2 // Copyright (C) 2007 Brady Miller <brady@sparmy.com>
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
10 // This file contains functions that service ajax requests for
11 // ACL(php-gacl) administration within OpenEMR. All returns are
14 include_once("../../interface/globals.php");
15 include_once("$srcdir/acl.inc");
17 header("Content-type: text/xml");
18 header("Cache-Control: no-cache");
20 //initiate error array
23 //PENDING, need to clean this up on client side
24 //ensure user has proper access
25 if (!acl_check('admin', 'acl')) {
26 echo error_xml(xl('ACL Administration Not Authorized'));
29 //ensure php is installed
30 if (!isset($phpgacl_location)) {
31 echo error_xml(xl('PHP-gacl is not installed'));
36 //PROCESS USERNAME REQUESTS
37 if ($_POST["control"] == "username") {
38 if ($_POST["action"] == "list") {
39 //return username list with alert if user is not joined to group
40 echo username_listings_xml($error);
45 //PROCESS MEMBERSHIP REQUESTS
46 if ($_POST["control"] == "membership") {
47 if ($_POST["action"] == "list") {
48 //return membership data
49 echo user_group_listings_xml($_POST["name"], $error);
52 if ($_POST["action"] == "add") {
53 if ($_POST["selection"][0] == "null") {
54 //no selection, return soft error, and just return membership data
55 array_push($error, (xl('No group was selected') . "!"));
56 echo user_group_listings_xml($_POST["name"], $error);
59 //add the group, then return updated membership data
60 add_user_aros($_POST["name"], $_POST["selection"]);
61 echo user_group_listings_xml($_POST["name"], $error);
64 if ($_POST["action"] == "remove") {
65 if ($_POST["selection"][0] == "null") {
66 //no selection, return soft error, and just return membership data
67 array_push($error, (xl('No group was selected') . "!"));
68 echo user_group_listings_xml($_POST["name"], $error);
71 if (count(acl_get_group_titles($_POST["name"])) == count($_POST["selection"])) {
72 //trying to remove from all groups, send soft error, and return data
73 array_push($error, (xl('User has to be a member of at least one group') . "!"));
74 echo user_group_listings_xml($_POST["name"], $error);
77 if (($_POST["name"] == "admin") && in_array("Administrators",$_POST["selection"])) {
78 //unable to remove admin user from administrators group, process remove,
79 // send soft error, then return data
80 array_push($error, (xl('Not allowed to remove the admin user from the Administrators group') . "!"));
81 remove_user_aros($_POST["name"], $_POST["selection"]);
82 echo user_group_listings_xml($_POST["name"], $error);
85 //remove the group(s), then return updated membership data
86 remove_user_aros($_POST["name"], $_POST["selection"]);
87 echo user_group_listings_xml($_POST["name"], $error);
92 //PROCESS ACL REQUESTS
93 if ($_POST["control"] == "acl") {
94 if ($_POST["action"] == "list") {
95 //return acl titles with return values
96 echo acl_listings_xml($error);
99 if ($_POST["action"] == "add") {
102 if (empty($_POST["title"])) {
104 array_push($error, ("title_" . xl('Need to enter title') . "!"));
106 else if (!ctype_alpha(str_replace(' ', '', $_POST["title"]))) {
108 array_push($error, ("title_" . xl('Please only use alphabetic characters') . "!"));
110 else if (acl_exist($_POST["title"], FALSE, $_POST["return_value"])) {
112 array_push($error, ("title_" . xl('Already used, choose another title') . "!"));
114 if (empty($_POST["identifier"])) {
116 array_push($error, ("identifier_" . xl('Need to enter identifier') . "!"));
118 else if (!ctype_alpha($_POST["identifier"])) {
120 array_push($error, ("identifier_" . xl('Please only use alphabetic characters with no spaces') . "!"));
122 else if (acl_exist(FALSE, $_POST["identifier"], $_POST["return_value"])) {
124 array_push($error, ("identifier_" . xl('Already used, choose another identifier') . "!"));
126 if (empty($_POST["return_value"])) {
128 array_push($error, ("return_" . xl('Need to enter a Return Value') . "!"));
130 if (empty($_POST["description"])) {
132 array_push($error, ("description_" . xl('Need to enter a description') . "!"));
134 else if (!ctype_alpha(str_replace(' ', '', $_POST["description"]))) {
136 array_push($error, ("description_" . xl('Please only use alphabetic characters') . "!"));
138 //process if data is valid
140 acl_add($_POST["title"], $_POST["identifier"], $_POST["return_value"], $_POST["description"]);
141 echo "<?xml version=\"1.0\"?>\n" .
143 "\t<success>SUCCESS</success>\n" .
