summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app/class/agent.class.php282
1 files changed, 282 insertions, 0 deletions
diff --git a/app/class/agent.class.php b/app/class/agent.class.php
index 7c3b23c..52bfc1e 100644
--- a/app/class/agent.class.php
+++ b/app/class/agent.class.php
@@ -49,6 +49,288 @@ abstract class agent extends object
return false;
}
+
+ /*
+ * Check whether this agent has access permission for given
+ * object
+ */
+ public function canAccess(object $obj) : bool
+ {
+ if ($this->admin)
+ return true;
+
+ if ($this->isOwnerOf($obj))
+ return true;
+
+ if ($this->isMemberOf($obj))
+ return true;
+
+ if ($obj->pubAcc)
+ return true;
+
+ if ($obj->parent)
+ {
+ $parent = new object($obj->parent);
+ if ($this->canAccessSub($parent))
+ return true;
+ }
+ else if ($this->owner)
+ {
+ $owner = new object($obj->owner);
+ if ($this->canAccessSub($owner))
+ return true;
+ }
+
+ return false;
+ }
+
+ /*
+ * Check whether this agent has modify permission for given
+ * object
+ */
+ public function canModify(object $obj) : bool
+ {
+ if ($this->admin)
+ return true;
+
+ if ($this->isOwnerOf($obj))
+ return true;
+
+ if ($this->isMemberOf($obj) && $obj->membModify)
+ return true;
+
+ if ($obj->parent)
+ {
+ $parent = new object($obj->parent);
+ if ($this->canModifySub($parent))
+ return true;
+ }
+ else if ($obj->owner)
+ {
+ $owner = new object($obj->owner);
+ if ($this->canModifySub($owner))
+ return true;
+ }
+
+ return false;
+ }
+
+ /*
+ * Check whether this agent has modify members permission for
+ * given object
+ */
+ public function canModifyMembers(object $obj) : bool
+ {
+ if ($this->admin)
+ return true;
+
+ if ($this->isOwnerOf($obj))
+ return true;
+
+ if ($this->isMemberOf($obj) && $obj->membMemb)
+ return true;
+
+ if ($obj->parent)
+ {
+ $parent = new object($obj->parent);
+ if ($this->canModifySubMembers($parent))
+ return true;
+ }
+ else if ($obj->owner)
+ {
+ $owner = new object($obj->owner);
+ if ($this->canModifySubMembers($owner))
+ return true;
+ }
+
+ return false;
+ }
+
+ /*
+ * Check whether this agent has modify permissions permission
+ * for given object
+ */
+ public function canModifyPermissions(object $obj) : bool
+ {
+ if ($this->admin)
+ return true;
+
+ if ($this->isOwnerOf($obj))
+ return true;
+
+ if ($obj->parent)
+ {
+ $parent = new object($obj->parent);
+ if ($this->canModifySubPermissions($parent))
+ return true;
+ }
+ else if ($obj->owner)
+ {
+ $owner = new object($obj->owner);
+ if ($this->canModifySubPermissions($owner))
+ return true;
+ }
+
+ return false;
+ }
+
+ /*
+ * Check whether this agent has access-sub permission for
+ * given object
+ */
+ public function canAccessSub(object $obj) : bool
+ {
+ if ($this->admin)
+ return true;
+
+ if ($this->isOwnerOf($obj))
+ return true;
+
+ if ($this->isMemberOf($obj) && $obj->membAccs)
+ return true;
+
+ if ($obj->pubAccs)
+ return true;
+
+ if ($obj->parent)
+ {
+ $parent = new object($obj->parent);
+ if ($this->canAccessSub($parent))
+ return true;
+ }
+ else if ($obj->owner)
+ {
+ $owner = new object($obj->owner);
+ if ($this->canAccessSub($owner))
+ return true;
+ }
+
+ return false;
+ }
+
+ /*
+ * Check whether this agent has create-sub permission
+ * for given object
+ */
+ public function canCreateSub(object $obj) : bool
+ {
+ if ($this->admin)
+ return true;
+
+ if ($this->isOwnerOf($obj))
+ return true;
+
+ if ($this->isMemberOf($obj) && $obj->membCres)
+ return true;
+
+ if ($obj->pubCres)
+ return true;
+
+ if ($obj->parent)
+ {
+ $parent = new object($obj->parent);
+ if ($this->canCreateSub($parent))
+ return true;
+ }
+ else if ($obj->owner)
+ {
+ $owner = new object($obj->owner);
+ if ($this->canCreateSub($owner))
+ return true;
+ }
+
+ return false;
+ }
+
+ /*
+ * Check whether this agent has modify-sub permission
+ * for given object
+ */
+ public function canModifySub(object $obj) : bool
+ {
+ if ($this->admin)
+ return true;
+
+ if ($this->isOwnerOf($obj))
+ return true;
+
+ if ($this->isMemberOf($obj) && $obj->membModifys)
+ return true;
+
+ if ($obj->parent)
+ {
+ $parent = new object($obj->parent);
+ if ($this->canModifySub($parent))
+ return true;
+ }
+ else if ($obj->owner)
+ {
+ $owner = new object($obj->owner);
+ if ($this->canModifySub($owner))
+ return true;
+ }
+
+ return false;
+ }
+
+ /*
+ * Check whether this agent has modify-sub-members
+ * permission for given object
+ */
+ public function canModifySubMembers(object $obj) : bool
+ {
+ if ($this->admin)
+ return true;
+
+ if ($this->isOwnerOf($obj))
+ return true;
+
+ if ($this->isMemberOf($obj) && $obj->membMembs)
+ return true;
+
+ if ($obj->parent)
+ {
+ $parent = new object($obj->parent);
+ if ($this->canModifySubMembers($parent))
+ return true;
+ }
+ else if ($obj->owner)
+ {
+ $owner = new object($obj->owner);
+ if ($this->canModifySubMembers($owner))
+ return true;
+ }
+
+ return false;
+ }
+
+ /*
+ * Check whether this agent has modify-sub-permissions
+ * permission for given object
+ */
+ public function canModifySubPermissions(object $obj) : bool
+ {
+ if ($this->admin)
+ return true;
+
+ if ($this->isOwnerOf($obj))
+ return true;
+
+ if ($obj->parent)
+ {
+ $parent = new object($obj->parent);
+ if ($this->canModifySubPermissions($parent))
+ return true;
+ }
+ else if ($obj->owner)
+ {
+ $owner = new object($obj->owner);
+ if ($this->canModifySubPermissions($owner))
+ return true;
+ }
+
+ return false;
+ }
}
?>
cgit-1.2.3-r5 | srcnode v0.4.0