1 | <?php
|
---|
2 |
|
---|
3 | include_once(dirname(__FILE__).'/Model.php');
|
---|
4 |
|
---|
5 | class Permission extends Model
|
---|
6 | {
|
---|
7 | var $BuildCache = true;
|
---|
8 |
|
---|
9 | function Check($Module, $Action, $Item = '')
|
---|
10 | {
|
---|
11 | if($this->BuildCache)
|
---|
12 | {
|
---|
13 | $this->RebuildCache();
|
---|
14 | $this->BuildCache = false;
|
---|
15 | }
|
---|
16 | $Result = false;
|
---|
17 | if($Item != '') $ItemFilter = ' AND (Item='.$Item.')';
|
---|
18 | else $ItemFilter = ' AND (Item IS NULL)';
|
---|
19 |
|
---|
20 | // Check global access
|
---|
21 | $DbResult = $this->Database->query('SELECT * FROM `PermissionAssignment` WHERE `ModuleAction`=(SELECT `Id` FROM `ModuleAction` WHERE (`Module` IS NULL) AND (`Name` IS NULL))');
|
---|
22 | if($DbResult->num_rows > 0)
|
---|
23 | {
|
---|
24 | $DbRow = $DbResult->fetch_assoc();
|
---|
25 | $DbResult = $this->Database->query('SELECT * FROM `PermissionAssignmentCache` WHERE (`Group`='.$DbRow['Group'].') AND (`User`='.
|
---|
26 | $this->System->Modules['User']->Data['Id'].')');
|
---|
27 | $Result = $DbResult->num_rows > 0;
|
---|
28 | if($Result) return(true);
|
---|
29 | }
|
---|
30 |
|
---|
31 | // Check module-action-item access
|
---|
32 | $DbResult = $this->Database->query('SELECT * FROM `PermissionAssignment` WHERE `ModuleAction`=(SELECT `Id` FROM `ModuleAction` WHERE (`Module`=(SELECT `Id` FROM `Module` WHERE `Name` = "'.$Module.'")) AND (`Name`="'.$Action.'"))'.$ItemFilter);
|
---|
33 | while($DbRow = $DbResult->fetch_assoc())
|
---|
34 | {
|
---|
35 | $DbResult2 = $this->Database->query('SELECT * FROM `PermissionAssignmentCache` WHERE (`Group`='.$DbRow['Group'].') AND (`User`='.
|
---|
36 | $this->System->Modules['User']->Data['Id'].')');
|
---|
37 | if($DbResult2->num_rows > 0) return(true);
|
---|
38 | }
|
---|
39 | return($Result);
|
---|
40 | }
|
---|
41 |
|
---|
42 | function AppendFilter($Module, $Action, $Table, $Key)
|
---|
43 | {
|
---|
44 | if($this->Check($Module, 'Show')) return('');
|
---|
45 | else return(' JOIN PermissionAssignment ON (PermissionAssignment.Item='.$Table.'.'.$Key.
|
---|
46 | ') AND (PermissionAssignment.ModuleAction=(SELECT `Id` FROM `ModuleAction` WHERE (`Module`=(SELECT `Id` FROM `Module` WHERE `Name` = "'.$Module.'")) AND (`Name`="'.$Action.'"))) JOIN PermissionAssignmentCache ON PermissionAssignmentCache.Group=PermissionAssignment.Group AND PermissionAssignmentCache.User='.
|
---|
47 | $this->System->Modules['User']->Data['Id']);
|
---|
48 | }
|
---|
49 |
|
---|
50 | function RebuildCache()
|
---|
51 | {
|
---|
52 | $this->Database->query('TRUNCATE `PermissionAssignmentCache`');
|
---|
53 | $DbResult = $this->Database->query('SELECT * FROM `PermissionAssignment` WHERE (`User` > 0) AND (`SubGroup` > 0)');
|
---|
54 | while($UserAssignment = $DbResult->fetch_assoc())
|
---|
55 | {
|
---|
56 | $Cache = array($UserAssignment['SubGroup']);
|
---|
57 | $Cache = array_merge($Cache, $this->RebuildCacheGroup($UserAssignment['SubGroup']));
|
---|
58 | foreach($Cache as $Item)
|
---|
59 | {
|
---|
60 | $this->Database->insert('PermissionAssignmentCache', array('Group' => $Item, 'User' => $UserAssignment['User']));
|
---|
61 | }
|
---|
62 | }
|
---|
63 | }
|
---|
64 |
|
---|
65 | function RebuildCacheGroup($Id)
|
---|
66 | {
|
---|
67 | $Cache = array();
|
---|
68 | $DbResult = $this->Database->query('SELECT * FROM `PermissionAssignment` WHERE (`Group` = '.$Id.') AND (`SubGroup` > 0)');
|
---|
69 | while($DbRow = $DbResult->fetch_assoc())
|
---|
70 | {
|
---|
71 | $Cache[] = $DbRow['SubGroup'];
|
---|
72 | $Cache = array_merge($Cache, $this->RebuildCacheGroup($DbRow['SubGroup']));
|
---|
73 | }
|
---|
74 | return($Cache);
|
---|
75 | }
|
---|
76 | }
|
---|
77 |
|
---|
78 | ?>
|
---|