Menu
▾
▴
[Gemstracker-svn] SF.net SVN: gemstracker:[284] trunk/library
|
From: <gem...@li...> - 2011-11-24 17:17:45
|
Revision: 284
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=284&view=rev
Author: matijsdejong
Date: 2011-11-24 17:17:39 +0000 (Thu, 24 Nov 2011)
Log Message:
-----------
Users can now login as any organization they are allowed to access.
Oodles of small bugs, e.g. gor_accessible_by implemented in wrong way
Modified Paths:
--------------
trunk/library/classes/Gems/User/OldStaffUserDefinition.php
trunk/library/classes/Gems/User/Organization.php
trunk/library/classes/Gems/User/StaffUserDefinition.php
trunk/library/classes/Gems/User/User.php
trunk/library/classes/Gems/User/UserLoader.php
trunk/library/snippets/Organization/OrganizationTableSnippet.php
Modified: trunk/library/classes/Gems/User/OldStaffUserDefinition.php
===================================================================
--- trunk/library/classes/Gems/User/OldStaffUserDefinition.php 2011-11-24 15:35:11 UTC (rev 283)
+++ trunk/library/classes/Gems/User/OldStaffUserDefinition.php 2011-11-24 17:17:39 UTC (rev 284)
@@ -148,7 +148,7 @@
// For a multi-layout project we need to select the appropriate style too,
// but as PATCHES may not be in effect we have to try two selects
$select2 = clone $select;
- $select2->columns(array('user_style' => 'gor_style', 'user_allowed_ip_ranges' => 'ggp_allowed_ip_ranges', 'accessible_by' => 'gor_accessible_by'), 'gems__organizations');
+ $select2->columns(array('user_allowed_ip_ranges' => 'ggp_allowed_ip_ranges'), 'gems__groups');
try {
// Fails before patch has run...
@@ -184,7 +184,6 @@
->columns(array('user_name'=>"(concat(coalesce(concat(`gems__staff`.`gsf_first_name`,_utf8' '),_utf8''),coalesce(concat(`gems__staff`.`gsf_surname_prefix`,_utf8' '),_utf8''),coalesce(`gems__staff`.`gsf_last_name`,_utf8'')))"))
->join('gems__groups', 'gsf_id_primary_group = ggp_id_group', array('user_role'=>'ggp_role'))
->where('ggp_group_active = 1')
- ->where('gor_active = 1')
->where('gsf_active = 1')
->where('gsf_login = ?')
->limit(1);
Modified: trunk/library/classes/Gems/User/Organization.php
===================================================================
--- trunk/library/classes/Gems/User/Organization.php 2011-11-24 15:35:11 UTC (rev 283)
+++ trunk/library/classes/Gems/User/Organization.php 2011-11-24 17:17:39 UTC (rev 284)
@@ -32,7 +32,7 @@
* @author Matijs de Jong <mj...@ma...>
* @copyright Copyright (c) 2011 Erasmus MC
* @license New BSD License
- * @version $Id: Sample.php 203 2011-07-07 12:51:32Z matijs $
+ * @version $id: Organization.php 203 2011-07-07 12:51:32Z matijs $
*/
/**
@@ -57,12 +57,21 @@
'gor_id_organization' => 1,
'gor_name' => 'NO ORGANIZATION',
'gor_code' => null,
+ 'gor_location' => null,
+ 'gor_url' => null,
+ 'gor_task' => null,
+ 'gor_accessible_by' => null,
+ 'gor_contact_name' => null,
+ 'gor_contact_email' => null,
+ 'gor_welcome' => null,
+ 'gor_signature' => null,
'gor_style' => null,
'gor_iso_lang' => 'en',
+ 'gor_has_respondents' => 0,
+ 'gor_add_respondents' => 0,
'gor_active' => 0,
- 'gor_has_respondents' => false,
- 'gor_add_respondents' => false
- );
+ 'can_access' => array(),
+ );
/**
*
@@ -173,21 +182,46 @@
