[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gforge-commits] gforge/common/forum Forum.class, 1.13, 1.14 ForumFactor
From: |
tperdue |
Subject: |
[Gforge-commits] gforge/common/forum Forum.class, 1.13, 1.14 ForumFactory.class, 1.7, 1.8 ForumMessage.class, 1.8, 1.9 |
Date: |
Wed, 04 Aug 2004 11:18:35 -0500 |
Update of /cvsroot/gforge/gforge/common/forum
In directory db.perdue.net:/home/tperdue/share/dev.gforge.org/common/forum
Modified Files:
Forum.class ForumFactory.class ForumMessage.class
Log Message:
RBAC, DELETION, AND FORUM EMAIL GATEWAY
Index: Forum.class
===================================================================
RCS file: /cvsroot/gforge/gforge/common/forum/Forum.class,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- Forum.class 15 Mar 2004 15:57:42 -0000 1.13
+++ Forum.class 4 Aug 2004 16:18:32 -0000 1.14
@@ -60,6 +60,8 @@
*/
var $view_types;
+ var $current_user_perm;
+
/**
* Constructor.
*
@@ -94,14 +96,13 @@
return false;
}
}
- if (!$this->isPublic()) {
- $perm =& $this->Group->getPermission(
session_get_user() );
-
- if (!$perm || !is_object($perm) ||
!$perm->isMember()) {
- $this->setPermissionDeniedError();
- $this->data_array = null;
- return false;
- }
+ //
+ // Make sure they can even access this object
+ //
+ if (!$this->userCanView()) {
+ $this->setPermissionDeniedError();
+ $this->data_array = null;
+ return false;
}
}
$this->view_types[]='ultimate';
@@ -132,6 +133,10 @@
$this->setError($Language->getText('forum_common','error_min_desc_length'));
return false;
}
+ if (eregi('[^_\.0-9a-z-]',$forum_name)) {
+
$this->setError($Language->getText('forum_common','error_illegal_characters'));
+ return false;
+ }
if ($send_all_posts_to && !validate_email($send_all_posts_to)) {
$this->setInvalidEmailError();
return false;
@@ -157,7 +162,7 @@
$sql="INSERT INTO forum_group_list
(group_id,forum_name,is_public,description,send_all_posts_to,allow_anonymous)
VALUES ('".$this->Group->getId()."',
- '". htmlspecialchars($forum_name) ."',
+ '". strtolower($forum_name) ."',
'$is_public',
'". htmlspecialchars($description) ."',
'$send_all_posts_to',
@@ -180,6 +185,10 @@
return false;
}
}
+ if (!$this->addAllUsers()) {
+ db_rollback();
+ return false;
+ }
db_commit();
return true;
}
@@ -237,6 +246,10 @@
}
}
+ function getUnixName() {
+ return $this->Group->getUnixName().'-'.$this->getName();
+ }
+
/**
* getSavedDate - The unix time when the person last hit "save my
place".
*
@@ -469,7 +482,7 @@
* @param int Pass (1) if we should allow non-logged-in users
to post (0) for mandatory login.
* @return boolean success.
*/
- function
update($forum_name,$description,$is_public=1,$send_all_posts_to='',$allow_anonymous=0)
{
+ function update($forum_name,$description,$send_all_posts_to='') {
global $Language;
if (strlen($forum_name) < 3) {
$this->setError($Language->getText('forum_common','error_min_name_length'));
@@ -479,20 +492,22 @@
$this->setError($Language->getText('forum_common','error_min_desc_length'));
return false;
}
+ if (eregi('[^_\.0-9a-z-]',$forum_name)) {
+
$this->setError($Language->getText('forum_common','error_illegal_characters'));
+ return false;
+ }
if ($send_all_posts_to && !validate_email($send_all_posts_to)) {
$this->setInvalidEmailError();
return false;
}
- $perm =& $this->Group->getPermission( session_get_user() );
-
- if (!$perm || !is_object($perm) || !$perm->isForumAdmin()) {
+ if (!$this->userIsAdmin()) {
$this->setPermissionDeniedError();
return false;
}
$res=db_query("UPDATE forum_group_list SET
- forum_name='". htmlspecialchars($forum_name) ."',
+ forum_name='". strtolower($forum_name) ."',
description='". htmlspecialchars($description) ."',
is_public='$is_public',
send_all_posts_to='$send_all_posts_to',
@@ -507,6 +522,263 @@
return true;
}
+ /**
+ * delete - delete this forum and all its related data.
