db = $this->getDbConnection(); $this->table = "object"; $this->cols = array( "guid", "perms", "owner", "parent", "name", "timeCreated", "timeUpdated", "type" ); $this->childTable = $this->db->esc($childTable); $this->childCols = array(); if (is_array($childCols)) { foreach ($childCols as $col) $this->childCols[] = $this->db->esc($col); } } /* * Get current timestamp for object database purposes */ function getCurrentTimestamp() { $query = "SELECT now() AS stamp"; $result = $this->db->query($query); return $result[0]['stamp']; } /* * Check whether given GUID exists */ function isGUID($guid) { $query = "SELECT `guid` FROM `object` WHERE `guid` = '" . $this->db->esc($guid) . "'"; $result = $this->db->query($query); if (count($result) > 0) return true; return false; } /* * Get a new, unique GUID for a new system object */ function getNewGUID() { do { $guid = substr($this->getBlob(), 0, 8); } while ($this->isGUID($guid)); return $guid; } /* * Get a random sha256 blob */ function getBlob() { return hash("sha256", openssl_random_pseudo_bytes(64)); } /* * Get a user object for this object's owner */ function getOwner() { if (isset($this->owner)) return new User($this->owner); return null; } /* * Get an array of all members of this object */ function getMembers() { $query = "SELECT member FROM obj_member WHERE guid = '" . $this->db->esc($this->guid) . "'"; $result = $this->db->query($query); $members = array(); foreach ($result as $m) $members[] = new User($m['member']); return $members; } /* * Check if given user (or group) is the owner of this object */ function isOwner($ug) { return $this->getOwner()->guid == $ug->guid; } /* * Check if given user (or group) is a member of this object */ function isMember($ug) { foreach ($this->getMembers() as $member) { if ($member->guid == $ug->guid) return true; } return false; } /* * Check if given user has permissions for this object */ function canAccess($user) { if ($user->admin) return true; if ($this->isOwner($user)) return true; if ($this->isMember($user)) return true; if ($this->perms & 0x004) // accessible by public return true; if ($this->parent != "") { $parent = new DBObject($this->parent); if ($parent->canAccessSub($user)) return true; } else if ($this->owner != $this->guid) { $owner = new DBObject($this->owner); if ($owner->canAccessSub($user)) return true; } return false; } /* * Check if given user has permissions for this object */ function canModify($user) { if ($user->admin) return true; if ($this->isOwner($user)) return true; if ($this->isMember($user) && $this->perms & 0x100) return true; if ($this->parent != "") { $parent = new DBObject($this->parent); if ($parent->canModifySub($user)) return true; } else if ($this->owner != $this->guid) { $owner = new DBObject($this->owner); if ($owner->canModifySub($user)) return true; } return false; } /* * Check if given user has permissions for this object */ function canModifyMembers($user) { if ($user->admin) return true; if ($this->isOwner($user)) return true; if ($this->isMember($user) && $this->perms & 0x080) return true; if ($this->parent != "") { $parent = new DBObject($this->parent); if ($parent->canModifySubMembers($user)) return true; } else if ($this->owner != $this->guid) { $owner = new DBObject($this->owner); if ($owner->canModifySubMembers($user)) return true; } return false; } /* * Check if given user has permissions for this object */ function canModifyPermissions($user) { if ($user->admin) return true; if ($this->isOwner($user)) return true; if ($this->parent != "") { $parent = new DBObject($this->parent); if ($parent->canModifySubPermissions($user)) return true; } else if ($this->owner != $this->guid) { $owner = new DBObject($this->owner); if ($owner->canModifySubPermissions($user)) return true; } return false; } /* * Check if given user has permissions for this object */ function canAccessSub($user) { if ($user->admin) return true; if ($this->isOwner($user)) return true; if ($this->isMember($user) && $this->perms & 0x040) return true; if ($this->perms & 0x002) // accessible by public return true; if ($this->parent != "") { $parent = new DBObject($this->parent); if ($parent->canAccessSub($user)) return true; } else if ($this->owner != $this->guid) { $owner = new DBObject($this->owner); if ($owner->canAccessSub($user)) return true; } return false; } /* * Check if given user has permissions for this object */ function canCreateSub($user) { if ($user->admin) return true; if ($this->isOwner($user)) return true; if ($this->isMember($user) && $this->perms & 0x020) return true; if ($this->perms & 0x001) // accessible by public return true; if ($this->parent != "") { $parent = new DBObject($this->parent); if ($parent->canCreateSub($user)) return true; } else if ($this->owner != $this->guid) { $owner = new DBObject($this->owner); if ($owner->canCreateSub($user)) return true; } return false; } /* * Check if given user has permissions for this object */ function canModifySub($user) { if ($user->admin) return true; if ($this->isOwner($user)) return true; if ($this->isMember($user) && $this->perms & 0x010) return true; if ($this->parent != "") { $parent = new DBObject($this->parent); if ($parent->canModifySub($user)) return true; } else if ($this->owner != $this->guid) { $owner = new DBObject($this->owner); if ($owner->canModifySub($user)) return true; } return false; } /* * Check if given user has permissions for this object */ function canModifySubMembers($user) { if ($user->admin) return true; if ($this->isOwner($user)) return true; if ($this->isMember($user) && $this->perms & 0x008) return true; if ($this->parent != "") { $parent = new DBObject($this->parent); if ($parent->canModifySubMembers($user)) return true; } else if ($this->owner != $this->guid) { $owner = new DBObject($this->owner); if ($owner->canModifySubMembers($user)) return true; } return false; } /* * Check if given user has permissions for this object */ function canModifySubPermissions($user) { if ($user->admin) return true; if ($this->isOwner($user)) return true; if ($this->parent != "") { $parent = new DBObject($this->parent); if ($parent->canModifySubPermissions($user)) return true; } else if ($this->owner != $this->guid) { $owner = new DBObject($this->owner); if ($owner->canModifySubPermissions($user)) return true; } return false; } /* * Get URL to this object */ function getURL() { return $this->ar() . "/" . $this->guid; } /* * Get object's head image */ function getHeadImage() { return $this->ar() . "/file.php?d=img/heads&f=" . $this->guid; } /* * Remove this object's head image */ function rmHeadImage() { if (!is_file("assets/img/heads/" . $this->guid)) return true; return unlink("assets/img/heads/" . $this->guid); } } /* * Concrete Database Object which can be used in a polymorphic way */ class DBObject extends Object { /* * Constructor */ function __construct($guid = null) { parent::__construct(); $this->loadObj($guid); } } ?>