diff options
| author | Malf Furious <m@lfurio.us> | 2016-10-22 00:13:12 -0400 | 
|---|---|---|
| committer | Malf Furious <m@lfurio.us> | 2016-10-22 00:13:12 -0400 | 
| commit | 9d0ff6546fb03489bbd127aeec6ee161e204a139 (patch) | |
| tree | 3e4624c95293c3000e0dbac095af4a461ae35176 /app/class/object.class.php | |
| parent | 827a8025ab48dea386b77717f1d1bc30d10ba232 (diff) | |
| parent | 35da301d31045b0974100307a7f0f4128b482170 (diff) | |
| download | scrott-9d0ff6546fb03489bbd127aeec6ee161e204a139.tar.gz scrott-9d0ff6546fb03489bbd127aeec6ee161e204a139.zip | |
Merge branch 'feature/core/groups' into dev
Diffstat (limited to 'app/class/object.class.php')
| -rw-r--r-- | app/class/object.class.php | 370 | 
1 files changed, 370 insertions, 0 deletions
| diff --git a/app/class/object.class.php b/app/class/object.class.php index b73a54d..7c0b7bb 100644 --- a/app/class/object.class.php +++ b/app/class/object.class.php @@ -15,12 +15,15 @@   */  require_once "class/framework.class.php"; +require_once "class/user.class.php";  /*   * Base class for Scrott database objects   */  abstract class Object extends Framework  { +    var $DEFAULT_OBJECT_PERMISSIONS = 120; +      /*       * Constructor       */ @@ -250,6 +253,373 @@ abstract class Object extends Framework      {          return hash("sha256", openssl_random_pseudo_bytes(64));      } + +    /* +     * Get a user object for this object's owner +     */ +    function getOwner() +    { +        if (isset($this->owner)) +            return new User($this->owner); + +        return null; +    } + +    /* +     * Get an array of all members of this object +     */ +    function getMembers() +    { +        $query = "SELECT member FROM obj_member WHERE guid = '" . $this->db->esc($this->guid) . "'"; +        $result = $this->db->query($query); + +        $members = array(); + +        foreach ($result as $m) +            $members[] = new User($m['member']); + +        return $members; +    } + +    /* +     * Check if given user (or group) is the owner of this object +     */ +    function isOwner($ug) +    { +        return $this->getOwner()->guid == $ug->guid; +    } + +    /* +     * Check if given user (or group) is a member of this object +     */ +    function isMember($ug) +    { +        foreach ($this->getMembers() as $member) +        { +            if ($member->guid == $ug->guid) +                return true; +        } + +        return false; +    } + +    /* +     * Check if given user has permissions for this object +     */ +    function canAccess($user) +    { +        if ($user->admin) +            return true; + +        if ($this->isOwner($user)) +            return true; + +        if ($this->isMember($user)) +            return true; + +        if ($this->perms & 0x004) // accessible by public +            return true; + +        if ($this->parent != "") +        { +            $parent = new DBObject($this->parent); + +            if ($parent->canAccessSub($user)) +                return true; +        } +        else if ($this->owner != $this->guid) +        { +            $owner = new DBObject($this->owner); + +            if ($owner->canAccessSub($user)) +                return true; +        } + +        return false; +    } + +    /* +     * Check if given user has permissions for this object +     */ +    function canModify($user) +    { +        if ($user->admin) +            return true; + +        if ($this->isOwner($user)) +            return true; + +        if ($this->isMember($user) && $this->perms & 0x100) +            return true; + +        if ($this->parent != "") +        { +            $parent = new DBObject($this->parent); + +            if ($parent->canModifySub($user)) +                return true; +        } +        else if ($this->owner != $this->guid) +        { +            $owner = new DBObject($this->owner); + +            if ($owner->canModifySub($user)) +                return true; +        } + +        return false; +    } + +    /* +     * Check if given user has permissions for this object +     */ +    function canModifyMembers($user) +    { +        if ($user->admin) +            return true; + +        if ($this->isOwner($user)) +            return true; + +        if ($this->isMember($user) && $this->perms & 0x080) +            return true; + +        if ($this->parent != "") +        { +            $parent = new DBObject($this->parent); + +            if ($parent->canModifySubMembers($user)) +                return true; +        } +        else if ($this->owner != $this->guid) +        { +            $owner = new DBObject($this->owner); + +            if ($owner->canModifySubMembers($user)) +                return true; +        } + +        return false; +    } + +    /* +     * Check if given user has permissions for this object +     */ +    function canModifyPermissions($user) +    { +        if ($user->admin) +            return