PHP CheckPermission函数代码示例

 /**
  * @param integer sid 资源ID,如分享小名片就是对应用户的用户ID，分享微博就是微博的ID
  * @param string stable 资源所在的表，如小名片就是contact表，微博就是feed表
  * @param string appname 资源所在的应用
  * @param integer nums 该资源被分享的次数
  * @param string initHTML 默认的内容 
  */
 public function render($data)
 {
     $var = array();
     $var['appname'] = 'public';
     $var['cancomment'] = intval(CheckPermission('core_normal', 'feed_comment'));
     $var['feed_type'] = 'repost';
     is_array($data) && ($var = array_merge($var, $data));
     // 获取资源是否被删除
     switch ($data['appname']) {
         case 'weiba':
             $wInfo = D('WeibaPost', 'weiba')->where('post_id=' . $var['sid'])->find();
             $sInfo = model('Feed')->getFeedInfo($sInfo['feed_id']);
             break;
         default:
             $sInfo = model('Feed')->getFeedInfo($var['sid']);
     }
     $var['s_is_del'] = $sInfo['is_del'];
     extract($var, EXTR_OVERWRITE);
     if ($nums > 0) {
         $showNums = " ({$nums})";
     } else {
         $showNums = "";
     }
     if ($s_is_del == 1) {
         return "<span>" . L('PUBLIC_SHARE_STREAM') . $showNums . "</span>";
     } else {
         return "<a event-node=\"share\" href=\"javascript:void(0);\" event-args='sid={$sid}&stable={$stable}&curtable={$current_table}&curid={$current_id}&initHTML={$initHTML}&appname={$appname}&cancomment={$cancomment}&feedtype={$feed_type}&is_repost={$is_repost}'>" . L('PUBLIC_SHARE_STREAM') . $showNums . "</a>";
     }
     //    //渲染模版
     //    $content = $this->renderFile(dirname(__FILE__)."/Share.html",$var);
     // unset($var,$data);
     //       //输出数据
     // return $content;
 }

 public function CheckPermission()
 {
     $Content = $this->_Sender->Data('Content');
     if (CheckPermission('Candy.Page.Edit') || IsContentOwner($Content) && CheckPermission('Candy.Page.Add')) {
         return True;
     }
 }

 public function ToString()
 {
     $Session = Gdn::Session();
     $Controller = Gdn::Controller();
     $UserID = $Controller->User->UserID;
     $MemberOptions = array();
     $ProfileOptions = array();
     $Controller->EventArguments['UserID'] = $UserID;
     $Controller->EventArguments['ProfileOptions'] =& $ProfileOptions;
     $Controller->EventArguments['MemberOptions'] =& $MemberOptions;
     if ($Controller->EditMode) {
         return '<div class="ProfileOptions">' . Anchor(T('Back to Profile'), UserUrl($Controller->User), array('class' => 'ProfileButtons')) . '</div>';
         //         $ProfileOptions[] = array('Text' => T('Back to Profile'), 'Url' => UserUrl($Controller->User), 'CssClass' => 'BackToProfile');
     } else {
         // Profile Editing
         if (hasEditProfile($Controller->User->UserID)) {
             $ProfileOptions[] = array('Text' => Sprite('SpEditProfile') . ' ' . T('Edit Profile'), 'Url' => UserUrl($Controller->User, '', 'edit'));
         }
         // Ban/Unban
         $MayBan = CheckPermission('Garden.Moderation.Manage') || CheckPermission('Garden.Users.Edit') || CheckPermission('Moderation.Users.Ban');
         if ($MayBan && $UserID != $Session->UserID) {
             if ($Controller->User->Banned) {
                 $ProfileOptions[] = array('Text' => Sprite('SpBan') . ' ' . T('Unban'), 'Url' => "/user/ban?userid={$UserID}&unban=1", 'CssClass' => 'Popup');
             } elseif (!$Controller->User->Admin) {
                 $ProfileOptions[] = array('Text' => Sprite('SpBan') . ' ' . T('Ban'), 'Url' => "/user/ban?userid={$UserID}", 'CssClass' => 'Popup');
             }
         }
         // Delete content.
         if (CheckPermission('Garden.Moderation.Manage')) {
             $ProfileOptions[] = array('Text' => Sprite('SpDelete') . ' ' . T('Delete Content'), 'Url' => "/user/deletecontent?userid={$UserID}", 'CssClass' => 'Popup');
         }
     }
     return parent::ToString();
 }

