public function checkPermission($metaUser)
{
if (!$this->active) {
return false;
}
$restrictions = $this->getRestrictionsArray();
return aecRestrictionHelper::checkRestriction($restrictions, $metaUser);
}
public function actionRestrictionCheck()
{
$this->response->result = false;
if (!empty($this->request->details->plan)) {
$plan = new SubscriptionPlan();
$plan->load($this->request->details->plan);
if ($plan->id != $this->request->details->plan) {
$this->error = 'could not find plan to check restrictions for';
return;
}
$restrictions = $plan->getRestrictionsArray();
if (aecRestrictionHelper::checkRestriction($restrictions, $this->metaUser) !== false) {
if (!ItemGroupHandler::checkParentRestrictions($plan, 'item', $this->metaUser)) {
$this->error = 'user is denied permission - plans parent group is restricted from this user';
}
} else {
$this->error = 'user is denied permission - plan is restricted from this user';
}
unset($this->request->details->plan);
}
if (!empty($this->request->details->group)) {
$group = new ItemGroup();
$group->load($this->request->details->group);
if ($group->id != $this->request->details->group) {
$this->error = 'could not find group to check restrictions for';
return;
}
$restrictions = $group->getRestrictionsArray();
if (aecRestrictionHelper::checkRestriction($restrictions, $this->metaUser) !== false) {
if (!ItemGroupHandler::checkParentRestrictions($group, 'group', $this->metaUser)) {
$this->error = 'user is denied permission - groups parent group is restricted from this user';
}
} else {
$this->error = 'user is denied permission - group is restricted from this user';
}
unset($this->request->details->group);
}
if (!empty($this->request->details)) {
$re = get_object_vars($this->request->details);
$restrictions = aecRestrictionHelper::getRestrictionsArray($re);
if (aecRestrictionHelper::checkRestriction($restrictions, $this->metaUser) === false) {
$this->error = 'user is denied permission - at least one restriction result was negative';
}
}
if (empty($this->error)) {
$this->response->result = true;
}
}
public function verifyUsage()
{
if (empty($this->usage)) {
return null;
}
$this->loadMetaUser();
$plan = new SubscriptionPlan();
$plan->load($this->usage);
$restrictions = $plan->getRestrictionsArray();
if (!aecRestrictionHelper::checkRestriction($restrictions, $this->metaUser)) {
return getView('access_denied');
}
if (!ItemGroupHandler::checkParentRestrictions($plan, 'item', $this->metaUser)) {
return getView('access_denied');
}
return true;
}
public function checkPermission($metaUser, $invoice)
{
$permission = true;
if (!empty($this->restrictions['has_restrictions'])) {
if (is_object($invoice)) {
if (!empty($invoice->params['stickyMIpermissions'][$this->id])) {
return true;
}
}
$restrictions = $this->getRestrictionsArray();
$permission = aecRestrictionHelper::checkRestriction($restrictions, $metaUser);
if (!empty($this->restrictions['sticky_permissions']) && is_object($invoice) && $permission) {
if (is_a($invoice, 'Invoice')) {
if (empty($invoice->params['stickyMIpermissions'])) {
$invoice->params['stickyMIpermissions'] = array();
}
$invoice->params['stickyMIpermissions'][$this->id] = $permission;
if ($invoice->id) {
$invoice->storeload();
}
}
}
return $permission;
} else {
return true;
}
}
public function checkAuthorized($metaUser)
{
if (!empty($this->params['fixed_redirect'])) {
return $this->params['fixed_redirect'];
}
$authorized = $this->checkInventory();
if ($authorized) {
$restrictions = $this->getRestrictionsArray();
if (aecRestrictionHelper::checkRestriction($restrictions, $metaUser) !== false) {
if (!ItemGroupHandler::checkParentRestrictions($this, 'item', $metaUser)) {
$authorized = false;
}
} else {
$authorized = false;
}
}
if (!$authorized && !empty($this->params['notauth_redirect'])) {
return $this->params['notauth_redirect'];
}
return $authorized;
}
