Skip to content

Commit

Permalink
Fix permissions #136
Browse files Browse the repository at this point in the history
  • Loading branch information
@adaur
adaur committed Jul 10, 2016
1 parent de61af2 commit deaec80
Show file tree
Hide file tree
Showing 10 changed files with 44 additions and 82 deletions.
10 changes: 5 additions & 5 deletions featherbb/Core/Database.php
View file
Expand Up @@ -430,7 +430,7 @@ public static function get_last_statement()
}

/**
* Internal helper method for executing statments. Logs queries, and
* Internal helper method for executing statements. Logs queries, and
* stores statement object in ::_last_statment, accessible publicly
* through ::get_last_statement()
* @param string $query
Expand Down Expand Up @@ -1146,31 +1146,31 @@ public function join($table, $constraint, $table_alias = null, $no_escape_second
}

/**
* Add an INNER JOIN souce to the query
* Add an INNER JOIN source to the query
*/
public function inner_join($table, $constraint, $table_alias = null, $no_escape_second_col = false)
{
return $this->_add_join_source("INNER", $table, $constraint, $table_alias, $no_escape_second_col);
}

/**
* Add a LEFT OUTER JOIN souce to the query
* Add a LEFT OUTER JOIN source to the query
*/
public function left_outer_join($table, $constraint, $table_alias = null, $no_escape_second_col = false)
{
return $this->_add_join_source("LEFT OUTER", $table, $constraint, $table_alias, $no_escape_second_col);
}

/**
* Add an RIGHT OUTER JOIN souce to the query
* Add an RIGHT OUTER JOIN source to the query
*/
public function right_outer_join($table, $constraint, $table_alias = null, $no_escape_second_col = false)
{
return $this->_add_join_source("RIGHT OUTER", $table, $constraint, $table_alias, $no_escape_second_col);
}

/**
* Add an FULL OUTER JOIN souce to the query
* Add an FULL OUTER JOIN source to the query
*/
public function full_outer_join($table, $constraint, $table_alias = null, $no_escape_second_col = false)
{
Expand Down
2 changes: 1 addition & 1 deletion featherbb/Model/Admin/Forums.php
View file
Expand Up @@ -139,7 +139,7 @@ public function get_permissions($forum_id)
$permissions = DB::for_table('groups')
->table_alias('g')
->select_many($select_permissions)
->left_outer_join('forum_perms', 'g.g_id=fp.group_id AND fp.forum_id='.$forum_id, 'fp') // Workaround
->left_outer_join('forum_perms', 'g.g_id=fp.group_id AND fp.forum_id='.$forum_id, 'fp')
->where_not_equal('g.g_id', ForumEnv::get('FEATHER_ADMIN'))
->order_by_asc('g.g_id');
$permissions = Container::get('hooks')->fireDB('model.admin.forums.get_permissions_query', $permissions);
Expand Down
6 changes: 2 additions & 4 deletions featherbb/Model/Api/Post.php
View file
Expand Up @@ -87,8 +87,7 @@ public function get_info_edit($id)
->select_many($cur_post['select'])
->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')
->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.$this->user->g_id, 'fp')
->where_any_is($cur_post['where'])
->where('p.id', $id);

Expand Down Expand Up @@ -116,8 +115,7 @@ public function get_info_delete($id)
->select_many($query['select'])
->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')
->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.$this->user->g_id, 'fp')
->where_any_is($query['where'])
->where('p.id', $id);

Expand Down
12 changes: 4 additions & 8 deletions featherbb/Model/Api/Topic.php
View file
Expand Up @@ -54,10 +54,8 @@ public function get_info_post($tid, $fid)
->table_alias('t')
->select_many($cur_posting['select'])
->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)
->left_outer_join('topic_subscriptions', array('t.id', '=', 's.topic_id'), 's')
->left_outer_join('topic_subscriptions', array('s.user_id', '=', $this->user->id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.$this->user->g_id, 'fp')
->left_outer_join('topic_subscriptions', 't.id=s.topic_id AND s.user_id='.$this->user->id, 's')
->where_any_is($cur_posting['where'])
->where('t.id', $tid);

Expand All @@ -67,8 +65,7 @@ public function get_info_post($tid, $fid)
$cur_posting = DB::for_table('forums')
->table_alias('f')
->select_many($cur_posting['select'])
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', $this->user->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.$this->user->g_id, 'fp')
->where_any_is($cur_posting['where'])
->where('f.id', $fid);
}
Expand Down Expand Up @@ -333,8 +330,7 @@ public function send_notifications_new_topic($post, $cur_posting, $new_tid)
->table_alias('u')
->select_many($result['select'])
->inner_join('forum_subscriptions', array('u.id', '=', 's.user_id'), 's')
->left_outer_join('forum_perms', array('fp.forum_id', '=', $cur_posting['id']), 'fp', true)
->left_outer_join('forum_perms', array('fp.group_id', '=', 'u.group_id'))
->left_outer_join('forum_perms', 'fp.forum_id='.$cur_posting['id'].' AND fp.group_id=u.group_id', 'fp')
->left_outer_join('bans', array('u.username', '=', 'b.username'), 'b')
->where_null('b.username')
->where_any_is($result['where'])
Expand Down
3 changes: 1 addition & 2 deletions featherbb/Model/Cache.php
View file
Expand Up @@ -103,8 +103,7 @@ public static function get_quickjump()
->table_alias('c')
->select_many($select_quickjump)
->inner_join('forums', array('c.id', '=', 'f.cat_id'), 'f')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', $item['g_id']), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.$item['g_id'], 'fp')
->where_any_is($where_quickjump)
->where_null('f.redirect_url')
->order_by_many($order_by_quickjump)
Expand Down
12 changes: 4 additions & 8 deletions featherbb/Model/Forum.php
View file
Expand Up @@ -32,10 +32,8 @@ public function get_forum_info($id)

