summaryrefslogblamecommitdiffstats
path: root/app/class/agent.class.php
blob: a2c8c2e860aa204a9f456a5d200b09512842dda5 (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15














                                                                         
                                   



































                                                                           

      

















                                                                   




























                                                                              























































































































































































































































































                                                                 


  
<?php

/*
 * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 * OTHER DEALINGS IN THE SOFTWARE.
 *
 * For more information, please refer to UNLICENSE
 */

require_once "class/object.class.php";
require_once "class/pad.class.php";

/*
 * This is a supertype for users and groups, since these two object types
 * will often be handled polymorphically and will share some functionality.
 */
abstract class agent extends object
{
    /*
     * Constructor
     */
    public function __construct(?string $guid = NULL)
    {
        parent::__construct($guid);
    }

    /*
     * Check whether this agent is the owner of the given object
     */
    public function isOwnerOf(object $obj) : bool
    {
        return $obj->getOwner()->guid == $this->guid;
    }

    /*
     * Check whether this agent is a member of the given object
     */
    public function isMemberOf(object $obj) : bool
    {
        foreach ($obj->getMembers() as $memb)
        {
            if ($memb->guid == $this->guid)
                return true;
        }

        return false;
    }

    /*
     * Get the display name for this agent.  For groups this is the
     * object name; for users, this is the object name, unless an
     * alias is set.
     */
    public function getDisplayName() : string
    {
        if ($this->objtype != "user")
            return $this->name;

        $user = new user($this->guid);

        if ($user->alias != "")
            return $user->alias;

        return $user->name;
    }

    /*
     * Get all pads this agent owns or is a member of.  This isn't
     * necessarily all pads this agent has access permission for.
     * Results are sorted by ownership, then by name.
     */
    public function getPads_ordByOwnByName() : array
    {
        $pads = array();

        /* owner */
        $query = "SELECT guid FROM objects WHERE objtype = 'pad' AND " .
            "owner = '" . database::esc($this->guid) . "' ORDER BY name";
        $res = database::query($query);

        foreach ($res as $p)
            $pads[] = new pad($p['guid']);

        /* members */
        $query = "SELECT o.guid FROM objects o JOIN members m ON " .
            "o.guid = m.guid WHERE o.objtype = 'pad' AND " .
            "m.member = '" . database::esc($this->guid) . "' ORDER BY o.name";
        $res = database::query($query);

        foreach ($res as $p)
            $pads[] = new pad($p['guid']);

        return $pads;
    }

    /*
     * Check whether this agent has access permission for given
     * object
     */
    public function canAccess(object $obj) : bool
    {
        if ($this->admin)
            return true;

        if ($this->isOwnerOf($obj))
            return true;

        if ($this->isMemberOf($obj))
            return true;

        if ($obj->pubAcc)
            return true;

        if ($obj->parent)
        {
            $parent = new object($obj->parent);
            if ($this->canAccessSub($parent))
                return true;
        }
        else if ($this->owner)
        {
            $owner = new object($obj->owner);
            if ($this->canAccessSub($owner))
                return true;
        }

        return false;
    }

    /*
     * Check whether this agent has modify permission for given
     * object
     */
    public function canModify(object $obj) : bool
    {
        if ($this->admin)
            return true;

        if ($this->isOwnerOf($obj))
            return true;

        if ($this->isMemberOf($obj) && $obj->membModify)
            return true;

        if ($obj->parent)
        {
            $parent = new object($obj->parent);
            if ($this->canModifySub($parent))
                return true;
        }
        else if ($obj->owner)
        {
            $owner = new object($obj->owner);
            if ($this->canModifySub($owner))
                return true;
        }

        return false;
    }

    /*
     * Check whether this agent has modify members permission for
     * given object
     */
    public function canModifyMembers(object $obj) : bool
    {
        if ($this->admin)
            return true;

        if ($this->isOwnerOf($obj))
            return true;

        if ($this->isMemberOf($obj) && $obj->membMemb)
            return true;

