/** * Return a list of privileges assigned directly to the group. The default implementation * queries the GUID directly using the get_self_privileges method of the * midcom_core_privilege class, which should work fine on all MgdSchema * objects. If the storage object is null, an empty array is returned. * * @return array A list of midcom_core_privilege objects. */ function get_privileges() { if (is_null($this->_storage)) { return array(); } return midcom_core_privilege::get_self_privileges($this->_storage->guid); }
/** * Load the privileges from the database. * * This uses the inheritance chains * loaded by _load_all_groups(). */ private function _load_privileges() { static $cache = array(); if (!array_key_exists($this->id, $cache)) { debug_add("Loading privileges for user {$this->name} ({$this->id})"); if (is_null($this->_all_groups)) { $this->_load_all_groups(); } $this->_privileges = array(); $this->_per_class_privileges = array(); foreach ($this->_inheritance_chains as $inheritance_chain) { // Compute permissions based on this group line. foreach ($inheritance_chain as $group_id) { $this->_merge_privileges($this->_all_groups[$group_id]->get_privileges()); } } // Finally, apply our own privilege set to the one we got from the group $this->_merge_privileges(midcom_core_privilege::get_self_privileges($this->guid)); $cache[$this->id]['direct'] = $this->_privileges; $cache[$this->id]['class'] = $this->_per_class_privileges; } else { $this->_privileges = $cache[$this->id]['direct']; $this->_per_class_privileges = $cache[$this->id]['class']; } }