/** * Determines if the current user may write in a certain board. * @param mixed $forum The board identifier. This may either be a board UID pointing to * a record in the tx_mmforum_forums table or an associative array * already containing this record. * @return boolean TRUE, if the user that is currently logged in may write in the * specified board, otherwise FALSE. * @author Martin Helmich <*****@*****.**> */ function getMayWrite_forum($forum) { $userId = $this->getUserID(); // If no user is logged in, return FALSE at once. if (!$userId) { return false; } // If the $forum parameter is no array, treat the parameter as forum UID instead if (!is_array($forum)) { // Parse to int for security reasons $forum = intval($forum); // Search for result in cache. In case of a hit, return the result at once. $cacheRes = $this->cache->restore('getMayWrite_forum_' . $userId . '_' . $forum); if ($cacheRes !== null) { return $cacheRes; } // Otherwise load the complete board record. $forum = $this->getBoardData($forum); } /* If this has not been done already, look into the cache now * and return the result in the case of a hit. */ if (!isset($cacheRes)) { $cacheRes = $this->cache->restore('getMayWrite_forum_' . $userId . '_' . $forum['uid']); if ($cacheRes !== null) { return $cacheRes; } } /* If the current user has moderation or even administration * access to this board, just return TRUE in any case. */ if ($this->getIsModOrAdmin($forum['uid'])) { return true; } // If the forum has got a parent category, check the access rights for this category, too. if ($forum['parentID']) { if (!$this->getMayWrite_forum($forum['parentID'])) { return false; } } // Load all groups that have write access to this forum $authWrite = tx_mmforum_tools::getParentUserGroups($forum['grouprights_write']); /* If no groups with write access have been specified, everyone * can write, so just return true. */ $authWrite = GeneralUtility::intExplode(',', $authWrite); $authWrite = $this->tools->processArray_numeric($authWrite); if (count($authWrite) == 0) { $this->cache->save('getMayWrite_forum_' . $userId . '_' . $forum['uid'], true); return true; } // Load current user's groups $groups = $GLOBALS['TSFE']->fe_user->groupData['uid']; $groups = tx_mmforum_tools::processArray_numeric($groups); /* Check if the user is in the base user group. If this is not the * case, the user is not allowed to write anywhere. */ if (!in_array($this->getBaseUserGroup(), $groups)) { $this->cache->save("getMayWrite_forum_{$userId}_{$forum['uid']}", false); return false; } /* Determine the intersection between the user's groups and the groups * with write access. If the intersect count is bigger than 0, this means * that the user is in at least one group that has write access, so * return TRUE in this case. */ $intersect = array_intersect($authWrite, $groups); $result = count($intersect) > 0; // Write result to cache and return $this->cache->save('getMayWrite_forum_' . $userId . '_' . $forum['uid'], $result); return $result; }
/** * * Checks if the user that is currently logged in has access to a specific area * of the frontend administration module. * These ACLs can be configured using the TS property * "tx_mmforum_pi1.feAdmin.acl" * * @param String $group The type of element that is edited. This may be either * "forum" or "category". * @param String $action The action that is to be performed (create, edit, * remove, order, ...) * @return Boolean TRUE, if the action is allowed, otherwise FALSE. */ function checkActionAllowance($group, $action) { $aclList = $this->conf['acl.']["{$group}."][$action]; if ($aclList == 'all') { return TRUE; } if ($aclList == '' || $aclList == 'none') { return FALSE; } $authGroups = array_filter(explode(',', tx_mmforum_tools::getParentUserGroups($aclList)), 'intval'); $groups = $GLOBALS['TSFE']->fe_user->groupData['uid']; return count(array_intersect($authGroups, $groups)) > 0; }