336 lines
9.9 KiB
PHP
336 lines
9.9 KiB
PHP
<?php
|
|
// File name: chkpriv.inc.php
|
|
// Description: PHP subroutines to check the privileges
|
|
// Date: 2001-02-13
|
|
// Author: imacat <imacat@pristine.com.tw>
|
|
// Copyright: Copyright (C) 2001-2007 Pristine Communications
|
|
|
|
// Set the include path
|
|
if (!defined("INCPATH_SET")) {
|
|
require_once dirname(__FILE__) . "/incpath.inc.php";
|
|
}
|
|
// Referenced subroutines
|
|
require_once "monica/chkfunc.inc.php";
|
|
require_once "monica/login.inc.php";
|
|
require_once "monica/sql.inc.php";
|
|
require_once "monica/username.inc.php";
|
|
require_once "monica/usrconst.inc.php";
|
|
|
|
// Constant symbols
|
|
|
|
// is_admin: If the user is an administrator (by user sn)
|
|
function is_admin($user = null)
|
|
{
|
|
// Cache the result
|
|
static $cache = array();
|
|
// Default to the current logged-in user
|
|
if (is_null($user) || $user == get_login_sn()) {
|
|
return is_su() || in_array(ADMIN_GROUP, get_login_groups());
|
|
}
|
|
// Return the cache
|
|
if (array_key_exists($user, $cache)) {
|
|
return $cache[$user];
|
|
}
|
|
// Super user is always an administrator
|
|
if (is_su($user)) {
|
|
$cache[$user] = true;
|
|
return true;
|
|
}
|
|
// Obtain the groups
|
|
$groups = user_parent_groups($user);
|
|
$cache[$user] = in_array(ADMIN_GROUP, $groups);
|
|
return $cache[$user];
|
|
}
|
|
|
|
// is_group: If the user belongs to a group
|
|
function is_group($group)
|
|
{
|
|
return in_array($group, get_login_groups());
|
|
}
|
|
|
|
// is_su: If the user is a super user
|
|
function is_su($user = null)
|
|
{
|
|
// Cache the result
|
|
static $cache = array();
|
|
// Default to check the current user
|
|
if (is_null($user)) {
|
|
return in_array(SU_GROUP, get_login_groups());
|
|
}
|
|
// Return the cache
|
|
if (array_key_exists($user, $cache)) {
|
|
return $cache[$user];
|
|
}
|
|
// Obtain the groups
|
|
$groups = user_parent_groups($user);
|
|
$cache[$user] = in_array(SU_GROUP, $groups);
|
|
return $cache[$user];
|
|
}
|
|
|
|
// user_parent_groups: Return the full list of groups a user belongs to
|
|
function user_parent_groups($sn)
|
|
{
|
|
// Cache the result
|
|
static $cache = array();
|
|
// Bounce for null
|
|
if (is_null($sn)) {
|
|
return array();
|
|
}
|
|
// Return the cache
|
|
if (array_key_exists($sn, $cache)) {
|
|
return $cache[$sn];
|
|
}
|
|
// Check the validity of the user first
|
|
if ($sn != get_login_sn()) {
|
|
if (!check_sn_in($sn, "users")) {
|
|
$cache[$sn] = array();
|
|
return $cache[$sn];
|
|
}
|
|
}
|
|
// Find the direct parent groups
|
|
$select = "SELECT grp FROM usermem"
|
|
. " WHERE member=$sn"
|
|
. " ORDER BY grp;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
// Obtain the direct parent groups
|
|
for ($i = 0, $current = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$current[] = $row["grp"];
|
|
}
|
|
// ALLUSERS_GROUP is automatically added to all logged-in users
|
|
$allusers = groupsn(ALLUSERS_GROUP);
|
|
if (!is_null($allusers) && !in_array($allusers, $current)) {
|
|
$current[] = $allusers;
|
|
sort($current);
|
|
}
|
|
// Trace all their ancester groups
|
|
while (true) {
|
|
$conds = array();
|
|
for ($i = 0; $i < count($current); $i++) {
|
|
$conds[] = "member=" . $current[$i];
|
|
}
|
|
$select = "SELECT grp FROM groupmem"
|
|
. " WHERE " . implode(" OR ", $conds)
|
|
. " GROUP BY grp ORDER BY grp;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
for ($i = 0, $newfound = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$newfound[] = $row["grp"];
|
|
}
|
|
$newfound = array_diff($newfound, $current);
|
|
if (count($newfound) == 0) {
|
|
break;
|
|
}
|
|
$current = array_merge($current, $newfound);
|
|
}
|
|
// Find their ID
|
|
$conds = array();
|
|
for ($i = 0; $i < count($current); $i++) {
|
|
$conds[] = "sn=" . $current[$i];
|
|
}
|
|
$select = "SELECT id FROM groups"
|
|
. " WHERE " . implode(" OR ", $conds)
|
|
. " ORDER BY id;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
for ($i = 0, $items = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$items[] = $row["id"];
|
|
}
|
|
// Cache it
|
|
$cache[$sn] = $items;
|
|
return $items;
|
|
}
|
|
|
|
// group_parent_groups: Return the full list of groups a group belongs to
|
|
function group_parent_groups($sn)
|
|
{
|
|
// Cache the result
|
|
static $cache = array();
|
|
// Bounce for null
|
|
if (is_null($sn)) {
|
|
return array();
|
|
}
|
|
// Return the cache
|
|
if (array_key_exists($sn, $cache)) {
|
|
return $cache[$sn];
|
|
}
|
|
// Check the validity of the group first
|
|
if (!check_sn_in($sn, "groups")) {
|
|
$cache[$sn] = array();
|
|
return $cache[$sn];
|
|
}
|
|
$current = array($sn);
|
