24
define("ANY_ELEMENT_RIGHT", -1);
25
define("GROUP_RIGHT", 0);
22
require_once "include/db.inc.php";
24
function permission2str($group_permission)
26
$str_perm[PERM_READ_WRITE] = S_READ_WRITE;
27
$str_perm[PERM_READ_ONLY] = S_READ_ONLY;
28
$str_perm[PERM_DENY] = S_DENY;
30
if(isset($str_perm[$group_permission]))
31
return $str_perm[$group_permission];
36
/*****************************************
37
CHECK USER AUTHORISATION
38
*****************************************/
27
40
function check_authorisation()
30
43
global $PHP_AUTH_USER,$PHP_AUTH_PW;
31
44
global $USER_DETAILS;
46
global $ZBX_LOCALNODEID;
36
48
$USER_DETAILS = NULL;
37
$USER_RIGHTS = array();
39
if(isset($_COOKIE["zbx_sessionid"]))
50
$sessionid = get_cookie("zbx_sessionid");
52
if( !is_null($sessionid))
41
$sessionid = $_COOKIE["zbx_sessionid"];
42
$USER_DETAILS = DBfetch(DBselect("select u.*,s.* from sessions s,users u".
54
if(!($USER_DETAILS = DBfetch(DBselect("select u.*,s.* from sessions s,users u".
43
55
" where s.sessionid=".zbx_dbstr($sessionid)." and s.userid=u.userid".
44
" and ((s.lastaccess+u.autologout>".time().") or (u.autologout=0))"));
56
" and ((s.lastaccess+u.autologout>".time().") or (u.autologout=0))".
57
" and ".DBid2nodeid('u.userid')." = ".$ZBX_LOCALNODEID))))
48
$USER_DETAILS = array("alias"=>"- unknown -","userid"=>0);
50
setcookie("zbx_sessionid",$sessionid,time()-3600);
51
unset($_COOKIE["zbx_sessionid"]);
59
zbx_unsetcookie('zbx_sessionid');
60
DBexecute("delete from sessions where sessionid=".zbx_dbstr($sessionid));
54
show_header("Login",0,0,1);
55
show_error_message("Session was ended, please relogin!");
60
$USER_DETAILS = DBfetch(DBselect("select u.* from users u where u.alias='guest'"));
63
$incorrect_session = true;
67
zbx_setcookie("zbx_sessionid",$sessionid);
68
DBexecute("update sessions set lastaccess=".time()." where sessionid=".zbx_dbstr($sessionid));
74
if(!($USER_DETAILS = DBfetch(DBselect("select u.* from users u where u.alias='guest'".
75
" and ".DBid2nodeid('u.userid')."=$ZBX_LOCALNODEID"))))
77
$missed_user_guest = true;
67
setcookie("zbx_sessionid",$sessionid);
68
DBexecute("update sessions set lastaccess=".time()." where sessionid=".zbx_dbstr($sessionid));
71
$USER_RIGHTS = array();
73
$db_rights = DBselect("select * from rights where userid=".$USER_DETAILS["userid"]);
74
while($db_right = DBfetch($db_rights))
77
"name"=> $db_right["name"],
78
"id"=> $db_right["id"],
79
"permission"=> $db_right["permission"]
82
array_push($USER_RIGHTS,$usr_right);
83
$USER_DETAILS['node'] = DBfetch(DBselect('select * from nodes where nodeid='.id2nodeid($USER_DETAILS['userid'])));
84
if(empty($USER_DETAILS['node']))
86
$USER_DETAILS['node']['name'] = '- unknown -';
87
$USER_DETAILS['node']['nodeid'] = $ZBX_LOCALNODEID;
88
$USER_DETAILS = array("alias"=>"- unknown -","userid"=>0);
95
setcookie("zbx_sessionid",$sessionid,time()-3600);
96
unset($_COOKIE["zbx_sessionid"]);
99
if($page["file"]!="index.php")
101
echo "<meta http-equiv=\"refresh\" content=\"0; url=index.php\">";
92
$USER_DETAILS = array(
98
"name" =>'- unknown -',
102
if(isset($incorrect_session) || isset($missed_user_guest))
104
if(isset($incorrect_session)) $message = "Session was ended, please relogin!";
105
else if(isset($missed_user_guest)) $message = "Database corrupted, missed default user 'guest'";
109
if(!isset($_REQUEST['message'])) $_REQUEST['message'] = $message;
111
include('index.php');
104
show_header("Login",0,0,1);
105
show_error_message("Login name or password is incorrect");
112
function permission2int($permission)
121
if(isset($int_rights[$permission]))
122
return ($int_rights[$permission]);
124
return ($int_rights["R"]);
127
