Gazelle/classes/permissions.class.php

<?
class Permissions {
	/* Check to see if a user has the permission to perform an action
	 * This is called by check_perms in util.php, for convenience.
	 *
	 * @param string PermissionName
	 * @param string $MinClass Return false if the user's class level is below this.
	 */
	public static function check_perms($PermissionName, $MinClass = 0) {
		return (
			isset(G::$LoggedUser['Permissions'][$PermissionName])
			&& G::$LoggedUser['Permissions'][$PermissionName]
			&& (G::$LoggedUser['Class'] >= $MinClass
				|| G::$LoggedUser['EffectiveClass'] >= $MinClass)
			) ? true : false;
	}

	/**
	 * Gets the permissions associated with a certain permissionid
	 *
	 * @param int $PermissionID the kind of permissions to fetch
	 * @return array permissions
	 */
	public static function get_permissions($PermissionID) {
		$Permission = G::$Cache->get_value('perm_'.$PermissionID);
		if (empty($Permission)) {
			$QueryID = G::$DB->get_query_id();
			G::$DB->query("
				SELECT p.Level AS Class, p.Values as Permissions, p.Secondary, p.PermittedForums
				FROM permissions AS p
				WHERE ID='$PermissionID'");
			$Permission = G::$DB->next_record(MYSQLI_ASSOC, array('Permissions'));
			G::$DB->set_query_id($QueryID);
			$Permission['Permissions'] = unserialize($Permission['Permissions']);
			G::$Cache->cache_value('perm_'.$PermissionID, $Permission, 2592000);
		}
		return $Permission;
	}

	/**
	 * Get a user's permissions.
	 *
	 * @param $UserID
	 * @param array|false $CustomPermissions
	 *	Pass in the user's custom permissions if you already have them.
	 *	Leave false if you don't have their permissions, the function will fetch them.
	 * @return array Mapping of PermissionName=>bool/int
	 */
	public static function get_permissions_for_user($UserID, $CustomPermissions = false) {
		$UserInfo = Users::user_info($UserID);

		// Fetch custom permissions if they weren't passed in.
		if ($CustomPermissions === false) {
			$QueryID = G::$DB->get_query_id();
			G::$DB->query('
				SELECT um.CustomPermissions
				FROM users_main AS um
				WHERE um.ID = '.((int)$UserID));
			list($CustomPermissions) = G::$DB->next_record(MYSQLI_NUM, false);
			G::$DB->set_query_id($QueryID);
		}

		if (!empty($CustomPermissions) && !is_array($CustomPermissions)) {
			$CustomPermissions = unserialize($CustomPermissions);
		}

		$Permissions = self::get_permissions($UserInfo['PermissionID']);

		// Manage 'special' inherited permissions
		$BonusPerms = array();
		$BonusCollages = 0;
		foreach ($UserInfo['ExtraClasses'] as $PermID => $Value) {
			$ClassPerms = self::get_permissions($PermID);
			$BonusCollages += $ClassPerms['Permissions']['MaxCollages'];
			unset($ClassPerms['Permissions']['MaxCollages']);
			$BonusPerms = array_merge($BonusPerms, $ClassPerms['Permissions']);
		}

		if (empty($CustomPermissions)) {
			$CustomPermissions = array();
		}

		// This is legacy donor cruft
		if ($UserInfo['Donor']) {
			$DonorPerms = self::get_permissions(DONOR);
		} else {
			$DonorPerms = array('Permissions' => array());
		}

		$MaxCollages = $Permissions['Permissions']['MaxCollages'] + $BonusCollages;
		if (isset($CustomPermissions['MaxCollages'])) {
			$MaxCollages += $CustomPermissions['MaxCollages'];
		}
		$Permissions['MaxCollages'] = $MaxCollages;

		//Combine the permissions
		return array_merge(
				$Permissions['Permissions'],
				$BonusPerms,
				$CustomPermissions,
				$DonorPerms['Permissions']);
	}
}
?>
Empty commit 2012-10-11 08:00:15 +00:00			`<?`
			`class Permissions {`
			`/* Check to see if a user has the permission to perform an action`
			`* This is called by check_perms in util.php, for convenience.`
			`*`
			`* @param string PermissionName`
			`* @param string $MinClass Return false if the user's class level is below this.`
			`*/`
Empty commit 2013-06-18 08:00:48 +00:00			`public static function check_perms($PermissionName, $MinClass = 0) {`
Empty commit 2012-10-11 08:00:15 +00:00			`return (`
Empty commit 2013-08-28 23:08:41 +00:00			`isset(G::$LoggedUser['Permissions'][$PermissionName])`
			`&& G::$LoggedUser['Permissions'][$PermissionName]`
			`&& (G::$LoggedUser['Class'] >= $MinClass`
			`\|\| G::$LoggedUser['EffectiveClass'] >= $MinClass)`
Empty commit 2013-06-18 08:00:48 +00:00			`) ? true : false;`
Empty commit 2012-10-11 08:00:15 +00:00			`}`