 /**
  * Show NoIndex meta tag on discussions list.
  */
 public function Base_BeforeDiscussionMeta_Handler($Sender, $Args)
 {
     $NoIndex = GetValue('NoIndex', GetValue('Discussion', $Args));
     if (CheckPermission(array('Garden.Moderation.Manage', 'Garden.Curation.Manage'), FALSE) && $NoIndex) {
         echo ' <span class="Tag Tag-NoIndex">' . T('NoIndex') . '</span> ';
     }
 }

 public function __construct($Sender = '')
 {
     if (!CheckPermission('Conversations.Conversations.Add')) {
         throw PermissionException();
     }
     $Session = Gdn::Session();
     if (property_exists($Sender, 'Conversation')) {
         $this->Conversation = $Sender->Conversation;
     }
     $this->Form = Gdn::Factory('Form', 'AddPeople');
     // $this->Form->Action = $Sender->SelfUrl;
     // If the form was posted back, check for people to add to the conversation
     if ($this->Form->AuthenticatedPostBack()) {
         $NewRecipientUserIDs = array();
         $NewRecipients = explode(',', $this->Form->GetFormValue('AddPeople', ''));
         $UserModel = Gdn::Factory("UserModel");
         foreach ($NewRecipients as $Name) {
             if (trim($Name) != '') {
                 $User = $UserModel->GetByUsername(trim($Name));
                 if (is_object($User)) {
                     $NewRecipientUserIDs[] = $User->UserID;
                 }
             }
         }
         $Sender->ConversationModel->AddUserToConversation($this->Conversation->ConversationID, $NewRecipientUserIDs);
         // if ($Sender->DeliveryType() == DELIVERY_TYPE_ALL)
         //    Redirect('/messages/'.$this->Conversation->ConversationID);
         $Sender->InformMessage(T('Your changes were saved.'));
         $Sender->RedirectUrl = Url('/messages/' . $this->Conversation->ConversationID);
     }
     $this->_ApplicationFolder = $Sender->Application;
     $this->_ThemeFolder = $Sender->Theme;
 }

