mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-28 06:08:52 +00:00
gurgle blurp ... make some more changes, blurp, gurgle, move discover_auth to auth class as acl_get_list method, blurp gurgle blurp
git-svn-id: file:///svn/phpbb/trunk@4661 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
parent
eb87d0537a
commit
74ccfb2ad5
6 changed files with 121 additions and 97 deletions
|
|
@ -1,33 +1,25 @@
|
||||||
<?php
|
<?php
|
||||||
/***************************************************************************
|
// -------------------------------------------------------------
|
||||||
* admin_permissions.php
|
//
|
||||||
* -------------------
|
// $Id$
|
||||||
* begin : Saturday, Feb 13, 2001
|
//
|
||||||
* copyright : © 2001 The phpBB Group
|
// FILENAME : admin_permissions.php
|
||||||
* email : support@phpbb.com
|
// STARTED : Sat Feb 13, 2001
|
||||||
*
|
// COPYRIGHT : © 2001, 2003 phpBB Group
|
||||||
* $Id$
|
// WWW : http://www.phpbb.com/
|
||||||
*
|
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
|
||||||
***************************************************************************/
|
//
|
||||||
|
// -------------------------------------------------------------
|
||||||
/***************************************************************************
|
|
||||||
*
|
|
||||||
* This program is free software; you can redistribute it and/or modify
|
|
||||||
* it under the terms of the GNU General Public License as published by
|
|
||||||
* the Free Software Foundation; either version 2 of the License, or
|
|
||||||
* (at your option) any later version.
|
|
||||||
*
|
|
||||||
***************************************************************************/
|
|
||||||
|
|
||||||
if (!empty($setmodules))
|
if (!empty($setmodules))
|
||||||
{
|
{
|
||||||
$filename = basename(__FILE__);
|
$filename = basename(__FILE__);
|
||||||
$module['FORUM']['PERMISSIONS'] = ($auth->acl_get('a_auth')) ? $filename . $SID . '&mode=forum' : '';
|
$module['PERM']['PERMISSIONS'] = ($auth->acl_get('a_auth')) ? "$filename$SID&mode=forum" : '';
|
||||||
$module['FORUM']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=mod' : '';
|
$module['PERM']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? "$filename$SID&mode=mod" : '';
|
||||||
$module['FORUM']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=supermod' : '';
|
$module['PERM']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? "$filename$SID&mode=supermod" : '';
|
||||||
$module['FORUM']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? $filename . $SID . '&mode=admin' : '';
|
$module['PERM']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? "$filename$SID&mode=admin" : '';
|
||||||
$module['USER']['PERMISSIONS'] = ($auth->acl_get('a_authusers')) ? $filename . $SID . '&mode=user' : '';
|
$module['PERM']['USER_PERMS'] = ($auth->acl_get('a_authusers')) ? "$filename$SID&mode=user" : '';
|
||||||
$module['GROUP']['PERMISSIONS'] = ($auth->acl_get('a_authgroups')) ? $filename . $SID . '&mode=group' : '';
|
$module['PERM']['GROUP_PERMS'] = ($auth->acl_get('a_authgroups')) ? "$filename$SID&mode=group" : '';
|
||||||
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
@ -238,6 +230,12 @@ switch ($submit)
|
||||||
cache_moderators();
|
cache_moderators();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Remove users who are now moderators or admins from everyones foes
|
||||||
|
// list
|
||||||
|
if ($mode == 'mod' || sizeof($auth_settings['mod']) || $mode == 'admin' || sizeof($auth_settings['admin']))
|
||||||
|
{
|
||||||
|
update_foes();
|
||||||
|
}
|
||||||
|
|
||||||
// Logging ... first grab user or groupnames ...
|
// Logging ... first grab user or groupnames ...
