flashii/misuzu
flashii/misuzu
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial permission stuffs.

Browse source
This commit is contained in:
flash 2018-07-08 01:24:34 +02:00
parent fa368c396c
commit ffc23c11fd
12 changed files with 343 additions and 172 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
misuzu.php
View file

@ -6,6 +6,8 @@ date_default_timezone_set('UTC');
require_once __DIR__ . '/vendor/autoload.php'; require_once __DIR__ . '/vendor/autoload.php';
require_once __DIR__ . '/src/changelog.php'; require_once __DIR__ . '/src/changelog.php';
require_once __DIR__ . '/src/colour.php'; require_once __DIR__ . '/src/colour.php';
require_once __DIR__ . '/src/manage.php';
require_once __DIR__ . '/src/perms.php';
require_once __DIR__ . '/src/zalgo.php'; require_once __DIR__ . '/src/zalgo.php';
require_once __DIR__ . '/src/Forum/forum.php'; require_once __DIR__ . '/src/Forum/forum.php';
require_once __DIR__ . '/src/Forum/post.php'; require_once __DIR__ . '/src/Forum/post.php';
@ -36,16 +38,17 @@ if (PHP_SAPI !== 'cli') {
ob_start('ob_gzhandler'); ob_start('ob_gzhandler');
} }
$app->startTemplating();
$tpl = $app->getTemplating();
if ($app->getConfig()->get('Auth', 'lockdown', 'bool', false)) { if ($app->getConfig()->get('Auth', 'lockdown', 'bool', false)) {
http_response_code(503); http_response_code(503);
$app->startTemplating(); $tpl->addPath('auth', __DIR__ . '/views/auth');
$app->getTemplating()->addPath('auth', __DIR__ . '/views/auth'); echo $tpl->render('lockdown');
echo $app->getTemplating()->render('lockdown');
exit; exit;
} }
$app->startTemplating(); $tpl->addPath('mio', __DIR__ . '/views/mio');
$app->getTemplating()->addPath('mio', __DIR__ . '/views/mio');
if (isset($_COOKIE['msz_uid'], $_COOKIE['msz_sid'])) { if (isset($_COOKIE['msz_uid'], $_COOKIE['msz_sid'])) {
$app->startSession((int)$_COOKIE['msz_uid'], $_COOKIE['msz_sid']); $app->startSession((int)$_COOKIE['msz_uid'], $_COOKIE['msz_sid']);
@ -74,18 +77,22 @@ if (PHP_SAPI !== 'cli') {
'); ');
$getUserDisplayInfo->bindValue('user_id', $app->getUserId()); $getUserDisplayInfo->bindValue('user_id', $app->getUserId());
$userDisplayInfo = $getUserDisplayInfo->execute() ? $getUserDisplayInfo->fetch() : []; $userDisplayInfo = $getUserDisplayInfo->execute() ? $getUserDisplayInfo->fetch() : [];
$app->getTemplating()->var('current_user', $userDisplayInfo); $tpl->var('current_user', $userDisplayInfo);
} }
} }
$manage_mode = starts_with($_SERVER['REQUEST_URI'], '/manage'); $inManageMode = starts_with($_SERVER['REQUEST_URI'], '/manage');
$hasManageAccess = perms_check(perms_get_user(MSZ_PERMS_USER, $app->getUserId()), MSZ_PERM_MANAGE);
$tpl->var('has_manage_access', $hasManageAccess);
if ($manage_mode) { if ($inManageMode) {
if ($app->getUserId() !== 1) { if (!$hasManageAccess) {
echo render_error(403); echo render_error(403);
exit; exit;
} }
$app->getTemplating()->addPath('manage', __DIR__ . '/views/manage'); $tpl = $app->getTemplating();
$tpl->var('manage_menu', manage_get_menu($app->getUserId()));
$tpl->addPath('manage', __DIR__ . '/views/manage');
} }
} }