			`/**`
			`* Gets the permissions associated with a certain permissionid`
			`*`
			`* @param int $PermissionID the kind of permissions to fetch`
			`* @return array permissions`
			`*/`
			`public static function get_permissions($PermissionID) {`
Empty commit 2013-08-28 23:08:41 +00:00			`$Permission = G::$Cache->get_value('perm_'.$PermissionID);`
Empty commit 2012-10-11 08:00:15 +00:00			`if (empty($Permission)) {`
Empty commit 2013-08-28 23:08:41 +00:00			`$QueryID = G::$DB->get_query_id();`
			`G::$DB->query("`
Empty commit 2013-06-06 08:01:03 +00:00			`SELECT p.Level AS Class, p.Values as Permissions, p.Secondary, p.PermittedForums`
			`FROM permissions AS p`
			`WHERE ID='$PermissionID'");`
Empty commit 2013-08-28 23:08:41 +00:00			`$Permission = G::$DB->next_record(MYSQLI_ASSOC, array('Permissions'));`
			`G::$DB->set_query_id($QueryID);`
Empty commit 2012-10-11 08:00:15 +00:00			`$Permission['Permissions'] = unserialize($Permission['Permissions']);`
Empty commit 2013-08-28 23:08:41 +00:00			`G::$Cache->cache_value('perm_'.$PermissionID, $Permission, 2592000);`
Empty commit 2012-10-11 08:00:15 +00:00			`}`
			`return $Permission;`
			`}`

			`/**`
			`* Get a user's permissions.`
			`*`
			`* @param $UserID`
			`* @param array\|false $CustomPermissions`
			`* Pass in the user's custom permissions if you already have them.`
			`* Leave false if you don't have their permissions, the function will fetch them.`
			`* @return array Mapping of PermissionName=>bool/int`
			`*/`
			`public static function get_permissions_for_user($UserID, $CustomPermissions = false) {`
			`$UserInfo = Users::user_info($UserID);`

			`// Fetch custom permissions if they weren't passed in.`
			`if ($CustomPermissions === false) {`
Empty commit 2013-08-28 23:08:41 +00:00			`$QueryID = G::$DB->get_query_id();`
			`G::$DB->query('`
Empty commit 2013-06-06 08:01:03 +00:00			`SELECT um.CustomPermissions`
			`FROM users_main AS um`
			`WHERE um.ID = '.((int)$UserID));`
Empty commit 2013-08-28 23:08:41 +00:00			`list($CustomPermissions) = G::$DB->next_record(MYSQLI_NUM, false);`
			`G::$DB->set_query_id($QueryID);`
Empty commit 2012-10-11 08:00:15 +00:00			`}`

			`if (!empty($CustomPermissions) && !is_array($CustomPermissions)) {`
			`$CustomPermissions = unserialize($CustomPermissions);`
			`}`

Empty commit 2013-09-12 08:00:52 +00:00			`$Permissions = self::get_permissions($UserInfo['PermissionID']);`
Empty commit 2012-10-11 08:00:15 +00:00
			`// Manage 'special' inherited permissions`
			`$BonusPerms = array();`
			`$BonusCollages = 0;`
			`foreach ($UserInfo['ExtraClasses'] as $PermID => $Value) {`
Empty commit 2013-09-12 08:00:52 +00:00			`$ClassPerms = self::get_permissions($PermID);`
Empty commit 2012-10-11 08:00:15 +00:00			`$BonusCollages += $ClassPerms['Permissions']['MaxCollages'];`
			`unset($ClassPerms['Permissions']['MaxCollages']);`
			`$BonusPerms = array_merge($BonusPerms, $ClassPerms['Permissions']);`
			`}`

Empty commit 2013-09-08 08:00:57 +00:00			`if (empty($CustomPermissions)) {`
			`$CustomPermissions = array();`
Empty commit 2012-10-11 08:00:15 +00:00			`}`

			`// This is legacy donor cruft`
			`if ($UserInfo['Donor']) {`
Empty commit 2013-09-12 08:00:52 +00:00			`$DonorPerms = self::get_permissions(DONOR);`
Empty commit 2012-10-11 08:00:15 +00:00			`} else {`
			`$DonorPerms = array('Permissions' => array());`
			`}`

Empty commit 2013-09-12 08:00:52 +00:00			`$MaxCollages = $Permissions['Permissions']['MaxCollages'] + $BonusCollages;`
Empty commit 2013-09-08 08:00:57 +00:00			`if (isset($CustomPermissions['MaxCollages'])) {`
			`$MaxCollages += $CustomPermissions['MaxCollages'];`
			`}`
Empty commit 2013-09-12 08:00:52 +00:00			`$Permissions['MaxCollages'] = $MaxCollages;`
Empty commit 2012-10-11 08:00:15 +00:00
			`//Combine the permissions`
			`return array_merge(`
			`$Permissions['Permissions'],`
			`$BonusPerms,`
Empty commit 2013-09-08 08:00:57 +00:00			`$CustomPermissions,`
Empty commit 2013-09-12 08:00:52 +00:00			`$DonorPerms['Permissions']);`
Empty commit 2013-08-28 23:08:41 +00:00			`}`
Empty commit 2012-10-11 08:00:15 +00:00			`}`
			`?>`