Integry/PVM
19
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
92da2191df51c3ebca2f724b0a59fb86ea56dca1
PVM/public_html/classes/User.class.php
AnthonyS 92da2191df Gestito login con token jwt
2025-11-17 12:20:03 +01:00

537 lines
19 KiB
PHP
Raw Blame History

<?php
class User {
const AMMINISTRATORE_SISTEMA = "1";
const UTENTE_AZIENDALE = "2";
const CLIENTE = "3";
const FORNITORE = "4";
const AGENTE = "5";
const ISPETTORE = "6";
const GESTORE_DEPOSITO_ESTERNO = "7";
const SQUADRA_LAVORO = "8";
const AMMINISTRATORE_AZIENDALE = "9";
const PUNTO_VENDITA = "10";
const RESPONSABILE_PRODUZIONE = "11";
const RESPONSABILE_COMMERCIALE = "12";
const RESPONSABILE_PUNTI_VENDITA = "20";
const RILEVATORE = "21";
const TECNICO = "22";
const RESPONSABILE_REPARTO = "23";
const RESPONSABILE_ACQUISTI = "24";
const RESPONSABILE_EDP = "25";
const SOTTOSCRITTORE = "26";
const OSPITE = "27";
public static function is_authenticated() {
return isset($_SESSION["username"]);
}
private static function get_sessionValue($key) {
return self::is_authenticated() && isset($_SESSION[$key]) ? $_SESSION[$key] : null;
}
public static function get_current_username() {
return self::get_sessionValue("username");
}
public static function get_current_fullname() {
$fullname = self::get_sessionValue("fullname");
return !is_null($fullname) ? ucwords(strtolower($fullname)) : null;
}
public static function get_current_group() {
return self::get_sessionValue("gruppo");
}
public static function get_current_groupName() {
return self::get_groupName(self::get_current_group());
}
public static function get_groups() {
$userClass = new ReflectionClass("User");
return $userClass->getConstants();
}
public static function get_groupName($groupId) {
$groups = self::get_groups();
foreach ($groups as $groupName => $id) {
if ($id == $groupId) {
return str_replace("_", " ", $groupName);
}
}
return null;
}
public static function get_current_profileDb() {
return self::get_sessionValue("profileDB");
}
public static function get_current_userCode() {
return self::get_sessionValue("user_code");
}
public static function get_current_userCodMdep() {
return self::get_sessionValue("cod_mdep");
}
public static function get_current_userEmail() {
$value = self::get_current_userData("e_mail");
return Utility::is_validEmail($value) ? $value : null;
}
public static function is_old() {
$ts_userCreationTime = self::get_current_userCreationTime();
$ts_lastAppUpdateTime = PVM::get_lastAppUpdateTime();
if (!is_null($ts_userCreationTime) && !is_null($ts_lastAppUpdateTime)) {
return $ts_userCreationTime < $ts_lastAppUpdateTime;
}
return true; // L'UTENTE E' STATO CREATO PRIMA DELL'ULTIMO AGGIORNAMENTO
}
private static function get_current_userCreationTime() {
return self::get_current_userData("creation_datetime");
}
public static function get_current_userData($key = null) {
$Ret = self::get_userData(self::get_current_username(), $key);
return $Ret->is_OK() ? $Ret->get_data() : null;
}
public static function get_current_userDepo() {
$userName = self::get_current_username();
$query
= self::run_sql("SELECT wtb_depo.cod_mdep FROM mtb_depo INNER JOIN wtb_depo ON mtb_depo.cod_mdep = wtb_depo.cod_mdep WHERE user_name = '{$userName}'");
return array_get($query, "cod_mdep");
}
public static function get_current_userAllDepos() {
$userName = self::get_current_username();
$query
= new Query("SELECT wtb_depo.cod_mdep FROM mtb_depo INNER JOIN wtb_depo ON mtb_depo.cod_mdep = wtb_depo.cod_mdep WHERE user_name = '{$userName}'");
$result = $query->firstColumn()->toRet(false)->execute();
return $result;
}
private static function run_sql($sql) {
$query = new Query($sql);
$result = $query->firstRow()->toRet(false)->execute();
return $result !== false ? $result : null;
}
private static function get_anagClie($codAnag) {