|
// Trace all their ancester groups
|
|
while (true) {
|
|
$conds = array();
|
|
for ($i = 0; $i < count($current); $i++) {
|
|
$conds[] = "member=" . $current[$i];
|
|
}
|
|
$select = "SELECT grp FROM groupmem"
|
|
. " WHERE " . implode(" OR ", $conds)
|
|
. " GROUP BY grp ORDER BY grp;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
for ($i = 0, $newfound = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$newfound[] = $row["grp"];
|
|
}
|
|
$newfound = array_values(array_unique(array_merge($current, $newfound)));
|
|
sort($newfound);
|
|
if ($newfound == $current) {
|
|
break;
|
|
}
|
|
$current = $newfound;
|
|
}
|
|
// Remove myself
|
|
$current = array_values(array_diff($current, array($sn)));
|
|
// Find their ID
|
|
$conds = array();
|
|
for ($i = 0; $i < count($current); $i++) {
|
|
$conds[] = "sn=" . $current[$i];
|
|
}
|
|
$select = "SELECT id FROM groups"
|
|
. " WHERE " . implode(" OR ", $conds)
|
|
. " ORDER BY id;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
for ($i = 0, $items = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$items[] = $row["id"];
|
|
}
|
|
// Cache it
|
|
$cache[$sn] = $items;
|
|
return $items;
|
|
}
|
|
|
|
// group_child_users: Return the full list of users in a group
|
|
function group_child_users($sn)
|
|
{
|
|
// Cache the result
|
|
static $cache = array();
|
|
// Bounce for null
|
|
if (is_null($sn)) {
|
|
return array();
|
|
}
|
|
// Return the cache
|
|
if (array_key_exists($sn, $cache)) {
|
|
return $cache[$sn];
|
|
}
|
|
$current = array($sn);
|
|
// Collect all their lower child groups
|
|
while (true) {
|
|
$conds = array();
|
|
for ($i = 0; $i < count($current); $i++) {
|
|
$conds[] = "grp=" . $current[$i];
|
|
}
|
|
$select = "SELECT member FROM groupmem"
|
|
. " WHERE " . implode(" OR ", $conds)
|
|
. " GROUP BY member ORDER BY member;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
for ($i = 0, $newfound = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$newfound[] = $row["member"];
|
|
}
|
|
$newfound = array_values(array_unique(array_merge($current, $newfound)));
|
|
sort($newfound);
|
|
if ($newfound == $current) {
|
|
break;
|
|
}
|
|
$current = $newfound;
|
|
}
|
|
// Find their member users
|
|
$conds = array();
|
|
for ($i = 0; $i < count($current); $i++) {
|
|
$conds[] = "grp=" . $current[$i];
|
|
}
|
|
$select = "SELECT member FROM usermem"
|
|
. " WHERE " . implode(" OR ", $conds)
|
|
. " GROUP BY member ORDER BY member;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
for ($i = 0, $current = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$current[] = $row["member"];
|
|
}
|
|
// Find their ID
|
|
$conds = array();
|
|
for ($i = 0; $i < count($current); $i++) {
|
|
$conds[] = "sn=" . $current[$i];
|
|
}
|
|
$select = "SELECT id FROM users"
|
|
. " WHERE " . implode(" OR ", $conds)
|
|
. " ORDER BY id;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
for ($i = 0, $items = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$items[] = $row["id"];
|
|
}
|
|
// Cache it
|
|
$cache[$sn] = $items;
|
|
return $items;
|
|
}
|
|
|
|
// group_child_groups: Return the full list of groups in a group
|
|
function group_child_groups($sn)
|
|
{
|
|
// Cache the result
|
|
static $cache = array();
|
|
// Bounce for null
|
|
if (is_null($sn)) {
|
|
return array();
|
|
}
|
|
// Return the cache
|
|
if (array_key_exists($sn, $cache)) {
|
|
return $cache[$sn];
|
|
}
|
|
$current = array($sn);
|
|
// Collect all their lower child groups
|
|
while (true) {
|
|
$conds = array();
|
|
for ($i = 0; $i < count($current); $i++) {
|
|
$conds[] = "grp=" . $current[$i];
|
|
}
|
|
$select = "SELECT member FROM groupmem"
|
|
. " WHERE " . implode(" OR ", $conds)
|
|
. " GROUP BY member ORDER BY member;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
for ($i = 0, $newfound = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$newfound[] = $row["member"];
|
|
}
|
|
$newfound = array_values(array_unique(array_merge($current, $newfound)));
|
|
sort($newfound);
|
|
if ($newfound == $current) {
|
|
break;
|
|
}
|
|
$current = $newfound;
|
|
}
|
|
// Remove myself
|
|
$current = array_values(array_diff($current, array($sn)));
|
|
// Find their ID
|
|
$conds = array();
|
|
for ($i = 0; $i < count($current); $i++) {
|
|
$conds[] = "sn=" . $current[$i];
|
|
}
|
|
$select = "SELECT id FROM groups"
|
|
. " WHERE " . implode(" OR ", $conds)
|
|
. " ORDER BY id;\n";
|
|
$result = sql_query($select);
|
|
$count = sql_num_rows($result);
|
|
for ($i = 0, $items = array(); $i < $count; $i++) {
|
|
$row = sql_fetch_assoc($result);
|
|
$items[] = $row["id"];
|
|
}
|
|
// Cache it
|
|
$cache[$sn] = $items;
|
|
return $items;
|
|
}
|
|
|
|
?>
|