PHP PermissionManager::FullAccess 예제들

예제 #1

파일: module_user_general.php 프로젝트: abbeet/server39

 /**
  * Authorises a user against a campaign
  * @param <type> $campaignId
  * @return <type>
  */
 public function CampaignAuth($campaignId, $fullObject = false)
 {
     $auth = new PermissionManager($this->db, $this);
     $SQL = '';
     $SQL .= 'SELECT UserID ';
     $SQL .= '  FROM `campaign` ';
     $SQL .= ' WHERE campaign.CampaignID = %d ';
     if (!($ownerId = $this->db->GetSingleValue(sprintf($SQL, $campaignId), 'UserID', _INT))) {
         return $auth;
     }
     // If we are the owner, or a super admin then give full permissions
     if ($this->usertypeid == 1 || $ownerId == $this->userid) {
         $auth->FullAccess();
         return $auth;
     }
     // Permissions for groups the user is assigned to, and Everyone
     $SQL = '';
     $SQL .= 'SELECT UserID, MAX(IFNULL(View, 0)) AS View, MAX(IFNULL(Edit, 0)) AS Edit, MAX(IFNULL(Del, 0)) AS Del ';
     $SQL .= '  FROM `campaign` ';
     $SQL .= '   INNER JOIN lkcampaigngroup ';
     $SQL .= '   ON lkcampaigngroup.CampaignID = campaign.CampaignID ';
     $SQL .= '   INNER JOIN `group` ';
     $SQL .= '   ON `group`.GroupID = lkcampaigngroup.GroupID ';
     $SQL .= ' WHERE campaign.CampaignID = %d ';
     $SQL .= '   AND (`group`.IsEveryone = 1 OR `group`.GroupID IN (%s)) ';
     $SQL .= 'GROUP BY campaign.UserID ';
     $SQL = sprintf($SQL, $campaignId, implode(',', $this->GetUserGroups($this->userid, true)));
     //Debug::LogEntry('audit', $SQL);
     if (!($row = $this->db->GetSingleRow($SQL))) {
         return $auth;
     }
     // There are permissions to evaluate
     $auth->Evaluate($row['UserID'], $row['View'], $row['Edit'], $row['Del']);
     if ($fullObject) {
         return $auth;
     }
     return $auth->edit;
 }