146 else { //$form_error = true, so return errors
147 echo error_xml($error);
151 if ($_POST["action"] == "remove") {
154 if ($_POST["title"] == "Administrators") {
156 array_push($error, ("aclTitle_" . xl('Not allowed to delete the Administrators group') . "!"));
158 //process if data is valid
160 acl_remove($_POST["title"], $_POST["return_value"]);
161 echo "<?xml version=\"1.0\"?>\n" .
163 "\t<success>SUCCESS</success>\n" .
166 else { //$form_error = true, so return errors
167 echo error_xml($error);
171 if ($_POST["action"] == "returns") {
172 //simply return all the possible acl return_values
173 echo return_values_xml($error);
178 //PROCESS ACO REQUESTS
179 if ($_POST["control"] == "aco") {
180 if ($_POST["action"] == "list") {
182 echo aco_listings_xml($_POST["name"], $_POST["return_value"], $error);
185 if ($_POST["action"] == "add") {
186 if ($_POST["selection"][0] == "null") {
187 //no selection, return soft error, and just return data
188 array_push($error, (xl('Nothing was selected') . "!"));
189 echo aco_listings_xml($_POST["name"], $_POST["return_value"], $error);
192 //add the aco, then return updated membership data
193 acl_add_acos($_POST["name"], $_POST["return_value"], $_POST["selection"]);
194 echo aco_listings_xml($_POST["name"], $_POST["return_value"], $error);
197 if ($_POST["action"] == "remove") {
198 if ($_POST["selection"][0] == "null") {
199 //no selection, return soft error, and just return data
200 array_push($error, (xl('Nothing was selected') . "!"));
201 echo aco_listings_xml($_POST["name"], $_POST["return_value"], $error);
204 if ($_POST["name"] == "Administrators") {
205 //will not allow removal of acos from Administrators ACL
206 array_push($error, (xl('Not allowed to inactivate anything from the Administrators ACL') . "!"));
207 echo aco_listings_xml($_POST["name"], $_POST["return_value"], $error);
210 if (count($_POST["selection"]) == acl_count_acos($_POST["name"], $_POST["return_value"])) {
211 //will not allow removal of all aco objects
212 array_push($error, (xl('Not allowed to inactivate all security objects') . "!"));
213 echo aco_listings_xml($_POST["name"], $_POST["return_value"], $error);
216 //remove the acos, then return updated data
217 acl_remove_acos($_POST["name"], $_POST["return_value"], $_POST["selection"]);
218 echo aco_listings_xml($_POST["name"], $_POST["return_value"], $error);
224 // Returns username listings via xml message.
225 // It will also include alert if user is not joined
227 // $err = error strings (array)
229 function username_listings_xml($err) {
230 $message = "<?xml version=\"1.0\"?>\n" .
232 $res = sqlStatement("select * from users where username != '' order by username");
233 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
234 $result4[$iter] = $row;
235 foreach ($result4 as $iter) {
236 $message .= "\t<user>\n" .
237 "\t\t<username>" . $iter{"username"} . "</username>\n";
238 $username_acl_groups = acl_get_group_titles($iter{"username"});
239 if (!$username_acl_groups) {
240 //not joined to any group, so send alert
241 $message .= "\t\t<alert>no membership</alert>\n";
243 $message .= "\t</user>\n";
246 foreach ($err as $value) {
247 $message .= "\t<error>" . $value . "</error>\n";
250 $message .= "</response>\n";
255 // Returns user group listings(active and inactive lists)
257 // $username = username
258 // $err = error strings (array)
260 function user_group_listings_xml($username, $err) {
261 $list_acl_groups = acl_get_group_title_list();
262 $username_acl_groups = acl_get_group_titles($username);
264 $message = "<?xml version=\"1.0\"?>\n" .
267 foreach ($list_acl_groups as $value) {
268 if (!in_array($value, $username_acl_groups)) {
269 $message .= "\t\t<group>" . $value . "</group>\n";
272 $message .= "\t</inactive>\n" .
274 foreach ($username_acl_groups as $value) {
275 $message .= "\t\t<group>" . $value . "</group>\n";
277 $message .= "\t</active>\n";
279 foreach ($err as $value) {
280 $message .= "\t<error>" . $value . "</error>\n";
283 $message .= "</response>\n";
288 // Returns acl listings(including return value) via xml message.
289 // $err = error strings (array)
291 function acl_listings_xml($err) {
292 global $phpgacl_location;
293 include_once("$phpgacl_location/gacl_api.class.php");
294 $gacl = new gacl_api();
296 $message = "<?xml version=\"1.0\"?>\n" .
