[geeklog-cvs] geeklog-1.3/system lib-security.php,1.11,1.12
dhaun at geeklog.net
dhaun at geeklog.net
Wed Mar 5 09:34:46 EST 2003
Update of /usr/cvs/geeklog/geeklog-1.3/system
In directory internal.geeklog.net:/tmp/cvs-serv21595
Modified Files:
lib-security.php
Log Message:
Integrated Vincent Furia's improvements to SEC_getUserGroups() and SEC_getUserRights().
Index: lib-security.php
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/system/lib-security.php,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** lib-security.php 26 Oct 2002 18:28:09 -0000 1.11
--- lib-security.php 5 Mar 2003 14:34:44 -0000 1.12
***************
*** 9,16 ****
// | |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000,2001 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony at tonybibbs.com |
// | Mark Limburg - mlimburg at users.sourceforge.net |
// +---------------------------------------------------------------------------+
// | |
--- 9,17 ----
// | |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2003 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony at tonybibbs.com |
// | Mark Limburg - mlimburg at users.sourceforge.net |
+ // | Vincent Furia - vmf at abtech.org |
// +---------------------------------------------------------------------------+
// | |
***************
*** 76,95 ****
*
* @param int $uid User ID to get information for. If empty current user.
- * @param string $usergroups DO NOT USE (for recursion) comma delimited string of groups user belongs to
- * @param int $cur_grp_id DO NOT USE (for recursion) Current group the function is working with in tree
* @return array Associative Array grp_name -> ug_main_grp_id
*
*/
! function SEC_getUserGroups($uid='',$usergroups='',$cur_grp_id='')
{
global $_TABLES, $_USER, $_SEC_VERBOSE;
- if (empty($usergroups)) {
- $usergroups = array();
- }
-
if ($_SEC_VERBOSE) {
COM_errorLog("****************in getusergroups(uid=$uid,usergroups=$usergroups,cur_grp_id=$cur_grp_id)***************",1);
}
if (empty($uid)) {
--- 77,92 ----
*
* @param int $uid User ID to get information for. If empty current user.
* @return array Associative Array grp_name -> ug_main_grp_id
*
*/
! function SEC_getUserGroups($uid='')
{
global $_TABLES, $_USER, $_SEC_VERBOSE;
if ($_SEC_VERBOSE) {
COM_errorLog("****************in getusergroups(uid=$uid,usergroups=$usergroups,cur_grp_id=$cur_grp_id)***************",1);
}
+
+ $groups = array();
if (empty($uid)) {
***************
*** 101,114 ****
}
! if (empty($cur_grp_id)) {
! $result = DB_query("SELECT ug_main_grp_id,grp_name FROM {$_TABLES["group_assignments"]},{$_TABLES["groups"]}"
. " WHERE grp_id = ug_main_grp_id AND ug_uid = $uid",1);
- } else {
- $result = DB_query("SELECT ug_main_grp_id,grp_name FROM {$_TABLES["group_assignments"]},{$_TABLES["groups"]}"
- . " WHERE grp_id = ug_main_grp_id AND ug_grp_id = $cur_grp_id",1);
- }
if ($result == -1) {
! return $usergroups;
}
--- 98,106 ----
}
! $result = DB_query("SELECT ug_main_grp_id,grp_name FROM {$_TABLES["group_assignments"]},{$_TABLES["groups"]}"
. " WHERE grp_id = ug_main_grp_id AND ug_uid = $uid",1);
if ($result == -1) {
! return $groups;
}
***************
*** 119,135 ****
}
! for ($i = 1; $i <= $nrows; $i++) {
! $A = DB_fetchArray($result);
! if ($_SEC_VERBOSE) {
! COM_errorLog('user is in group ' . $A['grp_name'],1);
}
! $usergroups[$A['grp_name']] = $A['ug_main_grp_id'];
! $usergroups = SEC_getUserGroups($uid,$usergroups,$A['ug_main_grp_id']);
}
! if (is_array($usergroups)) {
! ksort($usergroups);
! }
if ($_SEC_VERBOSE) {
--- 111,136 ----
}
! while ($nrows > 0) {
! $cgroups = array();
! for ($i = 1; $i <= $nrows; $i++) {
! $A = DB_fetchArray($result);
!
! if ($_SEC_VERBOSE) {
! COM_errorLog('user is in group ' . $A['grp_name'],1);
! }
! if (!in_array($A['ug_main_grp_id'], $groups)) {
! array_push($cgroups, $A['ug_main_grp_id']);
! }
! $groups[$A['grp_name']] = $A['ug_main_grp_id'];
}
!
