public function initialize(Controller $controller)
{
App::import('Lib', 'Permissionable');
Permissionable::setUserId(AuthComponent::user('id'));
Permissionable::setGroupId(AuthComponent::user('group_id'));
$group_arr = array(-1);
$user_info = $controller->Session->read('Auth');
if (isset($user_info['Group']) && is_array($user_info['Group']) && !empty($user_info['Group'])) {
$group_arr = array();
foreach ($user_info['Group'] as $val_group) {
$group_arr[] = $val_group['id'];
}
}
Permissionable::setGroupIds($group_arr);
Access::setPermsModule($user_info);
Configure::write('ModulePermissionUserData', $this->user);
}
/**
* Test isRoot
*
* @return void
*/
public function testIsRootWithUuids()
{
Permissionable::setUserId('2bceb022-344e-11df-bcba-e984d7a9c8ef');
Permissionable::setGroupId('441961bf-344e-11df-bcba-e984d7a9c8ef');
Permissionable::setGroupIds(array('441961bf-344e-11df-bcba-e984d7a9c8ef', '4c421828-344e-11df-bcba-e984d7a9c8ef'));
// User is Root user and in Root group
Permissionable::setRootUserId('2bceb022-344e-11df-bcba-e984d7a9c8ef');
Permissionable::setRootGroupId('441961bf-344e-11df-bcba-e984d7a9c8ef');
$this->assertTrue(Permissionable::isRoot());
// User is the Root user, but not in the Root group
Permissionable::setRootGroupId('de129dca-344e-11df-bcba-e984d7a9c8ef');
$this->assertTrue(Permissionable::isRoot());
// User is not the Root user, but is in the Root group
Permissionable::setRootUserId('b4fdc759-344f-11df-bcba-e984d7a9c8ef');
Permissionable::setRootGroupId('441961bf-344e-11df-bcba-e984d7a9c8ef');
$this->assertTrue(Permissionable::isRoot());
// User is neither the Root user nor in the Root group
Permissionable::setRootUserId('60741ba2-344f-11df-bcba-e984d7a9c8ef');
Permissionable::setRootGroupId('f2d4a9b2-344f-11df-bcba-e984d7a9c8ef');
$this->assertFalse(Permissionable::isRoot());
}
/**
* Determine whether or not a user has a certain permission on a row
*
* @param object $Model
* @param string $action
* @param mixed $id
* @return boolean
*/
public function hasPermission(&$Model, $action = 'read', $id = null)
{
if ($this->_disabled) {
return true;
}
$user_id = Permissionable::getUserId();
$group_ids = Permissionable::getGroupIds();
$id = empty($id) ? $Model->id : $id;
$this->_unbind($Model);
// if somehow we don't know who the logged-in user is, don't save!
if (!in_array($action, $this->_actions) || empty($id) || empty($user_id) || empty($group_ids)) {
return false;
} elseif (Permissionable::isRoot()) {
return true;
}
$this->_bind($Model);
// do a quick count on the row to see if that permission exists
$alias = $this->getPermissionAlias($Model);
$perm = $Model->{$alias}->find('count', array('conditions' => array("{$alias}.model" => $Model->alias, "{$alias}.foreign_id" => $id, 'or' => $this->_getPermissionQuery($Model, $action))));
return !empty($perm);
}
/**
* @param mixed $group_id
* @return mixed
*/
public static function setRootGroupId($group_id)
{
Permissionable::$root_group_id = $group_id;
}
