/** * Checks if user has a partciular capability * * @param string $cap * @param integer $siteId only needed if capability requires site access. you need to pass site_id (not id) field * @return boolean */ function isCapable($cap, $siteId = null) { owa_coreAPI::debug("Checking if user is capable of: " . $cap); // is this capability assigned to everyone? // is this the global admin user? // was no capability passed? // if so, the user can see and do everything if (owa_coreAPI::isEveryoneCapable($cap) || $this->user->isAdmin() || empty($cap)) { owa_coreAPI::debug('No capability passed or user is an admin and capable of everything.'); return true; } // is this user's role capable? if (!in_array($cap, $this->capabilities)) { owa_coreAPI::debug('capability does not exist for this role. user is not capable'); return false; } // Does capability also require site access? if ($this->isSiteAccessRequiredForCapability($cap)) { owa_coreAPI::debug('Site access required for this capability.'); if (!$this->isSiteAccessible($siteId)) { owa_coreAPI::debug('Site is not accessible for this user.'); return false; } else { owa_coreAPI::debug('Site is accessible for this user.'); } } return true; }
protected function isEveryoneCapable($capability) { return owa_coreAPI::isEveryoneCapable($capability); }