! $glist = join(',', $cgroups);
! $result = DB_query("SELECT ug_main_grp_id,grp_name FROM {$_TABLES["group_assignments"]},{$_TABLES["groups"]}"
! . " WHERE grp_id = ug_main_grp_id AND ug_grp_id IN ($glist)",1);
! $nrows = DB_numRows($result);
}
! ksort($groups);
if ($_SEC_VERBOSE) {
***************
*** 137,141 ****
}
! return $usergroups;
}
--- 138,142 ----
}
! return $groups;
}
***************
*** 436,439 ****
--- 437,444 ----
global $_TABLES, $_USER, $_SEC_VERBOSE;
+ if ($_SEC_VERBOSE) {
+ COM_errorLog("**********inside SEC_getUserPermissions(grp_id=$grp_id)**********",1);
+ }
+
// Get user ID if we don't already have it
if (empty($uid)) {
***************
*** 445,507 ****
}
! if ($_SEC_VERBOSE) {
! COM_errorLog("**********inside SEC_getUserPermissions(grp_id=$grp_id)**********",1);
! }
!
! if (empty($grp_id)) {
! // Okay, this was the first time this function SEC_was called.
! // Let's get all the groups this user belongs to and get the permissions for each group.
! // NOTE: permissions are given to groups and NOT individuals
!
! // print "<BR>uid = " . $_USER[uid];
!
! $result = DB_query("SELECT ug_main_grp_id FROM {$_TABLES["group_assignments"]} WHERE ug_uid = $uid",1);
! if ($result <> -1) {
! $nrows = DB_numRows($result);
! if ($_SEC_VERBOSE) {
! COM_errorLog("got $nrows row(s) in SEC_getUserPermissions",1);
! }
! for ($i = 1; $i <= $nrows; $i++) {
! $A = DB_fetchArray($result);
! $retval .= SEC_getUserPermissions($A['ug_main_grp_id'],$uid);
! }
}
} else {
! // In this case we are going up the group tree for this user building a list of rights
! // along the way. First, get the rights for this group.
!
! $result = DB_query("SELECT ft_name FROM {$_TABLES["access"]},{$_TABLES["features"]} WHERE "
! . "ft_id = acc_ft_id AND acc_grp_id = $grp_id",1);
! $nrows = DB_numRows($result);
!
! if ($_SEC_VERBOSE) COM_errorLog("got $nrows rights for group $grp_id in SEC_getUserPermissions",1);
!
! for ($j = 1; $j <= $nrows; $j++) {
! $A = DB_fetchArray($result);
! if ($_SEC_VERBOSE) {
! COM_errorLog('Adding right ' . $A['ft_name'] . ' in SEC_getUserPermissions',1);
! }
! $retval .= $A['ft_name'] . ',';
! }
! // Now see if there are any groups tied to this one further up the tree. If so
! // see if they have additional rights
! $result = DB_query("SELECT ug_main_grp_id FROM {$_TABLES["group_assignments"]} WHERE ug_grp_id = $grp_id",1);
! $nrows = DB_numRows($result);
if ($_SEC_VERBOSE) {
! COM_errorLog("got $nrows groups tied to group $grp_id in SEC_getUserPermissions",1);
! }
! for ($i = 1; $i <= $nrows; $i++) {
! // Now for each group, see if there are any rights assigned to it. If so, add to our
! // comma delimited string
!
! $A = DB_fetchArray($result);
! $retval .= SEC_getUserPermissions($A['ug_main_grp_id'],$uid);
}
}
! if ($_SEC_VERBOSE) {
! COM_errorLog("**********leaving SEC_getUserPermissions(grp_id=$grp_id)**********",1);
! }
return $retval;
}
--- 450,475 ----
}
! if ($uid == $_USER['uid']) {
! if (!isset($_GROUPS)) {
! $_GROUPS = SEC_getUserGroups($uid);
}
+ $groups = $_GROUPS;
} else {
! $groups = SEC_getUserGroups($uid);
! }
! $glist = join(',', $groups);
! $result = DB_query("SELECT DISTINCT ft_name FROM {$_TABLES["access"]},{$_TABLES["features"]} "
! . "WHERE ft_id = acc_ft_id AND acc_grp_id IN ($glist)");
! $nrows = DB_numrows($result);
! for ($j = 1; $j <= $nrows; $j++) {
! $A = DB_fetchArray($result);
if ($_SEC_VERBOSE) {
! COM_errorLog('Adding right ' . $A['ft_name'] . ' in SEC_getUserPermissions',1);
}
+ $retval .= $A['ft_name'] . ',';
}
!
return $retval;
}
More information about the geeklog-cvs
mailing list