public function checkPermission($metaUser) { if (!$this->active) { return false; } $restrictions = $this->getRestrictionsArray(); return aecRestrictionHelper::checkRestriction($restrictions, $metaUser); }
public function actionRestrictionCheck() { $this->response->result = false; if (!empty($this->request->details->plan)) { $plan = new SubscriptionPlan(); $plan->load($this->request->details->plan); if ($plan->id != $this->request->details->plan) { $this->error = 'could not find plan to check restrictions for'; return; } $restrictions = $plan->getRestrictionsArray(); if (aecRestrictionHelper::checkRestriction($restrictions, $this->metaUser) !== false) { if (!ItemGroupHandler::checkParentRestrictions($plan, 'item', $this->metaUser)) { $this->error = 'user is denied permission - plans parent group is restricted from this user'; } } else { $this->error = 'user is denied permission - plan is restricted from this user'; } unset($this->request->details->plan); } if (!empty($this->request->details->group)) { $group = new ItemGroup(); $group->load($this->request->details->group); if ($group->id != $this->request->details->group) { $this->error = 'could not find group to check restrictions for'; return; } $restrictions = $group->getRestrictionsArray(); if (aecRestrictionHelper::checkRestriction($restrictions, $this->metaUser) !== false) { if (!ItemGroupHandler::checkParentRestrictions($group, 'group', $this->metaUser)) { $this->error = 'user is denied permission - groups parent group is restricted from this user'; } } else { $this->error = 'user is denied permission - group is restricted from this user'; } unset($this->request->details->group); } if (!empty($this->request->details)) { $re = get_object_vars($this->request->details); $restrictions = aecRestrictionHelper::getRestrictionsArray($re); if (aecRestrictionHelper::checkRestriction($restrictions, $this->metaUser) === false) { $this->error = 'user is denied permission - at least one restriction result was negative'; } } if (empty($this->error)) { $this->response->result = true; } }
public function verifyUsage() { if (empty($this->usage)) { return null; } $this->loadMetaUser(); $plan = new SubscriptionPlan(); $plan->load($this->usage); $restrictions = $plan->getRestrictionsArray(); if (!aecRestrictionHelper::checkRestriction($restrictions, $this->metaUser)) { return getView('access_denied'); } if (!ItemGroupHandler::checkParentRestrictions($plan, 'item', $this->metaUser)) { return getView('access_denied'); } return true; }
public function checkPermission($metaUser, $invoice) { $permission = true; if (!empty($this->restrictions['has_restrictions'])) { if (is_object($invoice)) { if (!empty($invoice->params['stickyMIpermissions'][$this->id])) { return true; } } $restrictions = $this->getRestrictionsArray(); $permission = aecRestrictionHelper::checkRestriction($restrictions, $metaUser); if (!empty($this->restrictions['sticky_permissions']) && is_object($invoice) && $permission) { if (is_a($invoice, 'Invoice')) { if (empty($invoice->params['stickyMIpermissions'])) { $invoice->params['stickyMIpermissions'] = array(); } $invoice->params['stickyMIpermissions'][$this->id] = $permission; if ($invoice->id) { $invoice->storeload(); } } } return $permission; } else { return true; } }
public function checkAuthorized($metaUser) { if (!empty($this->params['fixed_redirect'])) { return $this->params['fixed_redirect']; } $authorized = $this->checkInventory(); if ($authorized) { $restrictions = $this->getRestrictionsArray(); if (aecRestrictionHelper::checkRestriction($restrictions, $metaUser) !== false) { if (!ItemGroupHandler::checkParentRestrictions($this, 'item', $metaUser)) { $authorized = false; } } else { $authorized = false; } } if (!$authorized && !empty($this->params['notauth_redirect'])) { return $this->params['notauth_redirect']; } return $authorized; }