public function hasAdminPermission($permission)
{
// if user is super admin
if ($this->userIsSuperAdmin) {
return true;
}
$full_admin = $this->basicAdminControl();
if ($full_admin !== 0) {
return $full_admin > 0;
}
$bf_ugp_adminpermissions = $this->datastore->get_value('bf_ugp_adminpermissions');
if (!isset($this->admin_info)) {
$result = $this->assertor->assertQuery('vBForum:administrator', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, 'userid' => $this->userid));
if ($result->valid()) {
$this->admin_info = $result->current();
//two "admin" permissions are actually stored at the usergroup level. Copy them here.
if ($this->permissionContext->hasPermission('adminpermissions', 'cancontrolpanel')) {
$this->admin_info['adminpermissions'] |= $bf_ugp_adminpermissions['cancontrolpanel'];
}
if ($this->permissionContext->hasPermission('adminpermissions', 'ismoderator')) {
$this->admin_info['adminpermissions'] |= $bf_ugp_adminpermissions['ismoderator'];
}
} else {
return false;
}
}
return (bool) ($this->admin_info['adminpermissions'] & $bf_ugp_adminpermissions[$permission]);
}
/** Build and caches the permissions array
*
*/
protected function buildPerms()
{
//we need to build the permissions.
//Most of the time the user will have access to the root. If that's the case
// then we can ignore all the other read access values.
$perms = array();
//let's get a list of all the groups and their CMS access
$assertor = vB::getDbAssertor();
$groupquery = $assertor->assertQuery('usergroup', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT));
$sections = array();
$parents = array();
if ($groupquery and $groupquery->valid()) {
$groupinfo = $groupquery->current();
while ($groupquery->valid()) {
$perms[$groupinfo['usergroupid']] = array('canRead' => array(), 'cantRead' => array(), 'selfOnly' => array(), 'starterOnly' => array(), 'canModerate' => array(), 'cantModerate' => array());
$groupinfo = $groupquery->next();
}
}
$bf_ugp = $this->datastore->get_value('bf_ugp_forumpermissions');
$bf_ugp_f2 = $this->datastore->get_value('bf_ugp_forumpermissions2');
$bf_mod = $this->datastore->get_value('bf_misc_moderatorpermissions');
//Now get the permissions.
$permquery = $assertor->assertQuery('vBForum:permission', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT));
if ($permquery and $permquery->valid()) {
$permission = $permquery->current();
while ($permquery->valid()) {
if ($permission['forumpermissions'] & $bf_ugp['canview'] and $permission['forumpermissions'] & $bf_ugp['canviewthreads'] and $permission['forumpermissions'] & $bf_ugp['canviewothers'] or $permission['forumpermissions2'] & $bf_ugp_f2['canalwaysview']) {
$perms[$permission['groupid']]['canRead'][] = $permission['nodeid'];
} else {
if ($permission['forumpermissions'] & $bf_ugp['canview'] and $permission['forumpermissions'] & $bf_ugp['canviewothers']) {
$perms[$permission['groupid']]['starterOnly'][] = $permission['nodeid'];
} else {
if ($permission['forumpermissions'] & $bf_ugp['canview'] and $permission['forumpermissions'] & $bf_ugp['canviewthreads']) {
$perms[$permission['groupid']]['selfOnly'][] = $permission['nodeid'];
} else {
$perms[$permission['groupid']]['cantRead'][] = $permission['nodeid'];
}
}
}
if ($permission['moderatorpermissions'] & $bf_mod['canmoderateposts']) {
$perms[$permission['groupid']]['canModerate'][] = $permission['nodeid'];
} else {
$perms[$permission['groupid']]['cantModerate'][] = $permission['nodeid'];
}
$permission = $permquery->next();
}
}
$this->perms = $perms;
$hashkey = 'vb_readperms';
vB_Cache::instance()->write($hashkey, $perms, 1440, 'perms_changed');
return $perms;
}
/**
* Constructor - Checks for necessity of registry object
*
* Note that this method will accept only the $errtype parameter (via some magic checking of the parameters)
* and this is the preferred way of calling the datamanager functions. The registry object is deprecated
* and will be created internally for those managers that still need it.
*
* @param vB_Registry $registry -- Instance of the vBulletin data registry object - expected to have the
* database object as one of its $this->db member.
* @param integer $errtype --One of the ERRTYPE_x constants
*/
public function __construct($registry = NULL, $errtype = NULL)
{
if (is_object($registry)) {
$this->registry =& $registry;
} else {
if ($this->needRegistry) {
$this->registry = vB::get_registry();
}
}
if (is_int($registry) and $errtype === NULL) {
//This allows us to function as either vb3/4 style with $vbulletin,
// or vb5-style with no global variables
$errtype = $registry;
} else {
if ($errtype === NULL) {
$errtype = vB_DataManager_Constants::ERRTYPE_STANDARD;
}
}
$this->assertor = vB::getDbAssertor();
$this->session = vB::getCurrentSession();
$this->userinfo = $this->session->fetch_userinfo();
$this->datastore = vB::getDatastore();
$this->options = $this->datastore->get_value('options');
$this->setErrorHandler($errtype);
if (is_array($this->bitfields)) {
foreach ($this->bitfields as $key => $val) {
//set this to bitfields array directly and unset if bad. if we try to set this to a interim
//variable we end up getting the references crossed so that every element of the array is
//the same as the last value loaded (this is a bit of a problem). We could not use references
//but I'd like to avoid copying static arrays more than I need to.
$this->bitfields["{$key}"] = $this->datastore->get_value($val);
if (!$this->bitfields["{$key}"]) {
unset($this->bitfields["{$key}"]);
trigger_error("Please check the <em>\$bitfields</em> array in the <strong>" . get_class($this) . "</strong> class definition - <em>\$vbulletin->{$val}</em> is not a valid bitfield.<br />", E_USER_ERROR);
}
}
}
/* Legacy Hook $this->hook_start Removed */
}
