Commit | Line | Data |
---|---|---|
e586807d H |
1 | <?php |
2 | /* This program is free software. It comes without any warranty, to | |
3 | * the extent permitted by applicable law. You can redistribute it | |
4 | * and/or modify it under the terms of the Do What The Fuck You Want | |
5 | * To Public License, Version 2, as published by Sam Hocevar. See | |
6 | * http://sam.zoy.org/wtfpl/COPYING for more details. */ | |
7 | ||
8 | ||
9 | class permissions { | |
10 | ||
11 | function isHierarch($node) { | |
12 | ||
13 | global $db; | |
14 | $user_id=$_SESSION['user_id']; | |
15 | if (!$user_id) return false; | |
16 | $node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';'); | |
17 | $hierarchy=explode(';',$node_vector); | |
18 | foreach ($hierarchy as $hierarch) { | |
19 | $hierarch=ltrim($hierarch,0); | |
20 | $q="select nodes.node_creator,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$_SESSION['user_id']."' where nodes.node_id='$hierarch'"; | |
21 | $result=$db->query($q); | |
22 | $result->next(); | |
23 | if ($result->getString('node_creator')==$user_id) | |
24 | return true; | |
25 | if ($result->getString('node_permission')=='master') | |
26 | return true; | |
27 | if ($result->getString('node_creator')=='operator') | |
28 | return true; | |
29 | if ($user_id == 2045) | |
30 | return true; | |
31 | } | |
32 | return false; | |
33 | ||
34 | } | |
35 | ||
36 | function checkPermissions($node) { | |
37 | global $db; | |
38 | $user_id=$_SESSION['user_id']; | |
39 | ||
40 | /* | |
41 | thousand lights to Hierarchy! | |
42 | (check&set procedure for giving permissions for non-public subnodes according | |
43 | to bottom-top Hierarchy | |
44 | */ | |
45 | if (($node['node_system_access']!='public' and $node['node_system_access']!='crypto') and empty($node['node_permission'])) { | |
46 | $node_vector=trim(chunk_split($node['node_vector'],VECTOR_CHARS,';'),';'); | |
47 | $hierarchy=array_reverse(explode(';',$node_vector)); | |
48 | foreach ($hierarchy as $hierarch) { | |
49 | $hierarch=ltrim($hierarch,0); | |
50 | $q="select nodes.node_creator,nodes.node_system_access,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$_SESSION['user_id']."' where nodes.node_id='$hierarch'"; | |
51 | $result=$db->query($q); | |
52 | $result->next(); | |
53 | $hierarchy_bounce[]=$hierarch; | |
54 | ||
55 | //if hierarch permission rights are different than that of the node, quit the process changing nothing | |
56 | if ($result->getString('node_system_access')!=$node['node_system_access']) { | |
57 | break; | |
58 | } | |
59 | ||
60 | //if hierarch node_user relation exist, set it for node also | |
61 | elseif ($result->getString('node_permission')!='') { | |
62 | array_pop($hierarchy_bounce); | |
63 | $node['node_permission']=$result->getString('node_permission'); | |
64 | $q="update node_access set node_permission='".$result->getString('node_permission')."' where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'"; | |
65 | $updated=$db->update($q); | |
66 | if (!$updated && IsSet($_SESSION['user_id'])) { | |
67 | $q="insert into node_access set node_permission='".$result->getString('node_permission')."', node_id='".$node['node_id']."',user_id='".$_SESSION['user_id']."'"; | |
68 | $db->query($q); | |
69 | } | |
70 | break; | |
71 | } | |
72 | ||
73 | //similiar.if user is creator of hierarch, give him access | |
74 | elseif ($result->getString('node_creator')==$user_id) { | |
75 | array_pop($hierarchy_bounce); | |
76 | $node['node_permission']='access'; | |
