public function check($userId, $objectId, $actionId, $parameters = array()) { $user = QubitUser::getById($userId); if (($userId == $this->userId || $user->hasGroup($this->groupId)) && $objectId == $this->objectId && $actionId == $this->actionId && $this->evaluateConditional($parameters)) { return $this->grantDeny; } }
public static function hasPermission($sfUser, array $options = array()) { $qubitUser = QubitUser::getById($sfUser->getUserId()); if (!$qubitUser) { return false; } switch ($options['module']) { case 'informationobject': if ($sfUser->hasCredential(array('administrator', 'editor', 'contributor'), false)) { return true; } else { return false; } case 'actor': if ($sfUser->hasCredential(array('administrator', 'editor', 'contributor'), false)) { return true; } else { return false; } case 'repository': if ($sfUser->hasCredential(array('administrator', 'editor', 'contributor'), false)) { return true; } else { return false; } case 'term': if ($sfUser->hasCredential(array('administrator', 'editor'), false)) { return true; } else { return false; } case 'staticpage': if ($sfUser->hasCredential(array('administrator', 'translator'), false)) { return true; } else { return false; } case 'user': if ($sfUser->hasCredential(array('administrator'), false)) { return true; } else { if ($options['action'] == 'show') { return true; } else { return false; } } } return false; }
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) { // initialize parent parent::initialize($dispatcher, $storage, $options); // On timeout, remove *all* user credentials if ($this->isTimedOut()) { $this->signOut(); return; } if ($this->isAuthenticated()) { $this->user = QubitUser::getById($this->getUserID()); // If this user's account has been *deleted* or this user session is from a // different install of qubit on the same server (cross-site), then signout // user if (null === $this->user) { $this->signOut(); } } }