BAOBAB
Public Member Functions | Protected Attributes | List of all members
CO_Chameleon Class Reference
Inheritance diagram for CO_Chameleon:
Collaboration diagram for CO_Chameleon:

Public Member Functions

 __construct ( $in_login_id=NULL, $in_hashed_password=NULL, $in_raw_password=NULL, $in_api_key=NULL)
 
 fetch_backup ()
 
 get_security_ids ( $no_personal=false)
 
 get_all_collections_for_element ( $in_element)
 
 count_all_login_objects_with_access ($in_security_token)
 
 get_all_login_objects_with_access ( $in_security_token, $and_write=false)
 
 get_all_user_objects_with_access ($in_security_token)
 
 get_lang ( $in_login_id=NULL)
 
 test_access ( $in_login_id)
 
 get_value_for_key ( $in_key, $in_classname='CO_KeyValue_CO_Collection')
 
 key_is_unique ( $in_key, $in_classname='CO_KeyValue_CO_Collection')
 
 get_object_for_key ( $in_key)
 
 set_value_for_key ( $in_key, $in_value, $in_classname='CO_KeyValue_CO_Collection')
 
 get_all_visible_users ()
 
 get_all_visible_logins ()
 
 get_user_from_login ( $in_login_id=NULL)
 
- Public Member Functions inherited from CO_Access
 item_exists ( $in_id, $in_visibility_test=false)
 
 get_personal_security_ids ()
 
 get_all_personal_ids_except_for_id ( $in_id=0)
 
 get_logins_with_personal_ids ()
 
 is_this_a_personal_id ( $in_id)
 
 add_personal_token_from_current_login ( $in_to_id, $in_id)
 
 remove_personal_token_from_this_login ( $in_to_id, $in_id)
 
 get_logins_that_have_any_of_my_ids ()
 
 is_this_a_login_id ( $in_id)
 
 get_available_tokens ($no_personal=false)
 
 main_db_available ()
 
 get_login_id ( $in_login_id=NULL)
 
 get_login_item ( $in_login_id=NULL)
 
 god_mode ()
 
 check_login_exists ( $in_login_id)
 
 get_remaining_time ($in_login_id=NULL)
 
 check_login_exists_by_login_string ( $in_login_id_string)
 
 get_login_item_by_login_string ( $in_login_id_string)
 
 check_user_exists ( $in_login_id)
 
 make_new_blank_record ( $in_classname)
 
 get_multiple_data_records_by_id ( $in_id_array)
 
 get_single_data_record_by_id ( $in_id)
 
 get_data_access_class_by_id ( $in_id)
 
 get_security_access_class_by_id ( $in_id)
 
 can_i_see_this_data_record ( $in_id)
 
 can_i_see_this_security_record ( $in_id)
 
 get_all_data_readable_records ( $open_only=false, $in_this_id=NULL)
 
 get_all_data_writeable_records ( $in_this_id=NULL)
 
 security_db_available ()
 
 i_have_this_token ( $in_token_to_test)
 
 get_multiple_security_records_by_id ( $in_id_array)
 
 get_single_security_record_by_id ( $in_id)
 
 get_all_security_readable_records ( $in_this_id=NULL)
 
 get_all_security_writeable_records ( $in_this_id=NULL)
 
 write_data_record ( $params_associative_array)
 
 delete_data_record ( $id)
 
 generic_search ( $in_search_parameters=NULL, $or_search=false, $page_size=0, $initial_page=0, $and_writeable=false, $count_only=false, $ids_only=false)
 
 get_all_login_objects ( $and_write=false)
 
 get_all_tokens ()
 

Protected Attributes

 $_special_access_id
 This is a special ephemeral ID that we use to allow a manager to create a login, and add that login to its pool. More...
 
- Protected Attributes inherited from CO_Access
 $_data_db_object
 This is the instance of the class representing the "data" database. This will always be instantiated. More...
 
 $_security_db_object
 This is the instance of the class representing the "scurity" database. This may not be instantiated, if there is no login. More...
 
 $_login_id
 This is an integer, containing the security DB ID of the logged-in user. It will be NULL for no login. More...
 

Additional Inherited Members

- Public Attributes inherited from CO_Access
 $valid
 This will be true, if the instance is "valid" (has at least an initialized "data" database). More...
 
