/** * @param int $userId * @return mixed */ public function isAuthorized( $userId ) { global $_PLUGINS; static $cache = array(); $id = (int) $this->get( 'id' ); $owner = (int) $this->get( 'user_id' ); $userId = (int) $userId; if ( ! isset( $cache[$userId][$id] ) ) { $rules = explode( '|*|', $this->get( 'rule' ) ); $cache[$userId][$id] = false; $_PLUGINS->trigger( 'privacy_onBeforeIsAuthorized', array( &$cache[$userId][$id], $rules, $userId, $this ) ); if ( empty( $rules ) || in_array( '0', $rules ) || ( $userId == $owner ) ) { $cache[$userId][$id] = true; } elseif ( in_array( '1', $rules ) ) { if ( $userId > 0 ) { $cache[$userId][$id] = true; } } elseif ( in_array( '99', $rules ) ) { $cache[$userId][$id] = false; } else { $types = array(); foreach ( $rules as $rule ) { if ( substr( $rule, 0, 5 ) == 'CONN-' ) { $types[] = str_replace( 'CONN-', '', $rule ); } } $access = array(); foreach ( $rules as $rule ) { if ( substr( $rule, 0, 7 ) == 'ACCESS-' ) { $access[] = str_replace( 'ACCESS-', '', $rule ); } } $groups = array(); foreach ( $rules as $rule ) { if ( substr( $rule, 0, 6 ) == 'GROUP-' ) { $groups[] = str_replace( 'GROUP-', '', $rule ); } } if ( ( $cache[$userId][$id] == false ) && ( in_array( '2', $rules ) || $types ) ) { static $connections = array(); if ( ! isset( $connections[$userId][$owner] ) ) { $cbConnection = new cbConnection( $userId ); $connections[$userId][$owner] = $cbConnection->getConnectionDetails( $owner, $userId ); } $connection = $connections[$userId][$owner]; if ( $connection && ( $connection->accepted == 1 ) && ( $connection->pending == 0 ) ) { if ( in_array( '2', $rules ) ) { $cache[$userId][$id] = true; } else { if ( $connection->type ) { $connTypes = explode( '|*|', $connection->type ); foreach ( $connTypes as $connType ) { if ( in_array( trim( htmlspecialchars( $connType ) ), $types ) ) { $cache[$userId][$id] = true; } } } } } } if ( ( $cache[$userId][$id] == false ) && in_array( '3', $rules ) ) { static $subConnections = array(); if ( ! isset( $subConnections[$userId][$owner] ) ) { $cbConnection = new cbConnection( $userId ); $subConnections[$userId][$owner] = $cbConnection->getDegreeOfSepPathArray( $owner, $userId, 1, 2 ); } if ( ! empty( $subConnections[$userId][$owner] ) ) { $cache[$userId][$id] = true; } } if ( ( $cache[$userId][$id] == false ) && $access ) { static $accessLevels = array(); if ( ! isset( $accessLevels[$userId] ) ) { $accessLevels[$userId] = Application::User( $userId )->getAuthorisedViewLevels(); } $usersAccess = $accessLevels[$userId]; foreach ( $access as $accessLevel ) { if ( ( $cache[$userId][$id] == false ) && in_array( $accessLevel, $usersAccess ) ) { $cache[$userId][$id] = true; } } } if ( ( $cache[$userId][$id] == false ) && $groups ) { static $userGroups = array(); if ( ! isset( $userGroups[$userId] ) ) { $userGroups[$userId] = Application::User( $userId )->getAuthorisedGroups(); } $usersGroups = $userGroups[$userId]; foreach ( $groups as $group ) { if ( ( $cache[$userId][$id] == false ) && in_array( $group, $usersGroups ) ) { $cache[$userId][$id] = true; } } } } $_PLUGINS->trigger( 'privacy_onAfterIsAuthorized', array( &$cache[$userId][$id], $rules, $userId, $this ) ); } return $cache[$userId][$id]; }