37
public/manage/changelog.php
View file

@ -6,12 +6,18 @@ require_once __DIR__ . '/../../misuzu.php';
$db = Database::connection(); $db = Database::connection();
$tpl = $app->getTemplating(); $tpl = $app->getTemplating();
$changelogPerms = perms_get_user(MSZ_PERMS_CHANGELOG, $app->getUserId());
$queryOffset = (int)($_GET['o'] ?? 0); $queryOffset = (int)($_GET['o'] ?? 0);
switch ($_GET['v'] ?? null) { switch ($_GET['v'] ?? null) {
case 'changes': case 'changes':
$changesTake = 20; if (!perms_check($changelogPerms, MSZ_CHANGELOG_MANAGE_CHANGES)) {
echo render_error(403);
break;
}
$changesTake = 20;
$changesCount = (int)$db->query(' $changesCount = (int)$db->query('
SELECT COUNT(`change_id`) SELECT COUNT(`change_id`)
FROM `msz_changelog_changes` FROM `msz_changelog_changes`
@ -61,6 +67,11 @@ switch ($_GET['v'] ?? null) {
break; break;
case 'change': case 'change':
if (!perms_check($changelogPerms, MSZ_CHANGELOG_MANAGE_CHANGES)) {
echo render_error(403);
break;
}
$changeId = (int)($_GET['c'] ?? 0); $changeId = (int)($_GET['c'] ?? 0);
if ($_SERVER['REQUEST_METHOD'] === 'POST' && tmp_csrf_verify($_POST['csrf'] ?? '')) { if ($_SERVER['REQUEST_METHOD'] === 'POST' && tmp_csrf_verify($_POST['csrf'] ?? '')) {
@ -180,6 +191,11 @@ switch ($_GET['v'] ?? null) {
break; break;
case 'tags': case 'tags':
if (!perms_check($changelogPerms, MSZ_CHANGELOG_MANAGE_TAGS)) {
echo render_error(403);
break;
}
$tagsTake = 32; $tagsTake = 32;
$tagsCount = (int)$db->query(' $tagsCount = (int)$db->query('
@ -212,6 +228,11 @@ switch ($_GET['v'] ?? null) {
break; break;
case 'tag': case 'tag':
if (!perms_check($changelogPerms, MSZ_CHANGELOG_MANAGE_TAGS)) {
echo render_error(403);
break;
}
$tagId = (int)($_GET['t'] ?? 0); $tagId = (int)($_GET['t'] ?? 0);
if ($_SERVER['REQUEST_METHOD'] === 'POST' && tmp_csrf_verify($_POST['csrf'] ?? '')) { if ($_SERVER['REQUEST_METHOD'] === 'POST' && tmp_csrf_verify($_POST['csrf'] ?? '')) {
@ -268,6 +289,11 @@ switch ($_GET['v'] ?? null) {
break; break;
case 'actions': case 'actions':
if (!perms_check($changelogPerms, MSZ_CHANGELOG_MANAGE_ACTIONS)) {
echo render_error(403);
break;
}
$actionTake = 32; $actionTake = 32;
$actionCount = (int)$db->query(' $actionCount = (int)$db->query('
@ -300,6 +326,11 @@ switch ($_GET['v'] ?? null) {
break; break;
case 'action': case 'action':
if (!perms_check($changelogPerms, MSZ_CHANGELOG_MANAGE_ACTIONS)) {
echo render_error(403);
break;
}
$actionId = (int)($_GET['a'] ?? 0); $actionId = (int)($_GET['a'] ?? 0);
if ($_SERVER['REQUEST_METHOD'] === 'POST' && tmp_csrf_verify($_POST['csrf'] ?? '')) { if ($_SERVER['REQUEST_METHOD'] === 'POST' && tmp_csrf_verify($_POST['csrf'] ?? '')) {
@ -363,8 +394,4 @@ switch ($_GET['v'] ?? null) {
echo $tpl->render('@manage.changelog.action_edit'); echo $tpl->render('@manage.changelog.action_edit');
break; break;
default:
header('Location: ?v=changes');
break;
} }