 $error
 If there was an error, it will be held here. More...
 
 $class_description
 This is a brief textual description of the class. More...
 
 $version
 This will contain the BADGER Version. More...
 

Detailed Description

Definition at line 41 of file co_chameleon.class.php.

Constructor & Destructor Documentation

◆ __construct()

CO_Chameleon::__construct (   $in_login_id = NULL,
  $in_hashed_password = NULL,
  $in_raw_password = NULL,
  $in_api_key = NULL 
)

The constructor.

Parameters
$in_login_idThe login ID
$in_hashed_passwordThe password, crypt-hashed
$in_raw_passwordThe password, cleartext.
$in_api_keyAn API key, for REST.

Reimplemented from CO_Access.

Definition at line 49 of file co_chameleon.class.php.

53  {
54  parent::__construct($in_login_id, $in_hashed_password, $in_raw_password, $in_api_key);
55  $this->version = __CHAMELEON_VERSION__;
56  }
__CHAMELEON_VERSION__
const __CHAMELEON_VERSION__
Definition: co_chameleon.class.php:28

References __CHAMELEON_VERSION__.

Member Function Documentation

◆ count_all_login_objects_with_access()

CO_Chameleon::count_all_login_objects_with_access (   $in_security_token)

You give a security ID, and you will get a count of all login objects that have that token in their list (or are of that ID).

This is not restricted, and will count logins that we don't otherwise know about.

It does not count the "God" admin, which always has access.

Returns
an integer, with the total count of logins with access to the ID. -1, if we are not allowed to see the token.
Parameters
$in_security_tokenAn integer, with the requested security token.

Definition at line 142 of file co_chameleon.class.php.

143  {
144  return $this->_security_db_object->count_all_login_objects_with_access($in_security_token);
145  }

◆ fetch_backup()

CO_Chameleon::fetch_backup ( )

This is a special "God Mode-Only" method that dumps everything in both databases. It is used to generate a CSV backup file.

The user must be logged in as "God."

Returns
an associative array ('security' => array, 'data' => array') of two sets of associative arrays, with the dump. NULL if the user is not authorized.

Definition at line 66 of file co_chameleon.class.php.

66  {
67  // Have to be "God," and the variable in the config needs to be set.
68  if ($this->god_mode()) {
69  $security_db_backup = $this->_security_db_object->get_db_backup();
70  $data_db_backup = $this->_data_db_object->get_db_backup();
71 
72  return ['security' => $security_db_backup, 'data' => $data_db_backup];
73  }
74 
75  return NULL;
76  }

References CO_Access\god_mode().

Here is the call graph for this function:

◆ get_all_collections_for_element()

CO_Chameleon::get_all_collections_for_element (   $in_element)

This method chacks all the collections for the presence of the given element. If the collection is a direct parent of the element, it is returned.

Returns
an array of collection objects. If the element has no parents, then NULL is returned.
Parameters
$in_elementThe element we're looking for parents.

Definition at line 106 of file co_chameleon.class.php.

107  {
108  $ret = NULL;
109 
110  if (isset($in_element) && $in_element && ($in_element->get_access_object() == $this)) {
111  $collection_objects = $this->generic_search(Array('access_class' => Array('%_collection', 'use_like' => true)));
112 
113  if (isset($collection_objects) && is_array($collection_objects) && count($collection_objects)) {
114  foreach ($collection_objects as $parent_object) {
115  if ($parent_object->areYouMyDaddy($in_element, false)) {
116  if (!$ret) {
117  $ret = Array();
118  }
119  array_push($ret, $parent_object);
120  }
121  }
122  }
123  } else { // If the item is invalid, we not only give a NULL, we also flag an error.
124  $this->error = new LGV_Error( CO_CHAMELEON_Lang_Common::$co_collection_error_code_item_not_valid,
125  CO_CHAMELEON_Lang::$co_collection_error_name_item_not_valid,
126  CO_CHAMELEON_Lang::$co_collection_error_desc_item_not_valid);
127  }
128 
129  return $ret;
130  }
CO_CHAMELEON_Lang_Common\$co_collection_error_code_item_not_valid
static $co_collection_error_code_item_not_valid
Definition: common.inc.php:59
CO_CHAMELEON_Lang\$co_collection_error_desc_item_not_valid
static $co_collection_error_desc_item_not_valid
Definition: en.php:40
CO_CHAMELEON_Lang\$co_collection_error_name_item_not_valid
static $co_collection_error_name_item_not_valid
These apply to the *_Collection classes.
Definition: en.php:39
CO_Access\generic_search
generic_search( $in_search_parameters=NULL, $or_search=false, $page_size=0, $initial_page=0, $and_writeable=false, $count_only=false, $ids_only=false)
Definition: co_access.class.php:1026
LGV_Error
This class provides a general error report, with file, method and error information.
Definition: error.class.php:32

