| Current Path : /var/www/html/administrator/components/com_komento/includes/acl/ |
| Current File : /var/www/html/administrator/components/com_komento/includes/acl/acl.php |
<?php
/**
* @package Komento
* @copyright Copyright (C) Stack Ideas Sdn Bhd. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Komento is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*/
defined('_JEXEC') or die('Unauthorized Access');
class KomentoAcl
{
protected static $rules = [];
public function allow($type, $comment = '', $component = '', $cid = '')
{
// for complicated acl situations
// $type = ['edit', 'delete', 'publish', 'unpublish', 'stick', 'delete_attachment'];
if (!empty($comment) && (empty($component) || empty($cid))) {
if (!is_object($comment)) {
$comment = KT::comment($comment);
}
$component = $comment->component;
$cid = $comment->cid;
}
if (empty($component) || empty($cid)) {
return false;
}
$profile = KT::user();
$application = KT::loadApplication($component)->load($cid);
KT::setCurrentComponent($component);
switch ($type) {
case 'minimize':
if ($profile->id != 0 && $profile->allow('minimize_comment')) {
return true;
}
break;
case 'edit':
if ($profile->id != 0 && ($profile->allow('edit_all_comment') || ($profile->id == $application->getAuthorId() && $profile->allow('author_edit_comment') ) || ($profile->id == $comment->created_by && $profile->allow('edit_own_comment')))) {
return true;
}
break;
case 'delete':
if( $profile->id != 0 && ($profile->allow('delete_all_comment') || ($profile->id == $application->getAuthorId() && $profile->allow('author_delete_comment')) || ($profile->id == $comment->created_by && $profile->allow('delete_own_comment')))) {
return true;
}
break;
case 'publish':
if ($profile->allow('publish_all_comment') || ($profile->id == $application->getAuthorId() && $profile->allow('author_publish_comment'))) {
return true;
}
break;
case 'unpublish':
if( $profile->allow( 'unpublish_all_comment' ) || ( $profile->id == $application->getAuthorId() && $profile->allow( 'author_unpublish_comment' ) ) )
{
return true;
}
break;
case 'stick':
if ($profile->allow('stick_all_comment') || ($profile->id == $application->getAuthorId() && $profile->allow('author_stick_comment'))) {
return true;
}
break;
case 'like':
if ($profile->allow('like_comment')) {
return true;
}
break;
case 'report':
if ($profile->allow('report_comment')) {
return true;
}
break;
case 'delete_attachment':
if ($profile->allow('delete_all_attachment') || ($profile->id == $application->getAuthorId() && $profile->allow('author_delete_attachment')) || ($profile->id == $comment->created_by && $profile->allow('delete_own_attachment'))) {
return true;
}
break;
}
return false;
}
public function check($action, $userId)
{
$userId = (int) $userId;
$result = false;
$rules = $this->getRules($userId);
if (isset($rules[$action])) {
$result = (bool) $rules[$action];
}
return $result;
}
public function getRules($userId)
{
$signature = serialize(array($userId));
if (empty(self::$rules[$signature])) {
$profile = KT::user($userId);
$model = KT::model('Acl');
$data = [];
// check user group specific rules
$gids = $profile->getUsergroups();
foreach ($gids as $gid) {
$data[] = $model->getAclObject($gid, 'usergroup');
}
// check user specific rules
$data[] = $model->getAclObject($userId, 'user');
// remove empty set
foreach ($data as $key => $value) {
if (empty($value)) {
unset($data[$key]);
}
}
if (count($data) < 1) {
$data[] = KT::acl()->getEmptySet(true);
}
self::$rules[$signature] = $this->merge($data);
}
return self::$rules[$signature];
}
private function merge($data)
{
$result = [];
foreach ($data as $ruleset) {
if (!empty($ruleset)) {
foreach ($ruleset as $key => $value) {
if (isset($result[$key])) {
// This logics prioritizes TRUE
if (!(bool) $result[$key]) {
$result[$key] = $value;
}
} else {
$result[$key] = $value;
}
}
}
}
return $result;
}
/**
* Get Default ACL set
*
* @since 3.0
* @access public
*/
public function getEmptySet($flat = false)
{
static $acl = null;
if (empty($acl)) {
$rulesFile = KOMENTO_ADMIN_ROOT . '/defaults/acl.json';
if (!JFile::exists($rulesFile)) {
return false;
}
$contents = file_get_contents($rulesFile);
$acl = json_decode($contents);
}
if ($flat === false) {
return $acl;
}
$data = new stdClass();
foreach ($acl as $section => $rules) {
foreach($rules as $key => $value) {
$data->$key = $value;
}
}
return $data;
}
}