/**
* Checks if the given user has the given permission.
*
* @param string $permission
* The permission string to check-
* @param array $user
* If not provided current logged in user will be used. (Optional, default = null)
*
* @return boolean
* True if the user has the permission, else false. If access control is not enabled or was just enabled without any config it returns also true.
*/
public function has_permission($permission, $user = null)
{
static $perms = array();
if (AccessControl::is_enabled()) {
if (!$this->access_config->is_empty()) {
if ($user === null) {
$user = $this->user;
}
if (empty($user)) {
return false;
}
if (!isset($perms[$user['username']])) {
$res = db::getInstance()->query('SELECT "permission" FROM "group2perm" WHERE "group_name" = :group', array(':group' => $user['group']));
$perms[$user['username']] = array();
while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
$perms[$user['username']][$row['permission']] = $row['permission'];
}
}
return isset($perms[$user['username']]) && (!empty($perms[$user['username']]['*']) || !empty($perms[$user['username']]['is_admin']) || !empty($perms[$user['username']][$permission]));
}
}
return true;
}
/**
* Ajax request to save new configuration settings.
*/
public function save_settings()
{
$params = new ParamStruct();
$params->add_required_param('settings', PDT_ARR);
$params->fill();
if (!$params->is_valid()) {
AjaxModul::return_code(AjaxModul::ERROR_INVALID_PARAMETER);
}
if (!$this->access_control->has_permission(AccessControl::PERM_CHANGE_MAIN_SETTINGS)) {
AjaxModul::return_code(AjaxModul::ERROR_NO_RIGHTS);
}
$need_redirect = null;
foreach ($params->settings as $key => $val) {
if ($key === 'enable_access_control' && !empty($val)) {
$access_controll = new AccessConfig();
if ($access_controll->is_empty()) {
$need_redirect = true;
}
}
$this->config->set_value($key, $val);
}
if ($need_redirect) {
AjaxModul::return_code(AjaxModul::SUCCESS, array('url' => murl('access', 'index')));
} else {
AjaxModul::return_code(AjaxModul::SUCCESS);
}
}
