[Cs-webapplibs-commits] SF.net SVN: cs-webapplibs:[204] trunk/0.4
Status: Beta
Brought to you by:
crazedsanity
Menu
▾
▴
[Cs-webapplibs-commits] SF.net SVN: cs-webapplibs:[204] trunk/0.4
|
From: <cra...@us...> - 2011-02-01 03:29:28
|
Revision: 204
http://cs-webapplibs.svn.sourceforge.net/cs-webapplibs/?rev=204&view=rev
Author: crazedsanity
Date: 2011-02-01 03:29:22 +0000 (Tue, 01 Feb 2011)
Log Message:
-----------
Use ID paths instead of string-based paths.
/cs_genericPermission.class.php:
* __construct():
-- change "object_path" to use the "email_plus" style of string
cleaning (there should really be a more extensible way of using that)
* create_object() [DELETED]:
-- unnecessary alias method
* create_permission():
-- call create_id_path() to set the value for 'object_path'.
-- throw an exception if creating the ID path fails.
-- NOTE::: the new exception is caught by the outer exception, which
will not display those details...
* get_permission():
-- create an ID path to find the object.
-- translates the ID path into an actual path.
* explode_path():
-- separates the given real path into bits so that it can be turned
into an ID path
* create_id_path():
-- creates the ID path for a given normal path.
/abstract/cs_genericGroup.abstract.class.php:
* __construct():
-- 'group_name' gets cleaned like email
* create_group():
-- ARG CHANGE: NEW ARG: #2 ($adminUid)
-- requires the admin's UID when creating the record.
/abstract/cs_genericObject.abstract.class.php:
* __construct():
-- change cleaning of object_name from text to sql
* create_object():
-- catch exception if create_record() throws one
* get_object_ids() [NEW]:
-- build an array of object ID's based on the given names
* create_id_path_part() [NEW]:
-- basically surrounds the given number with colons (i.e. '2' -> ':2:')
* create_id_path_from_objects() [NEW]:
-- creates an ID path from an array of object names.
* clean_object_name() [NEW]:
-- special cleaning so the colons don't get stripped.
* is_id_path() [NEW]:
-- determines if the given string is an ID path or not
* explode_id_path() [NEW]:
-- breaks up an ID path into IDs
* get_object_names() [NEW]:
-- retrieves a list of names associated with the id's in the passed array.
Modified Paths:
--------------
trunk/0.4/abstract/cs_genericGroup.abstract.class.php
trunk/0.4/abstract/cs_genericObject.abstract.class.php
trunk/0.4/cs_genericPermission.class.php
Modified: trunk/0.4/abstract/cs_genericGroup.abstract.class.php
===================================================================
--- trunk/0.4/abstract/cs_genericGroup.abstract.class.php 2011-01-27 15:04:24 UTC (rev 203)
+++ trunk/0.4/abstract/cs_genericGroup.abstract.class.php 2011-02-01 03:29:22 UTC (rev 204)
@@ -35,7 +35,7 @@
//setup table handler.
