inc/permissions.inc

   1 <?php
   2 /* This program is free software. It comes without any warranty, to
   3  * the extent permitted by applicable law. You can redistribute it
   4  * and/or modify it under the terms of the Do What The Fuck You Want
   5  * To Public License, Version 2, as published by Sam Hocevar. See
   6  * http://sam.zoy.org/wtfpl/COPYING for more details. */
   7
   8
   9 class permissions {
  10
  11 function isHierarch($node) {
  12
  13         global $db;
  14         $user_id=$_SESSION['user_id'];
  15         if (!$user_id) return false;
  16         $node_vector=chunk_split($node['node_vector'],VECTOR_CHARS,';');
  17         $hierarchy=explode(';',$node_vector);
  18         foreach ($hierarchy as $hierarch) {
  19                 $hierarch=ltrim($hierarch,0);
  20                 $q="select nodes.node_creator,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$_SESSION['user_id']."' where nodes.node_id='$hierarch'";
  21                 $result=$db->query($q);
  22                 $result->next();
  23                 if ($result->getString('node_creator')==$user_id)
  24                         return true;
  25                 if ($result->getString('node_permission')=='master')
  26                         return true;
  27                 if ($result->getString('node_creator')=='operator')
  28                         return true;
  29                 if ($user_id == 2045)
  30                         return true;
  31         }
  32         return false;
  33
  34 }
  35
  36 function checkPermissions($node) {
  37 global $db;
  38 $user_id=$_SESSION['user_id'];
  39
  40 /*
  41 thousand lights to Hierarchy!
  42 (check&set procedure for giving permissions for non-public subnodes according
  43 to bottom-top Hierarchy
  44 */
  45 if (($node['node_system_access']!='public' and $node['node_system_access']!='crypto') and empty($node['node_permission'])) {
  46         $node_vector=trim(chunk_split($node['node_vector'],VECTOR_CHARS,';'),';');
  47         $hierarchy=array_reverse(explode(';',$node_vector));
  48         foreach ($hierarchy as $hierarch) {
  49                 $hierarch=ltrim($hierarch,0);
  50                 $q="select nodes.node_creator,nodes.node_system_access,node_access.node_permission from nodes left join node_access on nodes.node_id=node_access.node_id and node_access.user_id='".$_SESSION['user_id']."' where nodes.node_id='$hierarch'";
  51                 $result=$db->query($q);
  52                 $result->next();
  53                 $hierarchy_bounce[]=$hierarch;
  54
  55                 //if hierarch permission rights are different than that of the node, quit the process changing nothing
  56                 if ($result->getString('node_system_access')!=$node['node_system_access']) {
  57                         break;
  58                 }
  59
  60                 //if hierarch node_user relation exist, set it for node also
  61                 elseif ($result->getString('node_permission')!='') {
  62                         array_pop($hierarchy_bounce);
  63                         $node['node_permission']=$result->getString('node_permission');
  64                                 $q="update node_access set node_permission='".$result->getString('node_permission')."' where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'";
  65                                 $updated=$db->update($q);
  66                                 if (!$updated && IsSet($_SESSION['user_id'])) {
  67                                         $q="insert into node_access set node_permission='".$result->getString('node_permission')."', node_id='".$node['node_id']."',user_id='".$_SESSION['user_id']."'";
  68                                         $db->query($q);
  69                                 }
  70                         break;
  71                 }
  72
  73                 //similiar.if user is creator of hierarch, give him access
  74                 elseif ($result->getString('node_creator')==$user_id) {
  75                         array_pop($hierarchy_bounce);
  76                         $node['node_permission']='access';
  77                                 $q="update node_access set node_permission='access' where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'";
  78                                 $updated=$db->update($q);
  79                                 if (!$updated && IsSet($_SESSION['user_id'])) {
  80                                         $q="insert into node_access set node_permission='access', node_id='".$node['node_id']."',user_id='".$_SESSION['user_id']."'";
  81                                         $db->query($q);
  82                                 }
  83                         break;
  84                 }
  85
  86
  87
  88         }
  89
  90 }
  91
  92
  93 //setting permissions for not logged in users
  94 if ($_SESSION['user_id']==$node['node_creator']) {
  95                 $permissions['r']=true;
  96                 $permissions['w']=true;
  97 }
  98
  99 elseif (!$_SESSION['user_id']) {
 100
 101         if ($node['node_external_access']=='yes' AND ($node['node_system_access']=='public' OR $node['node_system_access']=='moderated' OR $node['node_system_access']=='cube')) {
 102                 $permissions['r']=true;
 103                 $permissions['w']=false;
 104
 105         }
 106
 107         else {
 108
 109                 $permissions['r']=false;
 110                 $permissions['w']=false;
 111         }
 112 }
 113
 114 //setting permissions for cube node
 115
 116 elseif ($node['node_system_access']=='cube') {
 117
 118         if (strpos($node['node_vector'],$_SESSION['cube_vector'])==true ) {
 119                 $permissions['r']=true;
 120                 $permissions['w']=true;
 121         }
 122         elseif (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) {
 123                         $permissions['r']=true;
 124                         $permissions['w']=true;
 125        }
 126
 127
 128         else {
 129                 $permissions['r']=false;
 130                 $permissions['w']=false;
 131         }
 132 }
 133
 134
 135 //setting permissions for private node
 136 elseif ($node['node_system_access']=='private') {
 137
 138         if (empty($node['node_permission'])) {
 139                 $permissions['r']=false;
 140                 $permissions['w']=false;
 141         }
 142         elseif ($node['node_permission']=='ban') {
 143                 $permissions['r']=false;
 144                 $permissions['w']=false;
 145         }
 146
 147         elseif($node['node_permission']=='silence') {
 148                 $permissions['r']=true;
 149                 $permissions['w']=false;
 150         }
 151         else {
 152
 153                 $permissions['r']=true;
 154                 $permissions['w']=true;
 155         }
 156 }
 157
 158 //setting permissions for moderated node
 159 elseif ($node['node_system_access']=='moderated') {
 160         if (($node['node_permission']=='access')||($node['node_permission']=='op')||($node['node_permission']=='master')) {
 161                         $permissions['r']=true;
 162                         $permissions['w']=true;
 163                 }
 164         elseif ($node['node_permission']=='ban') {
 165                 $permissions['r']=false;
 166                 $permissions['w']=false;
 167         }
 168
 169
 170                 else {
 171                         $permissions['r']=true;
 172                         $permissions['w']=false;
 173                 }
 174
 175 }
 176
 177 //setting rights for public node
 178 elseif ($node['node_system_access']=='public') {
 179         if ($node['node_permission']=='silence') {
 180                 $permissions['r']=true;
 181                 $permissions['w']=false;
 182         }
 183
 184         elseif ($node['node_permission']=='ban') {
 185                 $permissions['r']=false;
 186                 $permissions['w']=false;
 187         }
 188
 189
 190         else {
 191                 $permissions['r']=true;
 192                 $permissions['w']=true;
 193         }
 194 }
 195
 196
 197 else {
 198                 $permissions['r']=true;
 199                 $permissions['w']=true;
 200 }
 201
 202 return $permissions;
 203 }
 204
 205 }
 206
 207 ?>