24
public/manage/users.php
View file

@ -6,13 +6,19 @@ require_once __DIR__ . '/../../misuzu.php';
$db = Database::connection(); $db = Database::connection();
$templating = $app->getTemplating(); $templating = $app->getTemplating();
$userPerms = perms_get_user(MSZ_PERMS_USER, $app->getUserId());
$isPostRequest = $_SERVER['REQUEST_METHOD'] === 'POST'; $isPostRequest = $_SERVER['REQUEST_METHOD'] === 'POST';
$queryQffset = (int)($_GET['o'] ?? 0); $queryQffset = (int)($_GET['o'] ?? 0);
switch ($_GET['v'] ?? null) { switch ($_GET['v'] ?? null) {
case 'listing': case 'listing':
$usersTake = 32; if (!perms_check($userPerms, MSZ_PERM_MANAGE_USERS)) {
echo render_error(403);
break;
}
$usersTake = 32;
$manageUsersCount = $db->query(' $manageUsersCount = $db->query('
SELECT COUNT(`user_id`) SELECT COUNT(`user_id`)
FROM `msz_users` FROM `msz_users`
@ -25,6 +31,7 @@ switch ($_GET['v'] ?? null) {
FROM `msz_users` as u FROM `msz_users` as u
LEFT JOIN `msz_roles` as r LEFT JOIN `msz_roles` as r
ON u.`display_role` = r.`role_id` ON u.`display_role` = r.`role_id`
ORDER BY `user_id`
LIMIT :offset, :take LIMIT :offset, :take
'); ');
$getManageUsers->bindValue('offset', $queryQffset); $getManageUsers->bindValue('offset', $queryQffset);
@ -41,6 +48,11 @@ switch ($_GET['v'] ?? null) {
break; break;
case 'view': case 'view':
if (!perms_check($userPerms, MSZ_PERM_MANAGE_USERS)) {
echo render_error(403);
break;
}
$userId = $_GET['u'] ?? null; $userId = $_GET['u'] ?? null;
if ($userId === null || ($userId = (int)$userId) < 1) { if ($userId === null || ($userId = (int)$userId) < 1) {
@ -141,6 +153,11 @@ switch ($_GET['v'] ?? null) {
break; break;
case 'roles': case 'roles':
if (!perms_check($userPerms, MSZ_PERM_MANAGE_ROLES)) {
echo render_error(403);
break;
}
$rolesTake = 10; $rolesTake = 10;
$manageRolesCount = $db->query(' $manageRolesCount = $db->query('
@ -173,6 +190,11 @@ switch ($_GET['v'] ?? null) {
break; break;
case 'role': case 'role':
if (!perms_check($userPerms, MSZ_PERM_MANAGE_ROLES)) {
echo render_error(403);
break;
}
$roleId = $_GET['r'] ?? null; $roleId = $_GET['r'] ?? null;
if ($isPostRequest) { if ($isPostRequest) {

