public function removePermission(Permission $permission) { $DBH = Application::getDatabaseHandler(); $STH = $DBH->prepare('DELETE FROM ' . DBConfig::table(DBConfig::GROUP_PERMISSIONS) . ' WHERE id_g=:idg && id_p=:idp LIMIT 1'); $STH->bindValue(':idp', $permission->getId(), PDO::PARAM_INT); $STH->bindValue(':idg', $this->id, PDO::PARAM_INT); $STH->execute(); }
/** * Do a permission test upon user * * @param array $permissions array of <b>ID</b>'s or <b>label</b>'s of permissions, <b>NOT</b> objects. * @param string $LOGIC (optional) logic to use for test, if there are more then one permissions. Must be one of <b>OR</b>, <b>AND</b> or <b>XOR</b> logic function. If none was selected, default is AND. * @return boolean <b>true</b> if user has needed permission(s), otherwise <b>false</b>. */ public function hasPermission($permissions, $LOGIC = 'AND') { $userPermissions = $this->getPermissions(true, true); // if ROOT return true, override for everything if (in_array(1, $userPermissions)) { return true; } switch (strtoupper($LOGIC)) { case 'OR': $LOGIC = 'OR'; break; case 'AND': $LOGIC = 'AND'; break; default: $LOGIC = 'AND'; break; } $args = $permissions; if (!is_array($args) && (is_string($args) || is_numeric($args))) { $temp = $args; unset($args); $args = array($temp); } foreach ($args as $arg) { if (is_string($arg)) { $p = new Permission($arg); $arg = $p->getId(); } else { $arg = (int) $arg; } // $arg - ID of required permission (int) if ($LOGIC == 'AND') { if (!in_array($arg, $userPermissions)) { return false; } else { continue; } } if ($LOGIC == 'OR') { if (in_array($arg, $userPermissions)) { return true; } else { if ($arg == end($args)) { return false; } else { continue; } } } } return $LOGIC === 'AND' ? true : false; }
/** * Otestovanie aktuálne prihláseného používateľa na oprávnenia * * @param string $location kam presmerovať pri chybe * @param array $permission testované oprávnenie * @param string $logic (optional) logika testovania * @return boolean */ public static function permissionTest($location, $permissions, $logic = 'AND') { if (self::getCurrentUser()->hasPermission($permissions, $logic)) { return true; } else { if ($location == null || $location == false) { return false; } else { $str = ''; foreach ($permissions as $p) { $x = new Permission($p); $str .= $x->getLabel() . '; '; } new Notification('Potrebné oprávnenia: ' . $str, 'warning'); new Notification("Prístup odmietnutý.", "error"); header("Location: " . $location, false, 301); ob_end_clean(); exit; } } }