<?php/*** @version		$Id: authorization.php 8331 2007-08-03 20:37:49Z eddieajau $* @package		Joomla.Framework* @subpackage	User* @copyright	Copyright (C) 2005 - 2007 Open Source Matters. All rights reserved.* @license		GNU/GPL, see LICENSE.php* Joomla! is free software. This version may have been modified pursuant* to the GNU General Public License, and as distributed it includes or* is derivative of works licensed under the GNU General Public License or* other free or open source software licenses.* See COPYRIGHT.php for copyright notices and details.*/// Check to ensure this file is within the rest of the frameworkdefined('JPATH_BASE') or die();jimport('phpgacl.gacl');jimport('phpgacl.gacl_api');/** * Class that handles all access authorization * * @package 	Joomla.Framework * @subpackage	User * @since		1.5 */class JAuthorization extends gacl_api{	/**	 * Access control list	 * @var	array	 */	var $acl       = null;	/**	 * Internal counter	 * @var	int	 */	var $acl_count = 0;	/**	 * The check mode.  0 = Joomla!, 1 = phpGACL	 * @var	int	 */	var $_checkMode = 0;	/**	 * Constructor	 * @param array An arry of options to oeverride the class defaults	 */	function JAuthorization($options = NULL)	{		parent::gacl( $options );		// ARO value is currently the user type,		// this changes to user id in proper implementation		// No hierarchial inheritance so have to do that the long way		$this->acl = array();		// special ACl with return value to edit user		$this->addACL( 'com_user', 'edit', 'users', 'super administrator', null, null, '' );		$this->addACL( 'com_user', 'edit', 'users', 'administrator', null, null, '' );		$this->addACL( 'com_user', 'edit', 'users', 'manager', null, null, '' );		// return value defines xml setup file variant		$this->addACL( 'com_user', 'edit', 'users', 'author', null, null, 'author' );		$this->addACL( 'com_user', 'edit', 'users', 'editor', null, null, 'author' );		$this->addACL( 'com_user', 'edit', 'users', 'publisher', null, null, 'author' );		$this->addACL( 'com_user', 'edit', 'users', 'registered', null, null, 'registered' );		// backend login		$this->addACL( 'login', 'administrator', 'users', 'administrator' );		$this->addACL( 'login', 'administrator', 'users', 'super administrator' );		$this->addACL( 'login', 'administrator', 'users', 'manager' );		$this->addACL( 'login', 'site', 'users', 'administrator' );		$this->addACL( 'login', 'site', 'users', 'super administrator' );		$this->addACL( 'login', 'site', 'users', 'manager' );		$this->addACL( 'login', 'site', 'users', 'registered' );		$this->addACL( 'login', 'site', 'users', 'author' );		$this->addACL( 'login', 'site', 'users', 'editor' );		$this->addACL( 'login', 'site', 'users', 'publisher' );		// backend menus		$this->addACL( 'com_banners', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_banners', 'manage', 'users', 'administrator' );		$this->addACL( 'com_banners', 'manage', 'users', 'manager' );		$this->addACL( 'com_checkin', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_checkin', 'manage', 'users', 'administrator' );		$this->addACL( 'com_cache', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_cache', 'manage', 'users', 'administrator' );		$this->addACL( 'com_config', 'manage', 'users', 'super administrator' );		//$this->addACL( 'com_config', 'manage', 'users', 'administrator' );		$this->addACL( 'com_contact', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_contact', 'manage', 'users', 'administrator' );		$this->addACL( 'com_contact', 'manage', 'users', 'manager' );		$this->addACL( 'com_components', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_components', 'manage', 'users', 'administrator' );		$this->addACL( 'com_components', 'manage', 'users', 'manager' );		$this->addACL( 'com_frontpage', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_frontpage', 'manage', 'users', 'administrator' );		$this->addACL( 'com_frontpage', 'manage', 'users', 'manager' );		$this->addACL( 'com_frontpage', 'edit', 'users', 