/** * Sets up a list to only return items the proper user can access */ public function setupPermissions() { $u = new User(); if ($u->isSuperUser() || $this->ignorePermissions) { return; // super user always sees everything. no need to limit } $groups = $u->getUserGroups(); $groupIDs = array(); foreach ($groups as $key => $value) { $groupIDs[] = $key; } $uID = -1; if ($u->isRegistered()) { $uID = $u->getUserID(); } $date = Loader::helper('date')->getLocalDateTime(); if ($this->includeAliases) { $cInheritPermissionsFromCID = 'if(p2.cID is null, p1.cInheritPermissionsFromCID, p2.cInheritPermissionsFromCID)'; } else { $cInheritPermissionsFromCID = 'p1.cInheritPermissionsFromCID'; } if (PERMISSIONS_MODEL != 'simple') { // support timed release $this->filter(false, "((select count(cID) from PagePermissions pp1 where pp1.cID = {$cInheritPermissionsFromCID} and\n\t\t\t\t((pp1.cgPermissions like 'r%' and cv.cvIsApproved = 1) or (pp1.cgPermissions like '%rv%')) and (\n\t\t\t\t\t(pp1.gID in (" . implode(',', $groupIDs) . ") or pp1.uID = {$uID})\n\t\t\t\t\tand \n\t\t\t\t\t\t(pp1.cgStartDate is null or pp1.cgStartDate <= '{$date}')\n\t\t\t\t\tand \n\t\t\t\t\t\t(pp1.cgEndDate is null or pp1.cgEndDate >= '{$date}')\n\t\t\t\t)) > 0 or (p1.cPointerExternalLink !='' AND p1.cPointerExternalLink IS NOT NULL ))"); } else { $this->filter(false, "(((select count(cID) from PagePermissions pp1 where pp1.cID = {$cInheritPermissionsFromCID} and pp1.cgPermissions like 'r%' and (pp1.gID in (" . implode(',', $groupIDs) . ") or pp1.uID = {$uID}))) > 0 or (p1.cPointerExternalLink !='' AND p1.cPointerExternalLink IS NOT NULL))"); } }
protected function setupFilePermissions() { $u = new User(); if ($this->permissionLevel == false || $u->isSuperUser()) { return false; } $vs = FileSetPermissions::getOverriddenSets($this->permissionLevel, FilePermissions::PTYPE_ALL); $nvs = FileSetPermissions::getOverriddenSets($this->permissionLevel, FilePermissions::PTYPE_NONE); $vsm = FileSetPermissions::getOverriddenSets($this->permissionLevel, FilePermissions::PTYPE_MINE); // we remove all the items from nonviewableSets that appear in viewableSets because viewing trumps non-viewing for ($i = 0; $i < count($nvs); $i++) { if (in_array($nvs[$i], $vs)) { unset($nvs[$i]); } } // we have $nvs, which is an array of sets of files that we CANNOT see // first, we add -1 so that we are always dealing with an array that at least has one value, just for // query writing sanity sake $nvs[] = -1; $vs[] = -1; $vsm[] = -1; //$this->debug(); // this excludes all file that are found in sets that I can't find $this->filter(false, '((select count(fID) from FileSetFiles where FileSetFiles.fID = f.fID and fsID in (' . implode(',', $nvs) . ')) = 0)'); $uID = $u->isRegistered() ? $u->getUserID() : 0; // This excludes all files found in sets where I may only read mine, and I did not upload the file $this->filter(false, '(f.uID = ' . $uID . ' or (select count(fID) from FileSetFiles where FileSetFiles.fID = f.fID and fsID in (' . implode(',', $vsm) . ')) = 0)'); $fp = FilePermissions::getGlobal(); if ($fp->getFileSearchLevel() == FilePermissions::PTYPE_MINE) { // this means that we're only allowed to read files we've uploaded (unless, of course, those files are in previously covered sets) $this->filter(false, '(f.uID = ' . $uID . ' or (select count(fID) from FileSetFiles where FileSetFiles.fID = f.fID and fsID in (' . implode(',', $vs) . ')) > 0)'); } // now we filter out files we directly don't have access to $groups = $u->getUserGroups(); $groupIDs = array(); foreach ($groups as $key => $value) { $groupIDs[] = $key; } $uID = -1; if ($u->isRegistered()) { $uID = $u->getUserID(); } if (PERMISSIONS_MODEL != 'simple') { // There is a really stupid MySQL bug that, if the subquery returns null, the entire query is nullified // So I have to do this query OUTSIDE of MySQL and give it to mysql $db = Loader::db(); $fIDs = $db->GetCol("select Files.fID from Files inner join FilePermissions on FilePermissions.fID = Files.fID where fOverrideSetPermissions = 1 and (FilePermissions.gID in (" . implode(',', $groupIDs) . ") or FilePermissions.uID = {$uID}) having max(" . $this->permissionLevel . ") = 0"); if (count($fIDs) > 0) { $this->filter(false, "(f.fID not in (" . implode(',', $fIDs) . "))"); } } }
