_dba = &$dba; $this->_load($uid); } function canDo($operation, $object) { $ret = FALSE; if (isset($this->_offsets[$object])) { $offset = val_or($this->_offsets[$object], $operation, 0, E_USER_WARNING); $perms = $this->_perms[$object]; $ret = $perms & $offset; } return (bool)$ret; } function &dump() { $html = ""; foreach ($this->_perms as $object => $perms) { $html .= ""; $html .= ""; $html .= ""; foreach ($this->_offsets[$object] as $perm => $offset) { $html .= ""; } $html .= ""; $html .= ""; foreach ($this->_offsets[$object] as $perm => $offset) { $html .= ""; } $html .= ""; $html .= "

Object: $object

$perm
" . (($this->canDo($perm, $object)) ? 'YES' : 'NO') . "

"; } return $html; } function _cacheOffsets($object, $perm_keys) { $perm_keys = explode(',', $perm_keys); foreach ($perm_keys as $bit => $key) { $this->_offsets[$object][$key] = 1 << $bit; } } function _deny($object, $perms) { $old = val_or($this->_perms, $object, 0); $this->_perms[$object] = $old & (~ $perms); } function _grant($object, $perms) { $old = val_or($this->_perms, $object, 0); $this->_perms[$object] = $old | $perms; } function _load($uid) { $sql = "SELECT o.object_name,o.object_perms,p.perm_grant,p.perm_deny"; $sql .= " FROM objects o, perms p, roles r, users_roles u"; $sql .= " WHERE u.user_id=?"; $sql .= " AND u.role_id=r.role_id"; $sql .= " AND p.role_id=r.role_id"; $sql .= " AND o.object_id=p.object_id"; $sql .= " ORDER BY p.perm_level ASC"; $result = &$this->_dba->executeQuery($sql, $uid); $this->_parsePerms($result); } function _parsePerms(&$result) { while ($result->next()) { $object = $result->get('object_name'); $this->_grant($result->get('object_name'), $result->getInt('perm_grant')); $this->_deny($result->get('object_name'), $result->getInt('perm_deny')); $this->_cacheOffsets($result->get('object_name'), $result->get('object_perms')); } } } ?>