~azzar1/unity/add-show-desktop-key

* @param set|view $mode defines the permissions we get, view gets effective permissions (checking user AND group permissions), set only gets the user or group permission set alone

* @param mixed $user_id user ids to search for (a user_id or a group_id has to be specified at least)

* @param mixed $group_id group ids to search for, return group related settings (a user_id or a group_id has to be specified at least)

* @param mixed $forum_id forum_ids to search for. Defining a forum id also means getting local settings

* @param string $auth_option the auth_option defines the permission setting to look for (a_ for example)

* @param local|global $scope the scope defines the permission scope. If local, a forum_id is additionally required

* @param ACL_NEVER|ACL_NO|ACL_YES $acl_fill defines the mode those permissions not set are getting filled with

function get_mask($mode, $user_id = false, $group_id = false, $forum_id = false, $auth_option = false, $scope = false, $acl_fill = ACL_NEVER)

{

global $db, $user;

$hold_ary = array();

$view_user_mask = ($mode == 'view' && $group_id === false) ? true : false;

if ($auth_option === false || $scope === false)

{

return array();

}

$acl_user_function = ($mode == 'set') ? 'acl_user_raw_data' : 'acl_raw_data';

100

101

if (!$view_user_mask)

102

{

103

if ($forum_id !== false)

104

{

105

$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', $forum_id) : $this->$acl_user_function($user_id, $auth_option . '%', $forum_id);

106

}

107

else

108

{

109

$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);

110

}

111

}

112

113

// Make sure hold_ary is filled with every setting (prevents missing forums/users/groups)

114

$ug_id = ($group_id !== false) ? ((!is_array($group_id)) ? array($group_id) : $group_id) : ((!is_array($user_id)) ? array($user_id) : $user_id);

115

$forum_ids = ($forum_id !== false) ? ((!is_array($forum_id)) ? array($forum_id) : $forum_id) : (($scope == 'global') ? array(0) : array());

116

117

// Only those options we need

118

$compare_options = array_diff(preg_replace('/^((?!' . $auth_option . ').+)|(' . $auth_option . ')$/', '', array_keys($this->acl_options[$scope])), array(''));

119

120

// If forum_ids is false and the scope is local we actually want to have all forums within the array

121

if ($scope == 'local' && !sizeof($forum_ids))

122

{

123

$sql = 'SELECT forum_id

124

FROM ' . FORUMS_TABLE;

125

$result = $db->sql_query($sql, 120);

126

127

while ($row = $db->sql_fetchrow($result))

128

{

129

$forum_ids[] = $row['forum_id'];

130

}

131

$db->sql_freeresult($result);

132

}

133

134

if ($view_user_mask)

135

{

136

$auth2 = null;

137

138

$sql = 'SELECT user_id, user_permissions, user_type

139

FROM ' . USERS_TABLE . '

140

WHERE ' . $db->sql_in_set('user_id', $ug_id);

141

$result = $db->sql_query($sql);

142

143

while ($userdata = $db->sql_fetchrow($result))

144

{

145

if ($user->data['user_id'] != $userdata['user_id'])

146

{

147

$auth2 = new auth();

148

$auth2->acl($userdata);

149

}

150

else

151

{

152

global $auth;

153

$auth2 = &$auth;

154

}

155

156

157

$hold_ary[$userdata['user_id']] = array();

158

foreach ($forum_ids as $f_id)

159

{

160

$hold_ary[$userdata['user_id']][$f_id] = array();

161

foreach ($compare_options as $option)

162

{

163

$hold_ary[$userdata['user_id']][$f_id][$option] = $auth2->acl_get($option, $f_id);

164

}

165

}

166

}

167

$db->sql_freeresult($result);

168

169

unset($userdata);

170

unset($auth2);

171

}

172

173

foreach ($ug_id as $_id)

174

{

175

if (!isset($hold_ary[$_id]))

176

{

177

$hold_ary[$_id] = array();

178

}

179

180

foreach ($forum_ids as $f_id)

181

{

182

if (!isset($hold_ary[$_id][$f_id]))

183

{

184

$hold_ary[$_id][$f_id] = array();

185

}

186

}

187

}

188

189

// Now, we need to fill the gaps with $acl_fill. ;)

190

191

// Now switch back to keys

192

if (sizeof($compare_options))

193

{

194

$compare_options = array_combine($compare_options, array_fill(1, sizeof($compare_options), $acl_fill));

195

}

196

197

// Defining the user-function here to save some memory

198

$return_acl_fill = create_function('$value', 'return ' . $acl_fill . ';');

199

200

// Actually fill the gaps

201

if (sizeof($hold_ary))

202

{

203

foreach ($hold_ary as $ug_id => $row)

204

{

205

foreach ($row as $id => $options)

206

{

207

// Do not include the global auth_option

208

unset($options[$auth_option]);

209

210

// Not a "fine" solution, but at all it's a 1-dimensional

211

// array_diff_key function filling the resulting array values with zeros

212

// The differences get merged into $hold_ary (all permissions having $acl_fill set)

213

$hold_ary[$ug_id][$id] = array_merge($options,

214

215

array_map($return_acl_fill,

216

array_flip(

217

array_diff(

218

array_keys($compare_options), array_keys($options)

219

)

220

)

221

)

222

);

223

}

224

}

225

}

226

else

227

{

228

$hold_ary[($group_id !== false) ? $group_id : $user_id][(int) $forum_id] = $compare_options;

229

}

230

231

return $hold_ary;

232

}

233

234

/**

235

* Get permission mask for roles

236

* This function only supports getting masks for one role

237

238

function get_role_mask($role_id)

239

{

240

global $db;

241

242

$hold_ary = array();

243

244

// Get users having this role set...

