get_status_permvalue PHPのコード例

コード例 #1

0

ファイルを表示

ファイル: _comment.class.php プロジェクト: ldanielz/uesp.blog

 /**
  * Check if comment public or limited public status was changed. Limited public status is like community or protected.
  *
  * @return boolean false if status was not changed or neither the previous nor current status is public or limited public, true otherwise
  */
 function check_publish_status_changed()
 {
     if (!isset($this->previous_status) || $this->previous_status == $this->status) {
         // Status was not changed
         return false;
     }
     $previous_status_permvalue = get_status_permvalue($this->previous_status);
     $current_status_permvalue = get_status_permvalue($this->status);
     $published_statuses_permvalue = get_status_permvalue('published_statuses');
     if ($current_status_permvalue & $published_statuses_permvalue) {
         // status has been changed to another public or limited public status
         return true;
     }
     if ($previous_status_permvalue & $published_statuses_permvalue) {
         // srevious status was  public or limited public status, but current status is not
         return true;
     }
     // This comment was not publsihed before and it is not published now either
     return false;
 }

コード例 #2

0

ファイルを表示

ファイル: _coll_perm_view.funcs.php プロジェクト: Ariflaw/b2evolution

/**
 * Get perm post/comment statuses for a user or group
 * 
 * @param object db row
 * @param string the prefix of the db row: 'bloguser_' or 'bloggroup_'
 * @param string current perm status
 * @param string the title of the chekbox
 * @param string the type of the permission: 'post' or 'comment'
 */
function coll_perm_status_checkbox($row, $prefix, $perm_status, $title, $type)
{
    global $edited_Blog, $permission_to_change_admin;
    $row_id_coll = get_id_coll_from_prefix($prefix);
    $default_status = NULL;
    switch ($type) {
        case 'post':
            $perm_statuses = 'perm_poststatuses';
            $type_param = '';
            break;
        case 'comment':
            $perm_statuses = 'perm_cmtstatuses';
            if (!check_default_create_comment_perm($row->{$perm_statuses})) {
                // Doesn't have at least as high comment create permission as anonymous users have
                $default_status = $edited_Blog->get_setting('new_feedback_status');
            }
            $type_param = 'cmt_';
            break;
        default:
            debug_die('Invalid $type param on advanced perms form!');
    }
    $r = '<input type="checkbox"';
    if (!empty($id)) {
        $r .= ' id="' . $id . '"';
    }
    $r .= ' name="blog_perm_' . $perm_status . '_' . $type_param . $row->{$row_id_coll} . '"';
    if ($prefix == 'bloguser_' && $edited_Blog->owner_user_ID == $row->user_ID) {
        // Collection owner has the permissions to edit all item/comment statuses by default
        $r .= ' checked="checked" disabled="disabled"';
    } else {
        // Not owner
        if (get_status_permvalue($perm_status) & $row->{$perm_statuses}) {
            $r .= ' checked="checked"';
        }
        if (!$permission_to_change_admin && $row->{$prefix . 'perm_admin'}) {
            $r .= ' disabled="disabled"';
        }
    }
    if ($perm_status == $default_status) {
        $title .= "\n" . T_('Note: Anonymous users may create comments with this status. You will probably want to give the same permission to this user/group.');
    }
    $r .= ' class="checkbox" value="1" title="' . $title . '" />';
    if ($perm_status == $default_status) {
        // This is the default comment status checkbox, and user has no permission to create comment with this status ( like anonymous users ) or a higher status
        $r = '<span class="red-bordered-checkbox">' . $r . '</span>';
    }
    return $r;
}

