Open Journal Systems: classes/security/RoleDAO.inc.php Source File

00001 <?php
00002 
00016 // $Id: RoleDAO.inc.php,v 1.42 2008/07/01 01:16:10 asmecher Exp $
00017 
00018 
00019 import('security.Role');
00020 
00021 class RoleDAO extends DAO {
00025    function RoleDAO() {
00026       parent::DAO();
00027       $this->userDao = &DAORegistry::getDAO('UserDAO');
00028    }
00029 
00037    function &getRole($journalId, $userId, $roleId) {
00038       $result = &$this->retrieve(
00039          'SELECT * FROM roles WHERE journal_id = ? AND user_id = ? AND role_id = ?',
00040          array(
00041             (int) $journalId,
00042             (int) $userId,
00043             (int) $roleId
00044          )
00045       );
00046 
00047       $returner = null;
00048       if ($result->RecordCount() != 0) {
00049          $returner = &$this->_returnRoleFromRow($result->GetRowAssoc(false));
00050       }
00051 
00052       $result->Close();
00053       unset($result);
00054 
00055       return $returner;
00056    }
00057 
00063    function &_returnRoleFromRow(&$row) {
00064       $role = &new Role();
00065       $role->setJournalId($row['journal_id']);
00066       $role->setUserId($row['user_id']);
00067       $role->setRoleId($row['role_id']);
00068 
00069       HookRegistry::call('RoleDAO::_returnRoleFromRow', array(&$role, &$row));
00070 
00071       return $role;
00072    }
00073 
00078    function insertRole(&$role) {
00079       return $this->update(
00080          'INSERT INTO roles
00081             (journal_id, user_id, role_id)
00082             VALUES
00083             (?, ?, ?)',
00084          array(
00085             (int) $role->getJournalId(),
00086             (int) $role->getUserId(),
00087             (int) $role->getRoleId()
00088          )
00089       );
00090    }
00091 
00096    function deleteRole(&$role) {
00097       return $this->update(
00098          'DELETE FROM roles WHERE journal_id = ? AND user_id = ? AND role_id = ?',
00099          array(
00100             (int) $role->getJournalId(),
00101             (int) $role->getUserId(),
00102             (int) $role->getRoleId()
00103          )
00104       );
00105    }
00106 
00113    function &getRolesByUserId($userId, $journalId = null) {
00114       $roles = array();
00115 
00116       $result = &$this->retrieve(
00117          'SELECT * FROM roles WHERE user_id = ?' . (isset($journalId) ? ' AND journal_id = ?' : ''),
00118          isset($journalId) ? array((int) $userId, (int) $journalId) : ((int) $userId)
00119       );
00120 
00121       while (!$result->EOF) {
00122          $roles[] = &$this->_returnRoleFromRow($result->GetRowAssoc(false));
00123          $result->moveNext();
00124       }
00125 
00126       $result->Close();
00127       unset($result);
00128 
00129       return $roles;
00130    }
00131 
00142    function &getUsersByRoleId($roleId = null, $journalId = null, $searchType = null, $search = null, $searchMatch = null, $dbResultRange = null) {
00143       $users = array();
00144 
00145       $paramArray = array('interests');
00146       if (isset($roleId)) $paramArray[] = (int) $roleId;
00147       if (isset($journalId)) $paramArray[] = (int) $journalId;
00148 
00149       // For security / resource usage reasons, a role or journal ID
00150       // must be specified. Don't allow calls supplying neither.
00151       if ($journalId === null && $roleId === null) return null;
00152 
00153       $searchSql = '';
00154 
00155       if (isset($search)) switch ($searchType) {
00156          case USER_FIELD_USERID:
00157             $searchSql = 'AND u.user_id=?';
00158             $paramArray[] = $search;
00159             break;
00160          case USER_FIELD_FIRSTNAME:
00161             $searchSql = 'AND LOWER(u.first_name) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00162             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00163             break;
00164          case USER_FIELD_LASTNAME:
00165             $searchSql = 'AND LOWER(u.last_name) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00166             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00167             break;
00168          case USER_FIELD_USERNAME:
00169             $searchSql = 'AND LOWER(u.username) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00170             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00171             break;
00172          case USER_FIELD_EMAIL:
00173             $searchSql = 'AND LOWER(u.email) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00174             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00175             break;
00176          case USER_FIELD_INTERESTS:
00177             $searchSql = 'AND LOWER(s.setting_value) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00178             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00179             break;
00180          case USER_FIELD_INITIAL:
00181             $searchSql = 'AND LOWER(u.last_name) LIKE LOWER(?)';
00182             $paramArray[] = $search . '%';
00183             break;
00184       }
00185 
00186       $searchSql .= ' ORDER BY u.last_name, u.first_name'; // FIXME Add "sort field" parameter?
