flashii/misuzu
flashii/misuzu
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Some permissions stuff.

Browse source
This commit is contained in:
flash 2018-07-10 23:24:00 +02:00
parent 5878a4c16c
commit 845061e679
10 changed files with 235 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
database/2018_07_10_212820_added_general_and_forum_perms.php Normal file
View file

@ -0,0 +1,30 @@
<?php
namespace Misuzu\DatabaseMigrations\AddedGeneralAndForumPerms;
use PDO;
function migrate_up(PDO $conn): void
{
$conn->exec("
ALTER TABLE `msz_permissions`
ADD COLUMN `general_perms_allow` INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `role_id`,
ADD COLUMN `general_perms_deny` INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `general_perms_allow`,
ADD COLUMN `forum_perms_allow` INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `news_perms_deny`,
ADD COLUMN `forum_perms_deny` INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `forum_perms_allow`,
ADD COLUMN `comments_perms_allow` INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `forum_perms_deny`,
ADD COLUMN `comments_perms_deny` INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `comments_perms_allow`;
");
}
function migrate_down(PDO $conn): void
{
$conn->exec('
ALTER TABLE `msz_permissions`
DROP COLUMN `general_perms_allow`,
DROP COLUMN `general_perms_deny`,
DROP COLUMN `forum_perms_allow`,
DROP COLUMN `forum_perms_deny,
DROP COLUMN `forum_perms_allow`,
DROP COLUMN `forum_perms_deny`;
');
}

4
misuzu.php
View file

@ -6,6 +6,8 @@ date_default_timezone_set('UTC');
require_once __DIR__ . '/vendor/autoload.php';
require_once __DIR__ . '/src/changelog.php';
require_once __DIR__ . '/src/colour.php';
require_once __DIR__ . '/src/comments.php';
require_once __DIR__ . '/src/general.php';
require_once __DIR__ . '/src/git.php';
require_once __DIR__ . '/src/manage.php';
require_once __DIR__ . '/src/news.php';
@ -84,7 +86,7 @@ if (PHP_SAPI !== 'cli') {
}
$inManageMode = starts_with($_SERVER['REQUEST_URI'], '/manage');
$hasManageAccess = perms_check(perms_get_user(MSZ_PERMS_USER, $app->getUserId()), MSZ_USER_PERM_CAN_MANAGE);
$hasManageAccess = perms_check(perms_get_user(MSZ_PERMS_GENERAL, $app->getUserId()), MSZ_GENERAL_PERM_CAN_MANAGE);
$tpl->var('has_manage_access', $hasManageAccess);
if ($inManageMode) {

2
src/Forum/forum.php
View file

@ -1,6 +1,8 @@
<?php
use Misuzu\Database;
define('MSZ_FORUM_PERM_MANAGE_FORUMS', 1);
define('MSZ_FORUM_TYPE_DISCUSSION', 0);
define('MSZ_FORUM_TYPE_CATEGORY', 1);
define('MSZ_FORUM_TYPE_LINK', 2);

1
src/Users/user.php
View file

@ -6,7 +6,6 @@ use Misuzu\IO\File;
define('MSZ_USER_PERM_EDIT_PROFILE', 1);
define('MSZ_USER_PERM_CHANGE_AVATAR', 1 << 1);
define('MSZ_USER_PERM_CAN_MANAGE', 1 << 19);
define('MSZ_USER_PERM_MANAGE_USERS', 1 << 20);
define('MSZ_USER_PERM_MANAGE_ROLES', 1 << 21);
define('MSZ_USER_PERM_MANAGE_PERMS', 1 << 22);

3
src/changelog.php
View file

@ -4,9 +4,6 @@ use Misuzu\Database;
define('MSZ_CHANGELOG_PERM_MANAGE_CHANGES', 1);
define('MSZ_CHANGELOG_PERM_MANAGE_TAGS', 1 << 1);
define('MSZ_CHANGELOG_PERM_MANAGE_ACTIONS', 1 << 2);
define('MSZ_CHANGELOG_PERM_DELETE_COMMENTS', 1 << 3);
define('MSZ_CHANGELOG_PERM_EDIT_COMMENTS', 1 << 4);
define('MSZ_CHANGELOG_PERM_PIN_COMMENTS', 1 << 5);
function changelog_action_add(string $name, ?int $colour = null, ?string $class = null): int
{

