| [ Index ] | PHP Cross Reference of Mambo 4.6.5 |
|
| [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * @package Mambo 4 * @author Mambo Foundation Inc see README.php 5 * @copyright (C) 2000 - 2009 Mambo Foundation Inc. 6 * See COPYRIGHT.php for copyright notices and details. 7 * @license GNU/GPL Version 2, see LICENSE.php 8 * 9 * Redistributions of files must retain the above copyright notice. 10 * 11 * Mambo is free software; you can redistribute it and/or 12 * modify it under the terms of the GNU General Public License 13 * as published by the Free Software Foundation; version 2 of the License. 14 */ 15 16 /* 17 * phpGACL - Generic Access Control List 18 * Copyright (C) 2002,2003 Mike Benoit 19 * 20 * This library is free software; you can redistribute it and/or 21 * modify it under the terms of the GNU Lesser General Public 22 * License as published by the Free Software Foundation; either 23 * version 2.1 of the License, or (at your option) any later version. 24 * 25 * This library is distributed in the hope that it will be useful, 26 * but WITHOUT ANY WARRANTY; without even the implied warranty of 27 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 28 * Lesser General Public License for more details. 29 * 30 * You should have received a copy of the GNU Lesser General Public 31 * License along with this library; if not, write to the Free Software 32 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 33 * 34 * For questions, help, comments, discussion, etc., please join the 35 * phpGACL mailing list. http://sourceforge.net/mail/?group_id=57103 36 * 37 * You may contact the author of phpGACL by e-mail at: 38 * ipso@snappymail.ca 39 * 40 * The latest version of phpGACL can be obtained from: 41 * http://phpgacl.sourceforge.net/ 42 * 43 */ 44 45 /** ensure this file is being included by a parent file */ 46 defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' ); 47 48 // NOTE, this is a temporary solution until phpGACL libraries are fully implemented 49 50 /* -- Code to manually add a group to the ARO Groups 51 SET @parent_name = 'Registered'; 52 SET @new_name = 'Support'; 53 54 -- Select the parent node to insert after 55 SELECT @ins_id := group_id, @ins_lft := lft, @ins_rgt := rgt 56 FROM mos_core_acl_aro_groups 57 WHERE name = @parent_name; 58 59 SELECT @new_id := MAX(group_id) + 1 FROM mos_core_acl_aro_groups; 60 61 -- Make room for the new node 62 UPDATE mos_core_acl_aro_groups SET rgt=rgt+2 WHERE rgt>=@ins_rgt; 63 UPDATE mos_core_acl_aro_groups SET lft=lft+2 WHERE lft>@ins_rgt; 64 65 -- Insert the new node 66 INSERT INTO mos_core_acl_aro_groups (group_id,parent_id,name,lft,rgt) 67 VALUES (@new_id,@ins_id,@new_name,@ins_rgt,@ins_rgt+1); 68 */ 69 70 class gacl { 71 72 // --- Private properties --- 73 74 /* 75 * Enable Debug output. 76 */ 77 var $_debug = FALSE; 78 79 /* 80 * Database configuration. 81 */ 82 var $db=null; 83 var $_db_table_prefix = '#__core_acl_'; 84 85 /* 86 * NOTE: This cache must be manually cleaned each time ACL's are modified. 87 * Alternatively you could wait for the cache to expire. 88 */ 89 var $_caching = FALSE; 90 var $_force_cache_expire = TRUE; 91 92 // --- Fudge properties 93 var $acl=null; 94 var $acl_count=0; 95 96 /* 97 * Constructor 98 */ 99 function gacl( $db=null ) { 100 global $database; 101 102 $this->db = $db ? $db : $database; 103 104 // ARO value is currently the user type, 105 // this changes to user id in proper implementation 106 // No hierarchial inheritance so have to do that the long way 107 $this->acl = array(); 108 109 // backend login 110 $this->_mos_add_acl( 'administration', 'login', 'users', 'administrator', null, null ); 111 $this->_mos_add_acl( 'administration', 'login', 'users', 'superadministrator', null, null ); 112 $this->_mos_add_acl( 'administration', 'login', 'users', 'super administrator', null, null ); 113 $this->_mos_add_acl( 'administration', 'login', 'users', 'manager', null, null ); 114 // backend menus 115 //$this->_mos_add_acl( 'administration', 'config', 'users', 'administrator', null, null ); 116 $this->_mos_add_acl( 'administration', 