File "checkPermissions.php"
Full Path: /home/analogde/www/JAVA/system/checkPermissions.php
File size: 6.51 KB
MIME-type: text/x-php
Charset: utf-8
<?php
/***************************************************************
* Copyright notice
*
* (c) 2003-2004 Tobias Bender (tobias@phpXplorer.org)
* All rights reserved
*
* This script is part of the phpXplorer project. The phpXplorer project is
* free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* The GNU General Public License can be found at
* http://www.gnu.org/copyleft/gpl.html.
* A copy is found in the textfile GPL.txt distributed with these scripts.
*
* This script is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* This copyright notice MUST APPEAR in all copies of the script!
***************************************************************/
if(!isset($shareId))
die("Missing Parameter shareId!");
require(dirname(__FILE__) . "/checkSharePermission.php");
if(!checkSharePermission())
die($PXP_languages[$PXP_language]['accessDenied'] . " (805)");
# arrays for rights per user/group
$PXP_rightsOpen_byName_inherit = Array();
$PXP_rightsOpen_byName = Array();
$PXP_rightsOpen_byTypekey_inherit = Array();
$PXP_rightsOpen_byTypekey = Array();
$PXP_rightsOpen_byPath_invert = Array();
$PXP_rightsOpen_byPath = Array();
$PXP_rightsEdit_byName_inherit = Array();
$PXP_rightsEdit_byName = Array();
$PXP_rightsEdit_byTypekey_inherit = Array();
$PXP_rightsEdit_byTypekey = Array();
$PXP_rightsEdit_byPath_invert = Array();
$PXP_rightsEdit_byPath = Array();
# arrays for added rights (rights for current user + rights for all assigned roles + rights for everybody)
$PXP_user_rightsOpen_byName = Array();
$PXP_user_rightsOpen_byTypekey = Array();
$PXP_user_rightsEdit_byName = Array();
$PXP_user_rightsEdit_byTypekey = Array();
$members = Array();
# include system right files ($PXP_dir/rights.pxrf) first
if(is_dir($PXP_dir . "/rights.pxrf")){
$d = dir($PXP_dir . "/rights.pxrf");
while($file = $d->read())
if($file != "." AND $file != "..")
if(!is_dir($PXP_dir . "/rights.pxrf/" . $file)){
# is there a right file for everybody ?
if(file_exists($PXP_dir . "/rights.pxrf/%.pxr.php"))
require($PXP_dir . "/rights.pxrf/%.pxr.php");
# are there right files for all roles of the current user ?
foreach($PXP_user_roles as $role)
if(file_exists($PXP_dir . "/rights.pxrf/" . $role . ".pxr.php"))
require($PXP_dir . "/rights.pxrf/" . $role . ".pxr.php");
# is there a right file for the current user ?
if(file_exists($PXP_dir . "/rights.pxrf/" . $PXP_user . ".pxr.php"))
require($PXP_dir . "/rights.pxrf/" . $PXP_user . ".pxr.php");
}
}
# includes all right files starting with the base dir down to current dir
# each right file controls itself if parent rights are inherited
function rightFilesLookup($dir, $subDir){
GLOBAL $currentDir, $PXP_authentication;
GLOBAL $PXP_basedir, $PXP_rights_dir, $PXP_user_roles, $PXP_user;
GLOBAL $PXP_user_rightsOpen_byName, $PXP_user_rightsOpen_byTypekey, $PXP_user_rightsEdit_byName, $PXP_user_rightsEdit_byTypekey;
GLOBAL $PXP_rightsOpen_byName, $PXP_rightsOpen_byTypekey, $PXP_rightsEdit_byName, $PXP_rightsEdit_byTypekey;
GLOBAL $PXP_rightsOpen_byPath_invert, $PXP_rightsOpen_byPath, $PXP_rightsEdit_byPath_invert, $PXP_rightsEdit_byPath;
GLOBAL $PXP_languages, $PXP_language;
if($dir != $PXP_basedir or $dir == $PXP_basedir){
if($dir != $PXP_basedir)
rightFilesLookup(dirname($dir), basename($dir));
$pxrf = $dir . "/" . $PXP_rights_dir;
if(is_dir($pxrf)){
$bCheckPath = true;
# is there a right file for everybody ?
if(file_exists($pxrf . "/%.pxr.php")){
require($pxrf . "/%.pxr.php");
$bCheckPath = checkPath($dir, $subDir, "%");
}
# are there right files for all roles of the current user ?
foreach($PXP_user_roles as $role)
if(file_exists($pxrf . "/" . $role . ".pxr.php")){
require($pxrf . "/" . $role . ".pxr.php");
$bCheckPath = checkPath($dir, $subDir, $role);
}
# is there a right file for the current user ?
if(file_exists($pxrf . "/" . $PXP_user . ".pxr.php")){
require($pxrf . "/" . $PXP_user . ".pxr.php");
$bCheckPath = checkPath($dir, $subDir, $PXP_user);
}
if(!$bCheckPath)
die($PXP_languages[$PXP_language]['accessDenied'] . " (806)");
if($dir != $currentDir){
$PXP_rightsOpen_byPath_invert = Array();
$PXP_rightsOpen_byPath = Array();
$PXP_rightsEdit_byPath_invert = Array();
$PXP_rightsEdit_byPath = Array();
}
}
}
}
# check byPath rights for path parts
function checkPath($dir, $subDir, $member){
GLOBAL $PXP_rightsOpen_byPath, $PXP_rightsOpen_byPath_invert, $currentDir;
if($subDir != ""){
if(is_array($PXP_rightsOpen_byPath[$member])){
if($PXP_rightsOpen_byPath_invert[$member]){
if(!in_array($subDir, $PXP_rightsOpen_byPath[$member]))
return false;
}else{
if(in_array($subDir, $PXP_rightsOpen_byPath[$member]))
return false;
}
}
}
return true;
}
# lookup for right folders
if($PXP_user != "root")
rightFilesLookup($currentDir, "");
# add rights which are defined for everybody
if(is_array($PXP_rightsOpen_byName))
if(isset($PXP_rightsOpen_byName["%"]))
array_push($members, "%");
$members = array_merge($members, $PXP_user_roles);
# if there are rights for the current user
if(is_array($PXP_rightsOpen_byName))
if(isset($PXP_rightsOpen_byName[$PXP_user]))
array_push($members, $PXP_user);
$byPathMembers = Array();
# merge all rights concering the current user to one array
foreach($members as $member){
if(!isset($PXP_rightsOpen_byName[$member]))
continue;
if(sizeof($PXP_rightsOpen_byPath[$member]) > 0 or sizeof($PXP_rightsEdit_byPath[$member]) > 0)
array_push($byPathMembers, $member);
$PXP_user_rightsOpen_byName = array_merge($PXP_user_rightsOpen_byName, $PXP_rightsOpen_byName[$member]);
$PXP_user_rightsOpen_byTypekey = array_merge($PXP_user_rightsOpen_byTypekey, $PXP_rightsOpen_byTypekey[$member]);
$PXP_user_rightsEdit_byName = array_merge($PXP_user_rightsEdit_byName, $PXP_rightsEdit_byName[$member]);
$PXP_user_rightsEdit_byTypekey = array_merge($PXP_user_rightsEdit_byTypekey, $PXP_rightsEdit_byTypekey[$member]);
}
$dirParts = explode("/", $currentDir);
if($PXP_user != "root")
foreach($dirParts as $part)
if(in_array($part, $PXP_user_rightsOpen_byName))
die($PXP_languages[$PXP_language]['accessDenied'] . " (808)");
?>