/** * Determines whether or not the current user has access to the specified media work. If no username is provided, this function defaults to the currently-loggin-in username. * * @param string $username * @return boolean user has access */ public function user_has_access_to_media($username = '') { // First, get the restricted group--if one exists $es = new entity_selector(); $es->add_type(id_of('group_type')); $es->add_right_relationship($this->media_work->id(), relationship_id_of('av_restricted_to_group')); $group = current($es->run_one()); if (!empty($group)) { $gh = new group_helper(); $gh->set_group_by_id($group->id()); if ($gh->requires_login()) { if (!$username) { $username = reason_check_authentication(); } if ($username) { if (!$gh->is_username_member_of_group($username)) { return false; } } else { return false; } } } return true; // Return true if the user has access to view media work }
function run($send_header = true) { $this->get_site_id(); if ($page = $this->_get_page()) { if ($groups = $this->get_page_restriction_groups($page, $this->site)) { foreach ($groups as $group) { $gh = new group_helper(); $gh->set_group_by_entity($group); if ($gh->requires_login()) { $username = reason_require_http_authentication(); if (!$gh->is_username_member_of_group($username)) { $this->_send_unauthorized_output($send_header); die; } } } } } else { $pages = $this->get_sitewide_media_pages($this->site); if (!empty($pages)) { $restricted_pages = array(); $page_group_helpers = array(); foreach ($pages as $page) { if ($groups = $this->get_page_restriction_groups($page, $this->site)) { foreach ($groups as $group) { $gh = new group_helper(); $gh->set_group_by_entity($group); if ($gh->requires_login()) { $restricted_pages[$page->id()] = $page; if (!isset($page_group_helpers[$page->id()])) { $page_group_helpers[$page->id()] = array(); } $page_group_helpers[$page->id()][] = $gh; } } } } if (count($restricted_pages) >= count($pages)) { $username = reason_require_http_authentication(); $access_ok = false; foreach ($restricted_pages as $page) { $is_member = true; foreach ($page_group_helpers[$page->id()] as $gh) { if (!$gh->is_username_member_of_group($username)) { $is_member = false; break; } } if ($is_member) { $access_ok = true; break; } } if (!$access_ok) { $this->_send_unauthorized_output($send_header); die; } } } else { $this->_send_unauthorized_output($send_header); die; } } parent::run($send_header); }
/** * This returns true in all cases except for the case where there is an admin access group and it does not require login */ function admin_requires_login() { if ($group =& $this->_get_group('form_to_authorized_results_group')) { $gh = new group_helper(); $gh->set_group_by_entity($group); return $gh->requires_login(); } return true; }