|
||||||
$sql = ($ug_type == 'group') ? 'SELECT group_name as name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id' : 'SELECT username as name FROM ' . USERS_TABLE . ' WHERE user_id';
|
$sql = ($ug_type == 'group') ? 'SELECT group_name as name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id' : 'SELECT username as name FROM ' . USERS_TABLE . ' WHERE user_id';
|
||||||
|
|
@ -1314,4 +1312,32 @@ if (in_array($submit, array('add_options', 'edit_options', 'presetsave', 'preset
|
||||||
// Output page footer
|
// Output page footer
|
||||||
adm_page_footer();
|
adm_page_footer();
|
||||||
|
|
||||||
|
// ---------
|
||||||
|
// FUNCTIONS
|
||||||
|
//
|
||||||
|
function update_foes()
|
||||||
|
{
|
||||||
|
global $db;
|
||||||
|
|
||||||
|
$perms = array();
|
||||||
|
foreach (auth::acl_get_list(false, array('a_', 'm_'), false) as $forum_id => $forum_ary)
|
||||||
|
{
|
||||||
|
foreach ($forum_ary as $auth_option => $user_ary)
|
||||||
|
{
|
||||||
|
$perms += $user_ary;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (sizeof($perms))
|
||||||
|
{
|
||||||
|
$sql = 'DELETE FROM ' . ZEBRA_TABLE . '
|
||||||
|
WHERE zebra_id IN (' . implode(', ', $perms) . ')';
|
||||||
|
$db->sql_query($sql);
|
||||||
|
}
|
||||||
|
unset($perms);
|
||||||
|
}
|
||||||
|
//
|
||||||
|
// FUNCTIONS
|
||||||
|
// ---------
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
@ -210,70 +210,6 @@ function get_moderators(&$forum_moderators, $forum_id = false)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
function discover_auth($user_id = false, $opts = false, $forum_id = false)
|
|
||||||
{
|
|
||||||
global $db;
|
|
||||||
|
|
||||||
$sql_user = ($user_id) ? ((!is_array($user_id)) ? "user_id = $user_id" : 'user_id IN (' . implode(', ', $user_id) . ')') : '';
|
|
||||||
$sql_forum = ($forum_id) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')') : '';
|
|
||||||
$sql_opts = ($opts) ? ((!is_array($opts)) ? "AND ao.auth_option = '$opts'" : 'AND ao.auth_option IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#e', "\"'\" . $db->sql_escape('\\1') . \"'\"", $opts)) . ')') : '';
|
|
||||||
|
|
||||||
$hold_ary = array();
|
|
||||||
// First grab user settings ... each user has only one setting for each
|
|
||||||
// option ... so we shouldn't need any ACL_NO checks ... he says ...
|
|
||||||
$sql = 'SELECT ao.auth_option, a.user_id, a.forum_id, a.auth_setting
|
|
||||||
FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a
|
|
||||||
WHERE ao.auth_option_id = a.auth_option_id
|
|
||||||
' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
|
|
||||||
$sql_forum
|
|
||||||
$sql_opts
|
|
||||||
ORDER BY a.forum_id, ao.auth_option";
|
|
||||||
$result = $db->sql_query($sql);
|
|
||||||
|
|
||||||
while ($row = $db->sql_fetchrow($result))
|
|
||||||
{
|
|
||||||
$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
|
|
||||||
}
|
|
||||||
$db->sql_freeresult($result);
|
|
||||||
|
|
||||||
// Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
|
|
||||||
$sql = 'SELECT ug.user_id, ao.auth_option, a.forum_id, a.auth_setting
|
|
||||||
FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a
|
|
||||||
WHERE ao.auth_option_id = a.auth_option_id
|
|
||||||
AND a.group_id = ug.group_id
|
|
||||||
' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
|
|
||||||
$sql_forum
|
|
||||||
$sql_opts
|
|
||||||
ORDER BY a.forum_id, ao.auth_option";
|
|
||||||
$result = $db->sql_query($sql);
|
|
||||||
|
|
||||||
while ($row = $db->sql_fetchrow($result))