68
public/settings.php
View file

@ -5,16 +5,52 @@ use Misuzu\IO\File;
require_once __DIR__ . '/../misuzu.php'; require_once __DIR__ . '/../misuzu.php';
$db = Database::connection(); $db = Database::connection();
$templating = $app->getTemplating(); $tpl = $app->getTemplating();
$queryOffset = (int)($_GET['o'] ?? 0); $queryOffset = (int)($_GET['o'] ?? 0);
$queryTake = 15; $queryTake = 15;
if (!$app->hasActiveSession()) { $userPerms = perms_get_user(MSZ_PERMS_USER, $app->getUserId());
$settingsModes = [
'account' => [
'title' => 'Account',
'allow' => perms_check($userPerms, MSZ_PERM_EDIT_PROFILE),
],
'avatar' => [
'title' => 'Avatar',
'allow' => perms_check($userPerms, MSZ_PERM_CHANGE_AVATAR),
],
'sessions' => [
'title' => 'Sessions',
'allow' => true,
],
'login-history' => [
'title' => 'Login History',
'allow' => true,
],
];
$settingsMode = $_GET['m'] ?? null;
$settingsNavigation = [];
foreach ($settingsModes as $key => $value) {
if ($value['allow']) {
$settingsNavigation[$value['title']] = $key;
if ($settingsMode === null) {
$settingsMode = $key;
}
}
}
if (!$app->hasActiveSession() || !$settingsModes[$settingsMode]['allow']) {
echo render_error(403); echo render_error(403);
return; return;
} }
$tpl->var('settings_navigation', $settingsNavigation);
$csrfErrorString = "Couldn't verify you, please refresh the page and retry."; $csrfErrorString = "Couldn't verify you, please refresh the page and retry.";
$avatarErrorStrings = [ $avatarErrorStrings = [
@ -41,23 +77,15 @@ $avatarErrorStrings = [
], ],
]; ];
$settingsModes = [ $tpl->vars([
'account' => 'Account',
'avatar' => 'Avatar',
'sessions' => 'Sessions',
'login-history' => 'Login History',
];
$settingsMode = $_GET['m'] ?? key($settingsModes);
$templating->vars([
'settings_mode' => $settingsMode, 'settings_mode' => $settingsMode,
'settings_modes' => $settingsModes, 'settings_modes' => $settingsModes,
]); ]);
if (!array_key_exists($settingsMode, $settingsModes)) { if (!array_key_exists($settingsMode, $settingsModes)) {
http_response_code(404); http_response_code(404);
$templating->var('settings_title', 'Not Found'); $tpl->var('settings_title', 'Not Found');
echo $templating->render('settings.notfound'); echo $tpl->render('settings.notfound');
return; return;
} }
@ -293,8 +321,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
} }
} }
$templating->var('settings_title', $settingsModes[$settingsMode]); $tpl->var('settings_title', $settingsModes[$settingsMode]['title']);
$templating->var('settings_errors', $settingsErrors); $tpl->var('settings_errors', $settingsErrors);
switch ($settingsMode) { switch ($settingsMode) {
case 'account': case 'account':
@ -307,7 +335,7 @@ switch ($settingsMode) {
$getUserFields->bindValue('user_id', $app->getUserId()); $getUserFields->bindValue('user_id', $app->getUserId());
$userFields = $getUserFields->execute() ? $getUserFields->fetch() : []; $userFields = $getUserFields->execute() ? $getUserFields->fetch() : [];
$templating->vars([ $tpl->vars([
'settings_profile_fields' => $profileFields, 'settings_profile_fields' => $profileFields,
'settings_profile_values' => $userFields, 'settings_profile_values' => $userFields,
'settings_disable_account_options' => $disableAccountOptions, 'settings_disable_account_options' => $disableAccountOptions,
@ -316,7 +344,7 @@ switch ($settingsMode) {
case 'avatar': case 'avatar':
$userHasAvatar = File::exists($app->getStore('avatars/original')->filename($avatarFileName)); $userHasAvatar = File::exists($app->getStore('avatars/original')->filename($avatarFileName));
$templating->vars([ $tpl->vars([
'avatar_user_id' => $app->getUserId(), 'avatar_user_id' => $app->getUserId(),
'avatar_max_width' => $avatarWidthMax, 'avatar_max_width' => $avatarWidthMax,
'avatar_max_height' => $avatarHeightMax, 'avatar_max_height' => $avatarHeightMax,
@ -348,7 +376,7 @@ switch ($settingsMode) {
$getSessions->bindValue('user_id', $app->getUserId()); $getSessions->bindValue('user_id', $app->getUserId());
$sessions = $getSessions->execute() ? $getSessions->fetchAll() : []; $sessions = $getSessions->execute() ? $getSessions->fetchAll() : [];
$templating->vars([ $tpl->vars([
'active_session_id' => $app->getSessionId(), 'active_session_id' => $app->getSessionId(),
'user_sessions' => $sessions, 'user_sessions' => $sessions,
'sessions_offset' => $queryOffset, 'sessions_offset' => $queryOffset,
@ -380,7 +408,7 @@ switch ($settingsMode) {
$getLoginAttempts->bindValue('user_id', $app->getUserId()); $getLoginAttempts->bindValue('user_id', $app->getUserId());
$loginAttempts = $getLoginAttempts->execute() ? $getLoginAttempts->fetchAll() : []; $loginAttempts = $getLoginAttempts->execute() ? $getLoginAttempts->fetchAll() : [];
$templating->vars([ $tpl->vars([
'user_login_attempts' => $loginAttempts, 'user_login_attempts' => $loginAttempts,
'login_attempts_offset' => $queryOffset, 'login_attempts_offset' => $queryOffset,
'login_attempts_take' => $queryTake, 'login_attempts_take' => $queryTake,
@ -389,4 +417,4 @@ switch ($settingsMode) {
break; break;
} }
echo $templating->render("settings.{$settingsMode}"); echo $tpl->render("settings.{$settingsMode}");

