Bolt\Users::filterManipulatableRoles PHP Method

Users Class Documentation Datei anzeigen Open project: bolt/bolt

filterManipulatableRoles() public method

Ensure changes to the user's roles match what the current user has permissions to manipulate.
public filterManipulatableRoles ( string | integer $id, array $newRoles ) : string[]
$id string | integer User ID
$newRoles array Roles from form submission
return string[] The user's roles with the allowed changes 
    public function filterManipulatableRoles($id, array $newRoles)
    {
        $oldRoles = [];
        if ($id && ($user = $this->getUser($id))) {
            $oldRoles = $user['roles'];
        }
        $manipulatableRoles = $this->app['permissions']->getManipulatableRoles($this->getCurrentUser());
        $roles = [];
        // Remove roles if the current user can manipulate that role
        foreach ($oldRoles as $role) {
            if ($role === Permissions::ROLE_EVERYONE) {
                continue;
            }
            if (in_array($role, $newRoles) || !in_array($role, $manipulatableRoles)) {
                $roles[] = $role;
            }
        }
        // Add roles if the current user can manipulate that role
        foreach ($newRoles as $role) {
            if (in_array($role, $manipulatableRoles)) {
                $roles[] = $role;
            }
        }
        return array_unique($roles);
    }
Users
__construct
addRole
canonicalizeFieldValue
checkAntiCSRFToken
checkAvailability
checkForRoot
checkValidSession
deleteUser
filterManipulatableRoles
getActiveSessions
getAntiCSRFToken
getCurrentUser
getCurrentUserProperty
getCurrentUsername
getEmptyUser
getRepository
getUser
getUsers
hasRole
hasUsers
isAllowed
isContentStatusTransitionAllowed
isEnabled
isValidSession
removeRole
saveUser
setEnabled
updateUserLogin