Coding standards
Security in ResourceSpace
Developer reference
Database
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
Comment functions
Config functions
CSV export functions
Dash functions
Debug functions
Encryption functions
Facial recognition functions
File functions
General functions
Language functions
Log functions
Login functions
Message functions
Migration functions
Node functions
PDF functions
Plugin functions
Render functions
Reporting functions
Request functions
Research functions
Slideshow functions
Theme permission functions
User functions
Video functions
Database functions
Metadata functions
Resource functions
Search functions
Map functions
Job functions
Tab functions
Test functions

compute_featured_collections_access_control()

Description

Compute the featured collections allowed based on current access control

TRUE if user has access to all featured collections. If some access control is in place, then the
return will be an array with all the allowed featured collections

Parameters

This function accepts no parameters.

Return

boolean|array Returns FALSE if user should not see any featured collections (usually means misconfiguration) -or-

Location

include/collections_functions.php lines 6285 to 6376

Definition

 
function compute_featured_collections_access_control()
    {
    global $CACHE_FC_ACCESS_CONTROL$userpermissions;
    if(!is_null($CACHE_FC_ACCESS_CONTROL))
        {
        return $CACHE_FC_ACCESS_CONTROL;
        }

    $all_fcs ps_query("SELECT ref, parent FROM collection WHERE `type` = ?", ['i'COLLECTION_TYPE_FEATURED], "featured_collections");
    $all_fcs_rp reshape_array_by_value_keys($all_fcs'ref''parent');
    // Set up arrays to store permitted/blocked featured collections
    $includerefs = array();
    $excluderefs = array();
    if(checkperm("j*"))
        {
        // Check for -jX permissions.
        foreach($userpermissions as $userpermission)
            {
            if(substr($userpermission,0,2) == "-j")
                {
                $fcid substr($userpermission,2);
                if(is_int_loose($fcid))
                    {
                    // Collection access has been explicitly denied
                    $excluderefs[] = $fcid;
                    // Also deny access to child collections.
                    $excluderefs array_merge($excluderefs,array_keys($all_fcs_rp,$fcid));
                    }                
                }
            }
        if(count($excluderefs) == 0)
            {
            return true;
            }
        }
    else
        {
        // No access to all, check for j{field} permissions that open up access
        foreach($userpermissions as $userpermission)
            {
            if(substr($userpermission,0,1) == "j")
                {
                $fcid substr($userpermission,1);
                if(is_int_loose($fcid))
                    {
                    $includerefs[] = $fcid;
                    // Add children of this collection unless a -j permission has been added below it
                    $children array_keys($all_fcs_rp,$fcid);
                    $queue = new SplQueue();
                    $queue->setIteratorMode(SplQueue::IT_MODE_DELETE);
                    foreach($children as $child_fc)
                        {
                        $queue->enqueue($child_fc);
                        }
                
                    while(!$queue->isEmpty())
                        {
                        $checkfc $queue->dequeue();
                        if(!checkperm("-j" $checkfc))
                            {
                            $includerefs[] = $checkfc;
                            // Also add children of this collection to queue to check
                            $fcs_sub array_keys($all_fcs_rp,$checkfc);
                            foreach($fcs_sub as $fc_sub)
                                {
                                $queue->enqueue($fc_sub);
                                }
                            }
                        }
                    }
                }
            }
        
        if(count($includerefs) == 0)
            {
            // Misconfiguration - user can only see specific FCs but none have been selected
            return false;
            }
        }

    $return = array();
    foreach($all_fcs_rp as $fc => $fcp)
        {
        if((in_array($fc$includerefs) || checkperm("j*")) && !in_array($fc,$excluderefs))
            {
            $return[] = $fc;
            }
        }
        
    $CACHE_FC_ACCESS_CONTROL $return;
    return $return;
    }

This article was last updated 17th November 2024 15:05 Europe/London time based on the source file dated 13th November 2024 15:50 Europe/London time.