/**
* Check bean ACLs
* @param string $module
* @param string $action
* @param array $context
*/
protected function beanACL($module, $action, $context)
{
$bean = $context['bean'];
//if we don't implent acls return true
if (!$bean->bean_implements('ACL')) {
return true;
}
if (!empty($context['owner_override'])) {
$is_owner = $context['owner_override'];
} else {
$is_owner = $bean->isOwner($this->getUserID($context));
}
if (isset(self::$action_translate[$action])) {
$action = self::$action_translate[$action];
}
// Some modules (Trackers, TrackerSessions, TrackerPerfs, TrackerQueries) use special acltype
$aclType = 'module';
if (!empty($bean->acltype)) {
$aclType = $bean->acltype;
}
switch ($action) {
case 'import':
case 'list':
return ACLController::checkAccessInternal($module, $action, true, $aclType);
case 'delete':
case 'view':
case 'export':
case 'massupdate':
return ACLController::checkAccessInternal($module, $action, $is_owner, $aclType);
case 'edit':
if (!isset($context['owner_override']) && !empty($bean->id)) {
if (!empty($bean->fetched_row) && !empty($bean->fetched_row['id']) && !empty($bean->fetched_row['assigned_user_id']) && !empty($bean->fetched_row['created_by'])) {
$temp = BeanFactory::newBean($bean->module_dir);
$temp->populateFromRow($bean->fetched_row);
} else {
if ($bean->new_with_id) {
$is_owner = true;
} else {
$temp = BeanFactory::getBean($bean->module_dir, $bean->id);
}
}
if (!empty($temp)) {
$is_owner = $temp->isOwner($this->getUserID($context));
unset($temp);
}
}
case 'popupeditview':
case 'editview':
return ACLController::checkAccessInternal($module, 'edit', $is_owner, $aclType);
}
//if it is not one of the above views then it should be implemented on the page level
return true;
}