+ *
+ * @param bool I'm Sure.
+ * @param bool I'm REALLY sure.
+ * @return bool true/false;
+ */
+ function delete($sure, $really_sure) {
+ if (!$sure || !$really_sure) {
+ $this->setMissingParamsError();
+ return false;
+ }
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ db_begin();
+ db_query("DELETE FROM forum_agg_msg_count
+ WHERE group_forum_id='".$this->getID()."'");
+//echo '1'.db_error();
+ db_query("DELETE FROM forum_monitored_forums
+ WHERE forum_id='".$this->getID()."'");
+//echo '2'.db_error();
+ db_query("DELETE FROM forum_saved_place
+ WHERE forum_id='".$this->getID()."'");
+//echo '3'.db_error();
+ db_query("DELETE FROM forum
+ WHERE group_forum_id='".$this->getID()."'");
+//echo '4'.db_error();
+ db_query("DELETE FROM forum_group_list
+ WHERE group_forum_id='".$this->getID()."'");
+//echo '5'.db_error();
+ db_commit();
+ return true;
+ }
+
+ /**
+ * addAllUsers - add all users to this forum.
+ *
+ * @return boolean success.
+ */
+ function addAllUsers() {
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ $sql="INSERT INTO forum_perm (group_forum_id,user_id,perm_level)
+ SELECT '".$this->getID()."',user_id,forum_flags
+ FROM user_group
+ WHERE
+ group_id='".$this->Group->getID()."'
+ AND NOT EXISTS (SELECT user_id FROM forum_perm
+ WHERE group_forum_id='".$this->getID()."'
+ AND user_id=user_group.user_id);";
+ $res= db_query($sql);
+ if (!$res) {
+ $this->setError(db_error());
+ return false;
+ } else {
+ return true;
+ }
+ }
+
+ /**
+ * addUser - add a user to this subproject.
+ *
+ * @param int user_id of the new user.
+ * @return boolean success.
+ */
+ function addUser($id) {
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ if (!$id) {
+ $this->setMissingParamsError();
+ return false;
+ }
+ $sql="SELECT * FROM forum_perm
+ WHERE group_forum_id='".$this->getID()."'
+ AND user_id='$id'";
+ $result=db_query($sql);
+ if (db_numrows($result) > 0) {
+ return true;
+ } else {
+ $sql="INSERT INTO forum_perm
(group_forum_id,user_id,perm_level)
+ VALUES ('".$this->getID()."','$id',0)";
+ $result=db_query($sql);
+ if ($result && db_affected_rows($result) > 0) {
+ return true;
+ } else {
+ $this->setError(db_error());
+ return false;
+ }
+ }
+ }
+
+ /**
+ * updateUser - update a user's permissions.
+ *
+ * @param int user_id of the user to update.
+ * @param int (0) read only, (1) tech only, (2) admin & tech (3)
admin only.
+ * @return boolean success.
+ */
+ function updateUser($id,$perm_level) {
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ if (!$id) {
+ $this->setMissingParamsError();
+ return false;
+ }
+ //
+ // Update and test if it already exists
+ //
+ $sql="UPDATE forum_perm SET perm_level='$perm_level'
+ WHERE user_id='$id' AND
group_forum_id='".$this->getID()."'";
+ $result=db_query($sql);
+ if (db_affected_rows($result) < 1) {
+ //
+ // If not, insert it.
