wwwroot/inc/permissions.inc

   1 <?php
   2
   3 class permissions {
   4
   5 function isHierarch($node) {
   6
   7         global $db;
   8         $user_id=$_SESSION['user_id'];
   9         if (!$user_id) return false;
  10         $node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';');
  11         $hierarchy=explode(';',$node_vector);
  12         foreach ($hierarchy as $hierarch) {
  13                 $hierarch=ltrim($hierarch,0);
  14                 $q="select nodes.node_creator,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$user_id."' where nodes.node_id='$hierarch'";
  15                 $result=$db->query($q);
  16                 $result->next();
  17                 if ($result->getString('node_creator')==$user_id)
  18                         return true;
  19                 if ($result->getString('node_permission')=='master')
  20                         return true;
  21                 if ($result->getString('node_creator')=='operator')
  22                         return true;
  23 //              if ($user_id == 2045)  // OMG
  24 //                      return true;
  25         }
  26         return false;
  27
  28 }
  29
  30 function checkPermissions($node) {
  31 global $db;
  32 if (IsSet($_SESSION['user_id'])) {
  33         $user_id=$_SESSION['user_id'];
  34 } else {
  35         $user_id=0;
  36 }
  37
  38 /*
  39 thousand lights   // OMGto Hierarchy!
  40 (check&set procedure for giving permissions for non-public subnodes according
  41 to bottom-top Hierarchy
  42 */
  43 if (($node['node_system_access']!='public' and $node['node_system_access']!='crypto') and empty($node['node_permission'])) {
  44         $node_vector=trim(chunk_split($node['node_vector'],VECTOR_CHARS,';'),';');
  45         $hierarchy=array_reverse(explode(';',$node_vector));
  46         foreach ($hierarchy as $hierarch) {
  47                 $hierarch=ltrim($hierarch,0);
  48                 $q="select nodes.node_creator,nodes.node_system_access,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$user_id."' where nodes.node_id='$hierarch'";
  49                 $result=$db->query($q);
  50                 $result->next();
  51                 $hierarchy_bounce[]=$hierarch;
  52
  53                 //if hierarch permission rights are different than that of the node, quit the process changing nothing
  54                 if ($result->getString('node_system_access')!=$node['node_system_access']) {
  55                         break;
  56                 }
  57
  58                 //if hierarch node_user relation exist, set it for node also
  59                 elseif ($result->getString('node_permission')!='') {
  60                         array_pop($hierarchy_bounce);
  61                         $node['node_permission']=$result->getString('node_permission');
  62                                 $q="update node_access set node_permission='".$result->getString('node_permission')."' where node_id='".$node['node_id']."' and user_id='".$user_id."'";
  63                                 $updated=$db->update($q);
  64                                 if (!$updated && IsSet($_SESSION['user_id'])) {
  65                                         $q="insert into node_access set node_permission='".$result->getString('node_permission')."', node_id='".$node['node_id']."',user_id='".$user_id."'";
  66                                         $db->query($q);
  67                                 }
  68                         break;
  69                 }
  70
  71                 //similiar.if user is creator of hierarch, give him access
  72                 elseif ($result->getString('node_creator')==$user_id) {
  73                         array_pop($hierarchy_bounce);
  74                         $node['node_permission']='access';
  75                                 $q="update node_access set node_permission='access' where node_id='".$node['node_id']."' and user_id='".$user_id."'";
  76                                 $updated=$db->update($q);
  77                                 if (!$updated && IsSet($_SESSION['user_id'])) {
  78                                         $q="insert into node_access set node_permission='access', node_id='".$node['node_id']."',user_id='".$user_id."'";
  79                                         $db->query($q);
  80                                 }
  81                         break;
  82                 }
  83
  84
  85
  86         }
  87
  88 }
  89
  90
  91 //setting permissions for not logged in users
  92 if ($user_id==$node['node_creator']) {
  93         $permissions['r']=true;
  94         $permissions['w']=true;
  95 }
  96
  97 elseif (!$user_id) {
  98
  99         if ($node['node_external_access']=='yes' AND ($node['node_system_access']=='public' OR $node['node_system_access']=='moderated' OR $node['node_system_access']=='cube')) {
 100                 $permissions['r']=true;
 101                 $permissions['w']=false;
 102
 103         }
 104
 105         else {
 106
 107                 $permissions['r']=false;
 108                 $permissions['w']=false;
 109         }
 110 }
 111
 112 //setting permissions for cube node
 113
 114 elseif ($node['node_system_access']=='cube') {
 115
 116         if (strpos($node['node_vector'],$_SESSION['cube_vector'])==true ) {
 117                 $permissions['r']=true;
 118                 $permissions['w']=true;
 119         }
 120         elseif (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) {
 121                         $permissions['r']=true;
 122                         $permissions['w']=true;
 123        }
 124
 125
 126         else {
 127                 $permissions['r']=false;
 128                 $permissions['w']=false;
 129         }
 130 }
 131
 132
 133 //setting permissions for private node
 134 elseif ($node['node_system_access']=='private') {
 135         if (empty($node['node_permission'])) {
 136                 $permissions['r']=false;
 137                 $permissions['w']=false;
 138         }
 139         elseif ($node['node_permission']=='ban') {
 140                 $permissions['r']=false;
 141                 $permissions['w']=false;
 142         }
 143
 144         elseif($node['node_permission']=='silence') {
 145                 $permissions['r']=true;
 146                 $permissions['w']=false;
 147         }
 148         else {
 149
 150                 $permissions['r']=true;
 151                 $permissions['w']=true;
 152         }
 153 }
 154
 155 //setting permissions for moderated node
 156 elseif ($node['node_system_access']=='moderated') {
 157         if (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) {
 158                         $permissions['r']=true;
 159                         $permissions['w']=true;
 160                 }
 161         elseif ($node['node_permission']=='ban') {
 162                 $permissions['r']=false;
 163                 $permissions['w']=false;
 164         }
 165
 166
 167                 else {
 168                         $permissions['r']=true;
 169                         $permissions['w']=false;
 170                 }
 171
 172 }
 173
 174 //setting rights for public node
 175 elseif ($node['node_system_access']=='public') {
 176         if ($node['node_permission']=='silence') {
 177                 $permissions['r']=true;
 178                 $permissions['w']=false;
 179         }
 180
 181         elseif ($node['node_permission']=='ban') {
 182                 $permissions['r']=false;
 183                 $permissions['w']=false;
 184         }
 185
 186
 187         else {
 188                 $permissions['r']=true;
 189                 $permissions['w']=true;
 190         }
 191 }
 192
 193
 194 else {
 195                 $permissions['r']=true;
 196                 $permissions['w']=true;
 197 }
 198 return $permissions;
 199 }
 200
 201 }
 202
 203 ?>