コード例 #3

0

ファイルを表示

ファイル: _user.class.php プロジェクト: Ariflaw/b2evolution

 /**
  * Check if the user has the given role in any blog
  *
  * @param string role name, available values ( post_owner, moderator )
  * @return mixed NULL if the given roll name is not defined or there are no blogs, true if the user is super admin, 0 if the user doesn't have the given role, positive number otherwise
  */
 function check_role($rolename)
 {
     global $DB;
     if ($this->check_perm('blogs', 'editall')) {
         // if user has global editall blogs permission then it has any kind of role in all blogs
         return true;
     }
     switch ($rolename) {
         case 'post_owner':
             // User is considerated as a post owner, if already has at least one post, or he has right to create posts
             if ($this->get_num_posts() > 0) {
                 // User already has at least one post
                 return true;
             }
             $role_conditions = array('perm_poststatuses' => array('IS NOT NULL', '<> ""'));
             break;
         case 'member':
             // User has member role if is member of at least one blog
             $role_conditions = array('ismember' => array('IS NOT NULL', '<> 0'));
             break;
         case 'comment_editor':
             // User has permission to edit some other users comments at least in one status
             $role_conditions = array('perm_edit_cmt' => array('IS NOT NULL', '<> "no"', '<> "own"'), 'perm_cmtstatuses' => array('IS NOT NULL', '<> 0'));
             break;
         case 'comment_moderator':
             // set comment moderator perm names
             $edit_perm_name = 'perm_edit_cmt';
             $statuses_perm_name = 'perm_cmtstatuses';
         case 'post_moderator':
             if ($rolename == 'post_moderator') {
                 // set post moderator perm names
                 $edit_perm_name = 'perm_edit';
                 $statuses_perm_name = 'perm_poststatuses';
             }
             // User is a moderator if has moderator permission at least in one blog
             // A moderator must have permissions to create post/comment with at least two statuses from moderation statuses + published status
             $check_statuses = get_visibility_statuses('moderation');
             // Create addition of statuses perm values
             $perms_value = get_status_permvalue('published');
             foreach ($check_statuses as $status) {
                 $perms_value = $perms_value + get_status_permvalue($status);
             }
             // Check if user has permission to edit other comments than his own and has create permission on at least two statuses defined above
             $role_conditions = array($edit_perm_name => array('IS NOT NULL', '<> "no"', '<> "own"'), $statuses_perm_name => array('IS NOT NULL', 'BIT_COUNT( $perm_field$ & ' . $perms_value . ' ) > 1'));
             break;
         default:
             // roll with the given roll name is not defined
             return NULL;
     }
     $where_clause = '';
     $perm_prefixes = array('bloguser_', 'bloggroup_');
     foreach ($perm_prefixes as $prefix) {
         // Check requred perms on blogusers and bloggroups as well
         $where_part = '';
         foreach ($role_conditions as $perm_name => $conditions) {
             // Go through each required permission
             $perm_field = $prefix . $perm_name;
             foreach ($conditions as $condition) {
                 // Check all defined conditions and join with 'AND' operator
                 if (strpos($condition, '$perm_field$') !== false) {
                     // The $perm_filed must be replaced in the middle of the condition
                     $where_part .= '( ' . str_replace('$perm_field$', $perm_field, $condition) . ' ) AND ';
                 } else {
                     // The $perm_filed must be added into the beginning of the condition
                     $where_part .= '( ' . $perm_field . ' ' . $condition . ' ) AND ';
                 }
             }
         }
         // Remove the last ' AND ' from the end of this where clause part
         $where_part = substr($where_part, 0, strlen($where_part) - 5);
         // Add the created conditions to the final where clause
         $where_clause .= '( ' . $where_part . ' )';
         if ($prefix != 'bloggroup_') {
             // 'bloggroup_' perm check is the last, but everywhere else we need an 'OR' operator
             $where_clause .= ' OR ';
         }
     }
     // Count blog ids where this user has the required permissions for the given role
     $SQL = new SQL();
     $SQL->SELECT('count( blog_ID )');
     $SQL->FROM('T_blogs');
     $SQL->FROM_add('LEFT JOIN T_coll_user_perms ON (blog_advanced_perms <> 0 AND blog_ID = bloguser_blog_ID AND bloguser_user_ID = ' . $this->ID . ' )');
     $SQL->FROM_add('LEFT JOIN T_coll_group_perms ON (blog_advanced_perms <> 0 AND blog_ID = bloggroup_blog_ID AND bloggroup_group_ID = ' . $this->grp_ID . ' )');
     $SQL->WHERE('blog_owner_user_ID = ' . $this->ID);
     $SQL->WHERE_or($where_clause);
     return $DB->get_var($SQL->get(), 0, NULL, 'Check user role in all blogs');
 }

コード例 #4

0

ファイルを表示

ファイル: _comment_moderation_reminder.job.php プロジェクト: ldanielz/uesp.blog

 $cmt_count = 0;
 foreach ($comments_map[$blog_ID] as $status => $content) {
     $status_perm_value = get_status_permvalue($status);
     if ($perms['perm_statuses'] & $status_perm_value) {
         // User has permission to edit comments with this status
         // TODO asimo> Here probably we should also check if user is able to deprecate/recycle the comment.
         // Check if User has permission to raise comment status
         $ordered_statuses = get_visibility_statuses('ordered-index');
         $raise_status_allowed = false;
         $current_status_found = false;
         foreach ($ordered_statuses as $ordered_status => $order_index) {
             if ($ordered_status == $status) {
                 $current_status_found = true;
             } elseif ($current_status_found && $order_index !== 0) {
                 // This is a higher status then the currently checked status
                 $ordered_status_perm_value = get_status_permvalue($ordered_status);
                 if ($perms['perm_statuses'] & $ordered_status_perm_value) {
                     // User has permission to a higher status, so the comment status can be raised
                     $raise_status_allowed = true;
                     break;
                 }
             }
         }
         if (!$raise_status_allowed) {
             // User is not allowed to raise these comment statuses
             continue;
         }
         // Check if the comment author level allows the edit permission
         foreach ($content as $level => $count) {
             switch ($perms['perm_edit']) {
                 case 'all':