$cleanString = array(
- 'group_name' => 'text',
+ 'group_name' => 'email',
'group_admin' => 'integer'
);
$this->dbTableHandler = new cs_dbTableHandler($this->db, $this->groupTable, $this->groupSeq, 'group_id', $cleanString);
@@ -59,9 +59,13 @@
//============================================================================
- public function create_group($name) {
+ public function create_group($name, $adminUid) {
try{
- $newId = $this->dbTableHandler->create_record(array('group_name'=>$this->clean_group_name($name)));
+ $insertData = array(
+ 'group_name' => $this->clean_group_name($name),
+ 'group_admin' => $adminUid
+ );
+ $newId = $this->dbTableHandler->create_record($insertData);
}
catch(Exception $e) {
throw new exception(__METHOD__ .":: failed to create new record, DETAILS::: ". $e->getMessage());
Modified: trunk/0.4/abstract/cs_genericObject.abstract.class.php
===================================================================
--- trunk/0.4/abstract/cs_genericObject.abstract.class.php 2011-01-27 15:04:24 UTC (rev 203)
+++ trunk/0.4/abstract/cs_genericObject.abstract.class.php 2011-02-01 03:29:22 UTC (rev 204)
@@ -25,7 +25,7 @@
public function __construct(cs_phpDB $db) {
parent::__construct($db);
$cleanString = array(
- 'object_name' => 'text'
+ 'object_name' => 'sql'
);
$this->dbTableHandler = new cs_dbTableHandler($this->db, $this->oTable, $this->oSeq, 'group_id', $cleanString);
}//end __construct()
@@ -36,7 +36,12 @@
//============================================================================
public function create_object($objectName) {
if(strlen($objectName)) {
- $newId = $this->dbTableHandler->create_record(array('object_name', $objectName));
+ try {
+ $newId = $this->dbTableHandler->create_record(array('object_name' => $objectName));
+ }
+ catch(Exception $e) {
+ throw new exception(__METHOD__ .": failed to create object, DETAILS::: ". $e->getMessage());
+ }
}
else {
throw new exception(__METHOD__ .": invalid object name (". $objectName .")");
@@ -86,7 +91,189 @@
//============================================================================
+ public function get_object_ids(array $objectNames, $createMissing=true) {
+ $nvpArray = array();
+ if(is_array($objectNames) && count($objectNames)) {
+ $sql = "SELECT object_id, object_name FROM ". $this->oTable ." WHERE "
+ . "object_name IN ";
+
+ $myFilter = "";
+ foreach($objectNames as $n) {
+ $tString = "'". $this->clean_object_name($n) ."'";
+ $myFilter = $this->gfObj->create_list($myFilter, $tString);
+ }
+ $sql .= '('. $myFilter .')';
+
+ try {
+ $nvpArray = $this->dbTableHandler->dbObj->run_query($sql, 'object_id', 'object_name');
+ }
+ catch(Exception $e) {
+ throw new exception(__METHOD__ .": failed to retrieve object list, DETAILS::: ". $e->getMessage());
+ }
+
+ try {
+ if($createMissing === true) {
+ //clean object names...
+ foreach($objectNames as $i=>$n) {
+ $objectNames[$i] = $this->clean_object_name($n);
+ }
+ //pull the missing indexes out so they can be created...
+ if(!is_array($nvpArray)) {
+ $nvpArray = array();
+ }
+ $missingIndexes = array_diff($objectNames, $nvpArray);
+
+ if(count($missingIndexes)) {
+$this->gfObj->debug_print(__METHOD__ .": MISSING INDEXES::: ". $this->gfObj->debug_print($missingIndexes,0,1));
+ foreach($missingIndexes as $newObjectName) {
+ $newId = $this->create_object($newObjectName);
+ $nvpArray[$newId] = $newObjectName;
+ }
+ }
+$this->gfObj->debug_print(__METHOD__ .": createMissing=(". $createMissing ."), counts=(". count($objectNames) ."/". count($nvpArray) ."/". count($missingIndexes)."), SQL::: ". $sql);
+ }
+ if(!is_array($nvpArray) || !count($nvpArray)) {
+$this->gfObj->debug_print(__METHOD__ .": objectNames::: ". $this->gfObj->debug_print($objectNames,0,1));
+$this->gfObj->debug_print(__METHOD__ .": nvpArray::: ". $this->gfObj->debug_print($nvpArray,0,1));
+$this->gfObj->debug_print(__METHOD__ .": missingIndexes::: ". $this->gfObj->debug_print($missingIndexes,0,1));
+cs_debug_backtrace(1);
+ throw new exception(__METHOD__ .": no data returned");
+ }
+ }
+ catch(Exception $e) {
+ throw new exception(__METHOD__ .": error while creating missing objects, DETAILS::: ". $e->getMessage());
+ }
+ }
+ return($nvpArray);
+ }//end get_object_ids()
//============================================================================
+
+
+ //============================================================================
+ public function create_id_path_part($id) {
+ if(is_numeric($id)) {
+ $retval = ':'. $id .':';
+ }
+ else {
+ throw new exception(__METHOD__ .": invalid id (". $id .")");
+ }
+ return($retval);
+ }//end create_id_path_part()
+ //============================================================================
+
+
+
+ //============================================================================
+ public function create_id_path_from_objects(array $objects) {
+ try {
+ $myIds = $this->get_object_ids($objects,true);
+
+ $idPath = "";
+ if(is_array($myIds) && count($myIds)) {
+ foreach($myIds as $id=>$name) {
+ try {
+ $idPath = $this->gfObj->create_list($idPath, $this->create_id_path_part($id), '');
+ }
+ catch(Exception $e) {
+ throw new exception($e->getMessage());
+ }
+ }
+ }
+ else {
+ throw new exception(__METHOD__ .": failed to create any IDs");
+ }
+ }
+ catch(Exception $e) {
+ throw new exception(__METHOD__ .": failed to create id path, DETAILS::: ". $e->getMessage());
+ }
+ return($idPath);
+ }//end create_id_path_from_objects()
+ //============================================================================
+
+
+
+ //============================================================================
+ protected function clean_object_name($n) {
+ //pulled from cs-content, cs_globalFunctions::cleanString(), style="query"; modified to allow the brackets.
