public function getActualPermissions($permitable = null) { assert('$permitable === null || $permitable instanceof Permitable'); if ($permitable === null) { $permitable = Yii::app()->user->userModel; if (!$permitable instanceof User) { throw new NoCurrentUserSecurityException(); } } $owner = $this->unrestrictedGet('owner'); # If an owned securable item doesn't yet have an owner # then whoever is creating it has full access to it. If they # save it with the owner being someone else they are giving # it away and potentially lose access to it. if ($owner->id < 0 || $owner->isSame($permitable)) { return array(Permission::ALL, Permission::NONE); } else { return parent::getActualPermissions($permitable); } }
/** * Override to add caching capabilities of this information. * @see SecurableItem::getActualPermissions() */ public function getActualPermissions($permitable = null) { assert('$permitable === null || $permitable instanceof Permitable'); if ($permitable === null) { $permitable = Yii::app()->user->userModel; if (!$permitable instanceof User) { throw new NoCurrentUserSecurityException(); } } if ($this->name != null) { try { return PermissionsCache::getNamedSecurableItemActualPermissions($this->name, $permitable); } catch (NotFoundException $e) { $actualPermissions = parent::getActualPermissions($permitable); } PermissionsCache::cacheNamedSecurableItemActualPermissions($this->name, $permitable, $actualPermissions); return $actualPermissions; } return parent::getActualPermissions($permitable); }