コード例 #5

0

ファイルを表示

ファイル: _item.class.php プロジェクト: Ariflaw/b2evolution

 /**
  * Provide link to publish a post to the highest available public status for the current User
  *
  * @param $params
  * @return boolean true if link was displayed false otherwise
  */
 function highest_publish_link($params = array())
 {
     global $current_User, $admin_url;
     if (!is_logged_in(false)) {
         return false;
     }
     $params = array_merge(array('before' => '', 'after' => '', 'text' => '#', 'before_text' => '', 'after_text' => '', 'title' => '', 'class' => '', 'glue' => '&amp;', 'save_context' => true, 'redirect_to' => ''), $params);
     $curr_status_permvalue = get_status_permvalue($this->status);
     // get the current User highest publish status for this item Blog
     list($highest_status, $publish_text) = get_highest_publish_status('post', $this->get_blog_ID());
     // Get binary value of the highest available status
     $highest_status_permvalue = get_status_permvalue($highest_status);
     if ($curr_status_permvalue >= $highest_status_permvalue || $highest_status_permvalue <= get_status_permvalue('private')) {
         // Current User has no permission to change this comment status to a more public status
         return false;
     }
     if (!$current_User->check_perm('item_post!' . $highest_status, 'edit', false, $this)) {
         // User has no right to edit this post
         return false;
     }
     $glue = $params['glue'];
     $text = $params['text'] == '#' ? $publish_text : $params['text'];
     $r = $params['before'];
     $r .= '<a href="' . $admin_url . '?ctrl=items' . $glue . 'action=publish' . $glue . 'post_status=' . $highest_status . $glue . 'post_ID=' . $this->ID . $glue . url_crumb('item');
     if ($params['redirect_to']) {
         $r .= $glue . 'redirect_to=' . rawurlencode($params['redirect_to']);
     } elseif ($params['save_context']) {
         $r .= $glue . 'redirect_to=' . rawurlencode(regenerate_url('', '', '', '&'));
     }
     $r .= '" title="' . $params['title'] . '"';
     if (!empty($params['class'])) {
         $r .= ' class="' . $params['class'] . '"';
     }
     $r .= '>' . $params['before_text'] . $text . $params['after_text'] . '</a>';
     $r .= $params['after'];
     echo $r;
     return true;
 }

コード例 #6

0

ファイルを表示

ファイル: _comment.funcs.php プロジェクト: ldanielz/uesp.blog

/**
 * Create comment form submit buttons
 *
 * Note: Publsih in only displayed when comment is in draft status
 *
 * @param $Form
 * @param $edited_Comment
 *
 */
function echo_comment_buttons($Form, $edited_Comment)
{
    global $Blog, $current_User, $highest_publish_status;
    // ---------- SAVE ------------
    $Form->submit(array('actionArray[update]', T_('Save!'), 'SaveButton'));
    // ---------- PUBLISH ---------
    list($highest_publish_status, $publish_text) = get_highest_publish_status('comment', $Blog->ID);
    $current_status_value = get_status_permvalue($edited_Comment->status);
    $highest_status_value = get_status_permvalue($highest_publish_status);
    $Form->hidden('publish_status', $highest_publish_status);
    if ($current_status_value < $highest_status_value && $highest_publish_status != 'draft' && $current_User->check_perm('comment!' . $highest_publish_status, 'edit', false, $edited_Comment)) {
        // User may publish this comment with a "more public" status
        $publish_style = 'display: inline';
    } else {
        $publish_style = 'display: none';
    }
    $Form->submit(array('actionArray[update_publish]', $publish_text, 'SaveButton', '', $publish_style));
}

