Malin
f55c91276e
- Add videodb PHP/MySQL media collection manager (Blu-ray, DVD, CD) - Dockerfile: PHP 8.1 + Apache with GD/mysqli/exif extensions - docker-compose.yml: app on port 6761 + MySQL 8.0 with health checks - docker-entrypoint.sh: auto-generates config.inc.php from env vars, waits for MySQL, initializes DB schema idempotently - init-db.php: CLI schema installer using app's own prefix_query() logic - Persistent volumes for DB, cache, and cover images Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
145 lines
5.0 KiB
PHP
145 lines
5.0 KiB
PHP
<?php
|
|
/**
|
|
* Access Control Management
|
|
*
|
|
* Access permission administration functions
|
|
*
|
|
* @author Chinamann <chinamann@users.sourceforge.net>
|
|
* @version $Id: permissions.php,v 2.4 2009/04/04 16:22:16 andig2 Exp $
|
|
*/
|
|
|
|
require_once './core/functions.php';
|
|
|
|
localnet_or_die();
|
|
permission_or_die(PERM_ADMIN);
|
|
|
|
/**
|
|
* Return if Checkbox is checked
|
|
*
|
|
* @param string $name Name of a checkbox
|
|
* @return boolean true if checked
|
|
*/
|
|
function getStateOfCheckbox($name)
|
|
{
|
|
global $$name;
|
|
return (!empty($$name));
|
|
}
|
|
|
|
/**
|
|
* input
|
|
*/
|
|
$id = req_int('id');
|
|
$diskid = req_string('diskid');
|
|
$from_uid = req_int('from_uid');
|
|
$save = req_int('save');
|
|
$message = req_string('message');
|
|
|
|
$permlist = [];
|
|
|
|
if (!empty($from_uid))
|
|
{
|
|
$WHERE = "";
|
|
if ($config['denyguest'])
|
|
{
|
|
$WHERE = ' WHERE A.id != '.$config['guestid'].
|
|
' AND C.id != '.$config['guestid'];
|
|
}
|
|
|
|
// current user permissions
|
|
$result = runSQL(
|
|
'SELECT
|
|
CASE WHEN B.permissions IS NULL THEN 1 ELSE 0 END AS newentry, '.
|
|
$from_uid.' AS from_uid,
|
|
C.name AS from_name,
|
|
A.id AS to_uid,
|
|
A.name AS to_name,
|
|
CASE WHEN B.permissions IS NULL THEN 0 ELSE B.permissions END AS permissions
|
|
FROM '.TBL_USERS.' A
|
|
LEFT OUTER JOIN '.TBL_PERMISSIONS.' B
|
|
ON A.id = B.TO_UID
|
|
AND B.FROM_UID = '. $from_uid .
|
|
' INNER JOIN '.TBL_USERS.' C ON '.$from_uid.' = C.ID' . $WHERE .
|
|
' ORDER BY A.id'
|
|
);
|
|
|
|
foreach ($result as $perm)
|
|
{
|
|
$perm['read'] = ($perm['permissions'] & PERM_READ);
|
|
$perm['write'] = ($perm['permissions'] & PERM_WRITE);
|
|
|
|
// process SAVE
|
|
if (!empty($save))
|
|
{
|
|
|
|
// make sure read is allowed when write is set
|
|
$rfn = 'readflag_'.$perm['to_uid'];
|
|
if (getStateOfCheckbox('writeflag_'.$perm['to_uid'])) $$rfn = '1';
|
|
|
|
// changed?
|
|
if ($perm['read'] != getStateOfCheckbox('readflag_'.$perm['to_uid']) ||
|
|
$perm['write'] != getStateOfCheckbox('writeflag_'.$perm['to_uid']))
|
|
{
|
|
// update
|
|
$newperm = PERM_READ * getStateOfCheckbox('readflag_'.$perm['to_uid']) +
|
|
PERM_WRITE * getStateOfCheckbox('writeflag_'.$perm['to_uid']);
|
|
$SQL = 'REPLACE INTO '.TBL_PERMISSIONS." SET from_uid=".$from_uid.", to_uid=".$perm['to_uid'].", permissions=".$newperm;
|
|
runSQL($SQL);
|
|
|
|
$perm['read'] = getStateOfCheckbox('readflag_'.$perm['to_uid']);
|
|
$perm['write'] = getStateOfCheckbox('writeflag_'.$perm['to_uid']);
|
|
/*
|
|
if ($perm['newentry']) // new
|
|
{
|
|
// insert
|
|
$newperm = PERM_READ * getStateOfCheckbox('readflag_'.$perm['to_uid']) +
|
|
PERM_WRITE * getStateOfCheckbox('writeflag_'.$perm['to_uid']);
|
|
$INSERT = 'INSERT INTO '.TBL_PERMISSIONS." SET from_uid=".$from_uid.", to_uid=".$perm['to_uid'].", permissions=".$newperm;
|
|
runSQL($INSERT);
|
|
$perm['read'] = getStateOfCheckbox('readflag_'.$perm['to_uid']);
|
|
$perm['write'] = getStateOfCheckbox('writeflag_'.$perm['to_uid']);
|
|
}
|
|
else // old
|
|
{
|
|
if ((getStateOfCheckbox('readflag_'.$perm['to_uid']) + getStateOfCheckbox('writeflag_'.$perm['to_uid'])) == 0)
|
|
{
|
|
// delete
|
|
$DELETE = "DELETE FROM ".TBL_PERMISSIONS." WHERE from_uid=".$from_uid." AND to_uid=".$perm['to_uid'];
|
|
runSQL($DELETE);
|
|
$perm['read'] = 0;
|
|
$perm['write'] = 0;
|
|
}
|
|
else
|
|
{
|
|
// update
|
|
$newperm = PERM_READ * getStateOfCheckbox('readflag_'.$perm['to_uid']) +
|
|
PERM_WRITE * getStateOfCheckbox('writeflag_'.$perm['to_uid']);
|
|
$UPDATE = "UPDATE ".TBL_PERMISSIONS." SET permissions=".$newperm." WHERE from_uid=".$from_uid." AND to_uid=".$perm['to_uid'];
|
|
runSQL($UPDATE);
|
|
$perm['read'] = getStateOfCheckbox('readflag_'.$perm['to_uid']);
|
|
$perm['write'] = getStateOfCheckbox('writeflag_'.$perm['to_uid']);
|
|
}
|
|
}
|
|
*/
|
|
}
|
|
|
|
// clear permission cache
|
|
clear_permission_cache();
|
|
}
|
|
|
|
$permlist[] = $perm;
|
|
}
|
|
}
|
|
|
|
// prepare templates
|
|
tpl_page();
|
|
|
|
$smarty->assign('permlist', $permlist);
|
|
//$smarty->assign('from_name', $permlist[0]['from_name']);
|
|
$smarty->assign('from_uid', $permlist[0]['from_uid']);
|
|
$smarty->assign('owners', out_owners(false,false,true));
|
|
$smarty->assign('message', $message);
|
|
|
|
// display templates
|
|
tpl_display('permissions.tpl');
|
|
|