/[drupal]/contributions/modules/filebrowser/filebrowser.security.inc
ViewVC logotype

Contents of /contributions/modules/filebrowser/filebrowser.security.inc

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.2 - (show annotations) (download) (as text)
Thu Oct 22 07:20:52 2009 UTC (5 weeks, 1 day ago) by ulhume
Branch: MAIN
CVS Tags: HEAD
Changes since 1.1: +99 -0 lines
File MIME type: text/x-php 
- copmpanion module api
- Image thumbnailing first support
- Package peroperty changed
1 <?php
2
3 define(FILEBROWSER_CREATE_DIRECTORY_LISTING, 'create directory listings');
4 define(FILEBROWSER_DELETE_OWN_DIRECTORY_LISTINGS, 'delete own directory listings');
5 define(FILEBROWSER_DELETE_ANY_DIRECTORY_LISTINGS, 'delete any directory listings');
6 define(FILEBROWSER_EDIT_OWN_DIRECTORY_LISTINGS, 'edit own directory listings');
7 define(FILEBROWSER_EDIT_ANY_DIRECORY_LISTINGS, 'edit any directory listings');
8 define(FILEBROWSER_VIEW_DIRECORY_LISTINGS, 'view directory listings');
9 define(FILEBROWSER_UPLOAD, 'upload files');
10 define(FILEBROWSER_DOWNLOAD_ARCHIVE, 'download archive files');
11 define(FILEBROWSER_DOWNLOAD, 'download files');
12
13
14 /**
15 * hook_perm implementation.
16 */
17 function filebrowser_perm() {
18 return array (
19 FILEBROWSER_CREATE_DIRECTORY_LISTING,
20 FILEBROWSER_DELETE_OWN_DIRECTORY_LISTINGS,
21 FILEBROWSER_DELETE_ANY_DIRECTORY_LISTINGS,
22 FILEBROWSER_EDIT_OWN_DIRECTORY_LISTINGS,
23 FILEBROWSER_EDIT_ANY_DIRECORY_LISTINGS,
24 FILEBROWSER_VIEW_DIRECORY_LISTINGS,
25 FILEBROWSER_UPLOAD,
26 FILEBROWSER_DOWNLOAD_ARCHIVE,
27 FILEBROWSER_DOWNLOAD
28 );
29 }
30
31
32 /**
33 * hook_access implementation.
34 */
35 function filebrowser_access($op, $node, $account) {
36 if (!filebrowser_get_no_node_access()) {
37
38 if ($op == 'view') {
39 if (user_access(FILEBROWSER_VIEW_DIRECORY_LISTINGS, $account) && (node_access(FILEBROWSER_VIEW_DIRECORY_LISTINGS, $node))) {
40 return TRUE;
41 }
42 }
43
44 if ($op == 'create') {
45 if (user_access(FILEBROWSER_CREATE_DIRECTORY_LISTING, $account) && (node_access(FILEBROWSER_CREATE_DIRECTORY_LISTING, $node))) {
46 return TRUE;
47 }
48 }
49
50 if ($op == 'update') {
51 if (user_access(FILEBROWSER_EDIT_ANY_DIRECORY_LISTINGS, $account) || (user_access(FILEBROWSER_EDIT_OWN_DIRECTORY_LISTINGS, $account) && ($account->uid == $node->uid))) {
52 return TRUE;
53 }
54 }
55
56 if ($op == 'delete') {
57 if (user_access(FILEBROWSER_DELETE_ANY_DIRECTORY_LISTINGS, $account) || (user_access(FILEBROWSER_DELETE_OWN_DIRECTORY_LISTINGS, $account) && ($account->uid == $node->uid))) {
58 return TRUE;
59 }
60 }
61 }
62 return NULL;
63 }
64
65 /**
66 * hook_db_rewrite_sql implementation.
67 */
68 function filebrowser_db_rewrite_sql($query, $primary_table, $primary_field, $args) {
69 if (!filebrowser_get_no_node_access()) {
70 global $user;
71 if ($primary_table == 'n' && $primary_field == 'nid' && !user_access(FILEBROWSER_VIEW_DIRECORY_LISTINGS, $user)) {
72 $return = array (
73 'where' => "n.type != 'dir_listing'"
74 );
75 return $return;
76 }
77 }
78 }
79
80
81 function _filebrowser_can_download_archive(&$node) {
82 return (node_access('view', $node) && $node->folder_rights->download_archive && user_access(FILEBROWSER_DOWNLOAD_ARCHIVE));
83 }
84
85 function _filebrowser_can_download_file(&$node) {
86 return (node_access('view', $node) && user_access(FILEBROWSER_DOWNLOAD));
87 }
88
89 function _filebrowser_is_filtered(&$node, $file) {
90 return trim($node->folder_rights->filtered_files) == '' || filebrowser_match_path($file, $node->folder_rights->filtered_files);
91 }
92
93 function _filebrowser_is_forbidden(&$node, $file) {
94 return trim($node->folder_rights->forbidden_files) != '' && filebrowser_match_path($file, $node->folder_rights->forbidden_files);
95 }
96
97 function _filebrowser_can_explore_subfolders(&$node) {
98 return $node->folder_rights->explore_subdirs;
99 }
  ViewVC Help
Powered by ViewVC 1.1.2