/** * Get the privilege for the specified module * * Returns the privilege for a module and the specified user. If $user * is omitted, the current user id is used. Check TIP_Privilege to see how the * privileges are used. * * @param string $module The requesting module identifier * @param mixed $user A user id * @return TIP_PRIVILEGE... The requested privilege */ public static function getPrivilege($module, $user = null) { static $privilege = false; if ($privilege === false) { $privilege =& TIP_Application::getSharedModule('privilege'); } if ($privilege) { return $privilege->getPrivilege($module, $user); } return TIP::getDefaultPrivilege($module, $user); }
/** * 'on_row' callback for TIP_Modules_View * * Adds the following calculated fields to every module row: * - 'ACTIVE': privilege level of the user for this module * - 'CAN_MANAGER': true if the user is manager * - 'CAN_ADMIN': true if the user is at least administrator * - 'CAN_TRUSTED': true if the user is at least trusted * - 'CAN_UNTRUSTED': true if the user is at least untrusted * - 'CAN_NONE': always true * * @param array &$row The row as generated by TIP_Modules_View * @return bool true to include the row in the view or false to skip it */ public function _onModulesRow(&$row) { $module = $row['id']; $user = $this->keys['UID']; $lowest_level = $this->privilege < TIP_PRIVILEGE_ADMIN ? TIP::getDefaultPrivilege($module, $user) : TIP_PRIVILEGE_NONE; $up_to_level = $this->_maxSettableLevel($module); // Modules where I cannot change the user level are not included if ($up_to_level <= $lowest_level) { return false; } $row['ACTIVE'] = $this->getPrivilege($module, $user); foreach ($this->_privileges as $id => $privilege) { $row['CAN_' . strtoupper($privilege)] = $id <= $up_to_level; } return true; }