2015-12-29 01:27:49 +00:00
|
|
|
<?php
|
2016-02-03 22:22:56 +00:00
|
|
|
/**
|
|
|
|
* Holds the global permissions handler.
|
|
|
|
*
|
|
|
|
* @package Sakura
|
|
|
|
*/
|
|
|
|
|
2015-12-29 01:27:49 +00:00
|
|
|
namespace Sakura;
|
|
|
|
|
|
|
|
/**
|
2016-02-02 21:04:15 +00:00
|
|
|
* Global permissions handler.
|
|
|
|
*
|
2015-12-29 01:27:49 +00:00
|
|
|
* @package Sakura
|
2016-02-02 21:04:15 +00:00
|
|
|
* @author Julian van de Groep <me@flash.moe>
|
2015-12-29 01:27:49 +00:00
|
|
|
*/
|
|
|
|
class Perms
|
|
|
|
{
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
|
|
|
* SITE permission mode, used for general permissions.
|
|
|
|
*/
|
2015-12-29 21:52:19 +00:00
|
|
|
const SITE = 'permissions\permissions_site';
|
2016-02-02 21:04:15 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* MANAGE permission mode, used for site management actions.
|
|
|
|
*/
|
2015-12-29 21:52:19 +00:00
|
|
|
const MANAGE = 'permissions\permissions_manage';
|
2016-02-02 21:04:15 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* FORUM permission mode, used per forum.
|
|
|
|
*/
|
2016-01-03 21:19:37 +00:00
|
|
|
const FORUM = 'forum_permissions\forum_perms';
|
2015-12-29 01:27:49 +00:00
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
|
|
|
* The table containing the permissions.
|
|
|
|
*
|
|
|
|
* @var string
|
|
|
|
*/
|
2015-12-29 01:27:49 +00:00
|
|
|
protected $table = '';
|
2016-02-02 21:04:15 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* The column containing the permissions.
|
|
|
|
*
|
|
|
|
* @var string
|
|
|
|
*/
|
2015-12-29 01:27:49 +00:00
|
|
|
protected $column = '';
|
2015-12-29 21:52:19 +00:00
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
|
|
|
* Constructor.
|
|
|
|
*
|
|
|
|
* @param string $mode One of the modes above.
|
|
|
|
*/
|
2015-12-29 21:52:19 +00:00
|
|
|
public function __construct($mode)
|
|
|
|
{
|
|
|
|
$this->mode($mode);
|
|
|
|
}
|
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
|
|
|
* Set a permission mode.
|
|
|
|
*
|
|
|
|
* @param string $mode One of the modes above.
|
|
|
|
*/
|
2016-01-02 17:55:31 +00:00
|
|
|
public function mode($mode)
|
|
|
|
{
|
2015-12-29 01:27:49 +00:00
|
|
|
// Split the mode variable
|
|
|
|
$mode = explode('\\', $mode);
|
|
|
|
|
|
|
|
// Assign $table, $column and $selectors
|
|
|
|
$this->table = $mode[0];
|
|
|
|
$this->column = $mode[1];
|
|
|
|
}
|
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
|
|
|
* Compare a permission flag.
|
|
|
|
*
|
|
|
|
* @param int $flag The permission flag.
|
|
|
|
* @param int $perm The permissions of the user.
|
|
|
|
*
|
|
|
|
* @return bool Success indicator.
|
|
|
|
*/
|
2015-12-29 21:52:19 +00:00
|
|
|
public function check($flag, $perm)
|
|
|
|
{
|
|
|
|
return ($flag & $perm) > 0;
|
|
|
|
}
|
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
|
|
|
* Get the permissions from a rank.
|
|
|
|
*
|
|
|
|
* @param int $rid The ID of the rank in question.
|
|
|
|
* @param array $conditions Additional SQL conditions.
|
|
|
|
* @param int $perm A permission flag to append to.
|
|
|
|
*
|
|
|
|
* @return int A permission flag.
