/** * Load user ACLs from the DB * @internal * @param string $category Module name * @param string $object * @param string $user_id * @param bool $refresh */ static function loadUserFields($module_name, $object, $user_id, $refresh = false) { if (empty($user_id)) { return array(); } if (!$refresh && isset(self::$acl_fields[$user_id][$module_name])) { return self::$acl_fields[$user_id][$module_name]; } // We can not cache per user ID because ACLs are stored per role if (!$refresh) { $cached = self::loadFromCache($user_id, 'fields'); if ($cached) { // ACL data for some modules may already have been loaded and it shouldn't be erased // in case it's not cached if (isset(self::$acl_fields[$user_id])) { self::$acl_fields[$user_id] = array_merge(self::$acl_fields[$user_id], $cached); } else { self::$acl_fields[$user_id] = $cached; } } if (isset(self::$acl_fields[$user_id][$module_name])) { return self::$acl_fields[$user_id][$module_name]; } } $query = "SELECT af.name, af.aclaccess FROM acl_fields af "; $query .= " INNER JOIN acl_roles_users aru ON aru.user_id = '{$user_id}' AND aru.deleted=0\n INNER JOIN acl_roles ar ON aru.role_id = ar.id AND ar.id = af.role_id AND ar.deleted = 0"; $query .= " WHERE af.deleted = 0 "; $query .= " AND af.category='{$module_name}'"; $result = $GLOBALS['db']->query($query); $allFields = ACLField::getAvailableFields($module_name, $object); self::$acl_fields[$user_id][$module_name] = array(); while ($row = $GLOBALS['db']->fetchByAssoc($result)) { if ($row['aclaccess'] != 0 && (empty(self::$acl_fields[$user_id][$module_name][$row['name']]) || self::$acl_fields[$user_id][$module_name][$row['name']] > $row['aclaccess'])) { self::$acl_fields[$user_id][$module_name][$row['name']] = $row['aclaccess']; if (!empty($allFields[$row['name']])) { foreach ($allFields[$row['name']]['fields'] as $field => $label) { self::$acl_fields[$user_id][$module_name][strtolower($field)] = $row['aclaccess']; } } } } self::storeToCache($user_id, 'fields', self::$acl_fields[$user_id]); return self::$acl_fields[$user_id][$module_name]; }