]> git.defcon.no Git - hermes/blob - api/lib/phone_functions.php
First stab at a naive permissions-tool
[hermes] / api / lib / phone_functions.php
1 <?php
2 /*
3 # Copyright (c) 2012, Gjøvik University College
4 # All rights reserved.
5
6 # Redistribution and use in source and binary forms, with or without
7 # modification, are permitted provided that the following conditions are met:
8 # * Redistributions of source code must retain the above copyright
9 # notice, this list of conditions and the following disclaimer.
10 # * Redistributions in binary form must reproduce the above copyright
11 # notice, this list of conditions and the following disclaimer in the
12 # documentation and/or other materials provided with the distribution.
13 # * Neither the name of the Gjøvik University College nor the
14 # names of its contributors may be used to endorse or promote products
15 # derived from this software without specific prior written permission.
16 #
17 # THIS SOFTWARE IS PROVIDED BY Gjøvik University College ''AS IS'' AND ANY
18 # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
19 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
20 # DISCLAIMED. IN NO EVENT SHALL Gjøvik University College BE LIABLE FOR ANY
21 # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
22 # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
23 # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
24 # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28 require_once('config.php');
29 require_once('lib/common_functions.php');
30 require_once('lib/db_functions.php');
31
32 function get_user_phones ( $username, $domain )
33 {
34 global $config;
35 $query = sprintf("SELECT id FROM %s WHERE username = '%s' AND domain = '%s'",
36 $config['hermes_users_table'],
37 sql_clean( $username ),
38 sql_clean( $domain )
39 );
40
41 $user = sql_dbquery_single( $config['hermes_db'], $query );
42 if ( ! $user ) return null;
43 $user_id = $user['id'];
44
45 $query = sprintf("SELECT mac FROM %s WHERE user_rel = %d",
46 $config['hermes_phones_table'],
47 $user_id
48 );
49
50 $result = sql_dbquery( $config['hermes_db'], $query );
51 if ( !$result ) return null;
52 if ( @mysql_num_rows($result) < 1 ) return null;
53 $rows = array();
54 while ( $row = mysql_fetch_assoc( $result ) )
55 array_push( $rows, $row['mac'] );
56 return $rows;
57 }
58
59 function get_phone_users ( $macaddress )
60 {
61 global $config;
62 $ptbl = $config['hermes_phones_table'];
63 $utbl = $config['hermes_users_table'];
64 $query = "SELECT ".$ptbl.".mac as mac, CONCAT( ".$utbl.".username, '@', ".$utbl.".domain ) as user
65 FROM ".$ptbl."
66 INNER JOIN ".$utbl." ON ".$ptbl.".user_rel = ".$utbl.".id
67 WHERE ".$ptbl.".mac = '".sql_clean($macaddress ). "'";
68
69 $result = sql_dbquery( $config['hermes_db'], $query );
70 if ( !$result ) return null;
71 if ( @mysql_num_rows($result) < 1 ) return null;
72 $rows = array();
73 while ( $row = mysql_fetch_assoc( $result ) )
74 {
75 array_push( $rows, $row['user'] );
76 }
77 return $rows;
78 }
79
80 function add_phone_user( $mac, $username, $domain )
81 {
82 global $config;
83 // Get ID of user, for use with user_rel field..
84 $user_id = get_provision_userid( $username, $domain );
85 if ( !$user_id ) return false;
86
87 // Doublecheck :)
88 $mac = clean_mac($mac);
89 if (!$mac) return false;
90
91 // Triplecheck :)
92 $phones = get_user_phones ( $username, $domain);
93 if ( $phones && in_array( $mac, $phones ) )
94 return false;
95
96 // OK, so we have the User ID, a valid MAC, and no previous registration
97 // of that combination. Going to add.
98 $query = sprintf("INSERT INTO %s ( mac, user_rel ) VALUES ( '%s', %d )",
99 $config['hermes_phones_table'], $mac, $user_id);
100 return sql_dbexec( $config['hermes_db'], $query );
101 }
102
103 function delete_phone_user( $mac, $username, $domain )
104 {
105 global $config;
106 // Get ID of user, for use with user_rel field..
107 $user_id = get_provision_userid( $username, $domain );
108 if ( !$user_id ) return false;
109
110 // Doublecheck :)
111 $mac = clean_mac($mac);
112 if (!$mac) return false;
113
114 // Triplecheck :)
115 $phones = get_user_phones ( $username, $domain);
116 if ( !$phones ) return false;
117 if ( ! in_array( $mac, $phones ) ) return false;
118
119 // OK, so we have the User ID, a valid MAC, and no previous registration
120 // of that combination. Going to remove.
121 $query = sprintf("DELETE FROM %s WHERE mac = '%s' AND user_rel = %d",
122 $config['hermes_phones_table'], $mac, $user_id);
123 return sql_dbexec( $config['hermes_db'], $query );
124 }
125
126
127
128 function list_phones ( $search = null )
129 {
130 global $config;
131 $query = sprintf("SELECT mac FROM %s", $config['hermes_phones_table']);
132 if ( $search )
133 $query .= sprintf(" WHERE mac LIKE '%s%%'", sql_clean($search));
134
135 $result = sql_dbquery( $config['hermes_db'], $query );
136 if ( !$result ) return null;
137 if ( @mysql_num_rows($result) < 1 ) return null;
138 $rows = array();
139 while ( $row = mysql_fetch_assoc( $result ) )
140 {
141 array_push( $rows, $row['mac'] );
142 }
143 return $rows;
144 }
145
146 ?>