search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix for web site change courtesy of info from whimmel.
[openemr.git] / acl_upgrade.php
blob35e89818c3adfd8cea2176bf01390291d467ee26
1 <?php
2 // This program is free software; you can redistribute it and/or
3 // modify it under the terms of the GNU General Public License
4 // as published by the Free Software Foundation; either version 2
5 // of the License, or (at your option) any later version.
6 //
7 // This script will update the phpGACL database, which include
8 // Access Control Objects(ACO), Groups(ARO), and Access Control
9 // Lists(ACL) to the most recent version.
10 // It will display whether each update already exist
11 // or if it was updated succesfully.
12 //
13 // Updates included:
14 // 2.8.2
15 // Section "sensitivities" (Sensitivities):
16 // ADD normal Normal (Administrators, Physicians, Clinicians(addonly))
17 // ADD high High (Administrators, Physicians)
18 // Section "admin" (Administration):
19 // ADD super Superuser (Adminstrators)
20 // 2.8.4
21 // Section "admin" (Administration):
22 // ADD drugs Pharmacy Dispensary (Administrators, Physicians, Clinicians(write))
23 // ADD acl ACL Administration (Administrators)
24 // Section "sensitivities" (Sensitivities):
25 // EDIT high High (ensure the order variable is '20')
26 // Section "acct" (Accounting):
27 // ADD disc Price Discounting (Administrators, Physicians, Accounting(write))
28 // 3.0.2
29 // ADD Section "lists" (Lists):
30 // ADD default Default List (write,addonly optional) (Administrators)
31 // ADD state State List (write,addonly optional) (Administrators)
32 // ADD country Country List (write,addonly optional) (Administrators)
33 // ADD language Language List (write,addonly optional) (Administrators)
34 // ADD ethrace Ethnicity-Race List (write,addonly optional) (Administrators)
35 // ADD Section "placeholder" (Placeholder):
36 // ADD filler Placeholder (Maintains empty ACLs)
37
38 //Ensure that phpGACL has been installed
39 include_once('library/acl.inc');
40 if (isset ($phpgacl_location)) {
41 include_once("$phpgacl_location/gacl_api.class.php");
42 $gacl = new gacl_api();
43 }
44 else {
45 die("You must first set up library/acl.inc to use phpGACL!");
46 }
47
48
49 //Collect the ACL ID numbers.
50 echo "<B>Checking to ensure all the proper ACL(access control list) are present:</B></BR>";
51 //Get Administrator ACL ID number
52 $admin_write = getAclIdNumber('Administrators', 'write');
53 //Get Doctor ACL ID Number
54 $doc_write = getAclIdNumber('Physicians', 'write');
55 //Get Clinician ACL with write access ID number
56 $clin_write = getAclIdNumber('Clinicians', 'write');
57 //Get Clinician ACL with addonly access ID number
58 $clin_addonly = getAclIdNumber('Clinicians', 'addonly');
59 //Get Receptionist ACL ID number
60 $front_write = getAclIdNumber('Front Office', 'write');
61 //Get Accountant ACL ID number
62 $back_write = getAclIdNumber('Accounting', 'write');
63
64 //Add new object Sections
65 echo "<BR/><B>Adding new object sections</B><BR/>";
66 //Add 'Sensitivities' object section (added in 2.8.2)
67 addObjectSectionAcl('sensitivities', 'Sensitivities');
68 //Add 'Lists' object section (added in 3.0.2)
69 addObjectSectionAcl('lists', 'Lists');
70 //Add 'Placeholder' object section (added in 3.0.2)
71 addObjectSectionAcl('placeholder', 'Placeholder');
72
73 //Add new Objects
74 echo "<BR/><B>Adding new objects</B><BR/>";
75 //Add 'Normal' sensitivity object, order variable is default 10 (added in 2.8.2)
76 addObjectAcl('sensitivities', 'Sensitivities', 'normal', 'Normal');
77 //Add 'High' sensitivity object, order variable is set to 20 (added in 2.8.2)
78 addObjectAclWithOrder('sensitivities', 'Sensitivities', 'high', 'High', 20);
79 //Add 'Pharmacy Dispensary' object (added in 2.8.4)
