# HG changeset patch
# User Dan
# Date 1211686842 14400
# Node ID 63e131c38876fb78533042e1e17446818558fb6b
# Parent  ac4c6a7f01d89171b23e3e1784fc32294ab3b0d6
More work done on effective permissions API, namely reporting of page group and usergroup names

diff -r ac4c6a7f01d8 -r 63e131c38876 includes/constants.php
--- a/includes/constants.php	Fri May 16 12:22:26 2008 -0400
+++ b/includes/constants.php	Sat May 24 23:40:42 2008 -0400
@@ -30,6 +30,7 @@
 define('ACL_TYPE_PRESET', 3);
 
 // ACL inheritance debugging info
+define('ACL_INHERIT_ENANO_DEFAULT', 10);
 define('ACL_INHERIT_GLOBAL_EVERYONE', 9);
 define('ACL_INHERIT_GLOBAL_GROUP', 8);
 define('ACL_INHERIT_GLOBAL_USER', 7);
diff -r ac4c6a7f01d8 -r 63e131c38876 includes/functions.php
--- a/includes/functions.php	Fri May 16 12:22:26 2008 -0400
+++ b/includes/functions.php	Sat May 24 23:40:42 2008 -0400
@@ -276,7 +276,7 @@
   $timestamp = $timestamp + ( $timezone * 60 );
   
   // Let PHP do the work for us =)
-  return date($string, $timestamp);
+  return gmdate($string, $timestamp);
 }
 
 /**
@@ -333,7 +333,7 @@
  * @param string $url The URL, either relative or absolute.
  * @param string $title The title of the message
  * @param string $message A short message to show to the user
- * @param string $timeout Timeout, in seconds, to delay the redirect. Defaults to 3.
+ * @param string $timeout Timeout, in seconds, to delay the redirect. Defaults to 3. If 0, sends a 307 Temporary Redirect.
  */
 
 function redirect($url, $title = 'etc_redirect_title', $message = 'etc_redirect_body', $timeout = 3)
diff -r ac4c6a7f01d8 -r 63e131c38876 includes/sessions.php
--- a/includes/sessions.php	Fri May 16 12:22:26 2008 -0400
+++ b/includes/sessions.php	Sat May 24 23:40:42 2008 -0400
@@ -274,6 +274,24 @@
       USER_LEVEL_GUEST  => RANK_ID_GUEST
     );
   
+  /**
+   * A constant array that maps precedence constants to language strings
+   * @var array
+   */
+  
+  var $acl_inherit_lang_table = array(
+      ACL_INHERIT_ENANO_DEFAULT   => 'acl_inherit_enano_default',
+      ACL_INHERIT_GLOBAL_EVERYONE => 'acl_inherit_global_everyone',
+      ACL_INHERIT_GLOBAL_GROUP    => 'acl_inherit_global_group',
+      ACL_INHERIT_GLOBAL_USER     => 'acl_inherit_global_user',
+      ACL_INHERIT_PG_EVERYONE     => 'acl_inherit_pg_everyone',
+      ACL_INHERIT_PG_GROUP        => 'acl_inherit_pg_group',
+      ACL_INHERIT_PG_USER         => 'acl_inherit_pg_user',
+      ACL_INHERIT_LOCAL_EVERYONE  => 'acl_inherit_local_everyone',
+      ACL_INHERIT_LOCAL_GROUP     => 'acl_inherit_local_group',
+      ACL_INHERIT_LOCAL_USER      => 'acl_inherit_local_user'
+    );
+  
   # Basic functions
    
   /**
@@ -2822,9 +2840,11 @@
       $current_perms =& $base_cache[$user_id_or_name];
       $current_perms['__resolve_table'] = array();
       
-      $bs = 'SELECT rules, target_type, target_id, rule_id, page_id, namespace FROM '.table_prefix.'acl' . "\n"
-             . '  WHERE page_id IS NULL AND namespace IS NULL AND' . "\n"
-             . '  ( ';
+      $bs = 'SELECT rules, target_type, target_id, rule_id, page_id, namespace, g.group_name FROM '.table_prefix."acl AS a\n"
+          . "  LEFT JOIN " . table_prefix . "groups AS g\n"
+          . "    ON ( ( a.target_type = " . ACL_TYPE_GROUP . " AND a.target_id = g.group_id ) OR ( a.target_type != " . ACL_TYPE_GROUP . " ) )\n"
+          . '  WHERE page_id IS NULL AND namespace IS NULL AND' . "\n"
+          . '  ( ';
     
