/**
* Get the privilege for the specified module
*
* Returns the privilege for a module and the specified user. If $user
* is omitted, the current user id is used. Check TIP_Privilege to see how the
* privileges are used.
*
* @param string $module The requesting module identifier
* @param mixed $user A user id
* @return TIP_PRIVILEGE... The requested privilege
*/
public static function getPrivilege($module, $user = null)
{
static $privilege = false;
if ($privilege === false) {
$privilege =& TIP_Application::getSharedModule('privilege');
}
if ($privilege) {
return $privilege->getPrivilege($module, $user);
}
return TIP::getDefaultPrivilege($module, $user);
}
/**
* 'on_row' callback for TIP_Modules_View
*
* Adds the following calculated fields to every module row:
* - 'ACTIVE': privilege level of the user for this module
* - 'CAN_MANAGER': true if the user is manager
* - 'CAN_ADMIN': true if the user is at least administrator
* - 'CAN_TRUSTED': true if the user is at least trusted
* - 'CAN_UNTRUSTED': true if the user is at least untrusted
* - 'CAN_NONE': always true
*
* @param array &$row The row as generated by TIP_Modules_View
* @return bool true to include the row in the view or false to skip it
*/
public function _onModulesRow(&$row)
{
$module = $row['id'];
$user = $this->keys['UID'];
$lowest_level = $this->privilege < TIP_PRIVILEGE_ADMIN ? TIP::getDefaultPrivilege($module, $user) : TIP_PRIVILEGE_NONE;
$up_to_level = $this->_maxSettableLevel($module);
// Modules where I cannot change the user level are not included
if ($up_to_level <= $lowest_level) {
return false;
}
$row['ACTIVE'] = $this->getPrivilege($module, $user);
foreach ($this->_privileges as $id => $privilege) {
$row['CAN_' . strtoupper($privilege)] = $id <= $up_to_level;
}
return true;
}
