--- /dev/null
+<?php
+// $Id: ACSAccessControl.class.php,v 1.17 2006/11/20 08:44:02 w-ota Exp $
+
+
+/*
+ * ¥¢¥¯¥»¥¹À©¸æ¥¯¥é¥¹
+ */
+class ACSAccessControl {
+
+ /**
+ * ¸ø³«ÈϰϤÎÇÛÎó¤ò¼èÆÀ¤¹¤ë
+ *
+ * @param ¥³¥ß¥å¥Ë¥Æ¥£¼ïÊÌ̾
+ * @param ¥³¥ó¥Æ¥ó¥Ä¼ïÊÌ̾
+ * @return ÀßÄê²Äǽ¤Ê¸ø³«ÈϰϤÎÇÛÎó (Ï¢ÁÛÇÛÎó¤ÎÇÛÎó)
+ */
+ static function get_open_level_master_row_array($community_type_name, $contents_type_name) {
+ $community_type_name = pg_escape_string($community_type_name);
+ $contents_type_name = pg_escape_string($contents_type_name);
+
+ $sql = "SELECT open_level_list.open_level_code, open_level_master.open_level_name, open_level_list.is_default";
+ $sql .= " FROM open_level_list, open_level_master, community_type_master, contents_type_master";
+ $sql .= " WHERE open_level_list.community_type_code = community_type_master.community_type_code";
+ $sql .= " AND open_level_list.contents_type_code = contents_type_master.contents_type_code";
+ $sql .= " AND community_type_master.community_type_name = '$community_type_name'";
+ $sql .= " AND contents_type_master.contents_type_name = '$contents_type_name'";
+ $sql .= " AND open_level_list.open_level_code = open_level_master.open_level_code";
+ $sql .= " ORDER BY open_level_list.display_order ASC";
+
+ $row_array = ACSDB::_get_row_array($sql);
+
+ // set true or false
+ foreach ($row_array as $index => $row) {
+ if ($row['is_default'] == 't') {
+ $row_array[$index]['is_default'] = true;
+ } else {
+ $row_array[$index]['is_default'] = false;
+ }
+ }
+
+ return $row_array;
+ }
+
+ /**
+ * ¸ø³«¥ì¥Ù¥ë¥Þ¥¹¥¿¤ÎÇÛÎó¤ò¼èÆÀ¤¹¤ë
+ *
+ * @param $open_level_code ¸ø³«¥ì¥Ù¥ë¥³¡¼¥É
+ * @return ¸ø³«¥ì¥Ù¥ë¥Þ¥¹¥¿¤ÎÇÛÎó
+ */
+ static function get_open_level_master_row($open_level_code) {
+ $open_level_code = pg_escape_string($open_level_code);
+
+ $sql = "SELECT *";
+ $sql .= " FROM open_level_master";
+ $sql .= " WHERE open_level_master.open_level_code = '$open_level_code'";
+
+ $row = ACSDB::_get_row($sql);
+ return $row;
+ }
+
+ /**
+ * ¥Ç¥Õ¥©¥ë¥È¤Îopen_level_code¤ò¼èÆÀ¤¹¤ë
+ *
+ * @param $community_type_code ¥³¥ß¥å¥Ë¥Æ¥£¼ïÊÌ¥³¡¼¥É
+ * @param $contents_type_code ¥³¥ó¥Æ¥ó¥Ä¼ïÊÌ¥³¡¼¥É
+ * @return $open_level_code ¸ø³«¥ì¥Ù¥ë¥³¡¼¥É
+ */
+ static function get_default_open_level_code($community_type_name, $contents_type_name) {
+ $community_type_name = pg_escape_string($community_type_name);
