1<?php 2 3namespace dokuwiki\plugin\bez\mdl; 4 5//ACL level defines 6define('BEZ_AUTH_NONE', 0); 7define('BEZ_AUTH_VIEWER', 2); 8define('BEZ_AUTH_USER', 5); 9define('BEZ_AUTH_LEADER', 10); 10define('BEZ_AUTH_ADMIN', 20); 11 12define('BEZ_PERMISSION_UNKNOWN', -1); 13define('BEZ_PERMISSION_NONE', 0); 14define('BEZ_PERMISSION_VIEW', 1); 15define('BEZ_PERMISSION_CHANGE', 2); 16define('BEZ_PERMISSION_DELETE', 3); 17 18 19class Model { 20 /** @var \helper_plugin_sqlite */ 21 protected $sqlite; 22 23 /** @var \SQLite3 */ 24 protected $db; 25 26 protected $level = BEZ_AUTH_NONE; 27 28 protected $dw_auth, $user_nick, $action, $conf; 29 30 /** @var ThreadFactory */ 31 protected $threadFactory; 32 33 /** @var UserFactory */ 34 protected $userFactory; 35 36 /** @var LabelFactory */ 37 protected $labelFactory; 38 39 /** @var Thread_commentFactory */ 40 protected $thread_commentFactory; 41 42 /** @var TaskFactory */ 43 protected $taskFactory; 44 45 /** @var Task_programFactory */ 46 protected $task_programFactory; 47 48 /** @var Task_commentFactory */ 49 protected $task_commentFactory; 50 51 /** @var Authentication_tokenFactory */ 52 protected $authentication_tokenFactory; 53 54 /** @var SubscriptionFactory */ 55 protected $subscriptionFactory; 56 57 public function __get($property) { 58 $models = array('userFactory', 'threadFactory', 'labelFactory', 'thread_commentFactory', 'taskFactory', 'task_programFactory', 'task_commentFactory', 'authentication_tokenFactory', 'subscriptionFactory'); 59 if (in_array($property, $models) || 60 in_array($property, array('sqlite', 'db', 'acl', 'dw_auth', 'user_nick', 'action', 'conf'))) { 61 return $this->$property; 62 } 63 } 64 65 public function factory($table) { 66 $prop = $table . 'Factory'; 67 68 return $this->$prop; 69 } 70 71 protected function update_level($level) { 72 if ($level > $this->level) { 73 $this->level = $level; 74 } 75 } 76 77 public function get_level() { 78 return $this->level; 79 } 80 81 public function __construct($dw_auth, $user_nick, $action, $skip_acl=false) { 82 $this->dw_auth = $dw_auth; 83 $this->user_nick = $user_nick; 84 $this->action = $action; 85 $this->conf = $action->getGlobalConf(); 86 87 $this->db_helper = plugin_load('helper', 'bez_db'); 88 89 $this->sqlite = $this->db_helper->getDB(); 90 $this->db = $this->sqlite->getAdapter()->getPdo(); 91 $this->db->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION); 92 $busy_timeout = 1000 * (int)$this->action->getConf('busy_timeout'); 93 $this->db->exec("PRAGMA busy_timeout = $busy_timeout"); 94 95 $this->userFactory = new UserFactory($this); 96 97 $this->threadFactory = new ThreadFactory($this); 98 99 $this->labelFactory = new LabelFactory($this); 100 101 $this->thread_commentFactory = new Thread_commentFactory($this); 102 103 $this->taskFactory = new TaskFactory($this); 104 105 $this->task_programFactory = new Task_programFactory($this); 106 107 $this->task_commentFactory = new Task_commentFactory($this); 108 109 $this->authentication_tokenFactory = new Authentication_tokenFactory($this); 110 111 $this->subscriptionFactory = new SubscriptionFactory($this); 112 113 if ($skip_acl) { 114 $this->update_level(BEZ_AUTH_ADMIN); 115 } else { 116 $userd = $this->dw_auth->getUserData($this->user_nick); 117 if ($userd !== false && is_array($userd['grps'])) { 118 $grps = $userd['grps']; 119 if (in_array('admin', $grps ) || in_array('bez_admin', $grps )) { 120 $this->update_level(BEZ_AUTH_ADMIN); 121 } elseif (in_array('bez_leader', $grps )) { 122 $this->update_level(BEZ_AUTH_LEADER); 123 } else { 124 $this->update_level(BEZ_AUTH_USER); 125 } 126 } elseif (isset($_GET['t'])) { 127 $page_id = $this->action->id(); 128 129 $user_tok = trim($_GET['t']); 130 if ($this->authentication_tokenFactory->get_token($page_id) == $user_tok) { 131 $this->update_level(BEZ_AUTH_VIEWER); 132 } 133 } 134 } 135 } 136} 137