cmdbobject.class.inc.php 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585
  1. <?php
  2. // Copyright (C) 2010 Combodo SARL
  3. //
  4. // This program is free software; you can redistribute it and/or modify
  5. // it under the terms of the GNU General Public License as published by
  6. // the Free Software Foundation; version 3 of the License.
  7. //
  8. // This program is distributed in the hope that it will be useful,
  9. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  10. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  11. // GNU General Public License for more details.
  12. //
  13. // You should have received a copy of the GNU General Public License
  14. // along with this program; if not, write to the Free Software
  15. // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  16. /**
  17. * Class cmdbObject
  18. *
  19. * @author Erwan Taloc <erwan.taloc@combodo.com>
  20. * @author Romain Quetiez <romain.quetiez@combodo.com>
  21. * @author Denis Flaven <denis.flaven@combodo.com>
  22. * @license http://www.opensource.org/licenses/gpl-3.0.html LGPL
  23. */
  24. /**
  25. * cmdbObjectClass
  26. * the file to include, then the core is yours
  27. *
  28. * @package iTopORM
  29. */
  30. require_once('coreexception.class.inc.php');
  31. require_once('config.class.inc.php');
  32. require_once('log.class.inc.php');
  33. require_once('kpi.class.inc.php');
  34. require_once('dict.class.inc.php');
  35. require_once('attributedef.class.inc.php');
  36. require_once('filterdef.class.inc.php');
  37. require_once('stimulus.class.inc.php');
  38. require_once('valuesetdef.class.inc.php');
  39. require_once('MyHelpers.class.inc.php');
  40. require_once('expression.class.inc.php');
  41. require_once('cmdbsource.class.inc.php');
  42. require_once('sqlquery.class.inc.php');
  43. require_once('oql/oqlquery.class.inc.php');
  44. require_once('oql/oqlexception.class.inc.php');
  45. require_once('oql/oql-parser.php');
  46. require_once('oql/oql-lexer.php');
  47. require_once('oql/oqlinterpreter.class.inc.php');
  48. require_once('dbobject.class.php');
  49. require_once('dbobjectsearch.class.php');
  50. require_once('dbobjectset.class.php');
  51. require_once('backgroundprocess.inc.php');
  52. require_once('asynctask.class.inc.php');
  53. require_once('dbproperty.class.inc.php');
  54. // db change tracking data model
  55. require_once('cmdbchange.class.inc.php');
  56. require_once('cmdbchangeop.class.inc.php');
  57. // customization data model
  58. // Romain: temporary moved into application.inc.php (see explanations there)
  59. //require_once('trigger.class.inc.php');
  60. //require_once('action.class.inc.php');
  61. // application log
  62. // Romain: temporary moved into application.inc.php (see explanations there)
  63. //require_once('event.class.inc.php');
  64. require_once('templatestring.class.inc.php');
  65. require_once('csvparser.class.inc.php');
  66. require_once('bulkchange.class.inc.php');
  67. /**
  68. * A persistent object, which changes are accurately recorded
  69. *
  70. * @package iTopORM
  71. */
  72. abstract class CMDBObject extends DBObject
  73. {
  74. protected $m_datCreated;
  75. protected $m_datUpdated;
  76. // Note: this value is static, but that could be changed because it is sometimes a real issue (see update of interfaces / connected_to
