $self->session->db->getRow("Matrix_listing","listingId",$self->session->form->process("listingId"));
return WebGUI::International('no edit rights','Asset_Matrix') unless (($self->session->form->process("listingId") eq "new" && WebGUI::Grouping::isInGroup($self->get("groupToAdd"))) || $self->session->user->profileField("userId") eq $listing->{maintainerId} || $self->canEdit);
return WebGUI::International('no edit rights','Asset_Matrix') unless (($self->session->form->process("listingId") eq "new" && $self->session->user->isInGroup($self->get("groupToAdd"))) || $self->session->user->profileField("userId") eq $listing->{maintainerId} || $self->canEdit);
my $f = WebGUI::HTMLForm->new(-action=>$self->getUrl);
$f->hidden(
-name=>"func",
@ -570,7 +570,7 @@ sub www_editListing {
sub www_editListingSave {
my $self = shift;
my $listing = $self->session->db->getRow("Matrix_listing","listingId",$self->session->form->process("listingId"));
return WebGUI::International('no edit rights','Asset_Matrix') unless (($self->session->form->process("listingId") eq "new" && WebGUI::Grouping::isInGroup($self->get("groupToAdd"))) || $self->session->user->profileField("userId") eq $listing->{maintainerId} || $self->canEdit);
return WebGUI::International('no edit rights','Asset_Matrix') unless (($self->session->form->process("listingId") eq "new" && $self->session->user->isInGroup($self->get("groupToAdd"))) || $self->session->user->profileField("userId") eq $listing->{maintainerId} || $self->canEdit);
my %data = (
listingId => $self->session->form->process("listingId"),
lastUpdated => $self->session->datetime->time(),
@ -798,7 +798,7 @@ sub www_search {
} elsif ($count == 1) {
return $self->www_viewDetail($list[0]);
} else {
my $max = WebGUI::Grouping::isInGroup($self->get("privilegedGroup")) ? $self->get("maxComparisonsPrivileged") : $self->get("maxComparisons");
my $max = $self->session->user->isInGroup($self->get("privilegedGroup")) ? $self->get("maxComparisonsPrivileged") : $self->get("maxComparisons");
$var{isTooMany} = ($count>$max);
$var{isTooFew} = ($count<2);
}

2
lib/WebGUI/Asset/Wobject/Navigation.pm
View file

@ -450,7 +450,7 @@ sub www_goBackToPage {
sub www_preview {
my $self = shift;
$self->session->var->get("adminOn") = 0;
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(3));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(3));
my $nav = WebGUI::Navigation->new( depth=>$self->session->form->process("depth"),
method=>$self->session->form->process("method"),
startAt=>$self->session->form->process("startAt"),

4
lib/WebGUI/Asset/Wobject/Poll.pm
View file

@ -280,7 +280,7 @@ sub view {
$var{question} = $self->get("question");
if ($self->get("active") eq "0") {
$showPoll = 0;
} elsif (WebGUI::Grouping::isInGroup($self->get("voteGroup"),$self->session->user->profileField("userId"))) {
} elsif ($self->session->user->isInGroup($self->get("voteGroup"),$self->session->user->profileField("userId"))) {
if ($self->_hasVoted()) {
$showPoll = 0;
} else {
@ -330,7 +330,7 @@ sub view {
sub www_vote {
my $self = shift;
my $u;
if ($self->session->form->process("answer") ne "" && WebGUI::Grouping::isInGroup($self->get("voteGroup")) && !($self->_hasVoted())) {
if ($self->session->form->process("answer") ne "" && $self->session->user->isInGroup($self->get("voteGroup")) && !($self->_hasVoted())) {
$self->setVote($self->session->form->process("answer"),$self->session->user->profileField("userId"),$self->session->env->get("REMOTE_ADDR"));
if ($self->session->setting->get("useKarma")) {
$u = WebGUI::User->new($self->session->user->profileField("userId"));

28
lib/WebGUI/Asset/Wobject/Survey.pm
View file

@ -329,7 +329,7 @@ sub getIp {
sub getMenuVars {
my $self = shift;
my %var;
$var{'user.canViewReports'} = (WebGUI::Grouping::isInGroup($self->get("groupToViewReports")));
$var{'user.canViewReports'} = ($self->session->user->isInGroup($self->get("groupToViewReports")));
$var{'delete.all.responses.url'} = $self->getUrl('func=deleteAllResponses');
$var{'delete.all.responses.label'} = WebGUI::International::get(73,'Asset_Survey');
$var{'export.answers.url'} = $self->getUrl('func=exportAnswers');
@ -650,7 +650,7 @@ sub view {
}
$sth->finish;
$var->{'user.canTakeSurvey'} = WebGUI::Grouping::isInGroup($self->get("groupToTakeSurvey"));
$var->{'user.canTakeSurvey'} = $self->session->user->isInGroup($self->get("groupToTakeSurvey"));
if ($var->{'user.canTakeSurvey'}) {
$var->{'response.Id'} = $self->getResponseId();
$var->{'response.Count'} = $self->getResponseCount;
@ -732,14 +732,14 @@ sub www_deleteSectionConfirm {
#-------------------------------------------------------------------
sub www_deleteResponse {
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($_[0]->get("groupToViewReports")));
return $self->session->style->process($_[0]->confirm(WebGUI::International::get(72,'Asset_Survey'),
$_[0]->getUrl('func=deleteResponseConfirm;responseId='.$self->session->form->process("responseId"))),$_[0]->getValue("styleTemplateId"));
}
#-------------------------------------------------------------------
sub www_deleteResponseConfirm {
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($_[0]->get("groupToViewReports")));
$self->session->db->write("delete from Survey_response where Survey_responseId=".$self->session->db->quote($self->session->form->process("responseId")));
$self->session->db->write("delete from Survey_questionResponse where Survey_responseId=".$self->session->db->quote($self->session->form->process("responseId")));
return $_[0]->www_viewGradebook;
@ -747,13 +747,13 @@ sub www_deleteResponseConfirm {
#-------------------------------------------------------------------
sub www_deleteAllResponses {
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($_[0]->get("groupToViewReports")));
return $self->session->style->process($_[0]->confirm(WebGUI::International::get(74,'Asset_Survey'),$_[0]->getUrl('func=deleteAllResponsesConfirm')),$_[0]->getValue("styleTemplateId"));
}
#-------------------------------------------------------------------
sub www_deleteAllResponsesConfirm {
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($_[0]->get("groupToViewReports")));
$self->session->db->write("delete from Survey_response where Survey_id=".$self->session->db->quote($_[0]->get("Survey_id")));
$self->session->db->write("delete from Survey_questionResponse where Survey_id=".$self->session->db->quote($_[0]->get("Survey_id")));
return "";
@ -1085,14 +1085,14 @@ sub www_editSectionSave {
#-------------------------------------------------------------------
sub www_exportAnswers {
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($_[0]->get("groupToViewReports")));
WebGUI::HTTP::setFilename($self->session->url->escape($_[0]->get("title")."_answers.tab"),"text/tab");
return $self->session->db->quickTab("select * from Survey_answer where Survey_id=".$self->session->db->quote($_[0]->get("Survey_id")));
}
#-------------------------------------------------------------------
sub www_exportComposite {
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($_[0]->get("groupToViewReports")));
WebGUI::HTTP::setFilename($self->session->url->escape($_[0]->get("title")."_composite.tab"),"text/tab");
return $self->session->db->quickTab("select b.question, c.response, a.userId, a.username, a.ipAddress, c.comment, c.dateOfResponse from Survey_response a
left join Survey_questionResponse c on a.Survey_responseId=c.Survey_responseId
@ -1102,14 +1102,14 @@ sub www_exportComposite {
#-------------------------------------------------------------------
sub www_exportQuestions {
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($_[0]->get("groupToViewReports")));
WebGUI::HTTP::setFilename($self->session->url->escape($_[0]->get("title")."_questions.tab"),"text/tab");
return $self->session->db->quickTab("select * from Survey_question where Survey_id=".$self->session->db->quote($_[0]->get("Survey_id")));
}
#-------------------------------------------------------------------
sub www_exportResponses {
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($_[0]->get("groupToViewReports")));
WebGUI::HTTP::setFilename($self->session->url->escape($_[0]->get("title")."_responses.tab"),"text/tab");
return $self->session->db->quickTab("select * from Survey_response where Survey_id=".$self->session->db->quote($_[0]->get("Survey_id")));
}
@ -1159,7 +1159,7 @@ sub www_moveSectionUp {
#-------------------------------------------------------------------
sub www_respond {
my $self = shift;
return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToTakeSurvey")));
return "" unless ($self->session->user->isInGroup($self->get("groupToTakeSurvey")));
my $varname = $self->getResponseIdString;
return "" unless ($session{scratch}{$varname});
my $userId = ($self->get("anonymous")) ? substr(md5_hex($self->session->user->profileField("userId")),0,8) : $self->session->user->profileField("userId");
@ -1208,7 +1208,7 @@ sub www_view {
#-------------------------------------------------------------------
sub www_viewGradebook {
my $self = shift;
return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($self->get("groupToViewReports")));
$self->logView() if ($self->session->setting->get("passiveProfilingEnabled"));
my $var = $self->getMenuVars;
$var->{title} = WebGUI::International::get(71,'Asset_Survey');
@ -1245,7 +1245,7 @@ sub www_viewGradebook {
#-------------------------------------------------------------------
sub www_viewIndividualSurvey {
my $self = shift;
return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($self->get("groupToViewReports")));
$self->logView() if ($self->session->setting->get("passiveProfilingEnabled"));
my $var = $self->getMenuVars;
$var->{'title'} = WebGUI::International::get(70,'Asset_Survey');
@ -1304,7 +1304,7 @@ sub www_viewIndividualSurvey {
#-------------------------------------------------------------------
sub www_viewStatisticalOverview {
my $self = shift;
return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToViewReports")));
return "" unless ($self->session->user->isInGroup($self->get("groupToViewReports")));
$self->logView() if ($self->session->setting->get("passiveProfilingEnabled"));
my $var = $self->getMenuVars;
$var->{title} = WebGUI::International::get(58,'Asset_Survey');

6
lib/WebGUI/AssetBranch.pm
View file

@ -206,14 +206,14 @@ sub www_editBranch {
-subtext=>'<br />'.WebGUI::International::get("change","Asset").' '.WebGUI::Form::yesNo($self->session,{name=>"change_endDate"})
);
my $subtext;
if (WebGUI::Grouping::isInGroup(3)) {
if ($self->session->user->isInGroup(3)) {
$subtext = manageIcon('op=listUsers');
} else {
$subtext = "";
}
my $clause;
if (WebGUI::Grouping::isInGroup(3)) {
my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1);
if ($self->session->user->isInGroup(3)) {
my $contentManagers = $group->getUsers(4,1);
push (@$contentManagers, $self->session->user->profileField("userId"));
$clause = "userId in (".$self->session->db->quoteAndJoin($contentManagers).")";
} else {

8
lib/WebGUI/AssetClipboard.pm
View file

@ -288,8 +288,8 @@ Moves assets in clipboard to trash. Returns www_manageClipboard() when finished.
sub www_emptyClipboard {
my $self = shift;
my $ac = WebGUI::AdminConsole->new($self->session,"clipboard");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(4));
foreach my $asset (@{$self->getAssetsInClipboard(!($self->session->form->process("systemClipboard") && WebGUI::Grouping::isInGroup(3)))}) {
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(4));
foreach my $asset (@{$self->getAssetsInClipboard(!($self->session->form->process("systemClipboard") && $self->session->user->isInGroup(3)))}) {
$asset->trash;
}
return $self->www_manageClipboard();
@ -307,10 +307,10 @@ Returns an AdminConsole to deal with assets in the Clipboard. If isInGroup(12) i
sub www_manageClipboard {
my $self = shift;
my $ac = WebGUI::AdminConsole->new($self->session,"clipboard");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(12));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(12));
my ($header,$limit);
$ac->setHelp("clipboard manage");
if ($self->session->form->process("systemClipboard") && WebGUI::Grouping::isInGroup(3)) {
if ($self->session->form->process("systemClipboard") && $self->session->user->isInGroup(3)) {
$header = WebGUI::International::get(966,"Asset");
$ac->addSubmenuItem($self->getUrl('func=manageClipboard'), WebGUI::International::get(949,"Asset"));
$ac->addSubmenuItem($self->getUrl('func=emptyClipboard;systemClipboard=1'), WebGUI::International::get(959,"Asset"),

6
lib/WebGUI/AssetExportHtml.pm
View file

@ -137,7 +137,7 @@ Displays the export page administrative interface
sub www_export {
my $self = shift;
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(13));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(13));
$self->getAdminConsole->setHelp("page export", "Asset");
my $f = WebGUI::HTMLForm->new(-action=>$self->getUrl);
$f->hidden(
@ -190,7 +190,7 @@ Displays the export status page
sub www_exportStatus {
my $self = shift;
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(13));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(13));
my $iframeUrl = $self->getUrl('func=exportGenerate');
$iframeUrl = $self->session->url->append($iframeUrl, 'index='.$self->session->form->process("index"));
$iframeUrl = $self->session->url->append($iframeUrl, 'depth='.$self->session->form->process("depth"));
@ -211,7 +211,7 @@ Executes the export process and displays real time status. This operation is dis
sub www_exportGenerate {
my $self = shift;
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(13));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(13));
# This routine is called in an IFRAME and prints status output directly to the browser.
$|++; # Unbuffered data output
$session{page}{empty} = 1; # Write directly to the browser

8
lib/WebGUI/AssetMetaData.pm
View file

@ -142,7 +142,7 @@ Deletes a MetaDataField and returns www_manageMetaData on self, if user isInGrou
sub www_deleteMetaDataField {
my $self = shift;
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(4));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(4));
$self->deleteMetaDataField($self->session->form->process("fid"));
return $self->www_manageMetaData;
}
@ -159,7 +159,7 @@ Returns a rendered page to edit MetaData. Will return an insufficient Privilege
sub www_editMetaDataField {
my $self = shift;
my $ac = WebGUI::AdminConsole->new($self->session,"contentProfiling");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(4));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(4));
my $fieldInfo;
if($self->session->form->process("fid") && $self->session->form->process("fid") ne "new") {
$fieldInfo = $self->getMetaDataFields($self->session->form->process("fid"));
@ -218,7 +218,7 @@ Verifies that MetaData fields aren't duplicated or blank, assigns default values
sub www_editMetaDataFieldSave {
my $self = shift;
my $ac = WebGUI::AdminConsole->new($self->session,"content profiling");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(4));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(4));
$ac->setHelp("metadata edit property","Asset");
# Check for duplicate field names
my $sql = "select count(*) from metaData_properties where fieldName = ".
@ -268,7 +268,7 @@ Returns an AdminConsole to deal with MetaDataFields. If isInGroup(4) is False, r
sub www_manageMetaData {
my $self = shift;
my $ac = WebGUI::AdminConsole->new($self->session,"contentProfiling");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(4));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(4));
$ac->addSubmenuItem($self->getUrl('func=editMetaDataField'), WebGUI::International::get("Add new field","Asset"));
my $output;
my $fields = $self->getMetaDataFields();

