1<?php 2 3/** 4 * OrangeHRM is a comprehensive Human Resource Management (HRM) System that captures 5 * all the essential functionalities required for any enterprise. 6 * Copyright (C) 2006 OrangeHRM Inc., http://www.orangehrm.com 7 * 8 * OrangeHRM is free software; you can redistribute it and/or modify it under the terms of 9 * the GNU General Public License as published by the Free Software Foundation; either 10 * version 2 of the License, or (at your option) any later version. 11 * 12 * OrangeHRM is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; 13 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 14 * See the GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License along with this program; 17 * if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 18 * Boston, MA 02110-1301, USA 19 * 20 */ 21 22/** 23 * 24 * @author orange 25 */ 26class AuthorizeService extends BaseService { 27 const AUTHORIZE_ROLE_ADMIN = 'Admin'; 28 const AUTHORIZE_ROLE_SUPERVISOR = 'Supervisor'; 29 const AUTHORIZE_ROLE_ESS = 'ESS'; 30 const AUTHORIZE_ROLE_PROJECT_ADMIN = "ProjectAdmin"; 31 const AUTHORIZE_ROLE_MANAGER = 'Manager'; 32 const AUTHORIZE_ROLE_DIRECTOR = 'Director'; 33 34 const YES = 'Yes'; 35 const NO = 'No'; 36 37 38 public $roleAdmin = "Admin"; 39 public $roleSupervisor = "Supervisor"; 40 public $roleESS = "ESS"; 41 public $roleProjectAdmin = "ProjectAdmin"; 42 public $roleManager = "Manager"; 43 public $roleDirector = "Offerer"; 44 public $roleAcceptor = "Acceptor"; 45 public $roleOfferer = "Offerer"; 46 public $roleHiringManager = "Offerer"; 47 public $roleInterviewer = "Interviewer"; 48 49 private $employeeService; 50 private $projectService; 51 private $vacancyService; 52 53 private $employeeID; 54 private $isAdmin; 55 private $roles; 56 private static $currentUserId; 57 58 /** 59 * Get EmployeeService 60 * @returns EmployeeService 61 */ 62 public function getEmployeeService() { 63 if (is_null($this->employeeService)) { 64 $this->employeeService = new EmployeeService(); 65 $this->employeeService->setEmployeeDao(new EmployeeDao()); 66 } 67 return $this->employeeService; 68 } 69 70 /** 71 * Set EmployeeService 72 * @param EmployeeService $employeeService 73 */ 74 public function setEmployeeService(EmployeeService $employeeService) { 75 $this->employeeService = $employeeService; 76 } 77 78 /** 79 * 80 * @return ProjectService 81 */ 82 public function getProjectService() { 83 if (is_null($this->projectService)) { 84 $this->projectService = new ProjectService(); 85 } 86 return $this->projectService; 87 } 88 89 /** 90 * 91 * @param ProjectService $projectService 92 */ 93 public function setProjectService($projectService) { 94 $this->projectService = $projectService; 95 } 96 97 /** 98 * 99 * @return VacancyService 100 */ 101 public function getVacancyService() { 102 if (is_null($this->vacancyService)) { 103 $this->vacancyService = new VacancyService(); 104 } 105 return $this->vacancyService; 106 } 107 108 /** 109 * 110 * @param VacancyService $cacancyService 111 */ 112 public function setVacancyService($vacancyService) { 113 $this->vacancyService = $vacancyService; 114 } 115 116 public function setEmployeeId($employeeId) { 117 $this->employeeID = $employeeId; 118 } 119 120 public function getEmployeeId() { 121 return $this->employeeID; 122 } 123 124 public function setIsAdmin($isAdmin) { 125 $this->isAdmin = $isAdmin; 126 } 127 128 public function getIsAdmin() { 129 return $this->isAdmin; 130 } 131 132 public function setRoles($roles) { 133 $this->roles = $roles; 134 } 135 136 public function getRoles() { 137 return $this->roles; 138 } 139 140 public static function getCurrentUserId() { 141 if (empty(self::$currentUserId)) { 142 self::$currentUserId = @$_SESSION['user']; 143 } 144 return