00187 
00188       $result = &$this->retrieveRange(
00189          'SELECT DISTINCT u.* FROM users AS u LEFT JOIN user_settings s ON (u.user_id = s.user_id AND s.setting_name = ?), roles AS r WHERE u.user_id = r.user_id ' . (isset($roleId)?'AND r.role_id = ?':'') . (isset($journalId) ? ' AND r.journal_id = ?' : '') . ' ' . $searchSql,
00190          $paramArray,
00191          $dbResultRange
00192       );
00193 
00194       $returner = &new DAOResultFactory($result, $this->userDao, '_returnUserFromRowWithData');
00195       return $returner;
00196    }
00197 
00207    function &getUsersByJournalId($journalId, $searchType = null, $search = null, $searchMatch = null, $dbResultRange = null) {
00208       $users = array();
00209 
00210       $paramArray = array('interests', (int) $journalId);
00211       $searchSql = '';
00212 
00213       if (isset($search)) switch ($searchType) {
00214          case USER_FIELD_USERID:
00215             $searchSql = 'AND u.user_id=?';
00216             $paramArray[] = $search;
00217             break;
00218          case USER_FIELD_FIRSTNAME:
00219             $searchSql = 'AND LOWER(u.first_name) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00220             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00221             break;
00222          case USER_FIELD_LASTNAME:
00223             $searchSql = 'AND LOWER(u.last_name) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00224             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00225             break;
00226          case USER_FIELD_USERNAME:
00227             $searchSql = 'AND LOWER(u.username) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00228             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00229             break;
00230          case USER_FIELD_EMAIL:
00231             $searchSql = 'AND LOWER(u.email) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00232             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00233             break;
00234          case USER_FIELD_INTERESTS:
00235             $searchSql = 'AND LOWER(s.setting_value) ' . ($searchMatch=='is'?'=':'LIKE') . ' LOWER(?)';
00236             $paramArray[] = ($searchMatch=='is'?$search:'%' . $search . '%');
00237             break;
00238          case USER_FIELD_INITIAL:
00239             $searchSql = 'AND LOWER(u.last_name) LIKE LOWER(?)';
00240             $paramArray[] = $search . '%';
00241             break;
00242       }
00243 
00244       $searchSql .= ' ORDER BY u.last_name, u.first_name'; // FIXME Add "sort field" parameter?
00245 
00246       $result = &$this->retrieveRange(
00247 
00248          'SELECT DISTINCT u.* FROM users AS u LEFT JOIN user_settings s ON (u.user_id = s.user_id AND s.setting_name = ?), roles AS r WHERE u.user_id = r.user_id AND r.journal_id = ? ' . $searchSql,
00249          $paramArray,
00250          $dbResultRange
00251       );
00252 
00253       $returner = &new DAOResultFactory($result, $this->userDao, '_returnUserFromRowWithData');
00254       return $returner;
00255    }
00256 
00262    function getJournalUsersCount($journalId) {
00263       $userDao = &DAORegistry::getDAO('UserDAO');
00264 
00265       $result = &$this->retrieve(
00266          'SELECT COUNT(DISTINCT(user_id)) FROM roles WHERE journal_id = ?',
00267          (int) $journalId
00268       );
00269 
00270       $returner = $result->fields[0];
00271 
00272       $result->Close();
00273       unset($result);
00274 
00275       return $returner;
00276    }
00277 
00283    function &getRolesByJournalId($journalId = null, $roleId = null) {
00284       $params = array();
00285       $conditions = array();
00286       if (isset($journalId)) {
00287          $params[] = (int) $journalId;
00288          $conditions[] = 'journal_id = ?';
00289       }
00290       if (isset($roleId)) {
00291          $params[] = (int) $roleId;
00292          $conditions[] = 'role_id = ?';
00293       }
00294 
00295       $result = &$this->retrieve(
00296          'SELECT * FROM roles' . (empty($conditions) ? '' : ' WHERE ' . join(' AND ', $conditions)),
00297          $params
00298       );
00299 
00300       $returner = &new DAOResultFactory($result, $this, '_returnRoleFromRow');
00301       return $returner;
00302    }
00303 
00308    function deleteRoleByJournalId($journalId) {
00309       return $this->update(
00310          'DELETE FROM roles WHERE journal_id = ?', (int) $journalId
00311       );
00312    }
00313 
