| [ Index ] |
|
Code source de GeekLog 1.4.1 |
[Code source] [Imprimer] [Statistiques]
This is the security library for Geeklog. This is used to implement Geeklog's *nix-style security system. Programming notes: For items you need security on you need the following for each record in your database: owner_id | mediumint(8) group_id | mediumint(8) perm_owner | tinyint(1) unsigned perm_group | tinyint(1) unsigned perm_members | tinyint(1) unsigned perm_anon | tinyint(1) unsigned
| Poids: | 1023 lignes (35 kb) |
| Inclus ou requis: | 0 fois |
| Référencé: | 0 fois |
| Nécessite: | 0 fichiers |
| SEC_getUserGroups($uid='') X-Ref |
| Returns the groups a user belongs to This is part of the GL security implementation. This function returns all the groups a user belongs to. This function is called recursively as groups can belong to other groups Note: this is an expensive function -- if you are concerned about speed it should only be used once at the beginning of a page. The resulting array $_GROUPS can then be used through out the page. param: int $uid User ID to get information for. If empty current user. return: array Array of group ID's user belongs to return: array Associative Array grp_name -> ug_main_grp_id |
| SEC_groupIsRemoteUserAndHaveAccess($groupid, $groups) X-Ref |
| Checks to see if a user has admin access to the "Remote Users" group Admin users will probably not be members, but, User Admin, Root, and group admin will have access to it. However, we can not be sure what the group id for "Remote User" group is, because it's a later static group, and upgraded systems could have it in any id slot. param: groupid int The id of a group, which might be the remote users group param: groups array Array of group ids the user has access to. return: boolean |
| SEC_inGroup($grp_to_verify,$uid='',$cur_grp_id='') X-Ref |
| Determines if user belongs to specified group This is part of the Geeklog security implementation. This function looks up whether a user belongs to a specified group param: string $grp_to_verify Group we want to see if user belongs to param: int $uid ID for user to check. If empty current user. param: string $cur_grp_id NOT USED Current group we are working with in hierarchy return: boolean true if user is in group, otherwise false |
| SEC_isModerator() X-Ref |
| Determines if current user is a moderator of any kind Checks to see if this user is a moderator for any of the GL features OR GL plugins return: boolean returns if user has any .moderate rights |
| SEC_hasTopicAccess($tid) X-Ref |
| Checks to see if current user has access to a topic Checks to see if current user has access to a topic param: string $tid ID for topic to check on return: int returns 3 for read/edit 2 for read only 0 for no access |
| SEC_hasAccess($owner_id,$group_id,$perm_owner,$perm_group,$perm_members,$perm_anon) X-Ref |
| Checks if current user has access to the given object This function takes the access info from a Geeklog object and let's us know if they have access to the object returns 3 for read/edit, 2 for read only and 0 for no access param: int $owner_id ID of the owner of object param: int $group_id ID of group object belongs to param: int $perm_owner Permissions the owner has param: int $perm_group Permissions the gorup has param: int $perm_members Permissions logged in members have param: int $perm_anon Permissions anonymous users have return: int returns 3 for read/edit 2 for read only 0 for no access |
| SEC_hasRights($features,$operator='AND') X-Ref |
| Checks if current user has rights to a feature Takes either a single feature or an array of features and returns an array of whether the user has those rights param: string|array $features Features to check param: string $operator Either 'and' or 'or'. Default is 'and'. Used if checking more than one feature. return: boolean Return true if current user has access to feature(s), otherwise false. |
| SEC_getPermissionsHTML($perm_owner,$perm_group,$perm_members,$perm_anon) X-Ref |
| Shows security control for an object This will return the HTML needed to create the security control see on the admin screen for GL objects (i.e. stories, etc) param: int $perm_owner Permissions the owner has 1 = edit 2 = read 3 = read/edit param: int $perm_group Permission the group has param: int $perm_members Permissions logged in members have param: int $perm_anon Permissions anonymous users have return: string needed HTML (table) in HTML $perm_owner = array of permissions [edit,read], etc edit = 1 if permission, read = 2 if permission |
| SEC_getUserPermissions($grp_id='',$uid='') X-Ref |