  77. protected static $m_oCurrChange = null;
  78. public static function SetCurrentChange(CMDBChange $oChange)
  79. {
  80. self::$m_oCurrChange = $oChange;
  81. }
  82. //
  83. // Todo: simplify the APIs and do not pass the current change as an argument anymore
  84. // SetCurrentChange to be invoked in very few cases (UI.php, CSV import, Data synchro)
  85. // GetCurrentChange to be called ONCE (!) by CMDBChangeOp::OnInsert ($this->Set('change', ..GetCurrentChange())
  86. // GetCurrentChange to create a default change if not already done in the current context
  87. //
  88. public static function GetCurrentChange()
  89. {
  90. return self::$m_oCurrChange;
  91. }
  92. private function RecordObjCreation(CMDBChange $oChange)
  93. {
  94. $oMyChangeOp = MetaModel::NewObject("CMDBChangeOpCreate");
  95. $oMyChangeOp->Set("change", $oChange->GetKey());
  96. $oMyChangeOp->Set("objclass", get_class($this));
  97. $oMyChangeOp->Set("objkey", $this->GetKey());
  98. $iId = $oMyChangeOp->DBInsertNoReload();
  99. }
  100. private function RecordObjDeletion(CMDBChange $oChange, $objkey)
  101. {
  102. $oMyChangeOp = MetaModel::NewObject("CMDBChangeOpDelete");
  103. $oMyChangeOp->Set("change", $oChange->GetKey());
  104. $oMyChangeOp->Set("objclass", get_class($this));
  105. $oMyChangeOp->Set("objkey", $objkey);
  106. $iId = $oMyChangeOp->DBInsertNoReload();
  107. }
  108. private function RecordAttChanges(CMDBChange $oChange, array $aValues, array $aOrigValues)
  109. {
  110. // $aValues is an array of $sAttCode => $value
  111. //
  112. foreach ($aValues as $sAttCode=> $value)
  113. {
  114. $oAttDef = MetaModel::GetAttributeDef(get_class($this), $sAttCode);
  115. if ($oAttDef->IsExternalField()) continue; // #@# temporary
  116. if ($oAttDef->IsLinkSet()) continue; // #@# temporary
  117. if (array_key_exists($sAttCode, $aOrigValues))
  118. {
  119. $original = $aOrigValues[$sAttCode];
  120. }
  121. else
  122. {
  123. $original = null;
  124. }
  125. if ($oAttDef instanceOf AttributeOneWayPassword)
  126. {
  127. // One Way encrypted passwords' history is stored -one way- encrypted
  128. $oMyChangeOp = MetaModel::NewObject("CMDBChangeOpSetAttributeOneWayPassword");
  129. $oMyChangeOp->Set("change", $oChange->GetKey());
  130. $oMyChangeOp->Set("objclass", get_class($this));
  131. $oMyChangeOp->Set("objkey", $this->GetKey());
  132. $oMyChangeOp->Set("attcode", $sAttCode);
  133. if (is_null($original))
  134. {
  135. $original = '';
  136. }
  137. $oMyChangeOp->Set("prev_pwd", $original);
  138. $iId = $oMyChangeOp->DBInsertNoReload();
  139. }
  140. elseif ($oAttDef instanceOf AttributeEncryptedString)
  141. {
  142. // Encrypted string history is stored encrypted
  143. $oMyChangeOp = MetaModel::NewObject("CMDBChangeOpSetAttributeEncrypted");
  144. $oMyChangeOp->Set("change", $oChange->GetKey());
  145. $oMyChangeOp->Set("objclass", get_class($this));
  146. $oMyChangeOp->Set("objkey", $this->GetKey());
  147. $oMyChangeOp->Set("attcode", $sAttCode);
  148. if (is_null($original))
  149. {
  150. $original = '';
  151. }
  152. $oMyChangeOp->Set("prevstring", $original);
  153. $iId = $oMyChangeOp->DBInsertNoReload();
  154. }
  155. elseif ($oAttDef instanceOf AttributeBlob)
