|
From: Joe S. <joe...@us...> - 2002-05-23 18:41:27
|
Update of /cvsroot/phpslash/phpslash-ft/class
In directory usw-pr-cvs1:/tmp/cvs-serv23839/phpslash-ft/class
Modified Files:
Author.class slashPerm.class slashAuthCR.class
Added Files:
Group.class
Log Message:
Permission Groups
--- NEW FILE: Group.class ---
<?php
/* $Id: Group.class,v 1.1 2002/05/23 18:41:24 joestewart Exp $ */
/**
* Provides an API to the PHPSlash Group Management.
*
* This object is how we do manage permission groups.
*
*/
class Group {
var $group_templ; /* the template object */
var $db; /* the db object */
var $perm; /* our local version of the perm object */
var $psl; /* our local version of the _PSL array */
var $message;
/**
* The Group Constructor
*
* sets up the local version of the global _PSL array, the templates
* and a few other things
* @access private
*/
function Group () {
global $perm, $_PSL, $amp;
$this->db = new slashDB;
$this->perm = $perm;
$this->psl = $_PSL;
/* Templates */
$this->group_templ = new Template($this->psl['templatedir']);
$this->group_templ->debug = 0;
$this->group_templ->set_file(array(
'listgroup' => "groupList.tpl",
'newgroup' => "groupNew.tpl"
));
$this->permission_templ = new Template($this->psl['templatedir']);
$this->permission_templ->debug = 0;
$this->permission_templ->set_file(array(
'listpermission' => "permissionList.tpl",
'newpermission' => "permissionNew.tpl"
));
}
/*
* METHODS
*/
/**
* listGroup - list all Groups
*
* displays the complete list of groups
* Used only by admin
* @access public
*/
function listGroup() {
$q = "SELECT *
FROM psl_group
ORDER BY group_name";
$this->db->query($q);
titlebar("100%","Change existing Groups");
$this->group_templ->set_block("listgroup","row","rows");
while ($this->db->next_record()) {
$group_id = $this->db->Record[group_id];
if ($this->perm->have_perm("groupAdmin")) {
$admin = "<A HREF=\"" . $this->psl['phpself'] . "?submit=edit" . $this->psl['amp'] . "group_id=$group_id\">[Edit]</A>";
$admin .= " <A HREF=\"" . $this->psl['phpself'] . "?submit=delete" . $this->psl['amp'] . "group_id=$group_id\">[Delete]</A>";
} else {
$admin = " <A HREF=\"" . $this->psl['phpself'] . "?submit=delete" . $this->psl['amp'] . "group_id=$group_id\">[Delete]</A>";
}
$this->group_templ->set_var(array(
'GROUP_NAME' => $this->db->Record['group_name'],
'GROUP_ID' => $group_id,
'GROUP_DESCRIPTION' => $this->db->Record['group_description'],
'ACTION_URL' => $this->psl['phpself'],
'ADMIN' => $admin
));
$this->group_templ->parse("rows","row",true);
};
$this->group_templ->parse('OUT',array("listgroup"));
$this->group_templ->p('OUT');
}
/**
* saveGroup - save the group info to the DB
*
* Saves the group in the $ary array to the DB
* Obligatory fields: group_name, image, width, height, alt_text
* Optional fields: group_id (only if this group is already in the DB),
* onlinkbar (if blank, defaults to 0)
* Returns true if sucessful (group added or updated), false on error
* Used only by admin
*
* @param array $ary
*
* @access public
*/
function saveGroup($ary) {
debug("Group.class::saveGroup::ary", $ary);
debug("Group.class::saveGroup::ary['group_id_ary']", $ary['group_id_ary']);
/* We don't test for group_id because no group_id means, that
this is a new group. */
if ($ary[group_name] == "") {
$this->message = "There is no group_name in Group.class::saveGroup";
return false;
}
if ($ary[description] == "") {
$this->message = "There is no description in Group.class::saveGroup";
return false;
}
$section_id_ary = $ary['section_id_ary'];
$perm_id_ary = $ary['perm_id_ary'];
$group_id_ary = $ary['group_id_ary'];
$ary = clean($ary);
/* if a record exists, then we update, else we insert a new group! */
$q = "SELECT group_id
FROM psl_group
WHERE group_id = '$ary[group_id]'";
$this->db->query($q);
if ($this->db->next_record()) {
$section_del = "DELETE FROM psl_group_section_lut
WHERE group_id='$ary[group_id]'";
// echo "<H3>SECTION_DEL: $section_del</H3>\n";
$this->db->query($section_del);
$permission_del = "DELETE FROM psl_group_permission_lut
WHERE group_id='$ary[group_id]'";
// echo "<H3>PERMISSION_DEL: $permission_del</H3>\n";
$this->db->query($permission_del);
$childgroup_del = "DELETE FROM psl_group_group_lut
WHERE group_id='$ary[group_id]'";
// echo "<H3>CHILDGROUP_DEL: $childgroup_del</H3>\n";
$this->db->query($childgroup_del);
$q = "UPDATE psl_group
SET group_name = '$ary[group_name]',
group_description = '$ary[description]'