return !is_null($codAnag) ? self::run_sql("SELECT rag_soc, indirizzo, cap, citta, prov, nazione, gtb_anag.cod_anag FROM gtb_anag INNER JOIN vtb_clie ON gtb_anag.cod_anag = vtb_clie.cod_anag WHERE gtb_anag.cod_anag = '{$codAnag}'") : null;
}
private static function get_anagAgen($codVage) {
return !is_null($codVage) ? self::run_sql("SELECT rag_soc, indirizzo, cap, citta, prov, nazione, NULL AS cod_anag FROM vtb_agen WHERE cod_vage = '{$codVage}'") : null;
}
private static function get_anagIspe($codVisp) {
return !is_null($codVisp) ? self::run_sql("SELECT rag_soc, indirizzo, cap, citta, prov, nazione, NULL AS cod_anag FROM vtb_ispe WHERE cod_visp = '{$codVisp}'") : null;
}
public static function get_anagDepo($userName) {
return !is_null($userName) ? self::run_sql("SELECT descrizione, indirizzo, cap, citta, prov, nazione, cod_vlis, NULL AS cod_anag FROM mtb_depo INNER JOIN wtb_depo ON mtb_depo.cod_mdep = wtb_depo.cod_mdep WHERE user_name = '{$userName}'") : null;
}
public static function getDepoInfo($codMdep) {
return !is_null($codMdep) ? self::run_sql("SELECT descrizione, indirizzo, cap, citta, prov, nazione, NULL AS cod_anag FROM mtb_depo INNER JOIN wtb_depo ON mtb_depo.cod_mdep = wtb_depo.cod_mdep WHERE mtb_depo.cod_mdep = '{$codMdep}'") : null;
}
public static function get_current_userAnag() {
$userCode = self::get_current_userCode();
$userName = self::get_current_username();
$groupId = self::get_current_group();
switch ($groupId) {
case self::CLIENTE:
return self::get_anagClie($userCode);
case self::AGENTE:
return self::get_anagAgen($userCode);
case self::ISPETTORE:
return self::get_anagIspe($userCode);
case self::PUNTO_VENDITA:
return self::get_anagDepo($userName);
}
return null;
}
public static function getCodAnag() {
$userAnag = self::get_current_userAnag();
return !is_null($userAnag) ? $userAnag["cod_anag"] : null;
}
public static function getCodVage() {
return self::get_current_userCode();
}
public static function getLatLng() {
$userAnag = self::get_current_userAnag();
if (!is_null($userAnag)) {
$location = Utility\Str::format_indirizzoCompleto($userAnag);
if (!is_null(\nullIfBlank($location))) {
$Ret = \Utility\Geo::rawAddressToLatLng($location);
if ($Ret->is_OK()) {
$retData = $Ret->get_data();
if (isset($retData["lat"]) && isset($retData["lng"])) {
return $retData;
}
}
}
}
return null;
}
public static function get_userData($userName, $key = null) {
if (!is_null($userName)) {
$Query = new Query;
if (is_null($key)) {
$Query->firstRow()->select("user_name", "full_name", "creation_datetime", "e_mail", "last_access_datetime", "password");
} else {
$Query->firstRowFirstValue()->select($key);
}
$Query->from("wtb_users")->where("User_name", $userName);
$Ret = $Query->anonymousAuth()->toRet()->execute();
if ($Ret->is_OK() && is_null($key) && is_null($Ret->get_data())) {
$Ret->set_error("Utente non trovato");
}
} else {
$Ret = new Ret();
$Ret->set_error("Username non valido");
}
return $Ret;
}
public static function group_is() { // concatenare con virgola gli argomenti per cercare diversi gruppi in OR
$currentGroup = self::get_current_group();
$arr_groupsName = func_get_args();
foreach ($arr_groupsName as $group) {
if ($currentGroup == $group) {
return true;
}
}
return false;
}
// <editor-fold desc="'group_is'" defaultstate="collapsed">
public static function is_cliente() {
return User::group_is(User::CLIENTE);
}
public static function is_utenteAziendale() {
return User::group_is(User::UTENTE_AZIENDALE);
}
public static function is_agente() {
return User::group_is(User::AGENTE);
}
public static function is_ispettore() {
return User::group_is(User::ISPETTORE);
}
public static function is_squadraLavoro() {
return User::group_is(User::SQUADRA_LAVORO);
}
public static function is_rilevatore() {
return User::group_is(User::RILEVATORE);
}