+ $evilChars = array("\$", ":", "%", "~", "*",">", "<", "-", "[", "]", ")", "(", "&", "#", "?", ".", "\,","\/","\\","\"","\|","!","^","+","`","\n","\r");
+ $n = preg_replace("/\|/","",$n);
+ $n = preg_replace("/\'/", "", $n);
+ $n = str_replace($evilChars,"", $n);
+ $n = stripslashes(addslashes($n));
+
+ return($n);
+ }//end clean_object_name($n)
+ //============================================================================
+
+
+
+ //============================================================================
+ public function is_id_path($path) {
+ $isPath = false;
+ if(is_string($path) && strlen($path)) {
+ if(preg_match('/^(:-{0,1}[0-9]{1,}:){1,}$/', $path)) {
+ $isPath = true;
+ }
+ }
+ return($isPath);
+ }//end is_id_path()
+ //============================================================================
+
+
+
+ //============================================================================
+ public function explode_id_path($idPath) {
+ //make the expected string into something that be broken into an array of numbers.
+ $chunktify = preg_replace('/^:(.*):$/', '$1', $idPath);
+ $chunktify = preg_replace('/:{2,}/', ':', $chunktify);
+ $bits = explode(':', $chunktify);
+ return($bits);
+ }//end explode_id_path()
+ //============================================================================
+
+
+
+ //============================================================================
+ public function translate_id_path($idPath) {
+ if($this->is_id_path($idPath)) {
+ $bits = $this->explode_id_path($idPath);
+ $translatedPath = $this->get_object_names($this->explode_id_path($idPath));
+ }
+ else {
+ throw new exception(__METHOD__ .": invalid path (". $idPath .")");
+ }
+ return($translatedPath);
+ }//end translate_id_path()
+ //============================================================================
+
+
+
+ //============================================================================
+ public function get_object_names(array $idList) {
+ if(is_array($idList) && count($idList)) {
+ $sql = "SELECT object_id, object_name FROM ". $this->oTable ." WHERE object_id IN ";
+
+ $idListString = "";
+ foreach($idList as $id) {
+ $idListString = $this->gfObj->create_list($idListString, $id, ", ");
+ }
+ $sql .= "(". $idListString .")";
+
+ //run it.
+ try {
+ $objectNames = $this->dbTableHandler->dbObj->run_query($sql, 'object_id', 'object_name');
+ }
+ catch(Exception $e) {
+ throw new exception(__METHOD__ .": error while retrieving object names, DETAILS::: ". $e->getMessage());
+ }
+ }
+ else {
+ throw new exception(__METHOD__ .": invalid data type (". gettype($idList) .") or empty array");
+ }
+ return($objectNames);
+ }//end get_object_names()
+ //============================================================================
+
}
?>
Modified: trunk/0.4/cs_genericPermission.class.php
===================================================================
--- trunk/0.4/cs_genericPermission.class.php 2011-01-27 15:04:24 UTC (rev 203)
+++ trunk/0.4/cs_genericPermission.class.php 2011-02-01 03:29:22 UTC (rev 204)
@@ -36,7 +36,7 @@
protected $pathCleaner=true;
/** dbTableHandler{} object for easier SQL. */
- private $dbTableHandler;
+ protected $dbTableHandler;
//============================================================================
/**
@@ -65,7 +65,7 @@
}
$cleanString = array(
'system_name' => 'integer',
- 'object_path' => 'text',
+ 'object_path' => 'email_plus',
'user_id' => 'integer',
'group_id' => 'integer',
'inherit' => 'bool',
@@ -167,46 +167,21 @@
//============================================================================
- /**
- * Same as create_permission().
