/* * This file is a part of CMSLU -- Content Management System like Unix * and is not publicly distributed * * Copyright (c) 2008-2009, Tomasz Sowa * All rights reserved. * */ #include "content.h" #include "../core/request.h" #include "../core/error.h" #include "../core/db.h" #include "../core/data.h" bool Content::PrivCheckAccess() { // we do not check permissions here // permissions depends on the user, group, and privileges // but we cannot use parameter 'r' on files // and only logged users can change permissions if( !request.session->puser || (request.is_item && request.IsParam("r")) ) { request.status = Error::permission_denied; return false; } return true; } void Content::FunPriv(Item & item, long user_id, long group_id, int privileges) { if( user_id==item.user_id && group_id==item.group_id && privileges==item.privileges ) return; if( !request.CanChangeUser(item, user_id) ) { log << log3 << "Content: can't change the user" << logend; return; } if( !request.CanChangeGroup(item, group_id) ) { log << log3 << "Content: can't change the group" << logend; return; } if( !request.CanChangePrivileges(item, privileges) ) { log << log3 << "Content: can't change privileges" << logend; return; } item.user_id = user_id; item.group_id = group_id; item.privileges = privileges; request.session->done_status = db.EditPrivById(item, item.id); } void Content::PrivLog(const char * what, const std::string & url, long user, long group, int priv) { log << log3 << "Content: " << what << url << ", user: " << user << ", group: " << group << ", priv: " << priv << logend; } void Content::PrivFilesInDir(long parent_id) { request.item_table.clear(); db.GetItems(request.item_table, parent_id, Item::file, false, false, true); std::vector::iterator i = request.item_table.begin(); for( ; i != request.item_table.end() ; ++i) { PrivLog("changed file: ", i->url, user_id_file, group_id_file, priv_file); FunPriv(*i, user_id_file, group_id_file, priv_file); } } // recurrence void Content::PrivDir(long parent_id) { PrivFilesInDir(parent_id); DirContainer::ParentIterator i = data.dirs.FindFirstParent(parent_id); for( ; i != data.dirs.ParentEnd() ; i = data.dirs.NextParent(i) ) { PrivLog("changed dir: ", i->second->url, user_id_dir, group_id_dir, priv_dir); FunPriv(*(i->second), user_id_dir, group_id_dir, priv_dir); PrivDir(i->second->id); } } bool Content::ReadPriv(const char * user_in, const char * group_in, const char * priv_in, long & user_id, long & group_id, int & priv) { std::string * user_str = request.PostVar(user_in); std::string * group_str = request.PostVar(group_in); std::string * priv_str = request.PostVar(priv_in); if( !user_str || !group_str || !priv_str ) { log << log1 << "Content: PostFunPriv: there is no some post variables" << logend; return false; } user_id = data.users.GetUserId( *user_str ); group_id = data.groups.GetGroupId( *group_str ); priv = strtol( priv_str->c_str() , 0, 8); return true; } void Content::PrivDir() { if( !ReadPriv("userfile", "groupfile", "privilegesfile", user_id_file, group_id_file, priv_file) ) return; if( !ReadPriv("userdir", "groupdir", "privilegesdir", user_id_dir, group_id_dir, priv_dir) ) return; if( request.IsPostVar("changecurrentdir") ) { PrivLog("changed dir: ", request.dir_table.back()->url, user_id_dir, group_id_dir, priv_dir); FunPriv(*request.dir_table.back(), user_id_dir, group_id_dir, priv_dir); } // go through all directories (recurrence) PrivDir(request.dir_table.back()->id); RedirectToLastDir(); } // changing only one item (either a dir or file) void Content::PrivOneItem() { if( !ReadPriv("user", "group", "privileges", user_id_file, group_id_file, priv_file) ) return; if( request.is_item ) { FunPriv(request.item, user_id_file, group_id_file, priv_file); RedirectTo(request.item); } else { FunPriv(*request.dir_table.back(), user_id_file, group_id_file, priv_file); RedirectToLastDir(); } } void Content::PostFunPriv() { if( !PrivCheckAccess() ) return; if( request.IsParam("r") ) { PrivDir(); } else { PrivOneItem(); } } void Content::FunPriv() { PrivCheckAccess(); }