$io->errln("No group name specified."); exit(PicCLI::EXIT_INPUT); } } $id = loadPicFile("helpers/id/group.php", array("name" => $name)); if (!$id) { $io->errln(sprintf("Group '%s' does not exist.", $name)); exit(PicCLI::EXIT_INPUT); } $idType = "groups"; $label = $name; } else { $io->errln("No ID type specified."); exit(PicCLI::EXIT_USAGE); } $select = PicDB::newSelect(); $select->cols(array("id"))->from("path_access")->where("path_id = :path_id")->where("auth_type = :auth_type")->where("id_type = :id_type")->where("auth_id = :auth_id")->bindValues(array("path_id" => $pathID, "auth_type" => $authType, "id_type" => $idType, "auth_id" => $id)); $row = PicDB::fetch($select, "one"); class PicPathAccessException extends Exception { public $mode; public $idType; public $label; public static function initE($mode, $idType, $label) { $e = new self(); $e->mode = $mode; $e->idType = $idType; $e->label = $label; throw $e; }
<?php if (empty($_POST)) { $appConf = loadPicFile("conf/app.json"); $pathSelect = PicDB::newSelect(); $pathSelect->cols(array("id", "name"))->from("paths")->where("id IN (:ids)")->bindValue("ids", Access::getAllowedPaths()); $templateVars = array("paths" => PicDB::fetch($pathSelect, "pairs"), "imageSizes" => $appConf["image_sizes"]); if (isset($appConf["mapbox"])) { $templateVars["mapboxConf"] = $appConf["mapbox"]; } loadPicTemplate("templates/filebrowser.phtml", $templateVars); exit; } $path = Access::getCurrentPath(); if (!empty($_POST["relpath"])) { $relpath = loadPicFile("helpers/filenamereject.php", array("filename" => $_POST["relpath"])); if (!is_dir($path->path . "/" . $relpath)) { sendError(404); } } use Symfony\Component\Finder\Finder; $directoryFinder = new Finder(); $directoryFinder->directories()->ignoreUnreadableDirs()->depth(0)->sortByName(); if ($path->hasPermission("symlinks")) { $directoryFinder->followLinks(); } if (!empty($relpath)) { $directoryFinder->path($relpath)->depth(substr_count($relpath, "/") + 1); } if ($path->hasPermission("nsfw") === false) { $directoryFinder->notPath("/.*\\/NSFW\\/.*/")->notPath("/NSFW\\/.*/")->notPath("/.*\\/NSFW/");
/** * @return PicPath */ public static function getCurrentPath() { if (self::$currentPath !== null) { return self::$currentPath; } $pathID = self::verifyCurrentPathAccess(); $pathSelect = PicDB::newSelect(); $pathSelect->cols(array("name", "path"))->from("paths")->where("id = :id")->bindValue("id", $pathID); $pathDetails = PicDB::fetch($pathSelect, "one"); $permSelect = PicDB::newSelect(); $permSelect->cols(array("permission"))->from("path_permissions")->where("path_id = :path_id")->bindValue("path_id", $pathID); $permissions = PicDB::fetch($permSelect, "col"); self::$currentPath = new PicPath($pathDetails["name"], $pathDetails["path"], $permissions); return self::$currentPath; }
<?php if ($authConfigJSON = PicConfCache::get("pathauth.json")) { $authConfig = json_decode($authConfigJSON, true); goto finalise; } $authConfigTemplate = ["allow" => ["users" => [], "groups" => []], "deny" => ["users" => [], "groups" => []]]; $pathIDSelect = PicDB::newSelect(); $pathIDSelect->cols(array("id"))->from("paths"); $pathIDs = PicDB::fetch($pathIDSelect, "col"); $authConfig = array(); foreach ($pathIDs as $pathID) { $authConfig[$pathID] = $authConfigTemplate; } $accessSelect = PicDB::newSelect(); $accessSelect->cols(array("path_id", "id_type", "auth_id"))->from("path_access")->where("auth_type = :auth_type"); $accessSelect->bindValue("auth_type", "allow"); $allowRows = PicDB::fetch($accessSelect, "group", PDO::FETCH_NAMED); $accessSelect->bindValue("auth_type", "deny"); $denyRows = PicDB::fetch($accessSelect, "group", PDO::FETCH_NAMED); foreach ($allowRows as $path => $allowRow) { foreach ($allowRow as $auth) { $authConfig[$path]["allow"][$auth["id_type"]][] = $auth["auth_id"]; } } foreach ($denyRows as $path => $denyRow) { foreach ($denyRow as $auth) { $authConfig[$path]["deny"][$auth["id_type"]][] = $auth["auth_id"]; } } PicConfCache::set("pathauth.json", $authConfig);