public function restricted($action = 'edit', $row = null)
{
$restricted = false;
$restrict = array();
if (isset($this->restrict[$action])) {
$restrict = (array) $this->restrict[$action];
}
// @todo Build 'edit', 'duplicate', 'delete' action support for 'where' which runs another find() query
/*if ( !in_array( $action, array( 'manage', 'reorder' ) ) ) {
$where = pods_var_raw( $action, $this->where, null, null, true );
if ( !empty( $where ) ) {
$restricted = true;
$old_where = $this->where[ $action ];
$id = $this->row[ $this->sql[ 'field_id' ] ];
if ( is_array( $where ) ) {
if ( 'OR' == pods_var( 'relation', $where ) )
$where = array( $where );
$where[] = "`t`.`" . $this->sql[ 'field_id' ] . "` = " . (int) $id;
}
else
$where = "( {$where} ) AND `t`.`" . $this->sql[ 'field_id' ] . "` = " . (int) $id;
$this->where[ $action ] = $where;
$data = false;
//$data = $this->get_data();
$this->where[ $action ] = $old_where;
if ( empty( $data ) )
$restricted = true;
}
}*/
$author_restrict = false;
if (!empty($this->restrict['author_restrict']) && $restrict === $this->restrict['author_restrict']) {
$restricted = false;
$author_restrict = true;
if (is_object($this->pod)) {
$restricted = true;
if ('settings' == $this->pod->pod_data['type'] && 'add' == $action) {
$action = 'edit';
}
if (pods_is_admin(array('pods', 'pods_content'))) {
$restricted = false;
} elseif ('manage' == $action) {
if (!in_array('edit', $this->actions_disabled) && current_user_can('pods_edit_' . $this->pod->pod) && current_user_can('pods_edit_others_' . $this->pod->pod)) {
$restricted = false;
} elseif (!in_array('delete', $this->actions_disabled) && current_user_can('pods_delete_' . $this->pod->pod) && current_user_can('pods_delete_others_' . $this->pod->pod)) {
$restricted = false;
} elseif (current_user_can('pods_' . $action . '_' . $this->pod->pod) && current_user_can('pods_' . $action . '_others_' . $this->pod->pod)) {
$restricted = false;
}
} elseif (current_user_can('pods_' . $action . '_' . $this->pod->pod) && current_user_can('pods_' . $action . '_others_' . $this->pod->pod)) {
$restricted = false;
}
}
/* @todo determine proper logic for non-pods capabilities
else {
$restricted = true;
if ( pods_is_admin( array( 'pods', 'pods_content' ) ) )
$restricted = false;
elseif ( current_user_can( 'pods_' . $action . '_others_' . $_tbd ) )
$restricted = false;
}*/
}
if ($restricted && !empty($restrict)) {
$relation = strtoupper(trim(pods_var('relation', $restrict, 'AND', null, true)));
if ('AND' != $relation) {
$relation = 'OR';
}
$okay = true;
foreach ($restrict as $field => $match) {
if ('relation' == $field) {
continue;
}
if (is_array($match)) {
$match_okay = true;
$match_relation = strtoupper(trim(pods_var('relation', $match, 'OR', null, true)));
if ('AND' != $match_relation) {
$match_relation = 'OR';
}
foreach ($match as $the_field => $the_match) {
if ('relation' == $the_field) {
continue;
}
$value = null;
if (is_object($this->pod)) {
$value = $this->pod->field($the_match, true);
} else {
if (empty($row)) {
$row = $this->row;
}
if (isset($row[$the_match])) {
if (is_array($row[$the_match])) {
if (false !== strpos($the_match, '.')) {
$the_matches = explode('.', $the_match);
$value = $row[$the_match];
foreach ($the_matches as $m) {
if (is_array($value) && isset($value[$m])) {
$value = $value[$m];
} else {
$value = null;
break;
}
}
}
} else {
$value = $row[$the_match];
}
}
}
if (is_array($value)) {
if (!in_array($the_match, $value)) {
$match_okay = false;
} elseif ('OR' == $match_relation) {
$match_okay = true;
break;
}
} elseif ($value == $the_match) {
$match_okay = false;
} elseif ('OR' == $match_relation) {
$match_okay = true;
break;
}
}
if (!$match_okay) {
$okay = false;
}
if ('OR' == $relation) {
$okay = true;
break;
}
} else {
$value = null;
if (is_object($this->pod)) {
$value = $this->pod->field($match, true);
} else {
if (empty($row)) {
$row = $this->row;
}
if (isset($row[$match])) {
if (is_array($row[$match])) {
if (false !== strpos($match, '.')) {
$matches = explode('.', $match);
$value = $row[$match];
foreach ($matches as $m) {
if (is_array($value) && isset($value[$m])) {
$value = $value[$m];
} else {
$value = null;
break;
}
}
}
} else {
$value = $row[$match];
}
}
}
if (is_array($value)) {
if (!in_array($match, $value)) {
$okay = false;
} elseif ('OR' == $relation) {
$okay = true;
break;
}
} elseif ($value != $match) {
$okay = false;
} elseif ('OR' == $relation) {
$okay = true;
break;
}
}
}
if (!empty($author_restrict)) {
if (is_object($this->pod) && 'manage' == $action) {
if (!in_array('edit', $this->actions_disabled) && !current_user_can('pods_edit_' . $this->pod->pod) && !in_array('delete', $this->actions_disabled) && !current_user_can('pods_delete_' . $this->pod->pod)) {
$okay = false;
}
}
if (is_object($this->pod) && !current_user_can('pods_' . $action . '_' . $this->pod->pod)) {
$okay = false;
}
/* @todo determine proper logic for non-pods capabilities
elseif ( !current_user_can( 'pods_' . $action . '_' . $_tbd ) )
$okay = false;*/
if (!$okay && !empty($row)) {
foreach ($this->restrict['author_restrict'] as $key => $val) {
$author_restricted = $this->get_field($key);
if (!empty($author_restricted)) {
if (!is_array($author_restricted)) {
$author_restricted = (array) $author_restricted;
}
if (is_array($val)) {
foreach ($val as $v) {
if (in_array($v, $author_restricted)) {
$okay = true;
}
}
} elseif (in_array($val, $author_restricted)) {
$okay = true;
}
}
}
}
}
if ($okay) {
$restricted = false;
}
}
if (isset($this->actions_custom[$action]) && is_array($this->actions_custom[$action]) && isset($this->actions_custom[$action]['restrict_callback']) && is_callable($this->actions_custom[$action]['restrict_callback'])) {
$restricted = call_user_func($this->actions_custom[$action]['restrict_callback'], $restricted, $restrict, $action, $row, $this);
}
$restricted = $this->do_hook('restricted_' . $action, $restricted, $restrict, $action, $row);
return $restricted;
}
