/** * @param $policyPattern * @param bool $isExternalCall * @return bool */ protected static function isAccessible($policyPattern, $isExternalCall = false) { if (empty($policyPattern)) { return false; } $isExternalCall = (bool) $isExternalCall; $policy = self::parseGpPolicy($policyPattern); if (count($policy) === 0) { return false; } $checkAccessModifier = function ($accessModifier) use($isExternalCall) { if ($accessModifier === 'a') { return true; } else { if ($isExternalCall === true && $accessModifier === 'e') { return true; } elseif ($isExternalCall === false && $accessModifier === 'i') { return true; } else { return false; } } }; $allowedForAll = false; if (array_key_exists('ALL', $policy)) { $allowedForAll = $checkAccessModifier($policy['ALL']); } $user = new UserAuth(); if ($user->isUserLoggedInSimple()) { $gpId = $user->getGroup(); if ($user->isAdmin()) { return true; } $allowedForUser = false; if (array_key_exists($gpId, $policy)) { $allowedForUser = $checkAccessModifier($policy[$gpId]); } return $allowedForUser || $allowedForAll; } else { return $allowedForAll; } }