Go Back   vb.org Archive > vBulletin Article Depository > Read An Article > vBulletin 3 Articles
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Custom Administrator Permissions
Andreas's Avatar
Andreas
Join Date: Jan 2004
Posts: 6,863

 

Germany
Show Printable Version Email this Page Subscription
Andreas Andreas is offline 09-08-2005, 10:00 PM

Your Hack has an Admin Backend?
Then you should consider protecting it with custom Admin Permissions - not every Admin has to be able to control everything.

First of all, you have to decide on a uniqe Key for your Admin Permission, just like your Product ID.
In this example I will use canadminmyhack.

Go to your ACP File(s) and place the following Code below the Back-End requirement:

PHP Code:
// ######################## CHECK ADMIN PERMISSIONS #######################
if (!can_administer('canadminmyhack'))
{
    
print_cp_no_permission();

In your ACP Navigation XML Files, add the Parameter permissions to your Navgroup:
Code:
<?xml version="1.0" encoding="ISO-8859-1"?>
<navgroups product="myhack">
	<navgroup phrase="myhack_settings" hr="true" permissions="canadminmyhack">
		<navoption>
			<phrase>demohack_foo</phrase>
			<link>demohack.php?do=foo</link>
		</navoption>
		<navoption>
			<phrase>demohack_modcp</phrase>
			<link>../{$vbulletin->config[Misc][modcpdir]}/foobar.php</link>
		</navoption>
	</navgroup>
</navgroups>
In order to display Text in the Admin Permissions Editor, you must create a Phrase in Phrasegroup Permissions:
Code:
Varname: can_administer_myhack
Text: Can Administer Myhack
Make sure that it is attached to your Product and inserted into GLOBAL Language!

As the Permissions Editor only takes care of standard Permissions, you must create 4 Plugins:

admin_permissions_form
PHP Code:
print_yes_no_row($vbphrase['can_administer_myhack'], 'customadminperms[canadminmyhack]', ($user['customadminperms'] & $vbulletin->bf_misc_customadminperms['canadminmyhack'])); 
customadminperms[canadminmyhack] must the Name of the Bit(field) you want to use, $vbulletin->bf_misc_customadminperms['canadminmyhack'] the Value of the Bit

You must also create a Plugin for the Administrator Datamanager
admindata_start
PHP Code:
$this->validfields['customadminperms'] = array(TYPE_UINTREQ_NO);
$this->bitfields['customadminperms'] = $this->registry->bf_misc_customadminperms
Now we need a Plugin to save our Permission setting after editing it:

admin_permissions_process
PHP Code:
$vbulletin->input->clean_gpc('p''customadminperms'TYPE_ARRAY_INT);
$admindm->set_bitfield('customadminperms''canadminmyhack'$vbulletin->GPC['customadminperms']['canadminmyhack']); 
Now, finally, we need a Plugin to actually check this Permission

can_administer
PHP Code:
foreach($do AS $field)
{
    if (
$admin['customadminperms']  & $vbulletin->bf_misc_customadminperms["$field"])
    {
        
$return_value true;
        return;
    }

Here again, $vbulletin->bf_misc_customadminperms['canadminmyhack'] must be the Value of your Bit.

As you can see, I used customadminperms as the Bitfield.
This is the Bitfield I will use for my Hacks, Bit 1 is already in use.
If others want to use it too (to avoid having to create there own (Bit)fields) - feel free to do so.
But please, first post here and state which Bit you are going to use and wait for an Okay so there won't be conflicts.

To use it, create an appropriate Bitfield XML File.

