diff options
| author | Malf Furious <m@lfurio.us> | 2016-10-22 00:13:12 -0400 |
|---|---|---|
| committer | Malf Furious <m@lfurio.us> | 2016-10-22 00:13:12 -0400 |
| commit | 9d0ff6546fb03489bbd127aeec6ee161e204a139 (patch) | |
| tree | 3e4624c95293c3000e0dbac095af4a461ae35176 /app/class/object.class.php | |
| parent | 827a8025ab48dea386b77717f1d1bc30d10ba232 (diff) | |
| parent | 35da301d31045b0974100307a7f0f4128b482170 (diff) | |
| download | scrott-9d0ff6546fb03489bbd127aeec6ee161e204a139.tar.gz scrott-9d0ff6546fb03489bbd127aeec6ee161e204a139.zip | |
Merge branch 'feature/core/groups' into dev
Diffstat (limited to 'app/class/object.class.php')
| -rw-r--r-- | app/class/object.class.php | 370 |
1 files changed, 370 insertions, 0 deletions
diff --git a/app/class/object.class.php b/app/class/object.class.php index b73a54d..7c0b7bb 100644 --- a/app/class/object.class.php +++ b/app/class/object.class.php @@ -15,12 +15,15 @@ */ require_once "class/framework.class.php"; +require_once "class/user.class.php"; /* * Base class for Scrott database objects */ abstract class Object extends Framework { + var $DEFAULT_OBJECT_PERMISSIONS = 120; + /* * Constructor */ @@ -250,6 +253,373 @@ abstract class Object extends Framework { return hash("sha256", openssl_random_pseudo_bytes(64)); } + + /* + * Get a user object for this object's owner + */ + function getOwner() + { + if (isset($this->owner)) + return new User($this->owner); + + return null; + } + + /* + * Get an array of all members of this object + */ + function getMembers() + { + $query = "SELECT member FROM obj_member WHERE guid = '" . $this->db->esc($this->guid) . "'"; + $result = $this->db->query($query); + + $members = array(); + + foreach ($result as $m) + $members[] = new User($m['member']); + + return $members; + } + + /* + * Check if given user (or group) is the owner of this object + */ + function isOwner($ug) + { + return $this->getOwner()->guid == $ug->guid; + } + + /* + * Check if given user (or group) is a member of this object + */ + function isMember($ug) + { + foreach ($this->getMembers() as $member) + { + if ($member->guid == $ug->guid) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canAccess($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user)) + return true; + + if ($this->perms & 0x004) // accessible by public + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canAccessSub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canAccessSub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModify($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x100) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifyMembers($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x080) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubMembers($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubMembers($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifyPermissions($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubPermissions($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubPermissions($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canAccessSub($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x040) + return true; + + if ($this->perms & 0x002) // accessible by public + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canAccessSub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canAccessSub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canCreateSub($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x020) + return true; + + if ($this->perms & 0x001) // accessible by public + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canCreateSub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canCreateSub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifySub($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x010) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifySubMembers($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x008) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubMembers($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubMembers($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifySubPermissions($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubPermissions($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubPermissions($user)) + return true; + } + + return false; + } + + /* + * Get URL to this object + */ + function getURL() + { + return $this->ar() . "/" . $this->guid; + } + + /* + * Get object's head image + */ + function getHeadImage() + { + return $this->ar() . "/file.php?d=img/heads&f=" . $this->guid; + } + + /* + * Remove this object's head image + */ + function rmHeadImage() + { + if (!is_file("assets/img/heads/" . $this->guid)) + return true; + + return unlink("assets/img/heads/" . $this->guid); + } } /* |