<?php require_once($INC . "/util.inc.php"); require_once($INC . "/log.inc.php"); require_once($INC . "/sql.inc.php"); require_once($INC . "/user.inc.php"); require_once($INC . "/git.inc.php"); define("RG_RIGHTS_FILL_EXISTS", 1); $rg_rights = array(); $rg_rights_error = ""; function rg_rights_set_error($str) { global $rg_rights_error; $rg_rights_error = $str; } function rg_rights_error() { global $rg_rights_error; return $rg_rights_error; } /* * Register a set of rights */ function rg_rights_register($type, $rights) { global $rg_rights; $rg_rights[$type] = $rights; } /* * Enforce correct chars */ function rg_rights_fix($rights) { return preg_replace("/[^A-Za-z0-9]/", "", $rights); } /* * Combine two repo rights strings */ function rg_rights_combine($a, $b) { $len = strlen($b); for ($i = 0; $i < $len; $i++) if (!strstr($a, $b[$i])) $a .= $b[$i]; return $a; } /* * Returns all possible rights */ function rg_rights_all($type) { global $rg_rights; if (!isset($rg_rights[$type])) { rg_log("WARN: type [$type] is not registered!"); return ""; } $ret = ""; foreach ($rg_rights[$type] as $letter => $junk) $ret = rg_rights_combine($ret, $letter); return $ret; } /* * Rights -> form */ function rg_rights_checkboxes($type, $passed_rights) { global $rg_rights; if (!isset($rg_rights[$type])) { rg_internal_error("[$type] is not registered!"); return ""; } $ret = ""; foreach ($rg_rights[$type] as $right => $info) { $add = ""; if (strstr($passed_rights, $right)) $add = " checked=\"checked\""; $ret .= "<input type=\"checkbox\" name=\"rights[$right]\"" . $add . " />$info<br />\n"; } return $ret; } /* * List rights as text */ function rg_rights_text($type, $rights) { global $rg_rights; $ret = array(); $len = strlen($rights); if ($len == 0) return array("None"); for ($i = 0; $i < $len; $i++) { if (isset($rg_rights[$type][$rights[$i]])) $ret[] = $rg_rights[$type][$rights[$i]]; else $ret[] = "?" . $rights[$i] . "?"; } return $ret; } /* * Transforms rights array into a string */ function rg_rights_a2s($a) { $rights = ""; // TODO - log backtrace instead being silent if (is_array($a)) foreach ($a as $right => $junk) $rights .= $right; return rg_rights_fix($rights); } /* * Get rights for an object */ function rg_rights_get($db, $type, $obj_id, $uid) { global $rg_rights; rg_log("rg_rights_get: type=$type obj_id=$obj_id uid=$uid..."); $ret = array(); $ret['ok'] = 0; $ret['rights'] = ""; if ($uid == 0) { $ret['ok'] = 1; return $ret; } $sql = "SELECT itime, rights FROM rights" . " WHERE type = '$type'" . " AND uid = $uid" . " AND obj_id = $obj_id" . " LIMIT 1"; $res = rg_sql_query($db, $sql); if ($res === FALSE) { rg_rights_set_error("cannot get info (" . rg_sql_error() . ")!"); return $ret; } $ret['ok'] = 1; $ret['exists'] = 0; $rows = rg_sql_num_rows($res); if ($rows > 0) $row = rg_sql_fetch_array($res); rg_sql_free_result($res); if ($rows > 0) { $ret['itime'] = $row['itime']; $ret['rights'] = $row['rights']; $ret['exists'] = 1; } rg_log("\tdb rights: [" . $ret['rights'] . "]."); return $ret; } /* * Set rights for an object */ function rg_rights_set($db, $type, $obj_id, $uid, $rights) { rg_log("rg_rights_set: type=$type obj_id=$obj_id" . ", uid=$uid, rights=$rights..."); $cond = " type = '$type' AND uid = $uid AND obj_id = $obj_id"; if (empty($rights)) { $sql = "DELETE FROM rights" . " WHERE $cond"; } else { $r = rg_rights_get($db, $type, $obj_id, $uid); if ($r['ok'] != 1) return $r; rg_log("r: " . rg_array2string($r)); if ($r['exists'] == 1) { $sql = "UPDATE rights" . " SET rights = '$rights'" . " WHERE $cond"; } else { $itime = time(); $sql = "INSERT INTO rights (type, uid, obj_id, rights" . ", itime)" . " VALUES ('$type', $uid, $obj_id, '$rights'" . ", $itime)"; } } $res = rg_sql_query($db, $sql); if ($res === FALSE) { rg_rights_set_error("cannot alter rights (" . rg_sql_error() . ")!"); return FALSE; } rg_sql_free_result($res); return TRUE; } /* * Returns an array with the rights */ function rg_rights_load($db, $type, $obj_id) { global $rg_rights; rg_prof_start("rights_list"); rg_log("rg_rights_list: type=$type obj_id=$obj_id"); $ret = FALSE; do { $sql = "SELECT * FROM rights" . " WHERE type = '$type'" . " AND obj_id = $obj_id"; $res = rg_sql_query($db, $sql); if ($res === FALSE) { rg_rights_set_error("cannot get info (" . rg_sql_error() . ")!"); break; } $ret = array(); while (($row = rg_sql_fetch_array($res))) { $row['username'] = "?"; $_ui = rg_user_info($db, $row['uid'], "", ""); if ($_ui['exists'] == 1) $row['username'] = $_ui['username']; $_r = rg_rights_text($type, $row['rights']); $row['rights_text'] = implode(", ", $_r); $row['itime_text'] = gmdate("Y-m-d H:i", $row['itime']); // To avoid confusion $row['right_uid'] = $row['uid']; unset($row['uid']); $ret[] = $row; } rg_sql_free_result($res); } while (0); rg_prof_end("rights_list"); return $ret; } /* * Filters var using mask * Example ("ABCDE", "AEZ") => "AE" */ function rg_rights_mask($val, $mask) { $ret = ""; $len = strlen($val); for ($i = 0; $i < $len; $i++) if (strstr($mask, $val[$i]) && !strstr($ret, $val[$i])) $ret .= $val[$i]; return $ret; } /* * Returns TRUE if all 'needed_rights' are included in 'rights' */ function rg_rights_allow($rights, $needed_rights) { $r = rg_rights_mask($rights, $needed_rights); if (strcmp($r, $needed_rights) != 0) { rg_log("rights_allow: [$r] != [$needed_rights]!"); return FALSE; } return TRUE; } ?>