diff --git a/index.php b/index.php index 2e345299b..8395d0bdf 100644 --- a/index.php +++ b/index.php @@ -34,6 +34,7 @@ // Initialize owa admin $owa = new owa_php; + if (!$owa->isOwaInstalled()) { // redirect to install owa_lib::redirectBrowser(owa_coreAPI::getSetting('base','public_url').'install.php'); @@ -44,6 +45,7 @@ // run controller or view and echo page content echo $owa->handleRequestFromURL(); } else { + // unload owa $owa->restInPeace(); } diff --git a/modules/base/apiRequest.php b/modules/base/apiRequest.php index 518c52b61..41c609705 100644 --- a/modules/base/apiRequest.php +++ b/modules/base/apiRequest.php @@ -55,7 +55,7 @@ function action() { // doesn't look like the currentuser has the necessary priviledges owa_coreAPI::debug('User does not have capability required by this controller.'); // auth user - $auth = &owa_auth::get_instance(); + $auth = owa_auth::get_instance(); $status = $auth->authenticateUser(); // if auth was not successful then return login view. if ($status['auth_status'] != true) { diff --git a/modules/base/classes/installController.php b/modules/base/classes/installController.php index 5024c7867..8ea6f9864 100644 --- a/modules/base/classes/installController.php +++ b/modules/base/classes/installController.php @@ -78,7 +78,7 @@ function createAdminUser($email_address, $real_name = '', $password = '') { if (empty($id_check)) { //Check to see if user name already exists - $u->getByColumn('user_id', 'admin'); + $u->getByColumn('user_id', owa_user::ADMIN_USER_ID); $id = $u->get('id'); @@ -89,7 +89,7 @@ function createAdminUser($email_address, $real_name = '', $password = '') { if ( ! $password ) { $password = $u->generateRandomPassword(); } - $ret = $u->createNewUser('admin', 'admin', $password, $email_address, $real_name); + $ret = $u->createNewUser('admin', owa_user::ADMIN_USER_ID, $password, $email_address, $real_name); owa_coreAPI::debug("Admin user created successfully."); return $password; diff --git a/modules/base/classes/installManager.php b/modules/base/classes/installManager.php index 1c75996d8..d770b001b 100644 --- a/modules/base/classes/installManager.php +++ b/modules/base/classes/installManager.php @@ -56,7 +56,7 @@ function createAdminUser($email_address, $real_name = '', $password = '') { if (empty($id_check)) { //Check to see if user name already exists - $u->getByColumn('user_id', 'admin'); + $u->getByColumn('user_id', owa_user::ADMIN_USER_ID); $id = $u->get('id'); diff --git a/modules/base/classes/resultSetManager.php b/modules/base/classes/resultSetManager.php index 6928d0701..ce7cd6706 100644 --- a/modules/base/classes/resultSetManager.php +++ b/modules/base/classes/resultSetManager.php @@ -874,6 +874,9 @@ function applyMetaDataToSingleResultRow($row) { $type = 'metric'; $data_type = $this->getMetric($k)->getDataType(); } + else { + throw new Exception($k.' is not a metric or dimension. Check the configuration!'); + } diff --git a/modules/base/classes/service.php b/modules/base/classes/service.php index 670f03f13..74fe02243 100644 --- a/modules/base/classes/service.php +++ b/modules/base/classes/service.php @@ -245,8 +245,10 @@ function _loadEventProcessors() { } - function &getCurrentUser() { - + /** + * @return owa_serviceUser + */ + function getCurrentUser() { return $this->current_user; } diff --git a/modules/base/classes/serviceUser.php b/modules/base/classes/serviceUser.php index 0b724f39b..67168a33f 100644 --- a/modules/base/classes/serviceUser.php +++ b/modules/base/classes/serviceUser.php @@ -30,8 +30,10 @@ class owa_serviceUser extends owa_base { - - var $user; + /** + * @var owa_user + */ + public $user; var $capabilities = array(); var $preferences = array(); var $is_authenticated; @@ -55,26 +57,24 @@ function loadRelatedUserData() { $this->preferences = $this->getPreferences($this->user->get('user_id')); return; } - - function getCapabilities($role) { - - $caps = owa_coreAPI::getSetting('base', 'capabilities'); - + /** + * gets allowed capabilities for the user role + * @param unknown_type $role + */ + function getCapabilities($role) { + $caps = owa_coreAPI::getSetting('base', 'capabilities'); if (array_key_exists($role, $caps)) { return $caps[$role]; } else { return array(); - } - + } } - function getPreferences($user_id) { - + function getPreferences($user_id) { return false; } - function getRole() { - + function getRole() { return $this->user->get('role'); } @@ -96,23 +96,33 @@ function getUserData($name) { return $this->user->get($name); } - function isCapable($cap) { - //owa_coreAPI::debug(print_r($this->user->getProperties(), true)); - owa_coreAPI::debug("cap ".$cap); - // just in case there is no cap passed - if (!empty($cap)) { - //adding @ here as is_array throws warning that an empty array is not the right data type! - if (in_array($cap, $this->capabilities)) { - return true; - } else { - return false; - } - - } else { - + /** + * Checks if user is capable to do something + * @param string $cap + * @param integer $currentSiteId optionel - only needed if cap is a capabilities That Require SiteAccess. You need to pass site_id (not id) field + */ + function isCapable($cap, $siteId = null) { + owa_coreAPI::debug("check cap ".