function permission_min($permission1, $permission2) // NOTE: only for integer permissions !!! see: permission2int
129
if(is_null($permission1) && is_null($permission2)) return NULL;
130
if(is_null($permission1)) return $permission2;
131
if(is_null($permission2)) return $permission1;
132
return min($permission1,$permission2);
134
function permission_max($permission1, $permission2) // NOTE: only for integer permissions !!! see: permission2int
136
if(is_null($permission1) && is_null($permission2)) return NULL;
137
if(is_null($permission1)) return $permission2;
138
if(is_null($permission2)) return $permission1;
139
return max($permission1,$permission2);
142
function check_right($right,$permission,$id = GROUP_RIGHT)
146
$default_permission = permission2int("H");
147
$group_permission = NULL;
148
$id_permission = NULL;
149
$any_permission = NULL;
151
$permission = permission2int($permission);
153
if(count($USER_RIGHTS) > 0)
155
foreach($USER_RIGHTS as $usr_right)
157
$int_permision = permission2int($usr_right["permission"]);
158
if($usr_right["name"] == $right) {
160
if($usr_right["id"] == $id)
161
$id_permission = permission_max($id_permission, $int_permision);
162
if($usr_right["id"] == GROUP_RIGHT)
163
$group_permission = permission_max($group_permission, $int_permision);
165
$any_permission = permission_max($any_permission, $int_permision);
167
if($usr_right["name"] == 'Default permission')
169
$default_permission = permission_max($default_permission, $int_permision);
174
if($id == ANY_ELEMENT_RIGHT)
175
$access = permission_max($any_permission, $default_permission);
177
$access = $id_permission;
179
if(is_null($access)) $access = $group_permission;
180
if(is_null($access)) $access = $default_permission;
183
//SDI($right.": ".$access." >= ".$permission);
184
return (($access >= $permission) ? 1 : 0);
187
function check_anyright($right,$permission)
189
return check_right($right,$permission, ANY_ELEMENT_RIGHT);
116
/***********************************************
117
GET ACCESSIBLE RESOURCES BY USERID
118
************************************************/
119
function perm_mode2comparator($perm_mode)
123
case PERM_MODE_NE: $perm_mode = '!='; break;
124
case PERM_MODE_EQ: $perm_mode = '=='; break;
125
case PERM_MODE_GT: $perm_mode = '>'; break;
126
case PERM_MODE_LT: $perm_mode = '<'; break;
127
case PERM_MODE_LE: $perm_mode = '<='; break;
129
default: $perm_mode = '>='; break;
134
function get_accessible_hosts_by_user(&$user_data,$perm,$perm_mode=null,$perm_res=null,$nodeid=null,$hostid=null)
136
if(is_null($perm_res)) $perm_res = PERM_RES_STRING_LINE;
137
if($perm == PERM_READ_LIST) $perm = PERM_READ_ONLY;
141
$userid =& $user_data['userid'];
142
$user_type =& $user_data['type'];
144
if(!isset($userid)) fatal_error('Incorrect user data in "get_accessible_hosts_by_user"');
148
case PERM_RES_DATA_ARRAY: $resdata = '$host_data'; break;
149
default: $resdata = '$host_data["hostid"]'; break;
152
COpt::counter_up('perm_host['.$userid.','.$perm.','.$perm_mode.','.$perm_res.','.$nodeid.']');
153
COpt::counter_up('perm');
157
if(is_array($nodeid)) array_push($where, DBid2nodeid('h.hostid').' in ('.implode(',', $nodeid).') ');
158
elseif(isset($nodeid)) array_push($where, DBid2nodeid('h.hostid').' in ('.$nodeid.') ');
160
if(is_array($hostid)) array_push($where, ' h.hostid in ('.implode(',', $hostid).') ');
161
elseif(isset($hostid)) array_push($where, ' h.hostid in ('.$hostid.') ');
163
if(count($where)) $where = ' where '.implode(' and ',$where);
166
$db_hosts = DBselect('select distinct n.nodeid,n.name as node_name,h.hostid,h.host, min(r.permission) as permission,ug.userid '.
167
' from hosts h left join hosts_groups hg on hg.hostid=h.hostid '.
168
' left join groups g on g.groupid=hg.groupid '.
