library/acl_upgrade_fx.php

   1 <?php
   2 /**
   3 * Upgrading functions of access controls.
   4 *
   5 * Functions to allow safe access control modifications
   6 * during upgrading.
   7 *
   8 * Copyright (C) 2012 Brady Miller <brady@sparmy.com>
   9 *
  10 * LICENSE: This program is free software; you can redistribute it and/or
  11 * modify it under the terms of the GNU General Public License
  12 * as published by the Free Software Foundation; either version 2
  13 * of the License, or (at your option) any later version.
  14 * This program is distributed in the hope that it will be useful,
  15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17 * GNU General Public License for more details.
  18 * You should have received a copy of the GNU General Public License
  19 * along with this program.  If not, see <http://opensource.org/licenses/gpl-license.php>.
  20 *
  21 * @package   OpenEMR
  22 * @author    Brady Miller <brady@sparmy.com>
  23 * @link      http://www.open-emr.org
  24 */
  25
  26 /**
  27  * Returns the current access control version.
  28  *
  29  * @return  integer  The current access control version.
  30  */
  31 function get_acl_version() {
  32   $acl_version = sqlQuery("SELECT `v_acl` FROM `version`");
  33   return $acl_version['v_acl'];
  34 }
  35
  36 /**
  37  * Records the access control version.
  38  *
  39  * @param  integer  $acl_version  access control version
  40  */
  41 function set_acl_version($acl_version) {
  42   sqlStatement("UPDATE `version` SET `v_acl` = ?", array($acl_version) );
  43 }
  44
  45 /**
  46  * Function will return an array that contains the ACL ID number. It will also check to ensure
  47  * the ACL exist and is not duplicated.
  48  *
  49  * @param  string  $title         Title of group.
  50  * @param  string  $return_value  What the acl returns), usually 'write' or 'addonly'
  51  * @return array                  An array that contains the ACL ID number.
  52  */
  53 function getAclIdNumber($title, $return_value) {
  54         global $gacl;
  55         $temp_acl_id_array  = $gacl->search_acl(FALSE, FALSE, FALSE, FALSE, $title, FALSE, FALSE, FALSE, $return_value);
  56         switch (count($temp_acl_id_array)) {
  57                 case 0:
  58                         echo "<B>ERROR</B>, '$title' group '$return_value' ACL does not exist.</BR>";
  59                         break;
  60                 case 1:
  61                         echo "'$title' group '$return_value' ACL is present.</BR>";
  62                         break;
  63                 default:
  64                         echo "<B>ERROR</B>, Multiple '$title' group '$return_value' ACLs are present.</BR>";
  65                         break;
  66         }
  67         return $temp_acl_id_array;
  68 }
  69
  70 /**
  71  * Function will add an ACL (if doesn't already exist).
  72  * It will also place the acl in the group, or will CREATE a new group.
  73  * It will return the ID number of the acl (created or old)
  74  *
  75  * @param   string  $title         Title of group.
  76  * @param   string  $name          name of acl
  77  * @param   string  $return_value  What the acl returns, usually 'write' or 'addonly'
  78  * @param   string  $note          description of acl
  79  * @return  array                  ID number of the acl (created or old)
  80  */
  81 function addNewACL($title, $name, $return_value, $note) {
  82         global $gacl;
  83         $temp_acl_id_array  = $gacl->search_acl(FALSE, FALSE, FALSE, FALSE, $title, FALSE, FALSE, FALSE, $return_value);
  84         switch (count($temp_acl_id_array)) {
  85                 case 0:
  86                         $group_id = $gacl->get_group_id($name, $title, 'ARO');
  87                         if ($group_id) {
  88                             //group already exist, so just create acl
  89                             $temp_acl_id = $gacl->add_acl(array("placeholder"=>array("filler")), NULL, array($group_id), NULL, NULL, 1, 1, $return_value, $note);
  90                             if ($temp_acl_id) {
  91                                  echo "The '$title' group already exist.</BR>";
  92                                  echo "The '$title' group '$return_value' ACL has been successfully added.</BR>";
  93                                  $temp_acl_id_array = array($temp_acl_id);
  94                             }
  95                             else {
  96                                  echo "The '$title' group already exist.</BR>";
  97                                  echo "<B>ERROR</B>, Unable to create the '$title' group '$return_value' ACL.</BR>";
  98                             }
  99                         }
 100                         else {
 101                             //create group, then create acl
 102                             $parent_id = $gacl->get_root_group_id();
 103                             $aro_id = $gacl->add_group($name, $title, $parent_id, 'ARO');
 104                             $temp_acl_id = $gacl->add_acl(array("placeholder"=>array("filler")), NULL, array($aro_id), NULL, NULL, 1, 1, $return_value, $note);