+ //
+ $sql="INSERT INTO forum_perm
(group_forum_id,user_id,perm_level) VALUES
+ ('".$this->getID()."','$id','$perm_level')";
+ $result=db_query($sql);
+ if (!$result) {
+ $this->setError(db_error());
+ return false;
+ } else {
+ return true;
+ }
+ } else {
+ return true;
+ }
+ }
+
+ /**
+ * deleteUser - delete a user's permissions.
+ *
+ * @param int user_id of the user who's permissions to delete.
+ * @return boolean success.
+ */
+ function deleteUser($id) {
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ if (!$id) {
+ $this->setMissingParamsError();
+ return false;
+ }
+ $sql="DELETE FROM forum_perm
+ WHERE user_id='$id' AND
group_forum_id='".$this->getID()."'";
+ $result=db_query($sql);
+ if ($result) {
+ return true;
+ } else {
+ $this->setError(db_error());
+ return false;
+ }
+ }
+
+
+ /*
+
+ USER PERMISSION FUNCTIONS
+
+ */
+
+ /**
+ * userCanView - determine if the user can view this subproject.
+ *
+ * @return boolean user_can_view.
+ */
+ function userCanView() {
+ if ($this->isPublic()) {
+ return true;
+ } else {
+ if (!session_loggedin()) {
+ return false;
+ } else {
+ //
+ // You must have an entry in project_perm if
this subproject is not public
+ //
+ if ($this->getCurrentUserPerm() >= 0) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+ }
+
+ /**
+ * userCanPost - see if the logged-in user's perms are >= 1 or Group
ForumAdmin.
+ *
+ * @return boolean user_can_post.
+ */
+ function userCanPost() {
+ if (($this->isPublic() && $this->allowAnonymous()) ||
$this->userIsAdmin()) {
+ return true;
+ } elseif ($this->isPublic() && session_loggedin()) {
+ return true;
+ } else {
+ if (!session_loggedin()) {
+ return false;
+ } else {
+ if ($this->getCurrentUserPerm() >= 1) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+ }
+
+ /**
+ * userIsAdmin - see if the logged-in user's perms are >= 2 or Group
ForumAdmin.
+ *
+ * @return boolean user_is_admin.
+ */
+ function userIsAdmin() {
+ if (!session_loggedin()) {
+ return false;
+ } else {
+ $perm =& $this->Group->getPermission(
session_get_user() );
+
+ if (($this->getCurrentUserPerm() >= 2) ||
($perm->isForumAdmin())) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+
+ /**
+ * getCurrentUserPerm - get the logged-in user's perms from forum_perm.
+ *
+ * @return int perm level for the logged-in user.
+ */
+ function getCurrentUserPerm() {
+ if (!session_loggedin()) {
+ return -1;
+ } else {
+ if (!isset($this->current_user_perm)) {
+ $sql="select perm_level
+ FROM forum_perm
+ WHERE group_forum_id='". $this->getID() ."'
+ AND user_id='".user_getid()."'";
+
$this->current_user_perm=db_result(db_query($sql),0,0);
+ }
+ return $this->current_user_perm;
+ }
+ }
+
+
}
?>
Index: ForumFactory.class
===================================================================
RCS file: /cvsroot/gforge/gforge/common/forum/ForumFactory.class,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- ForumFactory.class 6 May 2003 15:41:45 -0000 1.7
+++ ForumFactory.class 4 Aug 2004 16:18:32 -0000 1.8
@@ -100,6 +100,9 @@
$public_flag='=1';
} else {
$public_flag='<3';
+ $exists=' AND EXISTS (SELECT group_forum_ID
+ FROM forum_perm
+ WHERE perm_level >= 0 AND
group_forum_id=forum_group_list.group_forum_id) ';
}
} else {
$public_flag='=1';
@@ -109,6 +112,7 @@
FROM forum_group_list_vw
WHERE group_id='". $this->Group->getID() ."'