コード例 #7

0

ファイルを表示

ファイル: _user.funcs.php プロジェクト: ldanielz/uesp.blog

/**
 * Check blog advanced user/group permission
 *
 * @param array blog user or group advanced permission settings
 * @param integer the user ID for whow we are checking the permission
 * @param string permission name
 * @param string permission level
 * @param Object permission target which can be a Comment or an Item depends from the permission what we are checking
 * @return boolean true if checked User/Group has permission, false otherwise
 */
function check_blog_advanced_perm(&$blog_perms, $user_ID, $permname, $permlevel, $perm_target = NULL)
{
    if (empty($blog_perms)) {
        return false;
    }
    // Check if permission is granted:
    switch ($permname) {
        case 'stats':
            // Wiewing stats is the same perm as being authorized to edit properties: (TODO...)
            if ($permlevel == 'view') {
                return $blog_perms['blog_properties'];
            }
            // No other perm can be granted here (TODO...)
            return false;
        case 'blog_post_statuses':
            // We grant this permission only if user has rights to create posts with any status different then 'deprecated' or 'redirected'
            $deprecated_value = get_status_permvalue('deprecated');
            $redirected_value = get_status_permvalue('redirected');
            return (~($deprecated_value + $redirected_value) & $blog_perms['blog_post_statuses']) > 0;
        case 'blog_comment_statuses':
            // We grant this permission only if user has rights to create comments with any status different then 'deprecated'
            $deprecated_value = get_status_permvalue('deprecated');
            return (~$deprecated_value & $blog_perms['blog_cmt_statuses']) > 0;
        case 'blog_comments':
            $edit_permname = 'blog_edit_cmt';
            $perm = $blog_perms['blog_cmt_statuses'] > 0;
            break;
        case 'blog_post!published':
        case 'blog_post!community':
        case 'blog_post!protected':
        case 'blog_post!private':
        case 'blog_post!review':
        case 'blog_post!draft':
        case 'blog_post!deprecated':
        case 'blog_post!redirected':
            // We want a specific post permission:
            $status = substr($permname, 10);
            $edit_permname = 'blog_edit';
            $perm_statuses_value = $blog_perms['blog_post_statuses'];
            if (!empty($perm_target)) {
                $Item =& $perm_target;
                $creator_user_ID = $Item->creator_user_ID;
            }
            $perm = $perm_statuses_value & get_status_permvalue($status);
            break;
        case 'blog_comment!published':
        case 'blog_comment!community':
        case 'blog_comment!protected':
        case 'blog_comment!private':
        case 'blog_comment!review':
        case 'blog_comment!draft':
        case 'blog_comment!deprecated':
            // We want a specific comment permission:
            $status = substr($permname, 13);
            $edit_permname = 'blog_edit_cmt';
            $perm_statuses_value = $blog_perms['blog_cmt_statuses'];
            if (!empty($perm_target)) {
                $Comment =& $perm_target;
                $creator_user_ID = $Comment->author_user_ID;
            }
            $perm = $perm_statuses_value & get_status_permvalue($status);
            break;
        case 'files':
            switch ($permlevel) {
                case 'add':
                    return $blog_perms['blog_media_upload'];
                case 'view':
                    return $blog_perms['blog_media_browse'];
                case 'edit':
                    return $blog_perms['blog_media_change'];
                default:
                    return false;
            }
            break;
        case 'blog_edit':
        case 'blog_edit_cmt':
            if ($permlevel == 'no') {
                // Doesn't make sensce to check that the user has at least 'no' permission
                debug_die('Invalid edit pemlevel!');
            }
            $edit_permvalue = $blog_perms[$permname];
            switch ($edit_permvalue) {
                case 'all':
                    return true;
                case 'le':
                    return $permlevel != 'all';
                case 'lt':
                    return $permlevel != 'all' && $permlevel != 'le';
                case 'anon':
                    return $permlevel == 'anon' || $permlevel == 'own';
                case 'own':
                    return $permlevel == 'own';
                default:
                    return false;
            }
        default:
            return $blog_perms[$permname];
    }
    // TODO: the following probably should be handled by the Item class!
    if ($perm && ($permlevel == 'edit' || $permlevel == 'moderate') && (!empty($creator_user_ID) || !empty($Comment))) {
        // Can we edit this specific Item/Comment?
        $edit_permvalue = $blog_perms[$edit_permname];
        switch ($edit_permvalue) {
            case 'own':
                // Own posts/comments only:
                return $creator_user_ID == $user_ID;
            case 'lt':
                // Own + Lower level posts only:
            // Own + Lower level posts only:
            case 'le':
                // Own + Lower or equal level posts only:
                if (empty($creator_user_ID) || $creator_user_ID == $user_ID) {
                    // allow if the comment creator is not registered or it is the current User
                    return true;
                }
                $UserCache =& get_UserCache();
                // Get creator User
                $creator_User =& $UserCache->get_by_ID($creator_user_ID, false, false);
                // Get user for who we are checking this permission
                $User =& $UserCache->get_by_ID($user_ID, false, false);
                return $creator_User && $User && ($creator_User->level < $User->level || $edit_permvalue == 'le' && $creator_User->level == $User->level);
            case 'anon':
                // Anonymous comment or own comment ( This perm value may have only for comments )
                return empty($creator_user_ID) || $creator_user_ID == $user_ID;
            case 'all':
                return true;
            case 'no':
            default:
                return false;
        }
    }
    if ($perm && $permlevel == 'edit' && empty($creator_user_ID)) {
        return $blog_perms[$edit_permname] != 'no';
    }
    if ($perm && $permlevel == 'moderate' && empty($creator_user_ID)) {
        // check moderator rights
        return in_array($blog_perms[$edit_permname], array('anon', 'lt', 'le', 'all'));
    }
    return $perm;
}