298 foreach (acl_get_group_title_list() as $value) {
299 $acl_id = $gacl->search_acl(FALSE, FALSE, FALSE, FALSE, $value, FALSE, FALSE, FALSE, FALSE);
300 foreach ($acl_id as $value2) {
301 $acl = $gacl->get_acl($value2);
302 $ret = $acl["return_value"];
303 $note = $acl["note"];
304 $message .= "\t<acl>\n" .
305 "\t\t<title>" . $value . "</title>\n" .
306 "\t\t<return>" . $ret . "</return>\n" .
307 "\t\t<note>" . $note . "</note>\n" .
312 foreach ($err as $value) {
313 $message .= "\t<error>" . $value . "</error>\n";
316 $message .= "</response>\n";
321 // Return aco listings by sections(active and inactive lists)
323 // $group = group title (string)
324 // $return_value = return value (string)
325 // $err = error strings (array)
327 function aco_listings_xml($group, $return_value, $err) {
328 global $phpgacl_location;
329 include_once("$phpgacl_location/gacl_api.class.php");
330 $gacl = new gacl_api();
332 //collect and sort all aco objects
333 $list_aco_objects = $gacl->get_objects(NULL, 0, 'ACO');
334 foreach ($list_aco_objects as $key => $value) {
335 asort($list_aco_objects[$key]);
338 //collect aco objects within the specified acl(already sorted)
339 $acl_id = $gacl->search_acl(FALSE, FALSE, FALSE, FALSE, $group, FALSE, FALSE, FALSE, $return_value);
340 $acl = $gacl->get_acl($acl_id[0]);
341 $active_aco_objects = $acl["aco"];
343 $message = "<?xml version=\"1.0\"?>\n" .
346 foreach ($list_aco_objects as $key => $value) {
348 foreach($list_aco_objects[$key] as $value2) {
349 if (!in_array($value2, $active_aco_objects[$key])) {
351 $counter = $counter +
1;
352 $message .= "\t\t<section>\n" .
353 "\t\t\t<name>" . $key . "</name>\n";
355 $aco_id = $gacl->get_object_id($key, $value2,'ACO');
356 $aco_data = $gacl->get_object_data($aco_id, 'ACO');
357 $aco_title = $aco_data[0][3];
358 $message .= "\t\t\t<aco>\n";
359 $message .= "\t\t\t\t<title>" . $aco_title . "</title>\n";
360 $message .= "\t\t\t\t<id>" . $aco_id . "</id>\n";
361 $message .= "\t\t\t</aco>\n";
365 $message .= "\t\t</section>\n";
368 $message .= "\t</inactive>\n" .
370 foreach ($active_aco_objects as $key => $value) {
371 $message .= "\t\t<section>\n" .
372 "\t\t\t<name>" . $key . "</name>\n";
373 foreach($active_aco_objects[$key] as $value2) {
374 $aco_id = $gacl->get_object_id($key, $value2,'ACO');
375 $aco_data = $gacl->get_object_data($aco_id, 'ACO');
376 $aco_title = $aco_data[0][3];
377 $message .= "\t\t\t<aco>\n";
378 $message .= "\t\t\t\t<title>" . $aco_title . "</title>\n";
379 $message .= "\t\t\t\t<id>" . $aco_id . "</id>\n";
380 $message .= "\t\t\t</aco>\n";
382 $message .= "\t\t</section>\n";
384 $message .= "\t</active>\n";
386 foreach ($err as $value) {
387 $message .= "\t<error>" . $value . "</error>\n";
390 $message .= "</response>\n";
395 // Returns listing of all possible return values via xml message.
396 // $err = error strings (array)
398 function return_values_xml($err) {
399 global $phpgacl_location;
400 include_once("$phpgacl_location/gacl_api.class.php");
401 $gacl = new gacl_api();
404 $message = "<?xml version=\"1.0\"?>\n" .
406 foreach(acl_get_group_title_list() as $value) {
407 $acl_id = $gacl->search_acl(FALSE, FALSE, FALSE, FALSE, $value, FALSE, FALSE, FALSE, FALSE);
408 foreach($acl_id as $value2){
409 $acl = $gacl->get_acl($value2);
410 $ret = $acl["return_value"];
411 if (!in_array($ret, $returns)) {
412 $message .= "\t<return>" . $ret . "</return>\n";
413 array_push($returns, $ret);
418 foreach ($err as $value) {
419 $message .= "\t<error>" . $value . "</error>\n";
422 $message .= "</response>\n";
427 // Returns error string(s) via xml
428 // $err = error (string or array)
430 function error_xml($err) {
431 $message = "<?xml version=\"1.0\"?>\n" .
434 foreach ($err as $value){
435 $message .= "\t<error>" . $value . "</error>\n";
439 $message .= "\t<error>" . $err . "</error>\n";
441 $message .= "</response>\n";