[Mapbender-commits] r9966 - in trunk/mapbender/http: classes javascripts php

Fri Sep 28 06:29:57 PDT 2018

Author: armin11
Date: 2018-09-28 06:29:56 -0700 (Fri, 28 Sep 2018)
New Revision: 9966

Modified:
   trunk/mapbender/http/classes/class_user.php
   trunk/mapbender/http/classes/class_wmc.php
   trunk/mapbender/http/javascripts/initWmcObj.php
   trunk/mapbender/http/javascripts/mod_loadwmc.js
   trunk/mapbender/http/php/mod_loadwmc_server.php
Log:
New option to remove layers without permission from wmc xml before it will be loaded into some gui. New element var for loadwmc module: removeUnaccessableLayers - should be 1 to remove the layers!

Modified: trunk/mapbender/http/classes/class_user.php
===================================================================

--- trunk/mapbender/http/classes/class_user.php	2018-09-28 06:46:41 UTC (rev 9965)
+++ trunk/mapbender/http/classes/class_user.php	2018-09-28 13:29:56 UTC (rev 9966)
@@ -775,6 +775,46 @@
 		
 		return ($row = db_fetch_array($res)) ? true : false;
 	}
+
+	public function getAccessableLayers ($layerIdArray) {
+		if (gettype($layerIdArray) !== "array" || (gettype($layerIdArray) == "array" && count($layerIdArray) == 0) ) {
+			return array(0);
+		}
+		$array_guis = $this->getApplicationsByPermission();
+		$v = array();
+		$t = array();
+		$sql = "SELECT DISTINCT fkey_layer_id FROM gui_layer WHERE fkey_gui_id IN (";
+		$c = 1;
+		for ($i = 0; $i < count($array_guis); $i++) {
+			if ($i > 0) { 
+				$sql .= ",";
+			}
+			$sql .= "$".$c;
+			$c++;
+			array_push($v, $array_guis[$i]);
+			array_push($t, 's');
+		}
+		//
+		$sql .= ") AND fkey_layer_id IN (";
+		$j = 0;
+		foreach ($layerIdArray as $layerId) {
+			if ($j > 0) {
+				$sql .= ",";
+			}
+			$sql .= "$".$c;
+			$c++;
+			$j++;			
+			array_push($v, $layerId);
+			array_push($t, 'i');
+		}
+		$sql .= ") AND gui_layer_status = 1";
+		$res = db_prep_query($sql,$v,$t);
+		$allowedLayerIdArray = array();
+		while ($row = db_fetch_array($res)) {
+			$allowedLayerIdArray[] = $row["fkey_layer_id"];
+		}		
+		return $allowedLayerIdArray;
+	}
 	
 	public function isWmsAccessible ($wms_id) {
 		$array_guis = $this->getApplicationsByPermission();

Modified: trunk/mapbender/http/classes/class_wmc.php
===================================================================
--- trunk/mapbender/http/classes/class_wmc.php	2018-09-28 06:46:41 UTC (rev 9965)
+++ trunk/mapbender/http/classes/class_wmc.php	2018-09-28 13:29:56 UTC (rev 9966)
@@ -538,6 +538,7 @@
 	* function to update the information about wms in a mapbender wmc object and stores it in the database
 	* actually layer names and getmap urls are updated by the given mapbender layer id, also the dataurl entries are created or
 	* if a layer has related metadata for which download options are available
+	* 
 	* @return WMC as XML or false.
 	*/
 	public function updateUrlsFromDb() {
@@ -799,6 +800,61 @@
 		$e = new mb_notice((string)($endTime - $startTime));
 		return $updatedWMC;
 	}
+
+	public function removeUnaccessibleLayers($wmcXml) {
+		$currentUser = new User(Mapbender::session()->get("mb_user_id"));
+		//declare xpath to pull all layer with given ids from stored wmc docs
+		$query_mbLayerId = "/wmc:ViewContext/wmc:LayerList/wmc:Layer/wmc:Extension/mapbender:layer_id";
+		libxml_use_internal_errors(true);
+		try {
+			$WMCDoc = simplexml_load_string($wmcXml);
+			if ($WMCDoc === false) {
+				foreach(libxml_get_errors() as $error) {
+        				$err = new mb_exception("class_wmc:".$error->message);
+    				}
+				throw new Exception("class_wmc:".'Cannot parse WMC XML!');
+				return false;
+			}
+		}
+		catch (Exception $e) {
+    			$err = new mb_exception("class_wmc:".$e->getMessage());
+			return false;
+		}
+		//register relevant namespaces
+		$WMCDoc->registerXPathNamespace("wmc","http://www.opengis.net/context");
+		$WMCDoc->registerXPathNamespace("mapbender","http://www.mapbender.org/context");
+		$WMCDoc->registerXPathNamespace("xlink","http://www.w3.org/1999/xlink");
+		//pull out List of layer objects
+		$layerIdList = $WMCDoc->xpath($query_mbLayerId);
+		$e = new mb_notice(count($layerIdList));
+		//remove layers without permisssion
+		$checkLayerPermission = true;
+		//check for accessible layers with ids
+		if ($checkLayerPermission && gettype($layerIdList) == "array" && count($layerIdList) > 0) {
+			$allowedLayerArray = $currentUser->getAccessableLayers($layerIdList);
+		}
+		if (gettype($allowedLayerArray) == "array" && count($allowedLayerArray) > 0) {
+			
+		} else {
+			$allowedLayerArray = array();
+			$allowedLayerArray[] = 0;
+		}
+		//iterate over all layers with id and remove layer with an id that is not in $allowedLayerArray!
+		foreach($layerIdList as $layerId) {
+			$queryPath = "/wmc:ViewContext/wmc:LayerList/wmc:Layer[wmc:Extension/mapbender:layer_id='".(integer)$layerId."']";
+			foreach($WMCDoc->xpath($queryPath) as $layer) {
+				if (in_array($layerId, $allowedLayerArray)) {
+					$e = new mb_notice("user is allowed to access layer ".$layerId);
+				} else {
+					$e = new mb_notice("user is not allowed to access layer ".$layerId);
+    					unset($layer[0][0]);
+				}
+			}
+		}
+		return $WMCDoc->saveXML();
+	}
+	
+
 	/**
 	 * Stores this WMC in the database. The WMC has to be instantiated first, see above.
 	 *