AND is_public $public_flag
+ $exists
ORDER BY group_forum_id;";
$result = db_query ($sql);
Index: ForumMessage.class
===================================================================
RCS file: /cvsroot/gforge/gforge/common/forum/ForumMessage.class,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- ForumMessage.class 25 Nov 2003 02:55:23 -0000 1.8
+++ ForumMessage.class 4 Aug 2004 16:18:32 -0000 1.9
@@ -108,8 +108,8 @@
$this->setError($Language->getText('forum_common_forummessage','error_required_fields'));
return false;
}
- if (!session_loggedin() && !$this->Forum->allowAnonymous()) {
-
$this->setError($Language->getText('forum_common_forummessage','error_not_logged'));
+ if (!$this->Forum->userCanPost()) {
+ $this->setPermissionDeniedError();
return false;
}
if (!session_loggedin()) {
@@ -392,28 +392,22 @@
return true;
}
-
$messagelink='http://'.$GLOBALS[sys_default_domain].'/forum/message.php?msg_id='.$this->getID();
- $messagesender=$this->getPosterName();
-
$messagebody=util_line_wrap(util_unconvert_htmlspecialchars($this->getBody()));
- $messagesys=$GLOBALS['sys_name'];
-
$messagemonitor='http://'.$GLOBALS[sys_default_domain].'/forum/monitor.php?forum_id='.$this->Forum->getID()
.'&group_id='.$this->Forum->Group->getID().'&stop=1';
-
-// $body = stripcslashes($Language->getText('forum_utils',
'mailmonitor', array($messagelink, $messagesender, $messagebody, $messagesys,
$messagemonitor)));
-
- $body = "\nRead and respond to this message at: ".
-
"\nhttp://$GLOBALS[sys_default_domain]/forum/message.php?msg_id=".$this->getID().
- "\nBy: " . $this->getPosterName() .
- "\n\n" .
util_line_wrap(util_unconvert_htmlspecialchars($this->getBody())).
+ $body =
util_line_wrap(util_unconvert_htmlspecialchars($this->getBody())).
"\n\n______________________________________________________________________".
- "\nRead and respond to this message at: ".
-
"\nhttp://$GLOBALS[sys_default_domain]/forum/message.php?msg_id=".$this->getID().
- "\n\nYou are receiving this email because you elected to
monitor this forum.".
+ "\nYou are receiving this email because you elected to monitor
this forum.".
"\nTo stop monitoring this forum, login to $GLOBALS[sys_name]
and visit: ".
"\nhttp://$GLOBALS[sys_default_domain]/forum/monitor.php?forum_id=".$this->Forum->getID()
.'&group_id='.$this->Forum->Group->getID().'&stop=1';
+ //$extra_headers = 'Reply-to:
'.$this->Forum->getUnixName().'@'.$GLOBALS['sys_default_domain'];
- $subject="[" . $this->Forum->Group->getUnixName() . " - " .
$this->Forum->getName() ."]
".util_unconvert_htmlspecialchars($this->getSubject());
-
util_handle_message(array_unique($ids),$subject,$body,$this->Forum->getSendAllPostsTo());
+ $subject="[" . $this->Forum->getUnixName()
."][".$this->getID()."] ".util_unconvert_htmlspecialchars($this->getSubject());
+ $sql="SELECT email FROM users WHERE status='A' AND user_id IN
('".implode($ids,'\',\'')."')";
+//echo $sql;
+ $bccres = db_query($sql);
+ $BCC =&
implode(util_result_column_to_array($bccres),',').','.$this->Forum->getSendAllPostsTo();
+//echo $BCC;
+
util_send_message('',$subject,$body,$this->Forum->getUnixName().'@'.$GLOBALS['sys_forum_return_domain'],$BCC,$this->getPosterRealName());
+//
util_handle_message(array_unique($ids),$subject,$body,$this->Forum->getSendAllPostsTo(),'','forumgateway@'.$GLOBALS[sys_default_domain]);
return true;
}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gforge-commits] gforge/common/forum Forum.class, 1.13, 1.14 ForumFactory.class, 1.7, 1.8 ForumMessage.class, 1.8, 1.9,
tperdue <=