'config', 'users', 'super administrator', null, null ); 117 $this->_mos_add_acl( 'administration', 'config', 'users', 'superadministrator', null, null ); 118 119 // access to db admin 120 //$this->_mos_add_acl( 'administration', 'manage', 'users', 'super administrator', 'components', 'com_dbadmin' ); 121 122 // access to templates 123 //$this->_mos_add_acl( 'administration', 'manage', 'user', 'administrator', 'components', 'com_templates' ) 124 $this->_mos_add_acl( 'administration', 'manage', 'users', 'superadministrator', 'components', 'com_templates' ); 125 $this->_mos_add_acl( 'administration', 'install', 'users', 'superadministrator', 'templates', 'all' ); 126 $this->_mos_add_acl( 'administration', 'manage', 'users', 'super administrator', 'components', 'com_templates' ); 127 $this->_mos_add_acl( 'administration', 'install', 'users', 'super administrator', 'templates', 'all' ); 128 129 // access to trash 130 $this->_mos_add_acl( 'administration', 'manage', 'users', 'administrator', 'components', 'com_trash' ); 131 $this->_mos_add_acl( 'administration', 'manage', 'users', 'super administrator', 'components', 'com_trash' ); 132 $this->_mos_add_acl( 'administration', 'manage', 'users', 'superadministrator', 'components', 'com_trash' ); 133 134 // access to menu manager 135 $this->_mos_add_acl( 'administration', 'manage', 'users', 'administrator', 'components', 'com_menumanager' ); 136 $this->_mos_add_acl( 'administration', 'manage', 'users', 'super administrator', 'components', 'com_menumanager' ); 137 $this->_mos_add_acl( 'administration', 'manage', 'users', 'superadministrator', 'components', 'com_menumanager' ); 138 139 // access to languages 140 $this->_mos_add_acl( 'administration', 'manage', 'users', 'super administrator', 'components', 'com_languages' ); 141 $this->_mos_add_acl( 'administration', 'manage', 'users', 'superadministrator', 'components', 'com_languages' ); 142 $this->_mos_add_acl( 'administration', 'manage', 'users', 'administrator', 'components', 'com_languages' ); 143 $this->_mos_add_acl( 'administration', 'install', 'users', 'super administrator', 'languages', 'all' ); 144 $this->_mos_add_acl( 'administration', 'install', 'users', 'superadministrator', 'languages', 'all' ); 145 $this->_mos_add_acl( 'administration', 'install', 'users', 'administrator', 'languages', 'all' ); 146 147 // access to modules 148 $this->_mos_add_acl( 'administration', 'install', 'users', 'administrator', 'modules', 'all' ); 149 $this->_mos_add_acl( 'administration', 'install', 'users', 'super administrator', 'modules', 'all' ); 150 $this->_mos_add_acl( 'administration', 'install', 'users', 'superadministrator', 'modules', 'all' ); 151 152 $this->_mos_add_acl( 'administration', 'edit', 'users', 'super administrator', 'modules', 'all' ); 153 $this->_mos_add_acl( 'administration', 'edit', 'users', 'superadministrator', 'modules', 'all' ); 154 $this->_mos_add_acl( 'administration', 'edit', 'users', 'administrator', 'modules', 'all' ); 155 156 // access to modules 157 $this->_mos_add_acl( 'administration', 'install', 'users', 'administrator', 'mambots', 'all' ); 158 $this->_mos_add_acl( 'administration', 'install', 'users', 'super administrator', 'mambots', 'all' ); 159 $this->_mos_add_acl( 'administration', 'install', 'users', 'superadministrator', 'mambots', 'all' ); 160 161 $this->_mos_add_acl( 'administration', 'edit', 'users', 'super administrator', 'mambots', 'all' ); 162 $this->_mos_add_acl( 'administration', 'edit', 'users', 'superadministrator', 'mambots', 'all' ); 163 $this->_mos_add_acl( 'administration', 'edit', 'users', 'administrator', 'mambots', 'all' ); 164 // uncomment following to allow managers to edit modules 165 //array( 'administration', 'edit', 'users', 'manager', 'modules', 'all' ); 166 167 // access to universal installer 168 $this->_mos_add_acl( 'administration', 'install', 'users', 'administrator', 'universals', 'all' ); 169 $this->_mos_add_acl( 'administration', 'install', 'users', 'super administrator', 'universals', 'all' ); 170 $this->_mos_add_acl( 'administration', 'install', 'users', 