documentModify.inc
2.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
/***
* Class documentModify.inc
*
* Contains all functions required to upload, alter and
* delete a document.
*
* @author Rob Cherry, Jam Warehouse (Pty) Ltd, South Africa
* @date 13 January 2003
*/
class DocumentModify {
/**
* Checks if the current user has write permission for a specific folder
*
* @param $iFolderID Primary key of folder to check
*
* @return true is the user has folder write permission, false otherwise and set $_SESSION["errorMessage"]
*/
function hasFolderWritePermission($iFolderID) {
return true;
}
/**
* Check is the user is assigned a specific role that has write permission for a folder
* *
* @param $sRoleName Name of role to check
* @param $iFolderID Primary key of folder to check
*
* @return true is the user has the role assigned, false otherwise and set $_SESSION["errorMessage"]
*/
function hasWriteRoleForFolder($sRoleName, $iFolderID) {
global $default;
$iRoleID = $this->getRoleID($sRoleName);
if (!($iRoleID === false)) {
$sql = new Owl_DB();
$sql->query("SELECT * FROM " . $default->owl_folders_user_links_table . " AS FURL INNER JOIN " . $default->owl_role_table . " AS R ON FURL.role_id = R.id WHERE role_id = " . $iRoleID . " AND folder_id = " . $iFolderID . " AND user_id = " . $_SESSION["user_id"] . " AND R.can_write = 1");
if ($sql->next_record()) {
return true;
}
$_SESSION["errorMessage"] = $lang_err_user_role;
return false;
}
//error message is set in $this->getRoleID($sRoleName);
return false;
}
/**
* Get the primary key for a role
*
* @param $sRoleName Name of role to get primary key for
*
* @return ID if role exists, false otherwise and set $_SESSION["errorMessage"]
*/
function getRoleID($sRoleName) {
global $default, $lang_database_error;
if (roleExists($sRoleName) {
$sql = new Owl_DB();
$sql->query("SELECT id FROM " . $default->owl_role_table . " WHERE name = '" . $sRoleName . "'";
sql->next_record();
return sql->f("id");
}
$_SESSION["errorMessage"] = $lang_database_error;
return false;
}
/**
* Checks if a given role exists
*
* @param $sRoleName Role to check for
*
* @return true if role exists, false otherwise and set $_SESSION["errorMessage"]
*/
function roleExists($sRoleName) {
global $default;
$sql = new Owl_DB();
$sql->query("SELECT id FROM " . $default->owl_role_table . " WHERE name = '" . $sRoleName . "'";
if (sql->next_record()) {
return true;
}
$_SESSION["errorMessage"] = $lang_err_role_not_exist . $sRoleName;
return false;
}
}
?>