mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-12 11:44:08 +02:00
Code Issues Releases Wiki Activity

- permission trace correctly uses language variables now

Browse Source 
- updated documentation for the auth class
- use cache for "SELECT forum_name FROM phpbb_forums WHERE forum_id = X" queries everywhere and not only in functions_display
- updated the permission trace to include information about global settings overwriting local ones
- take global permissions into account for local permission results on the view permission pages for users
- only allow to change the post author with m_chgposter


git-svn-id: file:///svn/phpbb/trunk@6009 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann
2006-06-04 16:30:58 +00:00
parent f3499d1251
commit 5c181bc528
9 changed files with 197 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
phpBB/includes/acp/acp_permissions.php
View File

@@ -913,21 +913,44 @@ class acp_permissions
{
global $db, $template, $user, $auth;
$sql = 'SELECT user_id, username, user_type
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($user_id != $user->data['user_id'])
{
$sql = 'SELECT user_id, user_permissions, user_type
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
$userdata = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
else
{
$userdata = $user->data;
}
if (!$user_row)
if (!$userdata)
{
trigger_error('NO_USERS');
}
$forum_name = false;
if ($forum_id)
{
$sql = 'SELECT forum_name
FROM ' . FORUMS_TABLE . "
WHERE forum_id = $forum_id";
$result = $db->sql_query($sql, 3600);
$forum_name = $db->sql_fetchfield('forum_name', false, $result);
$db->sql_freeresult($result);
}
$back = request_var('back', 0);
$template->assign_vars(array(
'PERMISSION' => $user->lang['acl_' . $permission]['lang'],
'PERMISSION_USERNAME' => $user_row['username'])
'PERMISSION_USERNAME' => $userdata['username'],
'FORUM_NAME' => $forum_name,
'U_BACK' => ($back) ? build_url(array('f', 'back')) . "&f=$back" : '')
);
$template->assign_block_vars('trace', array(
@@ -1023,19 +1046,56 @@ class acp_permissions
}
$template->assign_block_vars('trace', array(
'WHO' => $user_row['username'],
'WHO' => $userdata['username'],
'INFORMATION' => $information,
'S_SETTING_UNSET' => ($auth_setting == ACL_UNSET) ? true : false,
'S_SETTING_YES' => ($auth_setting == ACL_YES) ? true : false,
'S_SETTING_NO' => ($auth_setting == ACL_NO) ? true : false,
'S_TOTAL_UNSET' => ($total == ACL_UNSET) ? true : false,
'S_TOTAL_UNSET' => false,
'S_TOTAL_YES' => ($total == ACL_YES) ? true : false,
'S_TOTAL_NO' => ($total == ACL_NO) ? true : false)
);
// global permission might overwrite local permission
if (($forum_id != 0) && isset($auth->acl_options['global'][$permission]))
{
if ($user_id != $user->data['user_id'])
{
$auth2 = new auth();
$auth2->acl($userdata);
$auth_setting = $auth2->acl_get($permission);
}
else
{
$auth_setting = $auth->acl_get($permission);
}
if ($auth_setting)
{
$information = ($total == ACL_YES) ? $user->lang['TRACE_USER_GLOBAL_YES_TOTAL_YES'] : $user->lang['TRACE_USER_GLOBAL_YES_TOTAL_NO'];
$total = ACL_YES;
}
else
{
$information = $user->lang['TRACE_USER_GLOBAL_NO_TOTAL_KEPT'];
}
$template->assign_block_vars('trace', array(
'WHO' => sprintf($user->lang['TRACE_GLOBAL_SETTING'], $userdata['username']),
'INFORMATION' => sprintf($information, '<a href="' . $this->u_action . "&amp;u=$user_id&amp;f=0&amp;auth=$permission&amp;back=$forum_id\">", '</a>'),
'S_SETTING_UNSET' => false,
'S_SETTING_YES' => $auth_setting,
'S_SETTING_NO' => !$auth_setting,
'S_TOTAL_UNSET' => false,
'S_TOTAL_YES' => ($total == ACL_YES) ? true : false,
'S_TOTAL_NO' => ($total == ACL_NO) ? true : false)
);
}
// Take founder status into account, overwriting the default values
if ($user_row['user_type'] == USER_FOUNDER && strpos($permission, 'a_') === 0)
if ($userdata['user_type'] == USER_FOUNDER && strpos($permission, 'a_') === 0)
{
$template->assign_block_vars('trace', array(
'WHO' => $user_row['username'],