7
src/comments.php Normal file
View file

@ -0,0 +1,7 @@
<?php
define('MSZ_COMMENTS_PERM_CREATE', 1);
define('MSZ_COMMENTS_PERM_EDIT_OWN', 1 << 1);
define('MSZ_COMMENTS_PERM_EDIT_ANY', 1 << 2);
define('MSZ_COMMENTS_PERM_DELETE_OWN', 1 << 3);
define('MSZ_COMMENTS_PERM_DELETE_ANY', 1 << 4);
define('MSZ_COMMENTS_PERM_PIN', 1 << 5);

5
src/general.php Normal file
View file

@ -0,0 +1,5 @@
<?php
define('MSZ_GENERAL_PERM_CAN_MANAGE', 1);
define('MSZ_GENERAL_PERM_VIEW_LOGS', 1 << 1);
define('MSZ_GENERAL_PERM_MANAGE_EMOTICONS', 1 << 2);
define('MSZ_GENERAL_PERM_MANAGE_SETTINGS', 1 << 3);

269
src/manage.php
View file

@ -1,82 +1,121 @@
<?php
function manage_get_menu(int $userId): array
{
$userPerms = perms_get_user(MSZ_PERMS_USER, $userId);
$perms = [];
if (!perms_check($userPerms, MSZ_USER_PERM_CAN_MANAGE)) {
return [];
foreach (MSZ_PERM_MODES as $mode) {
$perms[$mode] = perms_get_user($mode, $userId);
}
$changelogPerms = perms_get_user(MSZ_PERMS_CHANGELOG, $userId);
if (!perms_check($perms['general'], MSZ_GENERAL_PERM_CAN_MANAGE)) {
return [];
}
$menu = [];
$menu['General'] = [
'Overview' => '/manage/index.php?v=overview',
'Logs' => '/manage/index.php?v=logs',
'_',
'Emoticons' => '/manage/index.php?v=emoticons',
'Settings' => '/manage/index.php?v=settings',
];
$canUsers = perms_check($userPerms, MSZ_USER_PERM_MANAGE_USERS);
$canRoles = perms_check($userPerms, MSZ_USER_PERM_MANAGE_ROLES);
$canPerms = perms_check($userPerms, MSZ_USER_PERM_MANAGE_PERMS);
$canReports = perms_check($userPerms, MSZ_USER_PERM_MANAGE_REPORTS);
$canRestricts = perms_check($userPerms, MSZ_USER_PERM_MANAGE_RESTRICTIONS);
$canBlacklists = perms_check($userPerms, MSZ_USER_PERM_MANAGE_BLACKLISTS);
if (perms_check($perms['general'], MSZ_GENERAL_PERM_VIEW_LOGS)) {
$menu['General']['Logs'] = '/manage/index.php?v=logs';
}
if ($canUsers || $canRoles || $canPerms
|| $canReports || $canRestricts || $canBlacklists) {
if (perms_check(
$perms['general'],
MSZ_GENERAL_PERM_MANAGE_EMOTICONS | MSZ_GENERAL_PERM_MANAGE_SETTINGS
)) {
$menu['General'][] = '_';
if (perms_check($perms['general'], MSZ_GENERAL_PERM_MANAGE_EMOTICONS)) {
$menu['General']['Emoticons'] = '/manage/users.php?v=emoticons';
}
if (perms_check($perms['general'], MSZ_GENERAL_PERM_MANAGE_SETTINGS)) {
$menu['General']['Settings'] = '/manage/users.php?v=settings';
}
}
$canUserManage = MSZ_USER_PERM_MANAGE_USERS | MSZ_USER_PERM_MANAGE_ROLES
| MSZ_USER_PERM_MANAGE_PERMS | MSZ_USER_PERM_MANAGE_REPORTS
| MSZ_USER_PERM_MANAGE_RESTRICTIONS | MSZ_USER_PERM_MANAGE_BLACKLISTS;
if (perms_check($perms['user'], $canUserManage)) {
$menu['Users'] = [];
if ($canUsers || $canPerms) {
if (perms_check($perms['user'], MSZ_USER_PERM_MANAGE_USERS | MSZ_USER_PERM_MANAGE_PERMS)) {
$menu['Users']['Listing'] = '/manage/users.php?v=listing';
}
if ($canRoles || $canPerms) {
if (perms_check($perms['user'], MSZ_USER_PERM_MANAGE_ROLES | MSZ_USER_PERM_MANAGE_PERMS)) {
$menu['Users']['Roles'] = '/manage/users.php?v=roles';
}
if ($canReports || $canRestricts || $canBlacklists) {
if (perms_check(
$perms['user'],
MSZ_USER_PERM_MANAGE_REPORTS | MSZ_USER_PERM_MANAGE_RESTRICTIONS | MSZ_USER_PERM_MANAGE_BLACKLISTS
)) {
$menu['Users'][] = '_';
if ($canReports) {
if (perms_check($perms['user'], MSZ_USER_PERM_MANAGE_REPORTS)) {
$menu['Users']['Reports'] = '/manage/users.php?v=reports';
}
if ($canRestricts) {
if (perms_check($perms['user'], MSZ_USER_PERM_MANAGE_RESTRICTIONS)) {
$menu['Users']['Restrictions'] = '/manage/users.php?v=restrictions';
}
if ($canBlacklists) {
if (perms_check($perms['user'], MSZ_USER_PERM_MANAGE_BLACKLISTS)) {
$menu['Users']['Blacklisting'] = '/manage/users.php?v=blacklisting';
}
}
}
$canNewsManage = MSZ_NEWS_PERM_MANAGE_POSTS | MSZ_NEWS_PERM_MANAGE_CATEGORIES;
if (perms_check($perms['news'], $canNewsManage)) {
$menu['News'] = [];
if (perms_check($perms['news'], MSZ_NEWS_PERM_MANAGE_POSTS)) {
$menu['News']['Posts'] = '/manage/news.php?v=posts';
}
if (perms_check($perms['news'], MSZ_NEWS_PERM_MANAGE_CATEGORIES)) {
$menu['News']['Categories'] = '/manage/news.php?v=categories';
}
}
$canForumManage = MSZ_FORUM_PERM_MANAGE_FORUMS;
if (perms_check($perms['forum'], $canForumManage)) {
$menu['Forums'] = [];
if (perms_check($perms['forum'], MSZ_FORUM_PERM_MANAGE_FORUMS)) {
$menu['Forums']['Listing'] = '/manage/forums.php?v=listing';
}
}
/*$menu['Forum'] = [
'Listing' => '/manage/forums.php?v=listing',
'Permisisons' => '/manage/forums.php?v=permissions',
'Settings' => '/manage/forums.php?v=settings',
];*/
$canChanges = perms_check($changelogPerms, MSZ_CHANGELOG_PERM_MANAGE_CHANGES);
$canChangeTags = perms_check($changelogPerms, MSZ_CHANGELOG_PERM_MANAGE_TAGS);
$canChangeActions = perms_check($changelogPerms, MSZ_CHANGELOG_PERM_MANAGE_ACTIONS);
$canChangelogManage = MSZ_CHANGELOG_PERM_MANAGE_CHANGES | MSZ_CHANGELOG_PERM_MANAGE_TAGS
| MSZ_CHANGELOG_PERM_MANAGE_ACTIONS;
if ($canChanges || $canChangeTags || $canChangeActions) {
if (perms_check($perms['changelog'], $canChangelogManage)) {
$menu['Changelog'] = [];
if ($canChanges) {
if (perms_check($perms['changelog'], MSZ_CHANGELOG_PERM_MANAGE_CHANGES)) {
$menu['Changelog']['Changes'] = '/manage/changelog.php?v=changes';
}
if ($canChangeTags) {
if (perms_check($perms['changelog'], MSZ_CHANGELOG_PERM_MANAGE_TAGS)) {
$menu['Changelog']['Tags'] = '/manage/changelog.php?v=tags';
}
if ($canChangeActions) {
if (perms_check($perms['changelog'], MSZ_CHANGELOG_PERM_MANAGE_ACTIONS)) {
$menu['Changelog']['Actions'] = '/manage/changelog.php?v=actions';
}
}
@ -151,6 +190,52 @@ function manage_perms_apply(array $list, array $post): ?array
function manage_perms_list(array $rawPerms): array
{
return [
[
'section' => 'general',
'title' => 'General',
'perms' => [
[
'section' => 'can-manage',
'title' => 'Can access the management panel.',
'perm' => MSZ_GENERAL_PERM_CAN_MANAGE,
'value' => manage_perms_value(
MSZ_GENERAL_PERM_CAN_MANAGE,
$rawPerms['general_perms_allow'],
$rawPerms['general_perms_deny']
),
],
[
'section' => 'view-logs',
'title' => 'Can view audit logs.',
'perm' => MSZ_GENERAL_PERM_VIEW_LOGS,
'value' => manage_perms_value(
MSZ_GENERAL_PERM_VIEW_LOGS,
$rawPerms['general_perms_allow'],
$rawPerms['general_perms_deny']
)
],
[
'section' => 'manage-emotes',
'title' => 'Can manage emoticons.',
'perm' => MSZ_GENERAL_PERM_MANAGE_EMOTICONS,
'value' => manage_perms_value(
MSZ_GENERAL_PERM_MANAGE_EMOTICONS,
$rawPerms['general_perms_allow'],
$rawPerms['general_perms_deny']
)
],
[
'section' => 'manage-settings',
'title' => 'Can manage general Misuzu settings.',
'perm' => MSZ_GENERAL_PERM_MANAGE_SETTINGS,
'value' => manage_perms_value(
MSZ_GENERAL_PERM_MANAGE_SETTINGS,
$rawPerms['general_perms_allow'],
$rawPerms['general_perms_deny']
)
],
],
],
[
'section' => 'user',
'title' => 'User',
@ -175,16 +260,6 @@ function manage_perms_list(array $rawPerms): array
$rawPerms['user_perms_deny']
),
],
[
'section' => 'can-manage',
'title' => 'Can access the management panel.',
'perm' => MSZ_USER_PERM_CAN_MANAGE,
'value' => manage_perms_value(
MSZ_USER_PERM_CAN_MANAGE,