4
lib/WebGUI/AssetTrash.pm
View file

@ -185,10 +185,10 @@ Returns an AdminConsole to deal with assets in the Trash. If isInGroup(4) is Fal
sub www_manageTrash {
my $self = shift;
my $ac = WebGUI::AdminConsole->new($self->session,"trash");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(12));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(12));
my ($header, $limit);
$ac->setHelp("trash manage");
if ($self->session->form->process("systemTrash") && WebGUI::Grouping::isInGroup(3)) {
if ($self->session->form->process("systemTrash") && $self->session->user->isInGroup(3)) {
$header = WebGUI::International::get(965,"Asset");
$ac->addSubmenuItem($self->getUrl('func=manageTrash'), WebGUI::International::get(10));
} else {

20
lib/WebGUI/AssetVersioning.pm
View file

@ -345,7 +345,7 @@ Displays the add version tag form.
sub www_addVersionTag {
my $self = shift;
my $ac = WebGUI::AdminConsole->new($self->session,"versions");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(12));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(12));
my $i18n = WebGUI::International->new("Asset");
$ac->addSubmenuItem($self->getUrl('func=manageVersions'), $i18n->get("manage versions"));
my $f = WebGUI::HTMLForm->new(-action=>$self->getUrl);
@ -375,7 +375,7 @@ Adds a version tag and sets the user's default version tag to that.
sub www_addVersionTagSave {
my $self = shift;
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(12));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(12));
$self->addVersionTag($self->session->form->process("name"));
return $self->www_manageVersions();
}
@ -394,7 +394,7 @@ sub www_commitRevision {
sub www_commitVersionTag {
my $self = shift;
return $self->session->privilege->adminOnly() unless WebGUI::Grouping::isInGroup(3);
return $self->session->privilege->adminOnly() unless $self->session->user->isInGroup(3);
my $tagId = $self->session->form->process("tagId");
if ($tagId) {
$self->commitVersionTag($tagId);
@ -413,7 +413,7 @@ Shows a list of the currently available asset version tags.
sub www_manageCommittedVersions {
my $self = shift;
my $ac = WebGUI::AdminConsole->new($self->session,"versions");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(3));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(3));
my $i18n = WebGUI::International->new("Asset");
my $rollback = $i18n->get('rollback');
my $rollbackPrompt = $i18n->get('rollback version tag confirm');
@ -447,7 +447,7 @@ Shows a list of the revisions for this asset.
sub www_manageRevisions {
my $self = shift;
my $ac = WebGUI::AdminConsole->new("versions");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(3));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(3));
my $i18n = WebGUI::International->new("Asset");
my $output = '<table width=100% class="content">
<tr><th></th><th>Revision Date</th><th>Revised By</th><th>Tag Name</th></tr> ';
@ -478,7 +478,7 @@ Shows a list of the currently available asset version tags.
sub www_manageVersions {
my $self = shift;
my $ac = WebGUI::AdminConsole->new("versions");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(3));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(3));
my $i18n = WebGUI::International->new("Asset");
$ac->setHelp("versions manage");
$ac->addSubmenuItem($self->getUrl('func=addVersionTag'), $i18n->get("add a version tag"));
@ -515,7 +515,7 @@ sub www_manageVersions {
sub www_manageRevisionsInTag {
my $self = shift;
my $ac = WebGUI::AdminConsole->new("versions");
return $self->session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(3));
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(3));
my $i18n = WebGUI::International->new("Asset");
$ac->addSubmenuItem($self->getUrl('func=addVersionTag'), $i18n->get("add a version tag"));
$ac->addSubmenuItem($self->getUrl('func=manageCommittedVersions'), $i18n->get("manage committed versions"));
@ -560,7 +560,7 @@ sub www_purgeRevision {
sub www_rollbackVersionTag {
my $self = shift;
return $self->session->privilege->adminOnly() unless WebGUI::Grouping::isInGroup(3);
return $self->session->privilege->adminOnly() unless $self->session->user->isInGroup(3);
return $self->session->privilege->vitalComponent() if ($self->session->form->process("tagId") eq "pbversion0000000000001" || $self->session->form->process("tagId") eq "pbversion0000000000002");
my $tagId = $self->session->form->process("tagId");
if ($tagId) {
@ -576,7 +576,7 @@ sub www_rollbackVersionTag {
sub www_rollbackSiteToTime {
my $self = shift;
return $self->session->privilege->adminOnly() unless WebGUI::Grouping::isInGroup(3);
return $self->session->privilege->adminOnly() unless $self->session->user->isInGroup(3);
}
@ -591,7 +591,7 @@ Sets the current user's working version tag.
sub www_setVersionTag () {
my $self = shift;
return $self->session->privilege->insufficient() unless WebGUI::Grouping::isInGroup(12);
return $self->session->privilege->insufficient() unless $self->session->user->isInGroup(12);
$self->session->scratch->set("versionTag",$self->session->form->process("tagId"));
return $self->www_manageVersions();
}

2
lib/WebGUI/Form/Control.pm
View file

@ -581,7 +581,7 @@ sub passUiLevelCheck {
} else { # use programmed default
$passUiLevelCheck = ($self->get("uiLevel") <= $self->session->user->profileField("uiLevel"));
}
$passUiLevelCheck = WebGUI::Grouping::isInGroup(3) unless ($passUiLevelCheck); # override if in admins group
$passUiLevelCheck = $self->session->user->isInGroup(3) unless ($passUiLevelCheck); # override if in admins group
return $passUiLevelCheck;
}

2
lib/WebGUI/Form/DatabaseLink.pm
View file

@ -121,7 +121,7 @@ Renders the form field to HTML as a table row complete with labels, subtext, hov
sub toHtmlWithWrapper {
my $self = shift;
if (WebGUI::Grouping::isInGroup(3)) {
if ($self->session->user->isInGroup(3)) {
my $subtext;
if ($self->get("afterEdit")) {
$subtext = editIcon("op=editDatabaseLink;lid=".$self->get("value").";afterEdit=".$self->session->url->escape($self->get("afterEdit")));

2
lib/WebGUI/Form/Group.pm
View file

@ -140,7 +140,7 @@ Renders the form field to HTML as a table row complete with labels, subtext, hov
sub toHtmlWithWrapper {
my $self = shift;
if (WebGUI::Grouping::isInGroup(3)) {
if ($self->session->user->isInGroup(3)) {
my $subtext = manageIcon("op=listGroups");
$self->get("subtext") = $subtext . $self->get("subtext");
}

2
lib/WebGUI/Form/LdapLink.pm
View file

@ -144,7 +144,7 @@ Renders the form field to HTML as a table row complete with labels, subtext, hov
sub toHtmlWithWrapper {
my $self = shift;
if (WebGUI::Grouping::isInGroup(3)) {
if ($self->session->user->isInGroup(3)) {
my $subtext;
if ($self->get("afterEdit")) {
$subtext = editIcon("op=editLDAPLink;llid=".$self->get("value").";afterEdit=".$self->session->url->escape($self->get("afterEdit")));