245

$sql = 'SELECT user_id, forum_id

246

FROM ' . ACL_USERS_TABLE . '

247

WHERE auth_role_id = ' . $role_id . '

248

ORDER BY forum_id';

249

$result = $db->sql_query($sql);

250

251

while ($row = $db->sql_fetchrow($result))

252

{

253

$hold_ary[$row['forum_id']]['users'][] = $row['user_id'];

254

}

255

$db->sql_freeresult($result);

256

257

// Now grab groups...

258

$sql = 'SELECT group_id, forum_id

259

FROM ' . ACL_GROUPS_TABLE . '

260

WHERE auth_role_id = ' . $role_id . '

261

ORDER BY forum_id';

262

$result = $db->sql_query($sql);

263

264

while ($row = $db->sql_fetchrow($result))

265

{

266

$hold_ary[$row['forum_id']]['groups'][] = $row['group_id'];

267

}

268

$db->sql_freeresult($result);

269

270

return $hold_ary;

271

}

272

273

/**

274

* Display permission mask (assign to template)

275

276

function display_mask($mode, $permission_type, &$hold_ary, $user_mode = 'user', $local = false, $group_display = true)

277

{

278

global $template, $user, $db, $phpbb_root_path, $phpEx;

279

280

// Define names for template loops, might be able to be set

281

$tpl_pmask = 'p_mask';

282

$tpl_fmask = 'f_mask';

283

$tpl_category = 'category';

284

$tpl_mask = 'mask';

285

286

$l_acl_type = (isset($user->lang['ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type)])) ? $user->lang['ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type)] : 'ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type);

287

288

// Allow trace for viewing permissions and in user mode

289

$show_trace = ($mode == 'view' && $user_mode == 'user') ? true : false;

290

291

// Get names

292

if ($user_mode == 'user')

293

{

294

$sql = 'SELECT user_id as ug_id, username as ug_name

295

FROM ' . USERS_TABLE . '

296

WHERE ' . $db->sql_in_set('user_id', array_keys($hold_ary)) . '

297

ORDER BY username_clean ASC';

298

}

299

else

300

{

301

$sql = 'SELECT group_id as ug_id, group_name as ug_name, group_type

302

FROM ' . GROUPS_TABLE . '

303

WHERE ' . $db->sql_in_set('group_id', array_keys($hold_ary)) . '

304

ORDER BY group_type DESC, group_name ASC';

305

}

306

$result = $db->sql_query($sql);

307

308

$ug_names_ary = array();

309

while ($row = $db->sql_fetchrow($result))

310

{

311

$ug_names_ary[$row['ug_id']] = ($user_mode == 'user') ? $row['ug_name'] : (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['ug_name']] : $row['ug_name']);

312

}

313

$db->sql_freeresult($result);

314

315

// Get used forums

316

$forum_ids = array();

317

foreach ($hold_ary as $ug_id => $row)

318

{

319

$forum_ids = array_merge($forum_ids, array_keys($row));

320

}

321

$forum_ids = array_unique($forum_ids);

322

323

$forum_names_ary = array();

324

if ($local)

325

{

326

$forum_names_ary = make_forum_select(false, false, true, false, false, false, true);

327

328

// Remove the disabled ones, since we do not create an option field here...

329

foreach ($forum_names_ary as $key => $value)

330

{

331

if (!$value['disabled'])

332

{

333

continue;

334

}

335

unset($forum_names_ary[$key]);

336

}

337

}

338

else

339

{

340

$forum_names_ary[0] = $l_acl_type;

341

}

342

343

// Get available roles

344

$sql = 'SELECT *

345

FROM ' . ACL_ROLES_TABLE . "

346

WHERE role_type = '" . $db->sql_escape($permission_type) . "'

347

ORDER BY role_order ASC";

348

$result = $db->sql_query($sql);

349

350

$roles = array();

351

while ($row = $db->sql_fetchrow($result))

352

{

353

$roles[$row['role_id']] = $row;

354

}

355

$db->sql_freeresult($result);

356

357

$cur_roles = $this->acl_role_data($user_mode, $permission_type, array_keys($hold_ary));

358

359

// Build js roles array (role data assignments)

360

$s_role_js_array = '';

361

362

if (sizeof($roles))

363

{

364

$s_role_js_array = array();

365

366

// Make sure every role (even if empty) has its array defined

367

foreach ($roles as $_role_id => $null)

368

{

369

$s_role_js_array[$_role_id] = "\n" . 'role_options[' . $_role_id . '] = new Array();' . "\n";

370

}

371

372

$sql = 'SELECT r.role_id, o.auth_option, r.auth_setting

373

FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o

374

WHERE o.auth_option_id = r.auth_option_id

375

AND ' . $db->sql_in_set('r.role_id', array_keys($roles));