$cap); + //global admin can always everything: + if ($this->user->isOWAAdmin() || empty($cap)) { return true; } + if (!in_array($cap, $this->capabilities)) { + return false; + } + $capabilitiesThatRequireSiteAccess = owa_coreAPI::getSetting('base', 'capabilitiesThatRequireSiteAccess'); + if (is_array($capabilitiesThatRequireSiteAccess) && in_array($cap, $capabilitiesThatRequireSiteAccess)) { + if (is_null($siteId)) { + throw new InvalidArgumentException('Capability "'.$cap.'" that should be checked requires a sited - but nothing given'); + } + $site = owa_coreAPI::entityFactory('base.site'); + $site->load($siteId,'site_id'); + if (!$site->isUserAssigned($this->user->get('id'))) { + return false; + } + } + return true; } // mark the user as authenticated and populate their capabilities diff --git a/modules/base/classes/settings.php b/modules/base/classes/settings.php index c316beb19..482439e6e 100644 --- a/modules/base/classes/settings.php +++ b/modules/base/classes/settings.php @@ -33,7 +33,7 @@ class owa_settings { /** * Configuration Entity * - * @var object configuration entity + * @var owa_configuration */ var $config; @@ -59,7 +59,8 @@ function __construct() { // create configuration object $this->config = owa_coreAPI::entityFactory('base.configuration'); // load the default settings - $this->getDefaultConfig(); + $this->config->set('settings', $this->getDefaultSettingsArray()); + // include/load config file $this->loadConfigFile(); // apply config constants @@ -87,7 +88,10 @@ function __construct() { } - function isConfigFilePresent() { + /** + * @return boolean + */ + public function isConfigFilePresent() { $file = OWA_DIR.'owa-config.php'; $oldfile = OWA_BASE_DIR.'/conf/owa-config.php'; @@ -101,7 +105,7 @@ function isConfigFilePresent() { } } - function loadConfigFile() { + private function loadConfigFile() { /* LOAD CONFIG FILE */ $file = OWA_DIR.'owa-config.php'; @@ -225,8 +229,12 @@ function applyConfigConstants() { } } - - function applyModuleOverrides($module, $config) { + /** + * Ovverrides settings - used in some controllers (@see owa_caller ) + * @param string $module + * @param array $config + */ + public function applyModuleOverrides($module, $config) { // merge default config with overrides @@ -429,16 +437,15 @@ function set($module, $key, $value) { /** * Adds Setting value to be configuration and persistant data store + * same as $this->set * * @param string $module the name of the module * @param string $key the configuration key * @param string $value the configuration value * @depricated */ - function setSetting($module, $key, $value) { - - return $this->set($module, $key, $value); - + function setSetting($module, $key, $value) { + return $this->set($module, $key, $value); } /** @@ -449,49 +456,45 @@ function setSetting($module, $key, $value) { * @param string $value the configuration value * @return */ - function persistSetting($module, $key, $value) { + public function persistSetting($module, $key, $value) { $this->set($module, $key, $value); $this->db_settings[$module][$key] = $value; $this->is_dirty = true; } - function defaultSetting($module, $key) { - $defaults = $this->getDefaultSettingsArray(); - - if ( array_key_exists($module, $defaults) && array_key_exists($key, $defaults[$module]) ) { - $this->set($module, $key, $defaults[$module][$key]); - - if ( array_key_exists($module, $this->db_settings) && array_key_exists($key, $this->db_settings[$module]) ) { - unset($this->db_settings[$module][$key]); - $this->is_dirty = true; - } - } - } - - - /** - * Adds Setting value to be configuration but DOES NOT add to persistant data store + * SEEMS unused - To be removed later + * * - * @param string $module the name of the module - * @param string $key the configuration key - * @param string $value the configuration value - * @return - */ - function setSettingTemporary($module, $key, $value) { - - $this->set($module, $key, $value); + function defaultSetting($module, $key) { + $defaults = $this->getDefaultSettingsArray(); + + if ( array_key_exists($module, $defaults) && array_key_exists($key, $defaults[$module]) ) { + $this->set($module, $key, $defaults[$module][$key]); + + if ( array_key_exists($module, $this->db_settings) && array_key_exists($key, $this->db_settings[$module]) ) { + unset($this->db_settings[$module][$key]); + $this->is_dirty = true; + } + } + } + + //Adds Setting value to be configuration but DOES NOT add to persistant data store + function setSettingTemporary($module, $key, $value) { - return; - - } + $this->set($module, $key, $value); + + return; + + } + */ /** * Replaces all values of a particular module's configuration * @todo: search to see where else this is used. If unused then make it for use in persist only. */ - function replace($module, $values, $persist = false) { + private function replace($module, $values, $persist = false) { if ($persist) { $this->db_settings[$module] = $values; @@ -510,8 +513,7 @@ function