Coding standards
Security in ResourceSpace
Developer reference
Database
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
Comment functions
Config functions
CSV export functions
Dash functions
Debug functions
Encryption functions
Facial recognition functions
File functions
General functions
Language functions
Log functions
Login functions
Message functions
Migration functions
Node functions
PDF functions
Plugin functions
Render functions
Reporting functions
Request functions
Research functions
Slideshow functions
Theme permission functions
User functions
Video functions
Database functions
Metadata functions
Resource functions
Search functions
Map functions
Job functions
Tab functions
Test functions

compute_featured_collections_acess_control()

Description

Compute the featured collections allowed based on current access control

TRUE if user has access to all featured collections. If some access control is in place, then the
return will be an array with all the allowed featured collections

Parameters

This function accepts no parameters.

Return

boolean|array Returns FALSE if user should not see any featured collections (usually means misconfiguration) -or-

Location

include/collections_functions.php lines 5016 to 5112

Definition

 
function compute_featured_collections_acess_control()
    {
    global 
$CACHE_FC_ACCESS_CONTROL;
    if(!
is_null($CACHE_FC_ACCESS_CONTROL))
        {
        return 
$CACHE_FC_ACCESS_CONTROL;
        }

    
$all_fcs sql_query(sprintf("SELECT ref, parent FROM collection WHERE `type` = %s"COLLECTION_TYPE_FEATURED), "featured_collections");
    
$all_fcs reshape_array_by_value_keys($all_fcs'ref''parent');
    
$root_fcs array_filter($all_fcs, function($v) { return $v == 0; });

    
$fcs_allowed = array();
    
$fcs_not_allowed = array();

    if(!
checkperm("j*"))
        {
        
$fc_root_allowed_refs array_filter($root_fcs'permission_j'ARRAY_FILTER_USE_KEY);
        if(empty(
$fc_root_allowed_refs))
            {
            
// Misconfiguration - user can only see specific FCs but none have been selected
            
return false;
            }

        
$root_fcs $fc_root_allowed_refs;
        }

    
// BFS traverse the tree to establish what FCs are allowed
    
$queue = new SplQueue();
    
$queue->setIteratorMode(SplQueue::IT_MODE_DELETE);
    foreach(
array_keys($root_fcs) as $root_fc_ref)
        {
        
$queue->enqueue($root_fc_ref);
        }

    while(!
$queue->isEmpty())
        {
        
$fc $queue->dequeue();

        
$fc_parent = ($all_fcs[$fc] > $all_fcs[$fc] : 0);
        
$fc_children array_keys($all_fcs$fc);
        
$fcs_allowed_flipped array_flip($fcs_allowed);
        
$fcs_not_allowed_flipped array_flip($fcs_not_allowed);
        
$is_fc_allowed false;

        
// Has the node itself OR its parent been marked as no access already? Mark all nodes' children the same
        
if(isset($fcs_not_allowed_flipped[$fc]) || isset($fcs_not_allowed_flipped[$fc_parent]))
            {
            
$fc_not_allowed_refs $fc_children;
            }
        
// Filter out featured collections explicitly forbidden
        
else if(permission_negative_j($fc))
            {
            
$fcs_not_allowed[] = $fc;
            
$fc_not_allowed_refs $fc_children;
            }
        else if(
$fc_parent && permission_negative_j($fc_parent))
            {
            
// Filter out featured collections where the parent has been explicitly forbidden
            
$fcs_not_allowed[] = $fc_parent;
            
$fc_not_allowed_refs $fc_children;
            }
        else
            {
            
$is_fc_allowed true;
            
$fc_not_allowed_refs array_filter($fc_children'permission_negative_j');
            }

        if(
$is_fc_allowed && !isset($fcs_allowed_flipped[$fc]))
            {
            
$fcs_allowed[] = $fc;
            }

        
$fcs_allowed array_merge($fcs_allowedarray_diff($fc_children$fc_not_allowed_refs));
        
$fcs_not_allowed array_merge($fcs_not_allowed$fc_not_allowed_refs);

        foreach(
$fc_children as $fc_child_ref)
            {
            
$queue->enqueue($fc_child_ref);
            }
        }

    
$count_all_fcs count($all_fcs);
    if(
$count_all_fcs === count($fcs_allowed))
        {
        
// No access control needed! User should see all featured collections
        
$return true;
        }
    else
        {
        
$return $fcs_allowed;
        }

    
$CACHE_FC_ACCESS_CONTROL $return;

    return 
$return;
    }

This article was last updated 30th November 2020 16:35 Europe/London time based on the source file dated 25th November 2020 10:35 Europe/London time.