Take raw permission definitions and create.
public static compilePermissions ( array $rawPermissions ) : array | ||
$rawPermissions | array | Database rows from the permissions table. |
return | array | Compiled permissions |
/** * * * @param $UserID * @param bool $Refresh * @return array|bool|null|object|type */ public function getSession($UserID, $Refresh = false) { // Ask for the user. This will check cache first. $User = $this->getID($UserID, DATASET_TYPE_OBJECT); if (!$User) { return false; } // If we require confirmation and user is not confirmed $ConfirmEmail = self::requireConfirmEmail(); $Confirmed = val('Confirmed', $User); if ($ConfirmEmail && !$Confirmed) { // Replace permissions with those of the ConfirmEmailRole $ConfirmEmailRoleID = RoleModel::getDefaultRoles(RoleModel::TYPE_UNCONFIRMED); $RoleModel = new RoleModel(); $RolePermissions = $RoleModel->getPermissions($ConfirmEmailRoleID); $Permissions = UserModel::compilePermissions($RolePermissions); // Ensure Confirm Email role can always sign in if (!in_array('Garden.SignIn.Allow', $Permissions)) { $Permissions[] = 'Garden.SignIn.Allow'; } $User->Permissions = $Permissions; // Otherwise normal loadings! } else { if ($User && ($User->Permissions == '' || Gdn::cache()->activeEnabled())) { $User->Permissions = $this->definePermissions($UserID); } } // Remove secret info from session unset($User->Password, $User->HashMethod); return $User; }
/** * Get the permissions for one or more roles. * * @param int $roleID The role to get the permissions for. * @return array Returns a permission array suitable for use in a session. */ public function getPermissionsByRole($roleID) { $inc = Gdn::userModel()->getPermissionsIncrement(); $key = "perms:{$inc}:role:{$roleID}"; $permissions = Gdn::cache()->get($key); if ($permissions === Gdn_Cache::CACHEOP_FAILURE) { $sql = clone $this->SQL; $sql->reset(); // Select all of the permission columns. $permissionColumns = $this->permissionColumns(); foreach ($permissionColumns as $columnName => $value) { $sql->select('p.`' . $columnName . '`', 'MAX'); } $sql->from('Permission p')->where('p.RoleID', $roleID)->select(array('p.JunctionTable', 'p.JunctionColumn', 'p.JunctionID'))->groupBy(array('p.JunctionTable', 'p.JunctionColumn', 'p.JunctionID')); $permissions = $sql->get()->resultArray(); $permissions = UserModel::compilePermissions($permissions); Gdn::cache()->store($key, $permissions); } return $permissions; }