Example #1
0
/**
 * Checks if current user is privileged. Currently only checks if IP address of user is on
 * a privileged network, as defined by the 'privileged_networks' configuration directive. May 
 * be expanded in the future to consider user's access rights and/or other parameters.
 *
 * @param RequestHTTP $po_request The current request
 * @param array $pa_options Optional options. If omitted settings are taken application configuration file is used. Any array passed to this function should include "privileged_networks" as a key with a value listing all privileged networks
 * @return boolean True if user is privileged, false if not
 */
function caUserIsPrivileged($po_request, $pa_options = null)
{
    $va_privileged_networks = isset($pa_options['privileged_networks']) && is_array($pa_options['privileged_networks']) ? $pa_options['privileged_networks'] : (array) $po_request->config->getList('privileged_networks');
    if (!($va_priv_ips = $va_privileged_networks)) {
        $va_priv_ips = array();
    }
    $va_user_ip = explode('.', $po_request->getClientIP());
    if (is_array($va_priv_ips)) {
        foreach ($va_priv_ips as $vs_priv_ip) {
            $va_priv_ip = explode('.', $vs_priv_ip);
            $vb_is_match = true;
            for ($vn_i = 0; $vn_i < sizeof($va_priv_ip); $vn_i++) {
                if ($va_priv_ip[$vn_i] != '*' && $va_priv_ip[$vn_i] != $va_user_ip[$vn_i]) {
                    continue 2;
                }
            }
            return true;
        }
    }
    return false;
}