80 addObjectAcl('admin', 'Administration', 'drugs', 'Pharmacy Dispensary');
81 //Add 'ACL Administration' object (added in 2.8.4)
82 addObjectAcl('admin', 'Administration', 'acl', 'ACL Administration');
83 //Add 'Price Discounting' object (added in 2.8.4)
84 addObjectAcl('acct', 'Accounting', 'disc', 'Price Discounting');
85 //Add 'Default List (write,addonly optional)' object (added in 3.0.2)
86 addObjectAcl('lists', 'Lists', 'default', 'Default List (write,addonly optional)');
87 //Add 'State List (write,addonly optional)' object (added in 3.0.2)
88 addObjectAcl('lists', 'Lists', 'state', 'State List (write,addonly optional)');
89 //Add 'Country List (write,addonly optional)' object (added in 3.0.2)
90 addObjectAcl('lists', 'Lists', 'country', 'Country List (write,addonly optional)');
91 //Add 'Language List (write,addonly optional)' object (added in 3.0.2)
92 addObjectAcl('lists', 'Lists', 'language', 'Language List (write,addonly optional)');
93 //Add 'Ethnicity-Race List (write,addonly optional)' object (added in 3.0.2)
94 addObjectAcl('lists', 'Lists', 'ethrace', 'Ethnicity-Race List (write,addonly optional)');
95 //Add 'Placeholder (Maintains empty ACLs)' object (added in 3.0.2)
96 addObjectAcl('placeholder', 'Placeholder', 'filler', 'Placeholder (Maintains empty ACLs)');
97
98 //Update already existing Objects
99 echo "<BR/><B>Upgrading objects</B><BR/>";
100 //Ensure that 'High' sensitivity object order variable is set to 20
101 editObjectAcl('sensitivities', 'Sensitivities', 'high', 'High', 20);
102
103 //Add new ACLs here (will return the ACL ID of newly created or already existant ACL)
104 // (will also place in the appropriate group and CREATE a new group if needed)
105 echo "<BR/><B>Adding ACLs(Access Control Lists) and groups</B><BR/>";
106 //Add 'Physicians' ACL with 'addonly' and collect the ID number (added in 3.0.2)
107 $doc_addonly = addNewACL('Physicians', 'doc', 'addonly', 'Things that physicians can read and enter but not modify');
108 //Add 'Front Office' ACL with 'addonly' and collect the ID number (added in 3.0.2)
109 $front_addonly = addNewACL('Front Office', 'front', 'addonly', 'Things that front office can read and enter but not modify');
110 //Add 'Accounting' ACL with 'addonly' and collect the ID number (added in 3.0.2)
111 $back_addonly = addNewACL('Accounting', 'back', 'addonly', 'Things that back office can read and enter but not modify');
112
113 //Update the ACLs
114 echo "<BR/><B>Updating the ACLs(Access Control Lists)</B><BR/>";
115 //Insert the 'super' object from the 'admin' section into the Administrators group write ACL (added in 2.8.2)
116 updateAcl($admin_write, 'Administrators', 'admin', 'Administration', 'super', 'Superuser', 'write');
117 //Insert the 'high' object from the 'sensitivities' section into the Administrators group write ACL (added in 2.8.2)
118 updateAcl($admin_write, 'Administrators', 'sensitivities', 'Sensitivities', 'high', 'High', 'write');
119 //Insert the 'normal' object from the 'sensitivities' section into the Administrators group write ACL (added in 2.8.2)
120 updateAcl($admin_write, 'Administrators', 'sensitivities', 'Sensitivities', 'normal', 'Normal', 'write');
121 //Insert the 'high' object from the 'sensitivities' section into the Physicians group write ACL (added in 2.8.2)
122 updateAcl($doc_write, 'Physicians', 'sensitivities', 'Sensitivities', 'high', 'High', 'write');
123 //Insert the 'normal' object from the 'sensitivities' section into the Physicians group write ACL (added in 2.8.2)
124 updateAcl($doc_write, 'Physicians', 'sensitivities', 'Sensitivities', 'normal', 'Normal', 'write');
125 //Insert the 'normal' object from the 'sensitivities' section into the Clinicians group addonly ACL (added in 2.8.2)
126 updateAcl($clin_addonly, 'Clinicians', 'sensitivities', 'Sensitivities', 'normal', 'Normal', 'addonly');
