acl_upgrade.php

   1 <?php
   2 // This program is free software; you can redistribute it and/or
   3 // modify it under the terms of the GNU General Public License
   4 // as published by the Free Software Foundation; either version 2
   5 // of the License, or (at your option) any later version.
   6 //
   7 // This script will update the phpGACL database, which include
   8 // Access Control Objects(ACO), Groups(ARO), and Access Control
   9 // Lists(ACL) to the most recent version.
  10 // It will display whether each update already exist
  11 // or if it was updated succesfully.
  12 //
  13 // Updates included:
  14 //   2.8.2
  15 //     Section "sensitivities" (Sensitivities):
  16 //       ADD  normal   Normal              (Administrators, Physicians, Clinicians(addonly))
  17 //       ADD  high     High                (Administrators, Physicians)
  18 //     Section "admin"         (Administration):
  19 //       ADD  super    Superuser           (Adminstrators)
  20 //   2.8.4
  21 //     Section "admin"         (Administration):
  22 //       ADD  drugs    Pharmacy Dispensary (Administrators, Physicians, Clinicians(write))
  23 //       ADD  acl      ACL Administration (Administrators)
  24 //     Section "sensitivities" (Sensitivities):
  25 //       EDIT high     High               (ensure the order variable is '20')
  26 //     Section "acct"          (Accounting):
  27 //       ADD  disc     Price Discounting (Administrators, Physicians, Accounting(write))
  28
  29
  30 //Ensure that phpGACL has been installed
  31 include_once('library/acl.inc');
  32 if (isset ($phpgacl_location)) {
  33         include_once("$phpgacl_location/gacl_api.class.php");
  34         $gacl = new gacl_api();
  35 }
  36 else {
  37         die("You must first set up library/acl.inc to use phpGACL!");
  38 }
  39
  40
  41 //Collect the ACL ID numbers.
  42 echo "<B>Checking to ensure all the proper ACL(access control list) are present:</B></BR>";
  43 //Get Administrator ACL ID number
  44 $admin_write = getAclIdNumber('Administrators', 'write');
  45 //Get Doctor ACL ID Number
  46 $doc_write = getAclIdNumber('Physicians', 'write');
  47 //Get Clinician ACL with write access ID number
  48 $clin_write = getAclIdNumber('Clinicians', 'write');
  49 //Get Clinician ACL with addonly access ID number
  50 $clin_addonly = getAclIdNumber('Clinicians', 'addonly');
  51 //Get Receptionist ACL ID number
  52 $front_write = getAclIdNumber('Front Office', 'write');
  53 //Get Accountant ACL ID number
  54 $back_write = getAclIdNumber('Accounting', 'write');
  55
  56
  57 //Add new object Sections
  58 echo "<BR/><B>Adding new object sections</B><BR/>";
  59 //Add 'Sensitivities' object section (added in 2.8.2)
  60 addObjectSectionAcl('sensitivities', 'Sensitivities');
  61
  62
  63 //Add new Objects
  64 echo "<BR/><B>Adding new objects</B><BR/>";
  65 //Add 'Normal' sensitivity object, order variable is default 10 (added in 2.8.2)
  66 addObjectAcl('sensitivities', 'Sensitivities', 'normal', 'Normal');
  67 //Add 'High' sensitivity object, order variable is set to 20 (added in 2.8.2)
  68 addObjectAclWithOrder('sensitivities', 'Sensitivities', 'high', 'High', 20);
  69 //Add 'Pharmacy Dispensary' object (added in 2.8.4)
  70 addObjectAcl('admin', 'Administration', 'drugs', 'Pharmacy Dispensary');
  71 //Add 'ACL Administration' object (added in 2.8.4)
  72 addObjectAcl('admin', 'Administration', 'acl', 'ACL Administration');
  73 //Add 'Price Discounting' object (added in 2.8.4)
  74 addObjectAcl('acct', 'Accounting', 'disc', 'Price Discounting');