+ $contents_type_name = pg_escape_string($contents_type_name);
+
+ $sql = "SELECT open_level_list.open_level_code";
+ $sql .= " FROM open_level_list, community_type_master, contents_type_master";
+ $sql .= " WHERE open_level_list.community_type_code = community_type_master.community_type_code";
+ $sql .= " AND community_type_master.community_type_name = '$community_type_name'";
+ $sql .= " AND open_level_list.contents_type_code = contents_type_master.contents_type_code";
+ $sql .= " AND contents_type_master.contents_type_name = '$contents_type_name'";
+ $sql .= " AND open_level_list.is_default = 't'";
+
+ $value = ACSDB::_get_value($sql);
+ return $value;
+ }
+
+
+ /**
+ * ¥Þ¥¤¥Ú¡¼¥¸Æ⥳¥ó¥Æ¥ó¥Ä¤Î¥¢¥¯¥»¥¹»þ¤Ë¤ª¤±¤ërole_array¤ò¼èÆÀ¤¹¤ë
+ *
+ * @param $acs_user_info_row ¥¢¥¯¥»¥¹¼Ô¤Î¥æ¡¼¥¶¾ðÊó
+ * @param $target_user_info_row ¥¢¥¯¥»¥¹ÂоݤΥ桼¥¶¾ðÊó
+ * @return role_array (Ï¢ÁÛÇÛÎó)
+ */
+ static function get_user_community_role_array($acs_user_info_row, $target_user_info_row) {
+ $role_array = array('public' => false, 'user' => false, 'member' => false, 'administrator' => false, 'system_administrator' => false);
+
+ // (1) °ìÈ̥桼¥¶(³°Éô¥æ¡¼¥¶)¤«¤É¤¦¤«
+ if (!$acs_user_info_row['is_acs_user']) {
+ $role_array['public'] = true;
+
+ } else {
+ // (2) ¥í¥°¥¤¥ó¥æ¡¼¥¶¤«¤É¤¦¤«
+ $role_array['user'] = true;
+
+ // (3) ͧ¿Í¤«¤É¤¦¤«
+ if (ACSUser::is_in_friends_id_array($acs_user_info_row, $target_user_info_row['user_community_id'])) {
+ $role_array['member'] = true;
+ }
+
+ // (4) Ëܿͤ«¤É¤¦¤«
+ if ($acs_user_info_row['user_id'] == $target_user_info_row['user_id']) {
+ $role_array['administrator'] = true;
+ }
+
+ // (5) ¥·¥¹¥Æ¥à´ÉÍý¼Ô¤«¤É¤¦¤«
+ if (ACSAccessControl::is_system_administrator($acs_user_info_row)) {
+ $role_array['system_administrator'] = true;
+ }
+ }
+
+ return $role_array;
+ }
+
+ /**
+ * ¥Þ¥¤¥Ú¡¼¥¸(¥æ¡¼¥¶¥³¥ß¥å¥Ë¥Æ¥£)¤Î¥³¥ó¥Æ¥ó¥Ä¤Ë¥¢¥¯¥»¥¹²Äǽ¤«¤É¤¦¤«
+ *
+ * @param $role_array ¥¢¥¯¥»¥¹¼Ô¤Îrole_array
+ * @param $row ¥¢¥¯¥»¥¹ÂоݤȤʤë¥Ç¡¼¥¿
+ * @return ¥¢¥¯¥»¥¹²Ä(true)/¥¢¥¯¥»¥¹ÉÔ²Ä(false)
+ */
+ static function is_valid_user_for_user_community($acs_user_info_row, $role_array, $row) {
+ $ret = false;
+
+ foreach ($role_array as $role_key => $role_value) {
+ if (ACSLib::get_boolean($row["open_for_{$role_key}"]) && $role_value) {
+ if ($role_key == 'member') {