609
lib/WebGUI/Group.pm
View file

@ -16,11 +16,12 @@ package WebGUI::Group;
use strict;
use Tie::CPHash;
use WebGUI::DateTime;
use WebGUI::Auth;
use WebGUI::Id;
use WebGUI::Grouping;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::LDAPLink;
use WebGUI::Macro;
use WebGUI::Utility;
=head1 NAME
@ -45,7 +46,7 @@ This package provides an object-oriented way of managing WebGUI groups and group
$integer = $g->expireNotifyMessage("You're outta here!");
$integer = $g->expireNotifyOffset(-14);
$integer = $g->expireOffset(360000);
$integer = $g->groupId;
$integer = $g->getId;
$boolean = $g->isEditable(1);
$integer = $g->karmaThreshold(5000);
$string = $g->ipFilter("10.;192.168.1.");
@ -61,6 +62,18 @@ This package provides an object-oriented way of managing WebGUI groups and group
$g->deleteUsers(\@arr);
$g->delete;
$group->addGroups(\@groups, \@toGroups);
$group->addUsers(\@users, \@toGroups);
$group->deleteGroups(\@groups, \@fromGroups);
$group->deleteUsers(\@users, \@fromGroups);
$arrayRef = $group->getGroupsFor($groupId);
$arrayRef = $self->session->user->getGroups($userId);
$arrayRef = $group->getGroupsIn($groupId);
$arrayRef = $group->getUsers($groupId);
$boolean = $self->session->user->isInGroup($groupId, $userId);
$boolean = $group->userIsAdmin($userId,$groupId);
$epoch = $group->userGroupExpireDate($userId,$groupId);
=head1 METHODS
These methods are available from this class:
@ -70,13 +83,24 @@ These methods are available from this class:
#-------------------------------------------------------------------
sub _create {
my $groupId = WebGUI::Id::generate();
$self->session->db->write("insert into groups (groupId,dateCreated,expireOffset,karmaThreshold) values
(".$self->session->db->quote($groupId).","$self->session->datetime->time().",314496000,1000000000)");
WebGUI::Grouping::addGroupsToGroups([3],[$groupId]);
return $groupId;
my $self = shift;
$self->{_groupId} = $self->session->db->setRow("groups","groupId",{
groupId=>"new",
dateCreated=>$self->session->datetime->time(),
expireOffset=>314496000,
karmaThreshold=>1000000000,
groupName=>"New Group",
expireNotifyOffset=>-14,
deleteOffset=>14,
expireNotify=>0,
databaseLinkId=>0,
dbCacheTimeout=>3600,
lastUpdated=>$self->session->datetime->time()
});
$self->addGroups([3]);
}
#-------------------------------------------------------------------
=head2 addGroups ( groups )
@ -85,28 +109,55 @@ Adds groups to this group.
=head3 groups
An array reference containing the list of group ids to add to this group.
An array reference containing the list of group ids to add.
=cut
sub addGroups {
WebGUI::Grouping::addGroupsToGroups($_[1],[$_[0]->{_groupId}]);
my $self = shift;
my $groups = shift;
$self->session->stow->delete("isInGroup");
foreach my $gid (@{$groups}) {
next if ($gid eq '1');
my ($isIn) = $self->session->db->quickArray("select count(*) from groupGroupings where groupId=".$self->session->db->quote($gid)." and inGroup=".$self->session->db->quote($self->getId));
my $recursive = isIn($self->getId, @{$self->getGroupsIn($gid,1)});
unless ($isIn || $recursive) {
$self->session->db->write("insert into groupGroupings (groupId,inGroup) values (".$self->session->db->quote($gid).",".$self->session->db->quote($self->getId).")");
}
}
}
#-------------------------------------------------------------------
=head2 addUsers ( users )
=head2 addUsers ( users [, expireOffset ] )
Adds users to this group.
=head3 users
=head3 users
An array reference containing the list of user ids to add to this group.
An array reference containing a list of users.
=head3 expireOffset
An override for the default offset of the grouping. Specified in seconds.
=cut
sub addUsers {
WebGUI::Grouping::addUsersToGroups($_[1],[$_[0]->{_groupId}]);
my $self = shift;
my $users = shift;
$self->session->stow->delete("isInGroup");
my $expireOffset = shift || $self->get("expireOffset");
foreach my $uid (@{$users}) {
next if ($uid eq '1');
my ($isIn) = $self->session->db->quickArray("select count(*) from groupings where groupId=".$self->session->db->quote($self->getId)." and userId=".$self->session->db->quote($uid));
unless ($isIn) {
$self->session->db->write("insert into groupings (groupId,userId,expireDate) values (".$self->session->db->quote($self->getId).", ".$self->session->db->quote($uid).", ".($self->session->datetime->time()+$expireOffset).")");
} else {
$self->userGroupExpireDate($uid,($self->session->datetime->time()+$expireOffset));
}
}
}
#-------------------------------------------------------------------
@ -122,15 +173,12 @@ If specified, the autoAdd is set to this value.
=cut
sub autoAdd {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"autoAdd"} = $value;
$self->session->db->write("update groups set autoAdd=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("autoAdd",$value);
}
return $class->{_group}{"autoAdd"};
return $self->get("autoAdd");
}
@ -147,15 +195,12 @@ If specified, the autoDelete is set to this value.
=cut
sub autoDelete {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"autoDelete"} = $value;
$self->session->db->write("update groups set autoDelete=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("autoDelete",$value);
}
return $class->{_group}{"autoDelete"};
return $self->get("autoDelete");
}
@ -168,7 +213,8 @@ Returns the epoch for when this group was created.
=cut
sub dateCreated {
return $_[0]->{_group}{dateCreated};
my $self = shift;
return $self->get("dateCreated");
}
@ -181,9 +227,11 @@ Deletes this group and all references to it.
=cut
sub delete {
$self->session->db->write("delete from groups where groupId=".$self->session->db->quote($_[0]->{_groupId}));
$self->session->db->write("delete from groupings where groupId=".$self->session->db->quote($_[0]->{_groupId}));
$self->session->db->write("delete from groupGroupings where inGroup=".$self->session->db->quote($_[0]->{_groupId})." or groupId=".$self->session->db->quote($_[0]->{_groupId}));
my $self = shift;
$self->session->db->write("delete from groups where groupId=".$self->session->db->quote($self->getId));
$self->session->db->write("delete from groupings where groupId=".$self->session->db->quote($self->getId));
$self->session->db->write("delete from groupGroupings where inGroup=".$self->session->db->quote($self->getId)." or groupId=".$self->session->db->quote($self->getId));
undef $self;
}
#-------------------------------------------------------------------
@ -194,31 +242,45 @@ Deletes groups from this group.
=head3 groups
An array reference containing the list of group ids to delete from this group.
An array reference containing the list of group ids to delete.
=head3 fromGroups
An array reference containing the list of group ids to delete from.
=cut
sub deleteGroups {
WebGUI::Grouping::deleteGroupsFromGroups($_[1],[$_[0]->{_groupId}]);
my $self = shift;
my $groups = shift;
$self->session->stow->delete("isInGroup");
foreach my $gid (@{$groups}) {
$self->session->db->write("delete from groupGroupings where groupId=".$self->session->db->quote($gid)." and inGroup=".$self->session->db->quote($self->getId));
}
}
#-------------------------------------------------------------------
=head2 deleteUsers ( users )
Deletes users from this group.
Deletes a list of users from the specified groups.
=head3 users
An array reference containing the list of user ids to delete from this group.
An array reference containing a list of users.
=cut
sub deleteUsers {
WebGUI::Grouping::deleteUsersFromGroups($_[1],[$_[0]->{_groupId}]);
my $self = shift;
my $users = shift;
$self->session->stow->delete("isInGroup");
foreach my $uid (@{$users}) {
$self->session->db->write("delete from groupings where groupId=".$self->session->db->quote($self->getId)." and userId=".$self->session->db->quote($uid));
}
}
#-------------------------------------------------------------------
=head2 deleteOffset ( [ value ] )
@ -232,15 +294,12 @@ If specified, deleteOffset is set to this value. Defaults to "-14".
=cut
sub deleteOffset {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"deleteOffset"} = $value;
$self->session->db->write("update groups set deleteOffset=$value,
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("deleteOffset",$value);
}
return $class->{_group}{"deleteOffset"};
return $self->get("deleteOffset");
}
@ -257,15 +316,12 @@ If specified, the description is set to this value.
=cut
sub description {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"description"} = $value;
$self->session->db->write("update groups set description=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("description",$value);
}
return $class->{_group}{"description"};
return $self->get("description");
}
@ -282,15 +338,12 @@ If specified, expireNotify is set to this value.
=cut
sub expireNotify {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"expireNotify"} = $value;
$self->session->db->write("update groups set expireNotify=$value,
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("expireNotify", $value);
}
return $class->{_group}{"expireNotify"};
return $self->get("expireNotify");
}
@ -307,15 +360,12 @@ If specified, expireNotifyMessage is set to this value.
=cut
sub expireNotifyMessage {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"expireNotifyMessage"} = $value;
$self->session->db->write("update groups set expireNotifyMessage=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("expireNotifyMessage",$value);
}
return $class->{_group}{"expireNotifyMessage"};
return $self->get("expireNotifyMessage");
}
@ -333,15 +383,12 @@ If specified, expireNotifyOffset is set to this value.
=cut
sub expireNotifyOffset {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"expireNotifyOffset"} = $value;
$self->session->db->write("update groups set expireNotifyOffset=$value,
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->get("expireNotifyOffset",$value);
}
return $class->{_group}{"expireNotifyOffset"};
return $self->get("expireNotifyOffset");
}
@ -358,23 +405,25 @@ If specified, expireOffset is set to this value.
=cut
sub expireOffset {
my $class = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"expireOffset"} = $value;
$self->session->db->write("update groups set expireOffset=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("expireOffset",$value);
}
return $class->{_group}{"expireOffset"};
return $self->get("expireOffset");
}
#-------------------------------------------------------------------
=head2 find ( name )
=head2 find ( session, name )
An alternative to the constructor "new", use find as a constructor by name rather than id.
=head3 session
A reference to the current session.
=head3 name
The name of the group you wish to instantiate.
@ -383,22 +432,146 @@ The name of the group you wish to instantiate.
sub find {
my $class = shift;
my $session = shift;
my $name = shift;
my ($groupId) = $self->session->db->quickArray("select groupId from groups where groupName=".$self->session->db->quote($name));
return WebGUI::Group->new($groupId);
return WebGUI::Group->new($session,$groupId);
}
#-------------------------------------------------------------------
=head2 groupId ( )
=head2 get ( name )
Returns the value the specified property.
=head3 name
The name of the property to retrieve.
=cut
sub get {
my $self = shift;
my $name = shift;
unless ($self->{_group}) {
$self->{_group} = $self->session->db->getRow("groups","groupId",$self->getId);
}
return $self->{_group}{$name};
}
#-------------------------------------------------------------------
=head2 getGroupsFor ( )
Returns an array reference containing a list of groups this group is in.
=cut
sub getGroupsFor {
my $self = shift;
return $self->session->db->buildArrayRef("select inGroup from groupGroupings where groupId=".$self->session->db->quote($self->getId));
}
#-------------------------------------------------------------------
=head2 getGroupsIn ( [ recursive ] )
Returns an array reference containing a list of groups that belong to this group.
=head3 recursive
A boolean value to determine whether the method should return the groups directly in the group, or to follow the entire groups of groups hierarchy. Defaults to "0".
=cut
sub getGroupsIn {
my $self = shift;
my $isRecursive = shift;
my $loopCount = shift;
my $gotGroupsInGroup = $self->session->stow->get("gotGroupsInGroup");
if ($isRecursive && exists $gotGroupsInGroup->{recursive}{$self->getId}) {
return $gotGroupsInGroup->{recursive}{$self->getId};
} elsif (exists $gotGroupsInGroup->{recursive}{$self->getId}) {
return $gotGroupsInGroup->{direct}{$self->getId};
}
my $groups = $self->session->db->buildArrayRef("select groupId from groupGroupings where inGroup=".$self->session->db->quote($self->getId));
if ($isRecursive) {
$loopCount++;
if ($loopCount > 99) {
$self->session->errorHandler->fatal("Endless recursive loop detected while determining". " groups in group.\nRequested groupId: ".$self->getId."\nGroups in that group: ".join(",",@$groups));
}
my @groupsOfGroups = @$groups;
foreach my $group (@$groups) {
my $gog = WebGUI::Group->new($group)->getGroupsIn(1,$loopCount);
push(@groupsOfGroups, @$gog);
}
$gotGroupsInGroup->{recursive}{$self->getId} = \@groupsOfGroups;
return \@groupsOfGroups;
}
$gotGroupsInGroup->{direct}{$self->getId} = $groups;
$self->session->stow->set("gotGroupsInGroup",$gotGroupsInGroup);
return $groups;
}
#-------------------------------------------------------------------
=head2 getUsers ( [ recursive, withoutExpired ] )
Returns an array reference containing a list of users that belong to this group.
=head3 recursive
A boolean value to determine whether the method should return the users directly in the group or to follow the entire groups of groups hierarchy. Defaults to "0".
=head3 withoutExpired
A boolean that if set true will return the users list minus the expired groupings.
=cut
sub getUsersInGroup {
my $self = shift;
my $recursive = shift;
my $withoutExpired = shift;
my $clause;
if ($withoutExpired) {
$clause = "expireDate > "$self->session->datetime->time()." and ";
}
$clause .= "(groupId=".$self->session->db->quote($groupId);
if ($recursive) {
my $groups = $self->getGroupsIn(1);
if ($#$groups >= 0) {
if ($withoutExpired) {
foreach my $groupId (@$groups) {
$clause .= " OR (groupId = ".$self->session->db->quote($groupId)." AND expireDate > ".$self->session->datetime->time().") ";
}
} else {
$clause .= " OR groupId IN (".$self->session->db->quoteAndJoin($groups).")";
}
}
}
$clause .= ")";
return $self->session->db->buildArrayRef("select userId from groupings where $clause");
}
#-------------------------------------------------------------------
=head2 getId ( )
Returns the groupId for this group.
=cut
sub groupId {
return $_[0]->{_groupId};
sub getId {
my $self = shift;
return $self->{_groupId};
}
@ -415,15 +588,12 @@ If specified, the karma threshold is set to this value.
=cut
sub karmaThreshold {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"karmaThreshold"} = $value;
$self->session->db->write("update groups set karmaThreshold=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("karmaThreshold",$value);
}
return $class->{_group}{"karmaThreshold"};
return $self->get("karmaThreshold");
}
@ -440,15 +610,12 @@ If specified, the ipFilter is set to this value.
=cut
sub ipFilter {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"ipFilter"} = $value;
$self->session->db->write("update groups set ipFilter=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("ipFilter",$value);
}
return $class->{_group}{"ipFilter"};
return $self->get("ipFilter");
}
@ -465,15 +632,12 @@ If specified, isEditable is set to this value.
=cut
sub isEditable {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"isEditable"} = $value;
$self->session->db->write("update groups set isEditable=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("isEditable",$value);
}
return $class->{_group}{"isEditable"};
return $self->get("isEditable");
}
@ -486,7 +650,8 @@ Returns the epoch for when this group was last modified.
=cut
sub lastUpdated {
return $_[0]->{_group}{lastUpdated};
my $self = shift;
return $self->get("lastUpdated");
}
@ -503,24 +668,25 @@ If specified, the name is set to this value.
=cut
sub name {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"groupName"} = $value;
$self->session->db->write("update groups set groupName=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("groupName",$value);
}
return $class->{_group}{"groupName"};
return $self->get("groupName");
}
#-------------------------------------------------------------------
=head2 new ( groupId )
=head2 new ( session, groupId )
Constructor.
=head3 session
A reference to the current session.
=head3 groupId
The groupId of the group you're creating an object reference for. If specified as "new" then a new group will be created and assigned the next available groupId. If left blank then the object methods will just return default values for everything.
@ -531,21 +697,12 @@ sub new {
my ($class, $groupId, %default, $value, $key, %group, %profile);
tie %group, 'Tie::CPHash';
$class = shift;
$groupId = shift;
$groupId = _create() if ($groupId eq "new");
if ($groupId eq "") {
$group{expireOffset} = 314496000;
$group{karmaThreshold} = 1000000000;
$group{groupName} = "New Group";
$group{expireNotifyOffset} = -14;
$group{deleteOffset} = 14;
$group{expireNotify} = 0;
$group{databaseLinkId} = 0;
$group{dbCacheTimeout} = 3600;
} else {
%group = $self->session->db->quickHash("select * from groups where groupId=".$self->session->db->quote($groupId));
}
bless {_groupId => $groupId, _group => \%group }, $class;
my $self = {};
$self->{_session} = shift;
$self->{_groupId} = shift;
bless $self, $class;
$self->_create() if ($self->{_groupId} eq "new");
return $self;
}
#-------------------------------------------------------------------
@ -561,15 +718,12 @@ If specified, the name is set to this value.
=cut
sub scratchFilter {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"scratchFilter"} = $value;
$self->session->db->write("update groups set scratchFilter=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("scratchFilter",$value);
}
return $class->{_group}{"scratchFilter"};
return $self->get("scratchFilter");
}
#-------------------------------------------------------------------
@ -585,15 +739,12 @@ If specified, showInForms is set to this value.
=cut
sub showInForms {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"showInForms"} = $value;
$self->session->db->write("update groups set showInForms=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("showInForms",$value);
}
return $class->{_group}{"showInForms"};
return $self->get("showInForms");
}
@ -612,15 +763,12 @@ If specified, the dbQuery is set to this value.
=cut
sub dbQuery {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"dbQuery"} = $value;
$self->session->db->write("update groups set dbQuery=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("dbQuery",$value);
}
return $class->{_group}{"dbQuery"};
return $self->get("dbQuery");
}
#-------------------------------------------------------------------
@ -636,15 +784,12 @@ If specified, the databaseLinkId is set to this value.
=cut
sub databaseLinkId {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"databaseLinkId"} = $value;
$self->session->db->write("update groups set databaseLinkId=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("databaseLinkId",$value);
}
return $class->{_group}{"databaseLinkId"};
return $self->get("databaseLinkId");
}
#-------------------------------------------------------------------
@ -660,15 +805,12 @@ If specified, the dbCacheTimeout is set to this value.
=cut
sub dbCacheTimeout {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"dbCacheTimeout"} = $value;
$self->session->db->write("update groups set dbCacheTimeout=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("dbCacheTimeout",$value);
}
return $class->{_group}{"dbCacheTimeout"};
return $self->get("dbCacheTimeout");
}
#-------------------------------------------------------------------
@ -684,15 +826,12 @@ If specified, the ldapGroup is set to this value.
=cut
sub ldapGroup {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"ldapGroup"} = $value;
$self->session->db->write("update groups set ldapGroup=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("ldapGroup",$value);
}
return $class->{_group}{"ldapGroup"};
return $self->get("ldapGroup");
}
#-------------------------------------------------------------------
@ -708,15 +847,12 @@ If specified, the ldapGroupProperty is set to this value.
=cut
sub ldapGroupProperty {
my ($class, $value);
$class = shift;
$value = shift;
my $self = shift;
my $value = shift;
if (defined $value) {
$class->{_group}{"ldapGroupProperty"} = $value;
$self->session->db->write("update groups set ldapGroupProperty=".$self->session->db->quote($value).",
lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
$self->set("ldapGroupProperty", $value);
}
return $class->{_group}{"ldapGroupProperty"};
return $self->get("ldapGroupProperty");
}
#-------------------------------------------------------------------
@ -732,14 +868,113 @@ If specified, the ldapRecursiveProperty is set to this value.
=cut
sub ldapRecursiveProperty {
my ($class, $value);
$class = shift;
$value = shift;
if (defined $value) {
$class->{_group}{"ldapRecursiveProperty"} = $value;
$self->session->db->write("update groups set ldapRecursiveProperty=".$self->session->db->quote($value).", lastUpdated="$self->session->datetime->time()." where groupId=".$self->session->db->quote($class->{_groupId}));
}
return $class->{_group}{"ldapRecursiveProperty"};
my $self = shift;
my $value = shift;
if (defined $value) {
$self->set("ldapRecursiveProperty",$value);
}
return $self->get("ldapRecursiveProperty");
}
#-------------------------------------------------------------------
=head2 session ( )
Returns a reference to the current session.
=cut
sub session {
my $self = shift;
return $self->{_session};
}
#-------------------------------------------------------------------
=head2 set ( name, value )
Sets a property of this group.
=head3 name
The name of a property to set.
=head3 value
THe value of a property to set.
=cut
sub set {
my $self = shift;
my $name = shift;
my $value = shift;
$self->get("groupId") unless ($self->{_group}); # precache group stuff
$self->{_group}{$name} = $value;
$self->session->db->setRow("groups","groupId",{groupId=>$self->getId, $name=>$value, lastUpdated=>$self->session->datetime->time()});
}
#-------------------------------------------------------------------
=head2 userIsAdmin ( [ userId, value ] )
Returns a 1 or 0 depending upon whether the user is a sub-admin for this group.
=head3 userId
A guid that is the unique identifier for a user. Defaults to the currently logged in user.
=head3 value
If specified the admin flag will be set to this value.
=cut
sub userIsAdmin {
my $self = shift;
my $userId = shift || $self->session->user->userId;
my $value = shift;
if ($value ne "") {
$self->session->db->write("update groupings set groupAdmin=".$self->session->db->quote($value)." where groupId=".$self->session->db->quote($self->getId)." and userId=".$self->session->db->quote($userId));
return $value;
} else {
my ($admin) = $self->session->db->quickArray("select groupAdmin from groupings where groupId=".$self->session->db->quote($self->getId)." and userId=".$self->session->db->quote($userId));
return $admin;
}
}
#-------------------------------------------------------------------
=head2 userGroupExpireDate ( userId [, epoch ] )
Returns the epoch date that this grouping will expire.
=head3 userId
A guid that is the unique identifier for a user.
=head3 epoch
If specified the expire date will be set to this value.
=cut
sub userGroupExpireDate {
my $self = shift;
my $userId = shift;
my $epoch = shift;
if ($epoch) {
$self->session->db->write("update groupings set expireDate=".$self->session->db->quote($epoch)." where groupId=".$self->session->db->quote($self->getId)." and userId=".$self->session->db->quote($userId));
return $epoch;
} else {
my ($expireDate) = $self->session->db->quickArray("select expireDate from groupings where groupId=".$self->session->db->quote($self->getId)." and userId=".$self->session->db->quote($userId));
return $expireDate;
}
}
1;