  156. {
  157. // Data blobs
  158. $oMyChangeOp = MetaModel::NewObject("CMDBChangeOpSetAttributeBlob");
  159. $oMyChangeOp->Set("change", $oChange->GetKey());
  160. $oMyChangeOp->Set("objclass", get_class($this));
  161. $oMyChangeOp->Set("objkey", $this->GetKey());
  162. $oMyChangeOp->Set("attcode", $sAttCode);
  163. if (is_null($original))
  164. {
  165. $original = new ormDocument();
  166. }
  167. $oMyChangeOp->Set("prevdata", $original);
  168. $iId = $oMyChangeOp->DBInsertNoReload();
  169. }
  170. elseif ($oAttDef instanceOf AttributeStopWatch)
  171. {
  172. // Stop watches - record changes for sub items only (they are visible, the rest is not visible)
  173. //
  174. if (is_null($original))
  175. {
  176. $original = new OrmStopWatch();
  177. }
  178. foreach ($oAttDef->ListSubItems() as $sSubItemAttCode => $oSubItemAttDef)
  179. {
  180. $item_value = $oSubItemAttDef->GetValue($value);
  181. $item_original = $oSubItemAttDef->GetValue($original);
  182. if ($item_value != $item_original)
  183. {
  184. $oMyChangeOp = MetaModel::NewObject("CMDBChangeOpSetAttributeScalar");
  185. $oMyChangeOp->Set("change", $oChange->GetKey());
  186. $oMyChangeOp->Set("objclass", get_class($this));
  187. $oMyChangeOp->Set("objkey", $this->GetKey());
  188. $oMyChangeOp->Set("attcode", $sSubItemAttCode);
  189. $oMyChangeOp->Set("oldvalue", $item_original);
  190. $oMyChangeOp->Set("newvalue", $item_value);
  191. $iId = $oMyChangeOp->DBInsertNoReload();
  192. }
  193. }
  194. }
  195. elseif ($oAttDef instanceOf AttributeCaseLog)
  196. {
  197. $oMyChangeOp = MetaModel::NewObject("CMDBChangeOpSetAttributeCaseLog");
  198. $oMyChangeOp->Set("change", $oChange->GetKey());
  199. $oMyChangeOp->Set("objclass", get_class($this));
  200. $oMyChangeOp->Set("objkey", $this->GetKey());
  201. $oMyChangeOp->Set("attcode", $sAttCode);
  202. $oMyChangeOp->Set("lastentry", $value->GetLatestEntryIndex());
  203. $iId = $oMyChangeOp->DBInsertNoReload();
  204. }
  205. elseif ($oAttDef instanceOf AttributeText)
  206. {
  207. // Data blobs
  208. $oMyChangeOp = MetaModel::NewObject("CMDBChangeOpSetAttributeText");
  209. $oMyChangeOp->Set("change", $oChange->GetKey());
  210. $oMyChangeOp->Set("objclass", get_class($this));
  211. $oMyChangeOp->Set("objkey", $this->GetKey());
  212. $oMyChangeOp->Set("attcode", $sAttCode);
  213. if (!is_null($original) && ($original instanceof ormCaseLog))
  214. {
  215. $original = $original->GetText();
  216. }
  217. $oMyChangeOp->Set("prevdata", $original);
  218. $iId = $oMyChangeOp->DBInsertNoReload();
  219. }
  220. else
  221. {
  222. // Scalars
  223. //
  224. $oMyChangeOp = MetaModel::NewObject("CMDBChangeOpSetAttributeScalar");
  225. $oMyChangeOp->Set("change", $oChange->GetKey());
  226. $oMyChangeOp->Set("objclass", get_class($this));
  227. $oMyChangeOp->Set("objkey", $this->GetKey());
  228. $oMyChangeOp->Set("attcode", $sAttCode);
  229. if (is_null($original))
  230. {
  231. $original = 'undefined';
  232. }
  233. $oMyChangeOp->Set("oldvalue", $original);
  234. $oMyChangeOp->Set("newvalue", $value);
  235. $iId = $oMyChangeOp->DBInsertNoReload();
  236. }
  237. }
  238. }
  239. /**
  240. * Helper to ultimately check user rights before writing (Insert, Update or Delete)
