From: Roland Häder <roland@mxchange.org>
Date: Thu, 30 Jun 2011 02:40:50 +0000 (+0000)
Subject: 'NO-ACL' is more clear that we don't have an ACL for the given admin than three aster... 
X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=commitdiff_plain;h=9b8fe454a575a1f000b00bc7ca37eaad6d59d21a;ds=sidebyside

'NO-ACL' is more clear that we don't have an ACL for the given admin than three asterisks, function isAdminsAllowedByAcl() is now cached (and new name)
---

diff --git a/inc/filters.php b/inc/filters.php
index 079efbc60a..c8b52da2c8 100644
--- a/inc/filters.php
+++ b/inc/filters.php
@@ -813,7 +813,7 @@ function FILTER_CHECK_ADMIN_ACL () {
 		} // END - if
 
 		// Check for access control line of current menu entry
-		$ret = adminsCheckAdminAcl($action, getWhat());
+		$ret = isAdminsAllowedByAcl($action, getWhat());
 	} // END - if
 
 	// Set it here
diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php
index 9739305777..c1987fb465 100644
--- a/inc/libs/admins_functions.php
+++ b/inc/libs/admins_functions.php
@@ -41,18 +41,20 @@ if (!defined('__SECURITY')) {
 }
 
 // Check ACL for menu combination
-function adminsCheckAdminAcl ($action, $what) {
-	// If action is login or logout allow allways!
-	$default = 'allow';
+function isAdminsAllowedByAcl ($action, $what) {
+	// Get admin's id
+	$adminId = getCurrentAdminId();
+
 	if (($action == 'login') || ($action == 'logout')) {
+		// If action is login or logout allow allways!
 		return true;
-	} // END - if
-
-	// Default is deny
-	$ret = false;
+	} elseif (isset($GLOBALS[__FUNCTION__][$adminId][$action][$what])) {
+		// If we have cache, use it
+		return $GLOBALS[__FUNCTION__][$adminId][$action][$what];
+	}
 
-	// Get admin's id
-	$adminId = getCurrentAdminId();
+	// But default result is failed
+	$GLOBALS[__FUNCTION__][$action][$what] = false;
 
 	// Get admin's defult access right
 	$default = getAdminDefaultAcl($adminId);
@@ -63,7 +65,7 @@ function adminsCheckAdminAcl ($action, $what) {
 		$parent_action = getActionFromModuleWhat('admin', $what);
 
 		// Check with this function...
-		$parent = adminsCheckAdminAcl($parent_action, '');
+		$parent = isAdminsAllowedByAcl($parent_action, '');
 	} else {
 		// Anything else is true!
 		$parent = false;
@@ -81,7 +83,7 @@ function adminsCheckAdminAcl ($action, $what) {
 			$aclMode = $GLOBALS['cache_array']['admin_acls']['access_mode'][$adminId][$key];
 
 			// Log debug message
-			logDebugMessage(__FUNCTION__, __LINE__, 'action=' . $action . ',key=' . $key . ',acl_mode=' . $aclMode);
+			//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'action=' . $action . ',key=' . $key . ',acl_mode=' . $aclMode);
 
 			// Count cache hits
 			incrementStatsEntry('cache_hits');
@@ -93,13 +95,13 @@ function adminsCheckAdminAcl ($action, $what) {
 			$aclMode = $GLOBALS['cache_array']['admin_acls']['access_mode'][$adminId][$key];
 
 			// Log debug message
-			logDebugMessage(__FUNCTION__, __LINE__, 'what=' . $what . ',key=' . $key . ',acl_mode=' . $aclMode);
+			//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'what=' . $what . ',key=' . $key . ',acl_mode=' . $aclMode);
 
 			// Count cache hits
 			incrementStatsEntry('cache_hits');
 		}
 	} elseif (!isExtensionActive('cache')) {
-		// Old version, so load it from database
+		// Extension ext-cache is absent, so load it from database
 		$result = false;
 		if (!empty($action)) {
 			// Main menu
@@ -123,14 +125,14 @@ function adminsCheckAdminAcl ($action, $what) {
 