581
lib/WebGUI/Grouping.pm
View file

@ -1,581 +0,0 @@
package WebGUI::Grouping;
=head1 LEGAL
-------------------------------------------------------------------
WebGUI is Copyright 2001-2006 Plain Black Corporation.
-------------------------------------------------------------------
Please read the legal notices (docs/legal.txt) and the license
(docs/license.txt) that came with this distribution before using
this software.
-------------------------------------------------------------------
http://www.plainblack.com info@plainblack.com
-------------------------------------------------------------------
=cut
use strict;
use WebGUI::Auth;
use WebGUI::Cache;
use WebGUI::DateTime;
use WebGUI::ErrorHandler;
use WebGUI::LDAPLink;
use WebGUI::Macro;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::Utility;
=head1 NAME
Package WebGUI::Grouping
=head1 DESCRIPTION
This package provides an interface for managing WebGUI user and group groupings.
=head1 SYNOPSIS
use WebGUI::Grouping;
WebGUI::Grouping::addGroupsToGroups(\@groups, \@toGroups);
WebGUI::Grouping::addUsersToGroups(\@users, \@toGroups);
WebGUI::Grouping::deleteGroupsFromGroups(\@groups, \@fromGroups);
WebGUI::Grouping::deleteUsersFromGroups(\@users, \@fromGroups);
$arrayRef = WebGUI::Grouping::getGroupsForGroup($groupId);
$arrayRef = WebGUI::Grouping::getGroupsForUser($userId);
$arrayRef = WebGUI::Grouping::getGroupsInGroup($groupId);
$arrayRef = WebGUI::Grouping::getUsersInGroup($groupId);
$boolean = WebGUI::Grouping::isInGroup($groupId, $userId);
$boolean = WebGUI::Grouping::userGroupAdmin($userId,$groupId);
$epoch = WebGUI::Grouping::userGroupExpireDate($userId,$groupId);
=head1 METHODS
These functions are available from this package:
=cut
#-------------------------------------------------------------------
=head2 addGroupsToGroups ( groups, toGroups )
Adds groups to a group.
=head3 groups
An array reference containing the list of group ids to add.
=head3 toGroups
An array reference containing the list of group ids to add the first list to.
=cut
sub addGroupsToGroups {
delete $session{isInGroup};
foreach my $gid (@{$_[0]}) {
next if ($gid eq '1');
foreach my $toGid (@{$_[1]}) {
my ($isIn) = $self->session->db->quickArray("select count(*) from groupGroupings
where groupId=".$self->session->db->quote($gid)." and inGroup=".$self->session->db->quote($toGid));
my $recursive = isIn($toGid, @{getGroupsInGroup($gid,1)});
unless ($isIn || $recursive) {
$self->session->db->write("insert into groupGroupings (groupId,inGroup) values (".$self->session->db->quote($gid).",".$self->session->db->quote($toGid).")");
my $cache = WebGUI::Cache->new($self->session,"groups_in_group_".$gid);
$cache->delete if (defined $cache);
$cache = WebGUI::Cache->new($self->session,"groups_in_group_".$toGid);
$cache->delete if (defined $cache);
}
}
}
}
#-------------------------------------------------------------------
=head2 addUsersToGroups ( users, groups [, expireOffset ] )
Adds users to the specified groups.
=head3 users
An array reference containing a list of users.
=head3 groups
An array reference containing a list of groups.
=head3 expireOffset
An override for the default offset of the grouping. Specified in seconds.
=cut
sub addUsersToGroups {
delete $session{isInGroup};
foreach my $gid (@{$_[1]}) {
my $expireOffset;
if ($_[2]) {
$expireOffset = $_[2];
} else {
($expireOffset) = $self->session->db->quickArray("select expireOffset from groups where groupId=".$self->session->db->quote($gid));
}
foreach my $uid (@{$_[0]}) {
next if ($uid eq '1');
my ($isIn) = $self->session->db->quickArray("select count(*) from groupings where groupId=".$self->session->db->quote($gid)." and userId=".$self->session->db->quote($uid));
unless ($isIn) {
$self->session->db->write("insert into groupings (groupId,userId,expireDate)
values (".$self->session->db->quote($gid).", ".$self->session->db->quote($uid).", ".($self->session->datetime->time()+$expireOffset).")");
} else {
if ($_[2]) {
userGroupExpireDate($uid,$gid,($self->session->datetime->time()+$expireOffset));
}
}
}
}
}
#-------------------------------------------------------------------
=head2 deleteGroupsFromGroups ( groups, fromGroups )
Deletes groups from these groups.
=head3 groups
An array reference containing the list of group ids to delete.
=head3 fromGroups
An array reference containing the list of group ids to delete from.
=cut
sub deleteGroupsFromGroups {
delete $session{isInGroup};
foreach my $gid (@{$_[0]}) {
foreach my $fromGid (@{$_[1]}) {
WebGUI::Cache->new($self->session,"groups_in_group_".$fromGid)->delete;
$self->session->db->write("delete from groupGroupings where groupId=".$self->session->db->quote($gid)." and inGroup=".$self->session->db->quote($fromGid));
}
}
}
#-------------------------------------------------------------------
=head2 deleteUsersFromGroups ( users, groups )
Deletes a list of users from the specified groups.
=head3 users
An array reference containing a list of users.
=head3 groups
An array reference containing a list of groups.
=cut
sub deleteUsersFromGroups {
delete $session{isInGroup};
foreach my $gid (@{$_[1]}) {
foreach my $uid (@{$_[0]}) {
$self->session->db->write("delete from groupings where groupId=".$self->session->db->quote($gid)." and userId=".$self->session->db->quote($uid));
}
}
}
#-------------------------------------------------------------------
=head2 getGroupsForGroup ( groupId )
Returns an array reference containing a list of groups the specified group is in.
=head3 groupId
A unique identifier for the group.
=cut
sub getGroupsForGroup {
return $self->session->db->buildArrayRef("select inGroup from groupGroupings where groupId=".$self->session->db->quote($_[0]));
}
#-------------------------------------------------------------------
=head2 getGroupsForUser ( userId [ , withoutExpired ] )
Returns an array reference containing a list of groups the specified user is in.
=head3 userId
A unique identifier for the user.
=head3 withoutExpired
If set to "1" then the listing will not include expired groupings. Defaults to "0".
=cut
sub getGroupsForUser {
my $userId = shift;
my $withoutExpired = shift;
my $clause = "and expireDate>"$self->session->datetime->time() if ($withoutExpired);
if ($userId eq "") {
return [];
} elsif (exists $session{gotGroupsForUser}{$userId}) {
return $session{gotGroupsForUser}{$userId};
} else {
my @groups = $self->session->db->buildArray("select groupId from groupings where userId=".$self->session->db->quote($userId)." $clause");
foreach my $gid (@groups) {
$session{isInGroup}{$userId}{$gid} = 1;
}
$session{gotGroupsForUser}{$userId} = \@groups unless ($self->session->config->get("disableCache"));
return \@groups;
}
}
#-------------------------------------------------------------------
=head2 getGroupsInGroup ( groupId [, recursive ] )
Returns an array reference containing a list of groups that belong to the specified group.
=head3 groupId
A unique identifier for the group.
=head3 recursive
A boolean value to determine whether the method should return the groups directly in the group, or to follow the entire groups of groups hierarchy. Defaults to "0".
=cut
sub getGroupsInGroup {
my $groupId = shift;
my $isRecursive = shift;
my $loopCount = shift;
if ($isRecursive && exists $session{gotGroupsInGroup}{recursive}{$groupId}) {
return $session{gotGroupsInGroup}{recursive}{$groupId};
} elsif (exists $session{gotGroupsInGroup}{recursive}{$groupId}) {
return $session{gotGroupsInGroup}{direct}{$groupId};
}
my $groups = WebGUI::Cache->new($self->session,"groups_in_group_".$groupId)->get;
unless (defined $groups) {
$groups = $self->session->db->buildArrayRef("select groupId from groupGroupings where inGroup=".$self->session->db->quote($groupId));
WebGUI::Cache->new($self->session,"groups_in_group_".$groupId)->set($groups);
}
if ($isRecursive) {
$loopCount++;
if ($loopCount > 99) {
$self->session->errorHandler->fatal("Endless recursive loop detected while determining".
" groups in group.\nRequested groupId: ".$groupId."\nGroups in that group: ".join(",",@$groups));
}
my @groupsOfGroups = @$groups;
foreach my $group (@$groups) {
my $gog = getGroupsInGroup($group,1,$loopCount);
push(@groupsOfGroups, @$gog);
}
$session{gotGroupsInGroup}{recursive}{$groupId} = \@groupsOfGroups unless ($self->session->config->get("disableCache"));
return \@groupsOfGroups;
}
$session{gotGroupsInGroup}{direct}{$groupId} = $groups;
return $groups;
}
#-------------------------------------------------------------------
=head2 getUsersInGroup ( groupId [, recursive, withoutExpired ] )
Returns an array reference containing a list of users that belong to the specified group.
=head3 groupId
A unique identifier for the group.
=head3 recursive
A boolean value to determine whether the method should return the users directly in the group or to follow the entire groups of groups hierarchy. Defaults to "0".
=head3 withoutExpired
A boolean that if set true will return the users list minus the expired groupings.
=cut
sub getUsersInGroup {
my $groupId = shift;
my $recursive = shift;
my $withoutExpired = shift;
my $clause;
if ($withoutExpired) {
$clause = "expireDate > "$self->session->datetime->time()." and ";
}
$clause .= "(groupId=".$self->session->db->quote($groupId);
if ($recursive) {
my $groups = getGroupsInGroup($groupId,1);
if ($#$groups >= 0) {
if ($withoutExpired) {
foreach my $groupId (@$groups) {
$clause .= " OR (groupId = ".$self->session->db->quote($groupId)." AND expireDate > "$self->session->datetime->time().") ";
}
} else {
$clause .= " OR groupId IN (".$self->session->db->quoteAndJoin($groups).")";
}
}
}
$clause .= ")";
return $self->session->db->buildArrayRef("select userId from groupings where $clause");
}
#-------------------------------------------------------------------
=head2 isInGroup ( [ groupId , userId ] )
Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins.
=head3 groupId
The group that you wish to verify against the user. Defaults to group with Id 3 (the Admin group).
=head3 userId
The user that you wish to verify against the group. Defaults to the currently logged in user.
=cut
sub isInGroup {
my (@data, %group, $groupId);
my ($gid, $uid, $secondRun) = @_;
$gid = 3 unless (defined $gid);
$uid = $self->session->user->profileField("userId") if ($uid eq "");
### The following several checks are to increase performance. If this section were removed, everything would continue to work as normal.
return 1 if ($gid eq '7'); # everyone is in the everyone group
return 1 if ($gid eq '1' && $uid eq '1'); # visitors are in the visitors group
return 0 if ($uid eq '1'); #Visitor is in no other groups
return 1 if ($uid eq '3'); #Admin is in every group
return 1 if ($gid eq '2' && $uid ne '1'); # if you're not a visitor, then you're a registered user
### Look to see if we've already looked up this group.
if ($session{isInGroup}{$uid}{$gid} eq '1') {
return 1;
} elsif ($session{isInGroup}{$uid}{$gid} eq "0") {
return 0;
}
### Lookup the actual groupings.
unless ($secondRun) { # don't look up user groups if we've already done it once.
my $groups = WebGUI::Grouping::getGroupsForUser($uid,1);
foreach (@{$groups}) {
$session{isInGroup}{$uid}{$_} = 1 unless ($self->session->config->get("disableCache"));
}
if ($session{isInGroup}{$uid}{$gid} eq '1') {
return 1;
}
}
### Get data for auxillary checks.
tie %group, 'Tie::CPHash';
%group = $self->session->db->quickHash("select karmaThreshold,ipFilter,scratchFilter,databaseLinkId,dbQuery,dbCacheTimeout,ldapGroup,ldapGroupProperty,ldapRecursiveProperty from groups where groupId=".$self->session->db->quote($gid));
### Check IP Address
if ($group{ipFilter} ne "") {
$group{ipFilter} =~ s/\t//g;
$group{ipFilter} =~ s/\r//g;
$group{ipFilter} =~ s/\n//g;
$group{ipFilter} =~ s/\s//g;
$group{ipFilter} =~ s/\./\\\./g;
my @ips = split(";",$group{ipFilter});
foreach my $ip (@ips) {
if ($self->session->env->get("REMOTE_ADDR") =~ /^$ip/) {
$session{isInGroup}{$uid}{$gid} = 1 unless ($self->session->config->get("disableCache"));
return 1;
}
}
}
### Check Scratch Variables
if ($group{scratchFilter} ne "") {
$group{scratchFilter} =~ s/\t//g;
$group{scratchFilter} =~ s/\r//g;
$group{scratchFilter} =~ s/\n//g;
$group{scratchFilter} =~ s/\s//g;
my @vars = split(";",$group{scratchFilter});
foreach my $var (@vars) {
my ($name, $value) = split(/\=/,$var);
if ($session{scratch}{$name} eq $value) {
$session{isInGroup}{$uid}{$gid} = 1 unless ($self->session->config->get("disableCache"));
return 1;
}
}
}
### Check karma levels.
if ($self->session->setting->get("useKarma")) {
my $karma;
if ($uid eq $self->session->user->profileField("userId")) {
$karma = $self->session->user->profileField("karma");
} else {
($karma) = $self->session->db->quickHash("select karma from users where userId=".$self->session->db->quote($uid));
}
if ($karma >= $group{karmaThreshold}) {
$session{isInGroup}{$uid}{$gid} = 1 unless ($self->session->config->get("disableCache"));
return 1;
}
}
### Check external database
if ($group{dbQuery} ne "" && $group{databaseLinkId}) {
# skip if not logged in and query contains a User macro
unless ($group{dbQuery} =~ /\^User/i && $uid eq '1') {
my $dbLink = WebGUI::DatabaseLink->new($session,$group{databaseLinkId});
my $dbh = $dbLink->dbh;
if (defined $dbh) {
if ($group{dbQuery} =~ /select 1/i) {
my $query = $group{dbQuery};
WebGUI::Macro::process($self->session,\$query);
$group{dbQuery} = $query;
my $sth = $self->session->db->unconditionalRead($group{dbQuery},$dbh);
unless ($sth->errorCode < 1) {
$self->session->errorHandler->warn("There was a problem with the database query for group ID $gid.");
} else {
my ($result) = $sth->array;
if ($result == 1) {
$session{isInGroup}{$uid}{$gid} = 1 unless ($self->session->config->get("disableCache"));
if ($group{dbCacheTimeout} > 0) {
WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]);
WebGUI::Grouping::addUsersToGroups([$uid],[$gid],$group{dbCacheTimeout});
}
} else {
$session{isInGroup}{$uid}{$gid} = 0 unless ($self->session->config->get("disableCache"));
WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]) if ($group{dbCacheTimeout} > 0);
}
}
$sth->finish;
} else {
$self->session->errorHandler->warn("Database query for group ID $gid must use 'select 1'");
}
$dbLink->disconnect;
return 1 if ($session{isInGroup}{$uid}{$gid});
}
}
}
### Check external database
if ($group{ldapGroup} ne "" && $group{ldapGroupProperty} ne "") {
# skip if not logged in
unless($uid eq '1') {
my $u = WebGUI::User->new($uid);
# skip if user is not set to LDAP
if($u->authMethod eq "LDAP") {
my $auth = WebGUI::Auth->new("LDAP",$uid);
my $params = $auth->getParams();
my $ldapLink = WebGUI::LDAPLink->new($params->{ldapConnection});
if($ldapLink ne "") {
my $people = [];
if($group{ldapRecursiveProperty}) {
$ldapLink->recurseProperty($group{ldapGroup},$people,$group{ldapGroupProperty},$group{ldapRecursiveProperty});
}else {
$people = $ldapLink->getProperty($group{ldapGroup},$group{ldapGroupProperty});
}
if(isIn($params->{connectDN},@{$people})) {
$session{isInGroup}{$uid}{$gid} = 1 unless ($self->session->config->get("disableCache"));
if ($group{dbCacheTimeout} > 10) {
WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]);
WebGUI::Grouping::addUsersToGroups([$uid],[$gid],$group{dbCacheTimeout});
}
} else {
$session{isInGroup}{$uid}{$gid} = 0 unless ($self->session->config->get("disableCache"));
WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]) if ($group{dbCacheTimeout} > 10);
}
$ldapLink->unbind;
return 1 if ($session{isInGroup}{$uid}{$gid});
}
}
}
}
### Check for groups of groups.
my $groups = WebGUI::Grouping::getGroupsInGroup($gid,1);
foreach (@{$groups}) {
$session{isInGroup}{$uid}{$_} = isInGroup($_, $uid, 1);
if ($session{isInGroup}{$uid}{$_}) {
$session{isInGroup}{$uid}{$gid} = 1 unless ($self->session->config->get("disableCache")); # cache current group also so we don't have to do the group in group check again
return 1;
}
}
$session{isInGroup}{$uid}{$gid} = 0 unless ($self->session->config->get("disableCache"));
return 0;
}
#-------------------------------------------------------------------
=head2 userGroupAdmin ( userId, groupId [, value ] )
Returns a 1 or 0 depending upon whether the user is a sub-admin for this group.
=head3 userId
An integer that is the unique identifier for a user.
=head3 groupId
An integer that is the unique identifier for a group.
=head3 value
If specified the admin flag will be set to this value.
=cut
sub userGroupAdmin {
if ($_[2] ne "") {
$self->session->db->write("update groupings set groupAdmin=".$self->session->db->quote($_[2])." where groupId=".$self->session->db->quote($_[1])." and userId=".$self->session->db->quote($_[0]));
return $_[2];
} else {
my ($admin) = $self->session->db->quickArray("select groupAdmin from groupings where groupId=".$self->session->db->quote($_[1])." and userId=".$self->session->db->quote($_[0]));
return $admin;
}
}
#-------------------------------------------------------------------
=head2 userGroupExpireDate ( userId, groupId [, epoch ] )
Returns the epoch date that this grouping will expire.
=head3 userId
An integer that is the unique identifier for a user.
=head3 groupId
An integer that is the unique identifier for a group.
=head3 epoch
If specified the expire date will be set to this value.
=cut
sub userGroupExpireDate {
if ($_[2]) {
$self->session->db->write("update groupings set expireDate=".$self->session->db->quote($_[2])." where groupId=".$self->session->db->quote($_[1])." and userId=".$self->session->db->quote($_[0]));
return $_[2];
} else {
my ($expireDate) = $self->session->db->quickArray("select expireDate from groupings where groupId=".$self->session->db->quote($_[1])." and userId=".$self->session->db->quote($_[0]));
return $expireDate;
}
}
1;

