<?php /**
*  Security class
*
* Contains all the functions to manage the groups security
*
* @package Maarch LetterBox 2.6
* @version 2.0
* @since 06/2006
* @license GPL
* @author  Claire Figueras  <dev@maarch.org>
* @author  Loïc Vinet  <dev@maarch.org>
* 
*/


class security extends dbquery
{
	/**
	* Loads the security parameters for a group in session variables.
	*
	* @param 	string $group_id group identifier
	*/
	public function load_security_group($group_id)
	{
		$this->connect();
		$this->query("select * from ".$_SESSION['tablename']['security'] ." where group_id = '".$group_id."'");
		if($this->nb_result() == 0)
		{
			$_SESSION['m_admin']['groups']['security'] = array();
		}
		else
		{
			$securitytab=array();
			$val=array();
			$i=0;
	
			while($value = $this->fetch_array())
			{	
				$tmp ="";
				$tmp = str_replace("'", "\'",$value[2]);
				$val[$i]=array("GROUP_ID" => $value[0],"RES_TABLE" => $value[1], "WHERE_CLAUSE" => $tmp, "COMMENT" => $value[3] ,"CAN_INSERT" => $value[4] ,"CAN_UPDATE" => $value[5]);
				array_push($securitytab,$val[$i]);
				$i++;
			}
			$_SESSION['m_admin']['groups']['security'] = $securitytab;
		}
		
		$_SESSION['m_admin']['load_security'] = false;
	}
	
	/**
	* Inits the session variables related to the group administration.
	*
	*/
	public function init_session()
	{
			$_SESSION['m_admin']['groups'] = array();
			$_SESSION['m_admin']['groups']['GroupId'] = "";
			$_SESSION['m_admin']['groups']['desc'] = "";
			$_SESSION['m_admin']['groups']['admin'] = "";
			$_SESSION['m_admin']['groups']['security'] = array();
			$_SESSION['m_admin']['groups']['consult_group'] = 'Y';
			$_SESSION['services_choisis'] = array();
			$_SESSION['m_admin']['init'] = false;
			$_SESSION['m_admin']['groups']['export'] = "";
	}
	
	/**
	* Inits to ‘N’ (no) the rights in the session variables related to the group administration.
	*
	*/
	public function init_rights_session()
	{
		for($i=0; $i < count($_SESSION['m_admin']['groups']['security']); $i++)
		{
			$_SESSION['m_admin']['groups']['security'][$i]['CAN_INSERT'] = 'N';
			$_SESSION['m_admin']['groups']['security'][$i]['CAN_UPDATE'] = 'N';
		}
	}
	
	/**
	* Set the rights (insert or update, depending on the parameter) for the tables passed on parameters through an array.
	*
	* @param 	Array  $tab table names array
	* @param 	string $where 'CAN_INSERT' or 'CAN_UPDATE'
	*/
	public function set_rights_session($tab, $where)
	{
		for($i=0; $i < count($_SESSION['m_admin']['groups']['security']); $i++)
		{
			if( in_array($_SESSION['m_admin']['groups']['security'][$i]['RES_TABLE'], $tab))
			{
				$_SESSION['m_admin']['groups']['security'][$i][$where] = 'Y';
			}
		}
		$tab = array();
	}
	
	/**
	* Removes the security rights on the tables passed in parameters.
	*
	* @param 	Array  $tab table names array
	*/
	public function remove_security($tab)
	{	

		$tabtmp = array();
		for($i=0; $i < count($_SESSION['m_admin']['groups']['security']); $i++)
		{
			if( !in_array($_SESSION['m_admin']['groups']['security'][$i]['RES_TABLE'], $tab))
			{
				array_push($tabtmp, $_SESSION['m_admin']['groups']['security'][$i]);
			}
		}
	
		$_SESSION['m_admin']['groups']['security'] = array();
		$_SESSION['m_admin']['groups']['security'] = $tabtmp;
	}
	
	/**
	* Adds security parameters of a group in the session variables related to the group administration.
	*
	* @param 	string  $table table name
	* @param 	string  $where where clause
	* @param 	string  $comment comment on the table
	* @param 	string  $insert insert right : Y/N
	* @param 	string  $update update right : Y/N
	*/
	public function add_grouptmp_session($table, $where, $comment, $insert, $update)
	{
		$tab = array();
		$tab[0] = array("GROUP_ID" => "" , "RES_TABLE" => $table, "WHERE_CLAUSE" => $where, "COMMENT" => $comment ,"CAN_INSERT" => $insert ,"CAN_UPDATE" => $update);
		if(count($_SESSION['m_admin']['groups']['security']) < 1)
		{
			$_SESSION['m_admin']['groups']['security'] = array();
		}
		array_push($_SESSION['m_admin']['groups']['security'] , $tab[0]);
		$_SESSION['m_admin']['load_security'] = false;
	}
	