The following Install Code should be used then:
PHP Code:
require_once(DIR '/includes/class_dbalter.php');
$dbalter = new vB_Database_Alter_MySQL($db);
$dbalter->fetch_table_info('administrator');
if (!
$dbalter->fetch_field_info('customadminperms'))
{
    
$dbalter->add_field(array('name' => 'customadminperms''type' => 'INT''length' => '10''attributes' => 'UNSIGNED''null' => false'default' => '0'));
    }

And this Uninstall-Code
PHP Code:
unset($vbulletin->bf_misc_customadminperms['canadminmyhack']);
if (empty(
$vbulletin->bf_misc_customadminperms))
{
    require_once(
DIR '/includes/class_dbalter.php');
    
$dbalter = new vB_Database_Alter_MySQL($db);
    
// Using 3.5.1+ calls
    
$dbalter->fetch_table_info('administrator');
    if (
$dbalter->fetch_field_info('customadminperms'))
    {
        
$dbalter->drop_field('customadminperms');
    }

Bitfield Usage customadminperms (this will be updated if other Authors use it too)
1 - KirbyDE
Reply With Quote
  #12  
Old 09-22-2005, 03:48 PM
deathemperor's Avatar
deathemperor deathemperor is offline
 
Join Date: Jul 2003
Location: HOL
Posts: 1,270
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

thanks, glad to hear that, I'll try it
Reply With Quote
  #13  
Old 09-23-2005, 12:52 AM
Alan @ CIT Alan @ CIT is offline
 
Join Date: Nov 2004
Location: South UK
Posts: 625
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hi Kirby, just 1 quick question if I may.

Quote:
To use it, create an appropriate Bitfield XML File.
What is an "appropriate Bitfield XML file"? Do you have a template of what one should look like?

Thanks,
Alan.
Reply With Quote
  #14  
Old 10-03-2005, 05:18 PM
Dark_Wizard Dark_Wizard is offline
 
Join Date: Nov 2001
Location: North Carolina
Posts: 1,251
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Therer was an apparent restructuring of the file class_dbalter.php changing the class and functions used in Kirby's uninstall example.

fetch_table_info has now changed to fetchTableInfo and drop_field has changed to dropField and lastly table_field_data has changed to fetchFieldInfo.


new coding
PHP Code:
unset($vbulletin->bf_misc_customadminperms['canadminmyhack']);
if (empty(
$vbulletin->bf_misc_customadminperms))
{
    require_once(
DIR '/includes/class_dbalter.php');
    
$dbalter = new vB_Database_Alter_MySQL($db);
    
$dbalter->fetchTableInfo('administrator');
    if (!
$dbalter->fetchFieldInfo['customadminperms'])
    {
        
$dbalter->dropField('customadminperms');
    }

Lastly TABLE_PREFIX is no longer needed...
Reply With Quote
  #15  
Old 01-04-2006, 04:57 PM
harmor19 harmor19 is offline
 
Join Date: Apr 2005
Posts: 1,324
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I did everything the tutorial said and I can see the radio button in the admin permissions but when I click "yes" and save it, it goes back to "no".

Do I change customadminperms?
Reply With Quote
  #16  
Old 02-09-2006, 09:22 PM
Kurisu Kurisu is offline
 
Join Date: Aug 2002
Posts: 68
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by harmor19
I did everything the tutorial said and I can see the radio button in the admin permissions but when I click "yes" and save it, it goes back to "no".
Yes, same problem for me...
Reply With Quote
  #17  
Old 02-21-2006, 12:38 AM
Revan's Avatar
Revan Revan is offline
 
Join Date: Jan 2004
Location: Norway
Posts: 1,671
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This thing doesn't actually work. (3.5.3)
After the first check of permissions, the static $adminpermissions; takes over, to which the custom permissions are not added.

Therefore an alternative solution is required.
I will look deeper into it tomorrow.
Reply With Quote
  #18  
Old 02-21-2006, 05:36 AM
Andreas's Avatar
Andreas Andreas is offline
 
Join Date: Jan 2004
Location: Germany
Posts: 6,863
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You're right. Must have missed that issue as I only had one custom navgroup - and it was the first one.

