Changeset 648 for trunk/include/functions_user.inc.php
- Timestamp:
- Dec 20, 2004, 1:30:36 PM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/functions_user.inc.php
r647 r648 277 277 } 278 278 } 279 280 /** 281 * update table user_forbidden for the given user 282 * 283 * table user_forbidden contains calculated data. Calculation is based on 284 * private categories minus categories authorized to the groups the user 285 * belongs to minus the categories directly authorized to the user 286 * 287 * @param int user_id 288 * @return string forbidden_categories 289 */ 290 function calculate_permissions($user_id) 291 { 292 $private_array = array(); 293 $authorized_array = array(); 294 295 $query = ' 296 SELECT id 297 FROM '.CATEGORIES_TABLE.' 298 WHERE status = \'private\' 299 ;'; 300 $result = pwg_query($query); 301 while ($row = mysql_fetch_array($result)) 302 { 303 array_push($private_array, $row['id']); 304 } 305 306 // retrieve category ids directly authorized to the user 307 $query = ' 308 SELECT cat_id 309 FROM '.USER_ACCESS_TABLE.' 310 WHERE user_id = '.$user_id.' 311 ;'; 312 $result = pwg_query($query); 313 while ($row = mysql_fetch_array($result)) 314 { 315 array_push($authorized_array, $row['cat_id']); 316 } 317 318 // retrieve category ids authorized to the groups the user belongs to 319 $query = ' 320 SELECT cat_id 321 FROM '.USER_GROUP_TABLE.' AS ug INNER JOIN '.GROUP_ACCESS_TABLE.' AS ga 322 ON ug.group_id = ga.group_id 323 WHERE ug.user_id = '.$user_id.' 324 ;'; 325 $result = pwg_query($query); 326 while ($row = mysql_fetch_array($result)) 327 { 328 array_push($authorized_array, $row['cat_id']); 329 } 330 331 // uniquify ids : some private categories might be authorized for the 332 // groups and for the user 333 $authorized_array = array_unique($authorized_array); 334 335 // only unauthorized private categories are forbidden 336 $forbidden_array = array_diff($private_array, $authorized_array); 337 338 $query = ' 339 DELETE FROM '.USER_FORBIDDEN_TABLE.' 340 WHERE user_id = '.$user_id.' 341 ;'; 342 pwg_query($query); 343 344 $forbidden_categories = implode(',', $forbidden_array); 345 346 $query = ' 347 INSERT INTO '.USER_FORBIDDEN_TABLE.' 348 (user_id,need_update,forbidden_categories) 349 VALUES 350 ('.$user_id.',\'false\',\''.$forbidden_categories.'\') 351 ;'; 352 pwg_query($query); 353 354 return $forbidden_categories; 355 } 279 356 ?>
Note: See TracChangeset
for help on using the changeset viewer.