X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Fbackend%2Fmysql%2Fpermissions.inc;h=ace0e60a911f4d36b279cdf4d06afbda466f7b5b;hb=HEAD;hp=234221cd546a64af9d18426dac5e1797d92aef69;hpb=202c37b7ea3edb43a2e45b769aab089effb009f6;p=mirrors%2FKyberia-bloodline.git

diff --git a/wwwroot/backend/mysql/permissions.inc b/wwwroot/backend/mysql/permissions.inc
index 234221c..ace0e60 100644
--- a/wwwroot/backend/mysql/permissions.inc
+++ b/wwwroot/backend/mysql/permissions.inc
@@ -2,6 +2,36 @@
 
 class permissions {
 
+// XXX not checked 
+
+function isHierarch($node) {
+
+	global $db;
+	if (IsSet($_SESSION['user_id'])) {
+	        $user_id=$_SESSION['user_id'];
+	} else {
+	        $user_id=0;
+	}
+	if (!$user_id) return false;
+
+	$node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';');
+	$hierarchy=explode(';',$node_vector);
+	foreach ($hierarchy as $hierarch) {
+		$hierarch=ltrim($hierarch,0);
+		$q="select nodes.node_creator,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$user_id."' where nodes.node_id='$hierarch'";
+		$result=$db->query($q);
+		$result->next();
+		if ($result->getString('node_creator')==$user_id)
+			return true;
+		if ($result->getString('node_permission')=='master')
+			return true;
+		if ($result->getString('node_creator')=='operator')
+			return true;
+	}
+	return false;
+
+}
+
 //trillion lights to Hierarchy!
 //$node input parameter can be a numeric node_id of a node-to-be-checked or a hash containing node_id,node_vector
 public static function checkPerms($node) {
@@ -16,6 +46,7 @@ public static function checkPerms($node) {
 	elseif (is_numeric($node)) {
 		$node_id=$node;
 	}
+	
 
 	if (empty($node_vector)) {
 		$set=$db->query("select node_vector from  nodes where node_id='$node_id'");
@@ -57,6 +88,20 @@ public static function checkPerms($node) {
             $perms['node_system_access']   = $qr_np->getString('node_system_access');
             $perms['node_external_access'] = $qr_np->getString('node_external_access');
 
+        // external access must go first
+            if ($user_id == "") {
+                if ($perms['node_system_access'] != 'private'
+                && $perms['node_external_access'] == 'yes') {
+                        $perms['r'] = 1;
+                        $perms['w'] = 0;
+                    break;
+                } else {
+                        $perms['r'] = 0;
+                        $perms['w'] = 0;
+                    break;
+                }
+            }
+
             // r/w prava podla system accessu
             if ($perms['node_system_access'] == 'public') {
                 $perms['r'] = 1;
@@ -78,14 +123,6 @@ public static function checkPerms($node) {
                 break;
             }
 
-            if ($perms['node_system_access'] != 'private'
-                && !$_SESSION['user_id']
-                && $perms['node_external_access'] == 'yes') {
-                    $perms['r'] = 1;
-                    $perms['w'] = 0;
-                    break;
-            }
-
         } // if ($perms['node_permission'] == '' && $perms['node_system_access'] == '')
         else {
             // ked som v public alebo moderated fore a dalsie nadradene su uz privatne