public function getEffectivePermissions($permitable = null)
{
assert('$permitable === null || $permitable instanceof Permitable');
if ($permitable === null) {
$permitable = Yii::app()->user->userModel;
if (!$permitable instanceof User) {
throw new NoCurrentUserSecurityException();
}
}
if (Permission::ALL == $this->resolveEffectivePermissionsForOwnerAndCreatedByUser($permitable)) {
return Permission::ALL;
} else {
return parent::getEffectivePermissions($permitable);
}
}
public function getEffectivePermissions($permitable = null)
{
assert('$permitable === null || $permitable instanceof Permitable');
if ($permitable === null) {
$permitable = Yii::app()->user->userModel;
if (!$permitable instanceof User) {
throw new NoCurrentUserSecurityException();
}
}
$owner = $this->unrestrictedGet('owner');
$createdByUser = $this->unrestrictedGet('createdByUser');
# If an owned securable item doesn't yet have an owner
# then whoever is creating it has full access to it. If they
# save it with the owner being someone else they are giving
# it away and potentially lose access to it.
if ($owner->id < 0 || $owner->isSame($permitable)) {
return Permission::ALL;
} elseif ($this->id < 0 && ($createdByUser->id > 0 && $createdByUser->isSame($permitable) || $createdByUser->id < 0) || $this->treatCurrentUserAsOwnerForPermissions) {
return Permission::ALL;
} else {
return parent::getEffectivePermissions($permitable);
}
}
