protected function fetchCanViewCalendar($calendarid)
{
if (!($calendarinfo = $this->content['calendar'][$calendarid])) {
return false;
}
if (!vB::$vbulletin->userinfo['calendarpermissions']) {
cache_calendar_permissions(vB::$vbulletin->userinfo);
}
if (!(vB::$vbulletin->userinfo['calendarpermissions'][$calendarid] & vB::$vbulletin->bf_ugp_calendarpermissions['canviewcalendar'])) {
return false;
}
return true;
}
/**
* Returns the full set of permissions for the specified user (called by global or init)
*
* @param array (ref) User info array
* @param boolean If true, returns combined usergroup permissions, individual forum permissions, individual calendar permissions and attachment permissions
* @param boolean Reset the accesscache array for permissions following access mask update. Only allows one reset.
*
* @return array Permissions component of user info array
*/
function cache_permissions(&$user, $getforumpermissions = true, $resetaccess = false)
{
global $vbulletin, $forumpermissioncache;
// these are the arrays created by this function
//this is only set if we load the calendar perms, which have been moved to another function
//global $calendarcache;
static $accesscache = array(), $reset;
if ($resetaccess AND !$reset)
{ // Reset the accesscache array for permissions following access mask update. Only allows one reset.
$accesscache = array();
$reset = true;
}
$intperms = array();
// set the usergroupid of the user's primary usergroup
$USERGROUPID = $user['usergroupid'];
if ($USERGROUPID == 0)
{ // set a default usergroupid if none is set
$USERGROUPID = 1;
}
// initialise $membergroups - make an array of the usergroups to which this user belongs
$membergroupids = fetch_membergroupids_array($user);
// build usergroup permissions
if (sizeof($membergroupids) == 1 OR !($vbulletin->usergroupcache["$USERGROUPID"]['genericoptions'] & $vbulletin->bf_ugp_genericoptions['allowmembergroups']))
{
// if primary usergroup doesn't allow member groups then get rid of them!
$membergroupids = array($USERGROUPID);
// just return the permissions for the user's primary group (user is only a member of a single group)
$user['permissions'] = $vbulletin->usergroupcache["$USERGROUPID"];
}
else
{
// initialise fields to 0
foreach ($vbulletin->bf_ugp AS $dbfield => $permfields)
{
$user['permissions']["$dbfield"] = 0;
}
// return the merged array of all user's membergroup permissions (user has additional member groups)
foreach ($membergroupids AS $usergroupid)
{
foreach ($vbulletin->bf_ugp AS $dbfield => $permfields)
{
$user['permissions']["$dbfield"] |= $vbulletin->usergroupcache["$usergroupid"]["$dbfield"];
}
foreach ($vbulletin->bf_misc_intperms AS $dbfield => $precedence)
{
// put in some logic to handle $precedence
if (!isset($intperms["$dbfield"]))
{
$intperms["$dbfield"] = $vbulletin->usergroupcache["$usergroupid"]["$dbfield"];
}
else if (!$precedence)
{
if ($vbulletin->usergroupcache["$usergroupid"]["$dbfield"] > $intperms["$dbfield"])
{
$intperms["$dbfield"] = $vbulletin->usergroupcache["$usergroupid"]["$dbfield"];
}
}
else if ($vbulletin->usergroupcache["$usergroupid"]["$dbfield"] == 0 OR (isset($intperms["$dbfield"]) AND $intperms["$dbfield"] == 0)) // Set value to 0 as it overrides all
{
$intperms["$dbfield"] = 0;
}
else if ($vbulletin->usergroupcache["$usergroupid"]["$dbfield"] > $intperms["$dbfield"])
{
$intperms["$dbfield"] = $vbulletin->usergroupcache["$usergroupid"]["$dbfield"];
}
}
}
$user['permissions'] = array_merge($vbulletin->usergroupcache["$USERGROUPID"], $user['permissions'], $intperms);
}
if (!empty($user['infractiongroupids']))
{
$infractiongroupids = explode(',', str_replace(' ', '', $user['infractiongroupids']));
}
else
{
$infractiongroupids = array();
}
foreach ($infractiongroupids AS $usergroupid)
{
foreach ($vbulletin->bf_ugp AS $dbfield => $permfields)
{
$user['permissions']["$dbfield"] &= $vbulletin->usergroupcache["$usergroupid"]["$dbfield"];
}
foreach ($vbulletin->bf_misc_intperms AS $dbfield => $precedence)
{
if (!$precedence)
{
if ($vbulletin->usergroupcache["$usergroupid"]["$dbfield"] < $user['permissions']["$dbfield"])
{
$user['permissions']["$dbfield"] = $vbulletin->usergroupcache["$usergroupid"]["$dbfield"];
}
}
else if ($vbulletin->usergroupcache["$usergroupid"]["$dbfield"] < $user['permissions']["$dbfield"] AND $vbulletin->usergroupcache["$usergroupid"]["$dbfield"] != 0)
{
$user['permissions']["$dbfield"] = $vbulletin->usergroupcache["$usergroupid"]["$dbfield"];
}
}
}
if (defined('SKIP_SESSIONCREATE') AND $user['userid'] == $vbulletin->userinfo['userid'] AND !($user['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']))
{ // grant canview for usergroup if session skipping is defined.