replace($module, $values, $persist = false) { * Needed for backwards compatability with older classes * */ - function &get_settings($id = 1) { - + function &get_settings($id = 1) { static $config2; @@ -524,14 +526,11 @@ function &get_settings($id = 1) { } - function getDefaultConfig() { - - $config = $this->getDefaultSettingsArray(); - // set default values - $this->config->set('settings', $config); - } - - function getDefaultSettingsArray() { + + /** + * @return array + */ + private function getDefaultSettingsArray() { return array( 'base' => array( @@ -670,6 +669,12 @@ function getDefaultSettingsArray() { 'ad_type' => 'owa_ad_type'), 'trafficAttributionMode' => 'direct', 'campaignAttributionWindow' => 60, + //list of capabilities that require access to the site + 'capabilitiesThatRequireSiteAccess' => array( + 'view_reports', + 'edit_sites', + ), + // role to capabilities configuration 'capabilities' => array( 'admin' => array( 'view_reports', @@ -701,7 +706,11 @@ function getDefaultSettingsArray() { } - function setupPaths() { + /** + * sets the basic path settings in the config object like "public_path" / "images_url" ... + * @return void + */ + private function setupPaths() { //build base url $base_url = ''; @@ -759,7 +768,12 @@ function setupPaths() { } } - function createConfigFile($config_values) { + /** + * Writes the config file based on the default config file - but with the given database credentials + * + * @param array $config_values with the database setting keys + */ + public function createConfigFile($config_values) { if (file_exists(OWA_DIR.'owa-config.php')) { owa_coreAPI::error("Your config file already exists. If you need to change your configuration, edit that file at: ".OWA_DIR.'owa-config.php'); @@ -768,13 +782,14 @@ function createConfigFile($config_values) { } if (!file_exists(OWA_DIR.'owa-config-dist.php')) { - owa_coreAPI::error("We can't find the configuration file template. Are you sure you installed OWA's files correctly? Exiting."); - exit; - } else { - $configFileTemplate = file(OWA_DIR . 'owa-config-dist.php'); - owa_coreAPI::debug('found sample config file.'); - } + $errorMsg = "We can't find the configuration file template. Are you sure you installed OWA's files correctly? Exiting."; + owa_coreAPI::error($errorMsg); + throw new Exception($errorMsg); + } + $configFileTemplate = file(OWA_DIR . 'owa-config-dist.php'); + owa_coreAPI::debug('found sample config file.'); + $handle = fopen(OWA_DIR . 'owa-config.php', 'w'); foreach ($configFileTemplate as $line_num => $line) { @@ -824,7 +839,12 @@ function reset($module) { } } - function setCookieDomain ($domain = '') { + /** + * sets and checks the cookie domain setting + * + * @param unknown_type $domain + */ + public function setCookieDomain ($domain = '') { $explicit = false; diff --git a/modules/base/entities/site.php b/modules/base/entities/site.php index 674264ad4..410f480e9 100644 --- a/modules/base/entities/site.php +++ b/modules/base/entities/site.php @@ -32,6 +32,8 @@ class owa_site extends owa_entity { + private static $cachedAssignedUsers = array(); + function __construct() { $this->setTableName('site'); @@ -71,7 +73,77 @@ function settingsSetFilter($value) { owa_coreAPI::debug($value); return $value; } + + + + /** + * Updates the allowed Sites for the current loaded user + * @param array $siteIds + */ + public function updateAssignedUserIds(array $userIds) { + if (!$this->get('id')) { + throw new Exception('no site data loaded!'); + } + $db = owa_coreAPI::dbSingleton(); + $db->deleteFrom('owa_site_user'); + $db->where( 'site_id', $this->get('id') ); + $ret = $db->executeQuery(); + + foreach ($userIds as $id) { + $relation = owa_coreAPI::entityFactory('base.site_user'); + $relation->set( 'user_id', intval ($id ) ); + $relation->set( 'site_id', $this->get('id') ); + $relation->save(); + } + + unset ( self::$cachedAssignedUsers[$this->get('id')] ); + + } + + + /** + * Checks if user is allowed to access the site. + * @param integer $userId + * @return boolean + */ + public function isUserAssigned($userId) { + $users = $this->getAssignedUsers(); + foreach ($users as $user) { + if ($userId == $user->get('id')) { + return true; + } + } + return false; + } + + /** + * Returns collection of owa_user entities that are allowed for current user + * @return owa_user[] + */ + public function getAssignedUsers() { + if (!$this->get('id')) { + throw new Exception('no site data loaded!'); + } + if (!isset(self::$cachedAssignedUsers[$this->get('id')])) { + $db = owa_coreAPI::dbSingleton(); + $db->selectFrom( 'owa_site_user' ); + $db->selectColumn( '*' ); + $db->where( 'site_id', $this->get('id') ); + $relations = $db->getAllRows(); + $result = array(); + if (is_array($relations)) { + foreach ($relations as $row) { + $userEntity = owa_coreApi::entityFactory('base.user'); + $userEntity->load($row['user_id']); + $result[] = $userEntity; + } + } + self::$cachedAssignedUsers[$this->get('id')] = $result; + } + + return self::$cachedAssignedUsers[$this->get('id')]; + } } diff --git a/modules/base/entities/site_user.php b/modules/base/entities/site_user.php new file mode 100644 index 000000000..7cc35d377 --- /dev/null +++ b/modules/base/entities/site_user.php @@ -0,0 +1,43 @@ + + * @copyright Copyright © 2006 Peter Adams + * @license http://www.gnu.org/copyleft/gpl.html GPL v2.0 + * @category owa + * @package owa + * @version $Revision$ + * @since owa 1.0.0 + */ + +class owa_site_user extends owa_entity { + + public function __construct() { + $this->setTableName('site_user'); + $this->setProperty( new owa_dbColumn( 'site_id' , OWA_DTD_BIGINT ) ); + $this->setProperty( new owa_dbColumn( 'user_id' , OWA_DTD_INT ) ); + } + + + +} + +?