/**
* Check if the given User has permission to do action on this objects assigned model
*
* @param UserInterface $object
* @param string $action
* @return boolean
*/
public function checkPermission(CanInterface $object, $action)
{
$has_permission = false;
$container_name = $this->getEntity()->getTable();
$row_id = $this->getEntity()->getKey();
$permission_field = new PermissionField();
$permission_field->setContainer($container_name);
$permission_field->setAction($action);
$permission_field->setRow($row_id);
$roles = $this->repository->allByUserId($object->getAuthIdentifier());
foreach ($roles as $role) {
$result = $role->testPermission($permission_field);
if ($result > 0) {
$has_permission = true;
if ($result >= 5) {
break;
}
}
if ($result < 0) {
$has_permission = false;
if ($result <= -5) {
break;
}
}
}
return $has_permission;
}
/**
* Check if the given User has permission to do action on this objects assigned model
*
* @param CanInterface $object
* @param string $action
* @return bool
*/
function checkPermission(CanInterface $object, $action)
{
$permission = false;
if (in_array($action, Config::get('auth::user_actions', []))) {
$permission = $this->getEntity()->getId() == $object->getId();
}
return $permission;
}
/**
* Check if the $object is the same as $entity.
* - If it is: allow everything.
* - If it is not: fall back to role based permissions.
*
* @param CanInterface $object
* @param string $action
* @return bool
*/
public function checkPermission(CanInterface $object, $action)
{
$has_permission = false;
if ($object->getid() == $this->getEntity()->getId()) {
$has_permission = true;
} else {
$has_permission = parent::checkPermission($object, $action);
}
return $has_permission;
}