127 //Insert the 'drugs' object from the 'admin' section into the Administrators group write ACL (added in 2.8.4)
128 updateAcl($admin_write, 'Administrators', 'admin', 'Administration', 'drugs', 'Pharmacy Dispensary', 'write');
129 //Insert the 'drugs' object from the 'admin' section into the Physicians group write ACL (added in 2.8.4)
130 updateAcl($doc_write, 'Physicians', 'admin', 'Administration', 'drugs', 'Pharmacy Dispensary', 'write');
131 //Insert the 'drugs' object from the 'admin' section into the Clinicians group write ACL (added in 2.8.4)
132 updateAcl($clin_write, 'Clinicians', 'admin', 'Administration', 'drugs', 'Pharmacy Dispensary', 'write');
133 //Insert the 'acl' object from the 'admin' section into the Administrators group write ACL (added in 2.8.4)
134 updateAcl($admin_write, 'Administrators', 'admin', 'Administration', 'acl', 'ACL Administration', 'write');
135 //Insert the 'disc' object from the 'acct' section into the Administrators group write ACL (added in 2.8.4)
136 updateAcl($admin_write, 'Administrators', 'acct', 'Accounting', 'disc', 'Price Discounting', 'write');
137 //Insert the 'disc' object from the 'acct' section into the Accounting group write ACL (added in 2.8.4)
138 updateAcl($back_write, 'Accounting', 'acct', 'Accounting', 'disc', 'Price Discounting', 'write');
139 //Insert the 'disc' object from the 'acct' section into the Physicians group write ACL (added in 2.8.4)
140 updateAcl($doc_write, 'Physicians', 'acct', 'Accounting', 'disc', 'Price Discounting', 'write');
141 //Insert the 'default' object from the 'lists' section into the Administrators group write ACL (added in 3.0.2)
142 updateAcl($admin_write, 'Administrators', 'lists', 'Lists', 'default', 'Default List (write,addonly optional)', 'write');
143 //Insert the 'state' object from the 'lists' section into the Administrators group write ACL (added in 3.0.2)
144 updateAcl($admin_write, 'Administrators', 'lists', 'Lists', 'state', 'State List (write,addonly optional)', 'write');
145 //Insert the 'country' object from the 'lists' section into the Administrators group write ACL (added in 3.0.2)
146 updateAcl($admin_write, 'Administrators', 'lists', 'Lists', 'country', 'Country List (write,addonly optional)', 'write');
147 //Insert the 'language' object from the 'lists' section into the Administrators group write ACL (added in 3.0.2)
148 updateAcl($admin_write, 'Administrators', 'lists', 'Lists', 'language', 'Language List (write,addonly optional)', 'write');
149 //Insert the 'race' object from the 'lists' section into the Administrators group write ACL (added in 3.0.2)
150 updateAcl($admin_write, 'Administrators', 'lists', 'Lists', 'ethrace', 'Ethnicity-Race List (write,addonly optional)', 'write');
151
152
153 //Function will return an array that contains the ACL ID number.
154 //It will also check to ensure the ACL exist and is not duplicated.
155 // $title = Title(string) of group.
156 // $return_value = What the acl returns (string), usually 'write' or 'addonly'
157 function getAclIdNumber($title, $return_value) {
158 global $gacl;
159 $temp_acl_id_array = $gacl->search_acl(FALSE, FALSE, FALSE, FALSE, $title, FALSE, FALSE, FALSE, $return_value);
160 switch (count($temp_acl_id_array)) {
161 case 0:
162 echo "<B>ERROR</B>, '$title' group '$return_value' ACL does not exist.</BR>";
163 break;
164 case 1:
165 echo "'$title' group '$return_value' ACL is present.</BR>";
166 break;
167 default:
168 echo "<B>ERROR</B>, Multiple '$title' group '$return_value' ACLs are present.</BR>";
169 break;
170 }
171 return $temp_acl_id_array;
172 }
173
174
175 //Function will add an ACL (if doesn't already exist).
176 //It will also place the acl in the group, or will CREATE a new group.
177 //It will return the ID number of the acl (created or old)
178 // $title = Title(string) of group.
