/** * Authorises a user against a campaign * @param <type> $campaignId * @return <type> */ public function CampaignAuth($campaignId, $fullObject = false) { $auth = new PermissionManager($this->db, $this); $SQL = ''; $SQL .= 'SELECT UserID '; $SQL .= ' FROM `campaign` '; $SQL .= ' WHERE campaign.CampaignID = %d '; if (!($ownerId = $this->db->GetSingleValue(sprintf($SQL, $campaignId), 'UserID', _INT))) { return $auth; } // If we are the owner, or a super admin then give full permissions if ($this->usertypeid == 1 || $ownerId == $this->userid) { $auth->FullAccess(); return $auth; } // Permissions for groups the user is assigned to, and Everyone $SQL = ''; $SQL .= 'SELECT UserID, MAX(IFNULL(View, 0)) AS View, MAX(IFNULL(Edit, 0)) AS Edit, MAX(IFNULL(Del, 0)) AS Del '; $SQL .= ' FROM `campaign` '; $SQL .= ' INNER JOIN lkcampaigngroup '; $SQL .= ' ON lkcampaigngroup.CampaignID = campaign.CampaignID '; $SQL .= ' INNER JOIN `group` '; $SQL .= ' ON `group`.GroupID = lkcampaigngroup.GroupID '; $SQL .= ' WHERE campaign.CampaignID = %d '; $SQL .= ' AND (`group`.IsEveryone = 1 OR `group`.GroupID IN (%s)) '; $SQL .= 'GROUP BY campaign.UserID '; $SQL = sprintf($SQL, $campaignId, implode(',', $this->GetUserGroups($this->userid, true))); //Debug::LogEntry('audit', $SQL); if (!($row = $this->db->GetSingleRow($SQL))) { return $auth; } // There are permissions to evaluate $auth->Evaluate($row['UserID'], $row['View'], $row['Edit'], $row['Del']); if ($fullObject) { return $auth; } return $auth->edit; }