コード例 #8

0

ファイルを表示

ファイル: _blog.funcs.php プロジェクト: ldanielz/uesp.blog

/**
 * Update the advanced user/group permissions for edited blog
 *
 * @param int Blog ID
 * @param string 'user' or 'group'
 */
function blog_update_perms($blog, $context = 'user')
{
    global $DB;
    /**
     * @var User
     */
    global $current_User;
    if ($context == 'user') {
        $table = 'T_coll_user_perms';
        $prefix = 'bloguser_';
        $ID_field = 'bloguser_user_ID';
    } else {
        $table = 'T_coll_group_perms';
        $prefix = 'bloggroup_';
        $ID_field = 'bloggroup_group_ID';
    }
    // Get affected user/group IDs:
    $IDs = param($context . '_IDs', '/^[0-9]+(,[0-9]+)*$/', '');
    $ID_array = explode(',', $IDs);
    // pre_dump( $ID_array );
    // Can the current user touch advanced admin permissions?
    if (!$current_User->check_perm('blog_admin', 'edit', false, $blog)) {
        // We have no permission to touch advanced admins!
        // echo 'restrict';
        // Get the users/groups which are adavnced admins
        $admins_ID_array = $DB->get_col("SELECT {$ID_field}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM {$table}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t WHERE {$ID_field} IN (" . implode(',', $ID_array) . ")\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND {$prefix}blog_ID = {$blog}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND {$prefix}perm_admin <> 0");
        // Take the admins out of the list:
        $ID_array = array_diff($ID_array, $admins_ID_array);
        // pre_dump( $ID_array );
    }
    // else echo 'adv admin';
    if (empty($ID_array)) {
        return;
    }
    // Delete old perms for this blog:
    $DB->query("DELETE FROM {$table}\n\t\t\t\t\t\t\t\tWHERE {$ID_field} IN (" . implode(',', $ID_array) . ")\n\t\t\t\t\t\t\t\t\t\t\tAND {$prefix}blog_ID = " . $blog);
    $inserted_values = array();
    foreach ($ID_array as $loop_ID) {
        // Check new permissions for each user:
        // echo "<br/>getting perms for $ID_field : $loop_ID <br />";
        // Use checkboxes
        $perm_post = array();
        $ismember = param('blog_ismember_' . $loop_ID, 'integer', 0);
        $perm_published = param('blog_perm_published_' . $loop_ID, 'string', '');
        if (!empty($perm_published)) {
            $perm_post[] = 'published';
        }
        $perm_community = param('blog_perm_community_' . $loop_ID, 'string', '');
        if (!empty($perm_community)) {
            $perm_post[] = 'community';
        }
        $perm_protected = param('blog_perm_protected_' . $loop_ID, 'string', '');
        if (!empty($perm_protected)) {
            $perm_post[] = 'protected';
        }
        $perm_private = param('blog_perm_private_' . $loop_ID, 'string', '');
        if (!empty($perm_private)) {
            $perm_post[] = 'private';
        }
        $perm_review = param('blog_perm_review_' . $loop_ID, 'string', '');
        if (!empty($perm_review)) {
            $perm_post[] = 'review';
        }
        $perm_draft = param('blog_perm_draft_' . $loop_ID, 'string', '');
        if (!empty($perm_draft)) {
            $perm_post[] = 'draft';
        }
        $perm_deprecated = param('blog_perm_deprecated_' . $loop_ID, 'string', '');
        if (!empty($perm_deprecated)) {
            $perm_post[] = 'deprecated';
        }
        $perm_redirected = param('blog_perm_redirected_' . $loop_ID, 'string', '');
        if (!empty($perm_redirected)) {
            $perm_post[] = 'redirected';
        }
        $perm_page = param('blog_perm_page_' . $loop_ID, 'integer', 0);
        $perm_intro = param('blog_perm_intro_' . $loop_ID, 'integer', 0);
        $perm_podcast = param('blog_perm_podcast_' . $loop_ID, 'integer', 0);
        $perm_sidebar = param('blog_perm_sidebar_' . $loop_ID, 'integer', 0);
        $perm_edit = param('blog_perm_edit_' . $loop_ID, 'string', 'no');
        $perm_delpost = param('blog_perm_delpost_' . $loop_ID, 'integer', 0);
        $perm_edit_ts = param('blog_perm_edit_ts_' . $loop_ID, 'integer', 0);
