function check_permission(){
Logger::debug('Checking Permissions');
$controller = get_class($this);
$action = $this->params['action'];
if(isset(User::$current)){
$allowed = User::$current->is_permitted_to($action, $controller);
} else {
$allowed = Permissions::check_permission($controller, $action);
}
if(!$allowed){
isset(User::$current) ? $uname = User::$current->name : $uname = "Guest";
Logger::warning($uname . " was not allowed to access " . $_SERVER['REQUEST_URI']);
if(isset(User::$current)){
if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
$this->render_ajax('error', '401 - Not Allowed');
} else {
$this->error(array('status' => '401'));
}
} else {
$this->flash('error', 'Please LogIn');
$this->redirect_to_login();
}
return false;
}
return true;
}
function permitted_to($action, $controller){
if(isset(User::$current)){
return User::$current->is_permitted_to($action, $controller);
} else {
return Permissions::check_permission($controller, $action);
}
}
public function is_permitted_to($action,$controller){
if(strpos($controller,'Controller') === false)
$controller = ucfirst(Toolbox::to_camel_case($controller . "_controller"));
return Permissions::check_permission($controller, $action, $this->get_role());
}
