public function recomputeMergedRole() { if (!count($this->roles)) { throw new Exception("Empty role, this is not normal"); } uksort($this->roles, array($this, "orderRoles")); $this->mergedRole = $this->roles[array_shift(array_keys($this->roles))]; if (count($this->roles) > 1) { $this->parentRole = $this->mergedRole; } $index = 0; foreach ($this->roles as $role) { if ($index > 0) { $this->mergedRole = $role->override($this->mergedRole); if ($index < count($this->roles) - 1) { $this->parentRole = $role->override($this->parentRole); } } $index++; } if ($this->hasParent() && isset($this->parentRole)) { // It's a shared user, we don't want it to inherit the rights... $this->parentRole->clearAcls(); //... but we want the parent user's role, filtered with inheritable properties only. $stretchedParentUserRole = AuthService::limitedRoleFromParent($this->parentUser); if ($stretchedParentUserRole !== null) { $this->parentRole = $this->parentRole->override($stretchedParentUserRole); } $this->mergedRole = $this->parentRole->override($this->personalRole); } }