diff options
| author | Malf Furious <m@lfurio.us> | 2016-10-22 00:13:12 -0400 |
|---|---|---|
| committer | Malf Furious <m@lfurio.us> | 2016-10-22 00:13:12 -0400 |
| commit | 9d0ff6546fb03489bbd127aeec6ee161e204a139 (patch) | |
| tree | 3e4624c95293c3000e0dbac095af4a461ae35176 /app/class | |
| parent | 827a8025ab48dea386b77717f1d1bc30d10ba232 (diff) | |
| parent | 35da301d31045b0974100307a7f0f4128b482170 (diff) | |
| download | scrott-9d0ff6546fb03489bbd127aeec6ee161e204a139.tar.gz scrott-9d0ff6546fb03489bbd127aeec6ee161e204a139.zip | |
Merge branch 'feature/core/groups' into dev
Diffstat (limited to 'app/class')
| -rw-r--r-- | app/class/form.class.php | 12 | ||||
| -rw-r--r-- | app/class/group.class.php | 15 | ||||
| -rw-r--r-- | app/class/object.class.php | 370 | ||||
| -rw-r--r-- | app/class/user.class.php | 30 |
4 files changed, 409 insertions, 18 deletions
diff --git a/app/class/form.class.php b/app/class/form.class.php index f0d660a..8bb6506 100644 --- a/app/class/form.class.php +++ b/app/class/form.class.php @@ -123,10 +123,10 @@ class Form foreach ($this->textFields as $fld) { if (isset($input[$fld['name']]) && $input[$fld['name']] != "") - $this->$fld['name'] = htmlEntities($input[$fld['name']], ENT_QUOTES); + $this->{$fld['name']} = htmlEntities($input[$fld['name']], ENT_QUOTES); else if (!is_null($fld['deflt'])) - $this->$fld['name'] = $fld['deflt']; + $this->{$fld['name']} = $fld['deflt']; else if ($fld['req']) $this->logError($fld['name'] . " is required"); @@ -161,11 +161,11 @@ class Form continue; } - $this->$fld['name'] = $input[$fld['name']]; + $this->{$fld['name']} = $input[$fld['name']]; } else if (!is_null($fld['deflt'])) - $this->$fld['name'] = $fld['deflt']; + $this->{$fld['name']} = $fld['deflt']; else if ($fld['req']) $this->logError($fld['name'] . " is required"); @@ -182,11 +182,11 @@ class Form continue; } - $this->$fld['name'] = $input[$fld['name']]; + $this->{$fld['name']} = $input[$fld['name']]; } else if (!is_null($fld['deflt'])) - $this->$fld['name'] = $fld['deflt']; + $this->{$fld['name']} = $fld['deflt']; else if ($fld['req']) $this->logError($fld['name'] . " is required"); diff --git a/app/class/group.class.php b/app/class/group.class.php index dfa7deb..246276a 100644 --- a/app/class/group.class.php +++ b/app/class/group.class.php @@ -29,6 +29,21 @@ class Group extends Object parent::__construct(); $this->loadObj($guid); } + + /* + * Create a new user group object. + * On success, this object should be initialized as the new group (use only on new + * Group() objects) + */ + function createNewGroup($name, $owner) + { + $this->perms = $this->DEFAULT_OBJECT_PERMISSIONS; + $this->owner = $owner->guid; + $this->name = $name; + $this->type = "group"; + + $this->saveObj(); + } } ?> diff --git a/app/class/object.class.php b/app/class/object.class.php index b73a54d..7c0b7bb 100644 --- a/app/class/object.class.php +++ b/app/class/object.class.php @@ -15,12 +15,15 @@ */ require_once "class/framework.class.php"; +require_once "class/user.class.php"; /* * Base class for Scrott database objects */ abstract class Object extends Framework { + var $DEFAULT_OBJECT_PERMISSIONS = 120; + /* * Constructor */ @@ -250,6 +253,373 @@ abstract class Object extends Framework { return hash("sha256", openssl_random_pseudo_bytes(64)); } + + /* + * Get a user object for this object's owner + */ + function getOwner() + { + if (isset($this->owner)) + return new User($this->owner); + + return null; + } + + /* + * Get an array of all members of this object + */ + function getMembers() + { + $query = "SELECT member FROM obj_member WHERE guid = '" . $this->db->esc($this->guid) . "'"; + $result = $this->db->query($query); + + $members = array(); + + foreach ($result as $m) + $members[] = new User($m['member']); + + return $members; + } + + /* + * Check if given user (or group) is the owner of this object + */ + function isOwner($ug) + { + return $this->getOwner()->guid == $ug->guid; + } + + /* + * Check if given user (or group) is a member of this object + */ + function isMember($ug) + { + foreach ($this->getMembers() as $member) + { + if ($member->guid == $ug->guid) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canAccess($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user)) + return true; + + if ($this->perms & 0x004) // accessible by public + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canAccessSub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canAccessSub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModify($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x100) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifyMembers($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x080) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubMembers($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubMembers($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifyPermissions($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubPermissions($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubPermissions($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canAccessSub($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x040) + return true; + + if ($this->perms & 0x002) // accessible by public + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canAccessSub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canAccessSub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canCreateSub($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x020) + return true; + + if ($this->perms & 0x001) // accessible by public + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canCreateSub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canCreateSub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifySub($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x010) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifySubMembers($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x008) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubMembers($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubMembers($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifySubPermissions($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubPermissions($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubPermissions($user)) + return true; + } + + return false; + } + + /* + * Get URL to this object + */ + function getURL() + { + return $this->ar() . "/" . $this->guid; + } + + /* + * Get object's head image + */ + function getHeadImage() + { + return $this->ar() . "/file.php?d=img/heads&f=" . $this->guid; + } + + /* + * Remove this object's head image + */ + function rmHeadImage() + { + if (!is_file("assets/img/heads/" . $this->guid)) + return true; + + return unlink("assets/img/heads/" . $this->guid); + } } /* diff --git a/app/class/user.class.php b/app/class/user.class.php index 1185f45..b8143a9 100644 --- a/app/class/user.class.php +++ b/app/class/user.class.php @@ -15,6 +15,7 @@ */ require_once "class/object.class.php"; +require_once "class/group.class.php"; /* * Application users @@ -213,22 +214,27 @@ class User extends Object } /* - * Get this user's head image + * Get all groups this user owns or is a member of */ - function getHeadImage() + function getGroups() { - return $this->ar() . "/file.php?d=img/heads&f=" . $this->guid; - } + /* owner */ + $query = "SELECT guid FROM object WHERE type = 'group' AND owner = '" . $this->db->esc($this->guid) . "'"; + $result = $this->db->query($query); - /* - * Remove this user's head image - */ - function rmHeadImage() - { - if (!is_file("assets/img/heads/" . $this->guid)) - return true; + $groups = array(); + + foreach ($result as $g) + $groups[] = new Group($g['guid']); + + /* member */ + $query = "SELECT o.guid FROM object o JOIN obj_member om ON o.guid = om.guid WHERE o.type = 'group' AND member = '" . $this->db->esc($this->guid) . "'"; + $result = $this->db->query($query); + + foreach ($result as $g) + $groups[] = new Group($g['guid']); - return unlink("assets/img/heads/" . $this->guid); + return $groups; } } |