       $q = Array();
       $q[] = '( target_type='.ACL_TYPE_USER.' AND target_id= ' . $user_id . ' )';
@@ -2841,7 +2861,7 @@
       {
         // init the resolver table with blanks
         $current_perms['__resolve_table'][$perm_type] = array(
-            'src' => ACL_INHERIT_GLOBAL_EVERYONE,
+            'src' => ACL_INHERIT_ENANO_DEFAULT,
             'rule_id' => -1
           );
       }
@@ -2858,6 +2878,10 @@
                 'src' => $src,
                 'rule_id' => $row['rule_id']
               );
+            if ( $row['group_name'] )
+            {
+              $current_perms['__resolve_table'][$perm_type]['group_name'] = $row['group_name'];
+            }
           }
           // merge it in
           $current_perms = $this->acl_merge($current_perms, $rules, $is_everyone, $_defaults_used);
@@ -3918,7 +3942,13 @@
     }
     
     // Build a query to grab ACL info
-    $bs = 'SELECT rules,target_type,target_id,page_id,namespace,rule_id FROM '.table_prefix.'acl WHERE ' . "\n"
+    $bs = 'SELECT rules,target_type,target_id,page_id,namespace,rule_id,pg.pg_name,g.group_name FROM '.table_prefix."acl AS a\n"
+        . "  LEFT JOIN " . table_prefix . "page_groups AS pg\n"
+        . "    ON ( ( a.page_id = pg.pg_id AND a.namespace = '__PageGroup' ) OR ( a.namespace != '__PageGroup' ) )\n"
+        . "  LEFT JOIN " . table_prefix . "groups AS g\n"
+        . "    ON ( ( a.target_type = " . ACL_TYPE_GROUP . " AND a.target_id = g.group_id ) OR ( a.target_type != " . ACL_TYPE_GROUP . " ) )\n";
+    
+    $bs .= '  WHERE ' . "\n"
           . '  ( ';
     $q = Array();
     $q[] = '( target_type='.ACL_TYPE_USER.' AND target_id='.$this->user_id.' )';
@@ -3933,6 +3963,7 @@
     // permissions to override group permissions.
     $bs .= implode(" OR\n    ", $q) . ' ) AND (' . $pg_info . ' ( page_id=\''.$db->escape($page_id).'\' AND namespace=\''.$db->escape($namespace).'\' ) )     
       ORDER BY target_type ASC, page_id ASC, namespace ASC;';
+      
     $q = $session->sql($bs);
     if ( $row = $db->fetchrow() )
     {
@@ -3943,11 +3974,16 @@
         if ( $row['namespace'] == '__PageGroup' )
         {
           $src = ( $is_everyone ) ? ACL_INHERIT_PG_EVERYONE : ( $row['target_type'] == ACL_TYPE_GROUP ? ACL_INHERIT_PG_GROUP : ACL_INHERIT_PG_USER );
+          $pg_name = $row['pg_name'];
         }
         else
         {
           $src = ( $is_everyone ) ? ACL_INHERIT_LOCAL_EVERYONE : ( $row['target_type'] == ACL_TYPE_GROUP ? ACL_INHERIT_LOCAL_GROUP : ACL_INHERIT_LOCAL_USER );
         }
+        if ( $row['group_name'] )
+        {
+          $group_name = $row['group_name'];
+        }
         foreach ( $rules as $perm_type => $perm_value )
         {
           if ( $this->perms[$perm_type] == AUTH_DENY )
@@ -3957,6 +3993,14 @@
               'src' => $src,
               'rule_id' => $row['rule_id']
             );
+          if ( isset($pg_name) )
+          {
+            $this->perm_resolve_table[$perm_type]['pg_name'] = $pg_name;
+          }
+          if ( isset($group_name) )
+          {
+            $this->perm_resolve_table[$perm_type]['group_name'] = $group_name;
+          }
         }
         $this->acl_merge_with_current($rules, $is_everyone);
       } while ( $row = $db->fetchrow() );
diff -r ac4c6a7f01d8 -r 63e131c38876 language/english/admin.json
--- a/language/english/admin.json	Fri May 16 12:22:26 2008 -0400
+++ b/language/english/admin.json	Sat May 24 23:40:42 2008 -0400
@@ -166,6 +166,17 @@
       btn_returnto_userscope: 'Return to user/scope selection',
       btn_show_existing: '» View existing rules',
       btn_close: 'Close ACL wizard',
+      
+      inherit_enano_default: 'Enano defaults',
+      inherit_global_everyone: 'Rule for everyone on the entire site',
+      inherit_global_group: 'Rule for the group "%group_name%" on the entire site',
+      inherit_global_user: 'Rule for this user on the entire site',
+      inherit_pg_everyone: 'Rule for everyone in the page group "%pg_name"',
+      inherit_pg_group: 'Rule for the group "%group_name%" in the page group "%pg_name%"',
+      inherit_pg_user: 'Rule for this user in the page group "%pg_name%"',
+      inherit_local_everyone: 'Rule for everyone on this page',
+      inherit_local_group: 'Rule for the group "%group_name%" on this page',
+      inherit_local_user: 'Rule for this user on this page',
     },
     acphome: {
       heading_main: 'Welcome to Runt, the Enano administration panel.',