}
if (! $this->_organizationData) {
- $this->_organizationData = $this->db->fetchRow('SELECT * FROM gems__organizations WHERE gor_id_organization = ? LIMIT 1', $this->_organizationId);
+ $sql = "SELECT * FROM gems__organizations WHERE gor_id_organization = ? LIMIT 1";
+ $this->_organizationData = $this->db->fetchRow($sql, $this->_organizationId);
if (! $this->_organizationData) {
$this->_organizationData = $this->_noOrganization;
+ } else {
+ $dbOrgId = $this->db->quote($this->_organizationId, Zend_Db::INT_TYPE);
+ $sql = "SELECT gor_id_organization, gor_name
+ FROM gems__organizations
+ WHERE gor_active = 1 AND
+ (
+ gor_id_organization = $dbOrgId OR
+ gor_accessible_by LIKE '%:$dbOrgId:%'
+ )
+ ORDER BY gor_name";
+ $this->_organizationData['can_access'] = $this->db->fetchPairs($sql);
+
+ // MUtil_Echo::track($sql, $this->_organizationData['can_access']);
}
if ($cacheId) {
$this->cache->save($this->_organizationData, $cacheId);
}
}
+ // MUtil_Echo::track($this->_organizationData);
return is_array($this->_organizationData) && parent::checkRegistryRequestsAnswers();
}
/**
+ * Get the organizations this organizations can access.
+ *
+ * @return array Of type orgId => orgName
+ */
+ public function getAllowedOrganizations()
+ {
+ return $this->_organizationData['can_access'];
+ }
+
+ /**
* Get the code attribute.
*
* @return string
Modified: trunk/library/classes/Gems/User/StaffUserDefinition.php
===================================================================
--- trunk/library/classes/Gems/User/StaffUserDefinition.php 2011-11-24 15:35:11 UTC (rev 283)
+++ trunk/library/classes/Gems/User/StaffUserDefinition.php 2011-11-24 17:17:39 UTC (rev 284)
@@ -192,16 +192,9 @@
'user_base_org_id' => 'gsf_id_organization'))
->columns(array('user_name'=>"(concat(coalesce(concat(`gems__staff`.`gsf_first_name`,_utf8' '),_utf8''),coalesce(concat(`gems__staff`.`gsf_surname_prefix`,_utf8' '),_utf8''),coalesce(`gems__staff`.`gsf_last_name`,_utf8'')))"))
->join('gems__groups', 'gsf_id_primary_group = ggp_id_group', array('user_role'=>'ggp_role', 'user_allowed_ip_ranges' => 'ggp_allowed_ip_ranges'))
- ->join('gems__organizations', 'gul_id_organization = gor_id_organization',
- array(
- 'user_organization_id' => 'gor_id_organization',
- 'user_organization_name' => 'gor_name',
- 'user_style' => 'gor_style',
- 'accessible_by' => 'gor_accessible_by'))
->joinLeft('gems__user_passwords', 'gul_id_user = gup_id_user',
array('user_password_reset' => 'gup_reset_required'))
->where('ggp_group_active = 1')
- ->where('gor_active = 1')
->where('gsf_active = 1')
->where('gul_can_login = 1')
->where('gul_login = ?')
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2011-11-24 15:35:11 UTC (rev 283)
+++ trunk/library/classes/Gems/User/User.php 2011-11-24 17:17:39 UTC (rev 284)
@@ -230,6 +230,7 @@
$auth = Gems_Auth::getInstance();
$formValues['allowed_ip_ranges'] = $this->getAllowedIPRanges();
+ $formValues['organization'] = $this->getBaseOrganizationId();
$adapter = $this->definition->getAuthAdapter($formValues);
$authResult = $auth->authenticate($adapter, $formValues);
@@ -305,11 +306,6 @@
}
}
- if (! $this->_hasVar('__allowedOrgs')) {
- // Is always requested so no win in waiting.