$cur_forum = DB::for_table('forums')->table_alias('f')
->select_many($cur_forum['select'])
->left_outer_join('forum_subscriptions', array('f.id', '=', 's.forum_id'), 's')
->left_outer_join('forum_subscriptions', array('s.user_id', '=', User::get()->id), null, true)
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_subscriptions', 'f.id=s.forum_id AND s.user_id='.User::get()->g_id, 's')
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->where_any_is($cur_forum['where'])
->where('f.id', $id);
} else {
Expand All @@ -44,8 +42,7 @@ public function get_forum_info($id)
$cur_forum = DB::for_table('forums')->table_alias('f')
->select_many($cur_forum['select'])
->select_expr(0, 'is_subscribed')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->where_any_is($cur_forum['where'])
->where('f.id', $id);
}
Expand Down Expand Up @@ -477,8 +474,7 @@ public function subscribe($forum_id)

$authorized = DB::for_table('forums')
->table_alias('f')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->where_any_is($authorized['where'])
->where('f.id', $forum_id);
$authorized = Container::get('hooks')->fireDB('model.forum.subscribe_forum_authorized_query', $authorized);
Expand Down
6 changes: 2 additions & 4 deletions featherbb/Model/Index.php
View file
Expand Up @@ -47,8 +47,7 @@ protected function get_new_posts()
$query = DB::for_table('forums')
->table_alias('f')
->select_many($query['select'])
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->where_any_is($query['where'])
->where_gt('f.last_post', User::get()->last_visit);

Expand Down Expand Up @@ -116,8 +115,7 @@ public function print_categories_forums()
->select_many($query['select'])
->inner_join('forums', array('c.id', '=', 'f.cat_id'), 'f')
->left_outer_join('topics', array('t.last_post_id', '=', 'f.last_post_id'), 't')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->where_any_is($query['where'])
->where_null('t.moved_to')
->order_by_many($query['order_by']);
Expand Down
21 changes: 7 additions & 14 deletions featherbb/Model/Post.php
View file
Expand Up @@ -34,8 +34,7 @@ public function get_info_post($tid, $fid)
->table_alias('t')
->select_many($cur_posting['select'])
->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->left_outer_join('topic_subscriptions', array('t.id', '=', 's.topic_id'), 's')
->left_outer_join('topic_subscriptions', array('s.user_id', '=', User::get()->id), null, true)
->where_any_is($cur_posting['where'])
Expand All @@ -47,8 +46,7 @@ public function get_info_post($tid, $fid)
$cur_posting = DB::for_table('forums')
->table_alias('f')
->select_many($cur_posting['select'])
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->where_any_is($cur_posting['where'])
->where('f.id', $fid);
}
Expand Down Expand Up @@ -81,8 +79,7 @@ public function get_info_edit($id)
->select_many($cur_post['select'])
->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')
->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->where_any_is($cur_post['where'])
->where('p.id', $id);

Expand Down Expand Up @@ -359,8 +356,7 @@ public function get_info_delete($id)
->select_many($query['select'])
->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')
->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->where_any_is($query['where'])
->where('p.id', $id);

Expand Down Expand Up @@ -642,8 +638,7 @@ public function get_info_report($post_id)
->select_many($cur_post['select'])
->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')
->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')
->left_outer_join('forum_perms', array('fp.forum_id', '=', 'f.id'), 'fp')
->left_outer_join('forum_perms', array('fp.group_id', '=', User::get()->g_id), null, true)
->left_outer_join('forum_perms', 'fp.forum_id=f.id AND fp.group_id='.User::get()->g_id, 'fp')
->where_any_is($cur_post['where'])
->where('p.id', $post_id);
$cur_post = Container::get('hooks')->fireDB('model.post.get_info_report_query', $cur_post);
Expand Down Expand Up @@ -790,8 +785,7 @@ public static function send_notifications_reply($tid, $cur_posting, $new_pid, $p
->table_alias('u')
->select_many($result['select'])
->inner_join('topic_subscriptions', array('u.id', '=', 's.user_id'), 's')
->left_outer_join('forum_perms', array('fp.forum_id', '=', $cur_posting['id']), 'fp', true)
->left_outer_join('forum_perms', array('fp.group_id', '=', 'u.group_id'))
->left_outer_join('forum_perms', 'fp.forum_id='.$cur_posting['id'].' AND fp.group_id=u.group_id', 'fp')
->left_outer_join('online', array('u.id', '=', 'o.user_id'), 'o')
->left_outer_join('bans', array('u.username', '=', 'b.username'), 'b')
->where_raw('COALESCE(o.logged, u.last_visit)>'.$previous_post_time)
Expand Down Expand Up @@ -1002,8 +996,7 @@ public function send_notifications_new_topic($post, $cur_posting, $new_tid)
->table_alias('u')
->select_many($result['select'])
->inner_join('forum_subscriptions', array('u.id', '=', 's.user_id'), 's')
->left_outer_join('forum_perms', array('fp.forum_id', '=', $cur_posting['id']), 'fp', true)
->left_outer_join('forum_perms', array('fp.group_id', '=', 'u.group_id'))
->left_outer_join('forum_perms', 'fp.forum_id='.$cur_posting['id'].' AND fp.group_id=u.group_id', 'fp')
->left_outer_join('bans', array('u.username', '=', 'b.username'), 'b')
->where_null('b.username')
->where_any_is($result['where'])
Expand Down

0 comments on commit deaec80

Please sign in to comment.