 105                             if ($aro_id ) {
 106                                 echo "The '$title' group has been successfully added.</BR>";
 107                             }
 108                             else {
 109                                 echo "<B>ERROR</B>, Unable to create the '$title' group.</BR>";
 110                             }
 111                             if ($temp_acl_id) {
 112                                 echo "The '$title' group '$return_value' ACL has been successfully added.</BR>";
 113                                 $temp_acl_id_array = array($temp_acl_id);
 114                             }
 115                             else {
 116                                 echo "<B>ERROR</B>, Unable to create the '$title' group '$return_value' ACL.</BR>";
 117                             }
 118                         }
 119                         break;
 120                 case 1:
 121                         echo "'$title' group '$return_value' ACL already exist.</BR>";
 122                         break;
 123
 124                 default:
 125                         echo "<B>ERROR</B>, Multiple '$title' group '$return_value' ACLs are present.</BR>";
 126                         break;
 127         }
 128         return $temp_acl_id_array;
 129 }
 130
 131 /**
 132  * Function to add an object section.
 133  * It will check to ensure the object section doesn't already exist.
 134  *
 135  * @param  string  $name   identifier of section
 136  * @param  string  $title  Title o object.
 137  */
 138 function addObjectSectionAcl($name, $title) {
 139         global $gacl;
 140         if ($gacl->get_object_section_section_id($title, $name, 'ACO')) {
 141                 echo "The '$title' object section already exist.</BR>";
 142         }
 143         else {
 144                 $tmp_boolean = $gacl->add_object_section($title , $name, 10, 0, 'ACO');
 145                 if ($tmp_boolean) {
 146                         echo "The '$title' object section has been successfully added.</BR>";
 147                 }
 148                 else {
 149                         echo "<B>ERROR</B>,unable to create the '$title' object section.</BR>";
 150                 }
 151         }
 152         return;
 153 }
 154
 155
 156 /**
 157  * Function to add an object.
 158  * It will check to ensure the object doesn't already exist.
 159  *
 160  * @param  string  $section_name   Identifier of section
 161  * @param  string  $section_title  Title of section
 162  * @param  string  $object_name    Identifier of object
 163  * @param  string  $object_title   Title of object
 164  */
 165 function addObjectAcl($section_name, $section_title, $object_name, $object_title) {
 166         global $gacl;
 167         if ($gacl->get_object_id($section_name, $object_name, 'ACO')) {
 168                 echo "The '$object_title' object in the '$section_title' section already exist.</BR>";
 169         }
 170         else {
 171                 $tmp_boolean = $gacl->add_object($section_name, $object_title, $object_name, 10, 0, 'ACO');
 172                 if ($tmp_boolean) {
 173                         echo "The '$object_title' object in the '$section_title' section has been successfully added.</BR>";
 174                 }
 175                 else {
 176                         echo "<B>ERROR</B>,unable to create the '$object_title' object in the '$section_title' section.</BR>";
 177                 }
 178         }
 179         return;
 180 }
 181
 182 /**
 183  * Function to add an object and set the 'order' variable.
 184  * It will check to ensure the object doesn't already exist.
 185  *
 186  * @param  string  $section_name   Identifier of section
 187  * @param  string  $section_title  Title of section
 188  * @param  string  $object_name    Identifier of object
 189  * @param  string  $object_title   Title of object
 190  * @param  string  $order_number   number to determine order in list. used in sensitivities to order the choices in openemr
 191  */
 192 function addObjectAclWithOrder($section_name, $section_title, $object_name, $object_title, $order_number) {
 193         global $gacl;
 194         if ($gacl->get_object_id($section_name, $object_name, 'ACO')) {
 195                 echo "The '$object_title' object in the '$section_title' section already exist.</BR>";
 196         }
 197         else {
 198                 $tmp_boolean = $gacl->add_object($section_name, $object_title, $object_name, $order_number, 0, 'ACO');
 199                 if ($tmp_boolean) {
 200                         echo "The '$object_title' object in the '$section_title' section has been successfully added.</BR>";
 201                 }
 202                 else {
 203                         echo "<B>ERROR</B>,unable to create the '$object_title' object in the '$section_title' section.</BR>";
 204                 }
 205         }
 206         return;
 207 }
 208
 209 /**
 210  * Function to edit an object and set the 'order' variable.