 /**
  * 分享控制
  * @return void
  */
 public function index()
 {
     $shareInfo['sid'] = intval($_GET['sid']);
     $shareInfo['stable'] = t($_GET['stable']);
     $shareInfo['initHTML'] = h($_GET['initHTML']);
     $shareInfo['curid'] = t($_GET['curid']);
     $shareInfo['curtable'] = t($_GET['curtable']);
     $shareInfo['appname'] = t($_GET['appname']);
     $shareInfo['cancomment'] = intval($_GET['cancomment']);
     $shareInfo['is_repost'] = intval($_GET['is_repost']);
     if (empty($shareInfo['stable']) || empty($shareInfo['sid'])) {
         echo L('PUBLIC_TYPE_NOEMPTY');
         exit;
     }
     if (!($oldInfo = model('Source')->getSourceInfo($shareInfo['stable'], $shareInfo['sid'], false, $shareInfo['appname']))) {
         echo L('PUBLIC_INFO_SHARE_FORBIDDEN');
         exit;
     }
     empty($shareInfo['appname']) && ($shareInfo['appname'] = $oldInfo['app']);
     if ($shareInfo['appname'] != '' && $shareInfo['appname'] != 'public') {
         addLang($shareInfo['appname']);
     }
     if (empty($shareInfo['initHTML']) && !empty($shareInfo['curid'])) {
         //判断是否为转发的分享
         if ($shareInfo['curid'] != $shareInfo['sid'] && $shareInfo['is_repost'] == 1) {
             $app = $curtable == $shareInfo['stable'] ? $shareInfo['appname'] : 'public';
             $curInfo = model('Source')->getSourceInfo($shareInfo['curtable'], $shareInfo['curid'], false, $app);
             $userInfo = $curInfo['source_user_info'];
             // if($userInfo['uid'] != $this->mid){	//分享其他人的分享，非自己的
             $shareInfo['initHTML'] = ' //@' . $userInfo['uname'] . '：' . $curInfo['source_content'];
             // }
             $shareInfo['initHTML'] = str_replace(array("\n", "\r"), array('', ''), $shareInfo['initHTML']);
         }
     }
     if (!CheckPermission('core_normal', 'feed_comment')) {
         $shareInfo['cancomment'] = 0;
     }
     if ($shareInfo['sid'] != $shareInfo['curid']) {
         //获取被评论的分享信息
         $source = model('Feed')->get($shareInfo['sid']);
         //判断是否有权限评论当前用户
         if ($this->mid != $source['uid']) {
             $userPrivacy = model('UserPrivacy')->getPrivacy($this->mid, $source['uid']);
             if ($userPrivacy['comment_weibo'] == 1) {
                 $shareInfo['cancomment'] = 0;
             } else {
                 $shareInfo['cancomment'] = 1;
             }
         }
     }
     $shareInfo['shareHtml'] = !empty($oldInfo['shareHtml']) ? $oldInfo['shareHtml'] : '';
     $weiboSet = model('Xdata')->get('admin_Config:feed');
     $canShareFeed = in_array('repost', $weiboSet['weibo_premission']) ? 1 : '0';
     $this->assign('canShareFeed', $canShareFeed);
     $this->assign('initNums', $weiboSet['weibo_nums']);
     $this->assign('shareInfo', $shareInfo);
     $this->assign('oldInfo', $oldInfo);
     $this->display();
 }

 public function delLZLReply($id)
 {
     $lzl = D('ForumLzlReply')->where('id=' . $id)->find();
     $data['is_del'] = 1;
     CheckPermission(array($lzl['uid'])) && ($res = $this->where('id=' . $id)->save($data));
     D('ForumPost')->where(array('id' => $lzl['post_id']))->setDec('reply_count');
     S('post_replylist_' . $lzl['post_id'], null);
     S('post_replylzllist_' . $lzl['to_f_reply_id'], null);
     return $res;
 }

 public function LoadData()
 {
     $UserID = Gdn::Controller()->Data('Profile.UserID', Gdn::Session()->UserID);
     $this->User = Gdn::UserModel()->GetID($UserID);
     $this->Roles = Gdn::UserModel()->GetRoles($UserID)->ResultArray();
     // Hide personal info roles
     if (!CheckPermission('Garden.PersonalInfo.View')) {
         $this->Roles = array_filter($this->Roles, 'RoleModel::FilterPersonalInfo');
     }
 }

 /**
  * Render the module.
  *
  * @return string Rendered HTML.
  */
 public function ToString()
 {
     // Simplify our permission logic
     $ConversationExists = is_object($this->Conversation) && $this->Conversation->ConversationID > 0;
     $CanAddUsers = $this->AddUserAllowed && CheckPermission('Conversations.Conversations.Add');
     if ($ConversationExists && $CanAddUsers) {
         return parent::ToString();
     }
     return '';
 }