        $perm_delcmts = param('blog_perm_delcmts_' . $loop_ID, 'integer', 0);
        $perm_recycle_owncmts = param('blog_perm_recycle_owncmts_' . $loop_ID, 'integer', 0);
        $perm_vote_spam_comments = param('blog_perm_vote_spam_cmts_' . $loop_ID, 'integer', 0);
        $perm_cmtstatuses = 0;
        $perm_cmtstatuses += param('blog_perm_published_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('published') : 0;
        $perm_cmtstatuses += param('blog_perm_community_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('community') : 0;
        $perm_cmtstatuses += param('blog_perm_protected_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('protected') : 0;
        $perm_cmtstatuses += param('blog_perm_private_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('private') : 0;
        $perm_cmtstatuses += param('blog_perm_review_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('review') : 0;
        $perm_cmtstatuses += param('blog_perm_draft_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('draft') : 0;
        $perm_cmtstatuses += param('blog_perm_deprecated_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('deprecated') : 0;
        $perm_edit_cmt = param('blog_perm_edit_cmt_' . $loop_ID, 'string', 'no');
        $perm_cats = param('blog_perm_cats_' . $loop_ID, 'integer', 0);
        $perm_properties = param('blog_perm_properties_' . $loop_ID, 'integer', 0);
        if ($current_User->check_perm('blog_admin', 'edit', false, $blog)) {
            // We have permission to give advanced admins perm!
            $perm_admin = param('blog_perm_admin_' . $loop_ID, 'integer', 0);
        } else {
            $perm_admin = 0;
        }
        $perm_media_upload = param('blog_perm_media_upload_' . $loop_ID, 'integer', 0);
        $perm_media_browse = param('blog_perm_media_browse_' . $loop_ID, 'integer', 0);
        $perm_media_change = param('blog_perm_media_change_' . $loop_ID, 'integer', 0);
        // Update those permissions in DB:
        if ($ismember || count($perm_post) || $perm_delpost || $perm_edit_ts || $perm_delcmts || $perm_recycle_owncmts || $perm_vote_spam_comments || $perm_cmtstatuses || $perm_cats || $perm_properties || $perm_admin || $perm_media_upload || $perm_media_browse || $perm_media_change) {
            // There are some permissions for this user:
            $ismember = 1;
            // Must have this permission
            // insert new perms:
            $inserted_values[] = " ( {$blog}, {$loop_ID}, {$ismember}, " . $DB->quote(implode(',', $perm_post)) . ",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $DB->quote($perm_edit) . ",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$perm_delpost}, {$perm_edit_ts}, {$perm_delcmts}, {$perm_recycle_owncmts}, {$perm_vote_spam_comments}, {$perm_cmtstatuses},\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $DB->quote($perm_edit_cmt) . ",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$perm_cats}, {$perm_properties}, {$perm_admin}, {$perm_media_upload},\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$perm_media_browse}, {$perm_media_change}, {$perm_page},\t{$perm_intro}, {$perm_podcast},\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$perm_sidebar} )";
        }
    }
    // Proceed with insertions:
    if (count($inserted_values)) {
        $DB->query("INSERT INTO {$table}( {$prefix}blog_ID, {$ID_field}, {$prefix}ismember,\n\t\t\t\t\t\t\t\t\t\t\t{$prefix}perm_poststatuses, {$prefix}perm_edit, {$prefix}perm_delpost, {$prefix}perm_edit_ts,\n\t\t\t\t\t\t\t\t\t\t\t{$prefix}perm_delcmts, {$prefix}perm_recycle_owncmts, {$prefix}perm_vote_spam_cmts, {$prefix}perm_cmtstatuses, {$prefix}perm_edit_cmt,\n\t\t\t\t\t\t\t\t\t\t\t{$prefix}perm_cats, {$prefix}perm_properties, {$prefix}perm_admin,\n\t\t\t\t\t\t\t\t\t\t\t{$prefix}perm_media_upload, {$prefix}perm_media_browse, {$prefix}perm_media_change,\n\t\t\t\t\t\t\t\t\t\t\t{$prefix}perm_page, {$prefix}perm_intro, {$prefix}perm_podcast, {$prefix}perm_sidebar )\n\t\t\t\t\t\t\t\t\tVALUES " . implode(',', $inserted_values));
    }
}

