function fn_check_admin_permissions(&$schema, $controller, $mode, $request_method = '', $request_variables = array())
{
static $usergroup_privileges;
if (empty($_SESSION['auth']['usergroup_ids'])) {
$_schema = isset($schema['root']) ? $schema['root'] : array();
} else {
$_schema = $schema;
}
if (isset($_schema[$controller])) {
// Check if permissions set for certain mode
if (isset($_schema[$controller]['modes']) && isset($_schema[$controller]['modes'][$mode])) {
if (isset($_schema[$controller]['modes'][$mode]['permissions'])) {
$permission = is_array($_schema[$controller]['modes'][$mode]['permissions']) ? $_schema[$controller]['modes'][$mode]['permissions'][$request_method] : $_schema[$controller]['modes'][$mode]['permissions'];
if (isset($_schema[$controller]['modes'][$mode]['condition'])) {
$condition = $_schema[$controller]['modes'][$mode]['condition'];
}
} elseif (!empty($request_variables) & !empty($_schema[$controller]['modes'][$mode]['param_permissions'])) {
$permission = fn_get_request_param_permissions($_schema[$controller]['modes'][$mode]['param_permissions'], $request_variables);
}
}
// Check common permissions
if (empty($permission) && !empty($_schema[$controller]['permissions'])) {
$permission = is_array($_schema[$controller]['permissions']) ? $_schema[$controller]['permissions'][$request_method] : $_schema[$controller]['permissions'];
if (isset($_schema[$controller]['condition'])) {
$condition = $_schema[$controller]['condition'];
}
}
if (empty($permission)) {
// This controller does not have permission checking
return true;
} else {
if (empty($usergroup_privileges)) {
$usergroup_privileges = db_get_fields("SELECT privilege FROM ?:usergroup_privileges WHERE usergroup_id IN(?n)", $_SESSION['auth']['usergroup_ids']);
$usergroup_privileges = !empty($usergroup_privileges) ? array_unique($usergroup_privileges) : array('__EMPTY__');
}
$result = in_array($permission, $usergroup_privileges);
if (isset($condition)) {
if ($condition['operator'] == 'or') {
return $result || fn_execute_permission_condition($condition);
} elseif ($condition['operator'] == 'and') {
return $result && fn_execute_permission_condition($condition);
}
}
return $result;
}
}
return true;
}
function fn_check_admin_permissions(&$schema, $controller, $mode, $request_method = '', $request_variables = array())
{
if (isset($schema[$controller])) {
// Check if permissions set for certain mode
if (isset($schema[$controller]['modes']) && isset($schema[$controller]['modes'][$mode])) {
if (isset($schema[$controller]['modes'][$mode]['permissions'])) {
$permission = is_array($schema[$controller]['modes'][$mode]['permissions']) ? $schema[$controller]['modes'][$mode]['permissions'][$request_method] : $schema[$controller]['modes'][$mode]['permissions'];
if (isset($schema[$controller]['modes'][$mode]['condition'])) {
$condition = $schema[$controller]['modes'][$mode]['condition'];
}
} elseif (!empty($request_variables['table']) && isset($schema[$controller]['modes'][$mode]['param_permissions']['table_names'][$request_variables['table']])) {
$permission = $schema[$controller]['modes'][$mode]['param_permissions']['table_names'][$request_variables['table']];
}
}
// Check common permissions
if (empty($permission) && !empty($schema[$controller]['permissions'])) {
$permission = is_array($schema[$controller]['permissions']) ? $schema[$controller]['permissions'][$request_method] : $schema[$controller]['permissions'];
if (isset($schema[$controller]['condition'])) {
$condition = $schema[$controller]['condition'];
}
}
if (empty($permission)) {
// This controller does not have permission checking
return true;
} else {
$exists = db_get_field("SELECT privilege FROM ?:usergroup_privileges WHERE usergroup_id IN(?n) AND privilege = ?s", $_SESSION['auth']['usergroup_ids'], $permission);
$result = !empty($exists);
if (isset($condition)) {
if ($condition['operator'] == 'or') {
return $result || fn_execute_permission_condition($condition);
} elseif ($condition['operator'] == 'and') {
return $result && fn_execute_permission_condition($condition);
}
}
return $result;
}
}
return true;
}
