X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Fbackend%2Fmysql%2Fpermissions.inc;h=ace0e60a911f4d36b279cdf4d06afbda466f7b5b;hb=HEAD;hp=78e85565fae14a2f4af93e5c12524f106dc81e33;hpb=bde5bc7a912775cd1c3da7f095980944afe70522;p=mirrors%2FKyberia-bloodline.git diff --git a/wwwroot/backend/mysql/permissions.inc b/wwwroot/backend/mysql/permissions.inc index 78e8556..ace0e60 100644 --- a/wwwroot/backend/mysql/permissions.inc +++ b/wwwroot/backend/mysql/permissions.inc @@ -2,13 +2,59 @@ class permissions { +// XXX not checked + +function isHierarch($node) { + + global $db; + if (IsSet($_SESSION['user_id'])) { + $user_id=$_SESSION['user_id']; + } else { + $user_id=0; + } + if (!$user_id) return false; + + $node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';'); + $hierarchy=explode(';',$node_vector); + foreach ($hierarchy as $hierarch) { + $hierarch=ltrim($hierarch,0); + $q="select nodes.node_creator,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$user_id."' where nodes.node_id='$hierarch'"; + $result=$db->query($q); + $result->next(); + if ($result->getString('node_creator')==$user_id) + return true; + if ($result->getString('node_permission')=='master') + return true; + if ($result->getString('node_creator')=='operator') + return true; + } + return false; + +} + //trillion lights to Hierarchy! -function checkPerms($node) { +//$node input parameter can be a numeric node_id of a node-to-be-checked or a hash containing node_id,node_vector +public static function checkPerms($node) { // new permissions checking global $db; - $node_id=$node['node_id']; - $node_vector=$node['node_vector']; - $user_id = $_SESSION['user_id']; + + if (is_array($node)) { + $node_id=$node['node_id']; + $node_vector=$node['node_vector']; + } + + elseif (is_numeric($node)) { + $node_id=$node; + } + + + if (empty($node_vector)) { + $set=$db->query("select node_vector from nodes where node_id='$node_id'"); + $set->next(); + $node_vector=$set->getString('node_vector'); + } + + $user_id=(empty($_SESSION['user_id'])) ? "" : $_SESSION['user_id']; $perms['r'] = 0; $perms['w'] = 0; @@ -22,6 +68,7 @@ function checkPerms($node) { $nv_arr = str_split($node_vector, VECTOR_CHARS); $nv_arr = array_map('intval', $nv_arr); $node_list = implode(', ', $nv_arr); + $node_list.=",$node_id"; $q_np = sprintf('select n.node_id, n.node_creator, length(n.node_vector) as nv_length , n.node_system_access, n.node_external_access, na.node_permission @@ -30,6 +77,7 @@ function checkPerms($node) { and na.user_id = %d where n.node_id in(%s) order by nv_length desc', $user_id, $node_list); + $qr_np = $db->query($q_np); while ($qr_np->next()) { @@ -40,6 +88,20 @@ function checkPerms($node) { $perms['node_system_access'] = $qr_np->getString('node_system_access'); $perms['node_external_access'] = $qr_np->getString('node_external_access'); + // external access must go first + if ($user_id == "") { + if ($perms['node_system_access'] != 'private' + && $perms['node_external_access'] == 'yes') { + $perms['r'] = 1; + $perms['w'] = 0; + break; + } else { + $perms['r'] = 0; + $perms['w'] = 0; + break; + } + } + // r/w prava podla system accessu if ($perms['node_system_access'] == 'public') { $perms['r'] = 1; @@ -61,14 +123,6 @@ function checkPerms($node) { break; } - if ($perms['node_system_access'] != 'private' - && !$_SESSION['user_id'] - && $perms['node_external_access'] == 'yes') { - $perms['r'] = 1; - $perms['w'] = 0; - break; - } - } // if ($perms['node_permission'] == '' && $perms['node_system_access'] == '') else { // ked som v public alebo moderated fore a dalsie nadradene su uz privatne @@ -109,7 +163,7 @@ function checkPerms($node) { break; } - if ($qr_np->getInt('node_creator') == $user_id) { + if ($qr_np->getString('node_creator') == $user_id) { $perms['node_permission'] = 'owner'; $perms['r'] = 1; $perms['w'] = 1; @@ -122,4 +176,4 @@ function checkPerms($node) { } -?> \ No newline at end of file +?>