+ // ¥Þ¥¤¥Õ¥ì¥ó¥º or ¥Þ¥¤¥Õ¥ì¥ó¥º¥°¥ë¡¼¥×¸¡º÷
+ $trusted_community_id_array = array();
+ foreach ($row['trusted_community_row_array'] as $trusted_community_row) {
+ if (ACSCommunity::is_community_member($acs_user_info_row['user_community_id'], $trusted_community_row['community_id'])) {
+ $ret = true;
+ break;
+ }
+ }
+ } else {
+ $ret = true;
+ break;
+ }
+ }
+ }
+
+ return $ret;
+ }
+
+ /**
+ * role_array¤Ë±þ¤¸¤Ærow_array¤ò¼èÆÀ¤¹¤ë (¥æ¡¼¥¶¥³¥ß¥å¥Ë¥Æ¥£)
+ *
+ * @param $acs_user_info_row ¥¢¥¯¥»¥¹¼Ô¤Î¥æ¡¼¥¶¾ðÊó
+ * @param $role_array ¥¢¥¯¥»¥¹¼Ô¤Îrole_array
+ * @param $row_array ¥¢¥¯¥»¥¹ÂоݤȤʤë¥Ç¡¼¥¿ (Ï¢ÁÛÇÛÎó¤ÎÇÛÎó)
+ * @return row_array
+ */
+ static function get_valid_row_array_for_user_community($acs_user_info_row, $role_array, $row_array) {
+ $new_row_array = array();
+ foreach ($row_array as $row) {
+ if (ACSAccessControl::is_valid_user_for_user_community($acs_user_info_row, $role_array, $row)) {
+ array_push($new_row_array, $row);
+ }
+ }
+ return $new_row_array;
+ }
+
+ /**
+ * role_array¤Ë±þ¤¸¤Æobj_row_array¤ò¼èÆÀ¤¹¤ë (¥æ¡¼¥¶¥³¥ß¥å¥Ë¥Æ¥£)
+ *
+ * @param $acs_user_info_row ¥¢¥¯¥»¥¹¼Ô¤Î¥æ¡¼¥¶¾ðÊó
+ * @param $role_array ¥¢¥¯¥»¥¹¼Ô¤Îrole_array
+ * @param $obj_row_array ¥¢¥¯¥»¥¹ÂоݤȤʤë¥Ç¡¼¥¿ (¥ª¥Ö¥¸¥§¥¯¥È¤ÎÇÛÎó)
+ * @return ¥¢¥¯¥»¥¹²Äǽ¤Ê¥Ç¡¼¥¿(¥ª¥Ö¥¸¥§¥¯¥È¤ÎÇÛÎó)
+ */
+ static function get_valid_obj_row_array_for_user_community($acs_user_info_row, $role_array, $obj_array) {
+ $new_obj_array = array();
+
+ /* ¸ø³«ÈÏ°Ï¥Þ¥¹¥¿¼èÆÀ */
+ $open_level_master_row_array = ACSAccessControl::get_all_open_level_master_row_array();
+
+ foreach ($obj_array as $obj) {
+ $open_level_code = $obj->get_open_level_code();
+
+ // obj -> row ¤ËÊÑ´¹
+ $row['open_level_code'] = $open_level_code;
+ $row['open_for_public'] = $open_level_master_row_array[$open_level_code]['open_for_public'];
+ $row['open_for_user'] = $open_level_master_row_array[$open_level_code]['open_for_user'];
+ $row['open_for_member'] = $open_level_master_row_array[$open_level_code]['open_for_member'];
+ $row['open_for_administrator'] = $open_level_master_row_array[$open_level_code]['open_for_administrator'];
+ $row['open_for_system_administrator'] = $open_level_master_row_array[$open_level_code]['open_for_system_administrator'];
+ $row['trusted_community_row_array'] = $obj->get_trusted_community_row_array();
+