コード例 #9

0

ファイルを表示

ファイル: _blog.funcs.php プロジェクト: Ariflaw/b2evolution

/**
 * Update the advanced user/group permissions for edited blog
 *
 * @param int Blog ID
 * @param string 'user' or 'group'
 */
function blog_update_perms($blog, $context = 'user')
{
    global $DB;
    /**
     * @var User
     */
    global $current_User;
    if ($context == 'user') {
        $table = 'T_coll_user_perms';
        $prefix = 'bloguser_';
        $ID_field = 'bloguser_user_ID';
    } else {
        $table = 'T_coll_group_perms';
        $prefix = 'bloggroup_';
        $ID_field = 'bloggroup_group_ID';
    }
    // Get affected user/group IDs:
    $IDs = param($context . '_IDs', '/^[0-9]+(,[0-9]+)*$/', '');
    $ID_array = explode(',', $IDs);
    // Can the current user touch advanced admin permissions?
    if (!$current_User->check_perm('blog_admin', 'edit', false, $blog)) {
        // We have no permission to touch advanced admins!
        // Get the users/groups which are advanced admins
        $admins_ID_array = $DB->get_col("SELECT {$ID_field}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM {$table}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t WHERE {$ID_field} IN (" . implode(',', $ID_array) . ")\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND {$prefix}blog_ID = {$blog}\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND {$prefix}perm_admin <> 0");
        // Take the admins out of the list:
        $ID_array = array_diff($ID_array, $admins_ID_array);
    }
    if (empty($ID_array)) {
        return;
    }
    // Delete old perms for this blog:
    $DB->query("DELETE FROM {$table}\n\t\t\t\t\t\t\t\tWHERE {$ID_field} IN (" . implode(',', $ID_array) . ")\n\t\t\t\t\t\t\t\t\t\t\tAND {$prefix}blog_ID = " . $blog);
    $inserted_values = array();
    foreach ($ID_array as $loop_ID) {
        // Check new permissions for each user:
        // Use checkboxes
        $perm_post = array();
        $ismember = param('blog_ismember_' . $loop_ID, 'integer', 0);
        $can_be_assignee = param('blog_can_be_assignee_' . $loop_ID, 'integer', 0);
        $perm_published = param('blog_perm_published_' . $loop_ID, 'string', '');
        if (!empty($perm_published)) {
            $perm_post[] = 'published';
        }
        $perm_community = param('blog_perm_community_' . $loop_ID, 'string', '');
        if (!empty($perm_community)) {
            $perm_post[] = 'community';
        }
        $perm_protected = param('blog_perm_protected_' . $loop_ID, 'string', '');
        if (!empty($perm_protected)) {
            $perm_post[] = 'protected';
        }
        $perm_private = param('blog_perm_private_' . $loop_ID, 'string', '');
        if (!empty($perm_private)) {
            $perm_post[] = 'private';
        }
        $perm_review = param('blog_perm_review_' . $loop_ID, 'string', '');
        if (!empty($perm_review)) {
            $perm_post[] = 'review';
        }
        $perm_draft = param('blog_perm_draft_' . $loop_ID, 'string', '');
        if (!empty($perm_draft)) {
            $perm_post[] = 'draft';
        }
        $perm_deprecated = param('blog_perm_deprecated_' . $loop_ID, 'string', '');
        if (!empty($perm_deprecated)) {
            $perm_post[] = 'deprecated';
        }
        $perm_redirected = param('blog_perm_redirected_' . $loop_ID, 'string', '');
        if (!empty($perm_redirected)) {
            $perm_post[] = 'redirected';
        }
        $perm_item_type = param('blog_perm_item_type_' . $loop_ID, 'string', 'standard');
        $perm_edit = param('blog_perm_edit_' . $loop_ID, 'string', 'no');
        $perm_delpost = param('blog_perm_delpost_' . $loop_ID, 'integer', 0);
        $perm_edit_ts = param('blog_perm_edit_ts_' . $loop_ID, 'integer', 0);
        $perm_delcmts = param('blog_perm_delcmts_' . $loop_ID, 'integer', 0);
        $perm_recycle_owncmts = param('blog_perm_recycle_owncmts_' . $loop_ID, 'integer', 0);
        $perm_vote_spam_comments = param('blog_perm_vote_spam_cmts_' . $loop_ID, 'integer', 0);
        $perm_cmtstatuses = 0;
        $perm_cmtstatuses += param('blog_perm_published_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('published') : 0;
        $perm_cmtstatuses += param('blog_perm_community_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('community') : 0;
        $perm_cmtstatuses += param('blog_perm_protected_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('protected') : 0;
        $perm_cmtstatuses += param('blog_perm_private_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('private') : 0;
