diff options
| author | Malf Furious <m@lfurio.us> | 2017-02-16 00:18:33 -0500 |
|---|---|---|
| committer | Malf Furious <m@lfurio.us> | 2017-02-16 00:18:33 -0500 |
| commit | 127a6bba72f699816f227164661e7b451a4e7e76 (patch) | |
| tree | 3fbe93391c89a69be9f646fcd5147963a8d5b5c4 | |
| parent | 009ff4a5b6c62239744102717136560b750e95c0 (diff) | |
| download | scrott-127a6bba72f699816f227164661e7b451a4e7e76.tar.gz scrott-127a6bba72f699816f227164661e7b451a4e7e76.zip | |
Add functions for checking user/group permissions
| -rw-r--r-- | app/class/agent.class.php | 282 |
1 files changed, 282 insertions, 0 deletions
diff --git a/app/class/agent.class.php b/app/class/agent.class.php index 7c3b23c..52bfc1e 100644 --- a/app/class/agent.class.php +++ b/app/class/agent.class.php @@ -49,6 +49,288 @@ abstract class agent extends object return false; } + + /* + * Check whether this agent has access permission for given + * object + */ + public function canAccess(object $obj) : bool + { + if ($this->admin) + return true; + + if ($this->isOwnerOf($obj)) + return true; + + if ($this->isMemberOf($obj)) + return true; + + if ($obj->pubAcc) + return true; + + if ($obj->parent) + { + $parent = new object($obj->parent); + if ($this->canAccessSub($parent)) + return true; + } + else if ($this->owner) + { + $owner = new object($obj->owner); + if ($this->canAccessSub($owner)) + return true; + } + + return false; + } + + /* + * Check whether this agent has modify permission for given + * object + */ + public function canModify(object $obj) : bool + { + if ($this->admin) + return true; + + if ($this->isOwnerOf($obj)) + return true; + + if ($this->isMemberOf($obj) && $obj->membModify) + return true; + + if ($obj->parent) + { + $parent = new object($obj->parent); + if ($this->canModifySub($parent)) + return true; + } + else if ($obj->owner) + { + $owner = new object($obj->owner); + if ($this->canModifySub($owner)) + return true; + } + + return false; + } + + /* + * Check whether this agent has modify members permission for + * given object + */ + public function canModifyMembers(object $obj) : bool + { + if ($this->admin) + return true; + + if ($this->isOwnerOf($obj)) + return true; + + if ($this->isMemberOf($obj) && $obj->membMemb) + return true; + + if ($obj->parent) + { + $parent = new object($obj->parent); + if ($this->canModifySubMembers($parent)) + return true; + } + else if ($obj->owner) + { + $owner = new object($obj->owner); + if ($this->canModifySubMembers($owner)) + return true; + } + + return false; + } + + /* + * Check whether this agent has modify permissions permission + * for given object + */ + public function canModifyPermissions(object $obj) : bool + { + if ($this->admin) + return true; + + if ($this->isOwnerOf($obj)) + return true; + + if ($obj->parent) + { + $parent = new object($obj->parent); + if ($this->canModifySubPermissions($parent)) + return true; + } + else if ($obj->owner) + { + $owner = new object($obj->owner); + if ($this->canModifySubPermissions($owner)) + return true; + } + + return false; + } + + /* + * Check whether this agent has access-sub permission for + * given object + */ + public function canAccessSub(object $obj) : bool + { + if ($this->admin) + return true; + + if ($this->isOwnerOf($obj)) + return true; + + if ($this->isMemberOf($obj) && $obj->membAccs) + return true; + + if ($obj->pubAccs) + return true; + + if ($obj->parent) + { + $parent = new object($obj->parent); + if ($this->canAccessSub($parent)) + return true; + } + else if ($obj->owner) + { + $owner = new object($obj->owner); + if ($this->canAccessSub($owner)) + return true; + } + + return false; + } + + /* + * Check whether this agent has create-sub permission + * for given object + */ + public function canCreateSub(object $obj) : bool + { + if ($this->admin) + return true; + + if ($this->isOwnerOf($obj)) + return true; + + if ($this->isMemberOf($obj) && $obj->membCres) + return true; + + if ($obj->pubCres) + return true; + + if ($obj->parent) + { + $parent = new object($obj->parent); + if ($this->canCreateSub($parent)) + return true; + } + else if ($obj->owner) + { + $owner = new object($obj->owner); + if ($this->canCreateSub($owner)) + return true; + } + + return false; + } + + /* + * Check whether this agent has modify-sub permission + * for given object + */ + public function canModifySub(object $obj) : bool + { + if ($this->admin) + return true; + + if ($this->isOwnerOf($obj)) + return true; + + if ($this->isMemberOf($obj) && $obj->membModifys) + return true; + + if ($obj->parent) + { + $parent = new object($obj->parent); + if ($this->canModifySub($parent)) + return true; + } + else if ($obj->owner) + { + $owner = new object($obj->owner); + if ($this->canModifySub($owner)) + return true; + } + + return false; + } + + /* + * Check whether this agent has modify-sub-members + * permission for given object + */ + public function canModifySubMembers(object $obj) : bool + { + if ($this->admin) + return true; + + if ($this->isOwnerOf($obj)) + return true; + + if ($this->isMemberOf($obj) && $obj->membMembs) + return true; + + if ($obj->parent) + { + $parent = new object($obj->parent); + if ($this->canModifySubMembers($parent)) + return true; + } + else if ($obj->owner) + { + $owner = new object($obj->owner); + if ($this->canModifySubMembers($owner)) + return true; + } + + return false; + } + + /* + * Check whether this agent has modify-sub-permissions + * permission for given object + */ + public function canModifySubPermissions(object $obj) : bool + { + if ($this->admin) + return true; + + if ($this->isOwnerOf($obj)) + return true; + + if ($obj->parent) + { + $parent = new object($obj->parent); + if ($this->canModifySubPermissions($parent)) + return true; + } + else if ($obj->owner) + { + $owner = new object($obj->owner); + if ($this->canModifySubPermissions($owner)) + return true; + } + + return false; + } } ?> |