/** * Returns whether a user can edit company data. * If groups are checked, one true permission makes the function return true. * * @param User $user * @param boolean $include_groups states whether groups should be checked for permissions * @return boolean */ function can_edit_company_data(User $user, $include_groups = true) { if ($user->isGuest()) { return false; } if ($user->getCanEditCompanyData()) { return true; } if ($include_groups) { $user_ids = $user->getId(); $group_ids = GroupUsers::getGroupsCSVsByUser($user_ids); if ($group_ids != '') { $gr = Groups::findOne(array('conditions' => array('id in (' . $group_ids . ') AND can_edit_company_data = true '))); return $gr instanceof Group; } } return false; }