- */
- public function create_object($name, $userId, $groupId, $permString) {
- return($this->create_permission($name, $userId, $groupId, $permString));
- }//end create_object()
- //============================================================================
-
-
-
- //============================================================================
/**
* Creates a permission object record.
*/
public function create_permission($name, $userId, $groupId, $permString) {
if(is_string($name) && strlen($name) && is_numeric($userId) && $userId >= 0 && is_numeric($groupId) && $groupId >= 0) {
- $cleanStringArr = array(
- 'object_path' => 'sql',
- 'user_id' => 'numeric',
- 'group_id' => 'numeric',
- 'u_r' => 'bool',
- 'u_w' => 'bool',
- 'u_x' => 'bool',
- 'g_r' => 'bool',
- 'g_w' => 'bool',
- 'g_x' => 'bool',
- 'o_r' => 'bool',
- 'o_w' => 'bool',
- 'o_x' => 'bool'
- );
try{
$insertArr = $this->parse_permission_string($permString);
- $insertArr['object_path'] = $this->gfObj->cleanString($name, 'sql', 0);
+ $insertArr['object_path'] = $this->create_id_path($name);
$insertArr['user_id'] = $userId;
$insertArr['group_id'] = $groupId;
$newId = $this->dbTableHandler->create_record($insertArr);
}
catch(Exception $e) {
- throw new exception(__METHOD__ .":: failed to create new record, DETAILS::: ". $e->getMessage());
+ throw new exception(__METHOD__ .":: failed to create new record, name=(". $name ."), permString=(". $permString .") DETAILS::: ". $e->getMessage());
}
}
else {
@@ -225,7 +200,14 @@
*/
public function get_permission($name) {
try {
+ if(!$this->is_id_path($name)) {
+ $name = $this->create_id_path($name);
+ }
$retval = $this->dbTableHandler->get_single_record(array('object_path'=>$name));
+
+ //now translate the object_path...
+ // TODO: this could be a resource hog if called in rapid succession; consider creating an object cache or whatnot
+ $retval['translated_path'] = $this->translate_id_path($retval['object_path']);
}
catch(Exception $e) {
throw new exception(__METHOD__ .":: error while locating permission '". $name ."', DETAILS::: ". $e->getMessage());
@@ -265,6 +247,9 @@
* Check available permissions...
*/
public function check_permission($objectName, $userId) {
+ if(!$this->is_id_path($objectName)) {
+ $objectName = $this->create_id_path($objectName,false);
+ }
$availablePerms = array(
'r' => false,
'w' => false,
@@ -410,5 +395,38 @@
return($retval);
}//end has_execute_permission()
//============================================================================
+
+
+
+ //============================================================================
+ public function explode_path($path) {
+ if(is_string($path) && strlen($path)) {
+ $path = preg_replace('/^'. addcslashes($this->objectDelimiter, '/') .'/', '', $path);
+ $path = preg_replace('/'. addcslashes($this->objectDelimiter, '/') .'{2,}/', $this->objectDelimiter, $path);
+ $bits = explode($this->objectDelimiter, $path);
+ }
+ else {
+ throw new exception(__METHOD__ .": invalid path (". $path .")");
+ }
+ return($bits);
+ }//end explode_path()
+ //============================================================================
+
+
+
+ //============================================================================
+ public function create_id_path($path) {
+ //Get the list of objects from the path.
+ $bits = $this->explode_path($path);
+
+ //now create the path.
+ $newPath = $this->create_id_path_from_objects($bits);
+ if(!$this->is_id_path($newPath)) {
+ throw new exception(__METHOD__ .": failed to create ID path from (". $path .")");
+ }
+
+ return($newPath);
+ }//end create_id_path()
+ //============================================================================
}
?>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