I tweaked the code a bit to get around this.
Reply With Quote
  #19  
Old 02-21-2006, 09:59 AM
Revan's Avatar
Revan Revan is offline
 
Join Date: Jan 2004
Location: Norway
Posts: 1,671
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Allow me to point out two facts:
  1. static doesn't work through eval(). Believe me, I tried. I worked with this for 3 hours straight yesterday XD
  2. You might not actually have to run a new query:
    PHP Code:
    global $admin;

    if (isset(
    $getperms['customadminperms']))
    {
        
    $admin $getperms['customadminperms'];
    }

    if (!isset(
    $admin))
    {
        
    // must get our perms
        
    $getperms $vbulletin->db->query_first("
            SELECT `customadminperms`
            FROM " 
    TABLE_PREFIX "administrator
            WHERE userid = " 
    $vbulletin->userinfo['userid']
        ); 
        
        
    $admin $getperms['customadminperms'];
    }

    foreach (
    $do AS $field)
    {
        if (
    $admin $vbulletin->bf_misc_customadminperms["$field"])
        {
            
    $return_value true;
        }

    I tested this code on localhost yesterday, and it works like a charm, no extra queries involved unless for some reason it won't work like it should without

EDIT: This randomly doesn't seem to work for OLD administrators, and only in the ACP menu.
In my custom menu it works fine, it just doesn't work in the cpnav_ menu.
EDIT #2: I fixed it now. Made it so it doesn't query unless for some reason it didn't fetch the permissions properly. Also I replaced the * in the query for a slight load decrease =P
Reply With Quote
  #20  
Old 02-21-2006, 02:58 PM
Andreas's Avatar
Andreas Andreas is offline
 
Join Date: Jan 2004
Location: Germany
Posts: 6,863
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well ... as of vBulletin 3.5.4 $admin is there by default

The following code might work cross-version?

PHP Code:
if (!isset($admin))
{
    
// this is not vBulletin 3.5.4+
    
global $admin;
}

if (!isset(
$admin))
{
    
// must get our perms
    
$getperms $vbulletin->db->query_first("
        SELECT *
        FROM " 
TABLE_PREFIX "administrator
        WHERE userid = " 
$vbulletin->userinfo['userid']
    ); 
    
    
$admin $getperms;
}

foreach (
$do AS $field)
{
    if (
$admin['customadminperms'] & $vbulletin->bf_misc_customadminperms["$field"])
    {
        
$return_value true;
    }

Reply With Quote
  #21  
Old 02-21-2006, 04:27 PM
Revan's Avatar
Revan Revan is offline
 
Join Date: Jan 2004
Location: Norway
Posts: 1,671
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It might, but due to the fact that I don't actually use the $admin variable, I don't know if I need to change the code.
I don't really see how changing the variable name would help in solving the original problem, though. I just tested the new plugin with some slight alterations and it works.
I cba to "remake" it into your "customadminperms" format so Ill just give it like I use it:
PHP Code:
global $rpgpermissions;

if (!isset(
$admin))
{
    
// this is not vBulletin 3.5.4+
    
$admin $getperms;
}

if (isset(
$admin['rpgadminperms']))
{
    
$rpgpermissions $admin['rpgadminperms'];
}

if (!isset(
$rpgpermissions))
{
    
// must get our perms
    
$getperms $vbulletin->db->query_first("
        SELECT *
        FROM " 
TABLE_PREFIX "administrator
        WHERE userid = " 
$vbulletin->userinfo['userid']
    ); 
    
    
$rpgpermissions $getperms['rpgadminperms'];
}

foreach (
$do AS $field)
{
    if (
$rpgpermissions  $vbulletin->bf_misc_rpgadminperms["$field"])
    {
        
$return_value true;
    }

Tested to work on 3.5.3 and 3.5.4.
I think that's a pretty efficient way of doing it, as it only runs 1 additional query for ONE admin (out of the ~10 I tested it on, non-superadmins that is).
So yeah, tis odd, but meh =P
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:20 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04848 seconds
  • Memory Usage 2,362KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_code
  • (11)bbcode_php
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_article
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete