1<?php
2
3/**
4 * OrangeHRM is a comprehensive Human Resource Management (HRM) System that captures
5 * all the essential functionalities required for any enterprise.
6 * Copyright (C) 2006 OrangeHRM Inc., http://www.orangehrm.com
7 *
8 * OrangeHRM is free software; you can redistribute it and/or modify it under the terms of
9 * the GNU General Public License as published by the Free Software Foundation; either
10 * version 2 of the License, or (at your option) any later version.
11 *
12 * OrangeHRM is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
13 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
14 * See the GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along with this program;
17 * if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 * Boston, MA  02110-1301, USA
19 *
20 */
21
22/**
23 *
24 * @author orange
25 */
26class AuthorizeService extends BaseService {
27    const AUTHORIZE_ROLE_ADMIN = 'Admin';
28    const AUTHORIZE_ROLE_SUPERVISOR = 'Supervisor';
29    const AUTHORIZE_ROLE_ESS = 'ESS';
30    const AUTHORIZE_ROLE_PROJECT_ADMIN = "ProjectAdmin";
31    const AUTHORIZE_ROLE_MANAGER = 'Manager';
32    const AUTHORIZE_ROLE_DIRECTOR = 'Director';
33
34    const YES = 'Yes';
35    const NO = 'No';
36
37
38    public $roleAdmin = "Admin";
39    public $roleSupervisor = "Supervisor";
40    public $roleESS = "ESS";
41    public $roleProjectAdmin = "ProjectAdmin";
42    public $roleManager = "Manager";
43    public $roleDirector = "Offerer";
44    public $roleAcceptor = "Acceptor";
45    public $roleOfferer = "Offerer";
46    public $roleHiringManager = "Offerer";
47    public $roleInterviewer = "Interviewer";
48
49    private $employeeService;
50    private $projectService;
51    private $vacancyService;
52
53    private $employeeID;
54    private $isAdmin;
55    private $roles;
56    private static $currentUserId;
57
58    /**
59     * Get EmployeeService
60     * @returns EmployeeService
61     */
62    public function getEmployeeService() {
63        if (is_null($this->employeeService)) {
64            $this->employeeService = new EmployeeService();
65            $this->employeeService->setEmployeeDao(new EmployeeDao());
66        }
67        return $this->employeeService;
68    }
69
70    /**
71     * Set EmployeeService
72     * @param EmployeeService $employeeService
73     */
74    public function setEmployeeService(EmployeeService $employeeService) {
75        $this->employeeService = $employeeService;
76    }
77
78    /**
79     *
80     * @return ProjectService
81     */
82    public function getProjectService() {
83        if (is_null($this->projectService)) {
84            $this->projectService = new ProjectService();
85        }
86        return $this->projectService;
87    }
88
89    /**
90     *
91     * @param ProjectService $projectService
92     */
93    public function setProjectService($projectService) {
94        $this->projectService = $projectService;
95    }
96
97    /**
98     *
99     * @return VacancyService
100     */
101    public function getVacancyService() {
102        if (is_null($this->vacancyService)) {
103            $this->vacancyService = new VacancyService();
104        }
105        return $this->vacancyService;
106    }
107
108    /**
109     *
110     * @param VacancyService $cacancyService
111     */
112    public function setVacancyService($vacancyService) {
113        $this->vacancyService = $vacancyService;
114    }
115
116    public function setEmployeeId($employeeId) {
117        $this->employeeID = $employeeId;
118    }
119
120    public function getEmployeeId() {
121        return $this->employeeID;
122    }
123
124    public function setIsAdmin($isAdmin) {
125        $this->isAdmin = $isAdmin;
126    }
127
128    public function getIsAdmin() {
129        return $this->isAdmin;
130    }
131
132    public function setRoles($roles) {
133        $this->roles = $roles;
134    }
135
136    public function getRoles() {
137        return $this->roles;
138    }
139
140    public static function getCurrentUserId() {
141        if (empty(self::$currentUserId)) {
142            self::$currentUserId = @$_SESSION['user'];
143        }
144        return self::$currentUserId;
145    }
146
147    /**
148     * Class contructor
149     *
150     * @param String $employeeId
151     * @param String $isAdmin
152     */
153    public function __construct($employeeId, $isAdmin) {
154        $this->setEmployeeId($employeeId);