169
' left join rights r on r.id=g.groupid and r.type='.RESOURCE_TYPE_GROUP.
170
' left join users_groups ug on ug.usrgrpid=r.groupid and ug.userid='.$userid.
171
' left join nodes n on '.DBid2nodeid('h.hostid').'=n.nodeid '.
172
$where.' group by h.hostid,n.nodeid,n.name,h.host,ug.userid '.
173
' order by n.name,n.nodeid, h.host, permission desc, userid desc');
175
$processed = array();
176
while($host_data = DBfetch($db_hosts))
178
$host_data += DBfetch(DBselect('select * from hosts where hostid='.$host_data['hostid']));
180
if(is_null($host_data['nodeid'])) $host_data['nodeid'] = id2nodeid($host_data['hostid']);
182
/* if no rights defined used node rights */
183
if( (is_null($host_data['permission']) || is_null($host_data['userid'])) )
185
if( isset($processed[$host_data['hostid']]) )
190
$nodes = get_accessible_nodes_by_user($user_data,
191
PERM_DENY,PERM_MODE_GE,PERM_RES_DATA_ARRAY);
193
if( !isset($nodes[$host_data['nodeid']]) || $user_type==USER_TYPE_ZABBIX_USER )
194
$host_data['permission'] = PERM_DENY;
196
$host_data['permission'] = $nodes[$host_data['nodeid']]['permission'];
199
$processed[$host_data['hostid']] = true;
201
if(eval('return ('.$host_data["permission"].' '.perm_mode2comparator($perm_mode).' '.$perm.')? 0 : 1;'))
204
$result[$host_data['hostid']] = eval('return '.$resdata.';');
207
unset($processed, $host_data, $db_hosts);
209
if($perm_res == PERM_RES_STRING_LINE)
211
if(count($result) == 0)
214
$result = implode(',',$result);
220
function get_accessible_groups_by_user($user_data,$perm,$perm_mode=null,$perm_res=null,$nodeid=null)
222
global $ZBX_LOCALNODEID;
224
if(is_null($perm_mode)) $perm_mode = PERM_MODE_GE;
225
if(is_null($perm_res)) $perm_res = PERM_RES_STRING_LINE;
229
$userid =& $user_data['userid'];
230
if(!isset($userid)) fatal_error('Incorrect user data in "get_accessible_groups_by_user"');
231
$user_type =& $user_data['type'];
235
case PERM_RES_DATA_ARRAY: $resdata = '$group_data'; break;
236
default: $resdata = '$group_data["groupid"]'; break;
239
COpt::counter_up('perm_group['.$userid.','.$perm.','.$perm_mode.','.$perm_res.','.$nodeid.']');
240
COpt::counter_up('perm');
244
if(is_array($nodeid)) array_push($where, DBid2nodeid('hg.groupid').' in ('.implode(',', $nodeid).') ');
245
elseif(isset($nodeid)) array_push($where, DBid2nodeid('hg.groupid').' in ('.$nodeid.') ');
247
if(count($where)) $where = ' where '.implode(' and ',$where);
250
/* if no rights defined used node rights */
251
$db_groups = DBselect('select n.nodeid as nodeid,n.name as node_name,hg.groupid,hg.name,min(r.permission) as permission,g.userid'.
252
' from groups hg left join rights r on r.id=hg.groupid and r.type='.RESOURCE_TYPE_GROUP.
253
' left join users_groups g on r.groupid=g.usrgrpid and g.userid='.$userid.
254
' left join nodes n on '.DBid2nodeid('hg.groupid').'=n.nodeid '.
255
$where.' group by n.nodeid, n.name, hg.groupid, hg.name, g.userid, g.userid '.