WHERE group_id = '$ary[group_id]'";
$this->message = "Group information updated";
} else {
$ary[group_id] = generateID("psl_group_seq");
$q = "INSERT INTO psl_group
(group_id,
group_name,
group_description)
VALUES ('$ary[group_id]',
'$ary[group_name]',
'$ary[description]')";
$this->message = "Group information saved";
}
// $section_id_ary = $ary['section_id_ary'];
if(is_array($section_id_ary) ) {
while ( list( $key, $val ) = each( $section_id_ary ) ) {
$lut_id = generateID("psl_group_section_lut_seq");
$lut_insert = "INSERT INTO psl_group_section_lut
(lut_id,
section_id,
group_id)
VALUES ('$lut_id',
'$val',
'$ary[group_id]')";
# echo "<H3>LUT_INSERT: $lut_insert</H3>\n";
$this->db->query($lut_insert);
}
} else {
$this->message = "No section chosen.";
$status = false;
return $status;
}
// echo "<BR><B>QUERY: $q</B><BR>\n";
$this->db->query($q);
if(is_array($perm_id_ary) ) {
while ( list( $key, $val ) = each( $perm_id_ary ) ) {
$lut_id = generateID("psl_group_permission_lut_seq");
$lut_insert = "INSERT INTO psl_group_permission_lut
(lut_id,
permission_id,
group_id)
VALUES ('$lut_id',
'$val',
'$ary[group_id]')";
# echo "<H3>LUT_INSERT: $lut_insert</H3>\n";
$this->db->query($lut_insert);
}
} else {
// groups of groups need choose no perms.
// $this->message = "No permission chosen.";
// $status = false;
// return $status;
}
if(is_array($group_id_ary) ) {
while ( list( $key, $val ) = each( $group_id_ary ) ) {
$lut_id = generateID("psl_group_group_lut_seq");
$lut_insert = "INSERT INTO psl_group_group_lut
(lut_id,
group_id,
childgroup_id)
VALUES ('$lut_id',
'$ary[group_id]',
'$val')";
echo "<H3>LUT_INSERT: $lut_insert</H3>\n";
$this->db->query($lut_insert);
}
// } else {
// $this->message = "No childgroups chosen.";
// $status = false;
// return $status;
}
$status = true;
return $status;
}
/**
* deleteGroup - deletes the group info from the db
*
* Given the group_id, it deletes that from the group table. The
* psl_group_lut and psl_group_submission_lut table must be cleaned
* first by updating all the stories to point to different groups. It
* will also check and make sure there are NO stories/submissions
* associated with this group before deleting it. Returns true if
* group is deleted, false if not.
*
* @param integer group_id
*
* @access public
*/
function deleteGroup($group_id) {
$go_ahead = true; /* go ahead and assume this group should be smoked */
if (!$group_id) {
return false;
}
/* check for any stories that are associated with this group */
/*
$q = "SELECT psl_story.title,
psl_story.story_id
FROM psl_story,
psl_group_lut
WHERE psl_story.story_id = psl_group_lut.story_id
AND psl_group_lut.group_id = '$group_id'";
$this->db->query($q);
while ($this->db->next_record()) {
$go_ahead = false;
$title = $this->db->Record["title"];
$story_id = $this->db->Record["story_id"];
$group_name = $this->db->Record["group_name"];
echo "Sorry, ths story is assigned to this group:";
echo "<font color=\"red\">'$title'</font><br />\n";
}
*/
/* check for any submissions that are associated with this group */
/*
$q = "SELECT psl_submission.title,
psl_submission.story_id
FROM psl_submission,
psl_group_submission_lut
WHERE psl_submission.story_id = psl_group_submission_lut.story_id
AND psl_group_submission_lut.group_id = '$group_id'";
$this->db->query($q);
while ($this->db->next_record()) {
$go_ahead = false;
$title = $this->db->Record["title"];
$story_id = $this->db->Record["story_id"];
$group_name = $this->db->Record["group_name"];
echo "Sorry, this submission is assigned to this group:";
echo "<font color=\"red\">'$title'</font><br />\n";
}
*/
if (!$go_ahead) {
$this->message = "Group not deleted";
return false;
} else {
$q = "DELETE
FROM psl_group
WHERE group_id = '$group_id'";
$this->db->query($q);
$this->message = "Group deleted";
return true;
}
}
/**
* newGroup - spits out a blank or filled form for input
*
* Just prints out the "form" and points the user to the "save" method
* Used only by admin
*
* @param array ary
* @access public
*/
function newGroup($ary="") {
titlebar("100%","Add a new Group");
$this->group_templ->set_var(array(
'GROUP_ID' => "",
'GROUP_NAME' => "",
'GROUP_DESCRIPTION' => "",
'ACTION_URL' => $this->psl['phpself']
));
$this->group_templ->set_block("newgroup","section_row","section_rows");
$section = new Section;
$section_ary = $section->getSections();
$this->group_templ->set_var(array(
'SECTION_ID' => 0,
'SELECTED' => "selected=\"selected\"",
