Rev 6547 | AutorÃa | Comparar con el anterior | Ultima modificación | Ver Log |
<?phpdeclare(strict_types=1);namespace LeadersLinked\Library;use Laminas\Db\Adapter\AdapterInterface;use LeadersLinked\Mapper\MyCoachCategoryMapper;use LeadersLinked\Mapper\MyCoachCategoryUserMapper;use LeadersLinked\Mapper\QueryMapper;use LeadersLinked\Model\MyCoachCategory;use LeadersLinked\Mapper\MyCoachQuestionMapper;use LeadersLinked\Mapper\MyCoachQuestionCategoryMapper;use LeadersLinked\Model\MyCoachCategoryUser;use LeadersLinked\Mapper\MyCoachAnswerMapper;use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;use LeadersLinked\Mapper\OrganizationPositionMapper;class MyCoachAccessControl{/**** @var MyCoachAccessControl*/private static $_instance;/**** @var AdapterInterface*/private $adapter;/**** @param AdapterInterface $adapter*/public function __construct($adapter){$this->adapter = $adapter;}/**** @param AdapterInterface $adapter* @return MyCoachAccessControl*/public static function getInstance($adapter){if(self::$_instance == null) {self::$_instance = new MyCoachAccessControl($adapter);}return self::$_instance;}/**** @param int $user_id* @return array*/private function getCategoryIdsWithAccessJobDescription($user_id){$category_ids = [];$job_description_ids = [];$organizationPositionMapper = OrganizationPositionMapper::getInstance($this->adapter);$records = $organizationPositionMapper->fetchAllByEmployeeId($user_id);foreach($records as $record){array_push($job_description_ids, $record->job_description_id);}$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($this->adapter);$records = $myCoachCategoryJobDescriptionMapper->fetchAllByJobDescriptionIds($job_description_ids);foreach ($records as $record){if(!in_array($record->category_id, $category_ids)) {array_push($category_ids, $record->category_id);}}return $category_ids;}/**** @param int $user_id* @param int $network_id* @return int[]*/public function getCategoryIdsWithAccess($user_id, $network_id){$category_filter_ids = $this->getCategoryIdsWithAccessJobDescription($user_id);$queryMapper = QueryMapper::getInstance($this->adapter);if($category_filter_ids) {$selectJobDescription = $queryMapper->getSql()->select();$selectJobDescription->columns(['id']);$selectJobDescription->from(['c' => MyCoachCategoryMapper::_TABLE]);$selectJobDescription->where->equalTo('c.network_id', $network_id);$selectJobDescription->where->equalTo('c.status', MyCoachCategory::STATUS_ACTIVE);$selectJobDescription->where->in('id', $category_filter_ids);} else {$selectJobDescription = null;}$category_ids = [];$selectPublic = $queryMapper->getSql()->select();$selectPublic->columns(['id']);$selectPublic->from(['c' => MyCoachCategoryMapper::_TABLE]);$selectPublic->where->equalTo('c.network_id', $network_id);$selectPublic->where->equalTo('c.privacy', MyCoachCategory::PRIVACY_PUBLIC);$selectPublic->where->equalTo('c.status', MyCoachCategory::STATUS_ACTIVE);$select = $queryMapper->getSql()->select();$select->columns(['id']);$select->from(['c' => MyCoachCategoryMapper::_TABLE]);$select->join(['cu' => MyCoachCategoryUserMapper::_TABLE], 'c.id = cu.category_id', []);$select->where->equalTo('cu.user_id', $user_id);$select->where->equalTo('c.privacy', MyCoachCategory::PRIVACY_COMPANY);$select->where->equalTo('c.status', MyCoachCategory::STATUS_ACTIVE);$select->combine( $selectPublic );if($selectJobDescription) {$select->combine( $selectJobDescription );}// echo $select->getSqlString($this->adapter->platform); exit;$records = $queryMapper->fetchAll($select);foreach($records as $record){if(!in_array($record['id'], $category_ids)) {array_push($category_ids, $record['id']);}}return