6
src/Application.php
View file

@ -73,7 +73,9 @@ class Application extends ApplicationBase
public function getConfig(): ConfigManager public function getConfig(): ConfigManager
{ {
if (is_null($this->configInstance)) { if (is_null($this->configInstance)) {
throw new UnexpectedValueException('Internal ConfigManager instance is null, how did you even manage to do this?'); throw new UnexpectedValueException(
'Internal ConfigManager instance is null, how did you even manage to do this?'
);
} }
return $this->configInstance; return $this->configInstance;
@ -242,7 +244,6 @@ class Application extends ApplicationBase
$this->templatingInstance->addFilter('html_colour'); $this->templatingInstance->addFilter('html_colour');
$this->templatingInstance->addFilter('url_construct'); $this->templatingInstance->addFilter('url_construct');
$this->templatingInstance->addFilter('country_name', 'get_country_name'); $this->templatingInstance->addFilter('country_name', 'get_country_name');
$this->templatingInstance->addFilter('flip', 'array_flip');
$this->templatingInstance->addFilter('first_paragraph'); $this->templatingInstance->addFilter('first_paragraph');
$this->templatingInstance->addFilter('colour_get_css'); $this->templatingInstance->addFilter('colour_get_css');
$this->templatingInstance->addFilter('colour_get_css_contrast'); $this->templatingInstance->addFilter('colour_get_css_contrast');
@ -256,6 +257,7 @@ class Application extends ApplicationBase
$this->templatingInstance->addFunction('git_hash', [Application::class, 'gitCommitHash']); $this->templatingInstance->addFunction('git_hash', [Application::class, 'gitCommitHash']);
$this->templatingInstance->addFunction('git_branch', [Application::class, 'gitBranch']); $this->templatingInstance->addFunction('git_branch', [Application::class, 'gitBranch']);
$this->templatingInstance->addFunction('csrf_token', 'tmp_csrf_token'); $this->templatingInstance->addFunction('csrf_token', 'tmp_csrf_token');
$this->templatingInstance->addFunction('perms_check');
$this->templatingInstance->var('app', $this); $this->templatingInstance->var('app', $this);
} }

11
src/Users/user.php
View file

@ -3,6 +3,17 @@ use Misuzu\Application;
use Misuzu\Database; use Misuzu\Database;
use Misuzu\IO\File; use Misuzu\IO\File;
define('MSZ_PERM_EDIT_PROFILE', 1);
define('MSZ_PERM_CHANGE_AVATAR', 1 << 1);
define('MSZ_PERM_MANAGE', 1 << 20);
define('MSZ_PERM_MANAGE_USERS', 1 << 21);
define('MSZ_PERM_MANAGE_ROLES', 1 << 22);
define('MSZ_PERM_MANAGE_PERMS', 1 << 23);
define('MSZ_PERM_MANAGE_REPORTS', 1 << 24);
define('MSZ_PERM_MANAGE_RESTRICTIONS', 1 << 25);
define('MSZ_PERM_MANAGE_BLACKLISTS', 1 << 26);
define('MSZ_USERS_PASSWORD_HASH_ALGO', PASSWORD_ARGON2I); define('MSZ_USERS_PASSWORD_HASH_ALGO', PASSWORD_ARGON2I);
function user_create( function user_create(