'SECTION_NAME' => pslgetText("All Sections")
));
$this->group_templ->parse("section_rows","section_row",true);
while ( list( $key, $val ) = each( $section_ary ) ) {
// $perms_needed = "newBlock && ".$this->db->Record[section_name];
// if( $this->perm->have_perm($perms_needed)) {
$this->group_templ->set_var(array(
'SECTION_ID' => $val['id'],
'SELECTED' => "",
'SECTION_NAME' => $val['name']
));
$this->group_templ->parse("section_rows","section_row",true);
$size++;
// }
}
if($size > 5) {
$size = 5;
}
$this->group_templ->set_block("newgroup","group_row","group_rows");
$groups_ary = $this->getGroups();
$size = 0;
while ( list( $key, $val ) = each( $groups_ary ) ) {
// $perms_needed = "newBlock && ".$this->db->Record[section_name];
// if( $this->perm->have_perm($perms_needed)) {
$this->group_templ->set_var(array(
'CHILDGROUP_ID' => $val['id'],
'SELECTED' => "",
'CHILDGROUP_NAME' => $val['name']
));
$this->group_templ->parse("group_rows","group_row",true);
$size++;
// }
}
if($size > 5) {
$size = 5;
}
$this->group_templ->set_block("newgroup","permission_row","permission_rows");
$perm_ary = $this->getPermissions();
$size = 0;
while ( list( $key, $val ) = each( $perm_ary ) ) {
// $perms_needed = "newBlock && ".$this->db->Record[section_name];
// if( $this->perm->have_perm($perms_needed)) {
// debug("val[id]", $val[id]);
// debug("val[name]", $val['name']);
$this->group_templ->set_var(array(
'PERMISSION_ID' => $val['id'],
'SELECTED' => "",
'PERMISSION_NAME' => $val[name]
));
$this->group_templ->parse("permission_rows","permission_row",true);
$size++;
// }
}
if($size > 5) {
$size = 5;
}
$this->group_templ->set_var("SIZE", $size);
$this->group_templ->set_var("SIZEPERMS", $size);
$this->group_templ->parse('OUT',array("newgroup"));
$this->group_templ->p('OUT');
}
/**
* editGroup - spits out a blank or filled form for input
*
* Just prints out the "form" and points the user to the "save" method
* Used only by admin
*
* @param array ary
* @access public
*/
function editGroup($ary="") {
titlebar("100%","Edit Group");
$q = "SELECT group_id,
group_name,
group_description
FROM psl_group
WHERE group_id = '$ary[group_id]'";
$this->db->query($q);
$this->db->next_record();
$this->group_templ->set_var(array(
'GROUP_ID' => $this->db->Record["group_id"],
'GROUP_NAME' => $this->db->Record["group_name"],
'GROUP_DESCRIPTION' => $this->db->Record["group_description"],
'ACTION_URL' => $this->psl['phpself']
));
$this->group_templ->set_block("newgroup","section_row","section_rows");
$section = new Section;
$section_ary = $section->getSections();
/*
* Get the section_id's for this group into an array
*/
$q = "SELECT section_id
FROM psl_group_section_lut
WHERE group_id = '$ary[group_id]' ";
// debug("q", $q);
$this->db->query($q);
$i = 0;
while ($this->db->next_record()) {
$group_section_ary[$i] = $this->db->Record['section_id'];
$i++;
}
/*
* Get the childgroup_id's for this group into an array
*/
$q = "SELECT childgroup_id
FROM psl_group_group_lut
WHERE group_id = '$ary[group_id]' ";
// debug("q", $q);
$this->db->query($q);
$i = 0;
while ($this->db->next_record()) {
$group_group_ary[$i] = $this->db->Record['childgroup_id'];
$i++;
}
/*
* Get the permission_id's for this group into an array
*/
$q = "SELECT permission_id
FROM psl_group_permission_lut
WHERE group_id = '$ary[group_id]' ";
// debug("q", $q);
$this->db->query($q);
$i = 0;
while ($this->db->next_record()) {
$group_permission_ary[$i] = $this->db->Record['permission_id'];
$i++;
}
$this->group_templ->set_var(array(
'SECTION_ID' => 0,
'SELECTED' => "",
'SECTION_NAME' => pslgetText("All Sections")
));
$this->group_templ->set_var('SELECTED',"");
for ($i = 0 ; $i < count($group_section_ary) ; $i++) {
if ($group_section_ary[$i] == 0) {
$this->group_templ->set_var('SELECTED',"selected=\"selected\"");
}
}
$this->group_templ->parse("section_rows","section_row",true);
while ( list( $key, $val ) = each( $section_ary ) ) {
// $perms_needed = "newBlock && ".$this->db->Record[section_name];
// if( $this->perm->have_perm($perms_needed)) {
$this->group_templ->set_var(array(
'SECTION_ID' => $val['id'],
'SELECTED' => "",
'SECTION_NAME' => $val['name']
));
$this->group_templ->set_var('SELECTED',"");
for ($i = 0 ; $i < count($group_section_ary) ; $i++) {
if ($group_section_ary[$i] == $val['id']) {
$this->group_templ->set_var('SELECTED',"selected=\"selected\"");
}
}
$this->group_templ->parse("section_rows","section_row",true);
