public function check($aro, $aco, $action = '*')
{
if (!$aro || !$aco) {
return false;
}
$permKeys = $this->getAcoKeys($this->schema()->columns());
$aroPath = $this->Aro->node($aro);
$acoPath = $this->Aco->node($aco);
if (!$aroPath) {
trigger_error(__d('cake_dev', "{0} - Failed ARO node lookup in permissions check. Node references:\nAro: {1}\nAco: {2}", 'DbAcl::check()', print_r($aro, true), print_r($aco, true)), E_USER_WARNING);
return false;
}
if (!$acoPath) {
trigger_error(__d('cake_dev', "{0} - Failed ACO node lookup in permissions check. Node references:\nAro: {1}\nAco: {2}", 'DbAcl::check()', print_r($aro, true), print_r($aco, true)), E_USER_WARNING);
return false;
}
if ($action !== '*' && !in_array('_' . $action, $permKeys)) {
trigger_error(__d('cake_dev', "ACO permissions key {0} does not exist in {1}", $action, 'DbAcl::check()'), E_USER_NOTICE);
return false;
}
$inherited = [];
$acoIDs = $acoPath->extract('id')->toArray();
$count = $aroPath->count();
$aroPaths = $aroPath->toArray();
for ($i = 0; $i < $count; $i++) {
$permAlias = $this->alias();
$perms = $this->find('all', ['conditions' => ["{$permAlias}.aro_id" => $aroPaths[$i]->id, "{$permAlias}.aco_id IN" => $acoIDs], 'order' => [$this->Aco->alias() . '.lft' => 'desc'], 'contain' => $this->Aco->alias()]);
if ($perms->count() == 0) {
continue;
}
$perms = $perms->hydrate(false)->toArray();
foreach ($perms as $perm) {
if ($action === '*') {
foreach ($permKeys as $key) {
if (!empty($perm)) {
if ($perm[$key] == -1) {
return false;
} elseif ($perm[$key] == 1) {
$inherited[$key] = 1;
}
}
}
if (count($inherited) === count($permKeys)) {
return true;
}
} else {
switch ($perm['_' . $action]) {
case -1:
return false;
case 0:
continue;
case 1:
return true;
}
}
}
}
return false;
}