Modified: trunk/mapbender/http/javascripts/initWmcObj.php
===================================================================
--- trunk/mapbender/http/javascripts/initWmcObj.php	2018-09-28 06:46:41 UTC (rev 9965)
+++ trunk/mapbender/http/javascripts/initWmcObj.php	2018-09-28 13:29:56 UTC (rev 9966)
@@ -149,6 +149,14 @@
 	$e = new mb_exception("initWmcObj.php: ERROR while loading wmc from session - test creating wmc from app: " . $app);
 	$wmc->createFromApplication($app);
 }
+
+$removeUnaccessableLayers = false;
+
+$removeUnaccessableLayers = new ElementVar($app, "loadwmc", "removeUnaccessableLayers");
+if ($wmcDocSession && $removeUnaccessableLayers->value === "1") {
+	$removeUnaccessableLayers = true;
+}
+
 //TODO: if no GET API is given then don't do the following things
 //
 // create new WMC with services from GET API
@@ -531,6 +539,12 @@
 //TODO test following
 //workaround to have a fully merged WMC for loading
 $xml = $wmcGetApi->toXml();
+
+if ($removeUnaccessableLayers == true) {
+	//$e = new mb_exception("try to remove layers without permission while loading from session!");
+	$xml = $wmcGetApi->removeUnaccessibleLayers($xml);
+}
+
 //$e = new mb_exception("initWmcObj.php: XML after merging json: ".$xml);
 $wmcGetApi = new wmc();
 //debug

Modified: trunk/mapbender/http/javascripts/mod_loadwmc.js
===================================================================
--- trunk/mapbender/http/javascripts/mod_loadwmc.js	2018-09-28 06:46:41 UTC (rev 9965)
+++ trunk/mapbender/http/javascripts/mod_loadwmc.js	2018-09-28 13:29:56 UTC (rev 9966)
@@ -2,6 +2,7 @@
 options.checkLayerIdExists = options.checkLayerIdExists ? true : false;
 options.checkLayerIdValid = options.checkLayerIdValid ? true : false;
 options.checkLayerPermission = options.checkLayerPermission ? true : false;
+options.removeUnaccessableLayers = options.removeUnaccessableLayers ? options.removeUnaccessableLayers : 0;
 options.checkLayerAvailability = options.checkLayerAvailability ? true : false;
 options.loadWmc = typeof options.loadWmc === "number" ? options.loadWmc : 1;
 options.mergeWmc = typeof options.mergeWmc === "number" ? options.mergeWmc : 0;
@@ -554,7 +555,8 @@
 		return createTableCell(
 			$.extend({
 				parameters: {
-					id: wmc.id
+					id: wmc.id,
+					removeUnaccessableLayers: options.removeUnaccessableLayers
 				}
 			}, LOAD_WMC_OPTIONS),
 			loadMergeAppendCallback

Modified: trunk/mapbender/http/php/mod_loadwmc_server.php
===================================================================
--- trunk/mapbender/http/php/mod_loadwmc_server.php	2018-09-28 06:46:41 UTC (rev 9965)
+++ trunk/mapbender/http/php/mod_loadwmc_server.php	2018-09-28 13:29:56 UTC (rev 9966)
@@ -89,13 +89,19 @@
 		}
 	break;
 	
-	// loads a WMC (returns array of JS code)
+	//loads a WMC (returns array of JS code)
 	case 'loadWmc':
 		$wmcId = $ajaxResponse->getParameter("id");
+		$removeUnaccessableLayers = $ajaxResponse->getParameter("removeUnaccessableLayers");
 		if ($wmc->createFromDb($wmcId)) {
 			$updatedWMC = $wmc->updateUrlsFromDb();
-	        	$wmc->createFromXml($updatedWMC);
-			
+			if ($removeUnaccessableLayers == 1) {
+				//new 2018-09-27 - delete unaccessible layers if wished!
+				$accessibleWmcXml = $wmc->removeUnaccessibleLayers($updatedWMC);
+				$wmc->createFromXml($accessibleWmcXml);
+			} else {
+				$wmc->createFromXml($updatedWMC);
+			}
 			$skipWms = $ajaxResponse->getParameter("skipWms");
 			if (is_array($skipWms)) {
 				$jsArray = $wmc->toJavaScript($skipWms);