|
|
||||||
{
|
|
||||||
if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] != ACL_NO))
|
|
||||||
{
|
|
||||||
$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$db->sql_freeresult($result);
|
|
||||||
|
|
||||||
$auth_ary = array();
|
|
||||||
foreach ($hold_ary as $user_id => $forum_ary)
|
|
||||||
{
|
|
||||||
foreach ($forum_ary as $forum_id => $auth_option_ary)
|
|
||||||
{
|
|
||||||
foreach ($auth_option_ary as $auth_option => $auth_setting)
|
|
||||||
{
|
|
||||||
if ($auth_setting == ACL_YES)
|
|
||||||
{
|
|
||||||
$auth_ary[$forum_id][$auth_option][] = $user_id;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return $auth_ary;
|
|
||||||
}
|
|
||||||
|
|
||||||
// User authorisation levels output
|
// User authorisation levels output
|
||||||
function gen_forum_rules($mode, &$forum_id)
|
function gen_forum_rules($mode, &$forum_id)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -754,14 +754,12 @@ class auth
|
||||||
}
|
}
|
||||||
$db->sql_freeresult($result);
|
$db->sql_freeresult($result);
|
||||||
|
|
||||||
// Now grab group settings ... users can belong to multiple groups so we grab
|
// Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
|
||||||
// the minimum setting for all options. ACL_NO overrides ACL_YES so act appropriatley
|
$sql = 'SELECT ao.auth_option, a.forum_id, a.auth_setting
|
||||||
$sql = 'SELECT ao.auth_option, a.forum_id, MIN(a.auth_setting) as min_setting
|
|
||||||
FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a
|
FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a
|
||||||
WHERE ug.user_id = ' . $userdata['user_id'] . '
|
WHERE ug.user_id = ' . $userdata['user_id'] . '
|
||||||
AND a.group_id = ug.group_id
|
AND a.group_id = ug.group_id
|
||||||
AND ao.auth_option_id = a.auth_option_id
|
AND ao.auth_option_id = a.auth_option_id
|
||||||
GROUP BY ao.auth_option, a.forum_id
|
|
||||||
ORDER BY a.forum_id, ao.auth_option';
|
ORDER BY a.forum_id, ao.auth_option';
|
||||||
$result = $db->sql_query($sql);
|
$result = $db->sql_query($sql);
|
||||||
|
|
||||||
|
|
@ -769,7 +767,7 @@ class auth
|
||||||
{
|
{
|
||||||
if (!isset($hold_ary[$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['forum_id']][$row['auth_option']] != ACL_NO))
|
if (!isset($hold_ary[$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['forum_id']][$row['auth_option']] != ACL_NO))
|
||||||
{
|
{
|
||||||
$hold_ary[$row['forum_id']][$row['auth_option']] = $row['min_setting'];
|
$hold_ary[$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$db->sql_freeresult($result);
|
$db->sql_freeresult($result);
|
||||||
|
|
@ -840,6 +838,70 @@ class auth
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function acl_get_list($user_id = false, $opts = false, $forum_id = false)
|
||||||
|
{
|
||||||
|
global $db;
|
||||||
|
|
||||||
|
$sql_user = ($user_id) ? ((!is_array($user_id)) ? "user_id = $user_id" : 'user_id IN (' . implode(', ', $user_id) . ')') : '';
|
||||||
|
$sql_forum = ($forum_id) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')') : '';
|
||||||
|
$sql_opts = ($opts) ? ((!is_array($opts)) ? "AND ao.auth_option = '$opts'" : 'AND ao.auth_option IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#e', "\"'\" . $db->sql_escape('\\1') . \"'\"", $opts)) . ')') : '';
|
||||||
|
|
||||||
|
$hold_ary = array();
|
||||||
|
// First grab user settings ... each user has only one setting for each
|
||||||
|
// option ... so we shouldn't need any ACL_NO checks ... he says ...
