예제 #1
0
파일: Key.php 프로젝트: HaldunA/phpwebsite
 /**
  * added limitations to a select query to only pull rows that
  * the user is allowed to see. This function does does not work alone.
  * it requires a database object to already be started.
  *
  * The user module MUST be active for this function to work.
  * This Key function cannot be called without it.
  *
  * If the user is a deity or an unrestricted user, no change will be made
  * to your db object.
  *
  */
 public static function restrictView($db, $module = null, $check_dates = true, $source_table = null)
 {
     $now = time();
     if (empty($source_table)) {
         $source_table = $db->tables[0];
     }
     if ($source_table == 'phpws_key') {
         if (!isset($db->tables[1])) {
             return PHPWS_Error::get(KEY_RESTRICT_NO_TABLE, 'core', 'Key::restrictView');
         }
         $source_table = $db->tables[1];
         $key_table = true;
     } else {
         $key_table = false;
     }
     if (!$key_table) {
         $db->addJoin('left', $source_table, 'phpws_key', 'key_id', 'id');
     } else {
         $db->addJoin('left', 'phpws_key', $source_table, 'id', 'key_id');
     }
     $db->addWhere("{$source_table}.key_id", '0', null, null, 'base');
     $db->addWhere('phpws_key.active', 1, null, null, 'active');
     $db->groupIn('active', 'base');
     $db->setGroupConj('active', 'or');
     if (Current_User::isDeity() || isset($module) && Current_User::isUnrestricted($module)) {
         return;
     }
     if ($check_dates) {
         $db->addWhere('phpws_key.show_after', $now, '<', null, 'active');
         $db->addWhere('phpws_key.hide_after', $now, '>', null, 'active');
     }
     if (!Current_User::isLogged()) {
         $db->addWhere('phpws_key.restricted', 0, null, 'and', 'active');
         return;
     } else {
         $groups = Current_User::getGroups();
         if (empty($groups)) {
             return;
         }
         $db->addJoin('left', 'phpws_key', 'phpws_key_view', 'id', 'key_id');
         // if key only has a level 1 restriction, a logged user can view it
         $db->addWhere('phpws_key.restricted', KEY_LOGGED_RESTRICTED, '<=', null, 'restrict_1');
         $db->setGroupConj('restrict_1', 'and');
         // at level 2, the user must be in a group given view permissions
         $db->addWhere('phpws_key.restricted', KEY_GROUP_RESTRICTED, '=', null, 'restrict_2');
         $db->addWhere('phpws_key_view.group_id', $groups, 'in', null, 'restrict_2');
         $db->setGroupConj('restrict_2', 'or');
         if (empty($module)) {
             $levels = Current_User::getUnrestrictedLevels();
             if (!empty($levels)) {
                 $db->addWhere('phpws_key.module', $levels, null, null, 'permission');
                 $db->groupIn('permission', 'restrict_2');
             }
         }
         $db->groupIn('restrict_1', 'base');
         $db->groupIn('restrict_2', 'restrict_1');
     }
 }