256
' order by n.name, hg.name, permission desc');
258
$processed = array();
259
while($group_data = DBfetch($db_groups))
261
if(is_null($group_data['nodeid'])) $group_data['nodeid'] = id2nodeid($group_data['groupid']);
263
/* deny if no rights defined */
264
if( is_null($group_data['permission']) || is_null($group_data['userid']) )
266
if(isset($processed[$group_data['groupid']]))
271
$nodes = get_accessible_nodes_by_user($user_data,
272
PERM_DENY,PERM_MODE_GE,PERM_RES_DATA_ARRAY);
275
if( !isset($nodes[$group_data['nodeid']]) || $user_type==USER_TYPE_ZABBIX_USER )
276
$group_data['permission'] = PERM_DENY;
278
$group_data['permission'] = $nodes[$group_data['nodeid']]['permission'];
281
// $processed[$group_data['permission']] = true;
282
$processed[$group_data['groupid']] = true;
284
if(eval('return ('.$group_data["permission"].' '.perm_mode2comparator($perm_mode).' '.$perm.')? 0 : 1;'))
287
$result[$group_data['groupid']] = eval('return '.$resdata.';');
290
unset($processed, $group_data, $db_groups);
292
if($perm_res == PERM_RES_STRING_LINE)
294
if(count($result) == 0)
297
$result = implode(',',$result);
303
function get_accessible_nodes_by_user(&$user_data,$perm,$perm_mode=null,$perm_res=null,$nodeid=null)
305
global $ZBX_LOCALNODEID;
307
if(is_null($perm_mode)) $perm_mode=PERM_MODE_GE;
308
if(is_null($perm_res)) $perm_res=PERM_RES_STRING_LINE;
310
$userid =& $user_data['userid'];
311
$user_type =& $user_data['type'];
312
if(!isset($userid)) fatal_error('Incorrect user data in "get_accessible_nodes_by_user"');
318
case PERM_RES_DATA_ARRAY: $resdata = '$node_data'; break;
319
default: $resdata = '$node_data["nodeid"]'; break;
322
COpt::counter_up('perm_nodes['.$userid.','.$perm.','.$perm_mode.','.$perm_res.','.$nodeid.']');
323
COpt::counter_up('perm');
325
if(is_null($nodeid)) $where_nodeid = '';
326
else if(is_array($nodeid)) $where_nodeid = ' where n.nodeid in ('.implode(',', $nodeid).') ';
327
else $where_nodeid = ' where n.nodeid in ('.$nodeid.') ';
330
$db_nodes = DBselect('select n.nodeid,min(r.permission) as permission, g.userid'.
331
' from nodes n left join rights r on r.id=n.nodeid and r.type='.RESOURCE_TYPE_NODE.
332
' left join users_groups g on r.groupid=g.usrgrpid and g.userid='.$userid.
333
$where_nodeid.' group by n.nodeid, g.userid order by nodeid desc, userid desc, permission desc');
335
while(($node_data = DBfetch($db_nodes)) || (!isset($do_break) && !ZBX_DISTRIBUTED))
337
if($node_data && $perm_res == PERM_RES_DATA_ARRAY)
339
$node_data += DBfetch(DBselect('select * from nodes where nodeid='.$node_data['nodeid']));
342
if($node_data && isset($processed_nodeids[$node_data["nodeid"]])) continue;
349
'nodeid' => $ZBX_LOCALNODEID,
351
'permission' => PERM_READ_WRITE,
357
if(is_array($nodeid) && !in_array($node_data['nodeid'],$nodeid)) continue;
358
else if(isset($nodeid) and $node_data['nodeid'] != $nodeid) continue;
362
$node_data['permission'] = PERM_DENY;
366
$processed_nodeids[$node_data["nodeid"]] = $node_data["nodeid"];
368
/* deny if no rights defined (for local node read/write)*/
369
if(is_null($node_data['permission']) || is_null($node_data['userid']))
371
if($user_type == USER_TYPE_SUPER_ADMIN)
372
$node_data['permission'] = PERM_READ_WRITE;
374
$node_data['permission'] =
375
($node_data['nodeid'] == $ZBX_LOCALNODEID) ? PERM_READ_WRITE : PERM_DENY;
378
/* special processing for PERM_READ_LIST*/
379
if(PERM_DENY == $node_data['permission'] && PERM_READ_LIST == $perm)
381
$groups = get_accessible_groups_by_user($user_data,
382
$perm, PERM_MODE_GE,PERM_RES_DATA_ARRAY,$node_data['nodeid']);
383
if(count($groups) == 0) continue;
387
if(eval('return ('.$node_data["permission"].' '.perm_mode2comparator($perm_mode).' '.$perm.')? 0 : 1;'))
391
$result[$node_data["nodeid"]] = eval('return '.$resdata.';');
394
if($perm_res == PERM_RES_STRING_LINE)
396
if(count($result) == 0)
399
$result = implode(',',$result);
405
/***********************************************
406
GET ACCESSIBLE RESOURCES BY RIGHTS
407
************************************************/
408
/* NOTE: right structure is
410
$rights[i]['type'] = type of resource
411
$rights[i]['permission']= permission for resource
412
$rights[i]['id'] = resource id
416
function get_accessible_hosts_by_rights(&$rights,$user_type,$perm,$perm_mode=null,$perm_res=null,$nodeid=null)
418
if(is_null($perm_res)) $perm_res = PERM_RES_STRING_LINE;
419
if($perm == PERM_READ_LIST) $perm = PERM_READ_ONLY;
425
case PERM_RES_DATA_ARRAY: $resdata = '$host_data'; break;
426
default: $resdata = '$host_data["hostid"]'; break;
431
if(is_array($nodeid)) array_push($where, DBid2nodeid('h.hostid').' in ('.implode(',', $nodeid).') ');
432
elseif(isset($nodeid)) array_push($where, DBid2nodeid('h.hostid').' in ('.$nodeid.') ');
434
if(count($where)) $where = ' where '.implode(' and ',$where);
437
$db_hosts = DBselect('select n.nodeid as nodeid,n.name as node_name,hg.groupid as groupid,h.* '.