|
||||||
|
$sql = 'SELECT ao.auth_option, a.user_id, a.forum_id, a.auth_setting
|
||||||
|
FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a
|
||||||
|
WHERE ao.auth_option_id = a.auth_option_id
|
||||||
|
' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
|
||||||
|
$sql_forum
|
||||||
|
$sql_opts
|
||||||
|
ORDER BY a.forum_id, ao.auth_option";
|
||||||
|
$result = $db->sql_query($sql);
|
||||||
|
|
||||||
|
while ($row = $db->sql_fetchrow($result))
|
||||||
|
{
|
||||||
|
$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
|
||||||
|
}
|
||||||
|
$db->sql_freeresult($result);
|
||||||
|
|
||||||
|
// Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
|
||||||
|
$sql = 'SELECT ug.user_id, ao.auth_option, a.forum_id, a.auth_setting
|
||||||
|
FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a
|
||||||
|
WHERE ao.auth_option_id = a.auth_option_id
|
||||||
|
AND a.group_id = ug.group_id
|
||||||
|
' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
|
||||||
|
$sql_forum
|
||||||
|
$sql_opts
|
||||||
|
ORDER BY a.forum_id, ao.auth_option";
|
||||||
|
$result = $db->sql_query($sql);
|
||||||
|
|
||||||
|
while ($row = $db->sql_fetchrow($result))
|
||||||
|
{
|
||||||
|
if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] != ACL_NO))
|
||||||
|
{
|
||||||
|
$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$db->sql_freeresult($result);
|
||||||
|
|
||||||
|
$auth_ary = array();
|
||||||
|
foreach ($hold_ary as $user_id => $forum_ary)
|
||||||
|
{
|
||||||
|
foreach ($forum_ary as $forum_id => $auth_option_ary)
|
||||||
|
{
|
||||||
|
foreach ($auth_option_ary as $auth_option => $auth_setting)
|
||||||
|
{
|
||||||
|
if ($auth_setting == ACL_YES)
|
||||||
|
{
|
||||||
|
$auth_ary[$forum_id][$auth_option][] = $user_id;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $auth_ary;
|
||||||
|
}
|
||||||
|
|
||||||
// Clear one or all users cached permission settings
|
// Clear one or all users cached permission settings
|
||||||
function acl_clear_prefetch($user_id = false)
|
function acl_clear_prefetch($user_id = false)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -119,7 +119,7 @@ class ucp_profile extends module
|
||||||
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
|
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
|
||||||
{
|
{
|
||||||
// Grab an array of user_id's with a_user permissions
|
// Grab an array of user_id's with a_user permissions
|
||||||
$admin_ary = discover_auth(false, 'a_user', false);
|
$admin_ary = auth::acl_get_list(false, 'a_user', false);
|
||||||
|
|
||||||
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
|
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
|
||||||
FROM ' . USERS_TABLE . '
|
FROM ' . USERS_TABLE . '
|
||||||
|
|
|
||||||
|
|
@ -258,7 +258,7 @@ class ucp_register extends module
|
||||||
{
|
{
|
||||||
// Grab an array of user_id's with a_user permissions ... these users
|
// Grab an array of user_id's with a_user permissions ... these users
|
||||||
// can activate a user
|
// can activate a user
|
||||||
$admin_ary = discover_auth(false, 'a_user', false);
|
$admin_ary = auth::acl_get_list(false, 'a_user', false);
|
||||||
|
|
||||||
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
|
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
|
||||||
FROM ' . USERS_TABLE . '
|
FROM ' . USERS_TABLE . '
|
||||||
|
|
|
||||||
|
|
@ -93,7 +93,7 @@ class ucp_zebra extends module
|
||||||
if ($mode == 'foes')
|
if ($mode == 'foes')
|
||||||
{
|
{
|
||||||
$perms = array();
|
$perms = array();
|
||||||
foreach (discover_auth($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
|
foreach (auth::acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
|
||||||
{
|
{
|
||||||
foreach ($forum_ary as $auth_option => $user_ary)
|
foreach ($forum_ary as $auth_option => $user_ary)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue