Added permissions override flag to table structure.

2018-11-03 17:44:19 +01:00 · 2018-11-03 17:44:19 +01:00 · f690679412
commit f690679412
parent c20a9bf3d5
3 changed files with 137 additions and 33 deletions
--- a/database/2018_11_03_145619_add_permission_override_flag.php
+++ b/database/2018_11_03_145619_add_permission_override_flag.php
@ -0,0 +1,102 @@
+<?php
+namespace Misuzu\DatabaseMigrations\AddPermissionOverrideFlag;
+
+use PDO;
+
+function migrate_up(PDO $conn): void
+{
+    $conn->exec("
+        ALTER TABLE `msz_permissions`
+            ADD COLUMN `general_perms_override`     INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `general_perms_deny`,
+            ADD COLUMN `user_perms_override`        INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `user_perms_deny`,
+            ADD COLUMN `changelog_perms_override`   INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `changelog_perms_deny`,
+            ADD COLUMN `news_perms_override`        INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `news_perms_deny`,
+            ADD COLUMN `forum_perms_override`       INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `forum_perms_deny`,
+            ADD COLUMN `comments_perms_override`    INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `comments_perms_deny`;
+    ");
+
+    $conn->exec("
+        ALTER TABLE `msz_forum_permissions`
+            ADD COLUMN `forum_perms_override` INT(10) UNSIGNED NOT NULL DEFAULT '0' AFTER `forum_perms_deny`;
+    ");
+
+    $conn->exec('DROP VIEW `msz_forum_permissions_view`');
+    $conn->exec("
+        CREATE VIEW `msz_forum_permissions_view` AS
+        WITH RECURSIVE permissions(user_id, role_id, forum_id, forum_perms_allow, forum_perms_deny) as (
+            SELECT
+                pp.`user_id`, pp.`role_id`,
+                pc.`forum_id`,
+                IFNULL(pp.`forum_perms_allow`, 0), IFNULL(pp.`forum_perms_deny`, 0)
+            FROM `msz_forum_categories` as pc
+            LEFT JOIN `msz_forum_permissions` as pp
+            ON pp.`forum_id` = pc.`forum_id`
+            GROUP BY `user_id`, `role_id`, `forum_id`
+            UNION ALL
+            SELECT
+                permissions.`user_id`, permissions.`role_id`,
+                cc.`forum_id`,
+                IFNULL(cp.`forum_perms_allow`, 0) | (permissions.`forum_perms_allow` &~ IFNULL(cp.`forum_perms_override`, 0)),
+                IFNULL(cp.`forum_perms_deny`, 0) | (permissions.`forum_perms_deny` &~ IFNULL(cp.`forum_perms_override`, 0))
+            FROM `msz_forum_categories` as cc
+            LEFT JOIN `msz_forum_permissions` as cp
+            ON cp.`forum_id` = cc.`forum_id`
+            INNER JOIN permissions
+            ON cc.`forum_parent` = permissions.`forum_id`
+        )
+        SELECT
+            `user_id`, `role_id`, `forum_id`,
+            (BIT_OR(`forum_perms_allow`) &~ BIT_OR(`forum_perms_deny`)) as `forum_perms`
+        FROM permissions
+        GROUP BY `user_id`, `role_id`, `forum_id`
+    ");
+}
+
+function migrate_down(PDO $conn): void
+{
+    $conn->exec('DROP VIEW `msz_forum_permissions_view`');
+    $conn->exec("
+        CREATE VIEW `msz_forum_permissions_view` AS
+        WITH RECURSIVE permissions(user_id, role_id, forum_id, forum_perms_allow, forum_perms_deny) as (
+            SELECT
+                pp.`user_id`, pp.`role_id`,
+                pc.`forum_id`,
+                IFNULL(pp.`forum_perms_allow`, 0), IFNULL(pp.`forum_perms_deny`, 0)
+            FROM `msz_forum_categories` as pc
+            LEFT JOIN `msz_forum_permissions` as pp
+            ON pp.`forum_id` = pc.`forum_id`
+            GROUP BY `user_id`, `role_id`, `forum_id`
+            UNION ALL
+            SELECT
+                permissions.`user_id`, permissions.`role_id`,
+                cc.`forum_id`,
+                IFNULL(cp.`forum_perms_allow`, 0) | permissions.`forum_perms_allow`,
+                IFNULL(cp.`forum_perms_deny`, 0) | permissions.`forum_perms_deny`
+            FROM `msz_forum_categories` as cc
+            LEFT JOIN `msz_forum_permissions` as cp
+            ON cp.`forum_id` = cc.`forum_id`
+            INNER JOIN permissions
+            ON cc.`forum_parent` = permissions.`forum_id`
+        )
+        SELECT
+            `user_id`, `role_id`, `forum_id`,
+            (BIT_OR(`forum_perms_allow`) &~ BIT_OR(`forum_perms_deny`)) as `forum_perms`
+        FROM permissions
+        GROUP BY `user_id`, `role_id`, `forum_id`
+    ");
+
+    $conn->exec("
+        ALTER TABLE `msz_forum_permissions`
+            DROP COLUMN `forum_perms_override`;
+    ");
+
+    $conn->exec("
+        ALTER TABLE `msz_permissions`
+            DROP COLUMN `general_perms_override`,
+            DROP COLUMN `user_perms_override`,
+            DROP COLUMN `changelog_perms_override`,
+            DROP COLUMN `news_perms_override`,
+            DROP COLUMN `forum_perms_override`,
+            DROP COLUMN `comments_perms_override`;
+    ");
+}
--- a/misuzu.php
+++ b/misuzu.php
@ -224,14 +224,16 @@ use PDO;