77 | $q="update node_access set node_permission='access' where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'"; | |
78 | $updated=$db->update($q); | |
79 | if (!$updated && IsSet($_SESSION['user_id'])) { | |
80 | $q="insert into node_access set node_permission='access', node_id='".$node['node_id']."',user_id='".$_SESSION['user_id']."'"; | |
81 | $db->query($q); | |
82 | } | |
83 | break; | |
84 | } | |
85 | ||
86 | ||
87 | ||
88 | } | |
89 | ||
90 | } | |
91 | ||
92 | ||
93 | //setting permissions for not logged in users | |
94 | if ($_SESSION['user_id']==$node['node_creator']) { | |
95 | $permissions['r']=true; | |
96 | $permissions['w']=true; | |
97 | } | |
98 | ||
99 | elseif (!$_SESSION['user_id']) { | |
100 | ||
101 | if ($node['node_external_access']=='yes' AND ($node['node_system_access']=='public' OR $node['node_system_access']=='moderated' OR $node['node_system_access']=='cube')) { | |
102 | $permissions['r']=true; | |
103 | $permissions['w']=false; | |
104 | ||
105 | } | |
106 | ||
107 | else { | |
108 | ||
109 | $permissions['r']=false; | |
110 | $permissions['w']=false; | |
111 | } | |
112 | } | |
113 | ||
114 | //setting permissions for cube node | |
115 | ||
116 | elseif ($node['node_system_access']=='cube') { | |
117 | ||
118 | if (strpos($node['node_vector'],$_SESSION['cube_vector'])==true ) { | |
119 | $permissions['r']=true; | |
120 | $permissions['w']=true; | |
121 | } | |
122 | elseif (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) { | |
123 | $permissions['r']=true; | |
124 | $permissions['w']=true; | |
125 | } | |
126 | ||
127 | ||
128 | else { | |
129 | $permissions['r']=false; | |
130 | $permissions['w']=false; | |
131 | } | |
132 | } | |
133 | ||
134 | ||
135 | //setting permissions for private node | |
136 | elseif ($node['node_system_access']=='private') { | |
137 | ||
138 | if (empty($node['node_permission'])) { | |
139 | $permissions['r']=false; | |
140 | $permissions['w']=false; | |
141 | } | |
142 | elseif ($node['node_permission']=='ban') { | |
143 | $permissions['r']=false; | |
144 | $permissions['w']=false; | |
145 | } | |
146 | ||
147 | elseif($node['node_permission']=='silence') { | |
148 | $permissions['r']=true; | |
149 | $permissions['w']=false; | |
150 | } | |
151 | else { | |
152 | ||
153 | $permissions['r']=true; | |
154 | $permissions['w']=true; | |
155 | } | |
156 | } | |
157 | ||
158 | //setting permissions for moderated node | |
159 | elseif ($node['node_system_access']=='moderated') { | |
160 | if (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) { | |
161 | $permissions['r']=true; | |
162 | $permissions['w']=true; | |
163 | } | |
164 | elseif ($node['node_permission']=='ban') { | |
165 | $permissions['r']=false; | |
166 | $permissions['w']=false; | |
167 | } | |
168 | ||
169 | ||
170 | else { | |
171 | $permissions['r']=true; | |
172 | $permissions['w']=false; | |
173 | } | |
174 | ||
175 | } | |
176 | ||
177 | //setting rights for public node | |
178 | elseif ($node['node_system_access']=='public') { | |
179 | if ($node['node_permission']=='silence') { | |
180 | $permissions['r']=true; | |
181 | $permissions['w']=false; | |
182 | } | |
183 | ||
184 | elseif ($node['node_permission']=='ban') { | |
185 | $permissions['r']=false; | |
186 | $permissions['w']=false; | |
187 | } | |
188 | ||
189 | ||
190 | else { | |
191 | $permissions['r']=true; | |
192 | $permissions['w']=true; | |
193 | } | |
194 | } | |
195 | ||
196 | ||
197 | else { | |
198 | $permissions['r']=true; | |
199 | $permissions['w']=true; | |
200 | } | |
201 | ||
202 | return $permissions; | |
203 | } | |
204 | ||
205 | } | |
206 | ||
207 | ?> |