376

$result = $db->sql_query($sql);

377

378

while ($row = $db->sql_fetchrow($result))

379

{

380

$flag = substr($row['auth_option'], 0, strpos($row['auth_option'], '_') + 1);

381

if ($flag == $row['auth_option'])

382

{

383

continue;

384

}

385

386

$s_role_js_array[$row['role_id']] .= 'role_options[' . $row['role_id'] . '][\'' . addslashes($row['auth_option']) . '\'] = ' . $row['auth_setting'] . '; ';

387

}

388

$db->sql_freeresult($result);

389

390

$s_role_js_array = implode('', $s_role_js_array);

391

}

392

393

$template->assign_var('S_ROLE_JS_ARRAY', $s_role_js_array);

394

unset($s_role_js_array);

395

396

// Now obtain memberships

397

$user_groups_default = $user_groups_custom = array();

398

if ($user_mode == 'user' && $group_display)

399

{

400

$sql = 'SELECT group_id, group_name, group_type

401

FROM ' . GROUPS_TABLE . '

402

ORDER BY group_type DESC, group_name ASC';

403

$result = $db->sql_query($sql);

404

405

$groups = array();

406

while ($row = $db->sql_fetchrow($result))

407

{

408

$groups[$row['group_id']] = $row;

409

}

410

$db->sql_freeresult($result);

411

412

$memberships = group_memberships(false, array_keys($hold_ary), false);

413

414

// User is not a member of any group? Bad admin, bad bad admin...

415

if ($memberships)

416

{

417

foreach ($memberships as $row)

418

{

419

if ($groups[$row['group_id']]['group_type'] == GROUP_SPECIAL)

420

{

421

$user_groups_default[$row['user_id']][] = $user->lang['G_' . $groups[$row['group_id']]['group_name']];

422

}

423

else

424

{

425

$user_groups_custom[$row['user_id']][] = $groups[$row['group_id']]['group_name'];

426

}

427

}

428

}

429

unset($memberships, $groups);

430

}

431

432

// If we only have one forum id to display or being in local mode and more than one user/group to display,

433

// we switch the complete interface to group by user/usergroup instead of grouping by forum

434

// To achieve this, we need to switch the array a bit

435

if (sizeof($forum_ids) == 1 || ($local && sizeof($ug_names_ary) > 1))

436

{

437

$hold_ary_temp = $hold_ary;

438

$hold_ary = array();

439

foreach ($hold_ary_temp as $ug_id => $row)

440

{

441

foreach ($forum_names_ary as $forum_id => $forum_row)

442

{

443

if (isset($row[$forum_id]))

444

{

445

$hold_ary[$forum_id][$ug_id] = $row[$forum_id];

446

}

447

}

448

}

449

unset($hold_ary_temp);

450

451

foreach ($hold_ary as $forum_id => $forum_array)

452

{

453

$content_array = $categories = array();

454

$this->build_permission_array($hold_ary[$forum_id], $content_array, $categories, array_keys($ug_names_ary));

455

456

$template->assign_block_vars($tpl_pmask, array(

457

'NAME' => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'],

458

'PADDING' => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'],

459

460

'CATEGORIES' => implode('</th><th>', $categories),

461

462

'L_ACL_TYPE' => $l_acl_type,

463

464

'S_LOCAL' => ($local) ? true : false,

465

'S_GLOBAL' => (!$local) ? true : false,

466

'S_NUM_CATS' => sizeof($categories),

467

'S_VIEW' => ($mode == 'view') ? true : false,

468

'S_NUM_OBJECTS' => sizeof($content_array),

469

'S_USER_MODE' => ($user_mode == 'user') ? true : false,

470

'S_GROUP_MODE' => ($user_mode == 'group') ? true : false)

471

);

472

473

@reset($content_array);

474

while (list($ug_id, $ug_array) = each($content_array))

475

{

476

// Build role dropdown options

477

$current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;

478

479

$s_role_options = '';

480

481

@reset($roles);

482

while (list($role_id, $role_row) = each($roles))

483

{

484

$role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']);

485

$role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];

486

487

$title = ($role_description) ? ' title="' . $role_description . '"' : '';

488

$s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>';

489

}

490

491

if ($s_role_options)

492

{

493

$s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options;

494

}

495

496

if (!$current_role_id && $mode != 'view')

497

{

498

$s_custom_permissions = false;

499

500

foreach ($ug_array as $key => $value)

501

{

502

if ($value['S_NEVER'] || $value['S_YES'])

503

{

504

$s_custom_permissions = true;

505

break;

506

}

507

}

508

}

509

else

510

{

511

$s_custom_permissions = false;

512

}

513

514

$template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array(

515

'NAME' => $ug_names_ary[$ug_id],

516

'S_ROLE_OPTIONS' => $s_role_options,

517

'UG_ID' => $ug_id,

518

'S_CUSTOM' => $s_custom_permissions,

519

'FORUM_ID' => $forum_id)

520

);

521

522

$this->assign_cat_array($ug_array, $tpl_pmask . '.' . $tpl_fmask . '.' . $tpl_category, $tpl_mask, $ug_id, $forum_id, $show_trace, ($mode == 'view'));