References CO_CHAMELEON_Lang_Common\$co_collection_error_code_item_not_valid, CO_CHAMELEON_Lang\$co_collection_error_desc_item_not_valid, CO_CHAMELEON_Lang\$co_collection_error_name_item_not_valid, and CO_Access\generic_search().

Here is the call graph for this function:

◆ get_all_login_objects_with_access()

CO_Chameleon::get_all_login_objects_with_access (   $in_security_token,
  $and_write = false 
)

You give a security ID, and you will get an array, with the login objects that have that token in their list (or are of that ID).

This is security restricted, and will not return logins that we don't otherwise know about.

Returns
an array, with the login objects that have that token in their list (or are of that ID).
Parameters
$in_security_tokenAn integer, with the requested security token.
$and_writeIf true, then we only want ones we have write access to.

Reimplemented from CO_Access.

Definition at line 155 of file co_chameleon.class.php.

157  {
158  return $this->_security_db_object->get_all_login_objects_with_access($in_security_token, $and_write);
159  }

◆ get_all_user_objects_with_access()

CO_Chameleon::get_all_user_objects_with_access (   $in_security_token)

You give a security ID, and you will get an array, with the user objects, associated with login objects that have that token in their list (or are of that ID).

This is security restricted, and will not return users that we don't otherwise know about.

Returns
an array, with the user objects, associated with login objects that have that token in their list (or are of that ID).
Parameters
$in_security_tokenAn integer, with the requested security token.

Reimplemented from CO_Access.

Definition at line 169 of file co_chameleon.class.php.

170  {
171  return $this->_security_db_object->get_all_user_objects_with_access($in_security_token);
172  }

◆ get_all_visible_logins()

CO_Chameleon::get_all_visible_logins ( )
Returns
a simple associative array, indexed by login (not user) IDs, with each element being an array, containing the name (usually display name) of the login object in [0], and the login ID, in [1]. It reurns ALL logins visible to the current login.

Definition at line 360 of file co_chameleon.class.php.

360  {
361  return $this->_security_db_object->get_all_visible_users();
362  }

◆ get_all_visible_users()

CO_Chameleon::get_all_visible_users ( )
Returns
a simple associative array, indexed by user (not login) IDs, with each element being the name (usually display name) of the user object. It reurns ALL users visible to the current login.

Definition at line 352 of file co_chameleon.class.php.

352  {
353  return $this->_data_db_object->get_all_visible_users();
354  }

◆ get_lang()

CO_Chameleon::get_lang (   $in_login_id = NULL)

This returns the language string for the given user/login.

If there is a user item associated with the login, then that gets first dibs. Login item gets dibs over default server.

Returns
a string, with the language ID for the login. If none, the the server default is returned.
Parameters
$in_login_idThe integer login ID to check. If not-NULL, then the ID of a login instance. It must be one that the current user can see.

Reimplemented from CO_Access.

Definition at line 182 of file co_chameleon.class.php.

183  {
184  $ret = parent::get_lang();
185 
186  $login_item = $this->get_login_item($in_login_id);
187 
188  if ($login_item) {
189  $user_item = $this->get_user_from_login($login_item->login_id);
190  if ($user_item) {
191  $ret = $user_item->get_lang();
192  }
193  }
194 
195  return $ret;
196  }
CO_Chameleon\get_user_from_login
get_user_from_login( $in_login_id=NULL)
Definition: co_chameleon.class.php:368
CO_Access\get_login_item
get_login_item( $in_login_id=NULL)
Definition: co_access.class.php:476

References CO_Access\get_login_item(), and get_user_from_login().

