public function getAuthAssignments($user_id) { if (!isset($this->user_assignments[$user_id])) { $this->user_assignments[$user_id] = parent::getAuthAssignments($user_id); } return $this->user_assignments[$user_id]; }
/** * Access check function. * * Checks access and attempts to speed up all future access checks using * caching and storage of the variable within {@link _access}. * * Note, only if parameters are empty will permissions caching or storage * in {@link _access} be effective, because parameters (i.e. the assignment * of a record based on the value of its assignedTo field) are expected to * vary. For example, in record-specific permission items checked for * multiple records. That is why $params be empty for any shortcuts to be * taken. * * @param string $itemName Name of the auth item for which access is being checked * @param integer $userId ID of the user for which to check access * @param array $params Parameters to pass to business rules * @return boolean */ public function checkAccess($itemName, $userId, $params = array()) { if (!isset($params['userId'])) { $params['userId'] = $userId; } if (!isset($this->_access)) { $this->_access = array(); } if (isset($this->_access[$userId][$itemName]) && !empty($this->_access[$userId][$itemName])) { $checkParams = $this->getCacheParams($params); if ($checkParams !== false) { $checkParams = json_encode($checkParams); // Shortcut 1: return data stored in the component's property if (isset($this->_access[$userId][$itemName][$checkParams])) { return $this->_access[$userId][$itemName][$checkParams]; } } } else { if ($this->caching) { // Shortcut 2: load the auth cache data and return if a result was found if (!isset($this->_access[$userId])) { $this->_access[$userId] = Yii::app()->authCache->loadAuthCache($userId); } if (isset($this->_access[$userId][$itemName]) && !empty($this->_access[$userId][$itemName])) { $checkParams = $this->getCacheParams($params); if ($checkParams !== false) { $checkParams = json_encode($checkParams); if (isset($this->_access[$userId][$itemName][$checkParams])) { return $this->_access[$userId][$itemName][$checkParams]; } } } } } if (!isset($this->_access[$userId])) { $this->_access[$userId] = array(); } if (!isset($this->_access[$userId][$itemName])) { $this->_access[$userId][$itemName] = array(); } // Get assignments via roles. // // In X2Engine's system, x2_auth_assignment doesn't refer to users, but // to roles. Hence, the ID of each role is sent to // parent::getAuthAssignments rather than a user ID, which would be // meaningless in light of how x2_auth_assignment stores roles. if (isset($this->_assignments[$userId])) { $assignments = $this->_assignments[$userId]; } else { $roles = Roles::getUserRoles($userId); $assignments = array(); foreach ($roles as $roleId) { $assignments = array_merge($assignments, parent::getAuthAssignments($roleId)); } $this->_assignments[$userId] = $assignments; } // Prepare the username for the session-agnostic permissions check: if (!isset($this->_usernames[$userId])) { if ($userId == Yii::app()->getSuId()) { $user = Yii::app()->getSuModel(); } else { $user = User::model()->findByPk($userId); } if ($user instanceof User) { $this->_usernames[$userId] = $user->username; } else { $this->_usernames[$userId] = 'Guest'; } } // Get whether the user has access: $hasAccess = parent::checkAccessRecursive($itemName, $userId, $params, $assignments); // Store locally. $cacheParams = $this->getCacheParams($params); if ($cacheParams !== false) { $this->_access[$userId][$itemName][json_encode($cacheParams)] = $hasAccess; // Cache if ($this->caching) { Yii::app()->authCache->addResult($userId, $itemName, $hasAccess, $cacheParams); } } return $hasAccess; }
public function getAuthAssignments($userId) { if (isset($this->_userAssignments[$userId])) { return $this->_userAssignments[$userId]; } return $this->_userAssignments[$userId] = parent::getAuthAssignments($userId); }