523

524

unset($content_array[$ug_id]);

525

}

526

527

unset($hold_ary[$forum_id]);

528

}

529

}

530

else

531

{

532

foreach ($ug_names_ary as $ug_id => $ug_name)

533

{

534

if (!isset($hold_ary[$ug_id]))

535

{

536

continue;

537

}

538

539

$content_array = $categories = array();

540

$this->build_permission_array($hold_ary[$ug_id], $content_array, $categories, array_keys($forum_names_ary));

541

542

$template->assign_block_vars($tpl_pmask, array(

543

'NAME' => $ug_name,

544

'CATEGORIES' => implode('</th><th>', $categories),

545

546

'USER_GROUPS_DEFAULT' => ($user_mode == 'user' && isset($user_groups_default[$ug_id]) && sizeof($user_groups_default[$ug_id])) ? implode(', ', $user_groups_default[$ug_id]) : '',

547

'USER_GROUPS_CUSTOM' => ($user_mode == 'user' && isset($user_groups_custom[$ug_id]) && sizeof($user_groups_custom[$ug_id])) ? implode(', ', $user_groups_custom[$ug_id]) : '',

548

'L_ACL_TYPE' => $l_acl_type,

549

550

'S_LOCAL' => ($local) ? true : false,

551

'S_GLOBAL' => (!$local) ? true : false,

552

'S_NUM_CATS' => sizeof($categories),

553

'S_VIEW' => ($mode == 'view') ? true : false,

554

'S_NUM_OBJECTS' => sizeof($content_array),

555

'S_USER_MODE' => ($user_mode == 'user') ? true : false,

556

'S_GROUP_MODE' => ($user_mode == 'group') ? true : false)

557

);

558

559

@reset($content_array);

560

while (list($forum_id, $forum_array) = each($content_array))

561

{

562

// Build role dropdown options

563

$current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;

564

565

$s_role_options = '';

566

567

@reset($roles);

568

while (list($role_id, $role_row) = each($roles))

569

{

570

$role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']);

571

$role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];

572

573

$title = ($role_description) ? ' title="' . $role_description . '"' : '';

574

$s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>';

575

}

576

577

if ($s_role_options)

578

{

579

580

}

581

582

if (!$current_role_id && $mode != 'view')

583

{

584

$s_custom_permissions = false;

585

586

foreach ($forum_array as $key => $value)

587

{

588

if ($value['S_NEVER'] || $value['S_YES'])

589

{

590

$s_custom_permissions = true;

591

break;

592

}

593

}

594

}

595

else

596

{

597

$s_custom_permissions = false;

598

}

599

600

$template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array(

601

'NAME' => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'],

602

'PADDING' => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'],

603

'S_ROLE_OPTIONS' => $s_role_options,

604

'S_CUSTOM' => $s_custom_permissions,

605

'UG_ID' => $ug_id,

606

'FORUM_ID' => $forum_id)

607

);

608

609

$this->assign_cat_array($forum_array, $tpl_pmask . '.' . $tpl_fmask . '.' . $tpl_category, $tpl_mask, $ug_id, $forum_id, $show_trace, ($mode == 'view'));

610

}

611

612

unset($hold_ary[$ug_id], $ug_names_ary[$ug_id]);

613

}

614

}

615

}

616

617

/**

618

* Display permission mask for roles

619

620

function display_role_mask(&$hold_ary)

621

{

622

global $db, $template, $user, $phpbb_root_path, $phpbb_admin_path, $phpEx;

623

624

if (!sizeof($hold_ary))

625

{

626

return;

627

}

628

629

// Get forum names

630

$sql = 'SELECT forum_id, forum_name

631

FROM ' . FORUMS_TABLE . '

632

WHERE ' . $db->sql_in_set('forum_id', array_keys($hold_ary)) . '

633

ORDER BY left_id';

634

$result = $db->sql_query($sql);

635

636

// If the role is used globally, then reflect that

637

$forum_names = (isset($hold_ary[0])) ? array(0 => '') : array();

638

while ($row = $db->sql_fetchrow($result))

639

{

640

$forum_names[$row['forum_id']] = $row['forum_name'];

641

}

642

$db->sql_freeresult($result);

643

644

foreach ($forum_names as $forum_id => $forum_name)

645

{

646

$auth_ary = $hold_ary[$forum_id];

647

648

$template->assign_block_vars('role_mask', array(

649

'NAME' => ($forum_id == 0) ? $user->lang['GLOBAL_MASK'] : $forum_name,

650

'FORUM_ID' => $forum_id)

651

);

652

653

if (isset($auth_ary['users']) && sizeof($auth_ary['users']))

654

{

655

$sql = 'SELECT user_id, username

656

FROM ' . USERS_TABLE . '

657

WHERE ' . $db->sql_in_set('user_id', $auth_ary['users']) . '

658

ORDER BY username_clean ASC';

659

$result = $db->sql_query($sql);

660

661

while ($row = $db->sql_fetchrow($result))

662

{

663

$template->assign_block_vars('role_mask.users', array(

664

'USER_ID' => $row['user_id'],

665

'USERNAME' => $row['username'],

666

'U_PROFILE' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=viewprofile&u={$row['user_id']}"))

