public static function aclCheck($user, $authOption, $forum)
{
$groupIds = $user->groupIds();
$authOptionId = AuthOption::where('auth_option', $authOption)->value('auth_option_id');
// the group may contain direct acl entry
$isAuthorized = static::directAcl($groupIds, $authOptionId)->where('forum_id', $forum->forum_id)->exists();
// the group may also be part of role which may have matching
// acl entry
if (!$isAuthorized) {
$isAuthorized = static::roleAcl($groupIds, $authOptionId)->where('forum_id', $forum->forum_id)->exists();
}
// there's actually another one (phpbb_acl_users) but doesn't seem
// to contain anything but old-ish banlist?
return $isAuthorized;
} public function checkForumTopicStore($user, $forum)
{
$prefix = 'forum.topic.store.';
$this->ensureLoggedIn($user);
$this->ensureCleanRecord($user);
if ($user->isGMT()) {
return 'ok';
}
if (!$this->doCheckUser($user, 'ForumView', $forum)->can()) {
return $prefix . 'no_forum_access';
}
if (!$forum->isOpen()) {
return $prefix . 'forum_closed';
}
if (!ForumAuthorize::aclCheck($user, 'f_post', $forum)) {
return $prefix . 'no_permission';
}
return 'ok';
}
