1
|
|
|
<?php declare(strict_types=1); |
2
|
|
|
|
3
|
|
|
|
4
|
|
|
namespace XoopsModules\Wgevents; |
5
|
|
|
|
6
|
|
|
/* |
7
|
|
|
You may not change or alter any portion of this comment or credits |
8
|
|
|
of supporting developers from this source code or any supporting source code |
9
|
|
|
which is considered copyrighted (c) material of the original comment or credit authors. |
10
|
|
|
|
11
|
|
|
This program is distributed in the hope that it will be useful, |
12
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of |
13
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
14
|
|
|
*/ |
15
|
|
|
|
16
|
|
|
/** |
17
|
|
|
* wgEvents module for xoops |
18
|
|
|
* |
19
|
|
|
* @copyright 2021 XOOPS Project (https://xoops.org) |
20
|
|
|
* @license GPL 2.0 or later |
21
|
|
|
* @package wgevents |
22
|
|
|
* @since 1.0.0 |
23
|
|
|
* @min_xoops 2.5.11 Beta1 |
24
|
|
|
* @author Goffy - Wedega - Email:[email protected] - Website:https://xoops.wedega.com |
25
|
|
|
*/ |
26
|
|
|
|
27
|
|
|
use XoopsModule; |
28
|
|
|
use XoopsModules\Wgevents; |
29
|
|
|
|
30
|
|
|
\defined('XOOPS_ROOT_PATH') || die('Restricted access'); |
31
|
|
|
|
32
|
|
|
/** |
33
|
|
|
* Class Object PermissionHandler |
34
|
|
|
*/ |
35
|
|
|
class PermissionHandler extends \XoopsPersistableObjectHandler |
36
|
|
|
{ |
37
|
|
|
/** |
38
|
|
|
* Constructor |
39
|
|
|
* |
40
|
|
|
*/ |
41
|
|
|
public function __construct() |
42
|
|
|
{ |
43
|
|
|
} |
44
|
|
|
|
45
|
|
|
|
46
|
|
|
/** |
47
|
|
|
* @private function getPermSubmit |
48
|
|
|
* returns right to submit for given perm |
49
|
|
|
* @param $constantPerm |
50
|
|
|
* @return bool |
51
|
|
|
*/ |
52
|
|
|
private function getPerm($constantPerm) |
53
|
|
|
{ |
54
|
|
|
global $xoopsUser; |
55
|
|
|
|
56
|
|
|
$moduleDirName = \basename(\dirname(__DIR__)); |
57
|
|
|
$mid = XoopsModule::getByDirname($moduleDirName)->mid(); |
58
|
|
|
$currentuid = 0; |
59
|
|
|
if (isset($xoopsUser) && \is_object($xoopsUser)) { |
60
|
|
|
if ($xoopsUser->isAdmin($mid)) { |
61
|
|
|
return true; |
62
|
|
|
} |
63
|
|
|
$currentuid = $xoopsUser->uid(); |
64
|
|
|
} |
65
|
|
|
$grouppermHandler = \xoops_getHandler('groupperm'); |
66
|
|
|
|
67
|
|
|
$memberHandler = \xoops_getHandler('member'); |
68
|
|
|
if (0 === $currentuid) { |
69
|
|
|
$my_group_ids = [\XOOPS_GROUP_ANONYMOUS]; |
70
|
|
|
} else { |
71
|
|
|
$my_group_ids = $memberHandler->getGroupsByUser($currentuid); |
|
|
|
|
72
|
|
|
} |
73
|
|
|
if ($grouppermHandler->checkRight('wgevents_ac', $constantPerm, $my_group_ids, $mid)) { |
|
|
|
|
74
|
|
|
return true; |
75
|
|
|
} |
76
|
|
|
|
77
|
|
|
return false; |
78
|
|
|
} |
79
|
|
|
|
80
|
|
|
/** |
81
|
|
|
* @private function getPermSubmit |
82
|
|
|
* returns right to submit for given perm |
83
|
|
|
* @param $constantPerm |
84
|
|
|
* @return bool |
