/** * Check if authenticated user can login * @param User $user * @return bool * @throws NoRightWebLoginException * @throws ApiNoRightWebApiLoginException */ public static function resolveAuthenticatedUserCanLogin(User $user) { if (Right::ALLOW != $user->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB) && !ApiRequest::isApiRequest()) { throw new NoRightWebLoginException(); } if (Right::ALLOW != $user->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API) && ApiRequest::isApiRequest()) { throw new ApiNoRightWebApiLoginException(); } if ($user->isSystemUser && !ApiRequest::isApiRequest()) { throw new NoRightWebLoginException(); } if ($user->isSystemUser && ApiRequest::isApiRequest()) { throw new ApiNoRightWebApiLoginException(); } return true; }