8
src/changelog.php
View file

@ -1,6 +1,10 @@
<?php <?php
use Misuzu\Database; use Misuzu\Database;
define('MSZ_CHANGELOG_MANAGE_CHANGES', 1);
define('MSZ_CHANGELOG_MANAGE_TAGS', 1 << 1);
define('MSZ_CHANGELOG_MANAGE_ACTIONS', 1 << 2);
function changelog_action_add(string $name, ?int $colour = null, ?string $class = null): int function changelog_action_add(string $name, ?int $colour = null, ?string $class = null): int
{ {
$dbc = Database::connection(); $dbc = Database::connection();
@ -42,7 +46,7 @@ function changelog_entry_create(int $userId, int $actionId, string $log, string
return $createChange->execute() ? (int)$dbc->lastInsertId() : 0; return $createChange->execute() ? (int)$dbc->lastInsertId() : 0;
} }
define('CHANGELOG_GET_QUERY', ' define('MSZ_CHANGELOG_GET_QUERY', '
SELECT SELECT
c.`change_id`, c.`change_log`, c.`change_id`, c.`change_log`,
a.`action_name`, a.`action_colour`, a.`action_class`, a.`action_name`, a.`action_colour`, a.`action_class`,
@ -70,7 +74,7 @@ function changelog_get_changes(string $date, int $user, int $offset, int $take):
$hasUser = $user > 0; $hasUser = $user > 0;
$query = sprintf( $query = sprintf(
CHANGELOG_GET_QUERY, MSZ_CHANGELOG_GET_QUERY,
$hasDate ? 'DATE(c.`change_created`) = :date' : '1', $hasDate ? 'DATE(c.`change_created`) = :date' : '1',
$hasUser ? 'c.`user_id` = :user' : '1', $hasUser ? 'c.`user_id` = :user' : '1',
!$hasDate ? 'LIMIT :offset, :take' : '' !$hasDate ? 'LIMIT :offset, :take' : ''

93
src/manage.php Normal file
View file

@ -0,0 +1,93 @@
<?php
function manage_get_menu(int $userId): array
{
$userPerms = perms_get_user(MSZ_PERMS_USER, $userId);
if (!perms_check($userPerms, MSZ_PERM_MANAGE)) {
return [];
}
$changelogPerms = perms_get_user(MSZ_PERMS_CHANGELOG, $userId);
$menu = [];
$menu['General'] = [
'Overview' => '/manage/index.php?v=overview',
'Logs' => '/manage/index.php?v=logs',
'_',
'Emoticons' => '/manage/index.php?v=emoticons',
'Settings' => '/manage/index.php?v=settings',
];
$canUsers = perms_check($userPerms, MSZ_PERM_MANAGE_USERS);
$canRoles = perms_check($userPerms, MSZ_PERM_MANAGE_ROLES);
$canPerms = perms_check($userPerms, MSZ_PERM_MANAGE_PERMS);
$canReports = perms_check($userPerms, MSZ_PERM_MANAGE_REPORTS);
$canRestricts = perms_check($userPerms, MSZ_PERM_MANAGE_RESTRICTIONS);
$canBlacklists = perms_check($userPerms, MSZ_PERM_MANAGE_BLACKLISTS);
if ($canUsers || $canRoles || $canPerms
|| $canReports || $canRestricts || $canBlacklists) {
$menu['Users'] = [];
if ($canUsers) {
$menu['Users']['Listing'] = '/manage/users.php?v=listing';
}
if ($canRoles || $canPerms) {
$menu['Users'][] = '_';
if ($canRoles) {
$menu['Users']['Roles'] = '/manage/users.php?v=roles';
}
if ($canPerms) {
$menu['Users']['Permissions'] = '/manage/users.php?v=permissions';
}
}
if ($canReports || $canRestricts || $canBlacklists) {
$menu['Users'][] = '_';
if ($canReports) {
$menu['Users']['Reports'] = '/manage/users.php?v=reports';
}
if ($canRestricts) {
$menu['Users']['Restrictions'] = '/manage/users.php?v=restrictions';
}
if ($canBlacklists) {
$menu['Users']['Blacklisting'] = '/manage/users.php?v=blacklisting';
}
}
}
/*$menu['Forum'] = [
'Listing' => '/manage/forums.php?v=listing',
'Permisisons' => '/manage/forums.php?v=permissions',
'Settings' => '/manage/forums.php?v=settings',
];*/
$canChanges = perms_check($changelogPerms, MSZ_CHANGELOG_MANAGE_CHANGES);
$canChangeTags = perms_check($changelogPerms, MSZ_CHANGELOG_MANAGE_TAGS);
$canChangeActions = perms_check($changelogPerms, MSZ_CHANGELOG_MANAGE_ACTIONS);
if ($canChanges || $canChangeTags || $canChangeActions) {
$menu['Changelog'] = [];
if ($canChanges) {
$menu['Changelog']['Changes'] = '/manage/changelog.php?v=changes';
}
if ($canChangeTags) {
$menu['Changelog']['Tags'] = '/manage/changelog.php?v=tags';
}
if ($canChangeActions) {
$menu['Changelog']['Actions'] = '/manage/changelog.php?v=actions';
}
}
return $menu;
}