'superadministrator', 'universals', 'all' ); 171 172 // access to components 173 $this->_mos_add_acl( 'administration', 'install', 'users', 'administrator', 'components', 'all' ); 174 $this->_mos_add_acl( 'administration', 'install', 'users', 'super administrator', 'components', 'all' ); 175 $this->_mos_add_acl( 'administration', 'install', 'users', 'superadministrator', 'components', 'all' ); 176 177 // access to parameters 178 $this->_mos_add_acl( 'administration', 'install', 'users', 'administrator', 'parameters', 'all' ); 179 $this->_mos_add_acl( 'administration', 'install', 'users', 'super administrator', 'parameters', 'all' ); 180 $this->_mos_add_acl( 'administration', 'install', 'users', 'superadministrator', 'parameters', 'all' ); 181 182 // access to includes 183 $this->_mos_add_acl( 'administration', 'install', 'users', 'administrator', 'includes', 'all' ); 184 $this->_mos_add_acl( 'administration', 'install', 'users', 'super administrator', 'includes', 'all' ); 185 $this->_mos_add_acl( 'administration', 'install', 'users', 'superadministrator', 'includes', 'all' ); 186 187 $this->_mos_add_acl( 'administration', 'edit', 'users', 'super administrator', 'components', 'all' ); 188 $this->_mos_add_acl( 'administration', 'edit', 'users', 'superadministrator', 'components', 'all' ); 189 $this->_mos_add_acl( 'administration', 'edit', 'users', 'administrator', 'components', 'all' ); 190 191 $this->_mos_add_acl( 'administration', 'edit', 'users', 'manager', 'components', 'com_newsflash' ); 192 $this->_mos_add_acl( 'administration', 'edit', 'users', 'manager', 'components', 'com_frontpage' ); 193 $this->_mos_add_acl( 'administration', 'edit', 'users', 'manager', 'components', 'com_media' ); 194 // ** add additional components for a manager as desired, or give access to all 195 196 // massmail 197 $this->_mos_add_acl( 'administration', 'manage', 'users', 'super administrator', 'components', 'com_massmail' ); 198 $this->_mos_add_acl( 'administration', 'manage', 'users', 'superadministrator', 'components', 'com_massmail' ); 199 200 // manage users 201 $this->_mos_add_acl( 'administration', 'manage', 'users', 'administrator', 'components', 'com_users' ); 202 $this->_mos_add_acl( 'administration', 'manage', 'users', 'super administrator', 'components', 'com_users' ); 203 $this->_mos_add_acl( 'administration', 'manage', 'users', 'superadministrator', 'components', 'com_users' ); 204 205 // email block users property 206 $this->_mos_add_acl( 'administration', 'edit', 'users', 'administrator', 'user properties', 'block_user' ); 207 $this->_mos_add_acl( 'administration', 'edit', 'users', 'super administrator', 'user properties', 'block_user' ); 208 $this->_mos_add_acl( 'administration', 'edit', 'users', 'superadministrator', 'user properties', 'block_user' ); 209 210 // email system events 211 $this->_mos_add_acl( 'workflow', 'email_events', 'users', 'administrator', null, null ); 212 $this->_mos_add_acl( 'workflow', 'email_events', 'users', 'super administrator', null, null ); 213 $this->_mos_add_acl( 'workflow', 'email_events', 'users', 'superadministrator', null, null ); 214 215 // actions 216 $this->_mos_add_acl( 'action', 'add', 'users', 'author', 'content', 'all' ); 217 $this->_mos_add_acl( 'action', 'add', 'users', 'editor', 'content', 'all' ); 218 $this->_mos_add_acl( 'action', 'add', 'users', 'publisher', 'content', 'all' ); 219 $this->_mos_add_acl( 'action', 'edit', 'users', 'author', 'content', 'own' ); 220 $this->_mos_add_acl( 'action', 'edit', 'users', 'editor', 'content', 'all' ); 221 $this->_mos_add_acl( 'action', 'edit', 'users', 'publisher', 'content', 'all' ); 222 $this->_mos_add_acl( 'action', 'publish', 'users', 'publisher', 'content', 'all' ); 223 224 $this->_mos_add_acl( 'action', 'add', 'users', 'manager', 'content', 'all' ); 225 $this->_mos_add_acl( 'action', 'edit', 'users', 'manager', 'content', 'all' ); 226 $this->_mos_add_acl( 'action', 'publish', 'users', 'manager', 'content', 'all' ); 227 228 $this->_mos_add_acl( 'action', 'add', 'users', 'administrator', 'content', 'all' ); 229 $this->_mos_add_acl( 