> \ No newline at end of file diff --git a/modules/base/entities/user.php b/modules/base/entities/user.php index d8b888092..a47d8524f 100644 --- a/modules/base/entities/user.php +++ b/modules/base/entities/user.php @@ -30,6 +30,8 @@ class owa_user extends owa_entity { + const ADMIN_USER_ID = 'admin'; + function __construct() { $this->setTableName('user'); @@ -55,10 +57,16 @@ function __construct() { $this->properties['creation_date']->setDataType(OWA_DTD_BIGINT); $this->properties['last_update_date'] = new owa_dbColumn; $this->properties['last_update_date']->setDataType(OWA_DTD_BIGINT); + $apiKey = new owa_dbColumn; $apiKey->setName('api_key'); $apiKey->setDataType(OWA_DTD_VARCHAR255); $this->setProperty($apiKey); + + $allowedSite = new owa_dbColumn; + $allowedSite->setName('allowed_site'); + $allowedSite->setDataType(OWA_DTD_VARCHAR255); + $this->setProperty($allowedSite); } function createNewUser($user_id, $role, $password = '', $email_address = '', $real_name = '') { @@ -86,11 +94,17 @@ function generateTempPasskey($seed) { return md5($seed.time().rand()); } - function generateRandomPassword() { - + function generateRandomPassword() { return substr(owa_lib::encryptPassword(microtime()),0,6); } + /** + * @return boolean + */ + public function isOWAAdmin() { + return $this->get('user_id') == self::ADMIN_USER_ID; + } + } ?> \ No newline at end of file diff --git a/modules/base/error.php b/modules/base/error.php index 08691a3af..c47e0229e 100644 --- a/modules/base/error.php +++ b/modules/base/error.php @@ -34,10 +34,6 @@ class owa_errorView extends owa_view { - function owa_errorView() { - - return owa_errorView::__construct(); - } function __construct() { @@ -64,4 +60,4 @@ function render($data) { -?> \ No newline at end of file +?> diff --git a/modules/base/login.php b/modules/base/login.php index 9eb492a5b..470c3b248 100644 --- a/modules/base/login.php +++ b/modules/base/login.php @@ -23,7 +23,7 @@ class owa_loginController extends owa_controller { function action() { - $auth = &owa_auth::get_instance(); + $auth = owa_auth::get_instance(); $status = $auth->authenticateUser(); $go = $this->getParam('go'); // if authentication is successfull diff --git a/modules/base/module.php b/modules/base/module.php index 2b3559acc..0bf1c0b36 100644 --- a/modules/base/module.php +++ b/modules/base/module.php @@ -42,10 +42,10 @@ function __construct() { $this->display_name = 'Open Web Analytics'; $this->group = 'Base'; $this->author = 'Peter Adams'; - $this->version = 7; + $this->version = 8; $this->description = 'Base functionality for OWA.'; $this->config_required = false; - $this->required_schema_version = 7; + $this->required_schema_version = 8; return parent::__construct(); } diff --git a/modules/base/sites.php b/modules/base/sites.php index f4c86d707..91d82f1d2 100644 --- a/modules/base/sites.php +++ b/modules/base/sites.php @@ -42,7 +42,7 @@ function __construct($params) { function action() { $s = owa_coreAPI::entityFactory('base.site'); - $sites = owa_coreAPI::getSitesList(); + $sites = $this->getAllowedSitesForCurrentUserAndControllerCap(); $this->set('tracked_sites', $sites); $this->setSubview('base.sites'); $this->setView('base.options'); diff --git a/modules/base/sitesEditAllowedUsers.php b/modules/base/sitesEditAllowedUsers.php new file mode 100644 index 000000000..58a3aec37 --- /dev/null +++ b/modules/base/sitesEditAllowedUsers.php @@ -0,0 +1,58 @@ + + * @license http://www.gnu.org/copyleft/gpl.html GPL v2.0 + * @category owa + * @package owa + * @version $Revision$ + * @since owa 1.0.0 + */ +class owa_sitesEditAllowedUsersController extends owa_sitesEditSettingsController { + + + + function action() { + + $site_id = $this->getParam( 'siteId' ); + $siteEntity = owa_coreAPI::entityFactory( 'base.site' ); + $siteEntity->load( $siteEntity->generateId( $site_id ) ); + + //print_r($this->getParam( 'allowed_users' ));die('no'); + if ($this->getParam( 'allowed_users' ) ) { + $siteEntity->updateAssignedUserIds($this->getParam( 'allowed_users' )); + } + else { + $siteEntity->updateAssignedUserIds( array() ); + } + //set variables for view + $this->set('siteId', $site_id); + $this->set('edit', true); + $this->setStatusCode( 3201 ); + $this->setRedirectAction( 'base.sitesProfile' ); + + } + +} + +?