Here is the call graph for this function:

◆ get_object_for_key()

CO_Chameleon::get_object_for_key (   $in_key)
Returns
the object that stores the given key. NULL, if no value or instance for the key.
Parameters
$in_keyThis is the key that we are searching for. It must be a string.

Definition at line 257 of file co_chameleon.class.php.

258  {
259  $ret = NULL;
260  $value_object_array = $this->generic_search(Array('access_class' => Array('%_KeyValue%', 'use_like' => 1), 'tags' => Array(strval($in_key))));
261 
262  if (isset($value_object_array) && is_array($value_object_array) && count($value_object_array)) {
263  $ret = $value_object_array[0]; // If the DB is messed up, we could get more than one. In that case, we only take the first one.
264  }
265 
266  return $ret;
267  }

References CO_Access\generic_search().

Here is the call graph for this function:

◆ get_security_ids()

CO_Chameleon::get_security_ids (   $no_personal = false)

This fetches the list of security tokens the currently logged-in user has available. This will reload any non-God Mode IDs before fetching the IDs, in order to spike privilege escalation. If they have God Mode, then you're pretty much screwed, anyway.

Returns
an array of integers, with each one representing a security token. The first element will always be the ID of the user.
Parameters
$no_personalThis is optional. If we DO NOT want personal tokens included, this should be set to true. Default is false (include personal tokens).

Reimplemented from CO_Access.

Definition at line 86 of file co_chameleon.class.php.

87  {
88  $ret = parent::get_security_ids($no_personal);
89 
90  if (isset($this->_special_access_id)) {
91  $id = $this->_special_access_id;
92  unset($this->_special_access_id);
93  $ret[] = intval($id);
94  }
95 
96  return $ret;
97  }
CO_Chameleon\$_special_access_id
$_special_access_id
This is a special ephemeral ID that we use to allow a manager to create a login, and add that login t...
Definition: co_chameleon.class.php:42

References $_special_access_id.

◆ get_user_from_login()

CO_Chameleon::get_user_from_login (   $in_login_id = NULL)
Returns
the user collection object for a given login. If there is no login given, then the current login is assumed. This is subject to security restrictions.
Parameters
$in_login_idThe login ID that is associated with the user collection. If NULL, then the current login is used.

Definition at line 368 of file co_chameleon.class.php.

369  {
370  $ret = NULL;
371 
372  $login_id = $this->get_login_id(); // Default is the current login.
373 
374  if (isset($in_login_id) && (0 < intval($in_login_id))) { // See if they seek a different login.
375  $login_id = intval($in_login_id);
376  }
377 
378  $tag0 = strval($login_id);
379 
380  $ret_temp = $this->generic_search(Array('access_class' => Array('%_user_collection', 'use_like' => true), 'tags' => Array($tag0)));
381 
382  if (isset($ret_temp) && is_array($ret_temp) && count($ret_temp)) {
383  $ret = $ret_temp[0]; // We only get the first one. Multiple responses mean the DB is not so healthy.
384  }
385 
386  return $ret;
387  }
CO_Access\get_login_id
get_login_id( $in_login_id=NULL)
Definition: co_access.class.php:448

References CO_Access\generic_search(), and CO_Access\get_login_id().

Referenced by get_lang().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_value_for_key()

CO_Chameleon::get_value_for_key (   $in_key,
  $in_classname = 'CO_KeyValue_CO_Collection' 
)
Returns
the value for a given key. It is dependent on the class passed in. NULL, if no value or instance for the key.
Parameters
$in_keyThis is the key that we are searching for. It must be a string.
$in_classnameThis is the class to search for the key. The default is the base class.

Definition at line 227 of file co_chameleon.class.php.

229  {
230  $ret = NULL;
231  $value_object_array = $this->generic_search(Array('access_class' => $in_classname, 'tags' => Array(strval($in_key))));
232 
233  if (isset($value_object_array) && is_array($value_object_array) && count($value_object_array)) {
234  $value_object = $value_object_array[0]; // If the DB is messed up, we could get more than one. In that case, we only take the first one.
235  if (isset($value_object) && ($value_object instanceof CO_KeyValue_CO_Collection)) {
236  $ret = $value_object->get_value();
237  }
238  }
239 
240  return $ret;
241  }

References CO_Access\generic_search().

