public static function check($name, $action = 1, $module = "")
{
if (empty($module)) {
$module = wbCache::getCached('current', 'module');
}
if (empty($module)) {
throw new Exception("Unknown Module");
}
if (!self::isPermissionExist($name)) {
throw new Exception('Unknown Permission Name ' . $name . ' on module ' . $module);
}
$sessionInfo = wbUser::getSession();
$dbconn = wbDB::getConn();
$prefix = wbConfig::get('DB.prefix');
$query = "SELECT role_id FROM " . $prefix . "_user_role \r\n WHERE role_id IN (select role_id FROM " . $prefix . "_role_permission) AND user_id = ?";
$result =& $dbconn->Execute($query, array($sessionInfo['user_id']));
if (!$result) {
throw new Exception($dbconn->ErrorMsg());
}
while (!$result->EOF) {
list($role_id) = $result->fields;
// check ACCESS
$query = "SELECT COUNT(1) FROM " . $prefix . "_role_permission as a, " . $prefix . "_permission as b\r\n WHERE a.role_id = ? AND \r\n a.permission_level >= ? AND \r\n a.permission_id = b.permission_id AND\r\n b.permission_name = ? AND \r\n b.permission_module = ?";
$count = $dbconn->GetOne($query, array($role_id, $action, $name, $module));
if ($count === false) {
throw new Exception($dbconn->ErrorMsg());
}
if ($count) {
return true;
}
// this user has ACCESS
$result->MoveNext();
}
$result->Close();
// this user does not access
throw new Exception(json_encode(array('error' => 'sess_error', 'msg' => "Anda tidak memiliki hak akses untuk melakukan operasi ini atau sessi login anda sudah berakhir<br/><br/>Silahkan untuk melakukan login kembali")));
throw new Exception("Anda tidak memiliki hak akses untuk melakukan operasi ini atau sessi login anda sudah berakhir<br/><br/>Nama Akses : " . self::$accessList[$action] . " on " . $module . '.' . $name . "<br/>Silahkan hubungi Administrator untuk mendapatkan akses tersebut");
}
