Gazelle/classes/permissions.class.php

115 lines
3.7 KiB
PHP
Raw Normal View History

2012-10-11 08:00:15 +00:00
<?
class Permissions {
/* Check to see if a user has the permission to perform an action
* This is called by check_perms in util.php, for convenience.
*
* @param string PermissionName
* @param string $MinClass Return false if the user's class level is below this.
*/
2013-06-18 08:00:48 +00:00
public static function check_perms($PermissionName, $MinClass = 0) {
2016-02-06 08:00:28 +00:00
$OverrideClass = 1000;
$Override = G::$LoggedUser['EffectiveClass'] >= $OverrideClass;
2012-10-11 08:00:15 +00:00
return (
2016-02-06 08:00:28 +00:00
($PermissionName == null ||
(isset(G::$LoggedUser['Permissions'][$PermissionName]) && G::$LoggedUser['Permissions'][$PermissionName]))
2013-08-28 23:08:41 +00:00
&& (G::$LoggedUser['Class'] >= $MinClass
2015-12-19 08:00:27 +00:00
|| G::$LoggedUser['EffectiveClass'] >= $MinClass
|| $Override)
2013-06-18 08:00:48 +00:00
) ? true : false;
2012-10-11 08:00:15 +00:00
}
/**
* Gets the permissions associated with a certain permissionid
*
* @param int $PermissionID the kind of permissions to fetch
* @return array permissions
*/
public static function get_permissions($PermissionID) {
2013-11-19 08:00:48 +00:00
$Permission = G::$Cache->get_value("perm_$PermissionID");
2012-10-11 08:00:15 +00:00
if (empty($Permission)) {
2013-08-28 23:08:41 +00:00
$QueryID = G::$DB->get_query_id();
G::$DB->query("
2013-11-17 08:00:47 +00:00
SELECT Level AS Class, `Values` AS Permissions, Secondary, PermittedForums
FROM permissions
2013-11-19 08:00:48 +00:00
WHERE ID = '$PermissionID'");
2013-08-28 23:08:41 +00:00
$Permission = G::$DB->next_record(MYSQLI_ASSOC, array('Permissions'));
G::$DB->set_query_id($QueryID);
2012-10-11 08:00:15 +00:00
$Permission['Permissions'] = unserialize($Permission['Permissions']);
2013-11-19 08:00:48 +00:00
G::$Cache->cache_value("perm_$PermissionID", $Permission, 2592000);
2012-10-11 08:00:15 +00:00
}
return $Permission;
}
/**
* Get a user's permissions.
*
* @param $UserID
* @param array|false $CustomPermissions
* Pass in the user's custom permissions if you already have them.
2014-01-27 08:00:35 +00:00
* Leave false if you don't have their permissions. The function will fetch them.
2012-10-11 08:00:15 +00:00
* @return array Mapping of PermissionName=>bool/int
*/
public static function get_permissions_for_user($UserID, $CustomPermissions = false) {
$UserInfo = Users::user_info($UserID);
// Fetch custom permissions if they weren't passed in.
if ($CustomPermissions === false) {
2013-08-28 23:08:41 +00:00
$QueryID = G::$DB->get_query_id();
G::$DB->query('
2013-11-17 08:00:47 +00:00
SELECT CustomPermissions
FROM users_main
WHERE ID = ' . (int)$UserID);
2013-08-28 23:08:41 +00:00
list($CustomPermissions) = G::$DB->next_record(MYSQLI_NUM, false);
G::$DB->set_query_id($QueryID);
2012-10-11 08:00:15 +00:00
}
if (!empty($CustomPermissions) && !is_array($CustomPermissions)) {
$CustomPermissions = unserialize($CustomPermissions);
}
2013-09-12 08:00:52 +00:00
$Permissions = self::get_permissions($UserInfo['PermissionID']);
2012-10-11 08:00:15 +00:00
// Manage 'special' inherited permissions
$BonusPerms = array();
$BonusCollages = 0;
foreach ($UserInfo['ExtraClasses'] as $PermID => $Value) {
2013-09-12 08:00:52 +00:00
$ClassPerms = self::get_permissions($PermID);
2012-10-11 08:00:15 +00:00
$BonusCollages += $ClassPerms['Permissions']['MaxCollages'];
unset($ClassPerms['Permissions']['MaxCollages']);
$BonusPerms = array_merge($BonusPerms, $ClassPerms['Permissions']);
}
2013-09-08 08:00:57 +00:00
if (empty($CustomPermissions)) {
$CustomPermissions = array();
2012-10-11 08:00:15 +00:00
}
// This is legacy donor cruft
if ($UserInfo['Donor']) {
2013-09-12 08:00:52 +00:00
$DonorPerms = self::get_permissions(DONOR);
2013-11-08 08:01:03 +00:00
unset($DonorPerms['Permissions']['MaxCollages']);
2012-10-11 08:00:15 +00:00
} else {
$DonorPerms = array('Permissions' => array());
}
2013-09-12 08:00:52 +00:00
$MaxCollages = $Permissions['Permissions']['MaxCollages'] + $BonusCollages;
2013-09-08 08:00:57 +00:00
if (isset($CustomPermissions['MaxCollages'])) {
$MaxCollages += $CustomPermissions['MaxCollages'];
2013-11-08 08:01:03 +00:00
unset($CustomPermissions['MaxCollages']);
2013-09-08 08:00:57 +00:00
}
2013-11-08 08:01:03 +00:00
$Permissions['Permissions']['MaxCollages'] = $MaxCollages;
// Combine the permissions
2012-10-11 08:00:15 +00:00
return array_merge(
$Permissions['Permissions'],
$BonusPerms,
2013-09-08 08:00:57 +00:00
$CustomPermissions,
2013-09-12 08:00:52 +00:00
$DonorPerms['Permissions']);
2013-08-28 23:08:41 +00:00
}
2013-11-08 08:01:03 +00:00
public static function is_mod($UserID) {
$Permissions = self::get_permissions_for_user($UserID);
return isset($Permissions['users_mod']) && $Permissions['users_mod'];
}
2012-10-11 08:00:15 +00:00
}
?>