2
lib/WebGUI/Macro/AdminToggle.pm
View file

@ -47,7 +47,7 @@ A template from the Macro/AdminToggle namespace to use for formatting the link.
#-------------------------------------------------------------------
sub process {
my $session = shift;
if (WebGUI::Grouping::isInGroup(12)) {
if ($session->user->isInGroup(12)) {
my %var;
my ($turnOn,$turnOff,$templateName) = @_;
$turnOn ||= WebGUI::International::get(516,'Macro_AdminToggle');

2
lib/WebGUI/Macro/EditableToggle.pm
View file

@ -50,7 +50,7 @@ A template from the Macro/EditableToggle namespace to use for formatting the lin
#-------------------------------------------------------------------
sub process {
my $session = shift;
if (exists $session->asset && $session->asset->canEdit && WebGUI::Grouping::isInGroup(12)) {
if (exists $session->asset && $session->asset->canEdit && $session->user->isInGroup(12)) {
my %var;
my @param = @_;
my $turnOn = $param[0] || WebGUI::International::get(516,'Macro_EditableToggle');

6
lib/WebGUI/Macro/GroupAdd.pm
View file

@ -50,11 +50,11 @@ sub process {
return "" if ($param[1] eq "");
return "" if ($session->user->userId eq '1');
my $g = WebGUI::Group->find($param[0]);
return "" if ($g->groupId eq "");
return "" if ($g->getId eq "");
return "" unless ($g->autoAdd);
return "" if (WebGUI::Grouping::isInGroup($g->groupId));
return "" if ($session->user->isInGroup($g->getId));
my %var = ();
$var{'group.url'} = $session->url->page("op=autoAddToGroup;groupId=".$g->groupId);
$var{'group.url'} = $session->url->page("op=autoAddToGroup;groupId=".$g->getId);
$var{'group.text'} = $param[1];
if ($param[2]) {
return WebGUI::Asset::Template->newByUrl($session,$param[2])->process(\%var);

6
lib/WebGUI/Macro/GroupDelete.pm
View file

@ -50,11 +50,11 @@ sub process {
return "" if ($param[1] eq "");
return "" if ($session->user->userId eq '1');
my $g = WebGUI::Group->find($param[0]);
return "" if ($g->groupId eq "");
return "" if ($g->getId eq "");
return "" unless ($g->autoDelete);
return "" unless (WebGUI::Grouping::isInGroup($g->groupId));
return "" unless ($session->user->isInGroup($g->getId));
my %var = ();
$var{'group.url'} = $session->url->page("op=autoDeleteFromGroup;groupId=".$g->groupId);
$var{'group.url'} = $session->url->page("op=autoDeleteFromGroup;groupId=".$g->getId);
$var{'group.text'} = $param[1];
if ($param[2]) {
return WebGUI::Asset::Template->newByUrl($session,$param[2])->process(\%var);

2
lib/WebGUI/Macro/GroupText.pm
View file

@ -46,7 +46,7 @@ sub process {
my @param = @_;
my ($groupId) = $session->dbSlave->quickArray("select groupId from groups where groupName=".$session->db->quote($param[0]));
$groupId = 3 if ($groupId eq "");
if (WebGUI::Grouping::isInGroup($groupId)) {
if ($session->user->isInGroup($groupId)) {
return $param[1];
} else {
return $param[2];

4
lib/WebGUI/Operation/ActiveSessions.pm
View file

@ -44,7 +44,7 @@ $session->form->process("sid"). Afterwards, it calls www_viewActiveSessions.
sub www_killSession {
my $session = shift;
return www_viewActiveSessions() if $session->form->process("sid") eq $session->var->get("sessionId");
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
WebGUI::Session::end($session->form->process("sid"));
return www_viewActiveSessions();
}
@ -60,7 +60,7 @@ delete (kill) each one via www_killSession
sub www_viewActiveSessions {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my ($output, $p, @row, $i, $sth, %data);
tie %data, 'Tie::CPHash';
$sth = $session->db->read("select users.username,users.userId,userSession.sessionId,userSession.expires,

6
lib/WebGUI/Operation/Admin.pm
View file

@ -35,7 +35,7 @@ If the current user is in the Turn On Admin Group, then return an Admin Console.
sub www_adminConsole {
my $session = shift;
return "" unless (WebGUI::Grouping::isInGroup(12));
return "" unless ($session->user->isInGroup(12));
my $ac = WebGUI::AdminConsole->new;
return $ac->render;
}
@ -52,7 +52,7 @@ via WebGUI::Session::switchAdminOff()
sub www_switchOffAdmin {
my $session = shift;
return "" unless (WebGUI::Grouping::isInGroup(12));
return "" unless ($session->user->isInGroup(12));
WebGUI::Session::switchAdminOff();
return "";
}
@ -68,7 +68,7 @@ via WebGUI::Session::switchAdminOn()
sub www_switchOnAdmin {
my $session = shift;
return "" unless (WebGUI::Grouping::isInGroup(12));
return "" unless ($session->user->isInGroup(12));
WebGUI::Session::switchAdminOn();
return "";
}

4
lib/WebGUI/Operation/Cache.pm
View file

@ -76,7 +76,7 @@ Text description of how long the subscription lasts.
sub www_flushCache {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $cache = WebGUI::Cache->new($session,);
$cache->flush;
return www_manageCache();
@ -93,7 +93,7 @@ provides an option to clear the cache.
sub www_manageCache {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my ($output, $data);
my $cache = WebGUI::Cache->new($session,);
my $flushURL = $session->url->page('op=flushCache');

10
lib/WebGUI/Operation/Commerce.pm
View file

@ -333,7 +333,7 @@ sub www_checkoutSubmit {
#-------------------------------------------------------------------
sub www_completePendingTransaction {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
WebGUI::Commerce::Transaction->new($session->form->process("tid"))->completeTransaction;
@ -376,7 +376,7 @@ sub www_editCommerceSettings {
my (%tabs, $tabform, $currentPlugin, $ac, $jscript, $i18n,
$paymentPlugin, @paymentPlugins, %paymentPlugins, @failedPaymentPlugins, $plugin,
$shippingPlugin, @shippingPlugins, %shippingPlugins, @failedShippingPlugins);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
$i18n = WebGUI::International->new('Commerce');
@ -517,7 +517,7 @@ sub www_editCommerceSettings {
#-------------------------------------------------------------------
sub www_editCommerceSettingsSave {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
foreach (keys(%{$session{form}})) {
# Store the plugin confiuration data in a special table for security and the general settings in the
@ -541,7 +541,7 @@ sub www_editCommerceSettingsSave {
sub www_listPendingTransactions {
my $session = shift;
my ($p, $transactions, $output, $properties, $i18n);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
$i18n = WebGUI::International->new("Commerce");
@ -575,7 +575,7 @@ sub www_listTransactions {
my $session = shift;
my ($output, %criteria, $transaction, @transactions);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
my $i18n = WebGUI::International->new('TransactionLog');

12
lib/WebGUI/Operation/DatabaseLink.pm
View file

@ -43,7 +43,7 @@ sub _submenu {
#-------------------------------------------------------------------
sub www_copyDatabaseLink {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
WebGUI::DatabaseLink->new($session,$session->form->process("dlid"))->copy;
return www_listDatabaseLinks();
}
@ -51,7 +51,7 @@ sub www_copyDatabaseLink {
#-------------------------------------------------------------------
sub www_deleteDatabaseLink {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
my ($output);
$output .= WebGUI::International::get(988).'<p>';
$output .= '<p><div align="center"><a href="'.
@ -65,7 +65,7 @@ sub www_deleteDatabaseLink {
#-------------------------------------------------------------------
sub www_deleteDatabaseLinkConfirm {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
WebGUI::DatabaseLink->new($session,$session->form->process("dlid"))->delete;
return www_listDatabaseLinks();
}
@ -73,7 +73,7 @@ sub www_deleteDatabaseLinkConfirm {
#-------------------------------------------------------------------
sub www_editDatabaseLink {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
my ($output, %db, $f);
tie %db, 'Tie::CPHash';
if ($session->form->process("dlid") eq "new") {
@ -129,7 +129,7 @@ sub www_editDatabaseLink {
#-------------------------------------------------------------------
sub www_editDatabaseLinkSave {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
my $params = {
title=>$session->form->process("title"),
username=>$session->form->process("dbusername"),
@ -147,7 +147,7 @@ sub www_editDatabaseLinkSave {
#-------------------------------------------------------------------
sub www_listDatabaseLinks {
my $session = shift;
return $session->privilege->adminOnly() unless(WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless($session->user->isInGroup(3));
my $links = WebGUI::DatabaseLinks->getList($session);
my $output = '<table border="1" cellpadding="3" cellspacing="0" align="center">';
foreach my $id (keys %{$links}) {

