51ff3226 |
1 | <?php |
2 | |
3 | class permissions { |
4 | |
5 | function isHierarch($node) { |
6 | |
7 | global $db; |
8 | $user_id=$_SESSION['user_id']; |
9 | if (!$user_id) return false; |
10 | $node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';'); |
11 | $hierarchy=explode(';',$node_vector); |
12 | foreach ($hierarchy as $hierarch) { |
13 | $hierarch=ltrim($hierarch,0); |
14 | $q="select nodes.node_creator,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$_SESSION['user_id']."' where nodes.node_id='$hierarch'"; |
15 | $result=$db->query($q); |
16 | $result->next(); |
17 | if ($result->getString('node_creator')==$user_id) |
18 | return true; |
19 | if ($result->getString('node_permission')=='master') |
20 | return true; |
21 | if ($result->getString('node_creator')=='operator') |
22 | return true; |
23 | if ($user_id == 2045) |
24 | return true; |
25 | } |
26 | return false; |
27 | |
28 | } |
29 | |
30 | function checkPermissions($node) { |
31 | global $db; |
32 | $user_id=$_SESSION['user_id']; |
33 | |
34 | /* |
35 | thousand lights to Hierarchy! |
36 | (check&set procedure for giving permissions for non-public subnodes according |
37 | to bottom-top Hierarchy |
38 | */ |
39 | if (($node['node_system_access']!='public' and $node['node_system_access']!='crypto') and empty($node['node_permission'])) { |
40 | $node_vector=trim(chunk_split($node['node_vector'],VECTOR_CHARS,';'),';'); |
41 | $hierarchy=array_reverse(explode(';',$node_vector)); |
42 | foreach ($hierarchy as $hierarch) { |
43 | $hierarch=ltrim($hierarch,0); |
44 | $q="select nodes.node_creator,nodes.node_system_access,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$_SESSION['user_id']."' where nodes.node_id='$hierarch'"; |
45 | $result=$db->query($q); |
46 | $result->next(); |
47 | $hierarchy_bounce[]=$hierarch; |
48 | |
49 | //if hierarch permission rights are different than that of the node, quit the process changing nothing |
50 | if ($result->getString('node_system_access')!=$node['node_system_access']) { |
51 | break; |
52 | } |
53 | |
54 | //if hierarch node_user relation exist, set it for node also |
55 | elseif ($result->getString('node_permission')!='') { |
56 | array_pop($hierarchy_bounce); |
57 | $node['node_permission']=$result->getString('node_permission'); |
58 | $q="update node_access set node_permission='".$result->getString('node_permission')."' where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'"; |
59 | $updated=$db->update($q); |
60 | if (!$updated && IsSet($_SESSION['user_id'])) { |
61 | $q="insert into node_access set node_permission='".$result->getString('node_permission')."', node_id='".$node['node_id']."',user_id='".$_SESSION['user_id']."'"; |
62 | $db->query($q); |
63 | } |
64 | break; |
65 | } |
66 | |
67 | //similiar.if user is creator of hierarch, give him access |
68 | elseif ($result->getString('node_creator')==$user_id) { |
69 | array_pop($hierarchy_bounce); |
70 | $node['node_permission']='access'; |
71 | $q="update node_access set node_permission='access' where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'"; |
72 | $updated=$db->update($q); |
73 | if (!$updated && IsSet($_SESSION['user_id'])) { |
74 | $q="insert into node_access set node_permission='access', node_id='".$node['node_id']."',user_id='".$_SESSION['user_id']."'"; |
75 | $db->query($q); |
76 | } |
77 | break; |
78 | } |
79 | |
80 | |
81 | |
82 | } |
83 | |
84 | } |
85 | |
86 | |
87 | //setting permissions for not logged in users |
88 | if ($_SESSION['user_id']==$node['node_creator']) { |
89 | $permissions['r']=true; |
90 | $permissions['w']=true; |
91 | } |
92 | |
93 | elseif (!$_SESSION['user_id']) { |
94 | |
95 | if ($node['node_external_access']=='yes' AND ($node['node_system_access']=='public' OR $node['node_system_access']=='moderated' OR $node['node_system_access']=='cube')) { |
96 | $permissions['r']=true; |
97 | $permissions['w']=false; |
98 | |
99 | } |
100 | |
101 | else { |
102 | |
103 | $permissions['r']=false; |
104 | $permissions['w']=false; |
105 | } |
106 | } |
107 | |
108 | //setting permissions for cube node |
109 | |
110 | elseif ($node['node_system_access']=='cube') { |
111 | |
112 | if (strpos($node['node_vector'],$_SESSION['cube_vector'])==true ) { |
113 | $permissions['r']=true; |
114 | $permissions['w']=true; |
115 | } |
116 | elseif (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) { |
117 | $permissions['r']=true; |
118 | $permissions['w']=true; |
119 | } |
120 | |
121 | |
122 | else { |
123 | $permissions['r']=false; |
124 | $permissions['w']=false; |
125 | } |
126 | } |
127 | |
128 | |
129 | //setting permissions for private node |
130 | elseif ($node['node_system_access']=='private') { |
131 | if (empty($node['node_permission'])) { |
132 | $permissions['r']=false; |
133 | $permissions['w']=false; |
134 | } |
135 | elseif ($node['node_permission']=='ban') { |
136 | $permissions['r']=false; |
137 | $permissions['w']=false; |
138 | } |
139 | |
140 | elseif($node['node_permission']=='silence') { |
141 | $permissions['r']=true; |
142 | $permissions['w']=false; |
143 | } |
144 | else { |
145 | |
146 | $permissions['r']=true; |
147 | $permissions['w']=true; |
148 | } |
149 | } |
150 | |
151 | //setting permissions for moderated node |
152 | elseif ($node['node_system_access']=='moderated') { |
153 | if (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) { |
154 | $permissions['r']=true; |
155 | $permissions['w']=true; |
156 | } |
157 | elseif ($node['node_permission']=='ban') { |
158 | $permissions['r']=false; |
159 | $permissions['w']=false; |
160 | } |
161 | |
162 | |
163 | else { |
164 | $permissions['r']=true; |
165 | $permissions['w']=false; |
166 | } |
167 | |
168 | } |
169 | |
170 | //setting rights for public node |
171 | elseif ($node['node_system_access']=='public') { |
172 | if ($node['node_permission']=='silence') { |
173 | $permissions['r']=true; |
174 | $permissions['w']=false; |
175 | } |
176 | |
177 | elseif ($node['node_permission']=='ban') { |
178 | $permissions['r']=false; |
179 | $permissions['w']=false; |
180 | } |
181 | |
182 | |
183 | else { |
184 | $permissions['r']=true; |
185 | $permissions['w']=true; |
186 | } |
187 | } |
188 | |
189 | |
190 | else { |
191 | $permissions['r']=true; |
192 | $permissions['w']=true; |
193 | } |
194 | return $permissions; |
195 | } |
196 | |
197 | } |
198 | |
199 | ?> |