438
' from hosts h left join hosts_groups hg on hg.hostid=h.hostid '.
439
' left join nodes n on n.nodeid='.DBid2nodeid('h.hostid').
440
$where.' order by n.name,h.host');
443
foreach($rights as $right)
445
$res_perm[$right['type']][$right['id']] = $right['permission'];
448
$host_perm = array();
450
while($host_data = DBfetch($db_hosts))
452
if(isset($host_data['groupid']) && isset($res_perm[RESOURCE_TYPE_GROUP][$host_data['groupid']]))
454
$host_perm[$host_data['hostid']][RESOURCE_TYPE_GROUP][$host_data['groupid']] =
455
$res_perm[RESOURCE_TYPE_GROUP][$host_data['groupid']];
458
if(isset($res_perm[RESOURCE_TYPE_NODE][$host_data['nodeid']]))
460
$host_perm[$host_data['hostid']][RESOURCE_TYPE_NODE] = $res_perm[RESOURCE_TYPE_NODE][$host_data['nodeid']];
462
$host_perm[$host_data['hostid']]['data'] = $host_data;
466
foreach($host_perm as $hostid => $host_data)
468
$host_data = $host_data['data'];
470
if(isset($host_perm[$hostid][RESOURCE_TYPE_GROUP]))
472
$host_data['permission'] = min($host_perm[$hostid][RESOURCE_TYPE_GROUP]);
474
else if(isset($host_perm[$hostid][RESOURCE_TYPE_NODE]))
476
$host_data['permission'] = $host_perm[$hostid][RESOURCE_TYPE_NODE];
480
if(is_null($host_data['nodeid'])) $host_data['nodeid'] = id2nodeid($host_data['groupid']);
482
if(!isset($node_data[$host_data['nodeid']]))
484
$node_data = get_accessible_nodes_by_rights($rights,$user_type,
485
PERM_DENY, PERM_MODE_GE, PERM_RES_DATA_ARRAY, $host_data['nodeid']);
487
if( !isset($node_data[$host_data['nodeid']]) || $user_type==USER_TYPE_ZABBIX_USER )
488
$host_data['permission'] = PERM_DENY;
490
$host_data['permission'] = $node_data[$host_data['nodeid']]['permission'];
493
if(eval('return ('.$host_data["permission"].' '.perm_mode2comparator($perm_mode).' '.$perm.')? 0 : 1;'))
496
$result[$host_data['hostid']] = eval('return '.$resdata.';');
500
if($perm_res == PERM_RES_STRING_LINE)
502
if(count($result) == 0)
505
$result = implode(',',$result);
510
function get_accessible_groups_by_rights(&$rights,$user_type,$perm,$perm_mode=null,$perm_res=null,$nodeid=null)
512
if(is_null($perm_mode)) $perm_mode=PERM_MODE_GE;
513
if(is_null($perm_res)) $perm_res=PERM_RES_STRING_LINE;
519
case PERM_RES_DATA_ARRAY: $resdata = '$group_data'; break;
520
default: $resdata = '$group_data["groupid"]'; break;
525
if(is_array($nodeid)) array_push($where, DBid2nodeid('g.groupid').' in ('.implode(',', $nodeid).') ');
526
elseif(isset($nodeid)) array_push($where, DBid2nodeid('g.groupid').' in ('.$nodeid.') ');
528
if(count($where)) $where = ' where '.implode(' and ',$where);
531
$group_perm = array();
532
foreach($rights as $right)
534
if($right['type'] != RESOURCE_TYPE_GROUP) continue;
535
$group_perm[$right['id']] = $right['permission'];
538
$db_groups = DBselect('select n.nodeid as nodeid,n.name as node_name, g.*, '.PERM_DENY.' as permission from groups g '.