array_unique($category_ids);}/**** @param int $user_id* @param int $network_id* @return array*/public function getCategoriesWithAccessToFormSelect($user_id, $network_id){$category_filter_ids = $this->getCategoryIdsWithAccessJobDescription($user_id);$queryMapper = QueryMapper::getInstance($this->adapter);if($category_filter_ids) {$selectJobDescription = $queryMapper->getSql()->select();$selectJobDescription->columns(['uuid', 'name']);$selectJobDescription->from(['c' => MyCoachCategoryMapper::_TABLE]);$selectJobDescription->where->equalTo('c.network_id', $network_id);$selectJobDescription->where->equalTo('c.status', MyCoachCategory::STATUS_ACTIVE);$selectJobDescription->where->in('id', $category_filter_ids);} else {$selectJobDescription = null;}$categories = [];$selectPublic = $queryMapper->getSql()->select();$selectPublic->columns(['uuid', 'name']);$selectPublic->from(['c' => MyCoachCategoryMapper::_TABLE]);$selectPublic->where->equalTo('c.network_id', $network_id);$selectPublic->where->equalTo('c.privacy', MyCoachCategory::PRIVACY_PUBLIC);$selectPublic->where->equalTo('c.status', MyCoachCategory::STATUS_ACTIVE);$select = $queryMapper->getSql()->select();$select->columns(['uuid', 'name']);$select->from(['c' => MyCoachCategoryMapper::_TABLE]);$select->join(['cu' => MyCoachCategoryUserMapper::_TABLE], 'c.id = cu.category_id', []);$select->where->equalTo('cu.user_id', $user_id);$select->combine( $selectPublic );// echo $select->getSqlString($this->adapter->platform); exit;$records = $queryMapper->fetchAll($select);foreach($records as $record){if(!isset( $categories[ $record['uuid'] ] )) {$categories[ $record['uuid'] ] = $record['name'];}}uksort($categories, function ($a, $b) {return $a <=> $b;});return $categories;}/**** @param int $user_id* @return int[]*/public function getCategoryIdsWithEdition($user_id){$category_ids = [];$queryMapper = QueryMapper::getInstance($this->adapter);$select = $queryMapper->getSql()->select();$select->columns(['id']);$select->from(['c' => MyCoachCategoryMapper::_TABLE]);$select->join(['cu' => MyCoachCategoryUserMapper::_TABLE], 'c.id = cu.category_id', []);$select->where->equalTo('cu.user_id', $user_id);//$select->where->equalTo('c.privacy', MyCoachCategory::PRIVACY_COMPANY);$select->where->equalTo('c.status', MyCoachCategory::STATUS_ACTIVE);$select->where->in('cu.role', [MyCoachCategoryUser::ROLE_EDITOR, MyCoachCategoryUser::ROLE_ADMINISTRATOR]);//echo $select->getSqlString($this->adapter->platform); exit;$records = $queryMapper->fetchAll($select);foreach($records as $record){array_push($category_ids, $record['id']);}return array_unique($category_ids);}/**** @param int $user_id* @param int|string $category_id* @param int $network_id* @param string $message_error* return boolean*/public function hasAccessForCategory($user_id, $category_id, $network_id, &$message_error){$myCoachCategoryMapper = MyCoachCategoryMapper::getInstance($this->adapter);if(is_numeric($category_id)) {$myCoachCategory = $myCoachCategoryMapper->fetchOneByIdAndNetworkId($category_id, $network_id);} else {$myCoachCategory = $myCoachCategoryMapper->fetchOneByUuidAndNetworkId($category_id, $network_id);}if(!$myCoachCategory) {$message_error ='ERROR_MY_COACH_CATEGORY_NOT_FOUND';return false;}if($myCoachCategory->status == MyCoachCategory::STATUS_INACTIVE) {$message_error = 'ERROR_MY_COACH_CATEGORY_IS_INACTIVE';return false;}if($myCoachCategory->privacy == MyCoachCategory::PRIVACY_COMPANY) {$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($this->adapter);$myCoachCategoryUser = $myCoachCategoryUserMapper->fetchOneByCategoryIdAndUserId($myCoachCategory->id, $user_id);if(!