+ if (ACSAccessControl::is_valid_user_for_user_community($acs_user_info_row, $role_array, $row)) {
+ array_push($new_obj_array, $obj);
+ }
+ }
+ return $new_obj_array;
+ }
+
+ /**
+ * ¸ø³«ÈÏ°Ï¥Þ¥¹¥¿¼èÆÀ
+ *
+ * @return open_level_code ¤ò¥¡¼¤Ë¤·¤¿ÇÛÎó
+ */
+ static function get_all_open_level_master_row_array () {
+ $sql = "SELECT *";
+ $sql .= " FROM open_level_master";
+
+ $row_array = ACSDB::_get_row_array($sql);
+
+ // set true or false
+ $role_array = array('public', 'user', 'member', 'administrator');
+ foreach ($row_array as $index => $row) {
+ $open_level_code = $row['open_level_code'];
+ $new_row_array[$open_level_code]['open_level_name'] = $row['open_level_name'];
+ foreach ($role_array as $role_key) {
+ $new_row_array[$open_level_code]["open_for_{$role_key}"] = $row["open_for_{$role_key}"];
+ }
+ }
+ return $new_row_array;
+ }
+
+ /**
+ * role_array¤Ë±þ¤¸¤Ærow¤ò¼èÆÀ¤¹¤ë (¥æ¡¼¥¶¥³¥ß¥å¥Ë¥Æ¥£)
+ *
+ * @param $acs_user_info_row ¥¢¥¯¥»¥¹¼Ô¤Î¥æ¡¼¥¶¾ðÊó
+ * @param $role_array ¥¢¥¯¥»¥¹¼Ô¤Îrole_array
+ * @param $row ¥¢¥¯¥»¥¹ÂоݤȤʤë¥Ç¡¼¥¿ (Ï¢ÁÛÇÛÎó)
+ * @return row
+ */
+ static function get_valid_row_for_user_community($acs_user_info_row, $role_array, $row) {
+ $new_row = array();
+ if (count($row)) {
+ $new_row = null;
+ if (ACSAccessControl::is_valid_user_for_user_community($acs_user_info_row, $role_array, $row)) {
+ $new_row = $row;
+ }
+ }
+ return $new_row;
+ }
+
+
+ /**
+ * ¥³¥ß¥å¥Ë¥Æ¥£Æ⥳¥ó¥Æ¥ó¥Ä¤Î¥¢¥¯¥»¥¹»þ¤Ë¤ª¤±¤ërole_array¤ò¼èÆÀ¤¹¤ë
+ *
+ * @param $acs_user_info_row ¥¢¥¯¥»¥¹¼Ô¤Î¥æ¡¼¥¶¾ðÊó
+ * @param $target_community_row ¥¢¥¯¥»¥¹ÂоݤΥ³¥ß¥å¥Ë¥Æ¥£¾ðÊó
+ * @return role_array (Ï¢ÁÛÇÛÎó)
+ */
+ static function get_community_role_array($acs_user_info_row, $target_community_row) {
+ $role_array = array('public' => false, 'user' => false, 'member' => false, 'administrator' => false, 'system_administrator' => false);
+
+ // (1) °ìÈ̥桼¥¶(³°Éô¥æ¡¼¥¶)¤«¤É¤¦¤«
+ if (!$acs_user_info_row['is_acs_user']) {
+ $role_array['public'] = true;
+
+ } else {
+ // (2) ¥í¥°¥¤¥ó¥æ¡¼¥¶¤«¤É¤¦¤«
+ $role_array['user'] = true;
+
+ // (3) ¥³¥ß¥å¥Ë¥Æ¥£¥á¥ó¥Ð¤«¤É¤¦¤«
+ if (ACSCommunity::is_community_member($acs_user_info_row['user_community_id'], $target_community_row['community_id'])) {
+ $role_array['member'] = true;
+ }
+
+ // (4) ¥³¥ß¥å¥Ë¥Æ¥£´ÉÍý¼Ô¤«¤É¤¦¤«
+ if (ACSCommunity::is_community_admin($acs_user_info_row['user_community_id'], $target_community_row['community_id'])) {
