/** * @param File $file * @param string $priviledge * * @return bool */ protected function checkPermissions($file, $priviledge) { if (isset($this->user)) { // check if current user is owner of the file if ($file->getOwner() == $this->user->getUname()) { return true; } } foreach ($file->getPermissions() as $permission) { if ($permission->priviledge != $priviledge) { // provided priviledge is not requested continue; } if ($permission->context == Security_Permission::CONTEXT_ALL) { // provided priviledge applies to everyone return true; } if (!isset($this->user)) { // no user is set, can't check for user / group permissions continue; } if ($permission->context == Security_Permission::CONTEXT_USER && $permission->subject == $this->user->getUname()) { // permission is explicitly granted for this user return true; } if ($permission->context == Security_Permission::CONTEXT_GROUP && in_array($permission->subject, $this->user->getGroups())) { // permission is granted for all users in group return true; } } return false; }
/** * @param string $path * * @param module\User $owner * * @return File */ public function createFile($path, User $owner) { $document = new \stdClass(); $document->_id = 'stack:/' . $path; $document->permissions = []; $document->owner = $owner->getUname(); $file = new File($document, new Module_Default(new \stdClass())); $this->storeFile($file); return $file; }