  75
  76
  77 //Update already existing Objects
  78 echo "<BR/><B>Upgrading objects</B><BR/>";
  79 //Ensure that 'High' sensitivity object order variable is set to 20
  80 editObjectAcl('sensitivities', 'Sensitivities', 'high', 'High', 20);
  81
  82
  83 //Add new User Defined Groups (ARO) here
  84 //(placemarker, since no new user defined groups since 2.8.1 have been added)
  85
  86
  87 //Update the ACLs
  88 echo "<BR/><B>Updating the ACLs(Access Control Lists)</B><BR/>";
  89 //Insert the 'super' object from the 'admin' section into the Administrators group write ACL (added in 2.8.2)
  90 updateAcl($admin_write, 'Administrators', 'admin', 'Administration', 'super', 'Superuser', 'write');
  91 //Insert the 'high' object from the 'sensitivities' section into the Administrators group write ACL (added in 2.8.2)
  92 updateAcl($admin_write, 'Administrators', 'sensitivities', 'Sensitivities', 'high', 'High', 'write');
  93 //Insert the 'normal' object from the 'sensitivities' section into the Administrators group write ACL (added in 2.8.2)
  94 updateAcl($admin_write, 'Administrators', 'sensitivities', 'Sensitivities', 'normal', 'Normal', 'write');
  95 //Insert the 'high' object from the 'sensitivities' section into the Physicians group write ACL (added in 2.8.2)
  96 updateAcl($doc_write, 'Physicians', 'sensitivities', 'Sensitivities', 'high', 'High', 'write');
  97 //Insert the 'normal' object from the 'sensitivities' section into the Physicians group write ACL (added in 2.8.2)
  98 updateAcl($doc_write, 'Physicians', 'sensitivities', 'Sensitivities', 'normal', 'Normal', 'write');
  99 //Insert the 'normal' object from the 'sensitivities' section into the Clinicians group  addonly ACL (added in 2.8.2)
 100 updateAcl($clin_addonly, 'Clinicians', 'sensitivities', 'Sensitivities', 'normal', 'Normal', 'addonly');
 101 //Insert the 'drugs' object from the 'admin' section into the Administrators group write ACL (added in 2.8.4)
 102 updateAcl($admin_write, 'Administrators', 'admin', 'Administration', 'drugs', 'Pharmacy Dispensary', 'write');
 103 //Insert the 'drugs' object from the 'admin' section into the Physicians group write ACL (added in 2.8.4)
 104 updateAcl($doc_write, 'Physicians', 'admin', 'Administration', 'drugs', 'Pharmacy Dispensary', 'write');
 105 //Insert the 'drugs' object from the 'admin' section into the Clinicians group write ACL (added in 2.8.4)
 106 updateAcl($clin_write, 'Clinicians', 'admin', 'Administration', 'drugs', 'Pharmacy Dispensary', 'write');
 107 //Insert the 'acl' object from the 'admin' section into the Administrators group write ACL (added in 2.8.4)
 108 updateAcl($admin_write, 'Administrators', 'admin', 'Administration', 'acl', 'ACL Administration', 'write');
 109 //Insert the 'disc' object from the 'acct' section into the Administrators group write ACL (added in 2.8.4)
 110 updateAcl($admin_write, 'Administrators', 'acct', 'Accounting', 'disc', 'Price Discounting', 'write');
 111 //Insert the 'disc' object from the 'acct' section into the Accounting group write ACL (added in 2.8.4)
 112 updateAcl($back_write, 'Accounting', 'acct', 'Accounting', 'disc', 'Price Discounting', 'write');
 113 //Insert the 'disc' object from the 'acct' section into the Physicians group write ACL (added in 2.8.4)
 114 updateAcl($doc_write, 'Physicians', 'acct', 'Accounting', 'disc', 'Price Discounting', 'write');
 115
 116
 117 //Function will return an array that contains the ACL ID number.
 118 //It will also check to ensure the ACL exist and is not duplicated.
 119 //  $title = Title(string) of group.