667

);

668

}

669

$db->sql_freeresult($result);

670

}

671

672

if (isset($auth_ary['groups']) && sizeof($auth_ary['groups']))

673

{

674

$sql = 'SELECT group_id, group_name, group_type

675

FROM ' . GROUPS_TABLE . '

676

WHERE ' . $db->sql_in_set('group_id', $auth_ary['groups']) . '

677

ORDER BY group_type ASC, group_name';

678

$result = $db->sql_query($sql);

679

680

while ($row = $db->sql_fetchrow($result))

681

{

682

$template->assign_block_vars('role_mask.groups', array(

683

'GROUP_ID' => $row['group_id'],

684

'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'],

685

'U_PROFILE' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=group&g={$row['group_id']}"))

686

);

687

}

688

$db->sql_freeresult($result);

689

}

690

}

691

}

692

693

/**

694

* NOTE: this function is not in use atm

695

* Add a new option to the list ... $options is a hash of form ->

696

* $options = array(

697

* 'local' => array('option1', 'option2', ...),

698

* 'global' => array('optionA', 'optionB', ...)

699

* );

700

701

function acl_add_option($options)

702

{

703

global $db, $cache;

704

705

if (!is_array($options))

706

{

707

return false;

708

}

709

710

$cur_options = array();

711

712

$sql = 'SELECT auth_option, is_global, is_local

713

FROM ' . ACL_OPTIONS_TABLE . '

714

ORDER BY auth_option_id';

715

$result = $db->sql_query($sql);

716

717

while ($row = $db->sql_fetchrow($result))

718

{

719

if ($row['is_global'])

720

{

721

$cur_options['global'][] = $row['auth_option'];

722

}

723

724

if ($row['is_local'])

725

{

726

$cur_options['local'][] = $row['auth_option'];

727

}

728

}

729

$db->sql_freeresult($result);

730

731

// Here we need to insert new options ... this requires discovering whether

732

// an options is global, local or both and whether we need to add an permission

733

// set flag (x_)

734

$new_options = array('local' => array(), 'global' => array());

735

736

foreach ($options as $type => $option_ary)

737

{

738

$option_ary = array_unique($option_ary);

739

740

foreach ($option_ary as $option_value)

741

{

742

if (!in_array($option_value, $cur_options[$type]))

743

{

744

$new_options[$type][] = $option_value;

745

}

746

747

$flag = substr($option_value, 0, strpos($option_value, '_') + 1);

748

749

if (!in_array($flag, $cur_options[$type]) && !in_array($flag, $new_options[$type]))

750

{

751

$new_options[$type][] = $flag;

752

}

753

}

754

}

755

unset($options);

756

757

$options = array();

758

$options['local'] = array_diff($new_options['local'], $new_options['global']);

759

$options['global'] = array_diff($new_options['global'], $new_options['local']);

760

$options['local_global'] = array_intersect($new_options['local'], $new_options['global']);

761

762

$sql_ary = array();

763

764

foreach ($options as $type => $option_ary)

765

{

766

foreach ($option_ary as $option)

767

{

768

$sql_ary[] = array(

769

'auth_option' => (string) $option,

770

'is_global' => ($type == 'global' || $type == 'local_global') ? 1 : 0,

771

'is_local' => ($type == 'local' || $type == 'local_global') ? 1 : 0

772

);

773

}

774

}

775

776

$db->sql_multi_insert(ACL_OPTIONS_TABLE, $sql_ary);

777

778

$cache->destroy('_acl_options');

779

$this->acl_clear_prefetch();

780

781

return true;

782

}

783

784

/**

785

* Set a user or group ACL record

786

787

function acl_set($ug_type, $forum_id, $ug_id, $auth, $role_id = 0, $clear_prefetch = true)

788

{

789

global $db;

790

791

// One or more forums

792

if (!is_array($forum_id))

793

{

794

$forum_id = array($forum_id);

795

}

796

797

// One or more users

798

if (!is_array($ug_id))

799

{

800

$ug_id = array($ug_id);

801

}

802

803

$ug_id_sql = $db->sql_in_set($ug_type . '_id', array_map('intval', $ug_id));

804

$forum_sql = $db->sql_in_set('forum_id', array_map('intval', $forum_id));

805

806

// Instead of updating, inserting, removing we just remove all current settings and re-set everything...

807

$table = ($ug_type == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE;

808

$id_field = $ug_type . '_id';

809

810

// Get any flags as required

811

reset($auth);

812

$flag = key($auth);

813

$flag = substr($flag, 0, strpos($flag, '_') + 1);

814

815

// This ID (the any-flag) is set if one or more permissions are true...

816

$any_option_id = (int) $this->option_ids[$flag];

817

818

// Remove any-flag from auth ary

819

if (isset($auth[$flag]))

820

{

821

unset($auth[$flag]);

822

}

823

824

// Remove current auth options...

