/**
* Determine whether or not a user has a certain permission on a row
*
* @param object $Model
* @param string $action
* @param mixed $id
* @return boolean
*/
public function hasPermission(&$Model, $action = 'read', $id = null)
{
if ($this->_disabled) {
return true;
}
$user_id = Permissionable::getUserId();
$group_ids = Permissionable::getGroupIds();
$id = empty($id) ? $Model->id : $id;
$this->_unbind($Model);
// if somehow we don't know who the logged-in user is, don't save!
if (!in_array($action, $this->_actions) || empty($id) || empty($user_id) || empty($group_ids)) {
return false;
} elseif (Permissionable::isRoot()) {
return true;
}
$this->_bind($Model);
// do a quick count on the row to see if that permission exists
$alias = $this->getPermissionAlias($Model);
$perm = $Model->{$alias}->find('count', array('conditions' => array("{$alias}.model" => $Model->alias, "{$alias}.foreign_id" => $id, 'or' => $this->_getPermissionQuery($Model, $action))));
return !empty($perm);
}