 120 //  $return_value = What the acl returns (string), usually 'write' or 'addonly'
 121 function getAclIdNumber($title, $return_value) {
 122         global $gacl;
 123         $temp_acl_id_array  = $gacl->search_acl(FALSE, FALSE, FALSE, FALSE, $title, FALSE, FALSE, FALSE, $return_value);
 124         switch (count($temp_acl_id_array)) {
 125                 case 0:
 126                         echo "<B>ERROR</B>, '$title' group '$return_value' ACL does not exist.</BR>";
 127                         break;
 128                 case 1:
 129                         echo "'$title' group '$return_value' ACL is present.</BR>";
 130                         break;
 131                 default:
 132                         echo "<B>ERROR</B>, Multiple '$title' group '$return_value' ACLs are present.</BR>";
 133                         break;
 134         }
 135         return $temp_acl_id_array;
 136 }
 137
 138
 139 //Function to add a group.
 140 //This is just a placeholder function at this point, since have not added another group yet.
 141 //  $name = Identifier(string) of group
 142 //  $title = Title(string) of group
 143 function addGroupAcl($name, $title) {
 144         global $gacl;
 145 //if add a group, then will need to add logic here
 146         return;
 147 }
 148
 149
 150 //Function to add an object section.
 151 //It will check to ensure the object section doesn't already exist.
 152 //  $name = Identifier(string) of section
 153 //  $title = Title(string) of object
 154 function addObjectSectionAcl($name, $title) {
 155         global $gacl;
 156         if ($gacl->get_object_section_section_id($title, $name, 'ACO')) {
 157                 echo "The '$title' object section already exist.</BR>";
 158         }
 159         else {
 160                 $tmp_boolean = $gacl->add_object_section($title , $name, 10, 0, 'ACO');
 161                 if ($tmp_boolean) {
 162                         echo "The '$title' object section has been successfully added.</BR>";
 163                 }
 164                 else {
 165                         echo "<B>ERROR</B>,unable to create the '$title' object section.</BR>";
 166                 }
 167         }
 168         return;
 169 }
 170
 171
 172 //Function to add an object.
 173 //It will check to ensure the object doesn't already exist.
 174 //  $section_name = Identifier(string) of section
 175 //  $section_title = Title(string) of section
 176 //  $object_name = Identifier(string) of object
 177 //  $object_title = Title(string) of object
 178 function addObjectAcl($section_name, $section_title, $object_name, $object_title) {
 179         global $gacl;
 180         if ($gacl->get_object_id($section_name, $object_name, 'ACO')) {
 181                 echo "The '$object_title' object in the '$section_title' section already exist.</BR>";
 182         }
 183         else {
 184                 $tmp_boolean = $gacl->add_object($section_name, $object_title, $object_name, 10, 0, 'ACO');
 185                 if ($tmp_boolean) {
 186                         echo "The '$object_title' object in the '$section_title' section has been successfully added.</BR>";
 187                 }
 188                 else {
 189                         echo "<B>ERROR</B>,unable to create the '$object_title' object in the '$section_title' section.</BR>";
 190                 }
 191         }
 192         return;
 193 }
 194
 195
 196 //Function to add an object and set the 'order' variable.
 197 //It will check to ensure the object doesn't already exist.
 198 //  $section_name = Identifier(string) of section
 199 //  $section_title = Title(string) of section
 200 //  $object_name = Identifier(string) of object
 201 //  $object_title = Title(string) of object
 202 //  $order_number = number to determine order in list. used in sensitivities to order the choices
 203 //                  in openemr
 204 function addObjectAclWithOrder($section_name, $section_title, $object_name, $object_title, $order_number) {
 205         global $gacl;
 206         if ($gacl->get_object_id($section_name, $object_name, 'ACO')) {
 207                 echo "The '$object_title' object in the '$section_title' section already exist.</BR>";
 208         }
 209         else {
 210                 $tmp_boolean = $gacl->add_object($section_name, $object_title, $object_name, $order_number, 0, 'ACO');
 211                 if ($tmp_boolean) {
 212                         echo "The '$object_title' object in the '$section_title' section has been successfully added.</BR>";
 213                 }
 214                 else {
 215                         echo "<B>ERROR</B>,unable to create the '$object_title' object in the '$section_title' section.</BR>";
 216                 }
 217         }
 218         return;
 219 }
 220
 221
 222 //Function to edit an object and set the 'order' variable.