85
|
|
|
*/ |
86
|
|
|
private function getPermApprove($constantPerm) |
87
|
|
|
{ |
88
|
|
|
if ($this->getPermGlobalApprove()) { |
89
|
|
|
return true; |
90
|
|
|
} |
91
|
|
|
|
92
|
|
|
return $this->getPerm($constantPerm); |
93
|
|
|
} |
94
|
|
|
/** |
95
|
|
|
* @private function getPermSubmit |
96
|
|
|
* returns right to submit for given perm |
97
|
|
|
* @param $constantPerm |
98
|
|
|
* @return bool |
99
|
|
|
*/ |
100
|
|
|
private function getPermSubmit($constantPerm) |
101
|
|
|
{ |
102
|
|
|
if ($this->getPermGlobalSubmit()) { |
103
|
|
|
return true; |
104
|
|
|
} |
105
|
|
|
|
106
|
|
|
return $this->getPerm($constantPerm); |
107
|
|
|
} |
108
|
|
|
|
109
|
|
|
/** |
110
|
|
|
* @private function getPermView |
111
|
|
|
* returns right for view of given perm |
112
|
|
|
* @param $constantPerm |
113
|
|
|
* @return bool |
114
|
|
|
*/ |
115
|
|
|
private function getPermView($constantPerm) |
116
|
|
|
{ |
117
|
|
|
if ($this->getPermGlobalView()) { |
118
|
|
|
return true; |
119
|
|
|
} |
120
|
|
|
|
121
|
|
|
return $this->getPerm($constantPerm); |
122
|
|
|
} |
123
|
|
|
/** |
124
|
|
|
* @public function permGlobalApprove |
125
|
|
|
* returns right for global approve |
126
|
|
|
* |
127
|
|
|
* @return bool |
128
|
|
|
*/ |
129
|
|
|
public function getPermGlobalApprove() |
130
|
|
|
{ |
131
|
|
|
return $this->getPerm(Constants::PERM_GLOBAL_APPROVE); |
132
|
|
|
} |
133
|
|
|
|
134
|
|
|
/** |
135
|
|
|
* @public function permGlobalSubmit |
136
|
|
|
* returns right for global submit |
137
|
|
|
* |
138
|
|
|
* @return bool |
139
|
|
|
*/ |
140
|
|
|
public function getPermGlobalSubmit() |
141
|
|
|
{ |
142
|
|
|
if ($this->getPermGlobalApprove()) { |
143
|
|
|
return true; |
144
|
|
|
} |
145
|
|
|
return $this->getPerm(Constants::PERM_GLOBAL_SUBMIT); |
146
|
|
|
} |
147
|
|
|
|
148
|
|
|
/** |
149
|
|
|
* @public function permGlobalView |
150
|
|
|
* returns right for global view |
151
|
|
|
* |
152
|
|
|
* @return bool |
153
|
|
|
*/ |
154
|
|
|
public function getPermGlobalView() |
155
|
|
|
{ |
156
|
|
|
if ($this->getPermGlobalApprove() || $this->getPermGlobalSubmit()) { |
157
|
|
|
return true; |
158
|
|
|
} |
159
|
|
|
return $this->getPerm(Constants::PERM_GLOBAL_APPROVE); |
160
|
|
|
} |
161
|
|
|
|
162
|
|
|
/** |
163
|
|
|
* @public function getPermEventsApprove |
164
|
|
|
* returns right for approve events |
165
|
|
|
* |
166
|
|
|
* @return bool |
167
|
|
|
*/ |
168
|
|
|
public function getPermEventsApprove() |
169
|
|
|
{ |
170
|
|
|
if ($this->getPermGlobalApprove()) { |
171
|
|
|
return true; |
172
|
|
|
} |
173
|
|
|
return $this->getPermApprove(Constants::PERM_EVENTS_APPROVE); |
174
|
|
|
} |
175
|
|
|
|
176
|
|
|
/** |
177
|
|
|
* @public function getPermEventsApproveAuto |
178
|
|
|
* returns right for approve events |
179
|
|
|
* |
180
