/** * Determines the groups a user is in. * * @author Martin Helmich <*****@*****.**> * @version 2007-06-06 * @param int $user_id The UID of the user whose groups are to be * determined. * @return array An array containing all groups the user is a * member of. */ function getUserGroupList($user_id) { if ($user_id == $GLOBALS['TSFE']->fe_user->user['uid']) { $groups = $GLOBALS['TSFE']->fe_user->user['usergroup']; } else { $res = $this->databaseHandle->exec_SELECTquery('usergroup', 'fe_users', 'uid=' . intval($user_id)); if ($this->databaseHandle->sql_num_rows($res) == 0) { return 0; } else { list($groups) = $this->databaseHandle->sql_fetch_row($res); } } $aGroup = GeneralUtility::intExplode(',', $groups); $aGroup = tx_mmforum_tools::processArray_numeric($aGroup); return $aGroup; }
/** * Determines if the current user may write in a certain board. * @param mixed $forum The board identifier. This may either be a board UID pointing to * a record in the tx_mmforum_forums table or an associative array * already containing this record. * @return boolean TRUE, if the user that is currently logged in may write in the * specified board, otherwise FALSE. * @author Martin Helmich <*****@*****.**> */ function getMayWrite_forum($forum) { $userId = $this->getUserID(); // If no user is logged in, return FALSE at once. if (!$userId) { return false; } // If the $forum parameter is no array, treat the parameter as forum UID instead if (!is_array($forum)) { // Parse to int for security reasons $forum = intval($forum); // Search for result in cache. In case of a hit, return the result at once. $cacheRes = $this->cache->restore('getMayWrite_forum_' . $userId . '_' . $forum); if ($cacheRes !== null) { return $cacheRes; } // Otherwise load the complete board record. $forum = $this->getBoardData($forum); } /* If this has not been done already, look into the cache now * and return the result in the case of a hit. */ if (!isset($cacheRes)) { $cacheRes = $this->cache->restore('getMayWrite_forum_' . $userId . '_' . $forum['uid']); if ($cacheRes !== null) { return $cacheRes; } } /* If the current user has moderation or even administration * access to this board, just return TRUE in any case. */ if ($this->getIsModOrAdmin($forum['uid'])) { return true; } // If the forum has got a parent category, check the access rights for this category, too. if ($forum['parentID']) { if (!$this->getMayWrite_forum($forum['parentID'])) { return false; } } // Load all groups that have write access to this forum $authWrite = tx_mmforum_tools::getParentUserGroups($forum['grouprights_write']); /* If no groups with write access have been specified, everyone * can write, so just return true. */ $authWrite = GeneralUtility::intExplode(',', $authWrite); $authWrite = $this->tools->processArray_numeric($authWrite); if (count($authWrite) == 0) { $this->cache->save('getMayWrite_forum_' . $userId . '_' . $forum['uid'], true); return true; } // Load current user's groups $groups = $GLOBALS['TSFE']->fe_user->groupData['uid']; $groups = tx_mmforum_tools::processArray_numeric($groups); /* Check if the user is in the base user group. If this is not the * case, the user is not allowed to write anywhere. */ if (!in_array($this->getBaseUserGroup(), $groups)) { $this->cache->save("getMayWrite_forum_{$userId}_{$forum['uid']}", false); return false; } /* Determine the intersection between the user's groups and the groups * with write access. If the intersect count is bigger than 0, this means * that the user is in at least one group that has write access, so * return TRUE in this case. */ $intersect = array_intersect($authWrite, $groups); $result = count($intersect) > 0; // Write result to cache and return $this->cache->save('getMayWrite_forum_' . $userId . '_' . $forum['uid'], $result); return $result; }
/** * Determines if the user that is currently logged in is allowed to create a poll. * This function determines if the user that is currently logged * in is allowed to create a poll. This checks if polls are enabled in * general and if poll creation is limited to certain user groups. * * @param tx_mmforum_base $pObj * @return boolean TRUE, if the current user may create a post, otherwise false. * @version 2007-05-22 */ function getMayCreatePoll($pObj) { if (!$pObj->conf['polls.']['enable']) { return false; } if ($pObj->conf['polls.']['restrictToGroups']) { $authPolls = GeneralUtility::intExplode(',', $pObj->conf['polls.']['restrictToGroups']); $groups = $GLOBALS['TSFE']->fe_user->groupData['uid']; $authPolls = tx_mmforum_tools::processArray_numeric($authPolls); $groups = tx_mmforum_tools::processArray_numeric($groups); if (count($authPolls) == 0) { return true; } $i = array_intersect($authPolls, $groups); return count($i) > 0; } return true; }
/** * Generates a MySQL-query to determine in which boards the current user may read. * * @param string $prefix * @return string A MySQL-WHERE-query, beginning with "AND", checking which boards the * user that is currently logged in may read in. * @author Martin Helmich <*****@*****.**> */ function getMayRead_forum_query($prefix = '') { if (strlen($prefix) > 0) { $prefix = "{$prefix}."; } if (!$GLOBALS['TSFE']->fe_user->user) { return " AND (" . $prefix . "grouprights_read='')"; } $groups = $GLOBALS['TSFE']->fe_user->groupData['uid']; $groups = tx_mmforum_tools::processArray_numeric($groups); $queryParts = array(); foreach ($groups as $group) { $queryParts[] = "FIND_IN_SET({$group}," . $prefix . "grouprights_read)"; } $query = implode(' OR ', $queryParts); $query = " AND (({$query}) OR " . $prefix . "grouprights_read='') "; return $query; }
/** * Translates a commaseperated list of group UIDs into a list of group names. * * @author Martin Helmich <*****@*****.**> * @version 2007-24-11 * @param string $content The commaseperated list of group UIDs * @param array $conf A configuration array that is not actually used. * @return string A list of group names. */ function getUserGroupList($content, $conf = array()) { $groups = GeneralUtility::intExplode(',', $content); $groups = tx_mmforum_tools::processArray_numeric($groups); $sGroups = array(); foreach ($groups as $group) { if ($GLOBALS['tx_mmforum_tools']['grpCache'][$group]) { $sGroups[] = $GLOBALS['tx_mmforum_tools']['grpCache'][$group]; } else { $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('title', 'fe_groups', 'uid = ' . intval($group)); list($grouptitle) = $GLOBALS['TYPO3_DB']->sql_fetch_row($res); $GLOBALS['tx_mmforum_tools']['grpCache'][$group] = $grouptitle; $sGroups[] = $grouptitle; } } return implode(', ', $sGroups); }
/** * Generates a MySQL-query to determine in which boards the current user may read. * @param string $prefix * @return string $prefix A MySQL-WHERE-query, beginning with "AND", checking which boards the * user that is currently logged in may read in. * @author Martin Helmich <*****@*****.**> */ function getMayRead_forum_query($prefix = '') { $userId = $this->getUserID(); // First search for query in cache. In case of a hit, just return the result. $cacheRes = $this->cache->restore('getMayRead_forum_query_' . $userId . '_' . $prefix); if ($cacheRes !== null) { return $cacheRes; } // If the user is an administrator, just return a dummy query. if ($this->getIsAdmin()) { return ' AND 1 '; } // If no user is logged in, select only boards where no read access is specified. */ $dprefix = strlen($prefix) > 0 ? $prefix . '.' : ''; if (!$GLOBALS['TSFE']->fe_user->user) { $this->cache->save('getMayRead_forum_query_' . $userId . '_' . $prefix, $query = ' AND (' . $dprefix . 'grouprights_read=\'\')'); return $query; } // Get all groups the current user is a member of. $groups = $GLOBALS['TSFE']->fe_user->groupData['uid']; $groups = tx_mmforum_tools::processArray_numeric($groups); $queryParts = NULL; // If the user is not in any group, build a subquery that always returns FALSE. if (!is_array($groups) || count($groups) == 0) { $queryParts = '1=2'; } else { foreach ($groups as $group) { $queryParts[] = 'FIND_IN_SET(' . $group . ', ' . $dprefix . 'grouprights_read)'; } } $query = is_array($queryParts) ? implode(' OR ', $queryParts) : $queryParts; $query = ' AND ((' . $query . ') OR ' . $dprefix . 'grouprights_read=\'\') '; // Store query to cache and return. $this->cache->save('getMayRead_forum_query_' . $userId . '_' . $prefix, $query); return $query; }