JAccess/check
From Joomla! Documentation
< JAccess
Contents |
Description
Method to check if a user is authorised to perform an action, optionally on an asset.
Syntax
static JAccess::check($userId, $action, $asset=null)
| Parameter Name | Default Value | Description |
|---|---|---|
| $userId | Id of the user for which to check authorisation. | |
| $action | The name of the action to authorise. | |
| $asset | null | Integer asset id or the name of the asset as a string. Defaults to the global asset node. |
Returns
boolean True if authorised.
Defined in
libraries/joomla/access/access.php
Importing
jimport( 'joomla.access.access' );
Source Body
public static function check($userId, $action, $asset = null)
{
if (self::$isRoot) {
return true;
}
else
{
// Sanitize inputs.
$userId = (int) $userId;
$action = strtolower(preg_replace('#[\s\-]+#', '.', trim($action)));
$asset = strtolower(preg_replace('#[\s\-]+#', '.', trim($asset)));
// Default to the root asset node.
if (empty($asset)) {
$asset = 1;
}
// Get the rules for the asset recursively to root if not already retrieved.
if (empty(self::$assetRules[$asset])) {
self::$assetRules[$asset] = self::getAssetRules($asset, true);
}
// Get all groups against which the user is mapped.
$identities = self::getGroupsByUser($userId);
array_unshift($identities, $userId * -1);
// Make sure we only check for core.admin once during the run.
if (self::$isRoot === null)
{
if (self::getAssetRules(1)->allow('core.admin', $identities)) {
self::$isRoot = true;
return true;
}
else {
self::$isRoot = false;
}
}
return self::$assetRules[$asset]->allow($action, $identities);
}
}