825

$auth_option_ids = array((int)$any_option_id);

826

foreach ($auth as $auth_option => $auth_setting)

827

{

828

$auth_option_ids[] = (int) $this->option_ids[$auth_option];

829

}

830

831

$sql = "DELETE FROM $table

832

WHERE $forum_sql

833

AND $ug_id_sql

834

AND " . $db->sql_in_set('auth_option_id', $auth_option_ids);

835

$db->sql_query($sql);

836

837

// Remove those having a role assigned... the correct type of course...

838

$sql = 'SELECT role_id

839

FROM ' . ACL_ROLES_TABLE . "

840

WHERE role_type = '" . $db->sql_escape($flag) . "'";

841

$result = $db->sql_query($sql);

842

843

$role_ids = array();

844

while ($row = $db->sql_fetchrow($result))

845

{

846

$role_ids[] = $row['role_id'];

847

}

848

$db->sql_freeresult($result);

849

850

if (sizeof($role_ids))

851

{

852

$sql = "DELETE FROM $table

853

WHERE $forum_sql

854

AND $ug_id_sql

855

AND auth_option_id = 0

856

AND " . $db->sql_in_set('auth_role_id', $role_ids);

857

$db->sql_query($sql);

858

}

859

860

// Ok, include the any-flag if one or more auth options are set to yes...

861

foreach ($auth as $auth_option => $setting)

862

{

863

if ($setting == ACL_YES && (!isset($auth[$flag]) || $auth[$flag] == ACL_NEVER))

864

{

865

$auth[$flag] = ACL_YES;

866

}

867

}

868

869

$sql_ary = array();

870

foreach ($forum_id as $forum)

871

{

872

$forum = (int) $forum;

873

874

if ($role_id)

875

{

876

foreach ($ug_id as $id)

877

{

878

$sql_ary[] = array(

879

$id_field => (int) $id,

880

'forum_id' => (int) $forum,

881

'auth_option_id' => 0,

882

'auth_setting' => 0,

883

'auth_role_id' => (int) $role_id,

884

);

885

}

886

}

887

else

888

{

889

foreach ($auth as $auth_option => $setting)

890

{

891

$auth_option_id = (int) $this->option_ids[$auth_option];

892

893

if ($setting != ACL_NO)

894

{

895

foreach ($ug_id as $id)

896

{

897

$sql_ary[] = array(

898

$id_field => (int) $id,

899

'forum_id' => (int) $forum,

900

'auth_option_id' => (int) $auth_option_id,

901

'auth_setting' => (int) $setting

902

);

903

}

904

}

905

}

906

}

907

}

908

909

$db->sql_multi_insert($table, $sql_ary);

910

911

if ($clear_prefetch)

912

{

913

$this->acl_clear_prefetch();

914

}

915

}

916

917

/**

918

* Set a role-specific ACL record

919

920

function acl_set_role($role_id, $auth)

921

{

922

global $db;

923

924

// Get any-flag as required

925

reset($auth);

926

$flag = key($auth);

927

$flag = substr($flag, 0, strpos($flag, '_') + 1);

928

929

// Remove any-flag from auth ary

930

if (isset($auth[$flag]))

931

{

932

unset($auth[$flag]);

933

}

934

935

// Re-set any flag...

936

foreach ($auth as $auth_option => $setting)

937

{

938

if ($setting == ACL_YES && (!isset($auth[$flag]) || $auth[$flag] == ACL_NEVER))

939

{

940

$auth[$flag] = ACL_YES;

941

}

942

}

943

944

$sql_ary = array();

945

foreach ($auth as $auth_option => $setting)

946

{

947

$auth_option_id = (int) $this->option_ids[$auth_option];

948

949

if ($setting != ACL_NO)

950

{

951

$sql_ary[] = array(

952

'role_id' => (int) $role_id,

953

'auth_option_id' => (int) $auth_option_id,

954

'auth_setting' => (int) $setting

955

);

956

}

957

}

958

959

// If no data is there, we set the any-flag to ACL_NEVER...

960

if (!sizeof($sql_ary))

961

{

962

$sql_ary[] = array(

963

'role_id' => (int) $role_id,

964

'auth_option_id' => (int) $this->option_ids[$flag],

965

'auth_setting' => ACL_NEVER

966

);

967

}

968

969

// Remove current auth options...

970

$sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '

971

WHERE role_id = ' . $role_id;

972

$db->sql_query($sql);

973

974

// Now insert the new values

975

$db->sql_multi_insert(ACL_ROLES_DATA_TABLE, $sql_ary);

976

977

$this->acl_clear_prefetch();

978

}

979

980

/**

981

* Remove local permission

982

983

function acl_delete($mode, $ug_id = false, $forum_id = false, $permission_type = false)

984

{

985

global $db;

986

987

if ($ug_id === false && $forum_id === false)

988

{

989

return;

990

}

991

992

$option_id_ary = array();

993

$table = ($mode == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE;

994

$id_field = $mode . '_id';

995

996

$where_sql = array();

997

998

if ($forum_id !== false)

999

{

1000

$where_sql[] = (!is_array($forum_id)) ? 'forum_id = ' . (int) $forum_id : $db->sql_in_set('forum_id', array_map('intval', $forum_id));

1001

}

1002

1003

if ($ug_id !== false)

1004

{

1005

$where_sql[] = (!is_array($ug_id)) ? $id_field . ' = ' . (int) $ug_id : $db->sql_in_set($id_field, array_map('intval', $ug_id));

