/** * Check if provided tag id can be modified by the provided user * @param $tagid integer Tag id * @param $user string Actual user; NULL pickup actual logged in user * @return boolean TRUE if permission is valid, false otherwise */ public static function writeAllowed($tagid, $user = NULL) { // If owner is not set, assign the actual username if ($user === NULL) { $user = \OCP\User::getUser(); } // If user is an administrator, write is allowed if (\OC_User::isAdminUser(\OCP\User::getUser())) { return TRUE; } // Query for actual tag's owner and permission $sql = "SELECT `owner`, `permission` FROM `*PREFIX*oclife_tags` WHERE `id`=?"; $args = array($tagid); $query = \OCP\DB::prepare($sql); $resRsrc = $query->execute($args); $owner = NULL; $permission = NULL; while ($row = $resRsrc->fetchRow()) { // Legacy check on user and permission $permission = \OCA\OCLife\hTags::getPermission($row['permission']); $owner = isset($row['owner']) ? $row['owner'] : \OCP\User::getUser(); } // Check if worldwide writeable if (substr($permission, 5, 1) === 'w') { return TRUE; } // Check for operating on owner's tag if ($user === $owner) { return substr($permission, 1, 1) === 'w' ? TRUE : FALSE; } // Check for tags owned by group where $user belongs to if (substr($permission, 3, 1) === 'w') { $userCompanion = \OCA\OCLife\utilities::getGroupCompanion($user); $groupPos = array_search($owner, $userCompanion); return $groupPos === FALSE ? FALSE : TRUE; } else { return FALSE; } }