$myCoachCategoryUser) {$message_error = 'ERROR_MY_COACH_CATEGORY_UNAUTHORIZED';return false;}}return true;}/**** @param int $user_id* @param int|string $question_id* @param int $network_id* @param string $message_error* return boolean*/public function hasAccessViewQuestion($user_id, $question_id, $network_id, &$message_error){$myCoachQuestionMapper = MyCoachQuestionMapper::getInstance($this->adapter);if(is_numeric($question_id)) {$myCoachQuestion = $myCoachQuestionMapper->fetchOneByIdAndNetworkId($question_id, $network_id);} else {$myCoachQuestion = $myCoachQuestionMapper->fetchOneByUuidAndNetworkId($question_id, $network_id);}if(!$myCoachQuestion) {$message_error = 'ERROR_MY_COACH_QUESTION_NOT_FOUND';return false;}$category_ids = $this->getCategoryIdsWithAccess($user_id, $network_id);$myCoachQuestionCategoryMapper = MyCoachQuestionCategoryMapper::getInstance($this->adapter);$records = $myCoachQuestionCategoryMapper->fetchAllByQuestionId($myCoachQuestion->id);foreach($records as $record){if(in_array($record->category_id, $category_ids)) {return true;}}$message_error = 'ERROR_MY_COACH_QUESTION_UNAUTHORIZED';return false;}/**** @param int $user_id* @param int|string $question_id* @param int $network_id* @param string $message_error* return boolean*/public function hasAccessEditQuestion($user_id, $question_id, $network_id, &$message_error){$myCoachQuestionMapper = MyCoachQuestionMapper::getInstance($this->adapter);if(is_numeric($question_id)) {$myCoachQuestion = $myCoachQuestionMapper->fetchOneByIdAndNetworkId($question_id, $network_id);} else {$myCoachQuestion = $myCoachQuestionMapper->fetchOneByUuidAndNetworkId($question_id, $network_id);}if(!$myCoachQuestion) {$message_error = 'ERROR_MY_COACH_QUESTION_NOT_FOUND';return false;}if($myCoachQuestion->user_id == $user_id) {$myCoachAnswerMapper = MyCoachAnswerMapper::getInstance($this->adapter);$total = $myCoachAnswerMapper->fetchCountByMyCoachQuestionId($myCoachQuestion->id);return $total == 0 ? true : false;}$message_error = 'ERROR_MY_COACH_QUESTION_UNAUTHORIZED';return false;}/**** @param int $user_id* @param int|string $question_id* @param int $network_id* @param string $message_error* return boolean*/public function hasAccessDeleteQuestion($user_id, $question_id, $network_id, &$message_error){$myCoachQuestionMapper = MyCoachQuestionMapper::getInstance($this->adapter);if(is_numeric($question_id)) {$myCoachQuestion = $myCoachQuestionMapper->fetchOneByIdAndNetworkId($question_id, $network_id);} else {$myCoachQuestion = $myCoachQuestionMapper->fetchOneByUuidAndNetworkId($question_id, $network_id);}if(!$myCoachQuestion) {$message_error = 'ERROR_MY_COACH_QUESTION_NOT_FOUND';return false;}$category_ids = $this->getCategoryIdsWithEdition($user_id);$myCoachQuestionCategoryMapper = MyCoachQuestionCategoryMapper::getInstance($this->adapter);$records = $myCoachQuestionCategoryMapper->fetchAllByQuestionId($myCoachQuestion->id);foreach($records as $record){if(in_array($record->category_id, $category_ids)) {return true;}}if($myCoachQuestion->user_id == $user_id) {$myCoachAnswerMapper = MyCoachAnswerMapper::getInstance($this->adapter);$total = $myCoachAnswerMapper->fetchCountByMyCoachQuestionId($myCoachQuestion->id);return $total == 0 ? true : false;}$message_error = 'ERROR_MY_COACH_QUESTION_UNAUTHORIZED';return false;}/**** @param int $user_id* @param int|string $question_id* @param int $network_id* @param string $message_error* return boolean*/public function hasAccessAnswerQuestion($user_id, $question_id, $network_id, &$message_error){$myCoachQuestionMapper = MyCoachQuestionMapper::getInstance($this->adapter);if(is_numeric($question_id)) {$myCoachQuestion = $myCoachQuestionMapper->fetchOneByIdAndNetworkId($question_id, $network_id);} else {$myCoachQuestion = $myCoachQuestionMapper->fetchOneByUuidAndNetworkId($question_id, $network_id);}if(!