  241. * The check should never fail, because the UI should prevent from such a usage
  242. * Anyhow, if the user has found a workaround... the security gets enforced here
  243. */
  244. protected function CheckUserRights($bSkipStrongSecurity, $iActionCode)
  245. {
  246. if (is_null($bSkipStrongSecurity))
  247. {
  248. // This is temporary
  249. // We have implemented this safety net right before releasing iTop 1.0
  250. // and we decided that it was too risky to activate it
  251. // Anyhow, users willing to have a very strong security could set
  252. // skip_strong_security = 0, in the config file
  253. $bSkipStrongSecurity = MetaModel::GetConfig()->Get('skip_strong_security');
  254. }
  255. if (!$bSkipStrongSecurity)
  256. {
  257. $sClass = get_class($this);
  258. $oSet = DBObjectSet::FromObject($this);
  259. if (!UserRights::IsActionAllowed($sClass, $iActionCode, $oSet))
  260. {
  261. // Intrusion detected
  262. throw new SecurityException('You are not allowed to modify objects of class: '.$sClass);
  263. }
  264. }
  265. }
  266. public function DBInsert()
  267. {
  268. if(!is_object(self::$m_oCurrChange))
  269. {
  270. throw new CoreException("DBInsert() could not be used here, please use DBInsertTracked() instead");
  271. }
  272. return $this->DBInsertTracked_Internal();
  273. }
  274. public function DBInsertTracked(CMDBChange $oChange, $bSkipStrongSecurity = null)
  275. {
  276. $this->CheckUserRights($bSkipStrongSecurity, UR_ACTION_MODIFY);
  277. $oPreviousChange = self::$m_oCurrChange;
  278. self::$m_oCurrChange = $oChange;
  279. $ret = $this->DBInsertTracked_Internal();
  280. self::$m_oCurrChange = $oPreviousChange;
  281. return $ret;
  282. }
  283. public function DBInsertTrackedNoReload(CMDBChange $oChange, $bSkipStrongSecurity = null)
  284. {
  285. $this->CheckUserRights($bSkipStrongSecurity, UR_ACTION_MODIFY);
  286. $oPreviousChange = self::$m_oCurrChange;
  287. self::$m_oCurrChange = $oChange;
  288. $ret = $this->DBInsertTracked_Internal(true);
  289. self::$m_oCurrChange = $oPreviousChange;
  290. return $ret;
  291. }
  292. protected function DBInsertTracked_Internal($bDoNotReload = false)
  293. {
  294. if ($bDoNotReload)
  295. {
  296. $ret = parent::DBInsertNoReload();
  297. }
  298. else
  299. {
  300. $ret = parent::DBInsert();
  301. }
  302. $this->RecordObjCreation(self::$m_oCurrChange);
  303. return $ret;
  304. }
  305. public function DBClone($newKey = null)
  306. {
  307. if(!self::$m_oCurrChange)
  308. {
  309. throw new CoreException("DBClone() could not be used here, please use DBCloneTracked() instead");
  310. }
  311. return $this->DBCloneTracked_Internal();
  312. }
  313. public function DBCloneTracked(CMDBChange $oChange, $newKey = null)
  314. {
  315. $oPreviousChange = self::$m_oCurrChange;
  316. self::$m_oCurrChange = $oChange;
  317. $this->DBCloneTracked_Internal($newKey);
  318. self::$m_oCurrChange = $oPreviousChange;
  319. }
  320. protected function DBCloneTracked_Internal($newKey = null)
  321. {
  322. $newKey = parent::DBClone($newKey);
  323. $oClone = MetaModel::GetObject(get_class($this), $newKey);
  324. $oClone->RecordObjCreation(self::$m_oCurrChange);
  325. return $newKey;
  326. }
  327. public function DBUpdate()
  328. {
  329. if(!self::$m_oCurrChange)
  330. {
