| 1 | <?php |
| 2 | |
| 3 | class permissions { |
| 4 | |
| 5 | //trillion lights to Hierarchy! |
| 6 | function checkPerms($node) { |
| 7 | // new permissions checking |
| 8 | global $db; |
| 9 | $node_id=$node['node_id']; |
| 10 | $node_vector=$node['node_vector']; |
| 11 | $user_id = $_SESSION['user_id']; |
| 12 | |
| 13 | $perms['r'] = 0; |
| 14 | $perms['w'] = 0; |
| 15 | $perms['node_permission'] = ''; |
| 16 | $perms['node_system_access'] = ''; |
| 17 | $perms['node_external_access'] = ''; |
| 18 | |
| 19 | if (!is_numeric($node_id)) |
| 20 | return $perms; |
| 21 | |
| 22 | $nv_arr = str_split($node_vector, VECTOR_CHARS); |
| 23 | $nv_arr = array_map('intval', $nv_arr); |
| 24 | $node_list = implode(', ', $nv_arr); |
| 25 | |
| 26 | $q_np = sprintf('select n.node_id, n.node_creator, length(n.node_vector) as nv_length |
| 27 | , n.node_system_access, n.node_external_access, na.node_permission |
| 28 | from nodes n |
| 29 | left join node_access na on na.node_id = n.node_id |
| 30 | and na.user_id = %d |
| 31 | where n.node_id in(%s) |
| 32 | order by nv_length desc', $user_id, $node_list); |
| 33 | $qr_np = $db->query($q_np); |
| 34 | |
| 35 | while ($qr_np->next()) { |
| 36 | // nastavim si prava hlavnej zvolenej nody |
| 37 | if ($perms['node_permission'] == '' && $perms['node_system_access'] == '') { |
| 38 | |
| 39 | $perms['node_permission'] = $qr_np->getString('node_permission'); |
| 40 | $perms['node_system_access'] = $qr_np->getString('node_system_access'); |
| 41 | $perms['node_external_access'] = $qr_np->getString('node_external_access'); |
| 42 | |
| 43 | // r/w prava podla system accessu |
| 44 | if ($perms['node_system_access'] == 'public') { |
| 45 | $perms['r'] = 1; |
| 46 | $perms['w'] = 1; |
| 47 | } |
| 48 | elseif ($perms['node_system_access'] == 'moderated') { |
| 49 | $perms['r'] = 1; |
| 50 | $perms['w'] = 0; |
| 51 | } |
| 52 | elseif ($perms['node_system_access'] == 'private') { |
| 53 | $perms['r'] = 0; |
| 54 | $perms['w'] = 0; |
| 55 | } |
| 56 | |
| 57 | if ($qr_np->getInt('node_creator') == $user_id) { |
| 58 | $perms['node_permission'] = 'owner'; |
| 59 | $perms['r'] = 1; |
| 60 | $perms['w'] = 1; |
| 61 | break; |
| 62 | } |
| 63 | |
| 64 | if ($perms['node_system_access'] != 'private' |
| 65 | && !$_SESSION['user_id'] |
| 66 | && $perms['node_external_access'] == 'yes') { |
| 67 | $perms['r'] = 1; |
| 68 | $perms['w'] = 0; |
| 69 | break; |
| 70 | } |
| 71 | |
| 72 | } // if ($perms['node_permission'] == '' && $perms['node_system_access'] == '') |
| 73 | else { |
| 74 | // ked som v public alebo moderated fore a dalsie nadradene su uz privatne |
| 75 | if ($node_system_access != 'private' && $qr_np->getString('node_system_access') == 'private') |
| 76 | break; |
| 77 | // ked som v privatnom fore a dalsie nadradene su public alebo moderated |
| 78 | if ($node_system_access == 'private' && $qr_np->getString('node_system_access') != 'private') |
| 79 | break; |
| 80 | } |
| 81 | |
| 82 | $node_permission = $qr_np->getString('node_permission'); |
| 83 | $node_system_access = $qr_np->getString('node_system_access'); |
| 84 | |
| 85 | // nastavim r/w podla permissions a skoncim to |
| 86 | if ($node_permission == 'ban') { |
| 87 | $perms['r'] = 0; |
| 88 | $perms['w'] = 0; |
| 89 | break; |
| 90 | } |
| 91 | elseif ($node_permission == 'silence') { |
| 92 | $perms['r'] = 1; |
| 93 | $perms['w'] = 0; |
| 94 | break; |
| 95 | } |
| 96 | elseif ($node_permission == 'op') { |
| 97 | $perms['r'] = 1; |
| 98 | $perms['w'] = 1; |
| 99 | break; |
| 100 | } |
| 101 | elseif ($node_permission == 'master') { |
| 102 | $perms['r'] = 1; |
| 103 | $perms['w'] = 1; |
| 104 | break; |
| 105 | } |
| 106 | elseif ($node_permission == 'access') { |
| 107 | $perms['r'] = 1; |
| 108 | $perms['w'] = 1; |
| 109 | break; |
| 110 | } |
| 111 | |
| 112 | if ($qr_np->getInt('node_creator') == $user_id) { |
| 113 | $perms['node_permission'] = 'owner'; |
| 114 | $perms['r'] = 1; |
| 115 | $perms['w'] = 1; |
| 116 | break; |
| 117 | } |
| 118 | |
| 119 | } |
| 120 | return $perms; |
| 121 | } |
| 122 | |
| 123 | } |
| 124 | |
| 125 | ?> |