155        $this->setIsAdmin($isAdmin);
156
157        $this->setRoles($this->_roles());
158    }
159
160    /**
161     * Constructs roles
162     *
163     * @return boolean[]
164     */
165    private function _roles() {
166        $roles = null;
167        $isAdmin = $this->getIsAdmin();
168        $empId = $this->getEmployeeId();
169
170        if ($isAdmin === self::YES) {
171            $roles[$this->roleAdmin] = true;
172        } else {
173            $roles[$this->roleAdmin] = false;
174        }
175
176        $roles[$this->roleSupervisor] = $this->_checkIsSupervisor();
177        $roles[$this->roleProjectAdmin] = $this->_checkIsProjectAdmin();
178        $roles[$this->roleManager] = $this->_checkIsManager();
179        $roles[$this->roleDirector] = $this->_checkIsDirector();
180        $roles[$this->roleAcceptor] = $this->_checkIsAcceptor();
181        $roles[$this->roleOfferer] = $this->_checkIsOfferer();
182        $roles[$this->roleHiringManager] = $this->_checkIsHiringManager();
183        $roles[$this->roleInterviewer] = $this->_checkIsInterviewer();
184
185        if (!empty($empId)) {
186            $roles[$this->roleESS] = true;
187        } else {
188            $roles[$this->roleESS] = false;
189        }
190
191        return $roles;
192    }
193
194    /**
195     * Check whether there are any subordinates
196     *
197     * @return boolean
198     */
199    private function _checkIsSupervisor() {
200        $isSupervisor = false;
201
202        if (!empty($this->employeeID)) {
203            $isSupervisor = $this->getEmployeeService()->isSupervisor($this->employeeID);
204        }
205
206        return $isSupervisor;
207    }
208
209    /**
210     * Check whether the user is a project admin
211     *
212     * @param int $projectId Project for which to check. If not given, all projects are checked.
213     * @return boolean
214     */
215    private function _checkIsProjectAdmin($projectId = null) {
216
217        try {
218
219            $id = (int) $this->getEmployeeId();
220
221            if (!empty($id)) {
222                return $this->getProjectService()->isProjectAdmin($id);
223            }
224        } catch (Exception $e) {
225            // TODO: Warn
226        }
227
228        return false;
229    }
230
231    /**
232     * Check whether the user is an HiringManager that can approve job offers
233     *
234     * @return boolean True if an hiring manager, false otherwise
235     */
236    private function _checkIsHiringManager() {
237
238        return $this->_checkIsManager();
239    }
240
241    /**
242     * Check whether the user is a Manager
243     *
244     * @return boolean
245     */
246    private function _checkIsManager() {
247
248        $id = (int) $this->getEmployeeId();
249
250        if (!empty($id)) {
251            return $this->getVacancyService()->isHiringManager($id);
252        }
253
254        return false;
255    }
256
257    /**
258     * Check whether the user is an Interviewer who can interview candidates
259     *
260     * @return boolean True if an interviewer, false otherwise
261     */
262    private function _checkIsInterviewer() {
263
264        $id = (int) $this->getEmployeeId();
265
266        if (!empty($id)) {
267            return $this->getVacancyService()->isInterviewer($id);
268        }
269
270        return false;
271    }
272
273    /**
274     * Check whether the user is a Director
275     *
276     * @return boolean True if a director, false otherwise
277     */
278    private function _checkIsDirector() {
279
280        return false;
281    }
282
283    /**
284     * Check whether the user is an Acceptor that can approve job offers
285     *
286     * @return boolean True if an acceptor, false otherwise
287     */
288    private function _checkIsAcceptor() {
289
290        return false;
291    }
292
293    /**
294     * Check whether the user is an Offerer that can approve job offers
295     *
296     * @return boolean True if an offerer, false otherwise
297     */
298    private function _checkIsOfferer() {
299
300        return false;
301    }
302
303    /**
304     * Checks whether an admin
305     *
306     * @return boolean
307     */
308    public function isAdmin() {
309        return $this->_chkRole($this->roleAdmin);
310    }
311
312    /**
313     * Checks whether an supervisor
314     *
315     * @return boolean
316     */
317    public function isSupervisor() {