  331. throw new CoreException("DBUpdate() could not be used here, please use DBUpdateTracked() instead");
  332. }
  333. return $this->DBUpdateTracked_internal();
  334. }
  335. public function DBUpdateTracked(CMDBChange $oChange, $bSkipStrongSecurity = null)
  336. {
  337. $this->CheckUserRights($bSkipStrongSecurity, UR_ACTION_MODIFY);
  338. $oPreviousChange = self::$m_oCurrChange;
  339. self::$m_oCurrChange = $oChange;
  340. $this->DBUpdateTracked_Internal();
  341. self::$m_oCurrChange = $oPreviousChange;
  342. }
  343. protected function DBUpdateTracked_Internal()
  344. {
  345. // Copy the changes list before the update (the list should be reset afterwards)
  346. $aChanges = $this->ListChanges();
  347. if (count($aChanges) == 0)
  348. {
  349. //throw new CoreWarning("Attempting to update an unchanged object");
  350. return;
  351. }
  352. // Save the original values (will be reset to the new values when the object get written to the DB)
  353. $aOriginalValues = $this->m_aOrigValues;
  354. $ret = parent::DBUpdate();
  355. $this->RecordAttChanges(self::$m_oCurrChange, $aChanges, $aOriginalValues);
  356. return $ret;
  357. }
  358. public function DBDelete(&$oDeletionPlan = null)
  359. {
  360. if(!self::$m_oCurrChange)
  361. {
  362. throw new CoreException("DBDelete() could not be used here, please use DBDeleteTracked() instead");
  363. }
  364. return $this->DBDeleteTracked_Internal($oDeletionPlan);
  365. }
  366. public function DBDeleteTracked(CMDBChange $oChange, $bSkipStrongSecurity = null, &$oDeletionPlan = null)
  367. {
  368. $this->CheckUserRights($bSkipStrongSecurity, UR_ACTION_DELETE);
  369. $oPreviousChange = self::$m_oCurrChange;
  370. self::$m_oCurrChange = $oChange;
  371. $this->DBDeleteTracked_Internal($oDeletionPlan);
  372. self::$m_oCurrChange = $oPreviousChange;
  373. }
  374. protected function DBDeleteTracked_Internal(&$oDeletionPlan = null)
  375. {
  376. $prevkey = $this->GetKey();
  377. $ret = parent::DBDelete($oDeletionPlan);
  378. $this->RecordObjDeletion(self::$m_oCurrChange, $prevkey);
  379. return $ret;
  380. }
  381. public static function BulkDelete(DBObjectSearch $oFilter)
  382. {
  383. if(!self::$m_oCurrChange)
  384. {
  385. throw new CoreException("BulkDelete() could not be used here, please use BulkDeleteTracked() instead");
  386. }
  387. return $this->BulkDeleteTracked_Internal($oFilter);
  388. }
  389. public static function BulkDeleteTracked(CMDBChange $oChange, DBObjectSearch $oFilter)
  390. {
  391. $oPreviousChange = self::$m_oCurrChange;
  392. self::$m_oCurrChange = $oChange;
  393. $this->BulkDeleteTracked_Internal($oFilter);
  394. self::$m_oCurrChange = $oPreviousChange;
  395. }
  396. protected static function BulkDeleteTracked_Internal(DBObjectSearch $oFilter)
  397. {
  398. throw new CoreWarning("Change tracking not tested for bulk operations");
  399. // Get the list of objects to delete (and record data before deleting the DB records)
  400. $oObjSet = new CMDBObjectSet($oFilter);
  401. $aObjAndKeys = array(); // array of id=>object
  402. while ($oItem = $oObjSet->Fetch())
  403. {
  404. $aObjAndKeys[$oItem->GetKey()] = $oItem;
  405. }
  406. $oObjSet->FreeResult();
  407. // Delete in one single efficient query
  408. $ret = parent::BulkDelete($oFilter);
  409. // Record... in many queries !!!