- $this->refreshAllowedOrganizations();
- }
-
return (boolean) $this->acl && $this->basepath && $this->userLoader;
}
@@ -330,10 +326,25 @@
*/
public function getAllowedOrganizations()
{
+
+ if (! $this->_hasVar('__allowedOrgs')) {
+ $this->refreshAllowedOrganizations();
+ }
+
return $this->_getVar('__allowedOrgs');
}
/**
+ * Returns the original (not the current) organization used by this user.
+ *
+ * @return Gems_User_Organization
+ */
+ public function getBaseOrganization()
+ {
+ return $this->userLoader->getOrganization($this->getBaseOrganizationId());
+ }
+
+ /**
* Returns the original (not the current) organization id of this user.
*
* @return int
@@ -605,33 +616,14 @@
*/
public function refreshAllowedOrganizations()
{
- $sql = "SELECT gor_id_organization, gor_name FROM gems__organizations WHERE ";
-
// Privilege overrules organizational settings
- if (! $this->hasPrivilege('pr.organization-switch')) {
- if ($by = $this->_getVar('accessible_by')) {
- $orgs = explode(':', trim($by, ':'));
-
- if ($orgs) {
- // Not to forget: the users own organization
- $orgs[] = $this->getBaseOrganizationId();
-
- $sql .= "gor_id_organization IN (";
- $sql .= implode(', ', $orgs);
- $sql .= ") AND ";
- } else {
- $sql = false;
- }
- } else {
- $sql = false;
- }
- }
- if ($sql) {
- $sql .= " gor_active = 1 ORDER BY gor_name";
- $orgs = $this->db->fetchPairs($sql);
+ if ($this->hasPrivilege('pr.organization-switch')) {
+ $orgs = $this->db->fetchPairs("SELECT gor_id_organization, gor_name FROM gems__organizations WHERE gor_active = 1 ORDER BY gor_name");
} else {
- $orgs = array();
+ $orgs = $this->getBaseOrganization()->getAllowedOrganizations();
}
+ natsort($orgs);
+ // MUtil_Echo::track($orgs);
$this->_setVar('__allowedOrgs', $orgs);
Modified: trunk/library/classes/Gems/User/UserLoader.php
===================================================================
--- trunk/library/classes/Gems/User/UserLoader.php 2011-11-24 15:35:11 UTC (rev 283)
+++ trunk/library/classes/Gems/User/UserLoader.php 2011-11-24 17:17:39 UTC (rev 284)
@@ -126,16 +126,6 @@
}
/**
- * Get an array of OrgId => Org Name for all allowed organizations for the current loggedin user
- *
- * @return array
- */
- public function getAllowedOrganizations()
- {
- return $this->db->fetchPairs("SELECT gor_id_organization, gor_name FROM gems__organizations WHERE gor_active = 1 ORDER BY gor_name");
- }
-
- /**
* Get the currently loggin in user
*
* @return Gems_User_User
@@ -194,14 +184,15 @@
* @param int $organization
* @return Gems_User_User But ! ->isActive when the user does not exist
*/
- public function getUser($login_name, $organization)
+ public function getUser($login_name, $currentOrganization)
{
- $defName = $this->getUserClassName($login_name, $organization);
+ list($defName, $userOrganization) = $this->getUserClassInfo($login_name, $currentOrganization);
+ // MUtil_Echo::track($defName, $userOrganization);
$definition = $this->_getClass($defName);
- $values = $definition->getUserData($login_name, $organization);
- // MUtil_Echo::track($defName, $login_name, $organization, $values);
+ $values = $definition->getUserData($login_name, $userOrganization);
+ // MUtil_Echo::track($defName, $login_name, $userOrganization, $values);
if (! isset($values['user_active'])) {
$values['user_active'] = true;
@@ -211,7 +202,7 @@
$user = $this->_loadClass('User', true, array($values, $definition));
- $user->setCurrentOrganization($organization);
+ $user->setCurrentOrganization($currentOrganization);
return $user;
}
@@ -239,29 +230,64 @@
*
* @param string $login_name
* @param int $organization
- * @return string
+ * @return array Containing definitionName, organizationId
*/
- protected function getUserClassName($login_name, $organization)
+ protected function getUserClassInfo($login_name, $organization)
{
if ((null == $login_name) || (null == $organization)) {
- return 'NoLoginDefinition';
+ return array('NoLoginDefinition', $organization);
}
if ($this->isProjectUser($login_name)) {
- return 'ProjectUserDefinition';
+ return array('ProjectUserDefinition', $organization);
}
try {
- $sql = "SELECT gul_user_class FROM gems__user_logins WHERE gul_can_login = 1 AND gul_login = ? AND gul_id_organization = ?";
- if ($class = $this->db->fetchOne($sql, array($login_name, $organization))) {
- return $class . 'Definition';
+ $sql = "SELECT CONCAT(gul_user_class, 'Definition'), gul_id_organization
+ FROM gems__user_logins INNER JOIN gems__organizations ON gor_id_organization = gul_id_organization
+ WHERE gor_active = 1 AND
+ gul_can_login = 1 AND
+ gul_login = ? AND
+ gul_id_organization = ?