        $perm_cmtstatuses += param('blog_perm_review_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('review') : 0;
        $perm_cmtstatuses += param('blog_perm_draft_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('draft') : 0;
        $perm_cmtstatuses += param('blog_perm_deprecated_cmt_' . $loop_ID, 'integer', 0) ? get_status_permvalue('deprecated') : 0;
        $perm_edit_cmt = param('blog_perm_edit_cmt_' . $loop_ID, 'string', 'no');
        $perm_cats = param('blog_perm_cats_' . $loop_ID, 'integer', 0);
        $perm_properties = param('blog_perm_properties_' . $loop_ID, 'integer', 0);
        if ($current_User->check_perm('blog_admin', 'edit', false, $blog)) {
            // We have permission to give advanced admins perm!
            $perm_admin = param('blog_perm_admin_' . $loop_ID, 'integer', 0);
        } else {
            $perm_admin = 0;
        }
        $perm_media_upload = param('blog_perm_media_upload_' . $loop_ID, 'integer', 0);
        $perm_media_browse = param('blog_perm_media_browse_' . $loop_ID, 'integer', 0);
        $perm_media_change = param('blog_perm_media_change_' . $loop_ID, 'integer', 0);
        // Update those permissions in DB:
        if ($ismember || $can_be_assignee || count($perm_post) || $perm_delpost || $perm_edit_ts || $perm_delcmts || $perm_recycle_owncmts || $perm_vote_spam_comments || $perm_cmtstatuses || $perm_cats || $perm_properties || $perm_admin || $perm_media_upload || $perm_media_browse || $perm_media_change) {
            // There are some permissions for this user:
            $ismember = 1;
            // Must have this permission
            // insert new perms:
            $inserted_values[] = " ( {$blog}, {$loop_ID}, {$ismember}, {$can_be_assignee}, " . $DB->quote(implode(',', $perm_post)) . ",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $DB->quote($perm_item_type) . ", " . $DB->quote($perm_edit) . ",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$perm_delpost}, {$perm_edit_ts}, {$perm_delcmts}, {$perm_recycle_owncmts}, {$perm_vote_spam_comments}, {$perm_cmtstatuses},\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $DB->quote($perm_edit_cmt) . ",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$perm_cats}, {$perm_properties}, {$perm_admin}, {$perm_media_upload},\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$perm_media_browse}, {$perm_media_change} )";
        }
    }
    // Proceed with insertions:
    if (count($inserted_values)) {
        $DB->query("INSERT INTO {$table}( {$prefix}blog_ID, {$ID_field}, {$prefix}ismember, {$prefix}can_be_assignee,\n\t\t\t\t\t\t\t\t\t\t\t{$prefix}perm_poststatuses, {$prefix}perm_item_type, {$prefix}perm_edit, {$prefix}perm_delpost, {$prefix}perm_edit_ts,\n\t\t\t\t\t\t\t\t\t\t\t{$prefix}perm_delcmts, {$prefix}perm_recycle_owncmts, {$prefix}perm_vote_spam_cmts, {$prefix}perm_cmtstatuses, {$prefix}perm_edit_cmt,\n\t\t\t\t\t\t\t\t\t\t\t{$prefix}perm_cats, {$prefix}perm_properties, {$prefix}perm_admin,\n\t\t\t\t\t\t\t\t\t\t\t{$prefix}perm_media_upload, {$prefix}perm_media_browse, {$prefix}perm_media_change )\n\t\t\t\t\t\t\t\t\tVALUES " . implode(',', $inserted_values));
    }
    // Unassign users from the items of the blog
    $DB->query('UPDATE T_items__item
			SET post_assigned_user_ID = NULL
		WHERE post_main_cat_ID IN
		  (
		    SELECT cat_ID
		      FROM T_categories
		     WHERE cat_blog_ID = ' . $DB->quote($blog) . '
		  )
		  AND post_assigned_user_ID NOT IN
		  (
		    SELECT bloguser_user_ID
		      FROM T_coll_user_perms
		     WHERE bloguser_can_be_assignee = 1
		       AND bloguser_blog_ID = ' . $DB->quote($blog) . '
		  )
		  AND post_assigned_user_ID NOT IN
		  (
		    SELECT user_ID
		      FROM T_users INNER JOIN T_coll_group_perms ON user_grp_ID = bloggroup_group_ID
		     WHERE bloggroup_can_be_assignee = 1
		       AND bloggroup_blog_ID = ' . $DB->quote($blog) . '
		  )');
    if ($DB->rows_affected > 0) {
        global $Messages;
        $Messages->add(sprintf('%d tasks have lost their assignee due to new permissions (this may include fixes to older inconsistencies in the DB).', $DB->rows_affected), 'warning');
    }
    // BLOCK CACHE INVALIDATION:
    BlockCache::invalidate_key('set_coll_ID', $blog);
    // Settings have changed
    BlockCache::invalidate_key('set_coll_ID', 'any');
    // Settings of a have changed (for widgets tracking a change on ANY blog)
    // cont_coll_ID  // Content has not changed
}

PHP get_status_permvalueの例