'; return $output; } #------------------------------------------------------------------- sub canEditPage { my ($isContentManager,%page); tie %page, 'Tie::CPHash'; if ($_[0] ne "") { %page = WebGUI::SQL->quickHash("select ownerId,ownerEdit,worldEdit,groupId,groupEdit from page where pageId=$_[0]"); } else { %page = %{$session{page}}; } $isContentManager = isInGroup(4); if ($page{worldEdit} && $isContentManager) { return 1; } elsif ($session{user}{userId} eq $page{ownerId} && $page{ownerEdit} && $isContentManager) { return 1; } elsif (isInGroup($page{groupId}) && $page{groupEdit} && $isContentManager) { return 1; } elsif (isInGroup(3)) { # admin check return 1; } else { return 0; } } #------------------------------------------------------------------- sub canViewPage { my (%page, $inDateRange); tie %page, 'Tie::CPHash'; if ($_[0] eq "") { %page = %{$session{page}}; } else { %page = WebGUI::SQL->quickHash("select ownerId,ownerView,groupId,groupView,worldView,startDate,endDate from page where pageId=$_[0]"); } if ($page{startDate} < time() && $page{endDate} > time()) { $inDateRange = 1; } if ($page{worldView} && $inDateRange) { return 1; } elsif ($session{user}{userId} eq $page{ownerId} && $page{ownerView} && $inDateRange) { return 1; } elsif (isInGroup($page{groupId}) && $page{groupView} && $inDateRange) { return 1; } elsif (isInGroup(3)) { # admin check return 1; } elsif (canEditPage($_[0])) { return 1; } else { return 0; } } #------------------------------------------------------------------- sub insufficient { if($session{env}{MOD_PERL}) { my $r = Apache->request; if(defined($r)) { $r->custom_response(403, '' ); $r->status(403); } } else { $session{header}{status} = 403; } my ($output); $output = '
'; $output = WebGUI::Macro::process($output); return $output; } #------------------------------------------------------------------- sub isInGroup { my ($gid, $uid, @data, %group, %user); ($gid, $uid) = @_; if ($uid eq "") { $uid = $session{user}{userId}; } ### The "Everyone" group automatically returns true. if ($gid == 7) { return 1; } ### The "Visitor" group returns false, unless the user is visitor. if ($gid == 1) { if ($uid == 1) { return 1; } else { return 0; } } ### The "Registered Users" group returns true if user is not visitor. if ($gid==2 && $uid != 1) { return 1; } ### Lookup the actual grouping. @data = WebGUI::SQL->quickArray("select count(*) from groupings where groupId='$gid' and userId='$uid' and expireDate>".time()); if ($data[0] > 0 && $uid != 1) { return 1; } ### Get data for auxillary checks. tie %group, 'Tie::CPHash'; %group = WebGUI::SQL->quickHash("select karmaThreshold from groups where groupId='$gid'"); ### Check karma levels. if ($session{setting}{useKarma}) { tie %user, 'Tie::CPHash'; %user = WebGUI::SQL->quickHash("select karma from users where userId='$uid'"); if ($user{karma} >= $group{karmaThreshold}) { return 1; } } ### Admins can do anything! if ($gid != 3) { return isInGroup(3, $uid); } return 0; } #------------------------------------------------------------------- sub noAccess { if($session{env}{MOD_PERL}) { my $r = Apache->request; if(defined($r)) { $r->custom_response(403, '' ); $r->status(403); } } else { $session{header}{status} = 403; } my ($output); if ($session{user}{userId} <= 1) { $output = WebGUI::Operation::Account::www_displayAccount(); } else { $output = '
'; } return $output; } #------------------------------------------------------------------- sub notMember { if($session{env}{MOD_PERL}) { my $r = Apache->request; if(defined($r)) { $r->custom_response(403, '' ); $r->status(403); } } else { $session{header}{status} = 403; } my ($output); $output = '
'; return $output; } #------------------------------------------------------------------- sub vitalComponent { my ($output); $output = '
'; return $output; } 1;