[Nagvis-checkins] SF.net Git: nagvis: FIX: Roles can not be deleted when used by users

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Author:   Lars Michelsen <lm...@la...>
Date:     Fri Apr  4 23:52:44 2014 +0200
Committer:   Lars Michelsen <lm...@la...>
Commit-Date: Fri Apr  4 23:52:44 2014 +0200

FIX: Roles can not be deleted when used by users

---

 ChangeLog                                          |    1 +
 .../core/classes/CoreAuthorisationHandler.php      |    4 ++++
 .../core/classes/CoreAuthorisationModGroups.php    |    4 ++++
 .../core/classes/CoreAuthorisationModMultisite.php |    4 ++++
 .../core/classes/CoreAuthorisationModMySQL.php     |   12 ++++++++++++
 .../core/classes/CoreAuthorisationModSQLite.php    |   13 +++++++++++++
 share/server/core/classes/CoreModRoleMgmt.php      |    7 ++++++-
 7 files changed, 44 insertions(+), 1 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index db0d63f..39c414d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,7 @@ Frontend:
   * FIX: Not altering relative object coordinates when zoom_scale_objects is
   disabled
   * FIX: Disabling save button during adding new objects to prevent double adding
+  * FIX: Roles can not be deleted when used by users
 
 1.8b3
 Frontend:
diff --git a/share/server/core/classes/CoreAuthorisationHandler.php b/share/server/core/classes/CoreAuthorisationHandler.php
index 2001871..13982f8 100644
--- a/share/server/core/classes/CoreAuthorisationHandler.php
+++ b/share/server/core/classes/CoreAuthorisationHandler.php
@@ -130,6 +130,10 @@ class CoreAuthorisationHandler {
         return $this->MOD->deleteRole($roleId);
     }
 
+    public function roleUsedBy($roleId) {
+        return $this->MOD->roleUsedBy($roleId);
+    }
+
     public function deleteUser($userId) {
         // FIXME: First check if this is supported
 
diff --git a/share/server/core/classes/CoreAuthorisationModGroups.php b/share/server/core/classes/CoreAuthorisationModGroups.php
index fe543e9..21e1b9b 100644
--- a/share/server/core/classes/CoreAuthorisationModGroups.php
+++ b/share/server/core/classes/CoreAuthorisationModGroups.php
@@ -204,6 +204,10 @@ class CoreAuthorisationModGroups extends CoreAuthorisationModule {
         return false;
     }
 
+    public function roleUsedBy($roleId) {
+        return false;
+    }
+
     public function deleteRole($roleId) {
         return false;
     }
diff --git a/share/server/core/classes/CoreAuthorisationModMultisite.php b/share/server/core/classes/CoreAuthorisationModMultisite.php
index 0cdfe25..42de0fc 100644
--- a/share/server/core/classes/CoreAuthorisationModMultisite.php
+++ b/share/server/core/classes/CoreAuthorisationModMultisite.php
@@ -165,6 +165,10 @@ class CoreAuthorisationModMultisite extends CoreAuthorisationModule {
         return false;
     }
 
+    public function roleUsedBy($roleId) {
+        return false;
+    }
+
     public function deleteRole($roleId) {
         return false;
     }
diff --git a/share/server/core/classes/CoreAuthorisationModMySQL.php b/share/server/core/classes/CoreAuthorisationModMySQL.php
index 6038630..634e91a 100644
--- a/share/server/core/classes/CoreAuthorisationModMySQL.php
+++ b/share/server/core/classes/CoreAuthorisationModMySQL.php
@@ -81,6 +81,18 @@ class CoreAuthorisationModMySQL extends CoreAuthorisationModule {
         }
     }
 
+    public function roleUsedBy($roleId) {
+        $RES = $this->DB->query(
+            'SELECT users2roles.userId AS userId, users.name AS name '.
+            'FROM users2roles LEFT JOIN users ON users2roles.userId=users.userId WHERE roldeId='.$this->DB->escape($roleId));
+        $users = array();
+        while($data = $this->DB->fetchAssoc($RES)) {
+            $users[] = $data['name'];
+        }
+
+        return $users;
+    }
+
     public function deleteRole($roleId) {
         // Delete user
         $this->DB->query('DELETE FROM roles WHERE roleId='.$this->DB->escape($roleId));
diff --git a/share/server/core/classes/CoreAuthorisationModSQLite.php b/share/server/core/classes/CoreAuthorisationModSQLite.php
index d171b49..4a7380e 100644
--- a/share/server/core/classes/CoreAuthorisationModSQLite.php
+++ b/share/server/core/classes/CoreAuthorisationModSQLite.php
@@ -78,6 +78,19 @@ class CoreAuthorisationModSQLite extends CoreAuthorisationModule {
         }
     }
 
+    public function roleUsedBy($roleId) {
+        $RES = $this->DB->query(
+            'SELECT users.name AS name FROM users2roles '.
+            'LEFT JOIN users ON users2roles.userId=users.userId '.
+            'WHERE users2roles.roleId='.$this->DB->escape($roleId));
+        $users = array();
+        while($data = $this->DB->fetchAssoc($RES)) {
+            $users[] = $data['name'];
+        }
+
+        return $users;
+    }
+
     public function deleteRole($roleId) {
         // Delete user
         $this->DB->exec('DELETE FROM roles WHERE roleId='.$this->DB->escape($roleId));
diff --git a/share/server/core/classes/CoreModRoleMgmt.php b/share/server/core/classes/CoreModRoleMgmt.php
index 5fdbace..92e1935 100644
--- a/share/server/core/classes/CoreModRoleMgmt.php
+++ b/share/server/core/classes/CoreModRoleMgmt.php
@@ -115,6 +115,7 @@ class CoreModRoleMgmt extends CoreModule {
     }
 
     private function handleResponseDelete() {
+        global $AUTHORISATION;
         $bValid = true;
 
         // Check for needed params
@@ -128,7 +129,11 @@ class CoreModRoleMgmt extends CoreModule {
         // Parse the specific options
         $roleId = intval($this->FHANDLER->get('roleId'));
 
-        // FIXME: Check not to delete any referenced role
+        // Check not to delete any referenced role
+        $usedBy = $AUTHORISATION->roleUsedBy($roleId);
+        if($bValid && count($usedBy) > 0)
+            throw new NagVisException(l('Not deleting this role, the role is in use by the users [U].',
+                                    array('U' => implode(', ', $usedBy))));
 
       // Store response data
       if($bValid === true)