|
|
|
|
*/
|
2015-12-29 21:52:19 +00:00
|
|
|
public function rank($rid, $conditions = [], $perm = 0)
|
|
|
|
{
|
2016-02-18 23:28:44 +00:00
|
|
|
// Build statement
|
|
|
|
$stmt = "SELECT * FROM `{prefix}{$this->table}` WHERE `rank_id` = :rank AND `user_id` = 0";
|
|
|
|
|
|
|
|
// Append additional conditionals (DBWrapper v1 format, except OR is ignored)
|
|
|
|
foreach ($conditions as $column => $value) {
|
|
|
|
$stmt .= " AND `{$column}` {$value[1]} :_retarded_{$column}";
|
|
|
|
}
|
|
|
|
|
|
|
|
// Prepare the statement
|
2016-02-25 16:06:29 +00:00
|
|
|
$get = DBv2::prepare($stmt);
|
2016-02-18 23:28:44 +00:00
|
|
|
|
|
|
|
// Bind rank
|
|
|
|
$get->bindParam('rank', $rid);
|
|
|
|
|
|
|
|
// Bind additionals
|
|
|
|
foreach ($conditions as $column => $value) {
|
|
|
|
$get->bindParam("_retarded_{$column}", $value[0]);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Execute!
|
|
|
|
$get->execute();
|
2015-12-29 21:52:19 +00:00
|
|
|
|
|
|
|
// Fetch from the db
|
2016-02-18 23:28:44 +00:00
|
|
|
$get = $get->fetch(\PDO::FETCH_ASSOC);
|
2015-12-29 21:52:19 +00:00
|
|
|
|
|
|
|
// Check if anything was returned
|
|
|
|
if ($get && array_key_exists($this->column, $get) && $get['rank_id']) {
|
|
|
|
// Perform a bitwise OR
|
|
|
|
$perm = $perm | bindec((string) $get[$this->column]);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Return the value
|
|
|
|
return $perm;
|
2015-12-29 01:27:49 +00:00
|
|
|
}
|
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
|
|
|
* Get the permissions from a user.
|
|
|
|
*
|
|
|
|
* @param int $uid The ID of the user in question.
|
|
|
|
* @param array $conditions Additional SQL conditions.
|
|
|
|
* @param int $perm A permission flag to append to.
|
|
|
|
*
|
|
|
|
* @return int A permission flag.
|
|
|
|
*/
|
2015-12-29 21:52:19 +00:00
|
|
|
public function user($uid, $conditions = [], $perm = 0)
|
|
|
|
{
|
|
|
|
// Create a user object
|
|
|
|
$user = User::construct($uid);
|
|
|
|
|
|
|
|
// Get data from ranks
|
2016-01-17 01:58:31 +00:00
|
|
|
foreach (array_keys($user->ranks) as $rank) {
|
2015-12-29 21:52:19 +00:00
|
|
|
$perm = $perm | $this->rank($rank, $conditions, $perm);
|
|
|
|
}
|
2016-02-18 23:28:44 +00:00
|
|
|
|
|
|
|
// Build statement
|
|
|
|
$stmt = "SELECT * FROM `{prefix}{$this->table}` WHERE `rank_id` = 0 AND `user_id` = :user";
|
|
|
|
|
|
|
|
// Append additional conditionals (DBWrapper v1 format, except OR is ignored)
|
|
|
|
foreach ($conditions as $column => $value) {
|
|
|
|
$stmt .= " AND `{$column}` {$value[1]} :_retarded_{$column}";
|
|
|
|
}
|
|
|
|
|
|
|
|
// Prepare the statement
|
2016-02-25 16:06:29 +00:00
|
|
|
$get = DBv2::prepare($stmt);
|
2016-02-18 23:28:44 +00:00
|
|
|
|
|
|
|
// Bind rank
|
|
|
|
$get->bindParam('user', $uid);
|
|
|
|
|
|
|
|
// Bind additionals
|
|
|
|
foreach ($conditions as $column => $value) {
|
|
|
|
$get->bindParam("_retarded_{$column}", $value[0]);
|
|
|
|
}
|
2015-12-29 21:52:19 +00:00
|
|
|
|
2016-02-18 23:28:44 +00:00
|
|
|
// Execute!
|
|
|
|
$get->execute();
|
2015-12-29 21:52:19 +00:00
|
|
|
|
|
|
|
// Fetch from the db
|
2016-02-18 23:28:44 +00:00
|
|
|
$get = $get->fetch(\PDO::FETCH_ASSOC);
|
2015-12-29 21:52:19 +00:00
|
|
|
|
|
|
|
// Check if anything was returned
|
|
|
|
if ($get && array_key_exists($this->column, $get) && $get['user_id']) {
|
|
|
|
// Perform a bitwise OR
|
|
|
|
$perm = $perm | bindec((string) $get[$this->column]);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Return the value
|
|
|
|
return $perm;
|
2015-12-29 01:27:49 +00:00
|
|
|
}
|
|
|
|
}
|