/**
* Helper function to has_authorization()
*
* If username given, will return true or false.
*
* If no username given, this will be interpreted as meaning "an anonymous user" and will
* return true, false, or NULL. In this case, true indicates the group includes anybody;
* false indicates that it includes nobody; and NULL indicates that the group includes some
* people and not others -- identification will be necessary to establish group membership.
*
* @access private
* @param string $user_netID -- username. Use an empty string to determine if anonymous access is permitted
* @return boolean | NULL true if user is a member of the authorized group, false if they are not, NULL if no username passed and access cannot be determined as a result
*/
function is_username_member_of_group($user_netID, $assume_netid_is_in_directory = false)
{
if ($this->group_has_members()) {
if (!$this->requires_login()) {
return true;
} elseif (empty($user_netID)) {
return NULL;
} elseif (array_key_exists($user_netID, $this->permissions)) {
return $this->permissions[$user_netID];
} elseif ($this->group->get_value('limit_authorization') == 'true') {
// build up an LDAP-style query
$rep = $this->get_group_representation();
$check_info = $this->add_netid_check_to_representation($user_netID, $rep);
foreach ($check_info as $dir_array) {
if (!empty($dir_array['directory_services'])) {
$dir = new directory_service($dir_array['directory_services']);
} else {
$dir = new directory_service();
}
$dir->merge_results_off();
if (!empty($dir_array['filter']) && $dir->search_by_filter($dir_array['filter'])) {
$members = $dir->get_records();
if (!empty($members)) {
$this->permissions[$user_netID] = true;
return true;
}
}
if (!empty($dir_array['group_filter']) && $dir->group_search_by_filter($dir_array['group_filter'])) {
$groups = $dir->get_records();
if (!empty($groups)) {
$this->permissions[$user_netID] = true;
return true;
}
}
}
$this->permissions[$user_netID] = false;
return false;
} else {
if ($assume_netid_is_in_directory || reason_check_authentication() == $user_netID) {
$this->permissions[$user_netID] = true;
return true;
} else {
if (!empty($dir_array['directory_services'])) {
$dir = new directory_service($dir_array['directory_services']);
} else {
$dir = new directory_service();
}
$dir->search_by_filter('(ds_username='******')');
$member = $dir->get_records();
if (!empty($member)) {
$this->permissions[$user_netID] = true;
return true;
} else {
$this->permissions[$user_netID] = false;
return false;
}
}
}
} else {
return false;
}
}
