public function getActualRight($moduleName, $rightName)
{
assert('is_string($moduleName)');
assert('is_string($rightName)');
assert('$moduleName != ""');
assert('$rightName != ""');
$identifier = $this->id . $moduleName . $rightName . 'ActualRight';
if (!SECURITY_OPTIMIZED) {
// The slow way will remain here as documentation
// for what the optimized way is doing.
try {
// not using default value to save cpu cycles on requests that follow the first exception.
return RightsCache::getEntry($identifier);
} catch (NotFoundException $e) {
if (Group::getByName(Group::SUPER_ADMINISTRATORS_GROUP_NAME)->contains($this)) {
$actualRight = Right::ALLOW;
} else {
$actualRight = parent::getActualRight($moduleName, $rightName);
}
RightsCache::cacheEntry($identifier, $actualRight);
}
} else {
try {
// not using default value to save cpu cycles on requests that follow the first exception.
return RightsCache::getEntry($identifier);
} catch (NotFoundException $e) {
// Optimizations work on the database,
// anything not saved will not work.
assert('$this->id > 0');
$actualRight = intval(ZurmoDatabaseCompatibilityUtil::callFunction("get_user_actual_right({$this->id}, '{$moduleName}', '{$rightName}')"));
RightsCache::cacheEntry($identifier, $actualRight);
}
}
return $actualRight;
}
public function getActualRight($moduleName, $rightName)
{
assert('is_string($moduleName)');
assert('is_string($rightName)');
assert('$moduleName != ""');
assert('$rightName != ""');
if ($this->isSuperAdministrators) {
return Right::ALLOW;
}
if (!SECURITY_OPTIMIZED) {
return parent::getActualRight($moduleName, $rightName);
} else {
// Optimizations work on the database,
// anything not saved will not work.
assert('$this->id > 0');
return intval(ZurmoDatabaseCompatibilityUtil::callFunction("get_group_actual_right({$this->id}, '{$moduleName}', '{$rightName}')"));
}
}
/**
* Used to cache all rights for a permitable. This can be done by an administrator to cache all user rights
* Then when users login, their rights are cached for improved performance
* @see DevelopmentController function actionRebuildSecurityCache
* @param Permitable $permitable
* @throws NotSupportedException
*/
public static function cacheAllRightsByPermitable(Permitable $permitable)
{
$modules = Module::getModuleObjects();
foreach ($modules as $module) {
if ($module instanceof SecurableModule) {
$moduleClassName = get_class($module);
$rights = $moduleClassName::getRightsNames();
$rightLabels = $moduleClassName::getTranslatedRightsLabels();
if (!empty($rights)) {
foreach ($rights as $right) {
if (!isset($rightLabels[$right])) {
throw new NotSupportedException($right);
}
$permitable->getActualRight($moduleClassName, $right);
}
}
}
}
}
