/** * Checks if provided or potentially dangerous permissions are set * * @param Model $Model * @param array $field * @param mixed $match True to check for potentially dangerous permissions, * a string containing the 4-digit octal value of the permissions to check for an exact match, * false to allow any permissions * @return boolean */ function checkPermission(&$Model, $field, $match = true) { extract($this->runtime[$Model->alias]); foreach (array('source', 'temporary') as $type) { if ($type == 'temporary' && empty(${$type})) { continue; } if (!MediaValidation::permission(${$type}['permission'], $match)) { return false; } } return true; }
function testPermission() { $result = MediaValidation::permission('0111'); $this->assertFalse($result); $result = MediaValidation::permission(0111); $this->assertFalse($result); $result = MediaValidation::permission('0111', '-x'); $this->assertFalse($result); $result = MediaValidation::permission('0111', '-x'); $this->assertFalse($result); $result = MediaValidation::permission('0000', '-x'); $this->assertTrue($result); $result = MediaValidation::permission('0666', '-x'); $this->assertTrue($result); }