From 5c181bc5289c54322d61dcc008e539f7c32e882b Mon Sep 17 00:00:00 2001 From: Nils Adermann Date: Sun, 4 Jun 2006 16:30:58 +0000 Subject: - permission trace correctly uses language variables now - updated documentation for the auth class - use cache for "SELECT forum_name FROM phpbb_forums WHERE forum_id = X" queries everywhere and not only in functions_display - updated the permission trace to include information about global settings overwriting local ones - take global permissions into account for local permission results on the view permission pages for users - only allow to change the post author with m_chgposter git-svn-id: file:///svn/phpbb/trunk@6009 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/acm/acm_file.php | 6 +-- phpBB/includes/acp/acp_permissions.php | 82 +++++++++++++++++++++++++++++----- phpBB/includes/acp/acp_users.php | 2 +- phpBB/includes/acp/auth.php | 62 ++++++++++++++++++++----- phpBB/includes/functions_admin.php | 2 +- phpBB/includes/mcp/mcp_post.php | 6 +-- 6 files changed, 130 insertions(+), 30 deletions(-) (limited to 'phpBB/includes') diff --git a/phpBB/includes/acm/acm_file.php b/phpBB/includes/acm/acm_file.php index 69b89a4e2d..c5c5420c70 100644 --- a/phpBB/includes/acm/acm_file.php +++ b/phpBB/includes/acm/acm_file.php @@ -86,7 +86,7 @@ class acm include($this->cache_dir . $entry); if ($expired) { - unlink($this->cache_dir . $entry); + @unlink($this->cache_dir . $entry); } } @closedir($dir); @@ -174,7 +174,7 @@ class acm if (preg_match('#/\*.*?\W' . $regex . '\W.*?\*/#s', $file, $m)) { - unlink($this->cache_dir . $entry); + @unlink($this->cache_dir . $entry); } } @closedir($dir); @@ -271,7 +271,7 @@ class acm } else if ($expired) { - unlink($this->cache_dir . 'sql_' . md5($query) . ".$phpEx"); + @unlink($this->cache_dir . 'sql_' . md5($query) . ".$phpEx"); return false; } diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index e2b30a8db4..8aa17017cc 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -913,21 +913,44 @@ class acp_permissions { global $db, $template, $user, $auth; - $sql = 'SELECT user_id, username, user_type - FROM ' . USERS_TABLE . ' - WHERE user_id = ' . $user_id; - $result = $db->sql_query($sql); - $user_row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + if ($user_id != $user->data['user_id']) + { + $sql = 'SELECT user_id, user_permissions, user_type + FROM ' . USERS_TABLE . ' + WHERE user_id = ' . $user_id; + $result = $db->sql_query($sql); + $userdata = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + } + else + { + $userdata = $user->data; + } - if (!$user_row) + if (!$userdata) { trigger_error('NO_USERS'); } + $forum_name = false; + + if ($forum_id) + { + $sql = 'SELECT forum_name + FROM ' . FORUMS_TABLE . " + WHERE forum_id = $forum_id"; + $result = $db->sql_query($sql, 3600); + $forum_name = $db->sql_fetchfield('forum_name', false, $result); + $db->sql_freeresult($result); + } + + $back = request_var('back', 0); + $template->assign_vars(array( 'PERMISSION' => $user->lang['acl_' . $permission]['lang'], - 'PERMISSION_USERNAME' => $user_row['username']) + 'PERMISSION_USERNAME' => $userdata['username'], + 'FORUM_NAME' => $forum_name, + 'U_BACK' => ($back) ? build_url(array('f', 'back')) . "&f=$back" : '') ); $template->assign_block_vars('trace', array( @@ -1023,19 +1046,56 @@ class acp_permissions } $template->assign_block_vars('trace', array( - 'WHO' => $user_row['username'], + 'WHO' => $userdata['username'], 'INFORMATION' => $information, 'S_SETTING_UNSET' => ($auth_setting == ACL_UNSET) ? true : false, 