| Gets everything a user has permissions to within the system This is part of the Geeklog security implmentation. This function will get all the permissions the current user has call itself recursively. param: int $grp_id DO NOT USE (Used for reccursion) Current group function is working on return: string returns comma delimited list of features the user has access to |
| SEC_getPermissionValues($perm_owner,$perm_group,$perm_members,$perm_anon) X-Ref |
| Converts permissions to numeric values This function will take all permissions for an object and get the numeric value that can then be used to save the database. param: array $perm_owner Array of owner permissions These arrays are set up by SEC_getPermissionsHTML param: array $perm_group Array of group permissions param: array $perm_members Array of member permissions param: array $perm_anon Array of anonymous user permissions return: array returns numeric equivalent for each permissions array (2 = read, 3=edit/read) |
| SEC_getPermissionValue($perm_x) X-Ref |
| Converts permission array into numeric value This function converts an array of permissions for either the owner/group/members/anon and returns the numeric equivalent. This is typically called by the admin screens to prepare the permissions to be save to the database param: array $perm_x Array of permission values return: int integer representation of a permission array 2 = read 3 = edit/read |
| SEC_getFeatureGroup($feature, $uid = '') X-Ref |
| Return the group to a given feature. Scenario: We have a feature and we want to know from which group the user got this feature. Always returns the lowest group ID, in case the feature has been inherited from more than one group. param: string $feature the feature, e.g 'story.edit' param: int $uid (optional) user ID return: int group ID or 0 |
| SEC_authenticate($username, $password, &$uid) X-Ref |
| Attempt to login a user. Checks a users username and password against the database. Returns users status. param: string $username who is logging in? param: string $password what they claim is their password param: int $uid This is an OUTPUT param, pass by ref, return: int user status, -1 for fail. |
| SEC_checkUserStatus($userid) X-Ref |
| Return the current user status for a user. param: int $userid Valid uid value. return: int user status, 0-3 |
| SEC_remoteAuthentication(&$loginname, $passwd, $service, &$uid) X-Ref |
| Check to see if we can authenticate this user with a remote server A user has not managed to login localy, but has an @ in their user name and we have enabled distributed authentication. Firstly, try to see if we have cached the module that we used to authenticate them when they signed up (i.e. they've actualy changed their password elsewhere and we need to synch.) If not, then try to authenticate them with /every/ authentication module. If this suceeds, create a user for them. param: string $loginname Their username param: string $passwd The password entered param: string $server The server portion of $username param: string $uid OUTPUT parameter, pass it by ref to get uid back. return: int user status, -1 for fail. |
| SEC_addUserToGroup($uid, $gname) X-Ref |
| Add user to a group work in progress Rather self explanitory shortcut function Is this the right place for this, Dirk? author: Trinity L Bays <trinity93@steubentech.com> param: string $uid Their user id param: string $gname The group name return: bool status, true or false. |
| SEC_setDefaultPermissions(&$A, $use_permissions = array () X-Ref |
| Set default permissions for an object param: array $A target array param: array $use_permissions permissions to set |
| SEC_buildAccessSql($clause = 'AND') X-Ref |
| Common function used to build group access SQL param: string $clause Optional parm 'WHERE' - default is 'AND' return: string $groupsql Formatted SQL string to be appended in calling script SQL statement |
| SEC_removeFeatureFromDB($feature_name, $logging = false) X-Ref |
| Remove a feature from the database entirely. This function can be used by plugins during uninstall. param: string $feature_name name of the feature, e.g. 'foo.edit' param: bool $logging whether to log progress in error.log return: void |
| SEC_getGroupDropdown($group_id, $access) X-Ref |
| Create a group dropdown Creates the group dropdown menu that's used on pretty much every admin page param: int $group_id current group id (to be selected) param: int $access access permission return: string HTML for the dropdown |
| Généré le : Wed Nov 21 12:27:40 2007 | par Balluche grâce à PHPXref 0.7 |
|
|