mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-11 10:05:19 +02:00
Code Issues Releases Wiki Activity

ok, slap me once..... but hard. (all acl entries got removed while setting permissions... you want users having more than one permisions, don't you?)

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@5576 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2006-02-23 21:06:15 +00:00
parent ac011448ab
commit c941b1863a
2 changed files with 106 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
phpBB/includes/acp/acp_permissions.php
View File

@ -743,23 +743,7 @@ class acp_permissions
trigger_error($user->lang['NO_ADMIN'] . adm_back_link($this->u_action)); trigger_error($user->lang['NO_ADMIN'] . adm_back_link($this->u_action));
} }
// Remove permission type $auth_admin->acl_delete($ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : false), $permission_type);
$sql = 'SELECT auth_option_id
FROM ' . ACL_OPTIONS_TABLE . "
WHERE auth_option LIKE '{$permission_type}%'";
$result = $db->sql_query($sql);
$option_id_ary = array();
while ($row = $db->sql_fetchrow($result))
{
$option_id_ary[] = $row['auth_option_id'];
}
$db->sql_freeresult($result);
if (sizeof($option_id_ary))
{
$auth_admin->acl_delete($ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : false), $option_id_ary);
}
// Do we need to recache the moderator lists? // Do we need to recache the moderator lists?
if ($permission_type == 'm_') if ($permission_type == 'm_')