66
lib/WebGUI/Operation/Group.pm
View file

@ -33,8 +33,8 @@ use WebGUI::Utility;
#-------------------------------------------------------------------
sub _hasSecondaryPrivilege {
my $session = shift;
return 0 unless (WebGUI::Grouping::isInGroup(11));
return WebGUI::Grouping::userGroupAdmin($session->user->profileField("userId"),$_[0]);
return 0 unless ($session->user->isInGroup(11));
return $group->userIsAdmin($session->user->profileField("userId"),$_[0]);
}
@ -49,10 +49,10 @@ sub _submenu {
if ($help) {
$ac->setHelp($help);
}
if (WebGUI::Grouping::isInGroup(3)) {
if ($session->user->isInGroup(3)) {
$ac->addSubmenuItem($session->url->page('op=editGroup;gid=new'), WebGUI::International::get(90));
}
if (WebGUI::Grouping::isInGroup(11)) {
if ($session->user->isInGroup(11)) {
unless ($session->form->process("op") eq "listGroups"
|| $session->form->process("gid") eq "new"
|| $session->form->process("op") eq "deleteGroupConfirm") {
@ -162,18 +162,18 @@ sub walkGroups {
#-------------------------------------------------------------------
sub www_addGroupsToGroupSave {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
my @groups = $session->form->group('groups');
WebGUI::Grouping::addGroupsToGroups(\@groups,[$session->form->process("gid")]);
$group->addGroups(\@groups,[$session->form->process("gid")]);
return www_manageGroupsInGroup();
}
#-------------------------------------------------------------------
sub www_addUsersToGroupSave {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
my @users = $session->form->selectList('users');
WebGUI::Grouping::addUsersToGroups(\@users,[$session->form->process("gid")]);
$group->addUsers(\@users,[$session->form->process("gid")]);
return www_manageUsersInGroup();
}
@ -183,7 +183,7 @@ sub www_autoAddToGroup {
return WebGUI::AdminConsole->new($session,"groups")->render($session->privilege->insufficient()) unless ($session->user->profileField("userId") ne 1);
my $group = WebGUI::Group->new($session->form->process("groupId"));
if ($group->autoAdd) {
WebGUI::Grouping::addUsersToGroups([$session->user->profileField("userId")],[$session->form->process("groupId")]);
$group->addUsers([$session->user->profileField("userId")],[$session->form->process("groupId")]);
}
return "";
}
@ -194,7 +194,7 @@ sub www_autoDeleteFromGroup {
return WebGUI::AdminConsole->new($session,"groups")->render($session->privilege->insufficient()) unless ($session->user->profileField("userId") ne 1);
my $group = WebGUI::Group->new($session->form->process("groupId"));
if ($group->autoDelete) {
WebGUI::Grouping::deleteUsersFromGroups([$session->user->profileField("userId")],[$session->form->process("groupId")]);
$group->deleteUsers([$session->user->profileField("userId")],[$session->form->process("groupId")]);
}
return "";
}
@ -202,7 +202,7 @@ sub www_autoDeleteFromGroup {
#-------------------------------------------------------------------
sub www_deleteGroup {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->vitalComponent() if (isIn($session->form->process("gid"), qw(1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17)));
my ($output);
$output .= WebGUI::International::get(86).'<p>';
@ -216,7 +216,7 @@ sub www_deleteGroup {
#-------------------------------------------------------------------
sub www_deleteGroupConfirm {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->vitalComponent() if (isIn($session->form->process("gid"), qw(1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17)));
my $g = WebGUI::Group->new($session->form->process("gid"));
$g->delete;
@ -226,8 +226,8 @@ sub www_deleteGroupConfirm {
#-------------------------------------------------------------------
sub www_deleteGroupGrouping {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup('3') || _hasSecondaryPrivilege($session->form->process("gid")));
WebGUI::Grouping::deleteGroupsFromGroups([$session->form->process("delete")],[$session->form->process("gid")]);
return $session->privilege->adminOnly() unless ($session->user->isInGroup('3') || _hasSecondaryPrivilege($session->form->process("gid")));
$group->deleteGroups([$session->form->process("delete")],[$session->form->process("gid")]);
return www_manageGroupsInGroup();
}
@ -244,7 +244,7 @@ perform this operation, and the
sub www_deleteGrouping {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
if (($session->user->profileField("userId") eq $session->form->process("uid") || $session->form->process("uid") eq '3') && $session->form->process("gid") eq '3') {
return $session->privilege->vitalComponent();
}
@ -261,7 +261,7 @@ sub www_deleteGrouping {
#-------------------------------------------------------------------
sub www_editGroup {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
my ($output, $f, $g);
if ($session->form->process("gid") eq "new") {
$g = WebGUI::Group->new("");
@ -279,7 +279,7 @@ sub www_editGroup {
);
$f->readOnly(
-label => WebGUI::International::get(379),
-value => $g->groupId,
-value => $g->getId,
);
$f->text(
-name => "groupName",
@ -408,7 +408,7 @@ sub www_editGroup {
#-------------------------------------------------------------------
sub www_editGroupSave {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
my $g = WebGUI::Group->new($session->form->process("gid"));
$g->description($session->form->process("description"));
$g->name($session->form->process("groupName"));
@ -434,7 +434,7 @@ sub www_editGroupSave {
#-------------------------------------------------------------------
sub www_editGrouping {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
my $f = WebGUI::HTMLForm->new;
$f->hidden(
-name => "op",
@ -464,13 +464,13 @@ sub www_editGrouping {
-name => "expireDate",
-label => WebGUI::International::get(369),
-hoverHelp => WebGUI::International::get('369 description'),
-value => WebGUI::Grouping::userGroupExpireDate($session->form->process("uid"),$session->form->process("gid")),
-value => $group->userGroupExpireDate($session->form->process("uid"),$session->form->process("gid")),
);
$f->yesNo(
-name=>"groupAdmin",
-label=>WebGUI::International::get(977),
-hoverHelp=>WebGUI::International::get('977 description'),
-value=>WebGUI::Grouping::userGroupAdmin($session->form->process("uid"),$session->form->process("gid"))
-value=>$group->userIsAdmin($session->form->process("uid"),$session->form->process("gid"))
);
$f->submit;
return _submenu($f->print,'370','grouping edit');
@ -479,16 +479,16 @@ sub www_editGrouping {
#-------------------------------------------------------------------
sub www_editGroupingSave {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
WebGUI::Grouping::userGroupExpireDate($session->form->process("uid"),$session->form->process("gid")$session->datetime->setToEpoch($session->form->process("expireDate")));
WebGUI::Grouping::userGroupAdmin($session->form->process("uid"),$session->form->process("gid"),$session->form->process("groupAdmin"));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
$group->userGroupExpireDate($session->form->process("uid"),$session->form->process("gid")$session->datetime->setToEpoch($session->form->process("expireDate")));
$group->userIsAdmin($session->form->process("uid"),$session->form->process("gid"),$session->form->process("groupAdmin"));
return www_manageUsersInGroup();
}
#-------------------------------------------------------------------
sub www_emailGroup {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
my ($output,$f);
$f = WebGUI::HTMLForm->new;
$f->hidden(
@ -524,7 +524,7 @@ sub www_emailGroup {
#-------------------------------------------------------------------
sub www_emailGroupSend {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
my ($sth, $email);
$sth = $session->db->read("select b.fieldData from groupings a left join userProfileData b
on a.userId=b.userId and b.fieldName='email' where a.groupId=".$session->db->quote($session->form->process("gid")));
@ -540,7 +540,7 @@ sub www_emailGroupSend {
#-------------------------------------------------------------------
sub www_listGroups {
my $session = shift;
if (WebGUI::Grouping::isInGroup(3)) {
if ($session->user->isInGroup(3)) {
my $output = getGroupSearchForm("listGroups");
my ($groupCount) = $session->db->quickArray("select count(*) from groups where isEditable=1");
return _submenu($output) unless ($session->form->process("doit") || $groupCount<250 || $session->form->process("pn") > 1);
@ -562,7 +562,7 @@ sub www_listGroups {
$output .= '</table>';
$output .= $p->getBarTraditional;
return _submenu($output,'',"groups manage");
} elsif (WebGUI::Grouping::isInGroup(11)) {
} elsif ($session->user->isInGroup(11)) {
my ($output, $p, $sth, @data, @row, $i, $userCount);
my @editableGroups = $session->db->buildArray("select groupId from groupings where userId=".$session->db->quote($session->user->profileField("userId"))." and groupAdmin=1");
push (@editableGroups,0);
@ -597,7 +597,7 @@ sub www_listGroups {
#-------------------------------------------------------------------
sub www_manageGroupsInGroup {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
my $f = WebGUI::HTMLForm->new;
$f->hidden(
-name => "op",
@ -608,8 +608,8 @@ sub www_manageGroupsInGroup {
-value => $session->form->process("gid")
);
my @groups;
my $groupsIn = WebGUI::Grouping::getGroupsInGroup($session->form->process("gid"),1);
my $groupsFor = WebGUI::Grouping::getGroupsForGroup($session->form->process("gid"));
my $groupsIn = $group->getGroupsIn($session->form->process("gid"),1);
my $groupsFor = $group->getGroupsFor($session->form->process("gid"));
push(@groups, @$groupsIn,@$groupsFor,$session->form->process("gid"));
$f->group(
-name=>"groups",
@ -628,7 +628,7 @@ sub www_manageGroupsInGroup {
#-------------------------------------------------------------------
sub www_manageUsersInGroup {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3) || _hasSecondaryPrivilege($session->form->process("gid")));
my $output = WebGUI::Form::formHeader($session,)
.WebGUI::Form::hidden({
name=>"gid",
@ -673,7 +673,7 @@ sub www_manageUsersInGroup {
-name => "op",
-value => "addUsersToGroupSave"
);
my $existingUsers = WebGUI::Grouping::getUsersInGroup($session->form->process("gid"));
my $existingUsers = $group->getUsers($session->form->process("gid"));
push(@{$existingUsers},"1");
my %users;
tie %users, "Tie::IxHash";

8
lib/WebGUI/Operation/Help.pm
View file

@ -99,7 +99,7 @@ sub _getHelpName {
#-------------------------------------------------------------------
sub www_viewHelp {
my $session = shift;
return $session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(7));
return $session->privilege->insufficient() unless ($session->user->isInGroup(7));
my $ac = WebGUI::AdminConsole->new($session,"help");
my $namespace = $session->form->process("namespace") || "WebGUI";
my $i18n = WebGUI::International->new($namespace);
@ -128,7 +128,7 @@ sub www_viewHelp {
#-------------------------------------------------------------------
sub www_viewHelpIndex {
my $session = shift;
return $session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(7));
return $session->privilege->insufficient() unless ($session->user->isInGroup(7));
my @helpIndex;
my $i;
my @files = _getHelpFilesList();
@ -162,7 +162,7 @@ sub www_viewHelpIndex {
#-------------------------------------------------------------------
sub www_viewHelpTOC {
my $session = shift;
return $session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(7));
return $session->privilege->insufficient() unless ($session->user->isInGroup(7));
my @helpIndex;
my $i;
my @files = _getHelpFilesList();
@ -192,7 +192,7 @@ sub www_viewHelpTOC {
#-------------------------------------------------------------------
sub www_viewHelpChapter {
my $session = shift;
return $session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(7));
return $session->privilege->insufficient() unless ($session->user->isInGroup(7));
my $namespace = $session->form->process("namespace");
my $help = _load($namespace);
my @entries = sort keys %{ $help };

10
lib/WebGUI/Operation/LDAPLink.pm
View file

@ -52,7 +52,7 @@ sub _submenu {
#-------------------------------------------------------------------
sub www_copyLDAPLink {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
my (%db);
tie %db, 'Tie::CPHash';
%db = $session->db->quickHash("select * from ldapLink where ldapLinkId=".$session->db->quote($session->form->process("llid")));
@ -67,7 +67,7 @@ sub www_copyLDAPLink {
#-------------------------------------------------------------------
sub www_deleteLDAPLink {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
$session->db->write("delete from ldapLink where ldapLinkId=".$session->db->quote($session->form->process("llid")));
$session->form->process("op") = "listLDAPLinks";
return www_listLDAPLinks();
@ -76,7 +76,7 @@ sub www_deleteLDAPLink {
#-------------------------------------------------------------------
sub www_editLDAPLink {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
my ($output, %db, $f);
tie %db, 'Tie::CPHash';
%db = $session->db->quickHash("select * from ldapLink where ldapLinkId=".$session->db->quote($session->form->process("llid")));
@ -188,7 +188,7 @@ sub www_editLDAPLink {
#-------------------------------------------------------------------
sub www_editLDAPLinkSave {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
my $properties = {};
$properties->{ldapLinkId} = $session->form->process("llid");
$properties->{ldapLinkName} = $session->form->process("ldapLinkName");
@ -214,7 +214,7 @@ sub www_editLDAPLinkSave {
#-------------------------------------------------------------------
sub www_listLDAPLinks {
my $session = shift;
return $session->privilege->adminOnly() unless(WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless($session->user->isInGroup(3));
my ($output, $p, $sth, $data, @row, $i);
my $returnUrl = "";
if($session->form->process("returnUrl")) {

2
lib/WebGUI/Operation/LoginHistory.pm
View file

@ -39,7 +39,7 @@ they used.
sub www_viewLoginHistory {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my ($output, $p, @row, $i, $sth, %data);
tie %data, 'Tie::CPHash';
$sth = $session->db->read("select * from users,userLoginLog where users.userId=userLoginLog.userId order by userLoginLog.timeStamp desc");

4
lib/WebGUI/Operation/MessageLog.pm
View file

@ -59,7 +59,7 @@ Templated display all messages for the current user.
sub www_viewMessageLog {
my $session = shift;
my (@msg, $vars);
return $session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(2,$session->user->profileField("userId")));
return $session->privilege->insufficient() unless ($session->user->isInGroup(2,$session->user->profileField("userId")));
$vars->{displayTitle} = '<h1>'.WebGUI::International::get(159).'</h1>';
my $p = WebGUI::Paginator->new($session->url->page('op=viewMessageLog'));
my $query = "select messageLogId,subject,url,dateOfEntry,status from messageLog where userId=".$session->db->quote($session->user->profileField("userId"))." order by dateOfEntry desc";
@ -104,7 +104,7 @@ Templated display of a single message for the user.
sub www_viewMessageLogMessage {
my $session = shift;
my ($data, $vars);
return $session->privilege->insufficient() unless (WebGUI::Grouping::isInGroup(2,$session->user->profileField("userId")));
return $session->privilege->insufficient() unless ($session->user->isInGroup(2,$session->user->profileField("userId")));
$vars->{displayTitle} = '<h1>'.WebGUI::International::get(159).'</h1>';
$data = $session->db->quickHashRef("select * from messageLog where messageLogId=".$session->db->quote($session->form->process("mlog"))." and userId=".$session->db->quote($session->user->profileField("userId")));