95
src/perms.php Normal file
View file

@ -0,0 +1,95 @@
<?php
use Misuzu\Database;
define('MSZ_PERMS_USER', 'user');
define('MSZ_PERMS_CHANGELOG', 'changelog');
$_msz_perms_cache = [];
function perms_construct_cache_key(string $prefix, string $mode, int $pid): string
{
return $prefix . '_' . $mode . '_' . $pid;
}
function perms_get_cache(string $prefix, string $mode, int $pid): int
{
global $_msz_perms_cache;
return $_msz_perms_cache[perms_construct_cache_key($prefix, $mode, $pid)];
}
function perms_set_cache(string $prefix, string $mode, int $pid, int $perms): int
{
global $_msz_perms_cache;
return $_msz_perms_cache[perms_construct_cache_key($prefix, $mode, $pid)] = $perms;
}
function perms_is_cached(string $prefix, string $mode, int $pid): bool
{
global $_msz_perms_cache;
return array_key_exists(perms_construct_cache_key($prefix, $mode, $pid), $_msz_perms_cache);
}
function perms_get_user(string $prefix, int $user): int
{
if ($user < 1) {
return 0;
} elseif ($user === 1) {
return 0x7FFFFFFF;
}
if (perms_is_cached($prefix, 'user', $user)) {
return perms_get_cache($prefix, 'user', $user);
}
$permsAllow = 0;
$permsDeny = 0;
$getPerms = Database::connection()->prepare("
SELECT `{$prefix}_perms_allow` as `allow`, `{$prefix}_perms_deny` as `deny`
FROM `msz_permissions`
WHERE (`user_id` = :user_id_1 AND `role_id` IS NULL)
OR (
`user_id` IS NULL
AND `role_id` IN (
SELECT `role_id`
FROM `msz_user_roles`
WHERE `user_id` = :user_id_2
)
)
");
$getPerms->bindValue('user_id_1', $user);
$getPerms->bindValue('user_id_2', $user);
$perms = $getPerms->execute() ? $getPerms->fetchAll(PDO::FETCH_ASSOC) : [];
foreach ($perms as $perm) {
$permsAllow |= $perm['allow'];
$permsDeny |= $perm['deny'];
}
return perms_set_cache($prefix, 'user', $user, $permsAllow &~ $permsDeny);
}
function perms_get_role(string $prefix, int $role): int
{
if ($role < 1) {
return 0;
}
if (perms_is_cached($prefix, 'role', $user)) {
return perms_get_cache($prefix, 'role', $user);
}
$getPerms = Database::connection()->prepare("
SELECT `{$prefix}_perms_allow` &~ `{$prefix}_perms_deny`
FROM `msz_permissions`
WHERE `role_id` = :role_id
AND `user_id` IS NULL
");
$getPerms->bindValue('role_id', $role);
return perms_set_cache($prefix, 'role', $role, $getPerms->execute() ? (int)$getPerms->fetchColumn() : 0);
}
function perms_check(int $perms, int $perm): bool
{
return ($perms & $perm) > 0;
}