 /**
  * Show alternate locale options in Foot.
  */
 public function Base_Render_Before($Sender)
 {
     // Not in Dashboard
     // Block guests until guest sessions are restored
     if ($Sender->MasterView == 'admin' || !CheckPermission('Garden.SignIn.Allow')) {
         return;
     }
     $Sender->AddModule('LocaleChooserModule');
     // Add a simple style
     $Sender->AddAsset('Head', '<style>.LocaleOption { padding-left: 10px; } .LocaleOptions { padding: 10px; } .Dashboard .LocaleOptions { display: none; }</style>');
 }

 public function PluginController_MembersListEnh_Create($Sender)
 {
     $Session = Gdn::Session();
     if ($Sender->Menu && (CheckPermission('Plugins.MembersListEnh.GenView') || CheckPermission('Plugins.MembersListEnh.IPEmailView'))) {
         $Sender->ClearCssFiles();
         $Sender->AddCssFile('style.css');
         $Sender->MasterView = 'default';
         $Sender->Render('memtable', '', 'plugins/MembersListEnh');
     } else {
         echo Wrap(Anchor(Img('/plugins/MembersListEnh/design/AccessDenied.png', array('width' => '100%'), array('title' => T('You Have No Permission To View This Page Go Back'))), '/discussions', array('target' => '_self')), 'h1');
     }
 }

 /**
  * @param integer sid 资源ID,如分享小名片就是对应用户的用户ID，分享微博就是微博的ID
  * @param string stable 资源所在的表，如小名片就是contact表，微博就是feed表
  * @param string appname 资源所在的应用
  * @param integer nums 该资源被分享的次数
  * @param string initHTML 默认的内容 
  */
 public function render($data)
 {
     $var = array();
     $var['appname'] = 'public';
     $var['cancomment'] = intval(CheckPermission('core_normal', 'feed_comment'));
     $var['feed_type'] = 'repost';
     is_array($data) && ($var = array_merge($var, $data));
     //渲染模版
     $content = $this->renderFile(dirname(__FILE__) . "/Share.html", $var);
     unset($var, $data);
     //输出数据
     return $content;
 }

 /**
  * Output user agent information.
  */
 protected function AttachInfo($Sender, $Attributes)
 {
     if (!CheckPermission('Garden.Moderation.Manage')) {
         return;
     }
     $Info = '';
     if ($Value = GetValue('Browser', $Attributes)) {
         $Info .= Wrap('Browser', 'dt') . ' ' . Wrap($Value, 'dd');
     }
     if ($Value = GetValue('Platform', $Attributes)) {
         $Info .= Wrap('OS', 'dt') . ' ' . Wrap($Value, 'dd');
     }
     echo Wrap($Info, 'dl', array('class' => "About UserAgentInfo"));
 }

 /**
  * Set DateLastComment to null & sink & close if this is an insert and 'Show as Page' was selected.
  */
 public function discussionModel_beforeSaveDiscussion_handler($sender, &$args)
 {
     if (CheckPermission('Garden.Community.Manage') || CheckPermission('Garden.Settings.Manage')) {
         if ($args['Insert'] && $args['FormPostValues']['Page'] == 1) {
             $args['FormPostValues']['DateLastComment'] = NULL;
             $args['FormPostValues']['Sink'] = 1;
             $args['FormPostValues']['Closed'] = 1;
             $args['FormPostValues']['Type'] = 'SimplePage';
             if (StringIsNullOrEmpty($args['FormPostValues']['ForeignID'])) {
                 $sender->Validation->AddValidationResult('ForeignID', 'URL Slug required for pages.');
             }
         }
     }
 }

 /**
  * Allow mods to bump via discussion options.
  */
 public function Base_DiscussionOptions_Handler($Sender, $Args)
 {
     $Discussion = $Args['Discussion'];
     if (CheckPermission('Garden.Moderation.Manage')) {
         $Label = T('Bump');
         $Url = "/discussion/bump?discussionid={$Discussion->DiscussionID}";
         // Deal with inconsistencies in how options are passed
         if (isset($Sender->Options)) {
             $Sender->Options .= Wrap(Anchor($Label, $Url, 'Bump'), 'li');
         } else {
             $Args['DiscussionOptions']['Bump'] = array('Label' => $Label, 'Url' => $Url, 'Class' => 'Bump');
         }
     }
 }