$size++;
// }
}
if($size > 5) {
$size = 5;
}
$this->group_templ->set_block("newgroup","group_row","group_rows");
$groups_ary = $this->getGroups();
$size = 0;
while ( list( $key, $val ) = each( $groups_ary ) ) {
// $perms_needed = "newBlock && ".$this->db->Record[section_name];
// if( $this->perm->have_perm($perms_needed)) {
$this->group_templ->set_var(array(
'CHILDGROUP_ID' => $val['id'],
'SELECTED' => "",
'CHILDGROUP_NAME' => $val['name']
));
$this->group_templ->set_var('SELECTED',"");
for ($i = 0 ; $i < count($group_group_ary) ; $i++) {
// debug("val['id']", $val['id']);
// debug("group_group_ary[$i]", $group_group_ary[$i]);
if ($group_group_ary[$i] == $val['id']) {
// debug("good", "deal");
$this->group_templ->set_var('SELECTED',"selected=\"selected\"");
}
}
// no circular references
if( $val['id'] != $ary[group_id]) {
$this->group_templ->parse("group_rows","group_row",true);
}
$size++;
// }
}
if($size > 5) {
$size = 5;
}
$this->group_templ->set_block("newgroup","permission_row","permission_rows");
$perm_ary = $this->getPermissions();
$size = 0;
while ( list( $key, $val ) = each( $perm_ary ) ) {
// $perms_needed = "newBlock && ".$this->db->Record[section_name];
// if( $this->perm->have_perm($perms_needed)) {
// debug("val[id]", $val[id]);
// debug("val[name]", $val['name']);
$this->group_templ->set_var(array(
'PERMISSION_ID' => $val['id'],
'SELECTED' => "",
'PERMISSION_NAME' => $val[name]
));
$this->group_templ->set_var('SELECTED',"");
for ($i = 0 ; $i < count($group_permission_ary) ; $i++) {
// debug("val['id']", $val['id']);
// debug("group_permission_ary[$i]", $group_permission_ary[$i]);
if ($group_permission_ary[$i] == $val['id']) {
// debug("good", "deal");
$this->group_templ->set_var('SELECTED',"selected=\"selected\"");
}
}
$this->group_templ->parse("permission_rows","permission_row",true);
$size++;
// }
}
if($size > 5) {
$size = 5;
}
$this->group_templ->set_var("SIZE", $size);
$this->group_templ->set_var("SIZEPERMS", $size);
$this->group_templ->parse('OUT',array("newgroup"));
$this->group_templ->p('OUT');
}
/**
* getName - return name assign to id
*
* when given a group id, getName returns the name
*
* @param integer id
* @access public
* return author_name
*/
function getName($id) {
if (!$id) {
return false;
} else {
$q = "SELECT group_name
FROM psl_group
WHERE group_id = '$id'";
$this->db->query($q);
$this->db->next_record();
return $this->db->f("group_name");
};
}
/**
* getId - return id assign to name
*
* when given a name, getId returns the id
*
* @param string name
* @access public
* return group_id
*/
function getId($name) {
if (!$name) {
return false;
} else {
$q = "SELECT group_id
FROM psl_group
WHERE group_name = '$name'";
$this->db->query($q);
$this->db->next_record();
return $this->db->f("group_id");
};
}
/**
* getGroups - returns array with group ids and names
*
*
* @access public
* return group_array(id, name)
*/
function getGroups() {
$q = "SELECT group_id, group_name
FROM psl_group
ORDER BY group_name";
$this->db->query($q);
while ($this->db->next_record()) {
$group_array[] = array(
"id" => $this->db->f("group_id"),
"name" => $this->db->f("group_name")
);
}
return $group_array;
}
/**
* getMessage - returns text in this->message
*
*
* @access public
* return this->message
*/
function getMessage() {
return $this->message;
}
/**
* listPermission - list all Permissions
*
* displays the complete list of permissions
* Used only by admin
* @access public
*/
function listPermission() {
$q = "SELECT *
FROM psl_permission
ORDER BY permission_name";
$this->db->query($q);
titlebar("100%","Change existing Permissions");
$this->permission_templ->set_block("listpermission","row","rows");
while ($this->db->next_record()) {
$permission_id = $this->db->Record[permission_id];
if ($this->perm->have_perm("permissionAdmin")) {
$admin = "<A HREF=\"" . $this->psl['phpself'] . "?submit=editperm" . $this->psl['amp'] . "permission_id=$permission_id\">[Edit]</A>";
$admin .= " <A HREF=\"" . $this->psl['phpself'] . "?submit=deleteperm" . $this->psl['amp'] . "permission_id=$permission_id\">[Delete]</A>";
} else {
$admin = " <A HREF=\"" . $this->psl['phpself'] . "?submit=deleteperm" . $this->psl['amp'] . "permission_id=$permission_id\">[Delete]</A>";
}
$this->permission_templ->set_var(array(
'PERMISSION_NAME' => $this->db->Record['permission_name'],
'PERMISSION_ID' => $permission_id,
'PERMISSION_DESCRIPTION' => $this->db->Record['permission_description'],