self::$currentUserId; 145 } 146 147 /** 148 * Class contructor 149 * 150 * @param String $employeeId 151 * @param String $isAdmin 152 */ 153 public function __construct($employeeId, $isAdmin) { 154 $this->setEmployeeId($employeeId); 155 $this->setIsAdmin($isAdmin); 156 157 $this->setRoles($this->_roles()); 158 } 159 160 /** 161 * Constructs roles 162 * 163 * @return boolean[] 164 */ 165 private function _roles() { 166 $roles = null; 167 $isAdmin = $this->getIsAdmin(); 168 $empId = $this->getEmployeeId(); 169 170 if ($isAdmin === self::YES) { 171 $roles[$this->roleAdmin] = true; 172 } else { 173 $roles[$this->roleAdmin] = false; 174 } 175 176 $roles[$this->roleSupervisor] = $this->_checkIsSupervisor(); 177 $roles[$this->roleProjectAdmin] = $this->_checkIsProjectAdmin(); 178 $roles[$this->roleManager] = $this->_checkIsManager(); 179 $roles[$this->roleDirector] = $this->_checkIsDirector(); 180 $roles[$this->roleAcceptor] = $this->_checkIsAcceptor(); 181 $roles[$this->roleOfferer] = $this->_checkIsOfferer(); 182 $roles[$this->roleHiringManager] = $this->_checkIsHiringManager(); 183 $roles[$this->roleInterviewer] = $this->_checkIsInterviewer(); 184 185 if (!empty($empId)) { 186 $roles[$this->roleESS] = true; 187 } else { 188 $roles[$this->roleESS] = false; 189 } 190 191 return $roles; 192 } 193 194 /** 195 * Check whether there are any subordinates 196 * 197 * @return boolean 198 */ 199 private function _checkIsSupervisor() { 200 $isSupervisor = false; 201 202 if (!empty($this->employeeID)) { 203 $isSupervisor = $this->getEmployeeService()->isSupervisor($this->employeeID); 204 } 205 206 return $isSupervisor; 207 } 208 209 /** 210 * Check whether the user is a project admin 211 * 212 * @param int $projectId Project for which to check. If not given, all projects are checked. 213 * @return boolean 214 */ 215 private function _checkIsProjectAdmin($projectId = null) { 216 217 try { 218 219 $id = (int) $this->getEmployeeId(); 220 221 if (!empty($id)) { 222 return $this->getProjectService()->isProjectAdmin($id); 223 } 224 } catch (Exception $e) { 225 // TODO: Warn 226 } 227 228 return false; 229 } 230 231 /** 232 * Check whether the user is an HiringManager that can approve job offers 233 * 234 * @return boolean True if an hiring manager, false otherwise 235 */ 236 private function _checkIsHiringManager() { 237 238 return $this->_checkIsManager(); 239 } 240 241 /** 242 * Check whether the user is a Manager 243 * 244 * @return boolean 245 */ 246 private function _checkIsManager() { 247 248 $id = (int) $this->getEmployeeId(); 249 250 if (!empty($id)) { 251 return $this->getVacancyService()->isHiringManager($id); 252 } 253 254 return false; 255 } 256 257 /** 258 * Check whether the user is an Interviewer who can interview candidates 259 * 260 * @return boolean True if an interviewer, false otherwise 261 */ 262 private function _checkIsInterviewer() { 263 264 $id = (int) $this->getEmployeeId(); 265 266 if (!empty($id)) { 267 return $this->getVacancyService()->isInterviewer($id); 268 } 269 270 return false; 271 } 272 273 /** 274 * Check whether the user is a Director 275 * 276 * @return boolean True if a director, false otherwise 277 */ 278 private function _checkIsDirector() { 279 280 return false; 281 } 282 283 /** 284 * Check whether the user is an Acceptor that can approve job offers 285 * 286 * @return boolean True if an acceptor, false otherwise 287 */ 288 private function _checkIsAcceptor() { 289 290 return false; 291 } 292 293 /** 294 * Check whether the user is an Offerer that can approve job offers 295 * 296 * @return boolean True if an offerer, false otherwise 297 */ 298 private function _checkIsOfferer() { 299 300 return false; 301 } 302 303 /** 304 * Checks whether an admin 305 * 306 * @return boolean 307 */ 308 