	/**
	* Updates the database with the groups security of the session variables.
	*
	*/
	public function load_db()
	{
		$this->connect();
		
		$this->query("DELETE FROM ".$_SESSION['tablename']['security'] ." where GROUP_ID = '".$_SESSION['m_admin']['groups']['GroupId']."'");
		
		for($i=0; $i < count($_SESSION['m_admin']['groups']['security'] ); $i++)
		{
			$this->query("INSERT INTO ".$_SESSION['tablename']['security']." VALUES ('".$_SESSION['m_admin']['groups']['GroupId']."', '".$_SESSION['m_admin']['groups']['security'][$i]['RES_TABLE']."', '".$_SESSION['m_admin']['groups']['security'][$i]['WHERE_CLAUSE']."', '', '".$_SESSION['m_admin']['groups']['security'][$i]['CAN_INSERT']."' , '".$_SESSION['m_admin']['groups']['security'][$i]['CAN_UPDATE']."')");
		}
	}
	
		
	/**
	* Test the syntax of the where clauses of all tables for a group
	*
	*/
	public function where_test()
	{
		$_SESSION['error'] ="";
		
		$link = mysql_connect( $_SESSION['config']['databaseserver'],$_SESSION['config']['databaseuser'], $_SESSION['config']['databasepassword']);
		
		if(!$link)
		{
		
		}
		else
		{
			$db = mysql_select_db($_SESSION['config']['databasename'], $link);
		}		
		
		$where = "";
		$res2 = true;
		for($i=0; $i < count($_SESSION['m_admin']['groups']['security'] ); $i++)
		{
			if($_SESSION['m_admin']['groups']['security'][$i]['WHERE_CLAUSE'] == "")
			{
				$where = "";
			}
			else
			{
				$where = " where ".$_SESSION['m_admin']['groups']['security'][$i]['WHERE_CLAUSE'] ;
				$where = str_replace("\\", "", $where);
			}
			$res = mysql_query("SELECT count(*) from ".$_SESSION['m_admin']['groups']['security'][$i]['RES_TABLE']." ".$where);
			if(!$res )
			{
				$_SESSION['error'] .= " ".$_SESSION['m_admin']['groups']['security'][$i]['RES_TABLE'];
				$res2 = false;
				break;
			}
		}
		return $res2;
		
	}
	
	public function test_right_doc($table, $s_id)
	{
		if(empty($table) || empty($s_id))
		{
			return false;
		}
		$where = "";
		for($i=0; $i < count($_SESSION['user']['security']); $i++)
		{
			if($table == $_SESSION['user']['security'][$i]['table'])
			{			
				$where = "  ( ".$_SESSION['user']['security'][$i]['where']." ) ";
			}
		}
		$query = "select res_id from ".$table." where res_id = ".$s_id." and ".$where;
		$this->connect();
		$this->query($query);
		if($this->nb_result() < 1)
		{
			//Execute List Instance to check special cases
			$this->query("SELECT USER_ID from ".$_SESSION['tablename']['listinstance']." where RES_TABLE = '".$table."' and RES_ID = ".$s_id." and USER_ID = '".$_SESSION['user']['UserId']."'");
			if($this->nb_result() < 1)
			{	
				//Last case, for join file...
				$query = "select folder_id from ".$table." where res_id = ".$s_id." and folder_id is not null ";
				$this->query($query);
				if($this->nb_result() < 1)
				{
					//For the first case, verify if it's an answer
					$this->query("select RELATION from ".$table." where RES_ID = '".$s_id."' and RELATION is not null");
					
					if($this->nb_result() < 1)
					{
						return false;	
					}
					else
					{
						$answer_result = $this->fetch_object();
						//$query = "select res_id from ".$table." where res_id = '".$answer_result->RELATION."' ".$where;
						$query = "select r.res_id from ".$table." r, ".$_SESSION['tablename']['listinstance']." l where r.res_id = l.res_id and r.res_id = '".$answer_result->RELATION."' and (l.USER_ID = '".$_SESSION['user']['UserId']."' or ".$where." )";
						$this->query($query);
						if($this->nb_result() < 1)
						{
							return false;	
						}
						else
						{
							return true;	
						}
					}
					
				}
				else
				{
					$parent_id = $this->fetch_object();
					//$query = "select res_id from ".$table." where res_id = ".$parent_id->folder_id." ".$where;
					$query = "select r.res_id from ".$table." r, ".$_SESSION['tablename']['listinstance']." l where r.res_id = l.res_id and r.res_id = '".$parent_id->folder_id."' and (l.USER_ID = '".$_SESSION['user']['UserId']."' or ".$where." )";
					$this->query($query);
					if($this->nb_result() < 1)
					{
						return false;	
					}
					else
					{
						return true;	
					}
				}
			}
			else
			{
				return true;
			}
		}
		else
		{
			return true;
		}
	}
}
?>