Inconsistent results of phorum_api_user_check_access call with 3 parameters

[yupri]

I recently found out that phorum_api_user_check_access calls with 3 parameters don't give the correct results as expected from let's say
phorum_db_user_get($user_id, true)
in 'forum_permissions' and 'group_permissions'.

I tested with these calls:
phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, $forum_id, $user_id)
and
phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, PHORUM_ACCESS_LIST, $user_id).

Would you please test this issue and report?

[mysnip]

Please give some full examples of whats going wrong and what you'd expect.

[yupri]

I encountered such calls in module Forum Subscriptions:
http://www.phorum.org/phorum5/read.php?62,143310

It turned out those calls caused problems for sending queue mails by cron.

I went through the rest of the code and found calls to the function mostly with 1 or 2 parameters. So, it was used to check access for current Phorum user.

Here is an example to illustrate the issue in my setup for a particular user.

phorum_db_user_get(370, true) yields
["forum_permissions"]=>
array(6) {
[13]=>
string(2) "15"
[15]=>
string(2) "15"
[21]=>
string(2) "15"
[24]=>
string(2) "15"
[27]=>
string(2) "15"
[35]=>
string(2) "15"
}
["group_permissions"]=>
array(1) {
[29]=>
int(15)
}

phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, PHORUM_ACCESS_LIST, 370) gives
array(10) {
[37]=>
int(37)
[40]=>
int(40)
[23]=>
int(23)
[38]=>
int(38)
[11]=>
int(11)
[36]=>
int(36)
[12]=>
int(12)
[26]=>
int(26)
[1]=>
int(1)
[32]=>
int(32)
}
but I would expect
array(7) {
[13]=>
int(13)
[15]=>
int(15)
[21]=>
int(21)
[24]=>
int(24)
[27]=>
int(27)
[29]=>
int(29)
[35]=>
int(35)
}

Next,
both
phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, 29, 370)
and
phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, 35, 370)
return false, while I was expecting true.

und voila!
phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, 11, 370)
phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, 32, 370)
return true instead of false.

Looking forward to your reply.

[mysnip]

Thanks for the reproduce case. Please try the fix from the commit given.

[yupri]

Thanks for your commit.
I'm testing this change right now.
Hope to come back with the results soon.

[yupri]

This modification also produces some unexpected behavior.
I can't work on the problem at this moment.
But I wrote my own bug fixes that suit my needs. Maybe they will be helpful for someone else.

• User's access level check for a specific forum.

• (A patch instead of incorrectly working calls of phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, $mail_data["forum_id"], $user_id))
  *

• @param $permission Access level

• @param $forum_id Forum id

• @param $user_id User id

• @return bool Is there such an access level?
  */
  function user_check_forum_access($permission, $forum_id, $user_id)
  {
  // Detailed data for user's accees to forums from direct access assignment and from groups
  $user_arr = phorum_db_user_get($user_id, true);

  // Default access level
  $access_level = 0;

  if (isset($user_arr['forum_permissions']) && array_key_exists($forum_id, $user_arr['forum_permissions'])) {
  $access_level = $user_arr['forum_permissions'][$forum_id];
  }

  if (isset($user_arr['group_permissions']) && array_key_exists($forum_id, $user_arr['group_permissions'])) {
  $access_level = $user_arr['group_permissions'][$forum_id];
  }

  // Checks that user has a required access level to a specified forum
  if (($access_level & $permission) == $permission) {
  $forum_access = true;
  } else {
  $forum_access = false;
  }

  // If admin is subscribed then automatically allowed
  if (1 == $user_arr['admin']) {
  $forum_access = true;
  }

  return $forum_access;
  } // function user_check_forum_access

/**

• Gets a forum list with a specified user's access level

• (A patch instead of incorrectly working calls of phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, PHORUM_ACCESS_LIST, $user_id))
  *

• @param $permission Access level

• @param $user_id User id

• @return array Forum ids with a specified user's access level
  */
  function get_user_forums($permission, $user_id)
  {
  $forum_arr = array();
  // Detailed data for user's accees to forums from direct access assignment and from groups.
  $user_arr = phorum_db_user_get($user_id, true);

  // Access to forums assigned directly
  if (isset($user_arr['forum_permissions'])) {
  foreach ($user_arr['forum_permissions'] as $forum_id => $access_level) {
  // Checks that user has a required access level to a specified forum
  if (($access_level & $permission) == $permission) {
  $forum_arr[$forum_id] = $forum_id;
  }
  }
  }

  // Access to forums assigned through groups
  if (isset($user_arr['group_permissions'])) {
  foreach ($user_arr['group_permissions'] as $forum_id => $access_level) {
  // Checks that user has a required access level to a specified forum
  if (($access_level & $permission) == $permission) {
  $forum_arr[$forum_id] = $forum_id;
  }
  }
  }

  // Admin has access to all froums always.
  if (1 == $user_arr['admin']) {
  $forum_arr = array();
  foreach (phorum_db_get_forums() as $forum) {
  // Without folder check
  $forum_arr[$forum['forum_id']] = $forum['forum_id'];
  }
  }

  return $forum_arr;
  } // function get_user_forums

[mysnip]

More details about the unexpected behavior happening now would be useful.