121
phpBB/includes/acp/auth.php
View File

@ -646,7 +646,7 @@ class auth_admin extends auth
/** /**
* Set a user or group ACL record * Set a user or group ACL record
*/ */
function acl_set($ug_type, &$forum_id, &$ug_id, &$auth, $role_id = 0) function acl_set($ug_type, &$forum_id, &$ug_id, &$auth, $role_id = 0, $clear_prefetch = true)
{ {
global $db; global $db;
@ -683,10 +683,30 @@ class auth_admin extends auth
$table = ($ug_type == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; $table = ($ug_type == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE;
$id_field = $ug_type . '_id'; $id_field = $ug_type . '_id';
// Get any flags as required
list(, $flag) = each(array_keys($auth));
$flag = substr($flag, 0, strpos($flag, '_') + 1);
// This ID (the any-flag) is only set if roles are assigned - this makes it very easy to determine the correct roles
$any_option_id = (int) $this->option_ids[$flag];
// Remove any-flag from auth ary
if (isset($auth[$flag]))
{
unset($auth[$flag]);
}
// Remove current auth options... // Remove current auth options...
$auth_option_ids = array();
foreach ($auth as $auth_option => $auth_setting)
{
$auth_option_ids[] = (int) $this->option_ids[$auth_option];
}
$sql = "DELETE FROM $table $sql = "DELETE FROM $table
WHERE forum_id $forum_sql WHERE forum_id $forum_sql
AND $id_field $ug_id_sql"; AND $id_field $ug_id_sql
AND auth_option_id IN ($any_option_id, " . implode(', ', $auth_option_ids) . ')';
$db->sql_query($sql); $db->sql_query($sql);
$sql_ary = array(); $sql_ary = array();
@ -701,7 +721,7 @@ class auth_admin extends auth
$sql_ary[] = array( $sql_ary[] = array(
$id_field => (int) $id, $id_field => (int) $id,
'forum_id' => (int) $forum, 'forum_id' => (int) $forum,
'auth_option_id' => 0, 'auth_option_id' => $any_option_id,
'auth_setting' => 0, 'auth_setting' => 0,
'auth_role_id' => $role_id 'auth_role_id' => $role_id
); );
@ -748,7 +768,10 @@ class auth_admin extends auth
} }
} }
$this->acl_clear_prefetch(); if ($clear_prefetch)
{
$this->acl_clear_prefetch();
}
} }
/** /**
@ -813,39 +836,105 @@ class auth_admin extends auth
/** /**
* Remove local permission * Remove local permission
* @todo take roles into consideration (if one auth option is being removed and placed within a role we need to re-build the acl entries)
*/ */
function acl_delete($mode, $ug_id = false, $forum_id = false, $auth_id = false) function acl_delete($mode, $ug_id = false, $forum_id = false, $permission_type = false)
{ {
global $db; global $db;
if ($ug_id === false && $forum_id === false && $auth_ids === false) if ($ug_id === false && $forum_id === false)
{ {
return; return;
} }
$option_id_ary = array();
$table = ($mode == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; $table = ($mode == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE;
$id_field = $mode . '_id'; $id_field = $mode . '_id';
$sql = array(); $where_sql = array();
if ($auth_id !== false)
{
$sql[] = (!is_array($auth_id)) ? 'auth_option_id = ' . (int) $auth_id : 'auth_option_id IN (' . implode(', ', array_map('intval', $auth_id)) . ')';
}
if ($forum_id !== false) if ($forum_id !== false)
{ {
$sql[] = (!is_array($forum_id)) ? 'forum_id = ' . (int) $forum_id : 'forum_id IN (' . implode(', ', array_map('intval', $forum_id)) . ')'; $where_sql[] = (!is_array($forum_id)) ? 'forum_id = ' . (int) $forum_id : 'forum_id IN (' . implode(', ', array_map('intval', $forum_id)) . ')';
} }
if ($ug_id !== false) if ($ug_id !== false)
{ {
$sql[] = (!is_array($ug_id)) ? $id_field . ' = ' . (int) $ug_id : $id_field . ' IN (' . implode(', ', array_map('intval', $ug_id)) . ')'; $where_sql[] = (!is_array($ug_id)) ? $id_field . ' = ' . (int) $ug_id : $id_field . ' IN (' . implode(', ', array_map('intval', $ug_id)) . ')';
}
// There seem to be auth options involved, therefore we need to go through the list and make sure we capture roles correctly
if ($permission_type !== false)
{
// Get permission type
$sql = 'SELECT auth_option, auth_option_id
FROM ' . ACL_OPTIONS_TABLE . "
WHERE auth_option LIKE '" . $db->sql_escape($permission_type) . "%'";
$result = $db->sql_query($sql);
$auth_id_ary = array();
while ($row = $db->sql_fetchrow($result))
{
$option_id_ary[] = $row['auth_option_id'];
$auth_id_ary[$row['auth_option']] = ACL_UNSET;
}
$db->sql_freeresult($result);
// First of all, lets grab the items having roles with the specified auth options assigned
$sql = "SELECT auth_role_id, $id_field, forum_id
FROM $table
WHERE auth_role_id <> 0
AND auth_option_id = {$auth_id_ary[$permission_type]}
AND " . implode(' AND ', $where_sql) . '
ORDER BY auth_role_id';
$result = $db->sql_query($sql);
$cur_role_auth = array();
while ($row = $db->sql_fetchrow($result))
{
$cur_role_auth[$row['auth_role_id']][$row['forum_id']][] = $row[$id_field];
}
$db->sql_freeresult($result);
// Get role data for resetting data
if (sizeof($cur_role_auth))
{
$sql = 'SELECT ao.auth_option, rd.role_id, rd.auth_setting
FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_ROLES_DATA_TABLE . ' rd
WHERE ao.auth_option_id = rd.auth_option_id
AND rd.role_id IN (' . implode(', ', array_keys($cur_role_auth)) . ')';
$result = $db->sql_query($sql);
$auth_settings = array();
while ($row = $db->sql_fetchrow($result))
{
// We need to fill all auth_options, else setting it will fail...
if (!isset($auth_settings[$row['role_id']]))
{
$auth_settings[$row['role_id']] = $auth_id_ary;
}
$auth_settings[$row['role_id']][$row['auth_option']] = $row['auth_setting'];
}
$db->sql_freeresult($result);
// Set the options
foreach ($cur_role_auth as $role_id => $auth_row)
{
foreach ($auth_row as $f_id => $ug_row)
{
$this->acl_set($mode, $f_id, $ug_row, $auth_settings[$role_id], 0, false);
}
}
}
}
// Now, normally remove permissions...
if ($permission_type !== false)
{
$where_sql[] = 'auth_option_id IN (' . implode(', ', array_map('intval', $option_id_ary)) . ')';
} }
$sql = "DELETE FROM $table $sql = "DELETE FROM $table
WHERE " . implode(' AND ', $sql); WHERE " . implode(' AND ', $where_sql);
$db->sql_query($sql); $db->sql_query($sql);
$this->acl_clear_prefetch(); $this->acl_clear_prefetch();