$user['permissions']['forumpermissions'] += $vbulletin->bf_ugp_forumpermissions['canview'];
}
($hook = vBulletinHook::fetch_hook('cache_permissions')) ? eval($hook) : false;
// if we do not need to grab the forum/calendar permissions
// then just return what we have so far
if ($getforumpermissions == false)
{
return $user['permissions'];
}
if (!isset($user['forumpermissions']) OR !is_array($user['forumpermissions']))
{
$user['forumpermissions'] = array();
}
foreach (array_keys($vbulletin->forumcache) AS $forumid)
{
if (!isset($user['forumpermissions']["$forumid"]))
{
$user['forumpermissions']["$forumid"] = 0;
}
foreach ($membergroupids AS $usergroupid)
{
$user['forumpermissions']["$forumid"] |= $vbulletin->forumcache["$forumid"]['permissions']["$usergroupid"];
}
foreach ($infractiongroupids AS $usergroupid)
{
$user['forumpermissions']["$forumid"] &= $vbulletin->forumcache["$forumid"]['permissions']["$usergroupid"];
}
}
// do access mask stuff if required
if ($vbulletin->options['enableaccess'] AND isset($user['hasaccessmask']) AND $user['hasaccessmask'] == 1)
{
if (empty($accesscache["$user[userid]"]))
{
// query access masks
// the ordercontrol is required! (3.5 bug 1878)
$accessmasks = $vbulletin->db->query_read_slave("
SELECT access.*, forum.forumid,
FIND_IN_SET(access.forumid, forum.parentlist) AS ordercontrol
FROM " . TABLE_PREFIX . "forum AS forum
INNER JOIN " . TABLE_PREFIX . "access AS access ON (access.userid = $user[userid] AND FIND_IN_SET(access.forumid, forum.parentlist))
ORDER BY ordercontrol DESC
");
$accesscache["$user[userid]"] = array();
while ($access = $vbulletin->db->fetch_array($accessmasks))
{
$accesscache["$user[userid]"]["$access[forumid]"] = $access['accessmask'];
}
unset($access);
$vbulletin->db->free_result($accessmasks);
}
// if an access mask is set for a forum, set the permissions accordingly
// If this is empty then the user really has no access masks but the switch is turned on?!?
if (!empty($accesscache["$user[userid]"]))
{
foreach ($accesscache["$user[userid]"] AS $forumid => $accessmask)
{
if ($accessmask == 0) // disable access
{
$user['forumpermissions']["$forumid"] = 0;
}
else // use combined permissions
{
$user['forumpermissions']["$forumid"] = $user['permissions']['forumpermissions'];
}
}
}
else
{
// says the user has access masks, but doesn't actually
// so turn them off
$userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
$userdm->set_existing($user);
$userdm->set_bitfield('options', 'hasaccessmask', false);
$userdm->save();
unset($userdm);
}
} // end if access masks enabled and is logged in user
$calfiles = array(
'online' => true,
'calendar' => true,
'index' => $vbulletin->options['showevents'] ? true : false,
);
if (THIS_SCRIPT == 'index' AND $vbulletin->options['showevents'])
{
if (!is_array($vbulletin->eventcache)
OR gmdate('n-j-Y' , TIMENOW + 86400 + 86400 * $vbulletin->options['showevents']) != $vbulletin->eventcache['date']
)
{
// need perms with rebuild
$calfiles['index'] = true;
}
else if (count($vbulletin->eventcache) == 1)
{
// no events, only the date - don't need to cache the perms
$calfiles['index'] = false;
}
}
// query calendar permissions
if (!empty($calfiles[THIS_SCRIPT]))
{
// Only query calendar permissions when accessing the calendar or subscriptions or index.php
cache_calendar_permissions($user);
}
if (!empty($vbulletin->attachmentcache) AND empty($vbulletin->attachmentcache['extensions']))
{
$fields = array(
'size' => true,
'width' => true,
'height' => true,
);
$user['attachmentextensions'] = '';
// Combine the attachment permissions for all member groups
foreach($vbulletin->attachmentcache AS $extension => $attachment)
{
$need_default = false;
foreach($membergroupids AS $usergroupid)
