/** * Check if users are of lower permissions than current user (if not super-admin) and if the user himself is not included * * @param array of userId $cid * @param string $actionName to insert in message. * @return string of error if error, otherwise null * Added 1.0.11 */ function checkUserPermissions($cid, $actionName, $allowActionToMyself = false) { global $database, $acl, $my; $msg = null; if (is_array($cid) && count($cid)) { $obj = new mosUser($database); foreach ($cid as $id) { if ($id != 0) { $obj->load($id); $groups = $acl->get_object_groups('users', $id, 'ARO'); $this_group = strtolower($acl->get_group_name($groups[0], 'ARO')); } else { $this_group = 'Registered'; // minimal user group $obj->gid = $acl->get_group_id($this_group, 'ARO'); } if (!$allowActionToMyself && $id == $my->id) { $msg .= 'You cannot ' . $actionName . ' Yourself!'; } else { if ($obj->gid == $my->gid && !in_array($my->gid, array(24, 25)) || $obj->gid && !in_array($obj->gid, getGIDSChildren($my->gid))) { $msg .= 'You cannot ' . $actionName . ' a `' . $this_group . '`. Only higher-level users have this power. '; } } } } return $msg; }
/** * Check if users are of lower permissions than current user (if not super-admin) and if the user himself is not included * * @param array of userId $cid * @param string $actionName to insert in message. * @return string of error if error, otherwise null * Added 1.0.11 */ function checkUserPermissions($cid, $actionName, $allowActionToMyself = false) { global $database, $acl, $my; $msg = null; if (is_array($cid) && count($cid)) { $obj = new mosUser($database); foreach ($cid as $id) { if ($id != 0) { $obj->load($id); $groups = $acl->get_object_groups('users', $id, 'ARO'); $this_group = strtolower($acl->get_group_name($groups[0], 'ARO')); } else { $this_group = 'Registered'; // minimal user group $obj->gid = $acl->get_group_id($this_group, 'ARO'); } if (!$allowActionToMyself && $id == $my->id) { $msg .= 'Não pode ' . $actionName . ' seu próprio nome!'; } else { if ($obj->gid == $my->gid && !in_array($my->gid, array(24, 25)) || $obj->gid && !in_array($obj->gid, getGIDSChildren($my->gid))) { $msg .= 'Não pode ' . $actionName . ' a `' . $this_group . '`. Apenas usuários com um nível de grupo superior têm esta permissão. '; } } } } return $msg; }