/**
* Build the Forums ACL
* @since Version 3.8.7
* @param boolean $force Force an update of the ACL
* @todo Finish this shit
*/
public function buildACL($force = false)
{
/**
* I hate using Globals...
*/
global $acl;
if (!$this->User instanceof User) {
throw new Exception("A valid user must be set before the ACL can be built");
}
$mckey = "railpage.forums.list";
if ($force || !($forums = getMemcacheObject($mckey))) {
$query = "SELECT forum_id FROM nuke_bbforums";
$forums = $this->db->fetchAll($query);
setMemcacheObject($mckey, $forums);
}
$acl_forums = array();
/**
* Add all the forums to the ACL
*/
foreach ($forums as $row) {
$acl_forum_name = sprintf("railpage.forums.forum:%d", $row['forum_id']);
$acl_forums[$row['forum_id']] = $acl_forum_name;
try {
$acl->get($acl_forum_name);
} catch (Exception $e) {
$acl->addResource(new Zend_Acl_Resource($acl_forum_name));
}
}
/**
* Get the forum permissions from the database
*/
$a_sql = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_vote", "auth_pollcreate");
$auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate');
$query = "SELECT forum_id, " . implode(", ", $a_sql) . ", " . self::AUTH_ACL . " AS auth_mod FROM nuke_bbforums";
$db_acl = array();
foreach ($this->db->fetchAll($query) as $row) {
$db_acl[$row['forum_id']] = $row;
}
/**
* Get the group permissions for this user
*/
$query = "SELECT a.* FROM nuke_bbauth_access AS a WHERE a.group_id IN (SELECT group_id FROM nuke_bbuser_group WHERE user_id = ? AND user_pending = 0)";
$gperms = array();
foreach ($this->db->fetchAll($query, $this->User->id) as $perm) {
$forum_id = $perm['forum_id'];
$group_id = $perm['group_id'];
unset($perm['forum_id']);
unset($perm['group_id']);
$gperms[$forum_id][$group_id] = $perm;
}
/**
* Add the forum permissions to Zend_ACL
*/
foreach ($db_acl as $forum_id => $permissions) {
$allowed = array();
$denied = array();
foreach ($permissions as $item => $value) {
switch ($value) {
case self::AUTH_ALL:
$allowed[] = $item;
break;
case self::AUTH_REG:
if (!$this->User->guest) {
$allowed[] = $item;
}
break;
case self::AUTH_ACL:
if (isset($gperms[$forum_id])) {
foreach ($gperms[$forum_id] as $group) {
foreach ($group as $gitem => $gval) {
switch ($gval) {
case self::AUTH_REG:
$allowed[] = $item;
break;
case self::AUTH_ACL:
// Inception
break;
case self::AUTH_MOD:
if ($this->User->inGroup(RP_GROUP_MODERATORS)) {
$allowed[] = $gitem;
}
break;
case self::AUTH_ADMIN:
if ($this->User->inGroup(RP_GROUP_ADMINS)) {
$allowed[] = $gitem;
}
break;
}
}
}
}
break;
case self::AUTH_MOD:
if ($this->User->inGroup(RP_GROUP_MODERATORS)) {
$allowed[] = $item;
}
break;
case self::AUTH_ADMIN:
if ($this->User->inGroup(RP_GROUP_ADMINS)) {
$allowed[] = $item;
}
break;
}
}
foreach ($permissions as $item => $value) {
if (!in_array($item, $allowed)) {
$denied[] = $item;
}
}
$allowed = array_unique($allowed);
$denied = array_unique($denied);
$acl->allow("forums_viewer", sprintf("railpage.forums.forum:%d", $forum_id), $allowed);
$acl->deny("forums_viewer", sprintf("railpage.forums.forum:%d", $forum_id), $denied);
}
$this->ZendACL = $acl;
}