539
' left join nodes n on '.DBid2nodeid('g.groupid').'=n.nodeid '.
540
$where.' order by n.name, g.name');
542
while($group_data = DBfetch($db_groups))
544
if(isset($group_perm[$group_data['groupid']]))
546
$group_data['permission'] = $group_perm[$group_data['groupid']];
550
if(is_null($group_data['nodeid'])) $group_data['nodeid'] = id2nodeid($group_data['groupid']);
552
if(!isset($node_data[$group_data['nodeid']]))
554
$node_data = get_accessible_nodes_by_rights($rights,$user_type,
555
PERM_DENY, PERM_MODE_GE, PERM_RES_DATA_ARRAY, $group_data['nodeid']);
557
if( !isset($node_data[$group_data['nodeid']]) || $user_type==USER_TYPE_ZABBIX_USER )
558
$group_data['permission'] = PERM_DENY;
560
$group_data['permission'] = $node_data[$group_data['nodeid']]['permission'];
563
if(eval('return ('.$group_data["permission"].' '.perm_mode2comparator($perm_mode).' '.$perm.')? 0 : 1;'))
566
$result[$group_data["groupid"]] = eval('return '.$resdata.';');
569
if($perm_res == PERM_RES_STRING_LINE)
571
if(count($result) == 0)
574
$result = implode(',',$result);
580
function get_accessible_nodes_by_rights(&$rights,$user_type,$perm,$perm_mode=null,$perm_res=null,$nodeid=null)
582
global $ZBX_LOCALNODEID;
584
if(is_null($perm_mode)) $perm_mode=PERM_MODE_GE;
585
if(is_null($perm_res)) $perm_res=PERM_RES_STRING_LINE;
589
if(is_null($user_type)) $user_type = USER_TYPE_ZABBIX_USER;
593
case PERM_RES_DATA_ARRAY: $resdata = '$node_data'; break;
594
default: $resdata = '$node_data["nodeid"]'; break;
597
if(is_null($nodeid)) $where_nodeid = '';
598
else if(is_array($nodeid)) $where_nodeid = ' where n.nodeid in ('.implode(',', $nodeid).') ';
599
else $where_nodeid = ' where n.nodeid in ('.$nodeid.') ';
601
$node_perm = array();
602
foreach($rights as $right)
604
if($right['type'] != RESOURCE_TYPE_NODE) continue;
605
$node_perm[$right['id']] = $right['permission'];
608
$db_nodes = DBselect('select n.*, '.PERM_DENY.' as permission from nodes n '.$where_nodeid.' order by n.name');
610
while(($node_data = DBfetch($db_nodes)) || (!isset($do_break) && !ZBX_DISTRIBUTED))
617
'nodeid' => $ZBX_LOCALNODEID,
619
'permission' => PERM_READ_WRITE
624
if(is_array($nodeid) && !in_array($node_data['nodeid'],$nodeid)) continue;
625
else if(isset($nodeid) and $node_data['nodeid'] != $nodeid) continue;
629
$node_perm[$node_data['nodeid']] = PERM_DENY;
633
if(isset($node_perm[$node_data['nodeid']]))
634
$node_data['permission'] = $node_perm[$node_data['nodeid']];
635
elseif($node_data['nodeid'] == $ZBX_LOCALNODEID || $user_type == USER_TYPE_SUPER_ADMIN)
636
/* for local node or superuser default permission is READ_WRITE */
637
$node_data['permission'] = PERM_READ_WRITE;
640
/* special processing for PERM_READ_LIST*/
641
if(PERM_DENY == $node_data['permission'] && PERM_READ_LIST == $perm)
643
$groups = get_accessible_groups_by_rights($rights,$user_type,
644
$perm, PERM_MODE_GE, PERM_RES_DATA_ARRAY, $node_data['nodeid']);
645
if(count($groups) == 0) continue;
649
if(eval('return ('.$node_data["permission"].' '.perm_mode2comparator($perm_mode).' '.$perm.')? 0 : 1;'))
653
$result[$node_data["nodeid"]] = eval('return '.$resdata.';');
656
if($perm_res == PERM_RES_STRING_LINE)
658
if(count($result) == 0)
661
$result = implode(',',$result);