From: Ulf E. <ulf...@us...> - 2005-10-31 21:34:44
|
Update of /cvsroot/phpbt/phpbt/inc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1698/inc Modified Files: auth.php functions.php Log Message: Adding a role-based permission system Index: auth.php =================================================================== RCS file: /cvsroot/phpbt/phpbt/inc/auth.php,v retrieving revision 1.25 retrieving revision 1.26 diff -u -r1.25 -r1.26 --- auth.php 2 Oct 2005 20:45:21 -0000 1.25 +++ auth.php 31 Oct 2005 21:34:35 -0000 1.26 @@ -61,6 +61,17 @@ function auth_validatelogin() { global $db, $select, $emailpass, $emailsuccess, $uid; + $role = array(); + $roles = $db->getAll("select group_id, group_name from ".TBL_AUTH_GROUP." ag where ag.is_role=1"); + + foreach ($roles as $r) { + $role[$r['group_name']] = $r['group_id']; + } + + $_SESSION['group'] = array(); + $_SESSION['group_ids'] = array(0); + $_SESSION['perms'] = array(); + extract($_POST); if (!$username) return 0; $_SESSION['uname'] = $username; @@ -79,11 +90,18 @@ $_SESSION['group_ids'][] = $groupid; $_SESSION['group'][$groupname] = true; } + $_SESSION['group_ids'][] = $role['User']; + $_SESSION['group']['User'] = true; + $perms = $db->getCol("select perm_name from ".TBL_AUTH_PERM." ap, ".TBL_GROUP_PERM." gp where group_id in (".@join(',', $_SESSION['group_ids']).") and gp.perm_id = ap.perm_id"); foreach ($perms as $perm) { $_SESSION['perms'][$perm] = true; } $_SESSION['uid'] = $u['user_id']; + $projs = $db->getCol("select project_id from ".TBL_PROJECT_PERM." where user_id = ".$_SESSION['uid']); + foreach ($projs as $proj) { + $_SESSION['projs'][$proj] = true; + } return $u['user_id']; } @@ -97,6 +115,9 @@ $_SESSION['group'] = array(); $_SESSION['group_ids'] = array(0); $_SESSION['db_fields'] = array(); + $_SESSION['queryinfo'] = array(); + $_SESSION = array(); + } } @@ -134,14 +155,14 @@ } if ($project_id == -1) { - if ( $db->getCol('SELECT user_id FROM '.TBL_PROJECT_PERM.' WHERE user_id = '.$_SESSION['uid']) ) { + if (isset($_SESSION['projs']) ) { return true; } else { return false; } } - if ( $db->getCol('SELECT user_id FROM '.TBL_PROJECT_PERM.' WHERE user_id = '.$_SESSION['uid']." AND project_id = $project_id") ) { + if (isset($_SESSION['projs'][$project_id]) ) { return true; } else { return false; @@ -161,12 +182,14 @@ if (is_array($reqs)) { foreach ($reqs as $req) { - if (!@isset($_SESSION[$auth_var][$req])) { + if (!@isset($_SESSION[$auth_var][$req]) && + ($auth_var!='perms' || !@isset($this->permissions[$req]))) { return false; } } } else { - if (!@isset($_SESSION[$auth_var][$reqs])) { + if (!@isset($_SESSION[$auth_var][$reqs]) && + ($auth_var!='perms' || !@isset($this->permissions[$reqs]))) { return false; } } @@ -201,6 +224,18 @@ exit(); } } + + function add_role($arole) { + global $db; + + $perms = $db->getCol("select perm_name from ".TBL_AUTH_PERM." ap, ".TBL_GROUP_PERM." gp, ".TBL_AUTH_GROUP." ag where ag.group_name='$arole' and ag.group_id=gp.group_id and gp.perm_id = ap.perm_id"); + if ($perms && !DB::isError($perms)) { + foreach ($perms as $p) { + $this->permissions[$p] = true; + } + } + } + } ?> Index: functions.php =================================================================== RCS file: /cvsroot/phpbt/phpbt/inc/functions.php,v retrieving revision 1.70 retrieving revision 1.71 diff -u -r1.70 -r1.71 --- functions.php 18 Oct 2005 18:43:15 -0000 1.70 +++ functions.php 31 Oct 2005 21:34:35 -0000 1.71 @@ -74,11 +74,11 @@ $querystart = "select {$box}_id, {$box}_name from $cfgDatabase[$box]"; $querymid = ' where sort_order > 0 order by sort_order'; $queries = array( - 'group' => $querystart.' order by group_name', + 'group' => $querystart.' where is_role = 0 order by group_name', 'severity' => $querystart.$querymid, 'priority' => $querystart.$querymid, 'site' => $querystart.$querymid, - 'status' => (!$limit || $perm->have_perm('CloseBug', $project) + 'status' => (!$limit || ($perm->have_perm('CloseBug', $project) or $perm->have_perm('ManageBug', $project)) ? $querystart.$querymid : $querystart." where sort_order > 0 and (bug_open = 1 or status_id = ".(!empty($selected)?$selected:0).") order by sort_order"), 'resolution' => $querystart.$querymid, |