'ACTION_URL' => $this->psl['phpself'],
'ADMIN' => $admin
));
$this->permission_templ->parse("rows","row",true);
};
$this->permission_templ->parse('OUT',array("listpermission"));
$this->permission_templ->p('OUT');
}
/**
* savePermission - save the permission info to the DB
*
* Saves the permission in the $ary array to the DB
* Obligatory fields: permission_name, image, width, height, alt_text
* Optional fields: permission_id (only if this permission is already in the DB),
* onlinkbar (if blank, defaults to 0)
* Returns true if sucessful (permission added or updated), false on error
* Used only by admin
*
* @param array $ary
*
* @access public
*/
function savePermission($ary) {
// debug("Permission.class::savePermission::ary", $ary);
/* We don't test for permission_id because no permission_id means, that
this is a new permission. */
if ($ary[permission_name] == "") {
$this->message = "There is no permission_name in Permission.class::savePermission";
return false;
}
if ($ary[description] == "") {
$this->message = "There is no description in Permission.class::savePermission";
return false;
}
$ary = clean($ary);
/* if a record exists, then we update, else we insert a new permission! */
$q = "SELECT permission_id
FROM psl_permission
WHERE permission_id = '$ary[permission_id]'";
$this->db->query($q);
if ($this->db->next_record()) {
$q = "UPDATE psl_permission
SET permission_name = '$ary[permission_name]',
permission_description = '$ary[description]'
WHERE permission_id = '$ary[permission_id]'";
$this->message = "Permission information updated";
} else {
$ary[permission_id] = generateID("psl_permission_seq");
$q = "INSERT INTO psl_permission
(permission_id,
permission_name,
permission_description)
VALUES ('$ary[permission_id]',
'$ary[permission_name]',
'$ary[description]')";
$this->message = "Permission information saved";
}
// echo "<BR><B>QUERY: $q</B><BR>\n";
$this->db->query($q);
return true;
}
/**
* deletePermission - deletes the permission info from the db
*
* Given the permission_id, it deletes that from the permission table. The
* psl_permission_lut and psl_permission_submission_lut table must be cleaned
* first by updating all the stories to point to different permissions. It
* will also check and make sure there are NO stories/submissions
* associated with this permission before deleting it. Returns true if
* permission is deleted, false if not.
*
* @param integer permission_id
*
* @access public
*/
function deletePermission($permission_id) {
$go_ahead = true; /* go ahead and assume this permission should be smoked */
if (!$permission_id) {
return false;
}
/* check for any stories that are associated with this permission */
/*
$q = "SELECT psl_story.title,
psl_story.story_id
FROM psl_story,
psl_permission_lut
WHERE psl_story.story_id = psl_permission_lut.story_id
AND psl_permission_lut.permission_id = '$permission_id'";
$this->db->query($q);
while ($this->db->next_record()) {
$go_ahead = false;
$title = $this->db->Record["title"];
$story_id = $this->db->Record["story_id"];
$permission_name = $this->db->Record["permission_name"];
echo "Sorry, ths story is assigned to this permission:";
echo "<font color=\"red\">'$title'</font><br />\n";
}
*/
/* check for any submissions that are associated with this permission */
/*
$q = "SELECT psl_submission.title,
psl_submission.story_id
FROM psl_submission,
psl_permission_submission_lut
WHERE psl_submission.story_id = psl_permission_submission_lut.story_id
AND psl_permission_submission_lut.permission_id = '$permission_id'";
$this->db->query($q);
while ($this->db->next_record()) {
$go_ahead = false;
$title = $this->db->Record["title"];
$story_id = $this->db->Record["story_id"];
$permission_name = $this->db->Record["permission_name"];
echo "Sorry, this submission is assigned to this permission:";
echo "<font color=\"red\">'$title'</font><br />\n";
}
*/
if (!$go_ahead) {
$this->message = "Permission not deleted";
return false;
} else {
$q = "DELETE
FROM psl_permission
WHERE permission_id = '$permission_id'";
$this->db->query($q);
$this->message = "Permission deleted";
return true;
}
}
/**
* editPermission - spits out a blank or filled form for input
*
* Just prints out the "form" and points the user to the "save" method
* Used only by admin
*
* @param array ary
* @access public
*/
function editPermission($ary="") {
if($ary["permission_id"] == "") {
titlebar("100%","Add a new Permission");
