/**
Purpose : this function check user task permissions for a Group or a Network
@param : $uid, $task_values, $type, $target_id, $strict
@return : bool
**/
public static function can_user($uid, $task_values, $type = 'network', $strict, $target_id = null)
{
Logger::log("Enter: function User::can_user");
if (SUPER_USER_ID == $uid) {
// SUPER USER has all permissions!
return TRUE;
}
if (!is_array($task_values)) {
$task_values = array($task_values);
}
$user = new self();
$user->load($uid);
$roles = $user->get_user_roles(DB_FETCHMODE_OBJECT);
$result = false;
$user_tasks = array();
foreach ($roles as $role) {
// merge all tasks/permissions for specific role type
// $role_obj = new Roles();
// $role_obj->load((int)$role->role_id);
$condition = $type == 'network' ? $role->extra['network'] == true : count($role->extra['groups']) > 0 && in_array($target_id, $role->extra['groups']);
// apply role to a group
// if(($role_obj->type == $type) && $condition) {
if ($condition) {
$role_tasks = Roles::get_tasks_of_role($role->role_id);
if ($role_tasks) {
foreach ($role_tasks as $rt) {
$user_tasks[] = $rt->task_value;
}
}
}
}
$found = 0;
$nb_tasks = count($task_values);
foreach ($task_values as $value) {
if (!in_array($value, $user_tasks) && $strict == true) {
$result = false;
break;
}
if (in_array($value, $user_tasks) && $strict == false) {
$result = true;
break;
}
if (in_array($value, $user_tasks) && $strict == true) {
$found++;
}
}
if ($strict == true) {
$result = $found == $nb_tasks ? true : false;
}
Logger::log("Exit: function User::can_user");
return $result;
}
