Location: PHPKode > projects > ConPortal > conportal/inc/perms/db.php
<?php
/*
 *  ConPortal - Pomona College ITS scheduling appplication
 *  Copyright (C) 2005-2006  Pomona College
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of version 2 of the GNU General Public License
 *  as published by the Free Software Foundation.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */

/*  Functions in this file:
 *     checkPerm
 *     createPermission
 *     getGroupsForPermission
 *     getPermissionByName
 *     getPermissionDetails
 *     getPermissions
 *     getPermissionsForGroup
 *     grantPermissionToGroup
 *     revokePermissionFromGroup
 *     removePermission
 */

/*
 * $userArray is the array returned by getUserDetails(), or $_SESSION (to check the logged-in user)
 */
function checkPerm ($userArray, $permName)
{
    if (!isset($permName) || !$permName |
		!isset($userArray) || !$userArray || !isset($userArray['pid']))
        return false;

    // First, make sure the permission is valid by converting name => pid
    $perm = getPermissionByName($permName);
    if (!$perm)
        return false;

    // Get the groups that 'have' this permission and we'll check them against
    // the groups that the user is in
    $valid_groups = getGroupsForPermission($perm['pid']);

    // Now, get the groups for the user
    $groups = getGroupsForUser($userArray['pid']);
    $groups[] = $userArray['primary_group'];

    foreach($groups as $g)
        if (in_array($g, $valid_groups))
            return true;

    return false;
}

function createPermission ($name, $desc)
{
    safeQuery("insert into permissions set name = '%s', description = '%s'",
    	mysql_real_escape_string(strtolower($name)),
		mysql_real_escape_string($desc));
    return mysql_insert_id();
}

function getGroupsForPermission ($perm)
{
    $result = safeQuery("select groups.pid from group_perm, groups " .
		"where groups.pid = group_perm.group and " .
		 "group_perm.permission = %d", $perm);
    $array = array();
    while ($row = mysql_fetch_row($result))
        $array[] = $row[0];
    return $array;
}

function getPermissionByName ($name)
{
    $result = safeQuery("select * from permissions where name = '%s'",
		mysql_real_escape_string($name));
    return mysql_fetch_assoc($result);
}

function getPermissionDetails ($pid)
{
    $result = safeQuery("select * from permissions where pid = %d", $pid);
    return mysql_fetch_assoc($result);
}

/* List of PIDs of all permissions
 */
function getPermissions ()
{
    $result = safeQuery("select pid from permissions");
    $array = array();
    while ($row = mysql_fetch_assoc($result))
        $array[] = $row['pid'];
    return $array;
}

function getPermissionsForGroup ($group)
{
    $result = safeQuery("select permissions.pid from group_perm, permissions " .
    	"where permissions.pid = group_perm.permission and " .
		"group_perm.group = %d", $group);
    $array = array();
    while ($row = mysql_fetch_row($result))
        $array[] = $row[0];
    return $array;
}

function grantPermissionToGroup ($permPid, $groupPid)
{
	// Ensure that a duplicate row doesn't already exist
	$result = safeQuery("select * from group_perm where permission = %d and `group` = %d", $permPid, $groupPid);
	if (mysql_num_rows($result) == 0)
		safeQuery("insert into group_perm set permission = %d, `group` = %d", $permPid, $groupPid);
}

function revokePermissionFromGroup ($permPid, $groupPid)
{
    safeQuery("delete from group_perm where permission = %d and `group` = %d", $permPid, $groupPid);
}

// Delete all references to the permission
// (so, look at the permissions and group_perm tables)
function removePermission ($pid)
{
    safeQuery("delete from group_perm where permission = %d", $pid);
	safeQuery("delete from permissions where pid = %d", $pid);
}

?>
Return current item: ConPortal