142
views/manage/master.twig
View file

@ -1,124 +1,3 @@
{% set menus = [
{
'name': 'general',
'title': 'General',
'sections': [
[
{
'name': 'overview',
'title': 'Overview',
'url': '/manage/index.php?v=overview',
},
{
'name': 'logs',
'title': 'Logs',
'url': '/manage/index.php?v=logs',
},
],
[
{
'name': 'emotes',
'title': 'Emoticons',
'url': '/manage/index.php?v=emoticons',
},
{
'name': 'settings',
'title': 'Settings',
'url': '/manage/index.php?v=settings',
},
],
],
},
{
'name': 'users',
'title': 'Users',
'sections': [
[
{
'name': 'listing',
'title': 'Listing',
'url': '/manage/users.php?v=listing',
},
],
[
{
'name': 'roles',
'title': 'Roles',
'url': '/manage/users.php?v=roles',
},
{
'name': 'perms',
'title': 'Permissions',
'url': '/manage/users.php?v=permissions',
},
],
[
{
'name': 'report',
'title': 'Reports',
'url': '/manage/users.php?v=reports',
},
{
'name': 'restrictions',
'title': 'Restrictions',
'url': '/manage/users.php?v=restrictions',
},
{
'name': 'blacklist',
'title': 'Blacklisting',
'url': '/manage/users.php?v=blacklist',
},
],
],
},
{
'name': 'forum',
'title': 'Forum',
'sections': [
[
{
'name': 'forums',
'title': 'Listing',
'url': '/manage/forums.php?v=listing',
},
{
'name': 'perms',
'title': 'Permissions',
'url': '/manage/forums.php?v=permissions',
},
{
'name': 'settings',
'title': 'Settings',
'url': '/manage/forums.php?v=settings',
},
],
],
},
{
'name': 'changelog',
'title': 'Changelog',
'sections': [
[
{
'name': 'changes',
'title': 'Changes',
'url': '/manage/changelog.php?v=changes',
},
{
'name': 'tags',
'title': 'Tags',
'url': '/manage/changelog.php?v=tags',
},
{
'name': 'actions',
'title': 'Actions',
'url': '/manage/changelog.php?v=actions',
},
],
],
},
] %}
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
@ -138,18 +17,21 @@
</a> </a>
<div class="header__navigation"> <div class="header__navigation">
{% for menu in menus %} {% for name, menu in manage_menu %}
<div class="header__menu"> <div class="header__menu">
<input type="checkbox" id="menu-{{ menu.name }}-state" class="header__menu__state"> <input type="checkbox" id="menu-{{ name|lower }}-state" class="header__menu__state">
<label for="menu-{{ menu.name }}-state" class="header__menu__toggle">{{ menu.title }}</label> <label for="menu-{{ name|lower }}-state" class="header__menu__toggle">{{ name }}</label>
<div class="header__menu__options"> <div class="header__menu__options">
{% for section in menu.sections %} <div class="header__menu__section">
<div class="header__menu__section"> {% for title, link in menu %}
{% for item in section %} {% if link == '_' %}
<a class="header__menu__link header__menu__link--{{ menu.name }}-{{ item.name }}" href="{{ item.url }}">{{ item.title }}</a> </div>
{% endfor %} <div class="header__menu__section">
</div> {% else %}
<a class="header__menu__link" href="{{ link }}">{{ title }}</a>
{% endif %}
{% endfor %} {% endfor %}
</div>
</div> </div>
</div> </div>
{% endfor %} {% endfor %}

2
views/mio/master.twig
View file

@ -38,7 +38,7 @@
<ul class="header__user__links"> <ul class="header__user__links">
<li class="header__user__option"><a class="header__user__link" href="/profile.php?u={{ current_user.user_id }}">Profile</a></li> <li class="header__user__option"><a class="header__user__link" href="/profile.php?u={{ current_user.user_id }}">Profile</a></li>
<li class="header__user__option"><a class="header__user__link" href="/settings.php">Settings</a></li> <li class="header__user__option"><a class="header__user__link" href="/settings.php">Settings</a></li>
{% if current_user.user_id == 1 %} {% if has_manage_access %}
<li class="header__user__option"><a class="header__user__link" href="{{ manage_link|default('/manage/index.php') }}">Manage</a></li> <li class="header__user__option"><a class="header__user__link" href="{{ manage_link|default('/manage/index.php') }}">Manage</a></li>
{% endif %} {% endif %}
<li class="header__user__option"><a class="header__user__link" href="/auth.php?m=logout&amp;s={{ csrf_token() }}">Logout</a></li> <li class="header__user__option"><a class="header__user__link" href="/auth.php?m=logout&amp;s={{ csrf_token() }}">Logout</a></li>

2
views/mio/settings/master.twig
View file

@ -4,7 +4,7 @@
{% set title = 'Settings » ' ~ settings_title %} {% set title = 'Settings » ' ~ settings_title %}
{% block content %} {% block content %}
{{ navigation(settings_modes|flip, settings_mode, true, '?m=%s') }} {{ navigation(settings_navigation, settings_mode, true, '?m=%s') }}
{% block settings_container %} {% block settings_container %}
{% if settings_errors is defined and settings_errors|length > 0 %} {% if settings_errors is defined and settings_errors|length > 0 %}