/**
* @param $policyPattern
* @param bool $isExternalCall
* @return bool
*/
protected static function isAccessible($policyPattern, $isExternalCall = false)
{
if (empty($policyPattern)) {
return false;
}
$isExternalCall = (bool) $isExternalCall;
$policy = self::parseGpPolicy($policyPattern);
if (count($policy) === 0) {
return false;
}
$checkAccessModifier = function ($accessModifier) use($isExternalCall) {
if ($accessModifier === 'a') {
return true;
} else {
if ($isExternalCall === true && $accessModifier === 'e') {
return true;
} elseif ($isExternalCall === false && $accessModifier === 'i') {
return true;
} else {
return false;
}
}
};
$allowedForAll = false;
if (array_key_exists('ALL', $policy)) {
$allowedForAll = $checkAccessModifier($policy['ALL']);
}
$user = new UserAuth();
if ($user->isUserLoggedInSimple()) {
$gpId = $user->getGroup();
if ($user->isAdmin()) {
return true;
}
$allowedForUser = false;
if (array_key_exists($gpId, $policy)) {
$allowedForUser = $checkAccessModifier($policy[$gpId]);
}
return $allowedForUser || $allowedForAll;
} else {
return $allowedForAll;
}
}