 	// Check ACL and (maybe) allow
 	//* DEBUG: */ debugOutput('default='.$default.',acl_mode='.$aclMode.',parent='.intval($parent));
-	if ((($default == 'allow') && ($aclMode != 'deny')) || (($default == 'deny') && ($aclMode == 'allow')) || ($parent === true) || (($default == '***') && ($aclMode == 'failed') && ($parent === false))) {
+	if ((($default == 'allow') && ($aclMode != 'deny')) || (($default == 'deny') && ($aclMode == 'allow')) || ($parent === true) || (($default == 'NO-ACL') && ($aclMode == 'failed') && ($parent === false))) {
 		// Access is granted
-		$ret = true;
+		$GLOBALS[__FUNCTION__][$adminId][$action][$what] = true;
 	} // END - if
 
 	// Return value
 	//* DEBUG: */ debugOutput(__FUNCTION__.'['.__LINE__.']:act='.$action.',wht='.$what.',default='.$default.',aclMode='.$aclMode);
-	return $ret;
+	return $GLOBALS[__FUNCTION__][$adminId][$action][$what];
 }
 
 // Create email link to admins's account
diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index e34b0cf014..e5427c7409 100644
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -240,7 +240,7 @@ function isAdminAllowedAccessMenu ($action, $what = null) {
 	if (!isset($GLOBALS[__FUNCTION__][$action][$what])) {
 		// ACL is always 'allow' when no ext-admins is installed
 		// @TODO This can be rewritten into a filter
-		$GLOBALS[__FUNCTION__][$action][$what] = ((!isExtensionInstalledAndNewer('admins', '0.2.0')) || (adminsCheckAdminAcl($action, $what)));
+		$GLOBALS[__FUNCTION__][$action][$what] = ((!isExtensionInstalledAndNewer('admins', '0.2.0')) || (isAdminsAllowedByAcl($action, $what)));
 	} // END - if
 
 	// Return the cached value
diff --git a/inc/modules/admin/what-list_admins_acls.php b/inc/modules/admin/what-list_admins_acls.php
index e8159b074c..b5fb48cd43 100644
--- a/inc/modules/admin/what-list_admins_acls.php
+++ b/inc/modules/admin/what-list_admins_acls.php
@@ -154,7 +154,7 @@ LIMIT 1",
 	$ACL = false;
 	if (isPostRequestParameterSet('what_menu')) {
 		// Check parent ACL
-		$ACL = adminsCheckAdminAcl(getActionFromModuleWhat('admin', postRequestParameter('what_menu')), '');
+		$ACL = isAdminsAllowedByAcl(getActionFromModuleWhat('admin', postRequestParameter('what_menu')), '');
 	} // END - if
 
 	if (($mode != postRequestParameter('mode')) || (($ACL === true) && (postRequestParameter('mode') == 'deny'))) {
diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index 121ff9c02e..aecb0317be 100644
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -1390,7 +1390,7 @@ function getAdminEmail ($adminId) {
 // Get default ACL  of admin id
 function getAdminDefaultAcl ($adminId) {
 	// By default an invalid ACL value is returned
-	$data['default_acl'] = '***';
+	$data['default_acl'] = 'NO-ACL';
 
 	// Is sql_patches there and was it found in cache?
 	if (!isExtensionActive('sql_patches')) {
@@ -1406,6 +1406,8 @@ function getAdminDefaultAcl ($adminId) {
 		// Load from database
 		$result_admin_id = SQL_QUERY_ESC("SELECT `default_acl` FROM `{?_MYSQL_PREFIX?}_admins` WHERE `id`=%s LIMIT 1",
 			array(bigintval($adminId)), __FUNCTION__, __LINE__);
+
+		// Do we have an entry?
 		if (SQL_NUMROWS($result_admin_id) == 1) {
 			// Fetch data
 			$data = SQL_FETCHARRAY($result_admin_id);