public static function check($name, $action = 1, $module = "")
{
if (empty($module)) {
$module = wbCache::getCached('current', 'module');
}
if (empty($module)) {
throw new Exception("Unknown Module");
}
if (!self::isPermissionExist($name)) {
throw new Exception('Unknown Permission Name ' . $name . ' on module ' . $module);
}
$sessionInfo = wbUser::getSession();
$dbconn = wbDB::getConn();
$prefix = wbConfig::get('DB.prefix');
$query = "SELECT role_id FROM " . $prefix . "_user_role \r\n WHERE role_id IN (select role_id FROM " . $prefix . "_role_permission) AND user_id = ?";
$result =& $dbconn->Execute($query, array($sessionInfo['user_id']));
if (!$result) {
throw new Exception($dbconn->ErrorMsg());
}
while (!$result->EOF) {
list($role_id) = $result->fields;
// check ACCESS
$query = "SELECT COUNT(1) FROM " . $prefix . "_role_permission as a, " . $prefix . "_permission as b\r\n WHERE a.role_id = ? AND \r\n a.permission_level >= ? AND \r\n a.permission_id = b.permission_id AND\r\n b.permission_name = ? AND \r\n b.permission_module = ?";
$count = $dbconn->GetOne($query, array($role_id, $action, $name, $module));
if ($count === false) {
throw new Exception($dbconn->ErrorMsg());
}
if ($count) {
return true;
}
// this user has ACCESS
$result->MoveNext();
}
$result->Close();
// this user does not access
throw new Exception(json_encode(array('error' => 'sess_error', 'msg' => "Anda tidak memiliki hak akses untuk melakukan operasi ini atau sessi login anda sudah berakhir<br/><br/>Silahkan untuk melakukan login kembali")));
throw new Exception("Anda tidak memiliki hak akses untuk melakukan operasi ini atau sessi login anda sudah berakhir<br/><br/>Nama Akses : " . self::$accessList[$action] . " on " . $module . '.' . $name . "<br/>Silahkan hubungi Administrator untuk mendapatkan akses tersebut");
}
/**
* Get controller request
*/
static function getController()
{
$module = self::getVar('module');
$class = self::getVar('class');
$method = self::getVar('method');
if (!empty($module)) {
if (!preg_match('/^[a-z][a-z_0-9]*$/', $module)) {
$module = '';
}
}
if (empty($module)) {
$module = wbConfig::get('Module.defaultModule');
$class = wbConfig::get('Module.defaultClass');
$method = wbConfig::get('Module.defaultMethod');
} else {
if (!empty($class)) {
if (!preg_match('/^[a-zA-Z._\\x7f-\\xff][a-zA-Z.0-9_\\x7f-\\xff]*$/', $class)) {
$class = '';
}
}
if (empty($class)) {
if ($module == wbConfig::get('Module.defaultModule')) {
$class = wbConfig::get('Module.defaultClass');
}
}
if (!empty($method)) {
if (!preg_match('/^[a-zA-Z_\\x7f-\\xff][a-zA-Z0-9_\\x7f-\\xff]*$/', $method)) {
$method = '';
}
}
if (empty($method)) {
if ($module == wbConfig::get('Module.defaultModule') && $class == wbConfig::get('Module.defaultClass')) {
$method = wbConfig::get('Module.defaultMethod');
}
}
}
if (empty($module)) {
$requestInfo = self::$defaultRequest;
} else {
if (empty($class)) {
$class = $module;
}
if (empty($method)) {
$method = 'main';
}
$requestInfo = array($module, $class, $method);
}
wbCache::setCached('current', 'module', $requestInfo[0]);
wbCache::setCached('current', 'controller', $requestInfo[1]);
wbCache::setCached('current', 'method', $requestInfo[2]);
return $requestInfo;
}