public static function is_amministratoreAziendale() {
return User::group_is(User::AMMINISTRATORE_AZIENDALE);
}
public static function is_amministratoreSistema() {
return User::group_is(User::AMMINISTRATORE_SISTEMA);
}
public static function is_puntoVendita() {
return User::group_is(User::PUNTO_VENDITA);
}
public static function is_responsabileProduzione() {
return User::group_is(User::RESPONSABILE_PRODUZIONE);
}
public static function is_responsabileCommerciale() {
return User::group_is(User::RESPONSABILE_COMMERCIALE);
}
public static function is_tecnico() {
return User::group_is(User::TECNICO);
}
public static function is_responsabileReparto() {
return User::group_is(User::RESPONSABILE_REPARTO);
}
public static function is_responsabileAcquisti() {
return User::group_is(User::RESPONSABILE_ACQUISTI);
}
public static function is_responsabileEdp() {
return User::group_is(User::RESPONSABILE_EDP);
}
public static function is_sottoscrittore() {
return User::group_is(User::SOTTOSCRITTORE);
}
public static function is_ospite() {
return User::group_is(User::OSPITE);
}
// </editor-fold>
public static function logout() {
getSession();
if (LOGIN_JWT && isset($_SESSION["accessToken"])) {
$imsApi = new IMSApi();
$imsApi
->put("auth/logout")
->body(array(
"deviceId" => $_SESSION["deviceId"]
))
->send();
}
//operazioni e controlli per effettura il logout dell'utente/agente
if (isset($_SESSION["login"])) {
$_SESSION["login"] = false;
unset($_SESSION["login"]);
}
$_SESSION = array();
setcookie(RECOVER_SESSION_ID_COOKIE, "", -1);
session_unset();
session_destroy();
}
public static function validate_password($password) {
$Ret = new Ret;
if (strlen(\blankIfNull($password)) >= 7) {
// immettere eventuali altri controlli
} else {
$Ret->set_warning("La password deve contenere almeno 7 caratteri");
}
return $Ret;
}
private static function getInfoPassword($userName) {
$Query = new Query;
$Query->select("password", "password_expires_days", "flag_password_expiring")
->from("wtb_users")
->where("user_name", $userName);
$Ret = $Query->anonymousAuth()->toRet()->firstRow()->execute();
if ($Ret->is_OK() && is_null($Ret->get_data())) {
$Ret->set_error("Si è verificato un errore inatteso. Contattare l'assistenza");
}
return $Ret;
}
public static function updateUser($userName, $dati) {
$Ret = new Ret();
$WtbUsers = new EntityItem("stb_user");
$WtbUsers->set("userName", $userName)
->set("fullName", $dati["fullName"])
->set("eMail", implode(";", json_decode($dati["eMail"])));
if ($dati["oldPassword"] && $dati["newPassword"] && $dati["newPassword"] === $dati["confirmPassword"]) {
$Ret = \User::updatePassword($userName, $dati["newPassword"], $dati["oldPassword"], false, true, true);
} else {
$WtbUsers->update()->anonymousAuth()->send();
}
return $Ret;
}
public static function updatePassword($userName, $newPwd, $oldPasswordCheck = null, $updateLastAccessDatetime = false, $refreshSession = false, $differentFromPrev = false) {
$Ret = self::getInfoPassword($userName);
if ($Ret->is_OK()) {
$info = $Ret->get_data();
$passwordExpiresDays = $info["password_expires_days"];
$flagPasswordExpiring = \boolValue($info["flag_password_expiring"]);
$currentPwd = $info["password"];
if (!is_null($oldPasswordCheck) && !\Utility\Str::ciEquals($currentPwd, $oldPasswordCheck)) {
$Ret->set_warning("La password attuale non è corretta");
}
if ($Ret->is_OK() && $differentFromPrev && \Utility\Str::ciEquals($currentPwd, $newPwd)) {
$Ret->set_warning("La nuova password non può coincidere con quella attuale.<br/>Digitarne una differente e riprovare.");
}
// if ($Ret->is_OK()) {
// $Ret = self::validate_password($newPwd);
// }
if ($Ret->is_OK()) {
$imsApi = new IMSApi();
$imsApi
->post("users/changePassword")
->authUsername($userName)
->authPassword($currentPwd)
->body(array(
"oldPassword" => $currentPwd,
