Mercurial > hgrepos > hgweb.cgi > s4
comparison s4-funcs.sh @ 695:5cf0ba49aeab
Attached file of admin in quiz-mode blog can be accessible by normal users
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Thu, 21 May 2020 12:00:28 +0900 |
parents | c45ab714d68e |
children | 4461d596150d |
comparison
equal
deleted
inserted
replaced
694:c45ab714d68e | 695:5cf0ba49aeab |
---|---|
481 # elif isuser $owner; then | 481 # elif isuser $owner; then |
482 # [ x"$1" = x"$owner" ] && return 0 || return 1 | 482 # [ x"$1" = x"$owner" ] && return 0 || return 1 |
483 # fi | 483 # fi |
484 # esac | 484 # esac |
485 # ↑ 要はこういう処理を↓で一気にやっている | 485 # ↑ 要はこういう処理を↓で一気にやっている |
486 sql="with getblog as (\ | 486 sql="with getblog as ( |
487 select key,val from blog_s where id=(\ | 487 select key,val from blog_s where id=( |
488 select blogid from article where id in\ | 488 select blogid from article where id in |
489 (select id from $2 where rowid=$3))),\ | 489 (select id from $2 where rowid=$3))), |
490 getowner as (select val from getblog where key='owner'),\ | 490 getowner as (select val from getblog where key='owner'), |
491 getmode as (select val from getblog where key='mode')\ | 491 getauthor as (select author from article where id=(select id from $2 where rowid=$3)), |
492 select case\ | 492 isgrp as (SELECT val from getowner WHERE val IN (select gname from grp)), |
493 when (select author from article where\ | 493 isgrpadm as (select user from grp_adm where |
494 id=(select id from $2 where rowid=$3))='$1' \ | 494 gname=(select val from getowner) and |
495 then 'author'\ | 495 user='$1'), |
496 when (select val from getmode) in ('report-open', 'normal')\ | 496 getmode as (select val from getblog where key='mode') |
497 then 'open'\ | 497 select case |
498 when (select val from getmode) is null \ | 498 when (select author from article where |
499 id=(select id from $2 where rowid=$3))='$1' | |
500 then 'author' | |
501 when (select val from getmode) in ('report-open', 'normal') | |
499 then 'open' | 502 then 'open' |
500 when (select val from getowner) in (select gname from grp)\ | 503 when (select val from getmode) in ('quiz', 'enquete') |
501 then (select user from grp_adm where \ | 504 then CASE |
502 gname=(select val from getowner) and \ | 505 WHEN (SELECT val FROM isgrp) IS NULL |
503 user='$1')\ | 506 THEN |
504 when (select author from article where\ | 507 CASE WHEN (SELECT val from getowner) |
508 IN ('$user', (SELECT author FROM getauthor)) | |
509 THEN 'owner-or-user-article-is-readable' | |
510 ELSE '' | |
511 END | |
512 WHEN (select user from isgrpadm) IS NOT NULL | |
513 THEN 'i-am-admin' | |
514 ELSE (SELECT author from getauthor WHERE author IN (SELECT user FROM grp_adm WHERE gname=(SELECT val FROM getowner))) | |
515 END | |
516 when (select val from getmode) is null | |
517 then 'open' | |
518 when (select val from getowner) in (select gname from grp) | |
519 then (SELECT user FROM isgrpadm) | |
520 when (select author from article where | |
505 id=(select id from $2 where rowid=$3))='$1' | 521 id=(select id from $2 where rowid=$3))='$1' |
506 then 'user+author' | 522 then 'user+author' |
507 else '' end;" | 523 else '' end;" |
508 ## err isfilereadable: sql="`echo $sql`" | 524 ## err isfilereadable: sql="`echo $sql`" |
509 # caseのネストで内側のcaseがスカラーtrueを返しても外側はtrue扱いにならない | 525 # caseのネストで内側のcaseがスカラーtrueを返しても外側はtrue扱いにならない |
510 result=`query "$sql"` | 526 # result=`query "$sql"` |
511 [ -n "$result" ] && return 0 | 527 # err FileAccessibility=$result |
512 return 2 | 528 [ -n "`query $sql`" ] || return 2 |
513 } | 529 } |
514 linkhome() { | 530 linkhome() { |
515 # $1=UserOrGroup | 531 # $1=UserOrGroup |
516 echo -n '<a href="?' | 532 echo -n '<a href="?' |
517 if isuser $1; then | 533 if isuser $1; then |