$this->permission_templ->set_var(array(
'PERMISSION_ID' => "",
'PERMISSION_NAME' => "",
'PERMISSION_DESCRIPTION' => "",
'ACTION_URL' => $this->psl['phpself']
));
} else {
titlebar("100%","Edit Permission");
$q = "SELECT permission_id,
permission_name,
permission_description
FROM psl_permission
WHERE permission_id = '$ary[permission_id]'";
$this->db->query($q);
$this->db->next_record();
$this->permission_templ->set_var(array(
'PERMISSION_ID' => $this->db->Record["permission_id"],
'PERMISSION_NAME' => $this->db->Record["permission_name"],
'PERMISSION_DESCRIPTION' => $this->db->Record["permission_description"],
'ACTION_URL' => $this->psl['phpself']
));
}
$this->permission_templ->parse('OUT',array("newpermission"));
$this->permission_templ->p('OUT');
}
/**
* getName - return name assign to id
*
* when given a permission id, getName returns the name
*
* @param integer id
* @access public
* return author_name
*/
function getName($id) {
if (!$id) {
return false;
} else {
$q = "SELECT permission_name
FROM psl_permission
WHERE permission_id = '$id'";
$this->db->query($q);
$this->db->next_record();
return $this->db->f("permission_name");
};
}
/**
* getId - return id assign to name
*
* when given a name, getId returns the id
*
* @param string name
* @access public
* return permission_id
*/
function getId($name) {
if (!$name) {
return false;
} else {
$q = "SELECT permission_id
FROM psl_permission
WHERE permission_name = '$name'";
$this->db->query($q);
$this->db->next_record();
return $this->db->f("permission_id");
};
}
/**
* getPermissions - returns array with permission ids and names
*
*
* @access public
* return permission_array(id, name)
*/
function getPermissions() {
$q = "SELECT permission_id, permission_name
FROM psl_permission
ORDER BY permission_name";
$this->db->query($q);
while ($this->db->next_record()) {
$permission_array[] = array(
"id" => $this->db->f("permission_id"),
"name" => $this->db->f("permission_name")
);
}
return $permission_array;
}
} /* end of Group.class */
?>
Index: Author.class
===================================================================
RCS file: /cvsroot/phpslash/phpslash-ft/class/Author.class,v
retrieving revision 1.19
retrieving revision 1.20
diff -C2 -d -r1.19 -r1.20
*** Author.class 20 May 2002 19:54:17 -0000 1.19
--- Author.class 23 May 2002 18:41:24 -0000 1.20
***************
*** 133,137 ****
WHERE author_id = '".$ary['author_id']."'");
! $joined_perms = join(',',$ary['permission']);
if ($this->db->next_record()) {
if ($ary['password'] == "") {
--- 133,138 ----
WHERE author_id = '".$ary['author_id']."'");
! // $joined_perms = join(',',$ary['permission']);
! $joined_perms = '';
if ($this->db->next_record()) {
if ($ary['password'] == "") {
***************
*** 196,199 ****
--- 197,219 ----
$this->message = "Author Created";
}
+
+ if(is_array($ary['permission']) ) {
+ while ( list( $key, $val ) = each( $ary['permission'] ) ) {
+ $lut_id = generateID("psl_author_group_lut_seq");
+ $lut_insert = "INSERT INTO psl_author_group_lut
+ (lut_id,
+ author_id,
+ group_id)
+ VALUES ('$lut_id',
+ '$ary[author_id]',
+ '$val')";
+ # echo "<H3>LUT_INSERT: $lut_insert</H3>\n";
+ $this->db->query($lut_insert);
+ }
+ } else {
+ $this->message = "No permissions chosen.";
+ $status = false;
+ return $status;
+ }
# echo "<BR><PRE><B>QUERY: $q</B></PRE><BR>\n";
***************
*** 338,346 ****
$allperms_ary = $this->perm->getPerms();
! for( $i=0; $i < count($allperms_ary); $i++) {
! $this->author_templ->set_var( PERM, $allperms_ary[$i]);
$this->author_templ->parse("perm_rows","perm_row",true);
}
!
$this->author_templ->set_var(array(
'ACTION_URL' => $this->psl['phpself'],
--- 358,373 ----
$allperms_ary = $this->perm->getPerms();
! while(list($k, $v) = each($allperms_ary)) {
! if(is_array($v)) {
! $this->author_templ->set_var( PERM_VALUE, $v);
! $this->author_templ->set_var( GROUP, "*");
! } else {
! $this->author_templ->set_var( PERM_VALUE, $v);
! $this->author_templ->set_var( GROUP, "");
! }
! $this->author_templ->set_var( PERM, $k);
$this->author_templ->parse("perm_rows","perm_row",true);
}
!
$this->author_templ->set_var(array(
'ACTION_URL' => $this->psl['phpself'],
***************
*** 399,417 ****
$author_id = $this->db->Record['author_id'];
! $author_perms = $this->db->Record['perms'];
$this->author_templ->set_block("newauthor","perm_row","perm_rows");
$this->author_templ->set_block("newauthor","permhave_row","permhave_rows");
!
