public static function check($url = \GOTEO_REQUEST_URI, $user = null, $node = \GOTEO_NODE) { $url = static::fixURL($url); if (is_null($user)) { if (!User::isLogged()) { // @FIXME: Ajuste para permitir un perfil público sin usuario registrado. // (Es provisional hasta que se decida lo contrario) $user = new User(); $user->id = '*'; $user->roles = array((object) array('id' => 'public', 'name' => 'Perfil público')); $id = $user->id; } else { $user = $_SESSION['user']; $id = $user->id; } } elseif ($user instanceof User) { $id = $user->id; } else { if ($user = Model\User::get($user)) { $id = $user->id; } } $roles = $user->roles; array_walk($roles, function (&$role) { $role = $role->id; }); $query = Model::query("\r\n SELECT\r\n acl.allow\r\n FROM acl\r\n WHERE (:node LIKE REPLACE(acl.node_id, '*', '%'))\r\n AND (:roles REGEXP REPLACE(acl.role_id, '*', '.'))\r\n AND (:user LIKE REPLACE(acl.user_id, '*', '%'))\r\n AND (:url LIKE REPLACE(acl.url, '*', '%'))\r\n ORDER BY acl.id DESC\r\n LIMIT 1\r\n ", array(':node' => $node, ':roles' => implode(', ', $roles), ':user' => $id, ':url' => $url)); return (bool) $query->fetchColumn(); }