'S_SETTING_YES' => ($auth_setting == ACL_YES) ? true : false, 'S_SETTING_NO' => ($auth_setting == ACL_NO) ? true : false, - 'S_TOTAL_UNSET' => ($total == ACL_UNSET) ? true : false, + 'S_TOTAL_UNSET' => false, 'S_TOTAL_YES' => ($total == ACL_YES) ? true : false, 'S_TOTAL_NO' => ($total == ACL_NO) ? true : false) ); + // global permission might overwrite local permission + if (($forum_id != 0) && isset($auth->acl_options['global'][$permission])) + { + if ($user_id != $user->data['user_id']) + { + $auth2 = new auth(); + $auth2->acl($userdata); + $auth_setting = $auth2->acl_get($permission); + } + else + { + $auth_setting = $auth->acl_get($permission); + } + + if ($auth_setting) + { + $information = ($total == ACL_YES) ? $user->lang['TRACE_USER_GLOBAL_YES_TOTAL_YES'] : $user->lang['TRACE_USER_GLOBAL_YES_TOTAL_NO']; + $total = ACL_YES; + } + else + { + $information = $user->lang['TRACE_USER_GLOBAL_NO_TOTAL_KEPT']; + } + + $template->assign_block_vars('trace', array( + 'WHO' => sprintf($user->lang['TRACE_GLOBAL_SETTING'], $userdata['username']), + 'INFORMATION' => sprintf($information, '", ''), + + 'S_SETTING_UNSET' => false, + 'S_SETTING_YES' => $auth_setting, + 'S_SETTING_NO' => !$auth_setting, + 'S_TOTAL_UNSET' => false, + 'S_TOTAL_YES' => ($total == ACL_YES) ? true : false, + 'S_TOTAL_NO' => ($total == ACL_NO) ? true : false) + ); + } + // Take founder status into account, overwriting the default values - if ($user_row['user_type'] == USER_FOUNDER && strpos($permission, 'a_') === 0) + if ($userdata['user_type'] == USER_FOUNDER && strpos($permission, 'a_') === 0) { $template->assign_block_vars('trace', array( 'WHO' => $user_row['username'], diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 1a079b8e0d..071996d192 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -546,7 +546,7 @@ class acp_users $sql = 'SELECT forum_name FROM ' . FORUMS_TABLE . " WHERE forum_id = $new_forum_id"; - $result = $db->sql_query($sql); + $result = $db->sql_query($sql, 3600); $forum_info = $db->sql_fetchrow($result); $db->sql_freeresult($result); diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index 1bfde0887c..7007c05104 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -85,9 +85,10 @@ class auth_admin extends auth */ function get_mask($mode, $user_id = false, $group_id = false, $forum_id = false, $auth_option = false, $scope = false, $acl_fill = ACL_NO) { - global $db; + global $db, $user; $hold_ary = array(); + $view_user_mask = ($mode == 'view' && $group_id === false) ? true : false; if ($auth_option === false || $scope === false) { @@ -96,19 +97,61 @@ class auth_admin extends auth $acl_user_function = ($mode == 'set') ? 'acl_user_raw_data' : 'acl_raw_data'; - if ($forum_id !== false) - { - $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', $forum_id) : $this->$acl_user_function($user_id, $auth_option . '%', $forum_id); - } - else + if (!$view_user_mask) { - $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false); + if ($forum_id !== false) + { + $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', $forum_id) : $this->$acl_user_function($user_id, $auth_option . '%', $forum_id); + } + else + { + $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false); + } } // Make sure hold_ary is filled with every setting (prevents missing forums/users/groups) $ug_id = ($group_id !== false) ? ((!is_array($group_id)) ? array($group_id) : $group_id) : ((!is_array($user_id)) ? array($user_id) : $user_id); $forum_ids = ($forum_id !