Here is the call graph for this function:

◆ key_is_unique()

CO_Chameleon::key_is_unique (   $in_key,
  $in_classname = 'CO_KeyValue_CO_Collection' 
)
Returns
true, if the key is unique in the DB for the given class (regardless of whether or not we can see it).
Parameters
$in_keyThe key to test (a string).
$in_classnameThis is the class to search for the key. The default is the base class.

Definition at line 247 of file co_chameleon.class.php.

249  {
250  return $this->_data_db_object->tag0_is_unique($in_key, $in_classname);
251  }

◆ set_value_for_key()

CO_Chameleon::set_value_for_key (   $in_key,
  $in_value,
  $in_classname = 'CO_KeyValue_CO_Collection' 
)

This sets a value to a key, creating the record, if need be. Passing in NULL will delete the key (if we have write access). We need to have a login for it to work at all. If the value already exists, then we need to have write access to it, or we will fail.

Returns
true, if successful.
Parameters
$in_keyThis is the key that we are setting. It must be a string.
$in_valueThe value to set. If NULL, then we will delete the key.
$in_classnameThis is the class to use for the key. The default is the base class.

Definition at line 276 of file co_chameleon.class.php.

279  {
280  $ret = false;
281 
282  if ($this->security_db_available()) { // Must be logged in.
283  // First, we look for the object.
284  $value_object = $this->generic_search(Array('access_class' => $in_classname, 'tags' => Array(strval($in_key))));
285 
286  if ((NULL != $in_value) && (!isset($value_object) || !$value_object)) {
287  $value_object = $this->make_new_blank_record($in_classname);
288  if (isset($value_object) && ($value_object instanceof CO_KeyValue_CO_Collection) && $value_object->user_can_write()) {
289  $ret = $value_object->set_name($in_key);
290  $ret = $value_object->set_key($in_key);
291  if (!$ret) {
292  $this->error = $value_object->error;
293  $value_object->delete_from_db();
294  $value_object = NULL;
295  if (!$this->error) {
296  $this->error = new LGV_Error( CO_CHAMELEON_Lang_Common::$co_key_value_error_code_instance_failed_to_initialize,
297  CO_CHAMELEON_Lang::$co_key_value_error_name_instance_failed_to_initialize,
298  CO_CHAMELEON_Lang::$co_key_value_error_desc_instance_failed_to_initialize);
299  }
300  }
301  }
302  } elseif (isset($value_object) && is_array($value_object) && count($value_object)) {
303  $value_object = $value_object[0];
304  } else {
305  $value_object = NULL;
306  $this->error = new LGV_Error( CO_CHAMELEON_Lang_Common::$co_key_value_error_code_instance_failed_to_initialize,
307  CO_CHAMELEON_Lang::$co_key_value_error_name_instance_failed_to_initialize,
308  CO_CHAMELEON_Lang::$co_key_value_error_desc_instance_failed_to_initialize);
309  }
310 
311  if (isset($value_object) && ($value_object instanceof CO_KeyValue_CO_Collection) && $value_object->user_can_write()) {
312  if (NULL == $in_value) { // If we are deleting, we ask the object to go quietly into the great beyond.
313  $ret = $value_object->delete_from_db();
314  } else { // Otherwise, we just set the value.
315  $ret = $value_object->set_tag(0, $in_key);
316  if ($ret) {
317  $ret = $value_object->set_value($in_value);
318  } else {
319  $this->error = $value_object->error;
320 
321  if (!$this->error) {
322  $this->error = new LGV_Error( CO_CHAMELEON_Lang_Common::$co_key_value_error_code_instance_failed_to_initialize,
323  CO_CHAMELEON_Lang::$co_key_value_error_name_instance_failed_to_initialize,
324  CO_CHAMELEON_Lang::$co_key_value_error_desc_instance_failed_to_initialize);
325  }
326  }
327  }
328  } else {
329  if (isset($value_object) && ($value_object instanceof CO_KeyValue_CO_Collection) && !$value_object->user_can_write()) {
330  $this->error = new LGV_Error( CO_CHAMELEON_Lang_Common::$co_key_value_error_code_user_not_authorized,
331  CO_CHAMELEON_Lang::$co_key_value_error_name_user_not_authorized,
332  CO_CHAMELEON_Lang::$co_key_value_error_desc_user_not_authorized);
333  } else {
334  $this->error = new LGV_Error( CO_CHAMELEON_Lang_Common::$co_key_value_error_code_instance_failed_to_initialize,
335  CO_CHAMELEON_Lang::$co_key_value_error_name_instance_failed_to_initialize,
336  CO_CHAMELEON_Lang::$co_key_value_error_desc_instance_failed_to_initialize);
337  }
338  }
339  } else {
340  $this->error = new LGV_Error( CO_CHAMELEON_Lang_Common::$co_key_value_error_code_user_not_authorized,
341  CO_CHAMELEON_Lang::$co_key_value_error_name_user_not_authorized,
342  CO_CHAMELEON_Lang::$co_key_value_error_desc_user_not_authorized);
343  }
344 
345  return $ret;
346  }
CO_CHAMELEON_Lang_Common\$co_key_value_error_code_user_not_authorized
static $co_key_value_error_code_user_not_authorized
Definition: common.inc.php:62
CO_CHAMELEON_Lang_Common\$co_key_value_error_code_instance_failed_to_initialize
static $co_key_value_error_code_instance_failed_to_initialize
Definition: common.inc.php:63
CO_CHAMELEON_Lang\$co_key_value_error_desc_instance_failed_to_initialize
static $co_key_value_error_desc_instance_failed_to_initialize
Definition: en.php:52
CO_CHAMELEON_Lang\$co_key_value_error_name_user_not_authorized
static $co_key_value_error_name_user_not_authorized
These apply to the KeyValue classes.
Definition: en.php:49
CO_CHAMELEON_Lang\$co_key_value_error_desc_user_not_authorized
static $co_key_value_error_desc_user_not_authorized
Definition: en.php:50
CO_CHAMELEON_Lang\$co_key_value_error_name_instance_failed_to_initialize
static $co_key_value_error_name_instance_failed_to_initialize
Definition: en.php:51
CO_Access\make_new_blank_record
make_new_blank_record( $in_classname)
Definition: co_access.class.php:605