! $allperms_ary = $this->perm->getPerms();
! while(list($k, $v) = each($allperms_ary)) {
! $this->author_templ->set_var( PERM, $v);
! if ($this->perm->perm_islisted($author_perms,$v)) {
! $this->author_templ->parse("perm_rows","permhave_row",true);
! } else {
! $this->author_templ->parse("perm_rows","perm_row",true);
! }
! }
!
! $this->author_templ->set_var(array(
'ACTION_URL' => $this->psl['phpself'],
'AUTHOR_ID' => $author_id,
--- 426,434 ----
$author_id = $this->db->Record['author_id'];
! // $author_perms = $this->db->Record['perms'];
$this->author_templ->set_block("newauthor","perm_row","perm_rows");
$this->author_templ->set_block("newauthor","permhave_row","permhave_rows");
!
! $this->author_templ->set_var(array(
'ACTION_URL' => $this->psl['phpself'],
'AUTHOR_ID' => $author_id,
***************
*** 426,430 ****
'AMP' => $this->psl['amp']
));
! };
$this->author_templ->parse('OUT',$template);
--- 443,481 ----
'AMP' => $this->psl['amp']
));
!
! $allperms_ary = $this->perm->getPerms();
! /*
! * Get the author_perms's for this author into an array
! */
! $q = "SELECT psl_group.group_id,
! psl_group.group_name
! FROM psl_group, psl_author_group_lut
! WHERE psl_group.group_id = psl_author_group_lut.group_id
! AND psl_author_group_lut.author_id = '$author_id' ";
! // debug("q", $q);
! $this->db->query($q);
! // $i = 0;
!
! while ($this->db->next_record()) {
! $author_perms[$this->db->Record['group_name']] = $this->db->Record['group_id'];
! // $i++;
! }
!
! while(list($k, $v) = each($allperms_ary)) {
! if(is_array($v)) {
! $this->author_templ->set_var( PERM_VALUE, $v);
! $this->author_templ->set_var( GROUP, "*");
! } else {
! $this->author_templ->set_var( PERM_VALUE, $v);
! $this->author_templ->set_var( GROUP, "");
! }
! $this->author_templ->set_var( PERM, $k);
! if ($this->perm->perm_islisted($author_perms,$k)) {
! $this->author_templ->parse("perm_rows","permhave_row",true);
! } else {
! $this->author_templ->parse("perm_rows","perm_row",true);
! }
! }
! }
$this->author_templ->parse('OUT',$template);
Index: slashPerm.class
===================================================================
RCS file: /cvsroot/phpslash/phpslash-ft/class/slashPerm.class,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** slashPerm.class 3 Feb 2002 02:49:40 -0000 1.4
--- slashPerm.class 23 May 2002 18:41:24 -0000 1.5
***************
*** 13,17 ****
var $classname = "slashPerm";
var $permissions;
!
/**
*
--- 13,18 ----
var $classname = "slashPerm";
var $permissions;
! var $auth;
!
/**
*
***************
*** 22,29 ****
function slashPerm() {
! global $_PSL;
$this->permissions = $_PSL['perm_array'];
!
}
--- 23,30 ----
function slashPerm() {
! global $_PSL, $auth;
$this->permissions = $_PSL['perm_array'];
! $this->auth = $auth;
}
***************
*** 38,45 ****
*
*/
! function perm_sel($name, $current = "", $class = "") {
reset($this->permissions);
! $ret = sprintf("<select size=5 multiple name=\"%s[]\"%s>\n",
$name,
($class!="")?" class=$class":"");
--- 39,46 ----
*
*/
! function perm_sel($name, $current = "", $class = "", $size=5) {
reset($this->permissions);
! $ret = sprintf("<select size=$size multiple name=\"%s[]\"%s>\n",
$name,
($class!="")?" class=$class":"");
***************
*** 60,68 ****
*/
function getPerms() {
reset($this->permissions);
! while(list($k, $v) = each($this->permissions)) {
! $ret[] .= $k;
}
- return $ret;
}
--- 61,160 ----
*/
function getPerms() {
+ if(is_array($this->permissions)) {
+ reset($this->permissions);
+ }
+ // if(!count($this->permissions) > 0) {
+ $this->permissions = pslgetAllPerms();
+ // }
+ return $this->permissions;
+ }
+
+ /**
+ * getPerm just returns the value stored in the perm array
+ *
+ */
+ function getPerm($k) {
reset($this->permissions);
! return $this->permissions[$k];
! }
!
! function have_perm($p, $ary='') {
!
! // this->auth creates a copy that stays in memory.
! global $auth;
!