00320    function deleteRoleByUserId($userId, $journalId  = null, $roleId = null) {
00321       return $this->update(
00322          'DELETE FROM roles WHERE user_id = ?' . (isset($journalId) ? ' AND journal_id = ?' : '') . (isset($roleId) ? ' AND role_id = ?' : ''),
00323          isset($journalId) && isset($roleId) ? array((int) $userId, (int) $journalId, (int) $roleId)
00324          : (isset($journalId) ? array((int) $userId, (int) $journalId)
00325          : (isset($roleId) ? array((int) $userId, (int) $roleId) : (int) $userId))
00326       );
00327    }
00328 
00336    function roleExists($journalId, $userId, $roleId) {
00337       $result = &$this->retrieve(
00338          'SELECT COUNT(*) FROM roles WHERE journal_id = ? AND user_id = ? AND role_id = ?', array((int) $journalId, (int) $userId, (int) $roleId)
00339       );
00340       $returner = isset($result->fields[0]) && $result->fields[0] == 1 ? true : false;
00341 
00342       $result->Close();
00343       unset($result);
00344 
00345       return $returner;
00346    }
00347 
00354    function getRoleName($roleId, $plural = false) {
00355       switch ($roleId) {
00356          case ROLE_ID_SITE_ADMIN:
00357             return 'user.role.siteAdmin' . ($plural ? 's' : '');
00358          case ROLE_ID_JOURNAL_MANAGER:
00359             return 'user.role.manager' . ($plural ? 's' : '');
00360          case ROLE_ID_EDITOR:
00361             return 'user.role.editor' . ($plural ? 's' : '');
00362          case ROLE_ID_SECTION_EDITOR:
00363             return 'user.role.sectionEditor' . ($plural ? 's' : '');
00364          case ROLE_ID_LAYOUT_EDITOR:
00365             return 'user.role.layoutEditor' . ($plural ? 's' : '');
00366          case ROLE_ID_REVIEWER:
00367             return 'user.role.reviewer' . ($plural ? 's' : '');
00368          case ROLE_ID_COPYEDITOR:
00369             return 'user.role.copyeditor' . ($plural ? 's' : '');
00370          case ROLE_ID_PROOFREADER:
00371             return 'user.role.proofreader' . ($plural ? 's' : '');
00372          case ROLE_ID_AUTHOR:
00373             return 'user.role.author' . ($plural ? 's' : '');
00374          case ROLE_ID_READER:
00375             return 'user.role.reader' . ($plural ? 's' : '');
00376          case ROLE_ID_SUBSCRIPTION_MANAGER:
00377             return 'user.role.subscriptionManager' . ($plural ? 's' : '');
00378          default:
00379             return '';
00380       }
00381    }
00382 
00388    function getRolePath($roleId) {
00389       switch ($roleId) {
00390          case ROLE_ID_SITE_ADMIN:
00391             return 'admin';
00392          case ROLE_ID_JOURNAL_MANAGER:
00393             return 'manager';
00394          case ROLE_ID_EDITOR:
00395             return 'editor';
00396          case ROLE_ID_SECTION_EDITOR:
00397             return 'sectionEditor';
00398          case ROLE_ID_LAYOUT_EDITOR:
00399             return 'layoutEditor';
00400          case ROLE_ID_REVIEWER:
00401             return 'reviewer';
00402          case ROLE_ID_COPYEDITOR:
00403             return 'copyeditor';
00404          case ROLE_ID_PROOFREADER:
00405             return 'proofreader';
00406          case ROLE_ID_AUTHOR:
00407             return 'author';
00408          case ROLE_ID_READER:
00409             return 'reader';
00410          case ROLE_ID_SUBSCRIPTION_MANAGER:
00411             return 'subscriptionManager';
00412          default:
00413             return '';
00414       }
00415    }
00416 
00422    function getRoleIdFromPath($rolePath) {
00423       switch ($rolePath) {
00424          case 'admin':
00425             return ROLE_ID_SITE_ADMIN;
00426          case 'manager':
00427             return ROLE_ID_JOURNAL_MANAGER;
00428          case 'editor':
00429             return ROLE_ID_EDITOR;
00430          case 'sectionEditor':
00431             return ROLE_ID_SECTION_EDITOR;
00432          case 'layoutEditor':
00433             return ROLE_ID_LAYOUT_EDITOR;
00434          case 'reviewer':
00435             return ROLE_ID_REVIEWER;
00436          case 'copyeditor':
00437             return ROLE_ID_COPYEDITOR;
00438          case 'proofreader':
00439             return ROLE_ID_PROOFREADER;
00440          case 'author':
00441             return ROLE_ID_AUTHOR;
00442          case 'reader':
00443             return ROLE_ID_READER;
00444          case 'subscriptionManager':
00445             return ROLE_ID_SUBSCRIPTION_MANAGER;
00446          default:
00447             return null;
00448       }
00449    }
00450 }
00451 
00452 ?>