admin/db/security_db.inc

   1 <?php
   2 /**********************************************************************
   3     Copyright (C) FrontAccounting, LLC.
   4         Released under the terms of the GNU General Public License, GPL,
   5         as published by the Free Software Foundation, either version 3
   6         of the License, or (at your option) any later version.
   7     This program is distributed in the hope that it will be useful,
   8     but WITHOUT ANY WARRANTY; without even the implied warranty of
   9     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  10     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
  11 ***********************************************************************/
  12 //--------------------------------------------------------------------------------------------------
  13
  14 function get_security_role($id)
  15 {
  16         $sql = "SELECT * FROM ".TB_PREF."security_roles WHERE id=".(int)$id;
  17         $ret = db_query($sql, "could not retrieve security roles");
  18         $row = db_fetch($ret);
  19         if ($row != false) {
  20                 $row['areas'] = explode(';', $row['areas']);
  21                 $row['sections'] = explode(';', $row['sections']);
  22         }
  23         return $row;
  24 }
  25
  26 //--------------------------------------------------------------------------------------------------
  27
  28 function add_security_role($name, $description, $sections, $areas)
  29 {
  30         begin_transaction(__FUNCTION__, func_get_args());
  31         $sql = "INSERT INTO ".TB_PREF."security_roles (role, description, sections, areas)
  32         VALUES ("
  33         .db_escape($name).","
  34         .db_escape($description).","
  35         .db_escape(implode(';', $sections)).","
  36         .db_escape(implode(';', $areas)).")";
  37
  38         db_query($sql, "could not add new security role");
  39         commit_transaction();
  40 }
  41
  42 //--------------------------------------------------------------------------------------------------
  43
  44 function update_security_role($id, $name, $description, $sections, $areas)
  45 {
  46         begin_transaction(__FUNCTION__, func_get_args());
  47         $sql = "UPDATE ".TB_PREF."security_roles SET role=".db_escape($name)
  48         .",description=".db_escape($description)
  49         .",sections=".db_escape(implode(';', $sections))
  50         .",areas=".db_escape(implode(';', $areas))
  51         ." WHERE id=".(int)$id;
  52         db_query($sql, "could not update role");
  53         commit_transaction();
  54 }
  55 //--------------------------------------------------------------------------------------------------
  56
  57 function delete_security_role($id)
  58 {
  59         begin_transaction(__FUNCTION__, func_get_args());
  60         $sql = "DELETE FROM ".TB_PREF."security_roles WHERE id=".(int)$id;
  61
  62         db_query($sql, "could not delete role");
  63         commit_transaction();
  64 }
  65 //--------------------------------------------------------------------------------------------------
  66
  67 function check_role_used($id) {
  68         $sql = "SELECT count(*) FROM ".TB_PREF."users WHERE role_id=".(int)$id;
  69         $ret = db_query($sql, 'cannot check role usage');
  70         $row = db_fetch($ret);
  71         return $row[0];
  72 }
  73
  74 function write_security_role($id, $name, $description, $sections, $areas, $inactive)
  75 {
  76         begin_transaction(__FUNCTION__, func_get_args());
  77                 $sections = array_values($sections);
  78
  79         if ($id == '')
  80                         add_security_role($name, $description, $sections, $areas);
  81         else {
  82                         update_security_role($id, $name, $description, $sections, $areas);
  83                         update_record_status($id, $inactive, 'security_roles', 'id');
  84         }
  85         commit_transaction();
  86 }