$rawPerms['user_perms_allow'],
$rawPerms['user_perms_deny']
),
],
[
'section' => 'manage-users',
'title' => 'Can manage other users.',
@ -271,34 +346,86 @@ function manage_perms_list(array $rawPerms): array
$rawPerms['news_perms_deny']
),
],
],
],
[
'section' => 'comments-delete',
'title' => 'Can delete comments from others.',
'perm' => MSZ_NEWS_PERM_DELETE_COMMENTS,
'section' => 'forum',
'title' => 'Forum',
'perms' => [
[
'section' => 'manage-forums',
'title' => 'Can manage forum sections.',
'perm' => MSZ_FORUM_PERM_MANAGE_FORUMS,
'value' => manage_perms_value(
MSZ_NEWS_PERM_DELETE_COMMENTS,
$rawPerms['news_perms_allow'],
$rawPerms['news_perms_deny']
MSZ_FORUM_PERM_MANAGE_FORUMS,
$rawPerms['forum_perms_allow'],
$rawPerms['forum_perms_deny']
)
],
],
],
[
'section' => 'comments',
'title' => 'Comments',
'perms' => [
[
'section' => 'create',
'title' => 'Can post comments.',
'perm' => MSZ_COMMENTS_PERM_CREATE,
'value' => manage_perms_value(
MSZ_COMMENTS_PERM_CREATE,
$rawPerms['comments_perms_allow'],
$rawPerms['comments_perms_deny']
),
],
[
'section' => 'comments-edit',
'title' => 'Can edit comments from others.',
'perm' => MSZ_NEWS_PERM_EDIT_COMMENTS,
'section' => 'edit-own',
'title' => 'Can edit own comments.',
'perm' => MSZ_COMMENTS_PERM_EDIT_OWN,
'value' => manage_perms_value(
MSZ_NEWS_PERM_EDIT_COMMENTS,
$rawPerms['news_perms_allow'],
$rawPerms['news_perms_deny']
MSZ_COMMENTS_PERM_EDIT_OWN,
$rawPerms['comments_perms_allow'],
$rawPerms['comments_perms_deny']
),
],
[
'section' => 'comments-pin',
'section' => 'edit-any',
'title' => 'Can edit anyone\'s comments.',
'perm' => MSZ_COMMENTS_PERM_EDIT_ANY,
'value' => manage_perms_value(
MSZ_COMMENTS_PERM_EDIT_ANY,
$rawPerms['comments_perms_allow'],
$rawPerms['comments_perms_deny']
),
],
[
'section' => 'delete-own',
'title' => 'Can delete own comments.',
'perm' => MSZ_COMMENTS_PERM_DELETE_OWN,
'value' => manage_perms_value(
MSZ_COMMENTS_PERM_DELETE_OWN,
$rawPerms['comments_perms_allow'],
$rawPerms['comments_perms_deny']
),
],
[
'section' => 'delete-any',
'title' => 'Can delete anyone\'s comments.',
'perm' => MSZ_COMMENTS_PERM_DELETE_ANY,
'value' => manage_perms_value(
MSZ_COMMENTS_PERM_DELETE_ANY,
$rawPerms['comments_perms_allow'],
$rawPerms['comments_perms_deny']
),
],
[
'section' => 'pin',
'title' => 'Can pin comments.',
'perm' => MSZ_NEWS_PERM_PIN_COMMENTS,
'perm' => MSZ_COMMENTS_PERM_PIN,
'value' => manage_perms_value(
MSZ_NEWS_PERM_PIN_COMMENTS,
$rawPerms['news_perms_allow'],
$rawPerms['news_perms_deny']
MSZ_COMMENTS_PERM_PIN,
$rawPerms['comments_perms_allow'],
$rawPerms['comments_perms_deny']
),
],
],
@ -337,36 +464,6 @@ function manage_perms_list(array $rawPerms): array
$rawPerms['changelog_perms_deny']
),
],
[
'section' => 'comments-delete',
'title' => 'Can delete comments from others.',
'perm' => MSZ_CHANGELOG_PERM_DELETE_COMMENTS,
'value' => manage_perms_value(
MSZ_CHANGELOG_PERM_DELETE_COMMENTS,
$rawPerms['changelog_perms_allow'],
$rawPerms['changelog_perms_deny']
),
],
[
'section' => 'comments-edit',
'title' => 'Can edit comments from others.',
'perm' => MSZ_CHANGELOG_PERM_EDIT_COMMENTS,
'value' => manage_perms_value(
MSZ_CHANGELOG_PERM_EDIT_COMMENTS,
$rawPerms['changelog_perms_allow'],
$rawPerms['changelog_perms_deny']
),
],
[
'section' => 'comments-pin',
'title' => 'Can pin comments.',
'perm' => MSZ_CHANGELOG_PERM_PIN_COMMENTS,
'value' => manage_perms_value(
MSZ_CHANGELOG_PERM_PIN_COMMENTS,
$rawPerms['changelog_perms_allow'],
$rawPerms['changelog_perms_deny']
),
],
],
],
];