318        return $this->_chkRole($this->roleSupervisor);
319    }
320
321    /**
322     * Checks whether a project admin
323     *
324     * @return boolean true if a project admin. False otherwise
325     */
326    public function isProjectAdmin() {
327        return $this->_chkRole($this->roleProjectAdmin);
328    }
329
330    /**
331     * Checks whether a Manager
332     *
333     * @return boolean true if a Manager. False otherwise
334     */
335    public function isManager() {
336        return $this->_chkRole($this->roleManager);
337    }
338
339    /**
340     * Checks whether a Director
341     *
342     * @return boolean true if a Director. False otherwise
343     */
344    public function isDirector() {
345        return $this->_chkRole($this->roleDirector);
346    }
347
348    /**
349     * Checks whether an Acceptor
350     *
351     * @return boolean true if an Acceptor. False otherwise
352     */
353    public function isAcceptor() {
354        return $this->_chkRole($this->roleAcceptor);
355    }
356
357    /**
358     * Checks whether an Offerer
359     *
360     * @return boolean true if an Offerer. False otherwise
361     */
362    public function isOfferer() {
363        return $this->_chkRole($this->roleOfferer);
364    }
365
366    /**
367     * Checks whether an ESS
368     *
369     * @return boolean
370     */
371    public function isESS() {
372        return $this->_chkRole($this->roleESS);
373    }
374
375    /**
376     * Checks whether the particular employee is
377     * the supervisor of the subordinate concerned
378     *
379     * @param unknown_type $subordinateId
380     * @return boolean
381     */
382    public function isTheSupervisor($subordinateId) {
383        return $isSupervisor = $this->getEmployeeService()->isSupervisor($subordinateId);
384    }
385
386    /**
387     * Checks whether employee is a project admin of the
388     * given project.
389     *
390     * @param int $projectId The project id
391     * @return bool true if a project admin, false otherwise
392     */
393    public function isProjectAdminOf($projectId) {
394        return $this->_checkIsProjectAdmin($projectId);
395    }
396
397    /**
398     * Test whether element at pos of the array is equal to match
399     *
400     * @param Array array
401     * @param String match
402     * @param int pos
403     */
404    private function searchArray($array, $match, $pos) {
405        if ($array[$pos] == $match) {
406            return true;
407        }
408        return false;
409    }
410
411    /**
412     * Delegates all checks for all is<Role>
413     * functions
414     *
415     * @param String $role
416     * @return boolean
417     */
418    private function _chkRole($role) {
419        $roles = $this->getRoles();
420
421        if (isset($roles[$role]) && $roles[$role]) {
422            return true;
423        }
424
425        return false;
426    }
427
428    /**
429     * Returns the first role out of the array of
430     * roles sent
431     *
432     * @param String[] $roleArr
433     * @return String/boolean
434     */
435    public function firstRole($roleArr) {
436        for ($i = 0; $i < count($roleArr); $i++) {
437            if ($this->_chkRole($roleArr[$i])) {
438                return $roleArr[$i];
439            }
440        }
441
442        return false;
443    }
444
445    public function isActionPermitted($action) {
446
447        $permitted = false;
448
449        switch ($action) {
450
451            case 'TCP' : if (!$this->isAdmin() && !$this->isSupervisor()) {
452                    $permitted = false;
453                } else {
454                    $permitted = true;
455                }
456                break;
457
458            case 'CST' : if (!$this->isAdmin() && !$this->isSupervisor()) {
459                    $permitted = false;
460                } else {
461                    $permitted = true;
462                }
463                break;
464
465            case 'PAC' : if (!$this->isAdmin() && !$this->isProjectAdmin()) {
466                    $permitted = false;
467                } else {
468                    $permitted = true;
469                }
470                break;
471
472            default : if ($this->isAdmin()) {
473                    $permitted = true;
474                } else {
475                    $permitted = false;
476                }
477                break;
478        }
479
480        return $permitted;
481    }
482
483}