 211  * It will check to ensure the object doesn't already exist, and hasn't been upgraded yet.
 212  *
 213  * @param  string  $section_name   Identifier of section
 214  * @param  string  $section_title  Title of section
 215  * @param  string  $object_name    Identifier of object
 216  * @param  string  $object_title   Title of object
 217  * @param  string  $order_number   number to determine order in list. used in sensitivities to order the choices in openemr
 218  */
 219 function editObjectAcl($section_name, $section_title, $object_name, $object_title, $order_number) {
 220         global $gacl;
 221         $tmp_objectID = $gacl->get_object_id($section_name, $object_name, 'ACO');
 222         if ($tmp_objectID) {
 223                 $tmp_object = $gacl->get_object_data($tmp_objectID, 'ACO');
 224                 if ($tmp_object[0][2] ==  $order_number &&
 225                     $tmp_object[0][0] ==  $section_name &&
 226                     $tmp_object[0][1] ==  $object_name &&
 227                     $tmp_object[0][3] ==  $object_title) {
 228                         echo "The '$object_title' object in the '$section_title' section has already been updated.</BR>";
 229                 }
 230                 else {
 231                         $tmp_boolean = $gacl->edit_object($tmp_objectID, $section_name, $object_title, $object_name, $order_number, 0, 'ACO');
 232                         if ($tmp_boolean) {
 233                                 echo "The '$object_title' object in the '$section_title' section has been successfully updated.</BR>";
 234                         }
 235                         else {
 236                                 echo "<B>ERROR</B>,unable to update the '$object_title' object in the '$section_title' section.</BR>";
 237                         }
 238                 }
 239         }
 240         else {
 241                 echo "<B>ERROR</B>, the '$object_title' object in the '$section_title' section does not exist.</BR>";
 242         }
 243         return;
 244 }
 245
 246 /**
 247  * Update the ACL.
 248  * It will check to ensure the ACL hasn't already been updated.
 249  *
 250  * @param  array   $array_acl_id_number   Array containing hopefully one element, which is an integer, and is identifier of acl to be updated.
 251  * @param  string  $group_title           Title of group.
 252  * @param  string  $object_section_name   Identifier of section
 253  * @param  string  $object_section_title  Title of section
 254  * @param  string  $object_name           Identifier of object
 255  * @param  string  $object_title          Title of object
 256  * @param  string  $acl_return_value      What the acl returns (string), usually 'write', 'addonly', 'wsome' or 'view'
 257  */
 258 function updateAcl($array_acl_id_number, $group_title, $section_name, $section_title, $object_name, $object_title, $return_value) {
 259         global $gacl;
 260         $tmp_array = $gacl->search_acl($section_name, $object_name, FALSE, FALSE, $group_title, FALSE, FALSE, FALSE, $return_value);
 261         switch (count($tmp_array)) {
 262                 case 0:
 263                         $tmp_boolean = @$gacl->append_acl($array_acl_id_number[0], NULL, NULL, NULL, NULL, array($section_name=>array($object_name)));
 264                         if ($tmp_boolean){
 265                                 echo "Successfully placed the '$object_title' object of the '$section_title' section into the '$group_title' group '$return_value' ACL.</BR>";
 266                         }
 267                         else {
 268                                 echo "<B>ERROR</B>,unable to place the '$object_title' object of the '$section_title' section into the '$group_title' group '$return_value' ACL.</BR>";
 269                         }
 270                         break;
 271                 case 1:
 272                         echo "The '$object_title' object of the '$section_title' section is already found in the '$group_title' group '$return_value' ACL.</BR>";
 273                         break;
 274                 default:
 275                         echo "<B>ERROR</B>, Multiple '$group_title' group '$return_value' ACLs with the '$object_title' object of the '$section_title' section are present.</BR>";
 276                         break;
 277         }
 278         return;
 279 }
 280 ?>