Lanmikeman
/
chandler
mirror of https://github.com/openvk/chandler.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
chandler/chandler/Security/Authorization/Permissions.php

62 lines
2.0 KiB
PHP
Raw Blame History

<?php declare(strict_types=1);
namespace Chandler\Security\Authorization;
use Chandler\Database\DatabaseConnection;
use Chandler\Security\User;
class Permissions
{
private $db;
private $user;
private $perms = [];
function __construct(User $user)
{
$this->db = DatabaseConnection::i()->getContext();
$this->user = $user;
$this->init();
}
private function init()
{
$uGroups = $this->user->getRaw()->related("ChandlerACLRelations.user")->order("priority ASC")->select("group");
$groups = array_map(function($j) {
return $j->group;
}, iterator_to_array($uGroups));
$permissionsAllowed = $this->db->table("ChandlerACLGroupsPermissions")->where("group IN (?)", $groups);
$permissionsDenied = iterator_to_array((clone $permissionsAllowed)->where("status", false));
$permissionsDenied = array_merge($permissionsDenied, iterator_to_array($this->db->table("ChandlerACLUsersPermissions")->where("user", $this->user->getId())));
$permissionsAllowed = $permissionsAllowed->where("status", true);
foreach($permissionsAllowed as $perm) {
foreach($permissionsDenied as $denied)
if($denied->model === $perm->model && $denied->context === $perm->context && $denied->permission === $perm->permission)
continue 2;
$pm = new Permission;
$pm->action = $perm->permission;
$pm->model = $perm->model;
$pm->context = $perm->context;
$pm->status = true;
$this->perms[] = $pm;
}
}
function getPermissions(): array
{
return $this->perms;
}
function hasPermission(Permission $pm): bool
{
foreach($this->perms as $perm)
if($perm->model === $pm->model && $perm->context === $pm->context && $perm->action === $pm->action)
return true;
return false;
}
}
Reference in New Issue View Git Blame Copy Permalink