class permissions {
+// XXX not checked
+
+function isHierarch($node) {
+
+ global $db;
+ if (IsSet($_SESSION['user_id'])) {
+ $user_id=$_SESSION['user_id'];
+ } else {
+ $user_id=0;
+ }
+ if (!$user_id) return false;
+
+ $node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';');
+ $hierarchy=explode(';',$node_vector);
+ foreach ($hierarchy as $hierarch) {
+ $hierarch=ltrim($hierarch,0);
+ $q="select nodes.node_creator,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$user_id."' where nodes.node_id='$hierarch'";
+ $result=$db->query($q);
+ $result->next();
+ if ($result->getString('node_creator')==$user_id)
+ return true;
+ if ($result->getString('node_permission')=='master')
+ return true;
+ if ($result->getString('node_creator')=='operator')
+ return true;
+ }
+ return false;
+
+}
+
//trillion lights to Hierarchy!
//$node input parameter can be a numeric node_id of a node-to-be-checked or a hash containing node_id,node_vector
public static function checkPerms($node) {
$perms['node_system_access'] = $qr_np->getString('node_system_access');
$perms['node_external_access'] = $qr_np->getString('node_external_access');
+ // external access must go first
+ if ($user_id == "") {
+ if ($perms['node_system_access'] != 'private'
+ && $perms['node_external_access'] == 'yes') {
+ $perms['r'] = 1;
+ $perms['w'] = 0;
+ break;
+ } else {
+ $perms['r'] = 0;
+ $perms['w'] = 0;
+ break;
+ }
+ }
+
// r/w prava podla system accessu
if ($perms['node_system_access'] == 'public') {
$perms['r'] = 1;
break;
}
- if ($perms['node_system_access'] != 'private'
- && (empty($_SESSION['user_id']))
- && $perms['node_external_access'] == 'yes') {
- $perms['r'] = 1;
- $perms['w'] = 0;
- break;
- }
-
} // if ($perms['node_permission'] == '' && $perms['node_system_access'] == '')
else {
// ked som v public alebo moderated fore a dalsie nadradene su uz privatne