add experimental permission system

diff --git a/.gitattributes b/.gitattributes
index e208410f4abf18daf34968919fe94b6178610422..34848f3413e801432e28c7874cf99548dced436c 100644 (file)
--- a/.gitattributes
+++ b/.gitattributes
@@ -2,3 +2,4 @@
 *.tpl text eol=lf
 *.js text eol=lf
 *.css text eol=lf
+*.sql text eol=lf

diff --git a/database.sql b/database.sql
index 55c17b795b7aea04451ddc7456c200b29ad2bd94..3ab267c88ba82f6127658c1da8bda67b8607ceb7 100644 (file)
--- a/database.sql
+++ b/database.sql
@@ -79,12 +79,27 @@ CREATE TABLE IF NOT EXISTS dns_session (
        sessionData TEXT
 ) ENGINE=InnoDB;
 
+CREATE TABLE IF NOT EXISTS dns_permissions (
+       permissionID INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,
+       permission VARCHAR(255) NOT NULL,
+) ENGINE=InnoDB;
+
+CREATE TABLE IF NOT EXISTS dns_permissions_to_user (
+       id INT(10) NOT NULL AUTO_INCREMENT PRIMARY KEY,
+    userID INT(10) NOT NULL,
+       permissionID VARCHAR(255) NOT NULL,
+) ENGINE=InnoDB;
+
+
+
 ALTER TABLE dns_api ADD FOREIGN KEY (userID) REFERENCES dns_user (userID) ON DELETE CASCADE;
 ALTER TABLE dns_sec ADD FOREIGN KEY (zone) REFERENCES dns_soa (id) ON DELETE CASCADE;
 ALTER TABLE dns_rr ADD FOREIGN KEY (zone) REFERENCES dns_soa (id) ON DELETE CASCADE;
 ALTER TABLE dns_soa_to_user ADD FOREIGN KEY (userID) REFERENCES dns_user (userID) ON DELETE CASCADE;
 ALTER TABLE dns_soa_to_user ADD FOREIGN KEY (soaID) REFERENCES dns_soa (id) ON DELETE CASCADE;
 ALTER TABLE dns_template ADD FOREIGN KEY (userID) REFERENCES dns_user (userID) ON DELETE CASCADE;
+ALTER TABLE dns_permissions_to_user ADD FOREIGN KEY (userID) REFERENCES dns_user (userID) ON DELETE CASCADE;
+ALTER TABLE dns_permissions_to_user ADD FOREIGN KEY (permissionID) REFERENCES dns_permissions (id) ON DELETE CASCADE;
 
 INSERT INTO dns_options VALUES (1, 'dns_api_key', '0E2372C5-E5A3-424B-82E5-75AD723A9447');
 INSERT INTO dns_options VALUES (2, 'offline', '0');

diff --git a/lib/system/SessionHandler.class.php b/lib/system/SessionHandler.class.php
index 8404f1a97b108cc91570f1d2d872bf7c717bdb1e..e47ec1105bce16d7beadfc4721f9141555e1dd25 100644 (file)
--- a/lib/system/SessionHandler.class.php
+++ b/lib/system/SessionHandler.class.php
@@ -48,6 +48,30 @@ class SessionHandler {
                }
        }
        
+       /**
+        * Checks if the active user has the given permission
+        *
+        * @return      boolean
+        */
+       public function checkPermission($permission) {
+               
+               /* get permissionID */
+               $sql = "SELECT * FROM dns_permissions where permission = ?";
+               $res = DNS::getDB()->query($sql, array($permission));
+               $data = DNS::getDB()->fetch_array($res);
+               
+               /* get permission from user */
+               $sql = "SELECT * FROM dns_permissions_to_user where userID = ? and permissionID = ?";
+               $res = DNS::getDB()->query($sql, array($this->userID, $data['id']));
+               $row = DNS::getDB()->fetch_array($res);
+               
+               if (isset($row['permission']) && $row['permission'] == $permission) {
+                       return true;
+               }
+               
+               return false;
+       }
+       
        /**
         * Provides access to session data.
         * 
@@ -72,6 +96,17 @@ class SessionHandler {
                return null;
        }
        
+       /**
+        * Unsets a session variable.
+        * 
+        * @param       string          $key
+        */
+       public function unregister($key) {
+               if (isset($this->sessionData[$key])) {
+                       unset($this->sessionData[$key]);
+               }
+       }
+       
        /**
         * Registers a session variable.
         *