/**
* Можно ли?
* @param $resource
* @param $roleId
*/
public function isAllowed($resource, $roleId = null, $type = 'user', $returnParams = false, $returnMessage = false)
{
$resource = strtolower($resource);
$userInfo = array();
if (null === $roleId) {
// если не задан пользователь, то попробуем использовать текущего
$userInfo = SJB_UserManager::getCurrentUserInfo();
if (!empty($userInfo)) {
$roleId = $userInfo['sid'];
}
if (null === $roleId) {
if (SJB_Admin::admin_authed() && SJB_System::getSystemSettings('SYSTEM_ACCESS_TYPE') == 'admin') {
if ($returnParams) {
return '';
}
if ($returnMessage) {
return '';
}
return true;
}
$roleId = 'guest';
}
} else {
$cacheId = 'SJB_Acl::SJB_UserManager::getUserInfoBySID' . $roleId;
if (SJB_MemoryCache::has($cacheId)) {
$userInfo = SJB_MemoryCache::get($cacheId);
} else {
$userInfo = SJB_UserManager::getUserInfoBySID($roleId);
SJB_MemoryCache::set($cacheId, $userInfo);
}
}
$role = $type . '_' . $roleId;
if ($resource == 'use_screening_questionnaires' && intval($userInfo['parent_sid']) > 0) {
if ($this->isAllowed($resource, $userInfo['parent_sid'])) {
return $this->isAllowed('subuser_use_screening_questionnaires', $userInfo['sid']);
}
return false;
}
if (!isset($this->permissions[$role])) {
switch ($type) {
case 'user':
case 'guest':
if ($roleId == 'guest' || $type == 'guest') {
$role = 'user_guest';
if (empty($this->permissions[$role])) {
$this->permissions[$role] = $this->getPermissions('guest', 'guest');
}
} else {
$permissions = $this->getPermissions('user', $roleId);
$groupPermissions = $this->getPermissions('group', $userInfo['user_group_sid']);
$this->permissions['group_' . $userInfo['user_group_sid']] = $groupPermissions;
$contracts = SJB_ContractManager::getAllContractsSIDsByUserSID($roleId);
if (!empty($contracts)) {
foreach ($contracts as $contract) {
$contractPermissions = $this->mergePermissionsWithGroup($this->getPermissions('contract', $contract), $groupPermissions);
$this->permissions['contract_' . $contract] = $contractPermissions;
$permissions = $this->mergePermissions($contractPermissions, $permissions);
}
} else {
$permissions = $this->mergePermissionsWithGroup($permissions, $groupPermissions);
}
$this->permissions[$role] = $permissions;
}
break;
case 'group':
$this->permissions[$role] = $this->getPermissions($type, $roleId);
break;
case 'product':
$productInfo = SJB_ProductsManager::getProductInfoBySID($roleId);
if (!empty($productInfo['user_group_sid'])) {
$groupRole = 'group_' . $productInfo['user_group_sid'];
if (empty($this->permissions[$groupRole])) {
$this->permissions[$groupRole] = $this->getPermissions('group', $productInfo['user_group_sid']);
}
$this->permissions[$role] = $this->mergePermissionsWithGroup($this->getPermissions('product', $roleId), $this->permissions[$groupRole]);
} else {
$this->permissions[$role] = $this->getPermissions('product', $roleId);
}
break;
case 'contract':
$this->permissions[$role] = $this->getPermissions('contract', $roleId);
break;
}
}
if (!isset($userInfo)) {
$userInfo = SJB_UserManager::getCurrentUserInfo();
}
$is_display_resume = !preg_match_all("/.*\\/(?:display_resume|display_job)\\/(\\d*)/i", $_SERVER['REQUEST_URI'], $match) ? isset($_SERVER['REDIRECT_URL']) ? preg_match_all("/.*\\/(?:display_resume|display_job)\\/(\\d*)/i", $_SERVER['REDIRECT_URL'], $match) : false : true;
// Allow access to Resume/Job Details page if an employer has an application linked to the resume
if (isset($userInfo) && $is_display_resume) {
$apps = SJB_DB::query("SELECT `a`.resume FROM `applications` `a`\n\t\t\t\t\t\t INNER JOIN `listings` l ON\n\t\t\t\t\t\t `l`.`sid` = `a`.`listing_id`\n\t\t\t\t\t\t WHERE `l`.`user_sid` = ?n AND `a`.`show_emp` = 1 ORDER BY a.`date` DESC", $userInfo['sid']);
if (isset($match[1]) && in_array(array("resume" => array_pop($match[1])), $apps)) {
$this->permissions[$role][$resource]['value'] = 'allow';
$this->permissions[$role][$resource]['params'] = '';
}
}
if ($returnParams) {
return empty($this->permissions[$role][$resource]['params']) ? '' : $this->permissions[$role][$resource]['params'];
} elseif ($returnMessage) {
$message = empty($this->permissions[$role][$resource]['message']) ? '' : $this->permissions[$role][$resource]['message'];
if (!$message) {
if (!empty($userInfo)) {
$groupRole = 'group_' . $userInfo['user_group_sid'];
$message = empty($this->permissions[$groupRole][$resource]['message']) ? '' : $this->permissions[$groupRole][$resource]['message'];
}
}
return $message;
}
return isset($this->permissions[$role][$resource]['value']) && $this->permissions[$role][$resource]['value'] == 'allow';
}
function getContractID()
{
return SJB_ContractManager::getAllContractsSIDsByUserSID($this->sid);
}
public static function getListingsNumberByUserSID($user_sid)
{
$userContractsSIDs = SJB_ContractManager::getAllContractsSIDsByUserSID($user_sid);
$userContractsSIDs = $userContractsSIDs ? implode(',', $userContractsSIDs) : 0;
return SJB_DB::queryValue("SELECT COUNT(*) FROM `listings` WHERE `user_sid` = ?n AND `contract_id` in ({$userContractsSIDs})", $user_sid);
}