+ LIMIT 1";
+
+ $params[] = $login_name;
+ $params[] = $organization;
+ // MUtil_Echo::track($sql, $params);
+
+ $row = $this->db->fetchRow($sql, $params, Zend_Db::FETCH_NUM);
+
+ if (! $row) {
+ // Try to get see if this is another allowed organization for this user
+ $sql = "SELECT CONCAT(gul_user_class, 'Definition'), gul_id_organization
+ FROM gems__user_logins INNER JOIN gems__organizations ON gor_id_organization != gul_id_organization
+ WHERE gor_active = 1 AND
+ gul_can_login = 1 AND
+ gul_login = ? AND
+ gor_id_organization = ? AND
+ gor_accessible_by LIKE CONCAT('%:', gul_id_organization, ':%')
+ LIMIT 1";
+
+ // MUtil_Echo::track($sql, $params);
+
+ $row = $this->db->fetchRow($sql, $params, Zend_Db::FETCH_NUM);
}
+ if ($row) {
+ // MUtil_Echo::track($row);
+ return $row;
+ }
+
} catch (Zend_Db_Exception $e) {
// Intentional fall through
}
// Fail over for pre 1.5 projects
- $sql = "SELECT gsf_id_user FROM gems__staff WHERE gsf_active = 1 AND gsf_login = ? AND gsf_id_organization = ?";
+ //
+ // No login as other organization for first login
+ $sql = "SELECT gsf_id_user
+ FROM gems__staff INNER JOIN
+ gems__organizations ON gsf_id_organization = gor_id_organization
+ WHERE gor_active = 1 AND gsf_active = 1 AND gsf_login = ? AND gsf_id_organization = ?";
if ($user_id = $this->db->fetchOne($sql, array($login_name, $organization))) {
// Move user to new staff.
@@ -281,10 +307,10 @@
// MUtil_Echo::r($e);
}
- return self::USER_OLD_STAFF . 'Definition';
+ return array(self::USER_OLD_STAFF . 'Definition', $organization);
}
- return 'NoLoginDefinition';
+ return array('NoLoginDefinition', $organization);
}
protected function isProjectUser($login_name)
Modified: trunk/library/snippets/Organization/OrganizationTableSnippet.php
===================================================================
--- trunk/library/snippets/Organization/OrganizationTableSnippet.php 2011-11-24 15:35:11 UTC (rev 283)
+++ trunk/library/snippets/Organization/OrganizationTableSnippet.php 2011-11-24 17:17:39 UTC (rev 284)
@@ -92,7 +92,7 @@
$bridge->addMultiSort($orgName, $BR, 'gor_task', $BR, 'gor_location');
$bridge->addMultiSort($mailName, $BR, 'gor_style', $BR, 'gor_iso_lang');
$bridge->addMultiSort('gor_active', $BR, 'gor_add_respondents', $BR, 'gor_has_respondents');
- // $bridge->add('gor_accessible_by');
+ $bridge->add('gor_accessible_by');
if ($editMenuItem = $this->getEditMenuItem()) {
$bridge->addItemLink($editMenuItem->toActionLinkLower($this->request, $bridge));
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
