wwwroot/inc/permissions.inc

   1 <?php
   2
   3 class permissions {
   4
   5 function isHierarch($node) {
   6
   7         global $db;
   8         $user_id=$_SESSION['user_id'];
   9         if (!$user_id) return false;
  10         $node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';');
  11         $hierarchy=explode(';',$node_vector);
  12         foreach ($hierarchy as $hierarch) {
  13                 $hierarch=ltrim($hierarch,0);
  14                 $q="select nodes.node_creator,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$user_id."' where nodes.node_id='$hierarch'";
  15                 $result=$db->query($q);
  16                 $result->next();
  17                 if ($result->getString('node_creator')==$user_id)
  18                         return true;
  19                 if ($result->getString('node_permission')=='master')
  20                         return true;
  21                 if ($result->getString('node_creator')=='operator')
  22                         return true;
  23 //              if ($user_id == 2045)  // OMG
  24 //                      return true;
  25         }
  26         return false;
  27
  28 }
  29
  30 function checkPermissions($node) {
  31 global $db;
  32 if (IsSet($_SESSION['user_id'])) {
  33         $user_id=$_SESSION['user_id'];
  34 }
  35
  36 /*
  37 thousand lights   // OMGto Hierarchy!
  38 (check&set procedure for giving permissions for non-public subnodes according
  39 to bottom-top Hierarchy
  40 */
  41 if (($node['node_system_access']!='public' and $node['node_system_access']!='crypto') and empty($node['node_permission'])) {
  42         $node_vector=trim(chunk_split($node['node_vector'],VECTOR_CHARS,';'),';');
  43         $hierarchy=array_reverse(explode(';',$node_vector));
  44         foreach ($hierarchy as $hierarch) {
  45                 $hierarch=ltrim($hierarch,0);
  46                 $q="select nodes.node_creator,nodes.node_system_access,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$user_id."' where nodes.node_id='$hierarch'";
  47                 $result=$db->query($q);
  48                 $result->next();
  49                 $hierarchy_bounce[]=$hierarch;
  50
  51                 //if hierarch permission rights are different than that of the node, quit the process changing nothing
  52                 if ($result->getString('node_system_access')!=$node['node_system_access']) {
  53                         break;
  54                 }
  55
  56                 //if hierarch node_user relation exist, set it for node also
  57                 elseif ($result->getString('node_permission')!='') {
  58                         array_pop($hierarchy_bounce);
  59                         $node['node_permission']=$result->getString('node_permission');
  60                                 $q="update node_access set node_permission='".$result->getString('node_permission')."' where node_id='".$node['node_id']."' and user_id='".$user_id."'";
  61                                 $updated=$db->update($q);
  62                                 if (!$updated && IsSet($_SESSION['user_id'])) {
  63                                         $q="insert into node_access set node_permission='".$result->getString('node_permission')."', node_id='".$node['node_id']."',user_id='".$user_id."'";
  64                                         $db->query($q);
  65                                 }
  66                         break;
  67                 }
  68
  69                 //similiar.if user is creator of hierarch, give him access
  70                 elseif ($result->getString('node_creator')==$user_id) {
  71                         array_pop($hierarchy_bounce);
  72                         $node['node_permission']='access';
  73                                 $q="update node_access set node_permission='access' where node_id='".$node['node_id']."' and user_id='".$user_id."'";
  74                                 $updated=$db->update($q);
  75                                 if (!$updated && IsSet($_SESSION['user_id'])) {
  76                                         $q="insert into node_access set node_permission='access', node_id='".$node['node_id']."',user_id='".$user_id."'";
  77                                         $db->query($q);
  78                                 }
  79                         break;
  80                 }
  81
  82
  83
  84         }
  85
  86 }
  87
  88
  89 //setting permissions for not logged in users
  90 if ($user_id==$node['node_creator']) {
  91         $permissions['r']=true;
  92         $permissions['w']=true;
  93 }
  94
  95 elseif (!$user_id) {
  96
  97         if ($node['node_external_access']=='yes' AND ($node['node_system_access']=='public' OR $node['node_system_access']=='moderated' OR $node['node_system_access']=='cube')) {
  98                 $permissions['r']=true;
  99                 $permissions['w']=false;
 100
 101         }
 102
 103         else {
 104
 105                 $permissions['r']=false;
 106                 $permissions['w']=false;
 107         }
 108 }
 109
 110 //setting permissions for cube node
 111
 112 elseif ($node['node_system_access']=='cube') {
 113
 114         if (strpos($node['node_vector'],$_SESSION['cube_vector'])==true ) {
 115                 $permissions['r']=true;
 116                 $permissions['w']=true;
 117         }
 118         elseif (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) {
 119                         $permissions['r']=true;
 120                         $permissions['w']=true;
 121        }
 122
 123
 124         else {
 125                 $permissions['r']=false;
 126                 $permissions['w']=false;
 127         }
 128 }
 129
 130
 131 //setting permissions for private node
 132 elseif ($node['node_system_access']=='private') {
 133         if (empty($node['node_permission'])) {
 134                 $permissions['r']=false;
 135                 $permissions['w']=false;
 136         }
 137         elseif ($node['node_permission']=='ban') {
 138                 $permissions['r']=false;
 139                 $permissions['w']=false;
 140         }
 141
 142         elseif($node['node_permission']=='silence') {
 143                 $permissions['r']=true;
 144                 $permissions['w']=false;
 145         }
 146         else {
 147
 148                 $permissions['r']=true;
 149                 $permissions['w']=true;
 150         }
 151 }
 152
 153 //setting permissions for moderated node
 154 elseif ($node['node_system_access']=='moderated') {
 155         if (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) {
 156                         $permissions['r']=true;
 157                         $permissions['w']=true;
 158                 }
 159         elseif ($node['node_permission']=='ban') {
 160                 $permissions['r']=false;
 161                 $permissions['w']=false;
 162         }
 163
 164
 165                 else {
 166                         $permissions['r']=true;
 167                         $permissions['w']=false;
 168                 }
 169
 170 }
 171
 172 //setting rights for public node
 173 elseif ($node['node_system_access']=='public') {
 174         if ($node['node_permission']=='silence') {
 175                 $permissions['r']=true;
 176                 $permissions['w']=false;
 177         }
 178
 179         elseif ($node['node_permission']=='ban') {
 180                 $permissions['r']=false;
 181                 $permissions['w']=false;
 182         }
 183
 184
 185         else {
 186                 $permissions['r']=true;
 187                 $permissions['w']=true;
 188         }
 189 }
 190
 191
 192 else {
 193                 $permissions['r']=true;
 194                 $permissions['w']=true;
 195 }
 196 return $permissions;
 197 }
 198
 199 }
 200
 201 ?>