34
lib/WebGUI/Operation/ProductManager.pm
View file

@ -45,7 +45,7 @@ sub www_deleteProductParameterOption {
my $session = shift;
my $optionId = $session->form->process("optionId");
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
WebGUI::Product->getByOptionId($optionId)->deleteOption($optionId);
@ -57,7 +57,7 @@ sub www_deleteProductParameter {
my $session = shift;
my $parameterId = $session->form->process("parameterId");
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
WebGUI::Product->getByParameterId($parameterId)->deleteParameter($parameterId);
@ -69,7 +69,7 @@ sub www_deleteProduct {
my $session = shift;
my $productId = $session->form->process("productId");
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
WebGUI::Product->new($productId)->delete;
@ -81,7 +81,7 @@ sub www_editProduct {
my $session = shift;
my ($productId, $product, $f, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new('ProductManager');
$productId = $session->form->process("productId");
@ -157,7 +157,7 @@ sub www_editProductSave {
my $session = shift;
my ($self, @error, $productId, $product, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new('ProductManager');
@ -189,7 +189,7 @@ sub www_editProductParameter {
my $session = shift;
my ($parameterId, $product, $productId, $parameter, $f, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new('ProductManager');
@ -236,7 +236,7 @@ sub www_editProductParameterSave {
my $session = shift;
my (@error, $parameterId, $product, $i18n, $skuTemplate, $oldName, $newName);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new('ProductManager');
@ -275,7 +275,7 @@ sub www_editProductParameterOption {
my $session = shift;
my ($self, $optionId, $option, $f, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new('ProductManager');
@ -339,7 +339,7 @@ sub www_editProductParameterOptionSave {
my $session = shift;
my ($self, @error, $optionId, $product, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new('ProductManager');
@ -366,7 +366,7 @@ sub www_editProductVariant {
my $session = shift;
my ($variantId, $variant, $f, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new("ProductManager");
@ -420,7 +420,7 @@ sub www_editProductVariantSave {
my $session = shift;
my $variantId = $session->form->process("variantId");
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
WebGUI::Product->getByVariantId($variantId)->setVariant($variantId, $session{form});
@ -432,7 +432,7 @@ sub www_editSkuTemplate {
my $session = shift;
my ($product, $productId, $output, $f, $name, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new("ProductManager");
@ -472,7 +472,7 @@ sub www_editSkuTemplateSave {
my $session = shift;
my ($productId) = $session->form->process("productId");
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
WebGUI::Product->new($productId)->set({
skuTemplate => $session->form->process("skuTemplate"),
@ -486,7 +486,7 @@ sub www_listProducts {
my $session = shift;
my ($self, $sth, $output, $row, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new('ProductManager');
@ -514,7 +514,7 @@ sub www_listProductVariants {
my $session = shift;
my ($productId, $product, @variants, %parameters, %options, $output, %composition, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new("ProductManager");
@ -576,7 +576,7 @@ sub www_listProductVariants {
sub www_listProductVariantsSave {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
my %availableVariants = map {$_ => 1} $session->form->selectList('available');
@ -596,7 +596,7 @@ sub www_manageProduct {
my $session = shift;
my ($productId, $product, $output, $parameter, $option, $optionId, $i18n);
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(14));
return $session->privilege->insufficient unless ($session->user->isInGroup(14));
$i18n = WebGUI::International->new("ProductManager");

4
lib/WebGUI/Operation/Profile.pm
View file

@ -159,8 +159,8 @@ sub www_viewProfile {
return $session->privilege->notMember() if($u->username eq "");
return $session->style->userStyle($vars->{displayTitle}.WebGUI::International::get(862)) if($u->profileField("publicProfile") < 1 && ($session->user->profileField("userId") ne $session->form->process("uid") || WebGUI::Grouping::isInGroup(3)));
return $session->privilege->insufficient() if(!WebGUI::Grouping::isInGroup(2));
return $session->style->userStyle($vars->{displayTitle}.WebGUI::International::get(862)) if($u->profileField("publicProfile") < 1 && ($session->user->profileField("userId") ne $session->form->process("uid") || $session->user->isInGroup(3)));
return $session->privilege->insufficient() if(!$session->user->isInGroup(2));
my @array = ();
foreach my $category (@{WebGUI::ProfileCategory->getCategories}) {

22
lib/WebGUI/Operation/ProfileSettings.pm
View file

@ -52,7 +52,7 @@ sub _submenu {
#-------------------------------------------------------------------
sub www_deleteProfileCategoryConfirm {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $category = WebGUI::ProfileCategory->new($session->form->process("cid"));
return WebGUI::AdminConsole->new($session,"userProfiling")->render($session->privilege->vitalComponent()) if ($category->isProtected);
$category->delete;
@ -62,7 +62,7 @@ sub www_deleteProfileCategoryConfirm {
#-------------------------------------------------------------------
sub www_deleteProfileFieldConfirm {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $field = WebGUI::ProfileField->new($session->form->process("fid"));
return WebGUI::AdminConsole->new($session,"userProfiling")->render($session->privilege->vitalComponent()) if ($field->isProtected);
$field->delete;
@ -72,7 +72,7 @@ sub www_deleteProfileFieldConfirm {
#-------------------------------------------------------------------
sub www_editProfileCategory {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $data = {};
my $f = WebGUI::HTMLForm->new;
$f->hidden(
@ -120,7 +120,7 @@ sub www_editProfileCategory {
#-------------------------------------------------------------------
sub www_editProfileCategorySave {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my %data = (
label=>$session->form->text("label"),
visible=>$session->form->yesNo("visible"),
@ -138,7 +138,7 @@ sub www_editProfileCategorySave {
#-------------------------------------------------------------------
sub www_editProfileField {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $f = WebGUI::HTMLForm->new;
$f->hidden(
-name => "op",
@ -239,7 +239,7 @@ sub www_editProfileField {
#-------------------------------------------------------------------
sub www_editProfileFieldSave {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my %data = (
label=>$session->form->text("label"),
editable=>$session->form->yesNo("editable"),
@ -264,7 +264,7 @@ sub www_editProfileFieldSave {
#-------------------------------------------------------------------
sub www_editProfileSettings {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $output = "";
foreach my $category (@{WebGUI::ProfileCategory->getCategories}) {
$output .= deleteIcon('op=deleteProfileCategoryConfirm;cid='.$category->getId,'',WebGUI::International::get(466,"WebGUIProfile"));
@ -288,7 +288,7 @@ sub www_editProfileSettings {
#-------------------------------------------------------------------
sub www_moveProfileCategoryDown {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
WebGUI::ProfileCategory->new($session->form->process("cid"))->moveDown;
return www_editProfileSettings();
}
@ -296,7 +296,7 @@ sub www_moveProfileCategoryDown {
#-------------------------------------------------------------------
sub www_moveProfileCategoryUp {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
WebGUI::ProfileCategory->new($session->form->process("cid"))->moveUp;
return www_editProfileSettings();
}
@ -304,7 +304,7 @@ sub www_moveProfileCategoryUp {
#-------------------------------------------------------------------
sub www_moveProfileFieldDown {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
WebGUI::ProfileField->new($session->form->process("fid"))->moveDown;
return www_editProfileSettings();
}
@ -312,7 +312,7 @@ sub www_moveProfileFieldDown {
#-------------------------------------------------------------------
sub www_moveProfileFieldUp {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
WebGUI::ProfileField->new($session->form->process("fid"))->moveUp;
return www_editProfileSettings();
}

8
lib/WebGUI/Operation/Replacements.pm
View file

@ -40,7 +40,7 @@ sub _submenu {
#-------------------------------------------------------------------
sub www_deleteReplacement {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
$session->db->write("delete from replacements where replacementId=".$session->db->quote($session->form->process("replacementId")));
return www_listReplacements();
}
@ -48,7 +48,7 @@ sub www_deleteReplacement {
#-------------------------------------------------------------------
sub www_editReplacement {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $data = $session->db->getRow("replacements","replacementId",$session->form->process("replacementId"));
my $f = WebGUI::HTMLForm->new;
$f->hidden(
@ -82,7 +82,7 @@ sub www_editReplacement {
#-------------------------------------------------------------------
sub www_editReplacementSave {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
$session->db->setRow("replacements","replacementId",{
replacementId=>$session->form->process("replacementId"),
searchFor=>$session->form->process("searchFor"),
@ -94,7 +94,7 @@ sub www_editReplacementSave {
#-------------------------------------------------------------------
sub www_listReplacements {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $output = '<table>';
$output .= '<tr><td></td><td class="tableHeader">'.WebGUI::International::get(1050).'</td><td class="tableHeader">'.WebGUI::International::get(1051).'</td></tr>';
my $sth = $session->db->read("select replacementId,searchFor,replaceWith from replacements order by searchFor");

4
lib/WebGUI/Operation/Settings.pm
View file

@ -28,7 +28,7 @@ use WebGUI::URL;
#-------------------------------------------------------------------
sub www_editSettings {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $i18n = WebGUI::International->new("WebGUI");
my %tabs;
tie %tabs, 'Tie::IxHash';
@ -297,7 +297,7 @@ sub www_editSettings {
#-------------------------------------------------------------------
sub www_saveSettings {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my ($key, $value);
foreach $key (keys %{$session{form}}) {
$value = $session{form}{$key};

4
lib/WebGUI/Operation/Shared.pm
View file

@ -27,7 +27,7 @@ our @EXPORT = qw(&menuWrapper);
sub accountOptions {
my $session = shift;
my @array;
if (WebGUI::Grouping::isInGroup(12)) {
if ($session->user->isInGroup(12)) {
my %hash;
if ($session->var->get("adminOn")) {
$hash{'options.display'} .= '<a href="'.$session->url->page('op=switchOffAdmin').'">'.WebGUI::International::get(12).'</a>';
@ -63,7 +63,7 @@ our @EXPORT = qw(&menuWrapper);
my %logout;
$logout{'options.display'} = '<a href="'.$session->url->page('op=auth;method=logout').'">'.WebGUI::International::get(64).'</a>';
push(@array,\%logout);
if ($session->setting->get("selfDeactivation") && !WebGUI::Grouping::isInGroup(3)){
if ($session->setting->get("selfDeactivation") && !$session->user->isInGroup(3)){
my %hash;
$hash{'options.display'} = '<a href="'.$session->url->page('op=auth;method=deactivateAccount').'">'.WebGUI::International::get(65).'</a>';
push(@array,\%hash);

2
lib/WebGUI/Operation/Statistics.pm
View file

@ -36,7 +36,7 @@ sub _submenu {
#-------------------------------------------------------------------
sub www_viewStatistics {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my ($output, $data);
my $url = "http://www.plainblack.com/downloads/latest-version.txt";
my $cache = WebGUI::Cache->new($session,$url,"URL");

20
lib/WebGUI/Operation/Subscription.pm
View file

@ -56,7 +56,7 @@ sub _submenu {
sub www_createSubscriptionCodeBatch {
my $session = shift;
my (%subscriptions, $f, $error, $errorMessage);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
$error = shift;
my $i18n = WebGUI::International->new("Subscription");
@ -115,7 +115,7 @@ sub www_createSubscriptionCodeBatchSave {
my $session = shift;
my ($numberOfCodes, $description, $expires, $batchId, @codeElements, $currentCode, $code, $i, @subscriptions,
@error, $creationEpoch);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $i18n = WebGUI::International->new("Subscription");
@ -154,7 +154,7 @@ sub www_createSubscriptionCodeBatchSave {
#-------------------------------------------------------------------
sub www_deleteSubscription {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
WebGUI::Subscription->new($session->form->process("sid"))->delete;
return www_listSubscriptions();
@ -163,7 +163,7 @@ sub www_deleteSubscription {
#-------------------------------------------------------------------
sub www_deleteSubscriptionCodeBatch {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
$session->db->write("delete from subscriptionCodeBatch where batchId=".$session->db->quote($session->form->process("bid")));
$session->db->write("delete from subscriptionCode where batchId=".$session->db->quote($session->form->process("bid")));
@ -174,7 +174,7 @@ sub www_deleteSubscriptionCodeBatch {
#-------------------------------------------------------------------
sub www_deleteSubscriptionCodes {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
if ($session->form->process("selection") eq 'dc') {
$session->db->write("delete from subscriptionCode where dateCreated >= ".$session->db->quote($session->form->process("dcStart")).
@ -191,7 +191,7 @@ sub www_deleteSubscriptionCodes {
sub www_editSubscription {
my $session = shift;
my ($properties, $subscriptionId, $durationInterval, $durationUnits, $f);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $i18n = WebGUI::International->new("Subscription");
@ -268,7 +268,7 @@ sub www_editSubscription {
sub www_editSubscriptionSave {
my $session = shift;
my (@relevantFields);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
@relevantFields = qw(subscriptionId name price description subscriptionGroup duration executeOnSubscription karma);
WebGUI::Subscription->new($session->form->process("sid"))->set({map {$_ => $session{form}{$_}} @relevantFields});
@ -280,7 +280,7 @@ sub www_editSubscriptionSave {
sub www_listSubscriptionCodeBatches {
my $session = shift;
my ($p, $batches, $output);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $i18n = WebGUI::International->new("Subscription");
@ -310,7 +310,7 @@ sub www_listSubscriptionCodeBatches {
sub www_listSubscriptionCodes {
my $session = shift;
my ($p, $codes, $output, $where, $ops, $delete);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $i18n = WebGUI::International->new("Subscription");
@ -392,7 +392,7 @@ sub www_listSubscriptionCodes {
sub www_listSubscriptions {
my $session = shift;
my ($p, $subscriptions, $output);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my $i18n = WebGUI::International->new("Subscription");