true; + +        if ($this->isOwner($user)) +            return true; + +        if ($this->parent != "") +        { +            $parent = new DBObject($this->parent); + +            if ($parent->canModifySubPermissions($user)) +                return true; +        } +        else if ($this->owner != $this->guid) +        { +            $owner = new DBObject($this->owner); + +            if ($owner->canModifySubPermissions($user)) +                return true; +        } + +        return false; +    } + +    /* +     * Check if given user has permissions for this object +     */ +    function canAccessSub($user) +    { +        if ($user->admin) +            return true; + +        if ($this->isOwner($user)) +            return true; + +        if ($this->isMember($user) && $this->perms & 0x040) +            return true; + +        if ($this->perms & 0x002) // accessible by public +            return true; + +        if ($this->parent != "") +        { +            $parent = new DBObject($this->parent); + +            if ($parent->canAccessSub($user)) +                return true; +        } +        else if ($this->owner != $this->guid) +        { +            $owner = new DBObject($this->owner); + +            if ($owner->canAccessSub($user)) +                return true; +        } + +        return false; +    } + +    /* +     * Check if given user has permissions for this object +     */ +    function canCreateSub($user) +    { +        if ($user->admin) +            return true; + +        if ($this->isOwner($user)) +            return true; + +        if ($this->isMember($user) && $this->perms & 0x020) +            return true; + +        if ($this->perms & 0x001) // accessible by public +            return true; + +        if ($this->parent != "") +        { +            $parent = new DBObject($this->parent); + +            if ($parent->canCreateSub($user)) +                return true; +        } +        else if ($this->owner != $this->guid) +        { +            $owner = new DBObject($this->owner); + +            if ($owner->canCreateSub($user)) +                return true; +        } + +        return false; +    } + +    /* +     * Check if given user has permissions for this object +     */ +    function canModifySub($user) +    { +        if ($user->admin) +            return true; + +        if ($this->isOwner($user)) +            return true; + +        if ($this->isMember($user) && $this->perms & 0x010) +            return true; + +        if ($this->parent != "") +        { +            $parent = new DBObject($this->parent); + +            if ($parent->canModifySub($user)) +                return true; +        } +        else if ($this->owner != $this->guid) +        { +            $owner = new DBObject($this->owner); + +            if ($owner->canModifySub($user)) +                return true; +        } + +        return false; +    } + +    /* +     * Check if given user has permissions for this object +     */ +    function canModifySubMembers($user) +    { +        if ($user->admin) +            return true; + +        if ($this->isOwner($user)) +            return true; + +        if ($this->isMember($user) && $this->perms & 0x008) +            return true; + +        if ($this->parent != "") +        { +            $parent = new DBObject($this->parent); + +            if ($parent->canModifySubMembers($user)) +                return true; +        } +        else if ($this->owner != $this->guid) +        { +            $owner = new DBObject($this->owner); + +            if ($owner->canModifySubMembers($user)) +                return true; +        } + +        return false; +    } + +    /* +     * Check if given user has permissions for this object +     */ +    function canModifySubPermissions($user) +    { +        if ($user->admin) +            return true; + +        if ($this->isOwner($user)) +            return true; + +        if ($this->parent != "") +        { +            $parent = new DBObject($this->parent); + +            if ($parent->canModifySubPermissions($user)) +                return true; +        } +        else if ($this->owner != $this->guid) +        { +            $owner = new DBObject($this->owner); + +            if ($owner->canModifySubPermissions($user)) +                return true; +        } + +        return false; +    } + +    /* +     * Get URL to this object +     */ +    function getURL() +    { +        return $this->ar() . "/" . $this->guid; +    } + +    /* +     * Get object's head image +     */ +    function getHeadImage() +    { +        return $this->ar() . "/file.php?d=img/heads&f=" . $this->guid; +    } + +    /* +     * Remove this object's head image +     */ +    function rmHeadImage() +    { +        if (!is_file("assets/img/heads/" . $this->guid)) +            return true; + +        return unlink("assets/img/heads/" . $this->guid); +    }  }  /* | 