|
|
|
* @return bool |
181
|
|
|
*/ |
182
|
|
|
public function getPermEventsApproveAuto() |
183
|
|
|
{ |
184
|
|
|
if ($this->getPermEventsApprove()) { |
185
|
|
|
return true; |
186
|
|
|
} |
187
|
|
|
return $this->getPermApprove(Constants::PERM_EVENTS_APPROVE_AUTO); |
188
|
|
|
} |
189
|
|
|
|
190
|
|
|
/** |
191
|
|
|
* @public function getPermEventsSubmit |
192
|
|
|
* returns right for submit events |
193
|
|
|
* |
194
|
|
|
* @return bool |
195
|
|
|
*/ |
196
|
|
|
public function getPermEventsSubmit() |
197
|
|
|
{ |
198
|
|
|
if ($this->getPermGlobalSubmit()) { |
199
|
|
|
return true; |
200
|
|
|
} |
201
|
|
|
return $this->getPermSubmit(Constants::PERM_EVENTS_SUBMIT); |
202
|
|
|
} |
203
|
|
|
|
204
|
|
|
/** |
205
|
|
|
* @public function getPermEventsEdit |
206
|
|
|
* returns right for edit/delete events |
207
|
|
|
* - User must have perm to submit and must be owner |
208
|
|
|
* - transaction is not closed |
209
|
|
|
* @param $evSubmitter |
210
|
|
|
* @param $evStatus |
211
|
|
|
* @return bool |
212
|
|
|
*/ |
213
|
|
|
public function getPermEventsEdit($evSubmitter, $evStatus) |
214
|
|
|
{ |
215
|
|
|
global $xoopsUser, $xoopsModule; |
216
|
|
|
|
217
|
|
|
if ($this->getPermEventsApprove()) { |
218
|
|
|
return true; |
219
|
|
|
} |
220
|
|
|
|
221
|
|
|
if (Constants::STATUS_LOCKED == $evStatus) { |
222
|
|
|
return false; |
223
|
|
|
} |
224
|
|
|
|
225
|
|
|
$currentuid = 0; |
226
|
|
|
if (isset($xoopsUser) && \is_object($xoopsUser)) { |
227
|
|
|
if (isset($xoopsModule) && \is_object($xoopsModule) && $xoopsUser->isAdmin($xoopsModule->mid())) { |
228
|
|
|
return true; |
229
|
|
|
} |
230
|
|
|
$currentuid = $xoopsUser->uid(); |
231
|
|
|
} |
232
|
|
|
return $this->getPermEventsSubmit() && $currentuid == $evSubmitter; |
233
|
|
|
} |
234
|
|
|
|
235
|
|
|
/** |
236
|
|
|
* @public function getPermEventsView |
237
|
|
|
* returns right for view Event |
238
|
|
|
* |
239
|
|
|
* @return bool |
240
|
|
|
*/ |
241
|
|
|
public function getPermEventsView() |
242
|
|
|
{ |
243
|
|
|
return $this->getPermView(Constants::PERM_EVENTS_VIEW); |
244
|
|
|
} |
245
|
|
|
|
246
|
|
|
/** |
247
|
|
|
* @public function getPermQuestionsAdmin |
248
|
|
|
* returns right for submit/edit/delete questions |
249
|
|
|
* - User must have perm edit the event |
250
|
|
|
* @param $evSubmitter |
251
|
|
|
* @param $evStatus |
252
|
|
|
* @return bool |
253
|
|
|
*/ |
254
|
|
|
public function getPermQuestionsAdmin($evSubmitter, $evStatus) |
255
|
|
|
{ |
256
|
|
|
if ($this->getPermEventsEdit($evSubmitter, $evStatus)) { |
257
|
|
|
return true; |
258
|
|
|
} |
259
|
|
|
|
260
|
|
|
return false; |
261
|
|
|
} |
262
|
|
|
|
263
|
|
|
/** |
264
|
|
|
* @public function getPermRegistrationsApprove |
265
|
|
|
* returns right for approve registrations |
266
|
|
|
