Support Forum
>>> what is not showing? entire forum? some posts? access denied? maybe a screenshot… and is this as guest, user or admin? or all of above? as admin, you wouldnt want to set them all to 1, a couple need to be zero…
OK for example, I am on the main forum listing. I have three forums. 2 are open to standard members. The 3rd forum has the premium permission set.
The current user (non-admin) does not belong to the premium group.
When I list the forum w/out action triggered function test_ppp I see the two forums with that have the standard permission set. I don't see the third. That's as expected.
Then I set the action to fire. (I have reduced the #permissions per Papa's suggestion).
// inserted into theme spFunctions.php
function test_ppp($a) {
global $sfglobals;
$aForum=13;
$aSubForum=14;
array_push($a->memberships, array ('usergroup_id' => 4, 'usergroup_name' => 'Premium', 'usergroup_desc' =>'', 'usergroup_join' => 0 ));
$a->auths[$aForum][$sfglobals['auths_map']['view_forum']]=1;
$a->auths[$aSubForum][$sfglobals['auths_map']['view_forum']]=1;
$a->auths[$aForum][$sfglobals['auths_map']['view_forum_topic_lists']]=1;
$a->auths[$aSubForum][$sfglobals['auths_map']['view_forum_topic_lists']]=1;
// foreach( $a->auths[$aForum] as $key => $value) $a->auths[$aForum][$key]=1;
// foreach( $a->auths[$aSubForum] as $key => $value) $a->auths[$aSubForum][$key]=1;
// echo print_r($a);
}
add_action('sph_current_user_class', 'test_ppp');If I do a print_r($spThisUser) in either
function sp_can_view
or
function sp_get_auth
and the auth values seem to stick.
I think I found where they get reset.
Here is a copy of function sp_get_auth
I think the relevant sp_can_view is called here:
./forum/content/classes/sp-forum-view-class.php
No userid is passed, so sp_can_view does this:
if (empty($userid)) $userid = $spThisUser->ID;
So it is set and it is not an object and it's an integer.
So, I think the code that applies is below where I added/wrote "LOOK HERE FIRST"
Doesn't the sp_get_member_item look in the database? This overwrites the permissions that were set dynamically.
If the code below LOOK HERE SECOND were allowed to run, I think the dynamic permissions would have worked but it is blocked because of the empty condition.
Hopefully I have not totally misunderstood something !!!
function sp_get_auth($check, $id = 'global', $userid = '') {
global $sfglobals, $spThisUser;
// testing
// echo print_r($sfglobals['auths_map']);
// exit;
if (empty($id)) $id = 'global';
# check if for current user or specified user
### LOOK HERE SECOND ####
if (empty($userid)) {
# retrieve the current user auth
if (!isset($spThisUser->auths[$id])) {
$auth = 0;
} else {
$auth = $spThisUser->auths[$id][$sfglobals['auths_map'][$check]];
}
# is this a guest and auth should be ignored?
if (empty($spThisUser->ID) && $sfglobals['auths'][$sfglobals['auths_map'][$check]]->ignored) $auth = 0;
} else {
# see if we have a user object passed in with auths defined
if (is_object($userid) && is_array($userid->auths)) {
$user_auths = $userid->auths;
} else {
################## LOOK HERE FIRST ################################
#retrieve auth for specified user
$user_auths = sp_get_member_item($userid, 'auths');
if (empty($user_auths)) $user_auths = sp_rebuild_user_auths($userid);
}
$auth = $user_auths[$id][$sfglobals['auths_map'][$check]];
}
return ((int) $auth == 1);
}
# Version: 5.2
function sp_can_view($forumid, $view, $userid=0, $posterid=0) {
global $spThisUser;
/ /testing
// echo print_r($spThisUser);
// exit;
if (empty($userid)) $userid = $spThisUser->ID;
$auth = false;
switch ($view) {
case 'forum-title':
$auth = (sp_get_auth('view_forum', $forumid, $userid) || sp_get_auth('view_forum_lists', $forumid, $userid) || sp_get_auth('view_forum_topic_lists', $forumid, $userid));
$auth = apply_filters('sph_auth_view_forum_title', $auth, $forumid, $view, $userid, $posterid);
break;
case 'topic-title':
$auth = (sp_get_auth('view_forum', $forumid, $userid) || sp_get_auth('view_forum_topic_lists', $forumid, $userid));
$auth = apply_filters('sph_auth_view_topic_title', $auth, $forumid, $view, $userid, $posterid);
break;
case 'post-content':
$auth = (sp_get_auth('view_forum', $forumid, $userid) &&
(!sp_is_forum_admin($posterid) || sp_get_auth('view_admin_posts', $forumid, $userid)) &&
(sp_is_forum_admin($posterid) || sp_is_forum_mod($posterid) || $userid == $posterid || !sp_get_auth('view_own_admin_posts', $forumid, $userid)));
$auth = apply_filters('sph_auth_view_post_content', $auth, $forumid, $view, $userid, $posterid);
break;
default:
$auth = apply_filters('sph_auth_view_'.$view, $auth, $forumid, $view, $userid, $posterid);
break;
}
$auth = apply_filters('sph_auth_view', $auth, $forumid, $view, $userid, $posterid);
return $auth;
}
Wishing you well!
so not sure I followed all this...
if $userid is empty, that means you have a guest viewing the page... but that does not seem appropriate for what you are doing...
also, the code you highlighted, when it has a user id, is logic for checking the user auth cache... if the auth cache is empty, then it reloads (recalculates) it for the current user... the auth cache is really just a db entry... look at the sfmembers table... the auths column...
so when a user visits the site, rather than calculate all their auths, we check that column for the user and then grab their auths... if that entry is empty, then we calculate the auths and populate that column... the value stays in the column until something happens on the site that cause a potential change in the user auths (rare once the site is set up)...
so potentially you are seeing this because your users dont have their auths cache primed...
but perhaps still not following... will try to reread when I have time...
Visit Cruise Talk Central and Mr Papa's World
1 Guest(s)