public function __construct($f = null) { if ($f == null) { return false; } $u = new User(); $adm = $u->isSuperUser(); if ($adm) { $this->permissions['canRead'] = FilePermissions::PTYPE_ALL; $this->permissions['canWrite'] = FilePermissions::PTYPE_ALL; $this->permissions['canAdmin'] = FilePermissions::PTYPE_ALL; } else { $db = Loader::db(); $groups = $u->getUserGroups(); $inStr = '(' . implode(',', array_keys($groups)) . ')'; $_uID = $u->getUserID() > -1 ? " or uID = " . $u->getUserID() : ""; $fID = $f->getFileID(); $p = $db->GetRow("select max(canAdmin) as canAdmin, max(canRead) as canRead, max(canSearch) as canSearch, max(canWrite) as canWrite from FilePermissions where fID = {$fID} and (gID in {$inStr} {$_uID})"); $this->permissions = $p; } if ($this->permissions['canRead'] == FilePermissions::PTYPE_ALL) { $this->permissionSet .= 'r:'; } if ($this->permissions['canSearch'] == FilePermissions::PTYPE_ALL) { $this->permissionSet .= 'sch:'; } if ($this->permissions['canWrite'] == FilePermissions::PTYPE_ALL) { $this->permissionSet .= 'wa:'; } if ($this->permissions['canAdmin'] == FilePermissions::PTYPE_ALL) { $this->permissionSet .= 'adm:'; } }
public function can($obj = false) { if (!$this->tpID) { return false; } $db = Loader::db(); if ($obj) { if (is_a($obj, 'Group')) { $r = $db->GetOne("select count(tpID) from TaskPermissionUserGroups where tpID = {$this->tpID} and canRead = 1 and gID = ?", $obj->getGroupID()); } else { $r = $db->GetOne("select count(tpID) from TaskPermissionUserGroups where tpID = {$this->tpID} and canRead = 1 and uID = ?", $obj->getUserID()); } } else { // check against logged in user $u = new User(); if ($u->isSuperUser()) { return true; } $groups = $u->getUserGroups(); $groupIDs = array(); foreach ($groups as $key => $value) { $groupIDs[] = $key; } $uID = -1; if ($u->isRegistered()) { $uID = $u->getUserID(); } // checks based on uID and gIDs $r = $db->GetOne("select count(tpID) from TaskPermissionUserGroups where tpID = {$this->tpID} and canRead = 1 and (gID in (" . implode(',', $groupIDs) . ") or uID = " . $uID . ")"); } return $r > 0; }
echo '<td>' . $row->place . '</td>'; echo '</tr>'; } echo '</table> </div>'; } else { echo '<h3 class="text-muted" style="margin-top:75px";>You Have No Upcoming Events...</h3>'; } ?> </div> </div> <div class="row placeholders panel panel-primary" > <div class="panel-heading" style="margin-bottom:20px; text-align: left; font-size: 20px;">Your Groups</div> <?php $groups = $user->getUserGroups(); // echo("<script>console.log('results_row: ".json_encode($groups)."');</script>"); echo '<div class="panel-body">'; $r = false; if ($groups->num_rows >= 1) { $r = true; } if ($r) { while ($row2 = $groups->fetch_object()) { // echo("<script>console.log('results_row: ".json_encode($row2)."');</script>"); echo '<div class="col-xs-6 col-sm-3 placeholder" style="margin-bottom:0px;">'; echo '<button onclick="location.href = ' . "'" . "/Views/Groups/open.php?group=" . $row2->id_group . "'" . ';" class="btn btn-flat btn-primary" style="padding: 3px;border-radius: 50%;" data-toggle="tooltip" data-placement="bottom" title="" data-original-title="Profile">'; echo '<img src="/images/stock/members.png" width="100" height="100" class="img-responsive" alt="Generic placeholder thumbnail">'; echo '</button>'; echo '<h4>' . $row2->name . '</h4>'; echo '<span class="text-muted">' . $row2->description . '</span>';
function getAllUserGroups() { if (func_num_args() == 0) { return array('description' => t('List of all user groups')); } Loader::model('user'); $u = new User(); $groups_names = $u->getUserGroups(); $count = count($groups_names) - 1; $last = $groups_names[$count]; unset($groups_names[$count]); $str = join(", ", $groups_names); if ($count > 0) { $str .= ' ' . t('and') . ' ' . $last; } return $str; }