<Preset><V col="ckey" val="ReserveStop"/><V col="cval" val="48"/></Preset>
<Preset><V col="ckey" val="TicketIDChars"/><V col="cval" val="10"/></Preset>
<Preset><V col="ckey" val="VoucherIDChars"/><V col="cval" val="10"/></Preset>
- <Preset><V col="ckey" val="Flag admin"/><V col="cval" val="User is Admin"/></Preset>
- <Preset><V col="ckey" val="Flag web"/><V col="cval" val="User is Customer"/></Preset>
+ <Preset><V col="ckey" val="Flag _admin"/><V col="cval" val="User is Admin"/></Preset>
+ <Preset><V col="ckey" val="Flag _web"/><V col="cval" val="User is Customer"/></Preset>
</Table>
<Var name="file" type="blob"/>
</Output>
</Transaction>
+
+ <Transaction name="GetValidFlags"/>
+ <!-- Call lang="php" method=" -->
</Wolf>
protected $user="";
protected $roles;
protected $rights;
+ protected $flags;
/**construct the session object, check validity*/
public function __construct($trans)
global $db,$session;
$this->roles=array();
$this->rights=array();
+ $this->flags=array();
$sid=$trans->getHeader("Wob-SessionId");
$res=$db->select("session","sessionid,user","sessionid=".$db->escapeString($sid));
if(count($res)>0){
$this->sessid=$sid;
$this->user=$res[0]["user"];
$this->initRights();
+ $this->initFlags($res[0]["flags"]);
}
$session=$this;
}
}
}
+ /**internal: retrieve and remember the flags of this user*/
+ protected function initFlags($flg)
+ {
+ global $db;
+ $this->flags=explode(" ",$flg);
+ $res=$db->select("userrole","role","uname=".$db->escapeString($this->user));
+ for($i=0;$i<count($res);$i++){
+ $res2=$db->select("role","flags","rolename=".$db->escapeString($res[$i][0]));
+ if(count($res2)>0){
+ foreach(explode(" ",$res2[0][0]) as $f)
+ if(!in_array($f,$this->flags))
+ $this->flags[]=$f;
+ }
+ }
+ }
+
/**returns all rights of this user*/
public function getRights(){return $this->rights;}
/**returns all roles of this user*/
public function getRoles(){return $this->roles;}
+ /**returns the flags of this user*/
+ public function getFlags(){return $this->flags;}
+
+ /**returns whether the user has a specific flag*/
+ public function hasFlag($f){return in_array($f,$this->flags);}
+
/**creates a new session, called from the Login transaction*/
static public function login($trans)
{
{
global $db;
if(in_array("_admin",$this->roles))return true;
+ if(in_array("_admin",$this->flags))return true;
return in_array($transaction,$this->rights);
}
+
+ /**checks the given flags item pattern (string or array of strings) and returns true if they match*/
+ public function checkFlags($iflg)
+ {
+ //admin shortcut
+ if($this->hasFlag("_admin"))return true;
+ if(in_array("_admin",$this-roles))return true;
+ //actual check
+ if(is_array($iflg))$fp=$iflg;
+ else $fp=explode(" ",$iflg);
+ foreach($fp as $f){
+ if($f[0]=="+"){
+ if(!$this->hasFlag(substr($f,1)))return false;
+ }else
+ if($f[0]=="-"){
+ if($this->hasFlag(substr($f,1)))return false;
+ }
+ else return false;
+ }
+ return true;
+ }
};
/**dummy class used by browsed pages to represent the virtual web user*/
$this->user="(web)";
//fake web role, web pages check for it
$this->roles=array("_web");
+ $this->flags=array("_web");
//get rights
$this->rights=array();
- $res2=$db->select("roleright","rightname","rolename=".$db->escapeString($res[$i][0]));
+ $res2=$db->select("roleright","rightname","rolename='_web'");
for($j=0;$j<count($res2);$j++)
$this->rights[]=$res2[$j][0];
+ //get flags
+ $res2=$db->select("role","flags","rolename='_web'");
+ if(count($res2)>0){
+ foreach(explode(" ",$res2[0][0]) as $f)
+ if(!in_array($f,$this->flags))
+ $this->flags[]=$f;
+ }
}
}
projects / web/konrad/smoke.git / commitdiff