References CO_CHAMELEON_Lang_Common\$co_key_value_error_code_instance_failed_to_initialize, CO_CHAMELEON_Lang_Common\$co_key_value_error_code_user_not_authorized, CO_CHAMELEON_Lang\$co_key_value_error_desc_instance_failed_to_initialize, CO_CHAMELEON_Lang\$co_key_value_error_desc_user_not_authorized, CO_CHAMELEON_Lang\$co_key_value_error_name_instance_failed_to_initialize, CO_CHAMELEON_Lang\$co_key_value_error_name_user_not_authorized, CO_Access\generic_search(), CO_Access\make_new_blank_record(), and CO_Access\security_db_available().

Here is the call graph for this function:

◆ test_access()

CO_Chameleon::test_access (   $in_login_id)

This tests a login ID for the special "Heisenberg" one-time test.

Returns
true, if the item was a login, and had the flag set.
Parameters
$in_login_idThe ID of the instance to test.

Definition at line 204 of file co_chameleon.class.php.

205  {
206  $ret = false;
207 
208  // Yeah, this will crash if we're not in COBRA. Good.
209  if ($this->security_db_available() && ($this->get_login_item() instanceof CO_Login_Manager)) {
210  $item_to_test = $this->_security_db_object->get_initial_record_by_id($in_login_id);
211 
212  if (($item_to_test instanceof CO_Cobra_Login) || ($item_to_test instanceof CO_Security_ID)) {
213  $ret = $item_to_test->security_exemption();
214  if ($ret) {
215  $this->_special_access_id = $in_login_id;
216  }
217  }
218  }
219 
220  return $ret;
221  }

References CO_Access\get_login_item(), and CO_Access\security_db_available().

Here is the call graph for this function:

Member Data Documentation

◆ $_special_access_id

CO_Chameleon::$_special_access_id
protected

This is a special ephemeral ID that we use to allow a manager to create a login, and add that login to its pool.

Definition at line 42 of file co_chameleon.class.php.

Referenced by get_security_ids().