'action', 'edit', 'users', 'administrator', 'content', 'all' ); 230 $this->_mos_add_acl( 'action', 'publish', 'users', 'administrator', 'content', 'all' ); 231 232 $this->_mos_add_acl( 'action', 'add', 'users', 'super administrator', 'content', 'all' ); 233 $this->_mos_add_acl( 'action', 'edit', 'users', 'super administrator', 'content', 'all' ); 234 235 $this->_mos_add_acl( 'action', 'add', 'users', 'superadministrator', 'content', 'all' ); 236 $this->_mos_add_acl( 'action', 'edit', 'users', 'superadministrator', 'content', 'all' ); 237 238 $this->_mos_add_acl( 'action', 'publish', 'users', 'super administrator', 'content', 'all' ); 239 $this->_mos_add_acl( 'action', 'publish', 'users', 'superadministrator', 'content', 'all' ); 240 241 // work around for menu access 242 $this->_mos_add_acl( 'action', 'access', 'users', 'superadministrator', 'frontend', 'special' ); 243 $this->_mos_add_acl( 'action', 'access', 'users', 'super administrator', 'frontend', 'special' ); 244 $this->_mos_add_acl( 'action', 'access', 'users', 'administrator', 'frontend', 'special' ); 245 $this->_mos_add_acl( 'action', 'access', 'users', 'manager', 'frontend', 'special' ); 246 $this->_mos_add_acl( 'action', 'access', 'users', 'publisher', 'frontend', 'special' ); 247 $this->_mos_add_acl( 'action', 'access', 'users', 'editor', 'frontend', 'special' ); 248 $this->_mos_add_acl( 'action', 'access', 'users', 'author', 'frontend', 'special' ); 249 250 $this->acl_count = count( $this->acl ); 251 } 252 253 /* 254 This is a temporary function to allow 3PD's to add basic ACL checks for their 255 modules and components. NOTE: this information will be compiled in the db 256 in future versions 257 */ 258 function _mos_add_acl( $aco_section_value, $aco_value, 259 $aro_section_value, $aro_value, $axo_section_value=NULL, $axo_value=NULL ) { 260 261 $this->acl[] = array( $aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value, $axo_value ); 262 $this->acl_count = count( $this->acl ); 263 } 264 265 /*======================================================================*\ 266 Function: $gacl_api->debug_text() 267 Purpose: Prints debug text if debug is enabled. 268 \*======================================================================*/ 269 function debug_text($text) { 270 271 if ($this->_debug) { 272 echo "$text<br />\n"; 273 } 274 275 return true; 276 } 277 278 /*======================================================================*\ 279 Function: $gacl_api->debug_db() 280 Purpose: Prints database debug text if debug is enabled. 281 \*======================================================================*/ 282 function debug_db($function_name = '') { 283 if ($function_name != '') { 284 $function_name .= ' (): '; 285 } 286 287 return $this->debug_text ($function_name .'database error: '. $this->db->getErrorMsg() .' ('. $this->db->getErrorNum() .')'); 288 } 289 290 /*======================================================================*\ 291 Function: acl_check() 292 Purpose: Function that wraps the actual acl_query() function. 293 It is simply here to return TRUE/FALSE accordingly. 294 \*======================================================================*/ 295 function acl_check( $aco_section_value, $aco_value, 296 $aro_section_value, $aro_value, $axo_section_value=NULL, $axo_value=NULL ) { 297 $acl_result = 0; 298 for ($i=0; $i < $this->acl_count; $i++) { 299 if (strcasecmp( $aco_section_value, $this->acl[$i][0] ) == 0) { 300 if (strcasecmp( $aco_value, $this->acl[$i][1] ) == 0) { 301 if (strcasecmp( $aro_section_value, $this->acl[$i][2] ) == 0) { 302 if (strcasecmp( $aro_value, $this->acl[$i][3] ) == 0) { 303 if (strcasecmp( $axo_section_value, $this->acl[$i][4] ) == 0) { 304 if (strcasecmp( $axo_value, $this->acl[$i][5] ) == 0) { 305 $acl_result = 1; 306 break; 307 } 308 } 309 } 310 } 311 } 312 } 313 } 314 return $acl_result; 315 } 316 317 } 318 319 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Feb 8 00:05:01 2012 | Cross-referenced by PHPXref 0.7 |
| Mambo API: Mambo is Free software released under the GNU/General Public License, Version 2 |