Location: PHPKode > projects > Simple Way to Usenet > libs/core/auth/acl/acl_db.class.php
<?php
/**
 * 
 * @author  Benjamin Gillissen <hide@address.com>
 * 
 *	**************************************************************

	Copyright (C) 2009  Benjamin Gillissen
	
	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.
	
	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details at:
	http://www.gnu.org/copyleft/gpl.html

 *	**************************************************************
 */

/**
 * 
 * acces type(chk) :[a] userID
 * 					[b] group_member
 * 					[c] group_admin	
 * 					[d] other
 * 					[e] net mac
 * 					[f] net ip
 * 					[g] net netmask
 * 					[h] net domain name
 * 				
 * 
 */


class acl_db extends dbobject {
	
	private static $CHK = Array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h');
	private static $ACT = Array('List', 'Read', 'Add', 'Edit', 'Delete', 'Manage', 'Chmod', 'Upload', 'Overwrite', 'Post');
	
	private $realm;

	public function __construct($realm){
		$this->realm = $realm;
		unset($realm);
		$cnf = configs::get('realm', 'realm', Array($this->realm, 'CNFs', 'acl'));
		if ( FALSE === $cnf ){ errors::raise("Realm $this->realm : missing CNF 'acl' option", CORE_LOG_ALERT, 'REALM');return; }
		parent::__construct($cnf);
		$chks = configs::get('realm', 'realm', Array($this->realm, 'CNFs', 'aclchecks'));
		if ( FALSE === $chks ){
			errors::raise("Realm $this->realm : missing 'aclchecks' option, using all", CORE_LOG_WARNING, 'REALM');
			configs::set('realm', 'realm', self::$CHK, Array($this->realm, 'CNFs', 'aclchecks'));
		} elseif ( FALSE === is_array($chks) ){
			//no overwrite possible...die...
			errors::raise("Realm $this->realm : Invalid 'aclchecks' option, must be an array of chars, using all", CORE_LOG_ALERT, 'REALM');
		}
	}
	
	private function isvalid_checks($char){
		if ( FALSE === array_search($char, self::$CHK) ){ return FALSE; }
		$chks = configs::get('realm', 'realm', Array($this->realm, 'CNFs', 'aclchecks'));
		return ( FALSE !== array_search($char, $chks));
	}
	
	private function isvalid_actions($act){
		return ( FALSE !== array_search($act, self::$ACT) );
	}

	public function ispublic($obj, $action, $objid=NULL){
		$r = $this->getcount($obj, $action, $objid, '1', 'd', '');
		//echo 'RESULT FOR : '.$obj.' - '.$action.' - '.$objid.' - 1 - d - "" => '.$r.'<br>';
		return $r;
	}
	
	
	public function checks($obj, $action, $uid, $mbrship, $objid ){
		//echo "acl_checks => $obj::$action::$objid<br>\n";
		if ( $obj != 'objects' ){
			if ( FALSE === $this->get_acclevel('objects', $action, $uid, $mbrship, $obj) ){ return FALSE; }
		} elseif( $objid != 'objects' ){
			if ( FALSE === $this->get_acclevel('objects', $action, $uid, $mbrship, 'objects') ){ return FALSE; }
		}
		if ( FALSE !== ($acc = $this->get_acclevel($obj, $action, $uid, $mbrship, $objid)) ){
			//echo 'acc=>'.$acc.'<br>';
			return TRUE;
		}
		return FALSE;
	}
	
	public function get_acclevel($obj, $action, $uid, $mbrship, $objid){
		
		if ( $this->getcount($obj, $action, $objid, '1', 'a', $uid) ){ return 'a'; }
		foreach($mbrship as $lvl => $grps ){
			if ($lvl == 'member' ){ $acc = 'b'; } else { $acc = 'c'; }
			foreach($grps as $k => $grp){				
				if ( $this->getcount($obj, $action, $objid, '1', $acc, $grp) ){ return $acc; }
			}
		}
		if ( $this->getcount($obj, $action, $objid, '1', 'd', '') ){ return 'd'; }
		return FALSE;
	}
	
	
	private function getcount($obj, $action, $objid, $bool, $acc, $val){
		$arg=Array('obj'=>$obj,'action'=>$action, 'objid'=>$objid, 'bool'=>$bool, 'acc'=>$acc, 'val'=>$val);
		return $this->dbquery($arg, __FUNCTION__);
	}
	
	
	
	
	public function add($obj, $action, $objid, $bool, $acc, $val){
		$arg=Array('obj'=>$obj,'action'=>$action, 'objid'=>$objid, 'bool'=>$bool, 'acc'=>$acc, 'val'=>$val);
		return $this->dbquery($arg, __FUNCTION__);
	}

	public function delete($obj, $action, $objid, $bool, $acc, $val){
		$arg=Array('obj'=>$obj,'action'=>$action, 'objid'=>$objid, 'bool'=>$bool, 'acc'=>$acc, 'val'=>$val);
		return $this->dbquery($arg, __FUNCTION__);
	}
	
	public function del_byuid($uid){
		$arg=Array('id'=>$uid);
		return $this->dbquery($arg, __FUNCTION__);
	}
	
	public function del_bygid($gid){
		$arg=Array('id'=>$gid);
		return $this->dbquery($arg, __FUNCTION__);
	}
	
	public function del_byobjid($object, $objid){
		$arg=Array('objid'=>$objid, 'obj'=>$object);
		return $this->dbquery($arg, __FUNCTION__);
	}
	
	public function del_byobject($object){
		$arg=Array('obj'=>$object);
		return $this->dbquery($arg, __FUNCTION__);
	}
	
	public function list_rules($object, $objid){
		$arg=Array('objid'=>$objid, 'obj'=>$object);
		return $this->dbquery($arg, __FUNCTION__, 'aclid');
	}
	
	public function get_rule($aclid){
		$arg=Array('aclid'=>$aclid);
		return $this->dbquery($arg, __FUNCTION__);
	}
	
}
Return current item: Simple Way to Usenet