public function isAdmin() { 309 return $this->_chkRole($this->roleAdmin); 310 } 311 312 /** 313 * Checks whether an supervisor 314 * 315 * @return boolean 316 */ 317 public function isSupervisor() { 318 return $this->_chkRole($this->roleSupervisor); 319 } 320 321 /** 322 * Checks whether a project admin 323 * 324 * @return boolean true if a project admin. False otherwise 325 */ 326 public function isProjectAdmin() { 327 return $this->_chkRole($this->roleProjectAdmin); 328 } 329 330 /** 331 * Checks whether a Manager 332 * 333 * @return boolean true if a Manager. False otherwise 334 */ 335 public function isManager() { 336 return $this->_chkRole($this->roleManager); 337 } 338 339 /** 340 * Checks whether a Director 341 * 342 * @return boolean true if a Director. False otherwise 343 */ 344 public function isDirector() { 345 return $this->_chkRole($this->roleDirector); 346 } 347 348 /** 349 * Checks whether an Acceptor 350 * 351 * @return boolean true if an Acceptor. False otherwise 352 */ 353 public function isAcceptor() { 354 return $this->_chkRole($this->roleAcceptor); 355 } 356 357 /** 358 * Checks whether an Offerer 359 * 360 * @return boolean true if an Offerer. False otherwise 361 */ 362 public function isOfferer() { 363 return $this->_chkRole($this->roleOfferer); 364 } 365 366 /** 367 * Checks whether an ESS 368 * 369 * @return boolean 370 */ 371 public function isESS() { 372 return $this->_chkRole($this->roleESS); 373 } 374 375 /** 376 * Checks whether the particular employee is 377 * the supervisor of the subordinate concerned 378 * 379 * @param unknown_type $subordinateId 380 * @return boolean 381 */ 382 public function isTheSupervisor($subordinateId) { 383 return $isSupervisor = $this->getEmployeeService()->isSupervisor($subordinateId); 384 } 385 386 /** 387 * Checks whether employee is a project admin of the 388 * given project. 389 * 390 * @param int $projectId The project id 391 * @return bool true if a project admin, false otherwise 392 */ 393 public function isProjectAdminOf($projectId) { 394 return $this->_checkIsProjectAdmin($projectId); 395 } 396 397 /** 398 * Test whether element at pos of the array is equal to match 399 * 400 * @param Array array 401 * @param String match 402 * @param int pos 403 */ 404 private function searchArray($array, $match, $pos) { 405 if ($array[$pos] == $match) { 406 return true; 407 } 408 return false; 409 } 410 411 /** 412 * Delegates all checks for all is<Role> 413 * functions 414 * 415 * @param String $role 416 * @return boolean 417 */ 418 private function _chkRole($role) { 419 $roles = $this->getRoles(); 420 421 if (isset($roles[$role]) && $roles[$role]) { 422 return true; 423 } 424 425 return false; 426 } 427 428 /** 429 * Returns the first role out of the array of 430 * roles sent 431 * 432 * @param String[] $roleArr 433 * @return String/boolean 434 */ 435 public function firstRole($roleArr) { 436 for ($i = 0; $i < count($roleArr); $i++) { 437 if ($this->_chkRole($roleArr[$i])) { 438 return $roleArr[$i]; 439 } 440 } 441 442 return false; 443 } 444 445 public function isActionPermitted($action) { 446 447 $permitted = false; 448 449 switch ($action) { 450 451 case 'TCP' : if (!$this->isAdmin() && !$this->isSupervisor()) { 452 $permitted = false; 453 } else { 454 $permitted = true; 455 } 456 break; 457 458 case 'CST' : if (!$this->isAdmin() && !$this->isSupervisor()) { 459 $permitted = false; 460 } else { 461 $permitted = true; 462 } 463 break; 464 465 case 'PAC' : if (!$this->isAdmin() && !$this->isProjectAdmin()) { 466 $permitted = false; 467 } else { 468 $permitted = true; 469 } 470 break; 471 472 default : if ($this->isAdmin()) { 473 $permitted = true; 474 } else { 475 $permitted = false; 476 } 477 break; 478 } 479 480 return $permitted; 481 } 482 483}