/**
*
*/
function check_current_user_access($access_rule)
{
if (xanth_conf_get('debug', FALSE)) {
if (!xAccessRule::exists($access_rule)) {
xanth_log(LOG_LEVEL_DEBUG, 'Access rule "' . $access_rule . '" does not exists', 'User');
}
}
$userid = xUser::get_current_userid();
if ($userid !== NULL) {
//if user has admin role bypass check
$result = xanth_db_query("SELECT * FROM user_to_role WHERE userid = %d AND roleName = '%s'", $userid, 'administrator');
if ($row = xanth_db_fetch_array($result)) {
return TRUE;
}
//select other roles
$result = xanth_db_query("SELECT role_access_rule.access_rule FROM user_to_role,role_access_rule WHERE \r\n\t\t\t\tuser_to_role.userid = %d AND (role_access_rule.roleName = user_to_role.roleName OR role_access_rule.roleName = '%s') \r\n\t\t\t\tAND\trole_access_rule.access_rule = '%s'", $userid, 'authenticated', $access_rule);
} else {
$result = xanth_db_query("SELECT role_access_rule.access_rule FROM role_access_rule WHERE \r\n\t\t\t\trole_access_rule.roleName = '%s' AND role_access_rule.access_rule = '%s'", 'anonymous', $access_rule);
}
if ($row = xanth_db_fetch_array($result)) {
return TRUE;
}
return FALSE;
}