$myCoachQuestion) {$message_error = 'ERROR_MY_COACH_QUESTION_NOT_FOUND';return false;}$category_ids = $this->getCategoryIdsWithEdition($user_id);$myCoachQuestionCategoryMapper = MyCoachQuestionCategoryMapper::getInstance($this->adapter);$records = $myCoachQuestionCategoryMapper->fetchAllByQuestionId($myCoachQuestion->id);foreach($records as $record){if(in_array($record->category_id, $category_ids)) {return true;}}$message_error = 'ERROR_MY_COACH_QUESTION_UNAUTHORIZED';return false;}/**** @param int $user_id* @param int|string $answer_id* @param int $network_id* @param string $message_error* return boolean*/public function hasAccessViewAnswer($user_id, $answer_id, $network_id, &$message_error){$myCoachAnswerMapper = MyCoachAnswerMapper::getInstance($this->adapter);if(is_numeric($answer_id)) {$myCoachAnswer = $myCoachAnswerMapper->fetchOne($answer_id);} else {$myCoachAnswer = $myCoachAnswerMapper->fetchOneByUuid($answer_id);}if(!$myCoachAnswer) {$message_error = 'ERROR_MY_COACH_ANSWER_NOT_FOUND';return false;}$category_ids = $this->getCategoryIdsWithAccess($user_id, $network_id);$myCoachQuestionCategoryMapper = MyCoachQuestionCategoryMapper::getInstance($this->adapter);$records = $myCoachQuestionCategoryMapper->fetchAllByQuestionId($myCoachAnswer->question_id);foreach($records as $record){if(in_array($record->category_id, $category_ids)) {return true;}}$message_error = 'ERROR_MY_COACH_QUESTION_UNAUTHORIZED';return false;}/**** @param int $user_id* @param int|string $answer_id* @param int $network_id* @param string $message_error* return boolean*/public function hasAccessEditOrDeleteAnswer($user_id, $answer_id, $network_id, &$message_error){$myCoachAnswerMapper = MyCoachAnswerMapper::getInstance($this->adapter);if(is_numeric($answer_id)) {$myCoachAnswer = $myCoachAnswerMapper->fetchOne($answer_id);} else {$myCoachAnswer = $myCoachAnswerMapper->fetchOneByUuid($answer_id);}if(!$myCoachAnswer) {$message_error = 'ERROR_MY_COACH_ANSWER_NOT_FOUND';return false;}$myCoachQuestionMapper = MyCoachQuestionMapper::getInstance($this->adapter);$myCoachQuestion = $myCoachQuestionMapper->fetchOneByIdAndNetworkId($myCoachAnswer->question_id, $network_id);$category_ids = $this->getCategoryIdsWithEdition($user_id);$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($this->adapter);$myCoachQuestionCategoryMapper = MyCoachQuestionCategoryMapper::getInstance($this->adapter);$records = $myCoachQuestionCategoryMapper->fetchAllByQuestionId($myCoachQuestion->id);$ok = false;$role = MyCoachCategoryUser::ROLE_USER;foreach($records as $record){if(in_array($record->category_id, $category_ids)) {$ok = true;$myCoachCategoryUser = $myCoachCategoryUserMapper->fetchOneByCategoryIdAndUserId($record->category_id, $user_id);if($myCoachCategoryUser) {if($myCoachCategoryUser->role == MyCoachCategoryUser::ROLE_EDITOR && $role == MyCoachCategoryUser::ROLE_USER){$role = MyCoachCategoryUser::ROLE_EDITOR;}if($myCoachCategoryUser->role == MyCoachCategoryUser::ROLE_ADMINISTRATOR && $role != MyCoachCategoryUser::ROLE_ADMINISTRATOR){$role = MyCoachCategoryUser::ROLE_ADMINISTRATOR;}}}}if(!$ok) {$message_error = 'ERROR_MY_COACH_QUESTION_UNAUTHORIZED';return false;}if($myCoachAnswer->user_id == $user_id || $role == MyCoachCategoryUser::ROLE_ADMINISTRATOR) {return true;} else {$message_error = 'ERROR_MY_COACH_ANSWER_UNAUTHORIZED';return false;}}}