* - User must have perm edit the event (owner or approver) |
267
|
|
|
* @param $evSubmitter |
268
|
|
|
* @param $evStatus |
269
|
|
|
* @return bool |
270
|
|
|
*/ |
271
|
|
|
public function getPermRegistrationsApprove($evSubmitter, $evStatus) |
272
|
|
|
{ |
273
|
|
|
if ($this->getPermEventsEdit($evSubmitter, $evStatus)) { |
274
|
|
|
return true; |
275
|
|
|
} |
276
|
|
|
|
277
|
|
|
return false; |
278
|
|
|
} |
279
|
|
|
|
280
|
|
|
/** |
281
|
|
|
* @public function getPermRegistrationsVerif |
282
|
|
|
* returns right for submit registrations without question verification by mail |
283
|
|
|
* - User must have perm to submit registrations |
284
|
|
|
* |
285
|
|
|
* @return bool |
286
|
|
|
*/ |
287
|
|
|
public function getPermRegistrationsVerif() |
288
|
|
|
{ |
289
|
|
|
return $this->getPerm(Constants::PERM_REGISTRATIONS_AUTOVERIF); |
290
|
|
|
} |
291
|
|
|
|
292
|
|
|
/** |
293
|
|
|
* @public function getPermRegistrationsSubmit |
294
|
|
|
* returns right for submit registrations |
295
|
|
|
* |
296
|
|
|
* @return bool |
297
|
|
|
*/ |
298
|
|
|
public function getPermRegistrationsSubmit() |
299
|
|
|
{ |
300
|
|
|
if ($this->getPermRegistrationsVerif()) { |
301
|
|
|
return true; |
302
|
|
|
} |
303
|
|
|
return $this->getPermSubmit(Constants::PERM_REGISTRATIONS_SUBMIT); |
304
|
|
|
} |
305
|
|
|
|
306
|
|
|
/** |
307
|
|
|
* @public function getPermRegistrationsEdit |
308
|
|
|
* returns right for edit/delete registrations |
309
|
|
|
* - User have permission to edit the event |
310
|
|
|
* - User must have perm to submit and must be owner |
311
|
|
|
* @param $regIp |
312
|
|
|
* @param $regSubmitter |
313
|
|
|
* @param $evSubmitter |
314
|
|
|
* @param $evStatus |
315
|
|
|
* @return bool |
316
|
|
|
*/ |
317
|
|
|
public function getPermRegistrationsEdit($regIp, $regSubmitter, $evSubmitter, $evStatus) |
318
|
|
|
{ |
319
|
|
|
if ($this->getPermEventsEdit($evSubmitter, $evStatus)) { |
320
|
|
|
return true; |
321
|
|
|
} |
322
|
|
|
|
323
|
|
|
if ($this->getPermRegistrationsSubmit() && $this->getPermRegistrationsView($regIp, $regSubmitter)) { |
324
|
|
|
return true; |
325
|
|
|
} |
326
|
|
|
|
327
|
|
|
return false; |
328
|
|
|
} |
329
|
|
|
|
330
|
|
|
/** |
331
|
|
|
* @public function getPermRegistrationsView |
332
|
|
|
* returns right for view Registration |
333
|
|
|
* - user must be the submitter_text of registration or same IP must be used |
334
|
|
|
* @param $regIp |
335
|
|
|
* @param $regSubmitter |
336
|
|
|
* @return bool |
337
|
|
|
*/ |
338
|
|
|
public function getPermRegistrationsView($regIp, $regSubmitter) |
339
|
|
|
{ |
340
|
|
|
$uidCurrent = \is_object($GLOBALS['xoopsUser']) ? $GLOBALS['xoopsUser']->uid() : 0; |
341
|
|
|
if ($regSubmitter == $uidCurrent) { |
342
|
|
|
return true; |
343
|
|
|
} |
344
|
|
|
$ipCurrent = $_SERVER['REMOTE_ADDR']; |
