0xV3NOMx
Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64

Your IP : 3.15.186.27

Current Path : /var/www/oasis/custom_src/
Upload File :
Current File : /var/www/oasis/custom_src/getRightValuesForLoggedinUser.php

<?php
  /*
            Author :  Natesha S
	 Date : 2009-10-24
	 Module : Righths Permission

    */  
  
  
  class GetRightValues
	{
	public $aobj_context;
	public $user_id;
	public $schema_id;
	public $table_name;
    
       //Start :  Constructor
	           function __construct($aobj_context)
	              {
		              session_start();
		              $this->aobj_context=$aobj_context;
		              $aobj_context->mobj_db->SetFetchMode(ADODB_FETCH_ASSOC);
					  $this->user_id = $_SESSION['user_id'];
		              					  
		           }
		//End : Constructor 
		
	  
	function getViewCondition()
		{
			session_start();
			$user_type=$_SESSION['user_type'];
			$user_id=$_SESSION['user_id'];
			$user_dept=$_SESSION['user_dept'];
			
			$get_rights="select  is_view,is_view_group_records,is_view_dep_records,is_view_all_records
			from user_rights where ref_s_sysdb_code={$user_id}
			and module_id={$schema_id}";
			
			$obj_get_rights = $this->aobj_context->mobj_db->GetRow($get_rights);	

			$own=$obj_get_rights[is_view];
			$group=$obj_get_rights[is_view_group_records];
			$dep=$obj_get_rights[is_view_dep_records];
			$all=$obj_get_rights[is_view_all_records];
			$view_cond="";
			if(strtolower($user_type)=='admin' || $all=='1')
			{
				$view_cond=" where 1=1 ";
			}	 
			else
			{					
				if($own=='0')
				{
					$view_cond=" where {$table_name}.created_by=0 ";
				}
				else if($own=='1' && $dep=='0') //checks for Own Records Only
				{
					$view_cond=" where {$table_name}.created_by={$user_id} ";							 
				}
				else if($dep=='1')//checks for Department Records Only
				{
					$get_users_of_department="select GROUP_CONCAT(ref_user_code) as dep_users
					from dept_user_mapping where ref_dept_code={$user_dept}";
					$obj_u_dep = $this->aobj_context->mobj_db->GetRow($get_users_of_department);	
					$dep_users= $obj_u_dep[dep_users];
					$view_cond=" where {$table_name}.created_by in ({$dep_users}) ";
				}
			}

			return $view_cond;			 
	}
} 
   

 
	
 
 function getViewCondition($aobj_context,$schema_id,$table_name)
  {
    $class_obj=new GetRightValues($aobj_context);
	$aobj_context->mobj_db->SetFetchMode(ADODB_FETCH_ASSOC);
	$class_obj->schema_id=$schema_id;	
	$class_obj->table_name=$table_name;	
	return $class_obj->getViewCondition();
	 
  }
 
 
     
?>