> \ No newline at end of file diff --git a/modules/base/sitesEditSettings.php b/modules/base/sitesEditSettings.php index 304e56fa8..7dc46fea7 100644 --- a/modules/base/sitesEditSettings.php +++ b/modules/base/sitesEditSettings.php @@ -40,7 +40,7 @@ function __construct($params) { // validations - // check that user_id is present + // check that siteId is present $v1 = owa_coreAPI::validationFactory('required'); $v1->setValues($this->getParam('siteId')); $this->setValidation('siteId', $v1); @@ -91,7 +91,7 @@ function errorAction() { $site_id = $this->getParam( 'siteId' ); $site = owa_coreAPI::entityFactory( 'base.site' ); $site->load( $site->generateId( $site_id ) ); - $this->set('site', $site); + $this->set('site', $site->_getProperties()); $this->set('config', $this->params); } } diff --git a/modules/base/sitesProfile.php b/modules/base/sitesProfile.php index 7c0534946..bd9ccda89 100644 --- a/modules/base/sitesProfile.php +++ b/modules/base/sitesProfile.php @@ -49,16 +49,20 @@ function action() { $site_data = $site->_getProperties(); $this->set('config', $site->get('settings') ); $this->set('edit', $this->getParam('edit')); + } else { $site_data = array(); } + + $this->set('site', $site_data); $this->set('siteId', $site_id); $this->setView('base.options'); $this->setSubview('base.sitesProfile'); } + } @@ -78,18 +82,30 @@ class owa_sitesProfileView extends owa_view { function render() { + $site = $this->get('site'); if ($this->get('edit')) { $this->body->set('action', 'base.sitesEdit'); $this->body->set('headline', 'Edit Site Profile for: '. $site['domain'] ); + + $siteEntity = owa_coreAPI::entityFactory('base.site'); + $siteEntity->getByColumn('site_id', $this->get('siteId')); + $this->body->set('siteEntity', $siteEntity); } else { $this->body->set('action', 'base.sitesAdd'); $this->body->set('headline', 'Add a New Tracked Site Profile'); } + if (isset($site['domain'])) { + $this->t->set( 'page_title', 'Site Profile for: '. $site['domain'] ); + } + else { + $this->t->set( 'page_title', 'Site Profile for new Site'); + } - $this->t->set( 'page_title', 'Site Profile for: '. $site['domain'] ); + $this->body->set('users', $this->getAllUserRows()); + $this->body->set( 'site', $site ); $this->body->set( 'edit', $this->get('edit') ); $this->body->set( 'site_id', $this->get('siteId') ); @@ -98,9 +114,18 @@ function render() { $this->body->set_template( 'sites_addoredit.tpl' ); } + /** + * @return array + */ + private function getAllUserRows() { + $db = owa_coreAPI::dbSingleton(); + $db->selectFrom('owa_user'); + $db->selectColumn("*"); + return $db->getAllRows(); + } } -?> \ No newline at end of file +?> diff --git a/modules/base/templates/css.tpl b/modules/base/templates/css.tpl index 5e1121bd7..4f67822fa 100644 --- a/modules/base/templates/css.tpl +++ b/modules/base/templates/css.tpl @@ -279,6 +279,6 @@ td#panel {margin: 0px; padding-top:0px;width:;border-collapse: collapse;border:0 font-weight: normal; } - +.noedit {color: #999;} \ No newline at end of file diff --git a/modules/base/templates/filter_site.tpl b/modules/base/templates/filter_site.tpl index cba2a931c..a66129085 100644 --- a/modules/base/templates/filter_site.tpl +++ b/modules/base/templates/filter_site.tpl @@ -3,8 +3,8 @@
Web Site:
diff --git a/modules/base/templates/generic_error.tpl b/modules/base/templates/generic_error.tpl index 594b59815..190e1efa9 100644 --- a/modules/base/templates/generic_error.tpl +++ b/modules/base/templates/generic_error.tpl @@ -1 +1 @@ -
+
diff --git a/modules/base/templates/sites.tpl b/modules/base/templates/sites.tpl index 1573a47be..c15265ed0 100644 --- a/modules/base/templates/sites.tpl +++ b/modules/base/templates/sites.tpl @@ -17,23 +17,23 @@ if it is to be tracked/reported separately.

- $value):?> + - out( $value['name'] );?> + out( $site->get('name') );?>
- - out( $value['description'] );?>
+ get('description') != ''):?> + out( $site->get('description') );?>
- out( $value['domain'] );?>
+ out( $site->get('domain') );?>
- Edit | - Delete | - Get Tracking Code | - Goals + Edit | + Delete | + Get Tracking Code | + Goals diff --git a/modules/base/templates/sites_addoredit.tpl b/modules/base/templates/sites_addoredit.tpl index 031b9639a..548a0db31 100644 --- a/modules/base/templates/sites_addoredit.tpl +++ b/modules/base/templates/sites_addoredit.tpl @@ -28,21 +28,24 @@ -
- out( $validation_errors['domain'] );?> +
+ out( @$validation_errors['domain'] );?> Site Name: - + Description: - + + + +
createNonceFormField($action);?> @@ -62,19 +65,19 @@
P3P Compact Privacy Policy
This setting controls the P3P compact privacy policy that is returned to the browser when OWA sets cookies. Click here for more information on compact privacy policies and choosing the right one for your web site.
-
+
URL Parameters
This setting controls the URL parameters that OWA should ignore when processing requests. This is useful for avoiding duplicate URLs due to the use of tracking or others state parameters in your URLs. Parameter names should be separated by comma.
-
+
Default Page
This is the page that your web server defaults to when there is no page specified in your URL (e.g. index.html). Use this setting to combine page views for www.domain.com and www.domain.com/index.html.
