/** * Determines if the database is searchable by user * * @return boolean */ public function isSearchableByUser(User $user) { $allowed = ""; if ($this->searchable != 1) { $allowed = false; //nobody can search it! } elseif ($this->guest_access != "") { $allowed = true; //anyone can search it! } elseif (count($this->group_restrictions) > 0) { // user has to be authenticated, and in a group that is included in the restrictions, // or in an ip address associated with a restricted group. // @todo: setup user groups in user object $allowed = $user->isAuthenticated() && array_intersect($user->getUserGroups(), $this->group_restrictions); if (!$allowed) { // not by virtue of a login, but now check for ip address $ranges = array(); foreach ($this->group_restrictions as $group) { $ranges[] = $this->config()->getGroupLocalIpRanges($group); // @todo: move this to registry? } $allowed = $user->isInLocalIpRange(); } } else { // ordinary generally restricted resource. they need to be // an authenticated user, or in the local ip range. if ($user->isAuthenticated() || $user->isInLocalIpRange()) { $allowed = true; } } return $allowed; }