345
|
|
|
return $regIp == $ipCurrent; |
346
|
|
|
} |
347
|
|
|
|
348
|
|
|
/** |
349
|
|
|
* @public function getPermTextblocksSubmit |
350
|
|
|
* returns right for submit textblocks |
351
|
|
|
* |
352
|
|
|
* @return bool |
353
|
|
|
*/ |
354
|
|
|
public function getPermTextblocksSubmit() |
355
|
|
|
{ |
356
|
|
|
return $this->getPermEventsSubmit(); |
357
|
|
|
} |
358
|
|
|
|
359
|
|
|
/** |
360
|
|
|
* @public function getPermTextblocksAdmin |
361
|
|
|
* returns right for edit/delete textblocks |
362
|
|
|
* - User must have perm to submit and must be owner |
363
|
|
|
* @param $tbSubmitter |
364
|
|
|
* @return bool |
365
|
|
|
*/ |
366
|
|
|
public function getPermTextblocksEdit($tbSubmitter) |
367
|
|
|
{ |
368
|
|
|
global $xoopsUser, $xoopsModule; |
369
|
|
|
|
370
|
|
|
if ($this->getPermGlobalApprove()) { |
371
|
|
|
return true; |
372
|
|
|
} |
373
|
|
|
|
374
|
|
|
$currentuid = 0; |
375
|
|
|
if (isset($xoopsUser) && \is_object($xoopsUser)) { |
376
|
|
|
if (isset($xoopsModule) && \is_object($xoopsModule) && $xoopsUser->isAdmin($xoopsModule->mid())) { |
377
|
|
|
return true; |
378
|
|
|
} |
379
|
|
|
$currentuid = $xoopsUser->uid(); |
380
|
|
|
} |
381
|
|
|
return $this->getPermTextblocksSubmit() && $currentuid == $tbSubmitter; |
382
|
|
|
} |
383
|
|
|
|
384
|
|
|
/** |
385
|
|
|
* @public function getPermTextblocksAdmin |
386
|
|
|
* returns right for edit/delete textblocks |
387
|
|
|
* - User must have perm to submit and must be owner |
388
|
|
|
* @param $tbSubmitter |
389
|
|
|
* @return bool |
390
|
|
|
*/ |
391
|
|
|
public function getPermTextblocksAdmin($tbSubmitter) |
392
|
|
|
{ |
393
|
|
|
global $xoopsUser, $xoopsModule; |
394
|
|
|
|
395
|
|
|
if ($this->getPermGlobalApprove()) { |
396
|
|
|
return true; |
397
|
|
|
} |
398
|
|
|
|
399
|
|
|
$currentuid = 0; |
400
|
|
|
if (isset($xoopsUser) && \is_object($xoopsUser)) { |
401
|
|
|
if (isset($xoopsModule) && \is_object($xoopsModule) && $xoopsUser->isAdmin($xoopsModule->mid())) { |
402
|
|
|
return true; |
403
|
|
|
} |
404
|
|
|
$currentuid = $xoopsUser->uid(); |
405
|
|
|
} |
406
|
|
|
return $this->getPermTextblocksSubmit() && $currentuid == $tbSubmitter; |
407
|
|
|
} |
408
|
|
|
|
409
|
|
|
|
410
|
|
|
|
411
|
|
|
|
412
|
|
|
|
413
|
|
|
|
414
|
|
|
|
415
|
|
|
|
416
|
|
|
|
417
|
|
|
/** Check permission for categories |
418
|
|
|
* @param string $permName |
419
|
|
|
* @param int $catId |
420
|
|
|
* @return int |
421
|
|
|
|
422
|
|
|
private function permPermCats($permName, $catId) |
423
|
|
|
{ |
424
|
|
|
global $xoopsUser, $xoopsModule; |
425
|
|
|
|
426
|
|
|
$currentuid = 0; |
427
|
|
|
if (isset($xoopsUser) && \is_object($xoopsUser)) { |
428
|
|
|
if ($xoopsUser->isAdmin()) { |
429
|
|
|
return 1; |
430
|
|
|
} |
431
|
|
|
$currentuid = $xoopsUser->uid(); |
432
|
|
|
} |
433
|
|