        if ($obj->parent)
        {
            $parent = new object($obj->parent);
            if ($this->canModifySubMembers($parent))
                return true;
        }
        else if ($obj->owner)
        {
            $owner = new object($obj->owner);
            if ($this->canModifySubMembers($owner))
                return true;
        }

        return false;
    }

    /*
     * Check whether this agent has modify permissions permission
     * for given object
     */
    public function canModifyPermissions(object $obj) : bool
    {
        if ($this->admin)
            return true;

        if ($this->isOwnerOf($obj))
            return true;

        if ($obj->parent)
        {
            $parent = new object($obj->parent);
            if ($this->canModifySubPermissions($parent))
                return true;
        }
        else if ($obj->owner)
        {
            $owner = new object($obj->owner);
            if ($this->canModifySubPermissions($owner))
                return true;
        }

        return false;
    }

    /*
     * Check whether this agent has access-sub permission for
     * given object
     */
    public function canAccessSub(object $obj) : bool
    {
        if ($this->admin)
            return true;

        if ($this->isOwnerOf($obj))
            return true;

        if ($this->isMemberOf($obj) && $obj->membAccs)
            return true;

        if ($obj->pubAccs)
            return true;

        if ($obj->parent)
        {
            $parent = new object($obj->parent);
            if ($this->canAccessSub($parent))
                return true;
        }
        else if ($obj->owner)
        {
            $owner = new object($obj->owner);
            if ($this->canAccessSub($owner))
                return true;
        }

        return false;
    }

    /*
     * Check whether this agent has create-sub permission
     * for given object
     */
    public function canCreateSub(object $obj) : bool
    {
        if ($this->admin)
            return true;

        if ($this->isOwnerOf($obj))
            return true;

        if ($this->isMemberOf($obj) && $obj->membCres)
            return true;

        if ($obj->pubCres)
            return true;

        if ($obj->parent)
        {
            $parent = new object($obj->parent);
            if ($this->canCreateSub($parent))
                return true;
        }
        else if ($obj->owner)
        {
            $owner = new object($obj->owner);
            if ($this->canCreateSub($owner))
                return true;
        }

        return false;
    }

    /*
     * Check whether this agent has modify-sub permission
     * for given object
     */
    public function canModifySub(object $obj) : bool
    {
        if ($this->admin)
            return true;

        if ($this->isOwnerOf($obj))
            return true;

        if ($this->isMemberOf($obj) && $obj->membModifys)
            return true;

        if ($obj->parent)
        {
            $parent = new object($obj->parent);
            if ($this->canModifySub($parent))
                return true;
        }
        else if ($obj->owner)
        {
            $owner = new object($obj->owner);
            if ($this->canModifySub($owner))
                return true;
        }

        return false;
    }

    /*
     * Check whether this agent has modify-sub-members
     * permission for given object
     */
    public function canModifySubMembers(object $obj) : bool
    {
        if ($this->admin)
            return true;

        if ($this->isOwnerOf($obj))
            return true;

        if ($this->isMemberOf($obj) && $obj->membMembs)
            return true;

        if ($obj->parent)
        {
            $parent = new object($obj->parent);
            if ($this->canModifySubMembers($parent))
                return true;
        }
        else if ($obj->owner)
        {
            $owner = new object($obj->owner);
            if ($this->canModifySubMembers($owner))
                return true;
        }

        return false;
    }

    /*
     * Check whether this agent has modify-sub-permissions
     * permission for given object
     */
    public function canModifySubPermissions(object $obj) : bool
    {
        if ($this->admin)
            return true;

        if ($this->isOwnerOf($obj))
            return true;

        if ($obj->parent)
        {
            $parent = new object($obj->parent);
            if ($this->canModifySubPermissions($parent))
                return true;
        }
        else if ($obj->owner)
        {
            $owner = new object($obj->owner);
            if ($this->canModifySubPermissions($owner))
                return true;
        }

        return false;
    }
}

?>