/**
* Generates module specific actions
*
* @param $userId The user for whom the list of permitted actions must be computed.
* @param $pageId The page on which the permissible action for the user is computed
*
* @return $actionbar The list of permitted module specific actions for the 'user' of 'page'.
*/
function getActionbarModule($userId, $pageId)
{
$action_query = "SELECT perm_id, perm_action, perm_text FROM `" . MYSQL_DATABASE_PREFIX . "permissionlist` WHERE perm_action != 'create' AND page_module = '" . getEffectivePageModule($pageId) . "'";
$action_result = mysql_query($action_query);
$allow_login_query = "SELECT `value` FROM `" . MYSQL_DATABASE_PREFIX . "global` WHERE `attribute` = 'allow_login'";
$allow_login_result = mysql_query($allow_login_query);
$allow_login_result = mysql_fetch_array($allow_login_result);
$actionbarPage = array();
while ($action_row = mysql_fetch_assoc($action_result)) {
if (getPermissions($userId, $pageId, $action_row['perm_action'])) {
$actionbarPage[$action_row['perm_action']] = $action_row['perm_text'];
}
}
$actionbar = "<div id=\"cms-actionbarModule\">";
if (is_array($actionbarPage) > 0) {
foreach ($actionbarPage as $action => $actionname) {
if (!$allow_login_result[0] && $actionname == "View" && !$userId) {
continue;
}
$actionbar .= "<span class=\"cms-actionbarModuleItem\"><a class=\"robots-nofollow\" rel=\"nofollow\" href=\"./+{$action}\">{$actionname}</a></span>\n";
}
}
$actionbar .= "</div>";
return $actionbar;
}
function getPermissions($userid, $pageid, $action, $module = "")
{
if ($action != "admin" && getPermissions($userid, 0, "admin")) {
return true;
}
if ($module == "") {
$query = "SELECT 1 FROM `" . MYSQL_DATABASE_PREFIX . "permissionlist` WHERE page_module=\"page\" AND perm_action=\"{$action}\"";
$result = mysql_query($query);
if (mysql_num_rows($result) >= 1) {
$module = 'page';
} else {
$module = getEffectivePageModule($pageid);
}
}
$permission = false;
if ($module == "menu" || $module == "external") {
return getPermissions($userid, getParentPage($pageid), $action);
}
/// Find all groups the user belongs to, ordered by priority
/// For each group, starting with lowest priority, get permission for the page
$pagePath = array();
parseUrlDereferenced($pageid, $pagePath);
foreach (getGroupIds($userid) as $groupid) {
if ($permission === true) {
break;
}
$permission = getPagePermission($pagePath, $groupid, $action, $module);
}
if ($permission === false) {
$permission = getPagePermission($pagePath, $userid, $action, $module, 'user');
}
return $permission;
}
/**
* Determines the module type of a given page
* @param $pageid Page id of the page, whose module name is to be determined
* @return String containing the module name of the given page
*/
function getEffectivePageModule($pageId)
{
$pagemodule_query = "SELECT `page_module`, `page_modulecomponentid` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_id`='" . $pageId . "'";
$pagemodule_result = mysql_query($pagemodule_query);
$pagemodule_row = mysql_fetch_assoc($pagemodule_result);
if ($pagemodule_row['page_module'] == "link") {
return getEffectivePageModule($pagemodule_row['page_modulecomponentid']);
}
return $pagemodule_row['page_module'];
}
