63 lines
2.0 KiB
PHP
63 lines
2.0 KiB
PHP
<?php function userPermissions() {
|
|
$user = u();
|
|
if(!is_null($user)) {
|
|
$userLevel = $user->level;
|
|
$userLevelIndex = getLevelIndex($userLevel);
|
|
$userLevelPermissions = db("types")
|
|
->where(function($query) use($userLevelIndex){
|
|
$query->where("read", $userLevelIndex)
|
|
->orWhere("read", "like", "$userLevelIndex,%")
|
|
->orWhere("read", "like", "%,$userLevelIndex")
|
|
->orWhere("read", "like", "%,$userLevelIndex,%");
|
|
})
|
|
->get()
|
|
->pluck("title")
|
|
->join(",");
|
|
|
|
$allPermissions = $userLevelPermissions;
|
|
return @explode(",",$allPermissions);
|
|
}
|
|
|
|
}
|
|
|
|
function isAuth($moduleType, $permissionType="read") {
|
|
$user = u();
|
|
// user no, full control, write, read, modify
|
|
|
|
if(!is_null($user)) {
|
|
// Admin users have full access to everything
|
|
if ($user->level == "Admin") {
|
|
return true;
|
|
}
|
|
|
|
// Use session cache to avoid repeated DB queries
|
|
$cacheKey = "isauth_{$user->id}_{$moduleType}_{$permissionType}";
|
|
|
|
// Check if result is already in session cache
|
|
if (session()->has($cacheKey)) {
|
|
return session($cacheKey);
|
|
}
|
|
|
|
// Not in cache - query database
|
|
$userLevel = $user->level;
|
|
$userLevelIndex = getLevelIndex($userLevel);
|
|
$singlePermission = db("types")->where("slug", $moduleType)
|
|
->where(function($query) use($userLevelIndex, $permissionType){
|
|
$query->orWhere($permissionType, "like", "%,$userLevelIndex,%");
|
|
$query->orWhere($permissionType, "like", "%,$userLevelIndex");
|
|
$query->orWhere($permissionType, "like", "$userLevelIndex,%");
|
|
$query->orWhere($permissionType, $userLevelIndex);
|
|
})
|
|
->first();
|
|
|
|
$result = !is_null($singlePermission);
|
|
|
|
// Store result in session cache for future calls
|
|
session([$cacheKey => $result]);
|
|
|
|
return $result;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
?>
|