179 // $name = name of acl (string)
180 // $return_value = What the acl returns (string), usually 'write' or 'addonly'
181 // $note = description of acl (array)
182 function addNewACL($title, $name, $return_value, $note) {
183 global $gacl;
184 $temp_acl_id_array = $gacl->search_acl(FALSE, FALSE, FALSE, FALSE, $title, FALSE, FALSE, FALSE, $return_value);
185 switch (count($temp_acl_id_array)) {
186 case 0:
187 $group_id = $gacl->get_group_id($name, $title, 'ARO');
188 if ($group_id) {
189 //group already exist, so just create acl
190 $temp_acl_id = $gacl->add_acl(array("placeholder"=>array("filler")), NULL, array($group_id), NULL, NULL, 1, 1, $return_value, $note);
191 if ($temp_acl_id) {
192 echo "The '$title' group already exist.</BR>";
193 echo "The '$title' group '$return_value' ACL has been successfully added.</BR>";
194 $temp_acl_id_array = array($temp_acl_id);
195 }
196 else {
197 echo "The '$title' group already exist.</BR>";
198 echo "<B>ERROR</B>, Unable to create the '$title' group '$return_value' ACL.</BR>";
199 }
200 }
201 else {
202 //create group, then create acl
203 $parent_id = $gacl->get_root_group_id();
204 $aro_id = $gacl->add_group($name, $title, $parent_id, 'ARO');
205 $temp_acl_id = $gacl->add_acl(array("placeholder"=>array("filler")), NULL, array($aro_id), NULL, NULL, 1, 1, $return_value, $note);
206 if ($aro_id ) {
207 echo "The '$title' group has been successfully added.</BR>";
208 }
209 else {
210 echo "<B>ERROR</B>, Unable to create the '$title' group.</BR>";
211 }
212 if ($temp_acl_id) {
213 echo "The '$title' group '$return_value' ACL has been successfully added.</BR>";
214 $temp_acl_id_array = array($temp_acl_id);
215 }
216 else {
217 echo "<B>ERROR</B>, Unable to create the '$title' group '$return_value' ACL.</BR>";
218 }
219 }
220 break;
221 case 1:
222 echo "'$title' group '$return_value' ACL already exist.</BR>";
223 break;
224
225 default:
226 echo "<B>ERROR</B>, Multiple '$title' group '$return_value' ACLs are present.</BR>";
227 break;
228 }
229 return $temp_acl_id_array;
230 }
231
232
233 //Function to add an object section.
234 //It will check to ensure the object section doesn't already exist.
235 // $name = Identifier(string) of section
236 // $title = Title(string) of object
237 function addObjectSectionAcl($name, $title) {
238 global $gacl;
239 if ($gacl->get_object_section_section_id($title, $name, 'ACO')) {
240 echo "The '$title' object section already exist.</BR>";
241 }
242 else {
243 $tmp_boolean = $gacl->add_object_section($title , $name, 10, 0, 'ACO');
244 if ($tmp_boolean) {
245 echo "The '$title' object section has been successfully added.</BR>";
246 }
247 else {
248 echo "<B>ERROR</B>,unable to create the '$title' object section.</BR>";
249 }
250 }
251 return;
252 }
253
254
255 //Function to add an object.
256 //It will check to ensure the object doesn't already exist.
257 // $section_name = Identifier(string) of section
258 // $section_title = Title(string) of section
259 // $object_name = Identifier(string) of object
260 // $object_title = Title(string) of object
261 function addObjectAcl($section_name, $section_title, $object_name, $object_title) {
262 global $gacl;
263 if ($gacl->get_object_id($section_name, $object_name, 'ACO')) {
264 echo "The '$object_title' object in the '$section_title' section already exist.</BR>";
265 }
266 else {
267 $tmp_boolean = $gacl->add_object($section_name, $object_title, $object_name, 10, 0, 'ACO');
268 if ($tmp_boolean) {
269 echo "The '$object_title' object in the '$section_title' section has been successfully added.</BR>";
270 }
271 else {
272 echo "<B>ERROR</B>,unable to create the '$object_title' object in the '$section_title' section.</BR>";
273 }
274 }
275 return;
276 }
277
278
279 //Function to add an object and set the 'order' variable.
280 //It will check to ensure the object doesn't already exist.