-
+
@@ -91,10 +94,28 @@
createNonceFormField('base.sitesEditSettings');?> - + -
\ No newline at end of file +
+
+ Allowed Users + + +
+ createNonceFormField('base.sitesEditAllowedUsers');?> + + + + +
+ +
+ diff --git a/modules/base/templates/users_addoredit.tpl b/modules/base/templates/users_addoredit.tpl index 750db4188..9b5c0c91e 100644 --- a/modules/base/templates/users_addoredit.tpl +++ b/modules/base/templates/users_addoredit.tpl @@ -11,7 +11,7 @@ User Name - out( $user['user_id'] )?> + out( $user['user_id'] )?> @@ -21,7 +21,7 @@ API Key - + @@ -40,6 +40,8 @@ + + E-mail Address diff --git a/modules/base/updates.php b/modules/base/updates.php index 10a2508f4..a3af43607 100644 --- a/modules/base/updates.php +++ b/modules/base/updates.php @@ -38,7 +38,7 @@ function render($data) { //switch wrapper if OWA is not embedded // needed becasue this view might be rendered before anything else. - if ($this->config['is_embedded'] != true) { + if (isset($this->config['is_embedded']) && $this->config['is_embedded'] != true) { $this->t->set_template('wrapper_public.tpl'); } @@ -62,4 +62,4 @@ function action() { } } -?> \ No newline at end of file +?> diff --git a/modules/base/updates/008.php b/modules/base/updates/008.php new file mode 100644 index 000000000..5d65681e7 --- /dev/null +++ b/modules/base/updates/008.php @@ -0,0 +1,66 @@ + + * @license http://www.gnu.org/copyleft/gpl.html GPL v2.0 + * @category owa + * @package owa + * @version $Revision$ + * @since owa 1.5.0 + */ + + +class owa_base_008_update extends owa_update { + + var $schema_version = 8; + + + function up($force = false) { + $site = owa_coreAPI::entityFactory('base.site_user'); + $ret = $site->createTable('site_user'); + if ($ret === false ) { + $this->e->notice('Create table site_user failed'); + return false; + } + + $ret = $site->addColumn('site_id'); + if ($ret === false ) { + $this->e->notice('Add column site_id failed'); + return false; + } + + $ret = $site->addColumn('user_id'); + if ($ret === false ) { + $this->e->notice('Add column site_id failed'); + return false; + } + + return true; + } + + function down() { + $site = owa_coreAPI::entityFactory('base.site_user'); + $ret = $site->dropTable('site_user'); + return true; + } +} + +?> \ No newline at end of file diff --git a/modules/base/usersAdd.php b/modules/base/usersAdd.php index 1f7e85488..485b467bc 100644 --- a/modules/base/usersAdd.php +++ b/modules/base/usersAdd.php @@ -83,6 +83,7 @@ function action() { 'base.new_user_account'); + $this->setRedirectAction('base.users'); $this->set('status_code', 3000); diff --git a/modules/base/usersEdit.php b/modules/base/usersEdit.php index 3fdb7c144..f88dec956 100644 --- a/modules/base/usersEdit.php +++ b/modules/base/usersEdit.php @@ -63,9 +63,11 @@ function action() { $u->set('real_name', $this->getParam('real_name')); // never change the role of the admin user - if ($u->get('user_id') != 'admin') { + if (!$u->isOWAAdmin()) { $u->set('role', $this->getParam('role')); } + + $u->update(); $this->set('status_code', 3003); $this->setRedirectAction('base.users'); diff --git a/modules/base/usersProfile.php b/modules/base/usersProfile.php index 8aac14455..2820702f2 100644 --- a/modules/base/usersProfile.php +++ b/modules/base/usersProfile.php @@ -81,11 +81,16 @@ function __construct() { } function render($data) { + $user = $this->get('profile'); + $this->body->set('isAdmin', false); if ($this->get('edit')) { $this->body->set('headline', 'Edit user profile'); $this->body->set('action', 'base.usersEdit'); $this->body->set('edit', true); + $userEntity = owa_coreAPI::entityFactory( 'base.user' ); + $userEntity->load( $user['id'] ); + $this->body->set('isAdmin', $userEntity->isOWAAdmin()); } else { $this->body->set('headline', 'Add a new user profile'); $this->body->set('action', 'base.usersAdd'); @@ -95,12 +100,9 @@ function render($data) { $this->t->set('page_title', 'User Profile'); $this->body->set_template('users_addoredit.tpl'); $this->body->set('roles', owa_coreAPI::getAllRoles()); - $user = $this->get('profile'); - $this->body->set('user', $user); - $this->body->set('isAdmin', false); - if ( isset( $user['id'] ) && $user['id'] == 1 ) { - $this->body->set('isAdmin', true); - } + + $this->body->set('user', $user); + } } diff --git a/owa_auth.php b/owa_auth.php index 80c7e910f..c0019e276 100644 --- a/owa_auth.php +++ b/owa_auth.php @@ -74,7 +74,7 @@ class owa_auth extends owa_base { * * @return object */ - public static function &get_instance($plugin = '') { + public static function get_instance($plugin = '') { static $auth; @@ -114,6 +114,8 @@ function authenticateUser() { if (owa_coreAPI::getCurrentUser()->isAuthenticated()) { $ret = true; } elseif (owa_coreAPI::getRequestParam('apiKey')) { + + // auth user by api key $ret = $this->authByApiKey(owa_coreAPI::getRequestParam('apiKey')); } elseif (owa_coreAPI::getRequestParam('pk') && owa_coreAPI::getStateParam('u')) { diff --git a/owa_controller.php b/owa_controller.php index bc96b6fd7..4f557b655 100644 --- a/owa_controller.php +++ b/owa_controller.php @@ -182,18 +182,19 @@ function doAction() { } /* CHECK USER FOR CAPABILITIES */ - if (!owa_coreAPI::isCurrentUserCapable($this->getRequiredCapability())) { + $currentUser = owa_coreAPI::getCurrentUser(); + if (!