| 1 | <?php |
| 2 | |
| 3 | class permissions { |
| 4 | |
| 5 | // XXX not checked |
| 6 | |
| 7 | function isHierarch($node) { |
| 8 | |
| 9 | global $db; |
| 10 | if (IsSet($_SESSION['user_id'])) { |
| 11 | $user_id=$_SESSION['user_id']; |
| 12 | } else { |
| 13 | $user_id=0; |
| 14 | } |
| 15 | if (!$user_id) return false; |
| 16 | |
| 17 | $node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';'); |
| 18 | $hierarchy=explode(';',$node_vector); |
| 19 | foreach ($hierarchy as $hierarch) { |
| 20 | $hierarch=ltrim($hierarch,0); |
| 21 | $q="select nodes.node_creator,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$user_id."' where nodes.node_id='$hierarch'"; |
| 22 | $result=$db->query($q); |
| 23 | $result->next(); |
| 24 | if ($result->getString('node_creator')==$user_id) |
| 25 | return true; |
| 26 | if ($result->getString('node_permission')=='master') |
| 27 | return true; |
| 28 | if ($result->getString('node_creator')=='operator') |
| 29 | return true; |
| 30 | } |
| 31 | return false; |
| 32 | |
| 33 | } |
| 34 | |
| 35 | //trillion lights to Hierarchy! |
| 36 | //$node input parameter can be a numeric node_id of a node-to-be-checked or a hash containing node_id,node_vector |
| 37 | public static function checkPerms($node) { |
| 38 | // new permissions checking |
| 39 | global $db; |
| 40 | |
| 41 | if (is_array($node)) { |
| 42 | $node_id=$node['node_id']; |
| 43 | $node_vector=$node['node_vector']; |
| 44 | } |
| 45 | |
| 46 | elseif (is_numeric($node)) { |
| 47 | $node_id=$node; |
| 48 | } |
| 49 | |
| 50 | |
| 51 | if (empty($node_vector)) { |
| 52 | $set=$db->query("select node_vector from nodes where node_id='$node_id'"); |
| 53 | $set->next(); |
| 54 | $node_vector=$set->getString('node_vector'); |
| 55 | } |
| 56 | |
| 57 | $user_id=(empty($_SESSION['user_id'])) ? "" : $_SESSION['user_id']; |
| 58 | |
| 59 | $perms['r'] = 0; |
| 60 | $perms['w'] = 0; |
| 61 | $perms['node_permission'] = ''; |
| 62 | $perms['node_system_access'] = ''; |
| 63 | $perms['node_external_access'] = ''; |
| 64 | |
| 65 | if (!is_numeric($node_id)) |
| 66 | return $perms; |
| 67 | |
| 68 | $nv_arr = str_split($node_vector, VECTOR_CHARS); |
| 69 | $nv_arr = array_map('intval', $nv_arr); |
| 70 | $node_list = implode(', ', $nv_arr); |
| 71 | $node_list.=",$node_id"; |
| 72 | |
| 73 | $q_np = sprintf('select n.node_id, n.node_creator, length(n.node_vector) as nv_length |
| 74 | , n.node_system_access, n.node_external_access, na.node_permission |
| 75 | from nodes n |
| 76 | left join node_access na on na.node_id = n.node_id |
| 77 | and na.user_id = %d |
| 78 | where n.node_id in(%s) |
| 79 | order by nv_length desc', $user_id, $node_list); |
| 80 | |
| 81 | $qr_np = $db->query($q_np); |
| 82 | |
| 83 | while ($qr_np->next()) { |
| 84 | // nastavim si prava hlavnej zvolenej nody |
| 85 | if ($perms['node_permission'] == '' && $perms['node_system_access'] == '') { |
| 86 | |
| 87 | $perms['node_permission'] = $qr_np->getString('node_permission'); |
| 88 | $perms['node_system_access'] = $qr_np->getString('node_system_access'); |
| 89 | $perms['node_external_access'] = $qr_np->getString('node_external_access'); |
| 90 | |
| 91 | // external access must go first |
| 92 | if ($user_id == "") { |
| 93 | if ($perms['node_system_access'] != 'private' |
| 94 | && $perms['node_external_access'] == 'yes') { |
| 95 | $perms['r'] = 1; |
| 96 | $perms['w'] = 0; |
| 97 | break; |
| 98 | } else { |
| 99 | $perms['r'] = 0; |
| 100 | $perms['w'] = 0; |
| 101 | break; |
| 102 | } |
| 103 | } |
| 104 | |
| 105 | // r/w prava podla system accessu |
| 106 | if ($perms['node_system_access'] == 'public') { |
| 107 | $perms['r'] = 1; |
| 108 | $perms['w'] = 1; |
| 109 | } |
| 110 | elseif ($perms['node_system_access'] == 'moderated') { |
| 111 | $perms['r'] = 1; |
| 112 | $perms['w'] = 0; |
| 113 | } |
| 114 | elseif ($perms['node_system_access'] == 'private') { |
| 115 | $perms['r'] = 0; |
| 116 | $perms['w'] = 0; |
| 117 | } |
| 118 | |
| 119 | if ($qr_np->getInt('node_creator') == $user_id) { |
| 120 | $perms['node_permission'] = 'owner'; |
| 121 | $perms['r'] = 1; |
| 122 | $perms['w'] = 1; |
| 123 | break; |
| 124 | } |
| 125 | |
| 126 | } // if ($perms['node_permission'] == '' && $perms['node_system_access'] == '') |
| 127 | else { |
| 128 | // ked som v public alebo moderated fore a dalsie nadradene su uz privatne |
| 129 | if ($node_system_access != 'private' && $qr_np->getString('node_system_access') == 'private') |
| 130 | break; |
| 131 | // ked som v privatnom fore a dalsie nadradene su public alebo moderated |
| 132 | if ($node_system_access == 'private' && $qr_np->getString('node_system_access') != 'private') |
| 133 | break; |
| 134 | } |
| 135 | |
| 136 | $node_permission = $qr_np->getString('node_permission'); |
| 137 | $node_system_access = $qr_np->getString('node_system_access'); |
| 138 | |
| 139 | // nastavim r/w podla permissions a skoncim to |
| 140 | if ($node_permission == 'ban') { |
| 141 | $perms['r'] = 0; |
| 142 | $perms['w'] = 0; |
| 143 | break; |
| 144 | } |
| 145 | elseif ($node_permission == 'silence') { |
| 146 | $perms['r'] = 1; |
| 147 | $perms['w'] = 0; |
| 148 | break; |
| 149 | } |
| 150 | elseif ($node_permission == 'op') { |
| 151 | $perms['r'] = 1; |
| 152 | $perms['w'] = 1; |
| 153 | break; |
| 154 | } |
| 155 | elseif ($node_permission == 'master') { |
| 156 | $perms['r'] = 1; |
| 157 | $perms['w'] = 1; |
| 158 | break; |
| 159 | } |
| 160 | elseif ($node_permission == 'access') { |
| 161 | $perms['r'] = 1; |
| 162 | $perms['w'] = 1; |
| 163 | break; |
| 164 | } |
| 165 | |
| 166 | if ($qr_np->getString('node_creator') == $user_id) { |
| 167 | $perms['node_permission'] = 'owner'; |
| 168 | $perms['r'] = 1; |
| 169 | $perms['w'] = 1; |
| 170 | break; |
| 171 | } |
| 172 | |
| 173 | } |
| 174 | return $perms; |
| 175 | } |
| 176 | |
| 177 | } |
| 178 | |
| 179 | ?> |