 function migrate_up(PDO \$conn): void
 {
-    \$conn->exec('
+    \$conn->exec("
        CREATE TABLE ...
-    ');
+    ");
 }

 function migrate_down(PDO \$conn): void
 {
-    \$conn->exec('DROP TABLE ...');
+    \$conn->exec("
+        DROP TABLE ...
+    ");
 }

 MIG;
--- a/src/Forum/forum.php
+++ b/src/Forum/forum.php
@ -81,13 +81,8 @@ function forum_fetch(int $forumId): array

 function forum_get_root_categories(int $userId): array
 {
-    $categoryPermSql = sprintf(
-        '(%s & %d)',
-        forum_perms_get_user_sql('forum', 'f.`forum_id`'),
-        MSZ_FORUM_PERM_CAN_LIST_FORUM
-    );
-
-    $getCategories = db_prepare("
+    $getCategories = db_prepare(sprintf(
+        "
            SELECT
                f.`forum_id`, f.`forum_name`, f.`forum_type`, f.`forum_colour`,
                (
@ -97,28 +92,33 @@ function forum_get_root_categories(int $userId): array
                ) as `forum_children`
            FROM `msz_forum_categories` as f
            WHERE f.`forum_parent` = 0
-        AND f.`forum_type` = 1
-        AND f.`forum_hidden` = false
-        AND {$categoryPermSql} > 0
+            AND f.`forum_type` = %d
+            AND f.`forum_hidden` = 0
+            AND (%s & %d) > 0
            ORDER BY f.`forum_order`
-    ");
+        ",
+        MSZ_FORUM_TYPE_CATEGORY,
+        forum_perms_get_user_sql('forum', 'f.`forum_id`'),
+        MSZ_FORUM_PERM_CAN_LIST_FORUM
+    ));
    $getCategories->bindValue('perm_user_id_user', $userId);
    $getCategories->bindValue('perm_user_id_role', $userId);
    $categories = $getCategories->execute() ? $getCategories->fetchAll(PDO::FETCH_ASSOC) : [];
    $categories = array_merge([MSZ_FORUM_ROOT_DATA], $categories);

-    $forumPermSql = sprintf(
-        '(%s & %d)',
-        forum_perms_get_user_sql('forum', '`forum_id`'),
-        MSZ_FORUM_PERM_CAN_LIST_FORUM
-    );
-    $getRootForumCount = db_prepare(sprintf("
+    $getRootForumCount = db_prepare(sprintf(
+        "
            SELECT COUNT(`forum_id`)
            FROM `msz_forum_categories`
            WHERE `forum_parent` = %d
-        AND `forum_type` != 1
-        AND {$forumPermSql} > 0
-    ", MSZ_FORUM_ROOT));
+            AND `forum_type` != %d
+            AND (%s & %d) > 0
+        ",
+        MSZ_FORUM_ROOT,
+        MSZ_FORUM_TYPE_CATEGORY,
+        forum_perms_get_user_sql('forum', '`forum_id`'),
+        MSZ_FORUM_PERM_CAN_LIST_FORUM
+    ));
    $getRootForumCount->bindValue('perm_user_id_user', $userId);
    $getRootForumCount->bindValue('perm_user_id_role', $userId);
    $getRootForumCount->execute();
@ -307,7 +307,7 @@ define(
        LEFT JOIN `msz_roles` as r
        ON r.`role_id` = u.`display_role`
        WHERE f.`forum_parent` = :parent_id
-        AND f.`forum_hidden` = false
+        AND f.`forum_hidden` = 0
        AND (%4$s & %5$d) > 0
        AND (
            (f.`forum_parent` = %2$d AND f.`forum_type` != %3$d)