! if (! isset($auth->auth['perm']) ) {
! $auth->auth['perm'] = "";
! }
! if( !is_array($ary)) {
! $ary = $auth->auth['perm'];
! }
! // boolean OR
! $po_ary = split( "\|{2}", $p);
! $j = 0;
! while( $j < count($po_ary)) {
! // boolean AND
! $p_ary = split( ",|&{2}", $po_ary[0]);
! $i = 0;
! $status = true;
! $max = count($p_ary);
! while( $i < $max) {
! if( is_array($ary)) {
! reset($ary);
! }
! $k = trim($p_ary[$i]);
! if( !$ary[$k]) {
! $status = false;
! $i = $max;
! }
! $i++;
! }
! if(!empty($status)) {
! return true;
! } elseif(is_array($ary)) {
! while(list($k, $v) = each($ary)) {
! if(is_array($ary[$k])) {
! if($this->have_perm($p, $v)) {
! return true;
! }
! }
! }
! }
! $j++;
! }
! return false;
! }
! /*
! function have_perm($p, $ary='') {
! if (! isset($this->auth->auth['perm']) ) {
! $this->auth->auth['perm'] = "";
! }
! if( !is_array($ary)) {
! $ary = $this->auth->auth['perm'];
! }
! if(!empty($ary[$p])) {
! return true;
! } elseif(is_array($ary)) {
! while(list($k, $v) = each($ary)) {
! if(is_array($ary[$k])) {
! if($this->have_perm($p, $v)) {
! return true;
! }
! }
! }
! // debug("false1" , $p);
! return false;
! } else {
! // debug("false2" , $p);
! return false;
! }
! }
! */
! function perm_islisted($perms_ary, $look_for) {
! if (isset($perms_ary[$look_for]) ) {
! return true;
! } else {
! return false;
}
}
Index: slashAuthCR.class
===================================================================
RCS file: /cvsroot/phpslash/phpslash-ft/class/slashAuthCR.class,v
retrieving revision 1.10
retrieving revision 1.11
diff -C2 -d -r1.10 -r1.11
*** slashAuthCR.class 21 May 2002 15:02:04 -0000 1.10
--- slashAuthCR.class 23 May 2002 18:41:24 -0000 1.11
***************
*** 194,198 ****
return false;
} else {
! $this->auth["perm"] = $this->db->Record["perms"];
if(isset($setcookie)){
$cookie_challenge = md5($this->magic .":". $this->psl['basedir']);
--- 194,284 ----
return false;
} else {
! // may need to get legacy records
! // $this->auth["perm"] = $this->db->Record["perms"];
! /*
! * Get the group perms's for this author into an array
! */
! $q = "SELECT psl_permission.permission_name,
! psl_group.group_name,
! psl_group.group_id
! FROM psl_group,
! psl_author_group_lut,
! psl_group_permission_lut,
! psl_permission
! WHERE psl_group.group_id = psl_author_group_lut.group_id
! AND psl_group.group_id = psl_group_permission_lut.group_id
! AND psl_group_permission_lut.permission_id = psl_permission.permission_id
! AND psl_author_group_lut.author_id = '$uid' ";
! // debug("q", $q);
! $this->db->query($q);
!
! while ($this->db->next_record()) {
! $group_id = $this->db->Record[group_id];
! $this->auth["perm"][$this->db->Record['group_name']][$this->db->Record['permission_name']] = true;
! $q = "SELECT section_id
! FROM psl_group_section_lut
! WHERE group_id = '$group_id' ";
! $db2 = new slashDB;
! // debug("q", $q);
! $db2->query($q);
! while ($db2->next_record()) {
! $this->auth["perm"][$this->db->Record['group_name']][$db2->Record['section_id']] = true;
! }
!
!
! }
!
! /*
! * Get the group->group perm's for this author into an array
! */
!
! // first get all the group names in an array
! $q = "SELECT group_name,
! group_id
! FROM psl_group ";
! // debug("q", $q);
! $this->db->query($q);
!
! while ($this->db->next_record()) {
! $groups_ary[$this->db->Record['group_id']] = $this->db->Record['group_name'];
! }
!
! $q = "SELECT psl_group_group_lut.group_id,
! psl_group_group_lut.childgroup_id
! FROM psl_author_group_lut,
! psl_group_group_lut
! WHERE psl_group_group_lut.group_id = psl_author_group_lut.group_id
! AND psl_author_group_lut.author_id = '$uid' ";
! // debug("q", $q);
! $this->db->query($q);
!
! while ($this->db->next_record()) {
! $group_id = $this->db->Record['group_id'];
! $childgroup_id = $this->db->Record['childgroup_id'];
!
! $group_name = $groups_ary[$group_id];
! $childgroup_name = $groups_ary[$childgroup_id];
!
! if( is_array($this->auth['perm'][$childgroup_name])) {
! $this->auth['perm'][$group_name][$childgroup_name] = $this->auth['perm'][$childgroup_name];
! } else {
! // query to get group perms
! $q = "SELECT psl_permission.permission_name
! FROM psl_group_permission_lut,
! psl_permission
! WHERE psl_group_permission_lut.permission_id = psl_permission.permission_id
! AND psl_group_permission_lut.group_id = '$childgroup_id' ";
! // debug("q", $q);
! $db2 = new slashDB;
! $db2->query($q);
!
! while ($db2->next_record()) {
! $this->auth['perm'][$group_name][$childgroup_name][$db2->Record['permission_name']] = true;
! }
!
! }
!
! }
!
if(isset($setcookie)){
$cookie_challenge = md5($this->magic .":". $this->psl['basedir']);
|
