/** The permission engine. This function decides wether a specific function is allowed or not depending the rights of the current user. @param $dir Directory in which the action should happen. If this parameter is NULL the engine checks the global permissions of the user. @param $file File on which the action should happen, if this parameter is NULL the permission engine checks the user permissions on the directory. @param $action One ore more action of the action set (see permissions_get) which sould be exectuted. More actions are seperated by a &. Example: "read&write&password" grants only if user has all three permissions @return true if the action is granted, false otherwise @remarks Until now the permission engine does not support directory or file based actions, so only the global actions are treated. The paramers $dir and $file are ignored. This is for later use. However, if possible, provide the $dir and $file parameters so the code does not have to be chaned if the permission engine will support this features in the future. */ function permissions_grant($dir, $file, $action) { // determine if a user has logged in $user = session_get("s_user"); // if no user is logged in, use the global permissions if (!isset($user)) { return permissions_global($dir, $file, $action); } // check if the user currently logged in has the given rights return permissions_grant_user($user, $dir, $file, $action); }
/** print out the html permission table to modify user permissions. the name of the permission values are determined via the language interface. In case of there is no entry in the language table for this permission, the function uses the original permission name. */ function admin_print_permissions($username) { $permvalues = permissions_get(); echo "<TABLE>"; foreach ($permvalues as $name => $value) { // determine wether the option is already set $checked = permissions_grant_user($username, NULL, NULL, $name) ? "checked" : ""; $disabled = $username == "admin" && $name == "admin" ? "disabled" : ""; $desc = $GLOBALS["messages"]["miscpermissions"][$name][0]; $tooltip = $GLOBALS["messages"]["miscpermissions"][$name][1]; echo "<TR><TD>\n"; echo "\t\t<INPUT type=\"checkbox\" title=\"{$tooltip}\" name=\"permsettings[]\" value=\"{$value}\" {$checked} {$disabled} >\n"; echo isset($desc) ? $desc : $name; echo "</INPUT>"; echo "</TR></TD>"; } echo "</TABLE>"; }