/**
* Determines the groups a user is in.
*
* @author Martin Helmich <*****@*****.**>
* @version 2007-06-06
* @param int $user_id The UID of the user whose groups are to be
* determined.
* @return array An array containing all groups the user is a
* member of.
*/
function getUserGroupList($user_id)
{
if ($user_id == $GLOBALS['TSFE']->fe_user->user['uid']) {
$groups = $GLOBALS['TSFE']->fe_user->user['usergroup'];
} else {
$res = $this->databaseHandle->exec_SELECTquery('usergroup', 'fe_users', 'uid=' . intval($user_id));
if ($this->databaseHandle->sql_num_rows($res) == 0) {
return 0;
} else {
list($groups) = $this->databaseHandle->sql_fetch_row($res);
}
}
$aGroup = GeneralUtility::intExplode(',', $groups);
$aGroup = tx_mmforum_tools::processArray_numeric($aGroup);
return $aGroup;
}
/**
* Determines if the current user may write in a certain board.
* @param mixed $forum The board identifier. This may either be a board UID pointing to
* a record in the tx_mmforum_forums table or an associative array
* already containing this record.
* @return boolean TRUE, if the user that is currently logged in may write in the
* specified board, otherwise FALSE.
* @author Martin Helmich <*****@*****.**>
*/
function getMayWrite_forum($forum)
{
$userId = $this->getUserID();
// If no user is logged in, return FALSE at once.
if (!$userId) {
return false;
}
// If the $forum parameter is no array, treat the parameter as forum UID instead
if (!is_array($forum)) {
// Parse to int for security reasons
$forum = intval($forum);
// Search for result in cache. In case of a hit, return the result at once.
$cacheRes = $this->cache->restore('getMayWrite_forum_' . $userId . '_' . $forum);
if ($cacheRes !== null) {
return $cacheRes;
}
// Otherwise load the complete board record.
$forum = $this->getBoardData($forum);
}
/* If this has not been done already, look into the cache now
* and return the result in the case of a hit. */
if (!isset($cacheRes)) {
$cacheRes = $this->cache->restore('getMayWrite_forum_' . $userId . '_' . $forum['uid']);
if ($cacheRes !== null) {
return $cacheRes;
}
}
/* If the current user has moderation or even administration
* access to this board, just return TRUE in any case. */
if ($this->getIsModOrAdmin($forum['uid'])) {
return true;
}
// If the forum has got a parent category, check the access rights for this category, too.
if ($forum['parentID']) {
if (!$this->getMayWrite_forum($forum['parentID'])) {
return false;
}
}
// Load all groups that have write access to this forum
$authWrite = tx_mmforum_tools::getParentUserGroups($forum['grouprights_write']);
/* If no groups with write access have been specified, everyone
* can write, so just return true. */
$authWrite = GeneralUtility::intExplode(',', $authWrite);
$authWrite = $this->tools->processArray_numeric($authWrite);
if (count($authWrite) == 0) {
$this->cache->save('getMayWrite_forum_' . $userId . '_' . $forum['uid'], true);
return true;
}
// Load current user's groups
$groups = $GLOBALS['TSFE']->fe_user->groupData['uid'];
$groups = tx_mmforum_tools::processArray_numeric($groups);
/* Check if the user is in the base user group. If this is not the
* case, the user is not allowed to write anywhere. */
if (!in_array($this->getBaseUserGroup(), $groups)) {
$this->cache->save("getMayWrite_forum_{$userId}_{$forum['uid']}", false);
return false;
}
/* Determine the intersection between the user's groups and the groups
* with write access. If the intersect count is bigger than 0, this means
* that the user is in at least one group that has write access, so
* return TRUE in this case. */
$intersect = array_intersect($authWrite, $groups);
$result = count($intersect) > 0;
// Write result to cache and return
$this->cache->save('getMayWrite_forum_' . $userId . '_' . $forum['uid'], $result);
return $result;
}
/**
* Determines if the user that is currently logged in is allowed to create a poll.
* This function determines if the user that is currently logged
* in is allowed to create a poll. This checks if polls are enabled in
* general and if poll creation is limited to certain user groups.
*
* @param tx_mmforum_base $pObj
* @return boolean TRUE, if the current user may create a post, otherwise false.
* @version 2007-05-22
*/
function getMayCreatePoll($pObj)
{
if (!$pObj->conf['polls.']['enable']) {
return false;
}
if ($pObj->conf['polls.']['restrictToGroups']) {
$authPolls = GeneralUtility::intExplode(',', $pObj->conf['polls.']['restrictToGroups']);
$groups = $GLOBALS['TSFE']->fe_user->groupData['uid'];
$authPolls = tx_mmforum_tools::processArray_numeric($authPolls);
$groups = tx_mmforum_tools::processArray_numeric($groups);
if (count($authPolls) == 0) {
return true;
}
$i = array_intersect($authPolls, $groups);
return count($i) > 0;
}
return true;
}
/**
* Generates a MySQL-query to determine in which boards the current user may read.
*
* @param string $prefix
* @return string A MySQL-WHERE-query, beginning with "AND", checking which boards the
* user that is currently logged in may read in.
* @author Martin Helmich <*****@*****.**>
*/
function getMayRead_forum_query($prefix = '')
{
if (strlen($prefix) > 0) {
$prefix = "{$prefix}.";
}
if (!$GLOBALS['TSFE']->fe_user->user) {
return " AND (" . $prefix . "grouprights_read='')";
}
$groups = $GLOBALS['TSFE']->fe_user->groupData['uid'];
$groups = tx_mmforum_tools::processArray_numeric($groups);
$queryParts = array();
foreach ($groups as $group) {
$queryParts[] = "FIND_IN_SET({$group}," . $prefix . "grouprights_read)";
}
$query = implode(' OR ', $queryParts);
$query = " AND (({$query}) OR " . $prefix . "grouprights_read='') ";
return $query;
}
/**
* Translates a commaseperated list of group UIDs into a list of group names.
*
* @author Martin Helmich <*****@*****.**>
* @version 2007-24-11
* @param string $content The commaseperated list of group UIDs
* @param array $conf A configuration array that is not actually used.
* @return string A list of group names.
*/
function getUserGroupList($content, $conf = array())
{
$groups = GeneralUtility::intExplode(',', $content);
$groups = tx_mmforum_tools::processArray_numeric($groups);
$sGroups = array();
foreach ($groups as $group) {
if ($GLOBALS['tx_mmforum_tools']['grpCache'][$group]) {
$sGroups[] = $GLOBALS['tx_mmforum_tools']['grpCache'][$group];
} else {
$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('title', 'fe_groups', 'uid = ' . intval($group));
list($grouptitle) = $GLOBALS['TYPO3_DB']->sql_fetch_row($res);
$GLOBALS['tx_mmforum_tools']['grpCache'][$group] = $grouptitle;
$sGroups[] = $grouptitle;
}
}
return implode(', ', $sGroups);
}
/**
* Generates a MySQL-query to determine in which boards the current user may read.
* @param string $prefix
* @return string $prefix A MySQL-WHERE-query, beginning with "AND", checking which boards the
* user that is currently logged in may read in.
* @author Martin Helmich <*****@*****.**>
*/
function getMayRead_forum_query($prefix = '')
{
$userId = $this->getUserID();
// First search for query in cache. In case of a hit, just return the result.
$cacheRes = $this->cache->restore('getMayRead_forum_query_' . $userId . '_' . $prefix);
if ($cacheRes !== null) {
return $cacheRes;
}
// If the user is an administrator, just return a dummy query.
if ($this->getIsAdmin()) {
return ' AND 1 ';
}
// If no user is logged in, select only boards where no read access is specified. */
$dprefix = strlen($prefix) > 0 ? $prefix . '.' : '';
if (!$GLOBALS['TSFE']->fe_user->user) {
$this->cache->save('getMayRead_forum_query_' . $userId . '_' . $prefix, $query = ' AND (' . $dprefix . 'grouprights_read=\'\')');
return $query;
}
// Get all groups the current user is a member of.
$groups = $GLOBALS['TSFE']->fe_user->groupData['uid'];
$groups = tx_mmforum_tools::processArray_numeric($groups);
$queryParts = NULL;
// If the user is not in any group, build a subquery that always returns FALSE.
if (!is_array($groups) || count($groups) == 0) {
$queryParts = '1=2';
} else {
foreach ($groups as $group) {
$queryParts[] = 'FIND_IN_SET(' . $group . ', ' . $dprefix . 'grouprights_read)';
}
}
$query = is_array($queryParts) ? implode(' OR ', $queryParts) : $queryParts;
$query = ' AND ((' . $query . ') OR ' . $dprefix . 'grouprights_read=\'\') ';
// Store query to cache and return.
$this->cache->save('getMayRead_forum_query_' . $userId . '_' . $prefix, $query);
return $query;
}