1006

}

1007

1008

// There seem to be auth options involved, therefore we need to go through the list and make sure we capture roles correctly

1009

if ($permission_type !== false)

1010

{

1011

// Get permission type

1012

$sql = 'SELECT auth_option, auth_option_id

1013

FROM ' . ACL_OPTIONS_TABLE . "

1014

WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char);

1015

$result = $db->sql_query($sql);

1016

1017

$auth_id_ary = array();

1018

while ($row = $db->sql_fetchrow($result))

1019

{

1020

$option_id_ary[] = $row['auth_option_id'];

1021

$auth_id_ary[$row['auth_option']] = ACL_NO;

1022

}

1023

$db->sql_freeresult($result);

1024

1025

// First of all, lets grab the items having roles with the specified auth options assigned

1026

$sql = "SELECT auth_role_id, $id_field, forum_id

1027

FROM $table, " . ACL_ROLES_TABLE . " r

1028

WHERE auth_role_id <> 0

1029

AND auth_role_id = r.role_id

1030

AND r.role_type = '{$permission_type}'

1031

AND " . implode(' AND ', $where_sql) . '

1032

ORDER BY auth_role_id';

1033

$result = $db->sql_query($sql);

1034

1035

$cur_role_auth = array();

1036

while ($row = $db->sql_fetchrow($result))

1037

{

1038

$cur_role_auth[$row['auth_role_id']][$row['forum_id']][] = $row[$id_field];

1039

}

1040

$db->sql_freeresult($result);

1041

1042

// Get role data for resetting data

1043

if (sizeof($cur_role_auth))

1044

{

1045

$sql = 'SELECT ao.auth_option, rd.role_id, rd.auth_setting

1046

FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_ROLES_DATA_TABLE . ' rd

1047

WHERE ao.auth_option_id = rd.auth_option_id

1048

AND ' . $db->sql_in_set('rd.role_id', array_keys($cur_role_auth));

1049

$result = $db->sql_query($sql);

1050

1051

$auth_settings = array();

1052

while ($row = $db->sql_fetchrow($result))

1053

{

1054

// We need to fill all auth_options, else setting it will fail...

1055

if (!isset($auth_settings[$row['role_id']]))

1056

{

1057

$auth_settings[$row['role_id']] = $auth_id_ary;

1058

}

1059

$auth_settings[$row['role_id']][$row['auth_option']] = $row['auth_setting'];

1060

}

1061

$db->sql_freeresult($result);

1062

1063

// Set the options

1064

foreach ($cur_role_auth as $role_id => $auth_row)

1065

{

1066

foreach ($auth_row as $f_id => $ug_row)

1067

{

1068

$this->acl_set($mode, $f_id, $ug_row, $auth_settings[$role_id], 0, false);

1069

}

1070

}

1071

}

1072

}

1073

1074

// Now, normally remove permissions...

1075

if ($permission_type !== false)

1076

{

1077

$where_sql[] = $db->sql_in_set('auth_option_id', array_map('intval', $option_id_ary));

1078

}

1079

1080

$sql = "DELETE FROM $table

1081

WHERE " . implode(' AND ', $where_sql);

1082

$db->sql_query($sql);

1083

1084

$this->acl_clear_prefetch();

1085

}

1086

1087

/**

1088

* Assign category to template

1089

* used by display_mask()

1090

1091

function assign_cat_array(&$category_array, $tpl_cat, $tpl_mask, $ug_id, $forum_id, $show_trace = false, $s_view)

1092

{

1093

global $template, $user, $phpbb_admin_path, $phpEx;

1094

1095

@reset($category_array);

1096

while (list($cat, $cat_array) = each($category_array))

1097

{

1098

$template->assign_block_vars($tpl_cat, array(

1099

'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false,

1100

'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,

1101

'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false,

1102

1103

'CAT_NAME' => $user->lang['permission_cat'][$cat])

1104

);

1105

1106

/* Sort permissions by name (more naturaly and user friendly than sorting by a primary key)

1107

* Commented out due to it's memory consumption and time needed

1108

1109

$key_array = array_intersect(array_keys($user->lang), array_map(create_function('$a', 'return "acl_" . $a;'), array_keys($cat_array['permissions'])));

1110

$values_array = $cat_array['permissions'];

1111

1112

$cat_array['permissions'] = array();

1113

1114

foreach ($key_array as $key)

1115

{

1116

$key = str_replace('acl_', '', $key);

1117

$cat_array['permissions'][$key] = $values_array[$key];

1118

}

1119

unset($key_array, $values_array);

1120

1121

@reset($cat_array['permissions']);

1122

while (list($permission, $allowed) = each($cat_array['permissions']))

1123

{

1124

if ($s_view)

1125

{

1126

$template->assign_block_vars($tpl_cat . '.' . $tpl_mask, array(

1127

'S_YES' => ($allowed == ACL_YES) ? true : false,

1128

'S_NEVER' => ($allowed == ACL_NEVER) ? true : false,

1129

1130

'UG_ID' => $ug_id,

1131

'FORUM_ID' => $forum_id,

1132

'FIELD_NAME' => $permission,

1133

'S_FIELD_NAME' => 'setting[' . $ug_id . '][' . $forum_id . '][' . $permission . ']',