 223 //It will check to ensure the object already exist, and hasn't been upgraded yet.
 224 //  $section_name = Identifier(string) of section
 225 //  $section_title = Title(string) of section
 226 //  $object_name = Identifier(string) of object
 227 //  $object_title = Title(string) of object
 228 //  $order_number = number to determine order in list. used in sensitivities to order the choices
 229 //                  in openemr
 230 function editObjectAcl($section_name, $section_title, $object_name, $object_title, $order_number) {
 231         global $gacl;
 232         $tmp_objectID = $gacl->get_object_id($section_name, $object_name, 'ACO');
 233         if ($tmp_objectID) {
 234                 $tmp_object = $gacl->get_object_data($tmp_objectID, 'ACO');
 235                 if ($tmp_object[0][2] ==  $order_number &&
 236                     $tmp_object[0][0] ==  $section_name &&
 237                     $tmp_object[0][1] ==  $object_name &&
 238                     $tmp_object[0][3] ==  $object_title) {
 239                         echo "The '$object_title' object in the '$section_title' section has already been updated.</BR>";
 240                 }
 241                 else {
 242                         $tmp_boolean = $gacl->edit_object($tmp_objectID, $section_name, $object_title, $object_name, $order_number, 0, 'ACO');
 243                         if ($tmp_boolean) {
 244                                 echo "The '$object_title' object in the '$section_title' section has been successfully updated.</BR>";
 245                         }
 246                         else {
 247                                 echo "<B>ERROR</B>,unable to update the '$object_title' object in the '$section_title' section.</BR>";
 248                         }
 249                 }
 250         }
 251         else {
 252                 echo "<B>ERROR</B>, the '$object_title' object in the '$section_title' section does not exist.</BR>";
 253         }
 254         return;
 255 }
 256
 257
 258 //Update the ACL
 259 //It will check to ensure the ACL hasn't already been updated.
 260 //  $array_acl_id_number = array containing hopefully one element, which is an integer, and is identifier of acl to be updated.
 261 //  $group_title = Title(string) of group.
 262 //  $object_section_name = Identifier(string) of section
 263 //  $object_section_title = Title(string) of section
 264 //  $object_name = Identifier(string) of object
 265 //  $object_title = Title(string) of object
 266 //  $acl_return_value = What the acl returns (string), usually 'write' or 'addonly'
 267 function updateAcl($array_acl_id_number, $group_title, $section_name, $section_title, $object_name, $object_title, $return_value) {
 268         global $gacl;
 269         $tmp_array = $gacl->search_acl($section_name, $object_name, FALSE, FALSE, $group_title, FALSE, FALSE, FALSE, $return_value);
 270         switch (count($tmp_array)) {
 271                 case 0:
 272                         $tmp_boolean = @$gacl->append_acl($array_acl_id_number[0], NULL, NULL, NULL, NULL, array($section_name=>array($object_name)));
 273                         if ($tmp_boolean){
 274                                 echo "Successfully placed the '$object_title' object of the '$section_title' section into the '$group_title' group '$return_value' ACL.</BR>";
 275                         }
 276                         else {
 277                                 echo "<B>ERROR</B>,unable to place the '$object_title' object of the '$section_title' section into the '$group_title' group '$return_value' ACL.</BR>";
 278                         }
 279                         break;
 280                 case 1:
 281                         echo "The '$object_title' object of the '$section_title' section is already found in the '$group_title' group '$return_value' ACL.</BR>";
 282                         break;
 283                 default:
 284                         echo "<B>ERROR</B>, Multiple '$group_title' group '$return_value' ACLs with the '$object_title' object of the '$section_title' section are present.</BR>";
 285                         break;
 286         }
 287         return;
 288 }
 289
 290 //All done
 291 echo "</BR><B>ALL DONE</B>";
 292
 293 ?>