2
phpBB/includes/acp/acp_users.php
View File

@@ -546,7 +546,7 @@ class acp_users
$sql = 'SELECT forum_name
FROM ' . FORUMS_TABLE . "
WHERE forum_id = $new_forum_id";
$result = $db->sql_query($sql);
$result = $db->sql_query($sql, 3600);
$forum_info = $db->sql_fetchrow($result);
$db->sql_freeresult($result);

62
phpBB/includes/acp/auth.php
View File

@@ -85,9 +85,10 @@ class auth_admin extends auth
*/
function get_mask($mode, $user_id = false, $group_id = false, $forum_id = false, $auth_option = false, $scope = false, $acl_fill = ACL_NO)
{
global $db;
global $db, $user;
$hold_ary = array();
$view_user_mask = ($mode == 'view' && $group_id === false) ? true : false;
if ($auth_option === false || $scope === false)
{
@@ -96,19 +97,61 @@ class auth_admin extends auth
$acl_user_function = ($mode == 'set') ? 'acl_user_raw_data' : 'acl_raw_data';
if ($forum_id !== false)
if (!$view_user_mask)
{
$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', $forum_id) : $this->$acl_user_function($user_id, $auth_option . '%', $forum_id);
}
else
{
$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
if ($forum_id !== false)
{
$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', $forum_id) : $this->$acl_user_function($user_id, $auth_option . '%', $forum_id);
}
else
{
$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
}
}
// Make sure hold_ary is filled with every setting (prevents missing forums/users/groups)
$ug_id = ($group_id !== false) ? ((!is_array($group_id)) ? array($group_id) : $group_id) : ((!is_array($user_id)) ? array($user_id) : $user_id);
$forum_ids = ($forum_id !== false) ? ((!is_array($forum_id)) ? array($forum_id) : $forum_id) : (($scope == 'global') ? array(0) : array());
// Only those options we need
$compare_options = array_diff(preg_replace('/^((?!' . $auth_option . ').+)|(' . $auth_option . ')$/', '', array_keys($this->acl_options[$scope])), array(''));
if ($view_user_mask)
{
$auth2 = null;
$sql = 'SELECT user_id, user_permissions, user_type
FROM ' . USERS_TABLE . '
WHERE user_id IN (' . implode(',', $ug_id) . ')';
$result = $db->sql_query($sql);
while ($userdata = $db->sql_fetchrow($result))
{
if ($user->data['user_id'] != $user_id)
{
$auth2 = new auth();
$auth2->acl($userdata);
}
else
{
global $auth;
$auth2 = &$auth;
}
$hold_ary[$userdata['user_id']] = array();
foreach ($forum_ids as $f_id)
{
$hold_ary[$userdata['user_id']][$f_id] = array();
foreach ($compare_options as $option)
{
$hold_ary[$userdata['user_id']][$f_id][$option] = $auth2->acl_get($option, $f_id);
}
}
}
$db->sql_freeresult($result);
unset($userdata);
unset($auth2);
}
// If forum_ids is false and the scope is local we actually want to have all forums within the array
if ($scope == 'local' && !sizeof($forum_ids))
{
@@ -141,9 +184,6 @@ class auth_admin extends auth
// Now, we need to fill the gaps with $acl_fill. ;)
// Only those options we need
$compare_options = array_diff(preg_replace('/^((?!' . $auth_option . ').+)|(' . $auth_option . ')$/', '', array_keys($this->acl_options[$scope])), array(''));
// Now switch back to keys
if (sizeof($compare_options))
{
@@ -422,7 +462,7 @@ class auth_admin extends auth
$title = ($role_description) ? ' title="' . $role_description . '"' : '';
$s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_row['role_name'] . '</option>';
}
if ($s_role_options)
{
$s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . '>' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options;