3
src/news.php
View file

@ -1,6 +1,3 @@
<?php
define('MSZ_NEWS_PERM_MANAGE_POSTS', 1);
define('MSZ_NEWS_PERM_MANAGE_CATEGORIES', 1 << 1);
define('MSZ_NEWS_PERM_DELETE_COMMENTS', 1 << 2);
define('MSZ_NEWS_PERM_EDIT_COMMENTS', 1 << 3);
define('MSZ_NEWS_PERM_PIN_COMMENTS', 1 << 4);

6
src/perms.php
View file

@ -1,12 +1,16 @@
<?php
use Misuzu\Database;
define('MSZ_PERMS_GENERAL', 'general');
define('MSZ_PERMS_USER', 'user');
define('MSZ_PERMS_CHANGELOG', 'changelog');
define('MSZ_PERMS_NEWS', 'news');
define('MSZ_PERMS_FORUM', 'forum');
define('MSZ_PERMS_COMMENTS', 'comments');
define('MSZ_PERM_MODES', [
MSZ_PERMS_USER, MSZ_PERMS_CHANGELOG, MSZ_PERMS_NEWS
MSZ_PERMS_GENERAL, MSZ_PERMS_USER, MSZ_PERMS_CHANGELOG,
MSZ_PERMS_NEWS, MSZ_PERMS_FORUM, MSZ_PERMS_COMMENTS,
]);
define('MSZ_PERMS_ALLOW', 'allow');