  410. foreach($aObjAndKeys as $prevkey=>$oItem)
  411. {
  412. $oItem->RecordObjDeletion(self::$m_oCurrChange, $prevkey);
  413. }
  414. return $ret;
  415. }
  416. public static function BulkUpdate(DBObjectSearch $oFilter, array $aValues)
  417. {
  418. if(!self::$m_oCurrChange)
  419. {
  420. throw new CoreException("BulkUpdate() could not be used here, please use BulkUpdateTracked() instead");
  421. }
  422. return $this->BulkUpdateTracked_Internal($oFilter, $aValues);
  423. }
  424. public static function BulkUpdateTracked(CMDBChange $oChange, DBObjectSearch $oFilter, array $aValues)
  425. {
  426. $oPreviousChange = self::$m_oCurrChange;
  427. self::$m_oCurrChange = $oChange;
  428. $this->BulkUpdateTracked_Internal($oFilter, $aValues);
  429. self::$m_oCurrChange = $oPreviousChange;
  430. }
  431. protected static function BulkUpdateTracked_Internal(DBObjectSearch $oFilter, array $aValues)
  432. {
  433. // $aValues is an array of $sAttCode => $value
  434. // Get the list of objects to update (and load it before doing the change)
  435. $oObjSet = new CMDBObjectSet($oFilter);
  436. $oObjSet->Load();
  437. // Keep track of the previous values (will be overwritten when the objects are synchronized with the DB)
  438. $aOriginalValues = array();
  439. $oObjSet->Rewind();
  440. while ($oItem = $oObjSet->Fetch())
  441. {
  442. $aOriginalValues[$oItem->GetKey()] = $oItem->m_aOrigValues;
  443. }
  444. // Update in one single efficient query
  445. $ret = parent::BulkUpdate($oFilter, $aValues);
  446. // Record... in many queries !!!
  447. $oObjSet->Rewind();
  448. while ($oItem = $oObjSet->Fetch())
  449. {
  450. $aChangedValues = $oItem->ListChangedValues($aValues);
  451. $oItem->RecordAttChanges(self::$m_oCurrChange, $aChangedValues, $aOriginalValues[$oItem->GetKey()]);
  452. }
  453. return $ret;
  454. }
  455. }
  456. /**
  457. * TODO: investigate how to get rid of this class that was made to workaround some language limitation... or a poor design!
  458. *
  459. * @package iTopORM
  460. */
  461. class CMDBObjectSet extends DBObjectSet
  462. {
  463. // this is the public interface (?)
  464. // I have to define those constructors here... :-(
  465. // just to get the right object class in return.
  466. // I have to think again to those things: maybe it will work fine if a have a constructor define here (?)
  467. static public function FromScratch($sClass)
  468. {
  469. $oFilter = new CMDBSearchFilter($sClass);
  470. $oFilter->AddConditionExpression(new FalseExpression());
  471. $oRetSet = new self($oFilter);
  472. // NOTE: THIS DOES NOT WORK IF m_bLoaded is private in the base class (and you will not get any error message)
  473. $oRetSet->m_bLoaded = true; // no DB load
  474. return $oRetSet;
  475. }
  476. // create an object set ex nihilo
  477. // input = array of objects
  478. static public function FromArray($sClass, $aObjects)
  479. {
  480. $oRetSet = self::FromScratch($sClass);
  481. $oRetSet->AddObjectArray($aObjects, $sClass);
  482. return $oRetSet;
  483. }
  484. static public function FromArrayAssoc($aClasses, $aObjects)
  485. {
  486. // In a perfect world, we should create a complete tree of DBObjectSearch,
  487. // but as we lack most of the information related to the objects,
  488. // let's create one search definition
  489. $sClass = reset($aClasses);
  490. $sAlias = key($aClasses);
  491. $oFilter = new CMDBSearchFilter($sClass, $sAlias);
  492. $oRetSet = new CMDBObjectSet($oFilter);
  493. $oRetSet->m_bLoaded = true; // no DB load
  494. foreach($aObjects as $rowIndex => $aObjectsByClassAlias)
  495. {
  496. $oRetSet->AddObjectExtended($aObjectsByClassAlias);
  497. }
  498. return $oRetSet;
  499. }
  500. }
  501. /**
  502. * TODO: investigate how to get rid of this class that was made to workaround some language limitation... or a poor design!
  503. *
  504. * @package iTopORM
  505. */
  506. class CMDBSearchFilter extends DBObjectSearch
  507. {
  508. // this is the public interface (?)
  509. }
  510. ?>