function is_entity_permitted($entity_id, $entity_type, $device_id = NULL, $permissions = NULL) { if (is_null($permissions) && isset($GLOBALS['permissions'])) { // Note, pass permissions array by param used in permissions_cache() $permissions = $GLOBALS['permissions']; } //if (OBS_DEBUG) //{ // print_vars($permissions); // print_vars($_SESSION); // print_vars($GLOBALS['auth']); // print_vars(is_graph()); //} if (!is_numeric($device_id)) { $device_id = get_device_id_by_entity_id($entity_id, $entity_type); } if (isset($_SESSION['user_limited']) && !$_SESSION['user_limited']) { // User not limited (userlevel >= 5) $allowed = TRUE; } else { if (is_numeric($device_id) && device_permitted($device_id)) { $allowed = TRUE; } else { if (isset($permissions[$entity_type][$entity_id]) && $permissions[$entity_type][$entity_id]) { $allowed = TRUE; } else { if (isset($GLOBALS['auth']) && is_graph()) { $allowed = $GLOBALS['auth']; } else { $allowed = FALSE; } } } } if (OBS_DEBUG) { $debug_msg = "PERMISSIONS CHECK. Entity type: {$entity_type}, Entity ID: {$entity_id}, Device ID: " . ($device_id ? $device_id : 'NULL') . ", Allowed: " . ($allowed ? 'TRUE' : 'FALSE') . "."; if (isset($GLOBALS['notifications'])) { $GLOBALS['notifications'][] = array('text' => $debug_msg, 'severity' => 'debug'); } else { print_debug($debug_msg); } } return $allowed; }
function is_entity_permitted($entity_id, $entity_type, $device_id = NULL) { global $permissions; // if (!is_numeric($device_id)) { $device_id = get_device_id_by_entity_id($entity_id, $entity_type); } if ($_SESSION['userlevel'] >= 7) { $allowed = TRUE; } else { if (is_numeric($device_id) && device_permitted($device_id)) { $allowed = TRUE; } else { if (isset($permissions[$entity_type][$entity_id]) && $permissions[$entity_type][$entity_id]) { $allowed = TRUE; } else { $allowed = FALSE; } } } print_debug("PERMISSIONS CHECK. Entity type: {$entity_type}, Entity ID: {$entity_id}, Device ID: " . ($device_id ? $device_id : 'NULL') . ", Allowed: " . ($allowed ? 'TRUE' : 'FALSE') . "."); return $allowed; }