'manager' );		// access to installers and base installer		$this->addACL( 'com_installer', 'installer', 'users', 'administrator' );		$this->addACL( 'com_installer', 'installer', 'users', 'super administrator' );		$this->addACL( 'com_installer', 'component', 'users', 'administrator' );		$this->addACL( 'com_installer', 'component', 'users', 'super administrator' );		$this->addACL( 'com_installer', 'language', 'users', 'super administrator' );		$this->addACL( 'com_installer', 'language', 'users', 'administrator' );		$this->addACL( 'com_installer', 'module', 'users', 'administrator' );		$this->addACL( 'com_installer', 'module', 'users', 'super administrator' );		$this->addACL( 'com_installer', 'plugin', 'users', 'administrator' );		$this->addACL( 'com_installer', 'plugin', 'users', 'super administrator' );		$this->addACL( 'com_installer', 'template', 'users', 'super administrator' );		$this->addACL( 'com_installer', 'template', 'users', 'administrator' );		$this->addACL( 'com_languages', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_plugins', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_plugins', 'manage', 'users', 'administrator' );		// uncomment following to allow managers to edit modules		//array( 'administration', 'edit', 'users', 'manager', 'modules', 'all' );		$this->addACL( 'com_massmail', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_media', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_media', 'manage', 'users', 'administrator' );		$this->addACL( 'com_media', 'manage', 'users', 'manager' );		$this->addACL( 'com_media', 'popup', 'users', 'super administrator' );		$this->addACL( 'com_media', 'popup', 'users', 'administrator' );		$this->addACL( 'com_media', 'popup', 'users', 'manager' );		$this->addACL( 'com_media', 'popup', 'users', 'registered' );		$this->addACL( 'com_media', 'popup', 'users', 'author' );		$this->addACL( 'com_media', 'popup', 'users', 'editor' );		$this->addACL( 'com_media', 'popup', 'users', 'publisher' );		$this->addACL( 'com_menumanager', 'manage', 'users', 'administrator' );		$this->addACL( 'com_menumanager', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_modules', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_modules', 'manage', 'users', 'administrator' );		$this->addACL( 'com_newsfeeds', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_newsfeeds', 'manage', 'users', 'administrator' );		$this->addACL( 'com_newsfeeds', 'manage', 'users', 'manager' );		$this->addACL( 'com_poll', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_poll', 'manage', 'users', 'administrator' );		$this->addACL( 'com_poll', 'manage', 'users', 'manager' );		$this->addACL( 'com_templates', 'manage', 'users', 'super administrator' );		//$this->addACL( 'com_templates', 'manage', 'user', 'administrator' )		$this->addACL( 'com_trash', 'manage', 'users', 'administrator' );		$this->addACL( 'com_trash', 'manage', 'users', 'super administrator' );		// email block users property		$this->addACL( 'com_users', 'block user', 'users', 'administrator' );		$this->addACL( 'com_users', 'block user', 'users', 'super administrator' );		$this->addACL( 'com_users', 'manage', 'users', 'administrator' );		$this->addACL( 'com_users', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_weblinks', 'manage', 'users', 'super administrator' );		$this->addACL( 'com_weblinks', 'manage', 'users', 'administrator' );		$this->addACL( 'com_weblinks', 'manage', 'users', 'manager' );		// email system events		$this->addACL( 'com_users', 'email_events', 'users', 'administrator' );		$this->addACL( 'com_users', 'email_events', 'users', 'super administrator' );		$this->addACL( 'workflow', 'email_events', 'users', 'administrator', null, null );		$this->addACL( 'workflow', 'email_events', 'users', 'super administrator', null, null );		// actions		$this->addACL( 'com_content', 'add', 'users', 'author', 'content', 'all' );		$this->addACL( 'com_content', 'add', 'users', 'editor', 'content', 'all' );		