/** * Given a User and a UserStatus resolve the removal or addition of explicit deny rights for login. * @param User $user * @param UserStatus $userStatus */ public static function resolveUserStatus(User $user, UserStatus $userStatus) { assert('$user->id > 0'); if ($userStatus->isActive()) { if (Right::DENY == $user->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB) || Right::DENY == $user->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_MOBILE) || Right::DENY == $user->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)) { self::removeExplicitDenyRights($user); } } else { if (Right::DENY != $user->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB) || Right::DENY != $user->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_MOBILE) || Right::DENY != $user->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)) { self::setExplicitDenyRights($user); } } }