1134

1135

'U_TRACE' => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission") : '',

1136

'UA_TRACE' => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '',

1137

1138

'PERMISSION' => $user->lang['acl_' . $permission]['lang'])

1139

);

1140

}

1141

else

1142

{

1143

$template->assign_block_vars($tpl_cat . '.' . $tpl_mask, array(

1144

'S_YES' => ($allowed == ACL_YES) ? true : false,

1145

'S_NEVER' => ($allowed == ACL_NEVER) ? true : false,

1146

'S_NO' => ($allowed == ACL_NO) ? true : false,

1147

1148

'UG_ID' => $ug_id,

1149

'FORUM_ID' => $forum_id,

1150

'FIELD_NAME' => $permission,

1151

'S_FIELD_NAME' => 'setting[' . $ug_id . '][' . $forum_id . '][' . $permission . ']',

1152

1153

'U_TRACE' => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission") : '',

1154

'UA_TRACE' => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '',

1155

1156

'PERMISSION' => $user->lang['acl_' . $permission]['lang'])

1157

);

1158

}

1159

}

1160

}

1161

}

1162

1163

/**

1164

* Building content array from permission rows with explicit key ordering

1165

* used by display_mask()

1166

1167

function build_permission_array(&$permission_row, &$content_array, &$categories, $key_sort_array)

1168

{

1169

global $user;

1170

1171

foreach ($key_sort_array as $forum_id)

1172

{

1173

if (!isset($permission_row[$forum_id]))

1174

{

1175

continue;

1176

}

1177

1178

$permissions = $permission_row[$forum_id];

1179

ksort($permissions);

1180

1181

@reset($permissions);

1182

while (list($permission, $auth_setting) = each($permissions))

1183

{

1184

if (!isset($user->lang['acl_' . $permission]))

1185

{

1186

$user->lang['acl_' . $permission] = array(

1187

'cat' => 'misc',

1188

'lang' => '{ acl_' . $permission . ' }'

1189

);

1190

}

1191

1192

$cat = $user->lang['acl_' . $permission]['cat'];

1193

1194

// Build our categories array

1195

if (!isset($categories[$cat]))

1196

{

1197

$categories[$cat] = $user->lang['permission_cat'][$cat];

1198

}

1199

1200

// Build our content array

1201

if (!isset($content_array[$forum_id]))

1202

{

1203

$content_array[$forum_id] = array();

1204

}

1205

1206

if (!isset($content_array[$forum_id][$cat]))

1207

{

1208

$content_array[$forum_id][$cat] = array(

1209

'S_YES' => false,

1210

'S_NEVER' => false,

1211

'S_NO' => false,

1212

'permissions' => array(),

1213

);

1214

}

1215

1216

$content_array[$forum_id][$cat]['S_YES'] |= ($auth_setting == ACL_YES) ? true : false;

1217

$content_array[$forum_id][$cat]['S_NEVER'] |= ($auth_setting == ACL_NEVER) ? true : false;

1218

$content_array[$forum_id][$cat]['S_NO'] |= ($auth_setting == ACL_NO) ? true : false;

1219

1220

$content_array[$forum_id][$cat]['permissions'][$permission] = $auth_setting;

1221

}

1222

}

1223

}

1224

1225

/**

1226

* Use permissions from another user. This transferes a permission set from one user to another.

1227

* The other user is always able to revert back to his permission set.

1228

* This function does not check for lower/higher permissions, it is possible for the user to gain

1229

* "more" permissions by this.

1230

* Admin permissions will not be copied.

1231

1232

function ghost_permissions($from_user_id, $to_user_id)

1233

{

1234

global $db;

1235

1236

if ($to_user_id == ANONYMOUS)

1237

{

1238

return false;

1239

}

1240

1241

$hold_ary = $this->acl_raw_data($from_user_id, false, false);

1242

1243

if (isset($hold_ary[$from_user_id]))

1244

{

1245

$hold_ary = $hold_ary[$from_user_id];

1246

}

1247

1248

// Key 0 in $hold_ary are global options, all others are forum_ids

1249

1250

// We disallow copying admin permissions

1251

foreach ($this->acl_options['global'] as $opt => $id)

1252

{

1253

if (strpos($opt, 'a_') === 0)

1254

{

1255

$hold_ary[0][$opt] = ACL_NEVER;

1256

}

1257

}

1258

1259

// Force a_switchperm to be allowed

1260

$hold_ary[0]['a_switchperm'] = ACL_YES;

1261

1262

$user_permissions = $this->build_bitstring($hold_ary);

1263

1264

if (!$user_permissions)

1265

{

1266

return false;

1267

}

1268

1269

$sql = 'UPDATE ' . USERS_TABLE . "

1270

SET user_permissions = '" . $db->sql_escape($user_permissions) . "',

1271

user_perm_from = $from_user_id

1272

WHERE user_id = " . $to_user_id;

1273

$db->sql_query($sql);

1274

1275

return true;

1276

}

1277

}

1278

1279

b'\\ No newline at end of file'

Older »