$currentUser->isCapable($this->getRequiredCapability(),$this->getCurrentSiteId())) { owa_coreAPI::debug('User does not have capability required by this controller.'); // check to see if the user has already been authenticated if (owa_coreAPI::isCurrentUserAuthenticated()) { - $this->authenticatedButNotCapableAction(); + $this->authenticatedButNotCapableAction('User does not have capability required by this controller.'); return $this->data; } /* PERFORM AUTHENTICATION */ - $auth = &owa_auth::get_instance(); + $auth = owa_auth::get_instance(); $status = $auth->authenticateUser(); // if auth was not successful then return login view. if ($status['auth_status'] != true) { @@ -201,7 +202,7 @@ function doAction() { return $this->data; } else { //check for needed capability again now that they are authenticated - if (!owa_coreAPI::isCurrentUserCapable($this->getRequiredCapability())) { + if ( !$currentUser->isCapable($this->getRequiredCapability(),$this->getCurrentSiteId()) ) { $this->authenticatedButNotCapableAction(); //needed? $this->set('go', urlencode(owa_lib::get_current_url())); @@ -523,10 +524,12 @@ function setStatusMsg($msg) { $this->data['status_message'] = $msg; } - function authenticatedButNotCapableAction() { - + function authenticatedButNotCapableAction($additionalMessage = '') { + if ( empty($additionalMessage) ) { + $additionalMessage = '('.$this->getRequiredCapability().' / '.$this->getCurrentSiteId() .')'; + } $this->setView('base.error'); - $this->set('error_msg', $this->getMsg(2003)); + $this->set('error_msg', $this->getMsg(2003).' '.$additionalMessage); } function notAuthenticatedAction() { @@ -562,6 +565,57 @@ function getSetting($module, $name) { return owa_coreAPI::getSetting($module, $name); } + + /** + * @return array + */ + protected function getAllowedSitesForCurrentUserAndControllerCap() { + $currentUser = owa_coreAPI::getCurrentUser(); + $allSites = owa_coreAPI::getSitesList(); + $allowedSites=array(); + foreach ($allSites as $siteRow) { + if ($currentUser->isCapable($this->capability,$siteRow['site_id'])) { + $site = owa_coreAPI::entityFactory('base.site'); + $site->load($siteRow['id']); + $allowedSites[$siteRow['site_id']] = $site; + } + } + return $allowedSites; + } + /** + * gets the siteid taking the site access permissions into account + * If not a typical siteId parameter is set or user lacks permission, the first availabe site is used + * + * @return string or false if no site access + */ + protected function getCurrentSiteId() { + $allowedSites = $this->getAllowedSitesForCurrentUserAndControllerCap(); + $siteParameterValue = $this->getSiteIdParameterValue(); + + // set siteId from Request if set + if ( $siteParameterValue !== false && isset($allowedSites[$siteParameterValue])) { + return $siteParameterValue; + } + elseif (isset($allowedSites[0])) { + //set default + return $allowedSites[0]->get('site_id'); + } + return false; + } + + /** + * @return integer or false + */ + protected function getSiteIdParameterValue() { + if ($this->getParam('siteId') ) { + return $this->getParam('siteId'); + } + elseif ($this->getParam('site_id') ) { + return $this->getParam('site_id'); + } + return false; + } + } -?> \ No newline at end of file +?> diff --git a/owa_coreAPI.php b/owa_coreAPI.php index 7045f90a4..1ee8815f2 100644 --- a/owa_coreAPI.php +++ b/owa_coreAPI.php @@ -32,6 +32,7 @@ class owa_coreAPI { + const OWA_ROLE_VIEWER = 'viewer'; // @depricated // @todo remove @@ -74,7 +75,9 @@ public static function setupStorageEngine($type) { return true; } - + /** + * @return owa_db + */ public static function dbSingleton() { static $db; @@ -109,8 +112,11 @@ public static function dbFactory() { return $db; } } - - public static function &configSingleton($params = array()) { + + /** + * @return owa_settings + */ + public static function configSingleton() { static $config; @@ -222,8 +228,10 @@ public static function getAllRoles() { return array_keys($caps); } - public static function &getCurrentUser() { - + /** + * @return owa_serviceUser + */ + public static function getCurrentUser() { $s = owa_coreAPI::serviceSingleton(); return $s->getCurrentUser(); } @@ -247,8 +255,10 @@ public static function isCurrentUserAuthenticated() { $cu = owa_coreAPI::getCurrentUser(); return $cu->isAuthenticated(); } - - public static function &serviceSingleton() { + /** + * @return owa_service + */ + public static function serviceSingleton() { static $s; @@ -329,7 +339,6 @@ public static function moduleRequireOnce($module, $class_dir, $file) { } public static function moduleFactory($modulefile, $class_suffix = null, $params = '', $class_ns = 'owa_') { - list($module, $file) = explode(".", $modulefile); $class = $class_ns.$file.$class_suffix; //print $class; @@ -707,9 +716,10 @@ public static function getNavSort($a, $b) { public static function getActiveModules() { $c = owa_coreAPI::configSingleton(); - $config = $c->config->get('settings'); - //print_r($config); + $config = $c->config->get('settings'); + + $active_modules = array(); foreach ($config as $k => $module) { @@ -742,12 +752,12 @@ public static function performAction($action, $params = array()) { $controller = owa_coreAPI::moduleFactory($action, 'Controller', $params); if (!$controller || !method_exists($controller, 'doAction')) { + owa_coreAPI::debug("No controller is associated with $action."); return; } - $data = $controller->doAction(); - + $data = $controller->doAction(); // Display view if controller calls for one. if (!empty($data['view']) || !empty($data['action'])): @@ -1154,20 +1164,19 @@ public static function isUpdateRequired() { return $service->isUpdateRequired(); } - public static function getSitesList() { - + /** + * @return array + */ + public static function getSitesList() { $db = owa_coreAPI::dbSingleton(); $db->selectFrom('owa_site'); $db->selectColumn('*'); $sites = $db->getAllRows(); - if ( ! $sites ) { - + if ( ! $sites ) { $sites = array(); - } - - return $sites; - + } + return $sites; } public static function profile($that = '', $function = '', $line = '', $msg = '') { diff --git a/owa_lib.php b/owa_lib.php index 75be78824..be86cef80 100644 --- a/owa_lib.php +++ b/owa_lib.php @@ -485,12 +485,11 @@ public static function fileInclusionFilter($str) { * @param string $class_dir * @param string $class_prefix * @param string $class_name - * @param array $conf + * @param array $constructorArguments * @return object */ - public static function factory($class_dir, $class_prefix, $class_name, $conf = array(), $class_suffix = '') { + public static function factory($class_dir, $class_prefix, $class_name, $constructorArguments = array(), $class_suffix = '') { - //$class_dir = strtolower($class_dir).'/'; $class_dir = $class_dir.'/'; $classfile = $class_dir . $class_name . '.php'; $class = $class_prefix . $class_name . $class_suffix; @@ -500,22 +499,17 @@ public static function factory($class_dir, $class_prefix, $class_name, $conf = a * a failure as fatal. The caller may have already included their own * version of the named class. */ - if (!class_exists($class)) { - - if (file_exists($classfile)) { - require_once ($classfile); + if (!class_exists($class)) { + if (!file_exists($classfile)) { + throw new Exception('Class File '.$classfile.' not existend!'); } - + require_once ($classfile); } - /* If the class exists, return a new instance of it. */ - if (class_exists($class)) { - $obj = new $class($conf); - return $obj; + if (!class_exists($class)) { + throw new Exception('Class '.$class.' not existend!'); } - - $null = null; - return $null; + return new $class($constructorArguments); } /** diff --git a/owa_module.php b/owa_module.php index 587dcf725..8aba0a1a6 100644 --- a/owa_module.php +++ b/owa_module.php @@ -28,7 +28,7 @@ * @since owa 1.0.0 */ -class owa_module extends owa_base { +abstract class owa_module extends owa_base { /** * Name of module @@ -385,24 +385,50 @@ function addAdminPanel($panel) { /** * Registers Group Link with a particular View - * + * @DEPRICATED - use addNavigationSubGroup and addNavigationLinkInSubGroup */ function addNavigationLink($group, $subgroup = '', $ref, $anchortext, $order = 0, $priviledge = 'viewer') { - - $link = array('ref' => $ref, - 'anchortext' => $anchortext, - 'order' => $order, - 'priviledge' => $priviledge); if (!empty($subgroup)): - $this->nav_links[$group][$subgroup]['subgroup'][] = $link; + $this->addNavigationLinkInSubGroup($subgroup,$ref, $anchortext, $order = 0, $priviledge = 'viewer',$group); else: - $this->nav_links[$group][$anchortext] = $link; + $this->addNavigationSubGroup($anchortext,$ref, $anchortext, $order = 0, $priviledge = 'viewer',$group); endif; return; } + /** + * Adds a new Subgroup in the navigation + * + * @param string $subgroupName + * @param string $ref + * @param string $anchortext + * @param integer $order + * @param string $priviledge + * @param string $groupName + */ + public function addNavigationSubGroup($subgroupName, $ref, $anchortext, $order = 0, $priviledge = owa_coreAPI::OWA_ROLE_VIEWER, $groupName = 'Reports') { + $this->nav_links[$groupName][$subgroupName] = $this->getLinkStruct($ref, $anchortext, $order,$priviledge); + } + + /** + * Adds a new Link to an existing Subgroup in the navigation + * + * @param string $subgroupName + * @param string $ref + * @param string $anchortext + * @param integer $order + * @param string $priviledge + * @param string $groupName + */ + public function addNavigationLinkInSubGroup($subgroupName, $ref, $anchortext, $order = 0, $priviledge = owa_coreAPI::OWA_ROLE_VIEWER, $groupName = 'Reports') { + if (!isset($this->nav_links[$groupName][$subgroupName]) || !is_array($this->nav_links[$groupName][$subgroupName])) { + throw new Exception('Subgroup "'.$subgroupName.'" is not existend - add Subgroup first with addNavigationSubGroup '); + } + $this->nav_links[$groupName][$subgroupName]['subgroup'][] = $this->getLinkStruct($ref, $anchortext, $order,$priviledge); + } + /** * Abstract method for registering a module's entities * @@ -883,6 +909,21 @@ function registerBackgroundJobs() { return false; } + /** + * Retuns internal struct array used for saving link infos + * @param string $ref + * @param string $anchortext + * @param integer $order + * @param string $priviledge + * @return array + */ + private function getLinkStruct($ref,$anchortext,$order,$priviledge) { + return array('ref' => $ref, + 'anchortext' => $anchortext, + 'order' => $order, + 'priviledge' => $priviledge); + } + } ?> \ No newline at end of file diff --git a/owa_reportController.php b/owa_reportController.php index 67e577657..c8370a19a 100644 --- a/owa_reportController.php +++ b/owa_reportController.php @@ -39,32 +39,22 @@ class owa_reportController extends owa_adminController { * @param array $params * @return */ - function __construct($params) { - + function __construct($params) { $this->setControllerType('report'); $this->_setCapability('view_reports'); return parent::__construct($params); } + + /** * pre action * */ function pre() { - // site lists - $sites = owa_coreAPI::getSitesList(); - $this->set('sites', $sites); - // set default siteId if none exists on request - $site_id = $this->getParam('siteId'); - if ( ! $site_id ) { - $site_id = $this->getParam('site_id'); - } - if ( ! $site_id ) { - $site_id = $sites[0]['site_id']; - } - $this->setParam('siteId', $site_id); - + $this->set('sites', $this->getAllowedSitesForCurrentUserAndControllerCap()); + $this->setParam('siteId', $this->getCurrentSiteId()); // pass full set of params to view $this->data['params'] = $this->params;