Beispiel #1
0
 public static function allowAccess($res_action)
 {
     //if (aclService::$_accessMatrix)
     //	return aclService::$_accessMatrix;
     // get the access matrix from session
     aclService::$_accessMatrix = BizSystem::sessionContext()->getVar("_ACCESS_MATRIX");
     if (!aclService::$_accessMatrix || count(aclService::$_accessMatrix) == 0) {
         // get user profile
         $profile = BizSystem::getUserProfile();
         if (!$profile) {
             return false;
         }
         // get the user role id
         $roleIds = $profile['roles'];
         if (!$roleIds) {
             $roleIds[0] = 0;
         }
         // guest
         $roleId_query = implode(",", $roleIds);
         // generate the access matrix
         $do = BizSystem::getObject(aclService::$role_actionDataObj);
         $rs = $do->directFetch("[role_id] in ({$roleId_query})");
         if (count($rs) == 0) {
             return false;
         }
         aclService::$_accessMatrix = aclService::GenerateAccessMatrix($rs);
         BizSystem::sessionContext()->setVar("_ACCESS_MATRIX", aclService::$_accessMatrix);
     }
     $accessLevel = self::$_defaultAccess;
     // default is deny
     if (isset(aclService::$_accessMatrix[$res_action])) {
         $accessLevel = aclService::$_accessMatrix[$res_action];
     }
     switch ($accessLevel) {
         case DENY:
             // if access level is DENY, return false
             return false;
         case ALLOW:
             // if access level is ALLOW or empty, return true
             return true;
         case ALLOW_OWNER:
             // if access level is ALLOW_OWNER, check the OwnerField and OwnerValue.
             // if ownerField's value == ownerValue, return true.
             return true;
     }
 }
Beispiel #2
0
 /**
  * Clean ACL cache from session 
  */
 public function clearACLCache()
 {
     aclService::$_accessMatrix = null;
     BizSystem::sessionContext()->setVar("_ACCESS_MATRIX", array());
     BizSystem::sessionContext()->clearVar("_ACCESS_MATRIX");
 }
Beispiel #3
0
 /**
  * Clean ACL cache from session 
  */
 public function clearACLCache()
 {
     aclService::$_accessMatrix = null;
     Openbiz::$app->getSessionContext()->setVar("_ACCESS_MATRIX", array());
     Openbiz::$app->getSessionContext()->clearVar("_ACCESS_MATRIX");
 }