/** * rule checks if user is allowed to run action * * @param Event\GenerateEvent $objEvent * @param array $arrConfig option data row of operation buttons * - table string optional if want to check for another table * - closed bool optional if want to check if table is closed * - ptable string optional if want to check isAllowed for another table than data from $arrRow * - property string optional column of current row for WHERE id=? statement, default pid * - where string optional customized where, default id=? * - value string optional value if not want to check against a value of arrRow, default $arrRow[$pid] * - operation int operation integer for BackendUser::isAllowed * @param bool $blnStop if true event will be stopped * * @return bool true if rule is passed */ public static function isAllowed(Event\GenerateEvent $objEvent, array $arrConfig = array(), $blnStop = true) { $strTable = isset($arrConfig['table']) ? $arrConfig['table'] : $objEvent->getModel()->getProviderName(); if (!isset($arrConfig['closed']) || !$GLOBALS['TL_DCA'][$strTable]['config']['closed']) { if (Permissions::isAdmin() || Permissions::isAllowed($objEvent->getModel(), $arrConfig)) { return true; } if ($blnStop) { $objEvent->stopPropagation(); } } return false; }
/** * @param CheckPermissionEvent $objEvent * @param array $arrConfig * @param bool $blnStop * * @return bool|void */ public static function isAllowed(CheckPermissionEvent $objEvent, array $arrConfig = array(), $blnStop = true) { if (static::hasGenericPermission($objEvent, $arrConfig)) { if (!isset($arrConfig['value'])) { $arrConfig['value'] = \Input::get('id'); } if (Permissions::isAllowed($objEvent->getModel(), $arrConfig)) { return true; } if ($blnStop) { $objEvent->denyAccess(); } } return false; }