+ $role_array['administrator'] = true;
+ }
+
+ // (5) ¥·¥¹¥Æ¥à´ÉÍý¼Ô¤«¤É¤¦¤«
+ if (ACSAccessControl::is_system_administrator($acs_user_info_row)) {
+ $role_array['administrator'] = true;
+ }
+ }
+
+ return $role_array;
+ }
+
+ /**
+ * ¥³¥ß¥å¥Ë¥Æ¥£¤Î¥³¥ó¥Æ¥ó¥Ä¤Ë¥¢¥¯¥»¥¹²Äǽ¤«¤É¤¦¤«
+ *
+ * @param $acs_user_info_row ¥¢¥¯¥»¥¹¼Ô¤Î¥æ¡¼¥¶¾ðÊó
+ * @param $role_array ¥¢¥¯¥»¥¹¼Ô¤Îrole_array
+ * @param $row ¥¢¥¯¥»¥¹ÂоݤȤʤë¥Ç¡¼¥¿ (Ï¢ÁÛÇÛÎó)
+ * @return ¥¢¥¯¥»¥¹²Ä(true)/¥¢¥¯¥»¥¹ÉÔ²Ä(false)
+ */
+ static function is_valid_user_for_community($acs_user_info_row, $role_array, $row) {
+ $ret = false;
+
+ // ¥³¥ß¥å¥Ë¥Æ¥£¥á¥ó¥Ð¡¢¥·¥¹¥Æ¥à´ÉÍý¼Ô°Ê³°¤Î¾ì¹ç
+ // ¥³¥ß¥å¥Ë¥Æ¥£Á´ÂΤθø³«ÈϰϤò¥Á¥§¥Ã¥¯
+ if (!ACSCommunity::is_community_member($acs_user_info_row['user_community_id'], $row['community_id']) && !ACSAccessControl::is_system_administrator($acs_user_info_row)) {
+ $community_self_info_row = ACSCommunity::get_contents_row($row['community_id'], ACSMsg::get_mst('contents_type_master','D00'));
+ if ($community_self_info_row['open_level_name'] == ACSMsg::get_mst('open_level_master','D03')) {
+ return false;
+ }
+ }
+
+ foreach ($role_array as $role_key => $role_value) {
+ if (ACSLib::get_boolean($row["open_for_{$role_key}"]) && $role_value) {
+ $ret = true;
+ break;
+ } elseif ($role_key == 'member') {
+ // ±ÜÍ÷µö²Ä¤òÍ¿¤¨¤ë¥³¥ß¥å¥Ë¥Æ¥£¤¬»ØÄꤵ¤ì¤Æ¤¤¤ë¾ì¹ç
+ if(count($row['trusted_community_row_array']) > 0){
+ foreach ($row['trusted_community_row_array'] as $trusted_community_row) {
+ if (ACSCommunity::is_community_member($acs_user_info_row['user_community_id'], $trusted_community_row['community_id'])) {
+ $ret = true;
+ break;
+ }
+ }
+ }
+ if ($ret) {
+ break;
+ }
+ }
+ }
+
+ return $ret;
+ }
+
+ /**
+ * role_array¤Ë±þ¤¸¤Ærow_array¤ò¼èÆÀ¤¹¤ë (¥³¥ß¥å¥Ë¥Æ¥£)
+ *
+ * @param $acs_user_info_row ¥¢¥¯¥»¥¹¼Ô¤Î¥æ¡¼¥¶¾ðÊó
+ * @param $role_array ¥¢¥¯¥»¥¹¼Ô¤Îrole_array
+ * @param $row ¥¢¥¯¥»¥¹ÂоݤȤʤë¥Ç¡¼¥¿ (Ï¢ÁÛÇÛÎó¤ÎÇÛÎó)
+ * @return row_array
+ */
+ static function get_valid_row_array_for_community($acs_user_info_row, $role_array, $row_array) {
+ $new_row_array = array();
+ foreach ($row_array as $row) {
+ if (ACSAccessControl::is_valid_user_for_community($acs_user_info_row, $role_array, $row)) {
+ array_push($new_row_array, $row);
+ }
+ }
+ return $new_row_array;
+ }
+
+ /**