$this->addACL( 'com_content', 'add', 'users', 'publisher', 'content', 'all' );		$this->addACL( 'com_content', 'edit', 'users', 'author', 'content', 'own' );		$this->addACL( 'com_content', 'edit', 'users', 'editor', 'content', 'all' );		$this->addACL( 'com_content', 'edit', 'users', 'publisher', 'content', 'all' );		$this->addACL( 'com_content', 'publish', 'users', 'publisher', 'content', 'all' );		$this->addACL( 'com_content', 'add', 'users', 'manager', 'content', 'all' );		$this->addACL( 'com_content', 'edit', 'users', 'manager', 'content', 'all' );		$this->addACL( 'com_content', 'publish', 'users', 'manager', 'content', 'all' );		$this->addACL( 'com_content', 'add', 'users', 'administrator', 'content', 'all' );		$this->addACL( 'com_content', 'edit', 'users', 'administrator', 'content', 'all' );		$this->addACL( 'com_content', 'publish', 'users', 'administrator', 'content', 'all' );		$this->addACL( 'com_content', 'add', 'users', 'super administrator', 'content', 'all' );		$this->addACL( 'com_content', 'edit', 'users', 'super administrator', 'content', 'all' );		$this->addACL( 'com_content', 'publish', 'users', 'super administrator', 'content', 'all' );	}	/**	 * This is a temporary function to allow 3PD's to add basic ACL checks for their	 * modules and components.  NOTE: this information will be compiled in the db	 * in future versions	 *	 * @param	string	The ACO section value	 * @param	string	The ACO value	 * @param	string	The ARO section value	 * @param	string	The ARO section	 * @param	string	The AXO section value (optional)	 * @param	string	The AXO section value (optional)	 * @param	string	The return value for the ACL (optional)	 */	function addACL( $aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value=NULL, $axo_value=NULL, $return_value=NULL )	{		$this->acl[] = array( $aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value, $axo_value, $return_value );		$this->acl_count++;	}	/**	 * Gets the chec mode	 * @return	int	 */	function getCheckMode()	{		return $this->_checkMode;	}	/**	 * Sets the check mode.	 *	 * Only used if the full implementation of the phpGACL library is installed and configured	 *	 * @param	int		0 = Joomla!, 1 = phpGACL native	 * @return	int		The previous value	 */	function setCheckMode( $value )	{		$old				= $this->_checkMode;		$this->_checkMode	= (int) $value;		return $old;	}	/**	* Wraps the actual acl_query() function.	*	* It is simply here to return TRUE/FALSE accordingly.	* @param string The ACO section value	* @param string The ACO value	* @param string The ARO section value	* @param string The ARO section	* @param string The AXO section value (optional)	* @param string The AXO section value (optional)	* @param integer The group id of the ARO ??Mike?? (optional)	* @param integer The group id of the AXO ??Mike?? (optional)	* @return mixed Generally a zero (0) or (1) or the extended return value of the ACL	*/	function acl_check( $aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value=NULL, $axo_value=NULL, $root_aro_group=NULL, $root_axo_group=NULL )	{		if ($this->_checkMode === 1) {			return parent::acl_check( $aco_section_value, $aco_value, $aro_section_value, $aro_value, $axo_section_value, $axo_value, $root_aro_group, $root_axo_group );		}		$this->debug_text( "\n<br> ACO=$aco_section_value:$aco_value, ARO=$aro_section_value:$aro_value, AXO=$axo_section_value|$axo_value" );		$acl_result = 0;		for ($i=0; $i < $this->acl_count; $i++)		{			$acl =& $this->acl[$i];			if (strcasecmp( $aco_section_value, $acl[0] ) == 0) {				if (strcasecmp( $aco_value, $acl[1] ) == 0) {					if (strcasecmp( $aro_section_value, $acl[2] ) == 0) {						if (strcasecmp( $aro_value, $acl[3] ) == 0) {							if ($axo_section_value && $acl[4]) {								if (strcasecmp( $axo_section_value, $acl[4] ) == 0) {									if (strcasecmp( $axo_value, $acl[5] ) == 0) {										$acl_result = @$acl[6] ? $acl[6] : 1;										break;									}								}							} else {								$acl_result = @$acl[6] ? $acl[6] : 1;