Permissions, a naive approach

[hermes] / api / lib / permission_functions.php

diff --git a/api/lib/permission_functions.php b/api/lib/permission_functions.php
new file mode 100644 (file)
index 0000000..19a2874
--- /dev/null
+++ b/api/lib/permission_functions.php
@@ -0,0 +1,75 @@
+<?php
+/*
+#  Copyright (c) 2012, Gjøvik University College
+#  All rights reserved.
+
+#  Redistribution and use in source and binary forms, with or without
+#  modification, are permitted provided that the following conditions are met:
+#      * Redistributions of source code must retain the above copyright
+#        notice, this list of conditions and the following disclaimer.
+#      * Redistributions in binary form must reproduce the above copyright
+#        notice, this list of conditions and the following disclaimer in the
+#        documentation and/or other materials provided with the distribution.
+#      * Neither the name of the Gjøvik University College nor the
+#        names of its contributors may be used to endorse or promote products
+#        derived from this software without specific prior written permission.
+#  
+#  THIS SOFTWARE IS PROVIDED BY Gjøvik University College ''AS IS'' AND ANY
+#  EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+#  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+#  DISCLAIMED. IN NO EVENT SHALL Gjøvik University College BE LIABLE FOR ANY
+#  DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+#  (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+#  LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+#  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+#  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+#  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+require_once('config.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+require_once('lib/user_functions.php');
+
+function get_permission ( $username, $domain )
+{
+       global $config;
+
+       if ( ! is_kamailio_subscriber( $username, $domain ) )
+               return -1;
+
+       $query = sprintf("SELECT permittedcalls FROM %s" 
+               . " WHERE username = '%s' AND domain = '%s'",
+               $config['kamailio_subscriber_table'], 
+               sql_clean($username), 
+               sql_clean($domain));
+
+       $result = sql_dbquery( $config['kamailio_db'], $query);
+       // If result is empty, there was either an SQL error, or simply no results.
+       if ( ! $result ) return -2; 
+
+       $row = @mysql_fetch_assoc( $result );
+       return $row['permittedcalls'];
+}
+
+function set_permission ( $username, $domain, $permission )
+{
+       global $config;
+
+       if ( ! is_kamailio_subscriber( $username, $domain ) )
+               return -1;
+
+       $query = sprintf("UPDATE %s SET permittedcalls = %d" 
+               . " WHERE username = '%s' AND domain = '%s'",
+               $config['kamailio_subscriber_table'], 
+               sql_clean($permission), 
+               sql_clean($username), 
+               sql_clean($domain));
+
+       $result = sql_dbquery( $config['kamailio_db'], $query);
+       // If result is empty, there was either an SQL error, or simply no results.
+       if ( ! $result ) return 0; 
+
+       return 1;
+}
+
+