{
if (!empty($attachment['custom']["$usergroupid"]))
{
$perm = $attachment['custom']["$usergroupid"];
$user['attachmentpermissions']["$extension"]['permissions'] |= $perm['permissions'];
foreach ($fields AS $dbfield => $precedence)
{
// put in some logic to handle $precedence
if (!isset($user['attachmentpermissions']["$extension"]["$dbfield"]))
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = $perm["$dbfield"];
}
else if (!$precedence)
{
if ($perm["$dbfield"] > $user['attachmentpermissions']["$extension"]["$dbfield"])
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = $perm["$dbfield"];
}
}
else if ($perm["$dbfield"] == 0 OR (isset($user['attachmentpermissions']["$extension"]["$dbfield"]) AND $user['attachmentpermissions']["$extension"]["$dbfield"] == 0))
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = 0;
}
else if ($perm["$dbfield"] > $user['attachmentpermissions']["$extension"]["$dbfield"])
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = $perm["$dbfield"];
}
}
}
else
{
$need_default = true;
}
}
if (empty($user['attachmentpermissions']["$extension"]))
{
$user['attachmentpermissions']["$extension"] = array(
'permissions' => 1,
'size' => $vbulletin->attachmentcache["$extension"]['size'],
'height' => $vbulletin->attachmentcache["$extension"]['height'],
'width' => $vbulletin->attachmentcache["$extension"]['width'],
'contenttypes' => isset($vbulletin->attachmentcache["$extension"]['contenttypes']) ?
$vbulletin->attachmentcache["$extension"]['contenttypes'] : null,
);
}
else if ($need_default)
{
$user['attachmentpermissions']["$extension"]['permissions'] = 1;
$perm = $vbulletin->attachmentcache["$extension"];
foreach ($fields AS $dbfield => $precedence)
{
// put in some logic to handle $precedence
if (!isset($user['attachmentpermissions']["$extension"]["$dbfield"]))
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = $perm["$dbfield"];
}
else if (!$precedence)
{
if ($perm["$dbfield"] > $user['attachmentpermissions']["$extension"]["$dbfield"])
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = $perm["$dbfield"];
}
}
else if ($perm["$dbfield"] == 0 OR (isset($user['attachmentpermissions']["$extension"]["$dbfield"]) AND $user['attachmentpermissions']["$extension"]["$dbfield"] == 0))
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = 0;
}
else if ($perm["$dbfield"] > $user['attachmentpermissions']["$extension"]["$dbfield"])
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = $perm["$dbfield"];
}
}
}
foreach($infractiongroupids AS $usergroupid)
{
if (!empty($attachment['custom']["$usergroupid"]))
{
$perm = $attachment['custom']["$usergroupid"];
$user['attachmentpermissions']["$extension"]['permissions'] &= $perm['permissions'];
foreach ($fields AS $dbfield => $precedence)
{
if (!$precedence)
{
if ($perm["$dbfield"] < $user['attachmentpermissions']["$extension"]["$dbfield"])
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = $perm["$dbfield"];
}
}
else if ($perm["$dbfield"] < $user['attachmentpermissions']["$extension"]["$dbfield"] AND $perm["$dbfield"] != 0)
{
$user['attachmentpermissions']["$extension"]["$dbfield"] = $perm["$dbfield"];
}
}
}
}
}
foreach ($user['attachmentpermissions'] AS $extension => $foo)
{
if ($user['attachmentpermissions']["$extension"]['permissions'])
{
$user['attachmentextensions'] .= (!empty($user['attachmentextensions']) ? ' ' : '') . $extension;
}
}
}
return $user['permissions'];
}
public function hasCalendarPermission($calendarid, $permission)
{
if (is_null($this->registry->userinfo['calendarpermissions']))
{
cache_calendar_permissions($this->registry->userinfo);
}
return $this->registry->userinfo['calendarpermissions'][$calendarid] &
$this->registry->bf_ugp_calendarpermissions[$permission];
}
