diff options
| author | Malf Furious <m@lfurio.us> | 2017-01-15 05:57:19 -0500 |
|---|---|---|
| committer | Malf Furious <m@lfurio.us> | 2017-01-15 05:57:19 -0500 |
| commit | 0d53041fc67e13fc53cca0c993ec1a7a31a5a16e (patch) | |
| tree | c2d3c6a43aa3ba16fe2207f76c4c0a3ce4033772 /examples/class/object.class.php | |
| parent | feb61662d2359414837787111cf0f37e1f57fb5f (diff) | |
| download | scrott-0d53041fc67e13fc53cca0c993ec1a7a31a5a16e.tar.gz scrott-0d53041fc67e13fc53cca0c993ec1a7a31a5a16e.zip | |
Reorganize examples/ directory
Diffstat (limited to 'examples/class/object.class.php')
| -rw-r--r-- | examples/class/object.class.php | 485 |
1 files changed, 485 insertions, 0 deletions
diff --git a/examples/class/object.class.php b/examples/class/object.class.php new file mode 100644 index 0000000..0c02176 --- /dev/null +++ b/examples/class/object.class.php @@ -0,0 +1,485 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "class/framework.class.php"; +require_once "class/user.class.php"; + +/* + * Base class for Scrott database objects + */ +abstract class Object extends Framework +{ + var $DEFAULT_OBJECT_PERMISSIONS = 120; + + /* + * Constructor + */ + function __construct($childTable = "object", $childCols = null) + { + $this->db = $this->getDbConnection(); + + $this->table = "object"; + $this->cols = array( + "guid", + "perms", + "owner", + "parent", + "name", + "timeCreated", + "timeUpdated", + "type" + ); + + $this->childTable = $this->db->esc($childTable); + $this->childCols = array(); + + if (is_array($childCols)) + { + foreach ($childCols as $col) + $this->childCols[] = $this->db->esc($col); + } + } + + /* + * Get current timestamp for object database purposes + */ + function getCurrentTimestamp() + { + $query = "SELECT now() AS stamp"; + $result = $this->db->query($query); + return $result[0]['stamp']; + } + + /* + * Check whether given GUID exists + */ + function isGUID($guid) + { + $query = "SELECT `guid` FROM `object` WHERE `guid` = '" . $this->db->esc($guid) . "'"; + $result = $this->db->query($query); + + if (count($result) > 0) + return true; + + return false; + } + + /* + * Get a new, unique GUID for a new system object + */ + function getNewGUID() + { + do + { + $guid = substr($this->getBlob(), 0, 8); + } + while ($this->isGUID($guid)); + + return $guid; + } + + /* + * Get a random sha256 blob + */ + function getBlob() + { + return hash("sha256", openssl_random_pseudo_bytes(64)); + } + + /* + * Get a user object for this object's owner + */ + function getOwner() + { + if (isset($this->owner)) + return new User($this->owner); + + return null; + } + + /* + * Get an array of all members of this object + */ + function getMembers() + { + $query = "SELECT member FROM obj_member WHERE guid = '" . $this->db->esc($this->guid) . "'"; + $result = $this->db->query($query); + + $members = array(); + + foreach ($result as $m) + $members[] = new User($m['member']); + + return $members; + } + + /* + * Check if given user (or group) is the owner of this object + */ + function isOwner($ug) + { + return $this->getOwner()->guid == $ug->guid; + } + + /* + * Check if given user (or group) is a member of this object + */ + function isMember($ug) + { + foreach ($this->getMembers() as $member) + { + if ($member->guid == $ug->guid) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canAccess($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user)) + return true; + + if ($this->perms & 0x004) // accessible by public + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canAccessSub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canAccessSub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModify($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x100) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifyMembers($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x080) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubMembers($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubMembers($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifyPermissions($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubPermissions($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubPermissions($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canAccessSub($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x040) + return true; + + if ($this->perms & 0x002) // accessible by public + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canAccessSub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canAccessSub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canCreateSub($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x020) + return true; + + if ($this->perms & 0x001) // accessible by public + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canCreateSub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canCreateSub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifySub($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x010) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySub($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySub($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifySubMembers($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->isMember($user) && $this->perms & 0x008) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubMembers($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubMembers($user)) + return true; + } + + return false; + } + + /* + * Check if given user has permissions for this object + */ + function canModifySubPermissions($user) + { + if ($user->admin) + return true; + + if ($this->isOwner($user)) + return true; + + if ($this->parent != "") + { + $parent = new DBObject($this->parent); + + if ($parent->canModifySubPermissions($user)) + return true; + } + else if ($this->owner != $this->guid) + { + $owner = new DBObject($this->owner); + + if ($owner->canModifySubPermissions($user)) + return true; + } + + return false; + } + + /* + * Get URL to this object + */ + function getURL() + { + return $this->ar() . "/" . $this->guid; + } + + /* + * Get object's head image + */ + function getHeadImage() + { + return $this->ar() . "/file.php?d=img/heads&f=" . $this->guid; + } + + /* + * Remove this object's head image + */ + function rmHeadImage() + { + if (!is_file("assets/img/heads/" . $this->guid)) + return true; + + return unlink("assets/img/heads/" . $this->guid); + } +} + +/* + * Concrete Database Object which can be used in a polymorphic way + */ +class DBObject extends Object +{ + /* + * Constructor + */ + function __construct($guid = null) + { + parent::__construct(); + $this->loadObj($guid); + } +} + +?> |