public static function check($url = \GOTEO_REQUEST_URI, $user = null, $node = \GOTEO_NODE)
{
$url = static::fixURL($url);
if (is_null($user)) {
if (!User::isLogged()) {
// @FIXME: Ajuste para permitir un perfil público sin usuario registrado.
// (Es provisional hasta que se decida lo contrario)
$user = new User();
$user->id = '*';
$user->roles = array((object) array('id' => 'public', 'name' => 'Perfil público'));
$id = $user->id;
} else {
$user = $_SESSION['user'];
$id = $user->id;
}
} elseif ($user instanceof User) {
$id = $user->id;
} else {
if ($user = Model\User::get($user)) {
$id = $user->id;
}
}
$roles = $user->roles;
array_walk($roles, function (&$role) {
$role = $role->id;
});
$query = Model::query("\r\n SELECT\r\n acl.allow\r\n FROM acl\r\n WHERE (:node LIKE REPLACE(acl.node_id, '*', '%'))\r\n AND (:roles REGEXP REPLACE(acl.role_id, '*', '.'))\r\n AND (:user LIKE REPLACE(acl.user_id, '*', '%'))\r\n AND (:url LIKE REPLACE(acl.url, '*', '%'))\r\n ORDER BY acl.id DESC\r\n LIMIT 1\r\n ", array(':node' => $node, ':roles' => implode(', ', $roles), ':user' => $id, ':url' => $url));
return (bool) $query->fetchColumn();
}