281 // $section_name = Identifier(string) of section
282 // $section_title = Title(string) of section
283 // $object_name = Identifier(string) of object
284 // $object_title = Title(string) of object
285 // $order_number = number to determine order in list. used in sensitivities to order the choices
286 // in openemr
287 function addObjectAclWithOrder($section_name, $section_title, $object_name, $object_title, $order_number) {
288 global $gacl;
289 if ($gacl->get_object_id($section_name, $object_name, 'ACO')) {
290 echo "The '$object_title' object in the '$section_title' section already exist.</BR>";
291 }
292 else {
293 $tmp_boolean = $gacl->add_object($section_name, $object_title, $object_name, $order_number, 0, 'ACO');
294 if ($tmp_boolean) {
295 echo "The '$object_title' object in the '$section_title' section has been successfully added.</BR>";
296 }
297 else {
298 echo "<B>ERROR</B>,unable to create the '$object_title' object in the '$section_title' section.</BR>";
299 }
300 }
301 return;
302 }
303
304
305 //Function to edit an object and set the 'order' variable.
306 //It will check to ensure the object already exist, and hasn't been upgraded yet.
307 // $section_name = Identifier(string) of section
308 // $section_title = Title(string) of section
309 // $object_name = Identifier(string) of object
310 // $object_title = Title(string) of object
311 // $order_number = number to determine order in list. used in sensitivities to order the choices
312 // in openemr
313 function editObjectAcl($section_name, $section_title, $object_name, $object_title, $order_number) {
314 global $gacl;
315 $tmp_objectID = $gacl->get_object_id($section_name, $object_name, 'ACO');
316 if ($tmp_objectID) {
317 $tmp_object = $gacl->get_object_data($tmp_objectID, 'ACO');
318 if ($tmp_object[0][2] == $order_number &&
319 $tmp_object[0][0] == $section_name &&
320 $tmp_object[0][1] == $object_name &&
321 $tmp_object[0][3] == $object_title) {
322 echo "The '$object_title' object in the '$section_title' section has already been updated.</BR>";
323 }
324 else {
325 $tmp_boolean = $gacl->edit_object($tmp_objectID, $section_name, $object_title, $object_name, $order_number, 0, 'ACO');
326 if ($tmp_boolean) {
327 echo "The '$object_title' object in the '$section_title' section has been successfully updated.</BR>";
328 }
329 else {
330 echo "<B>ERROR</B>,unable to update the '$object_title' object in the '$section_title' section.</BR>";
331 }
332 }
333 }
334 else {
335 echo "<B>ERROR</B>, the '$object_title' object in the '$section_title' section does not exist.</BR>";
336 }
337 return;
338 }
339
340
341 //Update the ACL
342 //It will check to ensure the ACL hasn't already been updated.
343 // $array_acl_id_number = array containing hopefully one element, which is an integer, and is identifier of acl to be updated.
344 // $group_title = Title(string) of group.
345 // $object_section_name = Identifier(string) of section
346 // $object_section_title = Title(string) of section
347 // $object_name = Identifier(string) of object
348 // $object_title = Title(string) of object
349 // $acl_return_value = What the acl returns (string), usually 'write' or 'addonly'
350 function updateAcl($array_acl_id_number, $group_title, $section_name, $section_title, $object_name, $object_title, $return_value) {
351 global $gacl;
352 $tmp_array = $gacl->search_acl($section_name, $object_name, FALSE, FALSE, $group_title, FALSE, FALSE, FALSE, $return_value);
353 switch (count($tmp_array)) {
354 case 0:
355 $tmp_boolean = @$gacl->append_acl($array_acl_id_number[0], NULL, NULL, NULL, NULL, array($section_name=>array($object_name)));
356 if ($tmp_boolean){
357 echo "Successfully placed the '$object_title' object of the '$section_title' section into the '$group_title' group '$return_value' ACL.</BR>";
358 }
359 else {
360 echo "<B>ERROR</B>,unable to place the '$object_title' object of the '$section_title' section into the '$group_title' group '$return_value' ACL.</BR>";
361 }
362 break;
363 case 1:
364 echo "The '$object_title' object of the '$section_title' section is already found in the '$group_title' group '$return_value' ACL.</BR>";
365 break;
366 default:
367 echo "<B>ERROR</B>, Multiple '$group_title' group '$return_value' ACLs with the '$object_title' object of the '$section_title' section are present.</BR>";
368 break;
369 }
370 return;
371 }
372
373 //All done
374 echo "</BR><B>ALL DONE</B>";
375
376 ?>
Mirror of official OpenEMR Sourceforge repository