|
$grouppermHandler = \xoops_getHandler('groupperm'); |
434
|
|
|
$mid = $xoopsModule->mid(); |
435
|
|
|
$memberHandler = \xoops_getHandler('member'); |
436
|
|
|
if (0 == $currentuid) { |
437
|
|
|
$my_group_ids = [\XOOPS_GROUP_ANONYMOUS]; |
438
|
|
|
} else { |
439
|
|
|
$my_group_ids = $memberHandler->getGroupsByUser($currentuid); |
440
|
|
|
} |
441
|
|
|
|
442
|
|
|
return $grouppermHandler->checkRight($permName, $catId, $my_group_ids, $mid); |
443
|
|
|
}*/ |
444
|
|
|
|
445
|
|
|
/** |
446
|
|
|
* @public function getPermCatEventsView |
447
|
|
|
* returns right for view events of this category |
448
|
|
|
* @param int $catId |
449
|
|
|
* @return bool |
450
|
|
|
|
451
|
|
|
public function getPermCatEventsView($catId) |
452
|
|
|
{ |
453
|
|
|
return $this->permPermCats('wgevents_view_cat_events', $catId); |
454
|
|
|
}*/ |
455
|
|
|
|
456
|
|
|
/** |
457
|
|
|
* @public function getPermCatEventsSubmit |
458
|
|
|
* returns right for submit events to this category |
459
|
|
|
* @param int $catId |
460
|
|
|
* @return bool |
461
|
|
|
|
462
|
|
|
public function getPermCatEventsSubmit($catId) |
463
|
|
|
{ |
464
|
|
|
return $this->permPermCats('wgevents_submit_cat_events', $catId); |
465
|
|
|
}*/ |
466
|
|
|
|
467
|
|
|
/** |
468
|
|
|
* @public function getPermCatEventsApprove |
469
|
|
|
* returns right for approve events of this category |
470
|
|
|
* @param int $catId |
471
|
|
|
* @return bool |
472
|
|
|
|
473
|
|
|
public function getPermCatEventsApprove($catId) |
474
|
|
|
{ |
475
|
|
|
return $this->permPermCats('wgevents_approve_cat_events', $catId); |
476
|
|
|
}*/ |
477
|
|
|
|
478
|
|
|
/** |
479
|
|
|
* @public function getPermCatRegsView |
480
|
|
|
* returns right for view registrations of events of this category |
481
|
|
|
* @param int $catId |
482
|
|
|
* @return bool |
483
|
|
|
|
484
|
|
|
public function getPermCatRegsView($catId) |
485
|
|
|
{ |
486
|
|
|
return $this->permPermCats('wgevents_view_cat_regs', $catId); |
487
|
|
|
}*/ |
488
|
|
|
|
489
|
|
|
/** |
490
|
|
|
* @public function getPermCatRegsSubmit |
491
|
|
|
* returns right for submit registrations to events to this category |
492
|
|
|
* @param int $catId |
493
|
|
|
* @return bool |
494
|
|
|
|
495
|
|
|
public function getPermCatRegsSubmit($catId) |
496
|
|
|
{ |
497
|
|
|
return $this->permPermCats('wgevents_submit_cat_regs', $catId); |
498
|
|
|
}*/ |
499
|
|
|
|
500
|
|
|
/** |
501
|
|
|
* @public function getPermCatRegsApprove |
502
|
|
|
* returns right for approve registrations of events of this category |
503
|
|
|
* @param int $catId |
504
|
|
|
* @return bool |
505
|
|
|
|
506
|
|
|
public function getPermCatRegsApprove($catId) |
507
|
|
|
{ |
508
|
|
|
return $this->permPermCats('wgevents_approve_cat_regs', $catId); |
509
|
|
|
}*/ |
510
|
|
|
|
511
|
|
|
} |
512
|
|
|
|