当前位置: 首页>>代码示例>>PHP>>正文


PHP QubitAcl::isAllowed方法代码示例

本文整理汇总了PHP中QubitAcl::isAllowed方法的典型用法代码示例。如果您正苦于以下问题:PHP QubitAcl::isAllowed方法的具体用法?PHP QubitAcl::isAllowed怎么用?PHP QubitAcl::isAllowed使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在QubitAcl的用法示例。


在下文中一共展示了QubitAcl::isAllowed方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: getFilterCriterion

 /**
  * Get a new criterion to filter a SQL query by ACL rules
  *
  * @param Criteria $criteria
  * @param mixed $root - root object for list
  * @return Criterion
  */
 public static function getFilterCriterion($criteria, $root, $action)
 {
     $user = sfContext::getInstance()->user;
     $rootClass = get_class($root);
     if ('createTerm' != $action) {
         $permissions = self::getUserPermissionsByAction($user, $rootClass, $action);
     } else {
         $permissions = self::getUserPermissionsByAction($user, 'QubitTerm', 'create');
     }
     // Build access control list
     $allows = $bans = $ids = array();
     $forceBan = false;
     if (0 < count($permissions)) {
         foreach ($permissions as $permission) {
             switch ($action) {
                 case 'createTerm':
                     if (null === ($id = $permission->getConstants(array('name' => 'taxonomyId')))) {
                         $ids[] = QubitTaxonomy::ROOT_ID;
                     }
                     break;
                 case 'viewDraft':
                     if (null !== ($repoId = $permission->getConstants(array('name' => 'repositoryId')))) {
                         $criteria2 = new Criteria();
                         $criteria2->add(QubitInformationObject::REPOSITORY_ID, $repoId);
                         if (0 < count($results = QubitInformationObject::get($criteria2))) {
                             foreach ($results as $item) {
                                 $ids[] = $item->id;
                             }
                             // Special case because isAllowed() on ROOT will return true if
                             // user has grant permission on ANY repository. This will force
                             // showing ONLY resources in allowed repositories
                             $forceBan = true;
                         }
                     }
                     break;
                 default:
                     $ids[] = $permission->objectId;
             }
         }
         foreach ($ids as $id) {
             if (!isset($resourceAccess[$id])) {
                 $resource = call_user_func(array($rootClass, 'getById'), $id);
                 $resourceAccess[$id] = self::isAllowed($user, $resource, $action);
                 if ($resourceAccess[$id]) {
                     $allows[] = $id;
                 } else {
                     $bans[] = $id;
                 }
             }
         }
     }
     // Special cases - avoid adding unnecessary criteria
     if (0 == count($allows) && !QubitAcl::isAllowed($user, $root, $action)) {
         return false;
         // No allows, always false
     } else {
         if (!$forceBan && 0 == count($bans) && QubitAcl::isAllowed($user, $root, $action)) {
             return true;
             // No bans, always true
         }
     }
     // If more allows then bans, then add list of allowed resources
     $criterion = null;
     if (count($allows) >= count($bans)) {
         while ($resourceId = array_shift($allows)) {
             $resource = call_user_func(array($rootClass, 'getById'), $resourceId);
             // If object has no children include it by id
             if (1 == $resource->rgt - $resource->lft) {
                 $subCriterion = $criteria->getNewCriterion(constant("{$rootClass}::ID"), $resourceId);
             } else {
                 $subCriterion = $criteria->getNewCriterion(constant("{$rootClass}::LFT"), $resource->lft, Criteria::GREATER_EQUAL);
                 $subCriterion2 = $criteria->getNewCriterion(constant("{$rootClass}::RGT"), $resource->rgt, Criteria::LESS_EQUAL);
                 $subCriterion->addAnd($subCriterion2);
             }
             if (isset($criterion)) {
                 $criterion->addOr($subCriterion);
             } else {
                 $criterion = $subCriterion;
             }
         }
     } else {
         while ($resourceId = array_shift($bans)) {
             $resource = call_user_func(array($rootClass, 'getById'), $resourceId);
             // If object has no children, remove it by id
             if (1 == $resource->rgt - $resource->lft) {
                 $subCriterion = $criteria->getNewCriterion(constant("{$rootClass}::ID"), $resourceId, Criteria::NOT_EQUAL);
             } else {
                 $subCriterion = $criteria->getNewCriterion(constant("{$rootClass}::LFT"), $resource->lft, Criteria::LESS_THAN);
                 $subCriterion2 = $criteria->getNewCriterion(constant("{$rootClass}::RGT"), $resource->rgt, Criteria::GREATER_THAN);
                 $subCriterion->addOr($subCriterion2);
             }
             if (isset($criterion)) {
                 $criterion->addAnd($subCriterion);
//.........这里部分代码省略.........
开发者ID:nurfiantara,项目名称:ehri-ica-atom,代码行数:101,代码来源:QubitAcl.class.php


注:本文中的QubitAcl::isAllowed方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。