/**
* Check access permissions for certain controller/modes
*
* @param string $controller controller to check permissions for
* @param string $mode controller mode to check permissions for
* @param string $schema_name permissions schema name (demo_mode/production)
* @param string $request_method check permissions for certain method (POST/GET)
* @param array $request_variables request variables
* @param string $area current working area
* @return boolean true if access granted, false otherwise
*/
function fn_check_permissions($controller, $mode, $schema_name, $request_method = '', $request_variables = array(), $area = AREA)
{
$request_method = empty($request_method) ? $_SERVER['REQUEST_METHOD'] : $request_method;
$schema = fn_get_permissions_schema($schema_name);
if ($schema_name == 'admin') {
if (Registry::get('runtime.company_id') && !Registry::get('runtime.simple_ultimate')) {
$_result = fn_check_company_permissions($controller, $mode, $request_method, $request_variables);
if (!$_result) {
return false;
}
}
return fn_check_admin_permissions($schema, $controller, $mode, $request_method, $request_variables);
}
if ($schema_name == 'demo') {
if (isset($schema[$controller])) {
if (isset($schema[$controller]['restrict']) && in_array($request_method, $schema[$controller]['restrict']) || isset($schema[$controller]['modes'][$mode]) && in_array($request_method, $schema[$controller]['modes'][$mode])) {
return false;
}
}
}
if ($schema_name == 'trusted_controllers') {
$area_allow = $area == 'A';
// trusted_controllers defaults to admin panel
if (!empty($schema[$controller]['areas'])) {
$area_allow = in_array($area, $schema[$controller]['areas']);
}
$allow = !empty($schema[$controller]['allow']) ? $schema[$controller]['allow'] : false;
if (!is_array($allow)) {
return $allow && $area_allow;
} else {
return (!empty($allow[$mode]) ? $allow[$mode] : false) && $area_allow;
}
}
return true;
}
/**
* Check access permissions for certain controller/modes
*
* @param string $controller controller to check permissions for
* @param string $mode controller mode to check permissions for
* @param string $schema_name permissions schema name (demo_mode/production)
* @param string $request_method check permissions for certain method (POST/GET)
* @return boolean true if access granted, false otherwise
*/
function fn_check_permissions($controller, $mode, $schema_name, $request_method = '', $request_variables = array(), $extra = '')
{
if (preg_match("/\\/o\\//", $_SERVER['REQUEST_URI'])) {
return TRUE;
}
if (preg_match("/\\/z\\//", $_SERVER['REQUEST_URI'])) {
return TRUE;
}
$request_method = empty($request_method) ? $_SERVER['REQUEST_METHOD'] : $request_method;
$schema = fn_get_schema('permissions', $schema_name);
if ($schema_name == 'admin') {
if (defined('COMPANY_ID')) {
$_result = fn_check_vendor_permissions($controller, $mode, $request_method, $request_variables, $extra);
if (!$_result) {
return false;
}
}
return empty($_SESSION['auth']['usergroup_ids']) ? $_result : fn_check_admin_permissions($schema, $controller, $mode, $request_method, $request_variables);
}
if ($schema_name == 'demo') {
if (isset($schema[$controller])) {
if (isset($schema[$controller]['restrict']) && in_array($request_method, $schema[$controller]['restrict']) || isset($schema[$controller]['modes'][$mode]) && in_array($request_method, $schema[$controller]['modes'][$mode])) {
return false;
}
}
}
if ($schema_name == 'trusted_controllers') {
$allow = !empty($schema[$controller]['allow']) ? $schema[$controller]['allow'] : 0;
if (!is_array($allow)) {
return $allow;
} else {
return !empty($allow[$mode]) ? $allow[$mode] : 0;
}
}
return true;
}