public function check($url, $userGroupId)
{
if ($this->permissionsTmp === -1) {
$conditions = array('Permission.user_group_id' => $userGroupId);
$permissions = $this->find('all', array('conditions' => $conditions, 'order' => 'sort', 'recursive' => -1));
if ($permissions) {
$this->permissionsTmp = $permissions;
} else {
$this->permissionsTmp = array();
return true;
}
}
$permissions = $this->permissionsTmp;
if ($url != '/') {
$url = preg_replace('/^\\//is', '', $url);
}
$adminPrefix = Configure::read('Routing.prefixes.0');
$url = preg_replace("/^{$adminPrefix}\\//", 'admin/', $url);
// ダッシュボード、ログインユーザーの編集とログアウトは強制的に許可とする
$allows = array('/^admin$/', '/^admin\\/$/', '/^admin\\/dashboard\\/.*?/', '/^admin\\/dblogs\\/.*?/', '/^admin\\/users\\/logout$/', '/^admin\\/user_groups\\/set_default_favorites$/');
$sessionKey = Configure::read('BcAuthPrefix.admin.sessionKey');
if (!empty($_SESSION['Auth'][$sessionKey]['id'])) {
$allows[] = '/^admin\\/users\\/edit\\/' . $_SESSION['Auth'][$sessionKey]['id'] . '$/';
}
foreach ($allows as $allow) {
if (preg_match($allow, $url)) {
return true;
}
}
$ret = true;
foreach ($permissions as $permission) {
if (!$permission['Permission']['status']) {
continue;
}
if ($permission['Permission']['url'] != '/') {
$pattern = preg_replace('/^\\//is', '', $permission['Permission']['url']);
} else {
$pattern = $permission['Permission']['url'];
}
$pattern = addslashes($pattern);
$pattern = str_replace('/', '\\/', $pattern);
$pattern = str_replace('*', '.*?', $pattern);
$pattern = '/^' . str_replace('\\/.*?', '(|\\/.*?)', $pattern) . '$/is';
if (preg_match($pattern, $url)) {
$ret = $permission['Permission']['auth'];
}
}
return (bool) $ret;
}