4
lib/WebGUI/Operation/TransactionLog.pm
View file

@ -96,7 +96,7 @@ sub www_deleteTransaction {
my $session = shift;
my $transactionId;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
$transactionId = $session->form->process("tid");
@ -108,7 +108,7 @@ sub www_deleteTransaction {
#-------------------------------------------------------------------
sub www_deleteTransactionItem {
my $session = shift;
return $session->privilege->insufficient unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->insufficient unless ($session->user->isInGroup(3));
WebGUI::Commerce::Transaction->new($session->form->process("tid"))->deleteItem($session->form->process("iid"), $session->form->process("itype"));

24
lib/WebGUI/Operation/User.pm
View file

@ -73,10 +73,10 @@ sub _submenu {
if ($help) {
$ac->setHelp($help);
}
if (WebGUI::Grouping::isInGroup(11)) {
if ($session->user->isInGroup(11)) {
$ac->addSubmenuItem($session->url->page("op=editUser;uid=new"), WebGUI::International::get(169));
}
if (WebGUI::Grouping::isInGroup(3)) {
if ($session->user->isInGroup(3)) {
unless ($session->form->process("op") eq "listUsers"
|| $session->form->process("op") eq "deleteUserConfirm") {
$ac->addSubmenuItem($session->url->page("op=editUser;uid=".$session->form->process("uid")), WebGUI::International::get(457));
@ -227,7 +227,7 @@ Allows an administrator to assume another user.
sub www_becomeUser {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
$session->user({userId=>$session->form->process("uid")});
return "";
}
@ -246,7 +246,7 @@ of the user to delete is expected in a URL param names 'uid'.
sub www_deleteUser {
my $session = shift;
my ($output);
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
if ($session->form->process("uid") eq '1' || $session->form->process("uid") eq '3') {
return _submenu($session->privilege->vitalComponent());
} else {
@ -271,7 +271,7 @@ after this.
sub www_deleteUserConfirm {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my ($u);
if ($session->form->process("uid") eq '1' || $session->form->process("uid") eq '3') {
return WebGUI::AdminConsole->new($session,"users")->render($session->privilege->vitalComponent());
@ -285,7 +285,7 @@ sub www_deleteUserConfirm {
#-------------------------------------------------------------------
sub www_editUser {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(11));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(11));
my $error = shift;
my $i18n = WebGUI::International->new("WebGUI");
my %tabs;
@ -393,10 +393,10 @@ sub www_editUser {
#-------------------------------------------------------------------
sub www_editUserSave {
my $session = shift;
my $isAdmin = WebGUI::Grouping::isInGroup(3);
my $isAdmin = $session->user->isInGroup(3);
my $isSecondary;
unless ($isAdmin) {
$isSecondary = (WebGUI::Grouping::isInGroup(11) && $session->form->process("uid") eq "new");
$isSecondary = ($session->user->isInGroup(11) && $session->form->process("uid") eq "new");
}
return $session->privilege->adminOnly() unless ($isAdmin || $isSecondary);
my ($uid) = $session->db->quickArray("select userId from users where username=".$session->db->quote($session->form->process("username")));
@ -432,7 +432,7 @@ sub www_editUserSave {
#-------------------------------------------------------------------
sub www_editUserKarma {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my ($output, $f, $a, %user, %data, $method, $values, $category, $label, $default, $previousCategory);
$f = WebGUI::HTMLForm->new;
$f->hidden(
@ -461,7 +461,7 @@ sub www_editUserKarma {
#-------------------------------------------------------------------
sub www_editUserKarmaSave {
my $session = shift;
return $session->privilege->adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
my ($u);
$u = WebGUI::User->new($session->form->process("uid"));
$u->karma($session->form->process("amount"),$session->user->profileField("username")." (".$session->user->profileField("userId").")",$session->form->process("description"));
@ -471,8 +471,8 @@ sub www_editUserKarmaSave {
#-------------------------------------------------------------------
sub www_listUsers {
my $session = shift;
unless (WebGUI::Grouping::isInGroup(3)) {
if (WebGUI::Grouping::isInGroup(11)) {
unless ($session->user->isInGroup(3)) {
if ($session->user->isInGroup(11)) {
$session->form->process("uid") = "new";
return www_editUser();
}

2
lib/WebGUI/Session/Style.pm
View file

@ -182,7 +182,7 @@ return props[propName];
}
</script>
';
if (WebGUI::Grouping::isInGroup(2)) {
if ($self->session->user->isInGroup(2)) {
# This "triple incantation" panders to the delicate tastes of various browsers for reliable cache suppression.
$var{'head.tags'} .= '
<meta http-equiv="Pragma" content="no-cache" />

2
lib/WebGUI/Subscription.pm
View file

@ -62,7 +62,7 @@ sub apply {
$groupId = $self->{_properties}{subscriptionGroup};
# Make user part of the right group
WebGUI::Grouping::addUsersToGroups([$userId], [$groupId], _getDuration($self->{_properties}{duration}));
$group->addUsers([$userId], [$groupId], _getDuration($self->{_properties}{duration}));
# Add karma
WebGUI::User->new($userId)->karma($self->{_properties}{karma}, 'Subscription', 'Added for purchasing subscription '.$self->{_properties}{name});

207
lib/WebGUI/User.pm
View file

@ -41,6 +41,7 @@ This package provides an object-oriented way of managing WebGUI users as well as
$referringAffiliate = $u->referringAffiliate;
$status = $u->status("somestatus");
$username = $u->username("jonboy");
$arrayRef = $u->getGroups;
$u->addToGroups(\@arr);
$u->deleteFromGroups(\@arr);
@ -57,7 +58,7 @@ sub _create {
my $userId = shift || WebGUI::Id::generate();
$self->session->db->write("insert into users (userId,dateCreated) values (".$self->session->db->quote($userId).","$self->session->datetime->time().")");
require WebGUI::Grouping;
WebGUI::Grouping::addUsersToGroups([$userId],[2,7]);
$group->addUsers([$userId],[2,7]);
return $userId;
}
@ -83,7 +84,7 @@ sub addToGroups {
my $expireOffset = shift;
$self->uncache;
require WebGUI::Grouping;
WebGUI::Grouping::addUsersToGroups([$self->userId],$groups,$expireOffset);
$group->addUsers([$self->userId],$groups,$expireOffset);
}
#-------------------------------------------------------------------
@ -139,7 +140,7 @@ sub delete {
$self->session->db->write("delete from users where userId=".$self->session->db->quote($self->{_userId}));
$self->session->db->write("delete from userProfileData where userId=".$self->session->db->quote($self->{_userId}));
require WebGUI::Grouping;
WebGUI::Grouping::deleteUsersFromGroups([$self->{_userId}],WebGUI::Grouping::getGroupsForUser($self->{_userId}));
$group->deleteUsers([$self->{_userId}],$self->session->user->getGroups($self->{_userId}));
$self->session->db->write("delete from messageLog where userId=".$self->session->db->quote($self->{_userId}));
my $authMethod = WebGUI::Operation::Auth::getInstance($self->authMethod,$self->{_userId});
@ -168,7 +169,39 @@ sub deleteFromGroups {
my $groups = shift;
$self->uncache;
require WebGUI::Grouping;
WebGUI::Grouping::deleteUsersFromGroups([$self->userId],$groups);
$group->deleteUsers([$self->userId],$groups);
}
#-------------------------------------------------------------------
=head2 getGroups ( [ withoutExpired ] )
Returns an array reference containing a list of groups this user is in.
=head3 withoutExpired
If set to "1" then the listing will not include expired groupings. Defaults to "0".
=cut
sub getGroups {
my $self = shift;
my $withoutExpired = shift;
my $clause = "and expireDate>"$self->session->datetime->time() if ($withoutExpired);
my $gotGroupsForUser = $self->session->stow->get("gotGroupsForUser");
if (exists $gotGroupsForUser->{$self->userId}) {
return $gotGroupsForUser->{$self->userId};
} else {
my @groups = $self->session->db->buildArray("select groupId from groupings where userId=".$self->session->db->quote($userId)." $clause");
my $isInGroup = $self->session->stow("isInGroup");
foreach my $gid (@groups) {
$isInGroup->{$self->userId}{$gid} = 1;
}
$self->session->stow("isInGroup",$isInGroup);
$gotGroupsForUser->{$userId} = \@groups;
$self->session->stow("gotGroupsForUser",$gotGroupsForUser);
return \@groups;
}
}
#-------------------------------------------------------------------
@ -186,6 +219,172 @@ sub identifier {
return $self->{_user}{"identifier"};
}
#-------------------------------------------------------------------
=head2 isInGroup ( [ groupId ] )
Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins.
=head3 groupId
The group that you wish to verify against the user. Defaults to group with Id 3 (the Admin group).
=cut
sub isInGroup {
my (@data, $groupId);
my ($gid, $secondRun) = @_;
$gid = 3 unless (defined $gid);
$uid = $self->userId;
### The following several checks are to increase performance. If this section were removed, everything would continue to work as normal.
return 1 if ($gid eq '7'); # everyone is in the everyone group
return 1 if ($gid eq '1' && $uid eq '1'); # visitors are in the visitors group
return 0 if ($uid eq '1'); #Visitor is in no other groups
return 1 if ($uid eq '3'); #Admin is in every group
return 1 if ($gid eq '2' && $uid ne '1'); # if you're not a visitor, then you're a registered user
### Look to see if we've already looked up this group.
my $isInGroup = $self->session->stow->get("isInGroup");
if ($isInGroup->{$uid}{$gid} eq '1') {
return 1;
} elsif ($isInGroup->{$uid}{$gid} eq "0") {
return 0;
}
### Lookup the actual groupings.
unless ($secondRun) { # don't look up user groups if we've already done it once.
my $groups = $self->getGroups(1);
foreach (@{$groups}) {
$isInGroup->{$uid}{$_} = 1;
}
if ($isInGroup->{$uid}{$gid} eq '1') {
$self->session->stow->set("isInGroup",$isInGroup);
return 1;
}
}
### Get data for auxillary checks.
my $group = WebGUI::Group->new($gid);
### Check IP Address
if ($group->get("ipFilter")) {
my $ipFilter = $group->get("ipFilter");
$ipFilter =~ s/\s//g;
$ipFilter =~ s/\./\\\./g;
my @ips = split(";",$ipFilter);
foreach my $ip (@ips) {
if ($self->session->env->get("REMOTE_ADDR") =~ /^$ip/) {
$isInGroup->{$uid}{$gid} = 1;
$self->session->stow->set("isInGroup",$isInGroup);
return 1;
}
}
}
### Check Scratch Variables
if ($group->get("scratchFilter")) {
my $scratchFilter = $group->get("scratchFilter");
$scratchFilter =~ s/\s//g;
my @vars = split(";",$scratchFilter);
foreach my $var (@vars) {
my ($name, $value) = split(/\=/,$var);
if ($self->session->scratch->get($name) eq $value) {
$isInGroup->{$uid}{$gid} = 1;
$self->session->stow->set("isInGroup",$isInGroup);
return 1;
}
}
}
### Check karma levels.
if ($self->session->setting->get("useKarma")) {
if ($self->karma >= $group->get("karmaThreshold")) {
$isInGroup->{$uid}{$gid} = 1;
$self->session->stow->set("isInGroup",$isInGroup);
return 1;
}
}
### Check external database
if ($group->get("dbQuery") && $group->get("databaseLinkId")) {
# skip if not logged in and query contains a User macro
unless ($group->get("dbQuery") =~ /\^User/i && $uid eq '1') {
my $dbLink = WebGUI::DatabaseLink->new($self->session,$group->get("databaseLinkId"));
my $dbh = $dbLink->dbh;
if (defined $dbh) {
if ($group->get("dbQuery") =~ /select 1/i) {
my $query = $group->group("dbQuery");
WebGUI::Macro::process($self->session,\$query);
my $sth = $dbh->unconditionalRead($query);
unless ($sth->errorCode < 1) {
$self->session->errorHandler->warn("There was a problem with the database query for group ID $gid.");
} else {
my ($result) = $sth->array;
if ($result == 1) {
$isInGroup->{$uid}{$gid} = 1;
if ($group->get("dbCacheTimeout") > 0) {
$group->deleteUsers([$uid]);
$group->addUsers([$uid],$group->get("dbCacheTimeout"));
}
} else {
$isInGroup->{$uid}{$gid} = 0;
$group->deleteUsers([$uid]) if ($group->get("dbCacheTimeout") > 0);
}
}
$sth->finish;
} else {
$self->session->errorHandler->warn("Database query for group ID $gid must use 'select 1'");
}
$dbLink->disconnect;
$self->session->stow->set("isInGroup",$isInGroup);
return 1 if ($isInGroup->{$uid}{$gid});
}
}
}
### Check ldap
if ($group->get("ldapGroup") && $group->get("ldapGroupProperty")) {
# skip if not logged in
unless($uid eq '1') {
# skip if user is not set to LDAP
if($self->authMethod eq "LDAP") {
my $auth = WebGUI::Auth->new($session,"LDAP",$uid);
my $params = $auth->getParams();
my $ldapLink = WebGUI::LDAPLink->new($session,$params->{ldapConnection});
if($ldapLink ne "") {
my $people = [];
if($group->get("ldapRecursiveProperty")) {
$ldapLink->recurseProperty($group->get("ldapGroup"),$people,$group->get("ldapGroupProperty"),$group->get("ldapRecursiveProperty"));
} else {
$people = $ldapLink->getProperty($group->get("ldapGroup"),$group->get("ldapGroupProperty"));
}
if(isIn($params->{connectDN},@{$people})) {
$isInGroup->{$uid}{$gid} = 1;
if ($group{dbCacheTimeout} > 10) {
$group->deleteUsers([$uid]);
$group->addUsers([$uid],$group->get("dbCacheTimeout"));
}
} else {
$isInGroup->{$uid}{$gid} = 0;
$group->deleteUsers([$uid]) if ($group->get("dbCacheTimeout") > 10);
}
$ldapLink->unbind;
$self->session->stow->set("isInGroup",$isInGroup);
return 1 if ($isInGroup->{$uid}{$gid});
}
}
}
}
### Check for groups of groups.
my $groups = $group->getGroupsIn(1);
foreach (@{$groups}) {
$isInGroup->{$uid}{$_} = $self->isInGroup($_, 1);
if ($isInGroup->{$uid}{$_}) {
$isInGroup->{$uid}{$gid} = 1; # cache current group also so we don't have to do the group in group check again
$self->session->stow->set("isInGroup",$isInGroup);
return 1;
}
}
$isInGroup->{$uid}{$gid} = 0;
$self->session->stow->set("isInGroup",$isInGroup);
return 0;
}
#-------------------------------------------------------------------
=head2 karma ( [ amount, source, description ] )