+ * role_array¤Ë±þ¤¸¤Æobj_row_array¤ò¼èÆÀ¤¹¤ë (¥³¥ß¥å¥Ë¥Æ¥£)
+ *
+ * @param $acs_user_info_row ¥¢¥¯¥»¥¹¼Ô¤Î¥æ¡¼¥¶¾ðÊó
+ * @param $role_array ¥¢¥¯¥»¥¹¼Ô¤Îrole_array
+ * @param $obj_row_array ¥¢¥¯¥»¥¹ÂоݤȤʤë¥Ç¡¼¥¿ (¥ª¥Ö¥¸¥§¥¯¥È¤ÎÇÛÎó)
+ * @return ¥¢¥¯¥»¥¹²Äǽ¤Ê¥Ç¡¼¥¿(¥ª¥Ö¥¸¥§¥¯¥È¤ÎÇÛÎó)
+ */
+ static function get_valid_obj_row_array_for_community($acs_user_info_row, $role_array, $obj_array) {
+ $new_obj_array = array();
+
+ /* ¸ø³«ÈÏ°Ï¥Þ¥¹¥¿¼èÆÀ */
+ $open_level_master_row_array = ACSAccessControl::get_all_open_level_master_row_array();
+
+ foreach ($obj_array as $obj) {
+ $open_level_code = $obj->get_open_level_code();
+
+ // obj -> row ¤ËÊÑ´¹
+ $row['community_id'] = $obj->get_community_id();
+ $row['open_level_code'] = $open_level_code;
+ $row['open_for_public'] = $open_level_master_row_array[$open_level_code]['open_for_public'];
+ $row['open_for_user'] = $open_level_master_row_array[$open_level_code]['open_for_user'];
+ $row['open_for_member'] = $open_level_master_row_array[$open_level_code]['open_for_member'];
+ $row['open_for_administrator'] = $open_level_master_row_array[$open_level_code]['open_for_administrator'];
+ $row['open_for_system_administrator'] = $open_level_master_row_array[$open_level_code]['open_for_system_administrator'];
+ $row['trusted_community_row_array'] = $obj->get_trusted_community_row_array();
+
+ if (ACSAccessControl::is_valid_user_for_community($acs_user_info_row, $role_array, $row)) {
+ array_push($new_obj_array, $obj);
+ }
+ }
+ return $new_obj_array;
+ }
+
+
+ /**
+ * ¥·¥¹¥Æ¥à´ÉÍý¼Ô¤«¤É¤¦¤«
+ *
+ * @param $acs_user_info_row ¥æ¡¼¥¶¾ðÊó¤ÎÇÛÎó
+ * @return true / false
+ */
+ static function is_system_administrator($acs_user_info_row) {
+ if (ACSLib::get_boolean($acs_user_info_row['administrator_flag']) || $acs_user_info_row['user_id'] == ACS_ADMINISTRATOR_USER_ID) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ /**
+ * ¥¢¥¯¥»¥¹¸¢¤Ë±þ¤¸¤ÆÊѲ½¤¹¤ëɽ¼¨¾ðÊó¤òÀßÄꤹ¤ë
+ *
+ * @param $profile_row ¥×¥í¥Õ¥£¡¼¥ë¾ðÊó¤Î£±¤Ä
+ * @param $view_at ɽ¼¨¤Î¥¢¥¯¥»¥¹¸¢
+ *
+ * @return $profile_row
+ */
+ static function set_not_open($profile_row,$view_at){
+ $profile_row['not_open'] = false;
+ for($i = 0; $i < count($view_at); $i++){
+ if($profile_row['open_level_code'] == $view_at[$i]){
+ $profile_row['not_open'] = true;
+ break;
+ }
+ }
+ return $profile_row;
+ }
+}
+
+?>