forked from phpbb/customisation-db
-
Notifications
You must be signed in to change notification settings - Fork 1
/
access.php
152 lines (135 loc) · 3.36 KB
/
access.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
<?php
/**
*
* This file is part of the phpBB Customisation Database package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\titania;
class access
{
/** @var \phpbb\db\driver\driver_interface */
protected $db;
/** @var \phpbb\user */
protected $user;
/** @var \phpbb\titania\config\config */
protected $ext_config;
/** @var int */
protected $level = self::PUBLIC_LEVEL;
/**
* Level constants.
*/
const TEAM_LEVEL = 0;
const AUTHOR_LEVEL = 1;
const PUBLIC_LEVEL = 2;
/**
* Constructor
*
* @param \phpbb\db\driver\driver_interface $db
* @param \phpbb\user $user
* @param config\config $ext_config
*/
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\user $user, \phpbb\titania\config\config $ext_config)
{
$this->db = $db;
$this->user = $user;
$this->ext_config = $ext_config;
$this->calculate_level();
}
/**
* Check whether the access level matches expected value.
*
* @param int $expected Expected access level
* @param int|null $real Optional access level to check. If none is given
* the user's current access level is used.
* @return bool
*/
public function is($expected, $real = null)
{
$real = ($real === null) ? $this->level : $real;
return $expected == $real;
}
/**
* Check whether the access level is at team's level.
*
* @param null $level Optional access level to check. If none is given
* the user's current access level is used.
* @return bool
*/
public function is_team($level = null)
{
return $this->is(self::TEAM_LEVEL, $level);
}
/**
* Check whether the access level is at author's level.
*
* @param null $level Optional access level to check. If none is given
* the user's current access level is used.
* @return bool
*/
public function is_author($level = null)
{
return $this->is(self::AUTHOR_LEVEL, $level);
}
/**
* Check whether the access level is at public's level.
*
* @param null $level Optional access level to check. If none is given
* the user's current access level is used.
* @return bool
*/
public function is_public($level = null)
{
return $this->is(self::PUBLIC_LEVEL, $level);
}
/**
* Get current access level.
*
* @return int
*/
public function get_level()
{
return $this->level;
}
/**
* Set access level.
*
* @param int $level
*/
public function set_level($level)
{
// Is it a valid level?
if ($this->is_team($level) || $this->is_author($level) || $this->is_public($level))
{
$this->level = (int) $level;
}
}
/**
* Calculate the user's current access level.
*/
protected function calculate_level()
{
// The user might be in a group with team access even if it's not his default group.
$group_ids = $this->ext_config->__get('team_groups');
if (!$group_ids)
{
return;
}
$sql = 'SELECT group_id, user_id, user_pending
FROM ' . USER_GROUP_TABLE . '
WHERE user_id = ' . (int) $this->user->data['user_id'] . '
AND user_pending = 0
AND ' . $this->db->sql_in_set('group_id', array_map('intval', $group_ids));
$result = $this->db->sql_query_limit($sql, 1);
if ($group_id = $this->db->sql_fetchfield('group_id'))
{
$this->set_level(self::TEAM_LEVEL);
}
$this->db->sql_freeresult($result);
}
}