/** * @param QueryResultInterface $objects * @param string $action * @return array */ protected function filterByAccess(QueryResultInterface $objects, $action = 'read') { $result = array(); foreach ($objects as $forum) { if ($this->authenticationService->checkAuthorization($forum, $action)) { $result[] = $forum; } } return $result; }
/** * Gets all VISIBLE child forums. This function does NOT simply return * all child forums, but performs an access check on each forum, so * that only forums visible to the current user are returned. * * @return ObjectStorage<\Mittwald\Typo3Forum\Domain\Model\Forum\Forum> All visible child forums */ public function getChildren() { if ($this->visibleChildren === NULL) { $this->visibleChildren = new \ArrayObject(); // Note: Use the authentication service instead of performing the // access checks on the domain objects themselves, since the authentication // service caches its results (which should be safe in this case). foreach ($this->children as $child) { if ($this->authenticationService->checkAuthorization($child, 'read')) { $this->visibleChildren->append($child); } } } return $this->visibleChildren; }