"password" => $newPwd,
));
$Ret = $imsApi->send();
if ($Ret->is_OK() && $refreshSession) {
$_SESSION["password"] = $newPwd;
}
}
}
return $Ret->set_data(null);
}
public static function hasModulo($idModulo = null) {
if (!is_null($idModulo)) {
$arr_userModules = PVM::getListModuliUtente();
return array_key_exists($idModulo, $arr_userModules);
}
return false;
}
public static function getWidgets() {
$arr_widgets = array();
$arr_userModules = array_values(PVM::getListModuliUtente());
foreach ($arr_userModules as $moduleItem) {
foreach ($moduleItem["widgets"] as $widget) {
if (PVM::processItemPolicyToCurrentUser($widget)) {
$arr_widgets[] = array(
"module" => $moduleItem["id"],
"widget" => $widget["name"],
"salience" => isset($widget["salience"]) ? $widget["salience"] : -2147483648
);
}
}
}
if (count($arr_widgets) > 0) {
$arr_widgets = from($arr_widgets)
->orderBy(function ($x) {
return $x["salience"];
})
->thenBy(function ($x) {
return $x["module"];
})
->thenBy(function ($x) {
return $x["widget"];
})
->toArray();
}
return array_values($arr_widgets);
}
public static function isGestioneAbilitata($gestione) {
if (self::is_amministratoreSistema()) {
return true;
}
$query
= new Query("SELECT flag_abil FROM stb_abil sa INNER JOIN stb_menu_opz sm ON sa.cod_opz = sm.cod_opz WHERE sa.user_name = '[user]' AND sm.gest_name = '[gest]'");
$query
->setVar("user", self::get_current_username())
->setVar("gest", $gestione);
$flag = $query->firstRowFirstValue()->toRet(false)->execute();
// N = permessi negati / R = solo visualizzazione
return $flag != null && $flag != "N" && $flag != "R";
}
public static function checkValidUsername($data) {
$ret = new \Ret();
$username = isset($data["username"]) && $data["username"] != "" ? $data["username"] : null;
if (isset($username)) {
$query = new \Query();
$count = $query
->profileDB(isset($data["azienda"]) ? $data["azienda"] : null)
->select("User_name")
->from("Wtb_users")
->where("User_name", $data["username"])
->anonymousAuth()
->toRet(false)
->countRowsSql();
$valid = $count == 0;
$message = $valid ? "Nome utente valido." : "Nome utente gi&agrave; registrato.";
if ($valid) {
$valid = preg_match("/^[a-zA-Z\d]{5,}\$/", $username);
if (!$valid) {
$message
= "Nome utente non valido. Sono permessi solo caratteri alfanumerici ed un minimo 5 caratteri.";
}
}
$ret->set_data(array(
"valid" => $valid,
"message" => $message
));
} else {
$ret->set_data(array(
"valid" => false,
"message" => "Il nome utente non pu&ograve; essere vuoto."
));
}
return $ret;
}
public static function hasSetup($gestName, $section, $keySection, $defaultValue) {
$userSetup = new GestSetupWebUser();
return $userSetup->gestName($gestName)->section($section)->keySection($keySection)->userName(self::get_current_username())->defaultValue($defaultValue)->asBoolean()->get();
}
public static function getAuthorization($section, $authorizationName) {
$authorization = new Authorization($section, $authorizationName);
if (User::is_amministratoreSistema()) {
$authorization->setLevel(Authorization::ALL);
return $authorization;
}
$ims = new IMSApi("pvm/gestione/$section/permessi/$authorizationName");
$ret = $ims->post()
->send();
if ($ret->is_KO()) {
//TODO: gestire una flashbag di sessione con gli errori in fasi non gestibili?
return $authorization;
}
$authorizations = $ret->getDto();
$level = 0;
if (array_get($authorizations, "visible", false)) {
$level += Authorization::VISIBLE;
}
if (array_get($authorizations, "editable", false)) {
$level += Authorization::EDITABLE;
}
if (array_get($authorizations, "enabled", false)) {
$level += Authorization::ENABLED;
}
if (array_get($authorizations, "required", false)) {
$level += Authorization::REQUIRED;
}
$authorization->setLevel($level);
return $authorization;
}
}
Reference in New Issue View Git Blame Copy Permalink