== false) ? ((!is_array($forum_id)) ? array($forum_id) : $forum_id) : (($scope == 'global') ? array(0) : array()); + // Only those options we need + $compare_options = array_diff(preg_replace('/^((?!' . $auth_option . ').+)|(' . $auth_option . ')$/', '', array_keys($this->acl_options[$scope])), array('')); + + if ($view_user_mask) + { + $auth2 = null; + + $sql = 'SELECT user_id, user_permissions, user_type + FROM ' . USERS_TABLE . ' + WHERE user_id IN (' . implode(',', $ug_id) . ')'; + $result = $db->sql_query($sql); + while ($userdata = $db->sql_fetchrow($result)) + { + if ($user->data['user_id'] != $user_id) + { + $auth2 = new auth(); + $auth2->acl($userdata); + } + else + { + global $auth; + $auth2 = &$auth; + } + + $hold_ary[$userdata['user_id']] = array(); + foreach ($forum_ids as $f_id) + { + $hold_ary[$userdata['user_id']][$f_id] = array(); + foreach ($compare_options as $option) + { + $hold_ary[$userdata['user_id']][$f_id][$option] = $auth2->acl_get($option, $f_id); + } + } + } + $db->sql_freeresult($result); + unset($userdata); + unset($auth2); + } + // If forum_ids is false and the scope is local we actually want to have all forums within the array if ($scope == 'local' && !sizeof($forum_ids)) { @@ -141,9 +184,6 @@ class auth_admin extends auth // Now, we need to fill the gaps with $acl_fill. ;) - // Only those options we need - $compare_options = array_diff(preg_replace('/^((?!' . $auth_option . ').+)|(' . $auth_option . ')$/', '', array_keys($this->acl_options[$scope])), array('')); - // Now switch back to keys if (sizeof($compare_options)) { @@ -422,7 +462,7 @@ class auth_admin extends auth $title = ($role_description) ? ' title="' . $role_description . '"' : ''; $s_role_options .= ''; } - + if ($s_role_options) { $s_role_options = '' . $s_role_options; diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 82479f0fcf..ada8809b74 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -1721,7 +1721,7 @@ function auto_prune($forum_id, $prune_mode, $prune_flags, $prune_days, $prune_fr $sql = 'SELECT forum_name FROM ' . FORUMS_TABLE . " WHERE forum_id = $forum_id"; - $result = $db->sql_query($sql); + $result = $db->sql_query($sql, 3600); if ($row = $db->sql_fetchrow($result)) { diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php index f2fef8af6e..407314d494 100644 --- a/phpBB/includes/mcp/mcp_post.php +++ b/phpBB/includes/mcp/mcp_post.php @@ -74,7 +74,7 @@ function mcp_post_details($id, $mode, $action) trigger_error($user->lang['NO_USER']); } - if ($auth->acl_get('m_', $post_info['forum_id'])) + if ($auth->acl_get('m_chgposter', $post_info['forum_id'])) { change_poster($post_info, $row); } @@ -104,14 +104,14 @@ function mcp_post_details($id, $mode, $action) 'U_APPROVE_ACTION' => "{$phpbb_root_path}mcp.$phpEx$SID&i=queue&p=$post_id", 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), - 'S_CAN_CHGPOSTER' => $auth->acl_get('m_', $post_info['forum_id']), + 'S_CAN_CHGPOSTER' => $auth->acl_get('m_chgposter', $post_info['forum_id']), 'S_CAN_LOCK_POST' => $auth->acl_get('m_lock', $post_info['forum_id']), 'S_CAN_DELETE_POST' => $auth->acl_get('m_delete', $post_info['forum_id']), 'S_POST_REPORTED' => ($post_info['post_reported']) ? true : false, 'S_POST_UNAPPROVED' => (!$post_info['post_approved']) ? true : false, 'S_POST_LOCKED' => ($post_info['post_edit_locked']) ? true : false, - 'S_USER_NOTES' => ($auth->acl_gets('m_', 'a_')) ? true : false, + 'S_USER_NOTES' => true, 'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false, 'U_FIND_MEMBER' => "{$phpbb_root_path}memberlist.$phpEx$SID&mode=searchuser&form=mcp_chgposter&field=username", -- cgit v1.2.1