1: <?php
 2: 
 3: /**
 4:  * CONTENIDO Chain.
 5:  * Category access feature.
 6:  *
 7:  * @package          Core
 8:  * @subpackage       Chain
 9:  * @author           Unknown
10:  * @copyright        four for business AG <www.4fb.de>
11:  * @license          http://www.contenido.org/license/LIZENZ.txt
12:  * @link             http://www.4fb.de
13:  * @link             http://www.contenido.org
14:  */
15: 
16: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
17: 
18: /**
19:  *
20:  * @param int $idlang
21:  * @param int $idcat
22:  * @param int $idfrontenduser
23:  *
24:  * @return bool
25:  * 
26:  * @throws cDbException
27:  * @throws cException
28:  */
29: function cecFrontendCategoryAccess($idlang, $idcat, $idfrontenduser) {
30: 
31:     global $cfg;
32: 
33:     // get idcatlang from idcat & lang
34:     // TODO should use cApiCategoryLanguage::loadByCategoryIdAndLanguageId()
35:     $db = cRegistry::getDb();
36:     $db->query("
37:         SELECT
38:             idcatlang
39:         FROM
40:             " . $cfg["tab"]["cat_lang"] . "
41:         WHERE
42:             idcat = " . cSecurity::toInteger($idcat) . "
43:             AND idlang = " . cSecurity::toInteger($idlang));
44:     if ($db->nextRecord()) {
45:         $idcatlang = $db->f('idcatlang');
46:     } else {
47:         return false;
48:     }
49: 
50:     // get frontend user
51:     $frontendUser = new cApiFrontendUser();
52:     $frontendUser->loadByPrimaryKey($idfrontenduser);
53:     if (true !== $frontendUser->isLoaded()) {
54:         return false;
55:     }
56: 
57:     // check if frontend user has access through any group he belongs to
58:     $coll = new cApiFrontendPermissionCollection();
59:     foreach ($frontendUser->getGroupsForUser() as $group) {
60:         if ($coll->checkPerm($group, 'category', 'access', $idcatlang)) {
61:             return true;
62:         }
63:     }
64: 
65:     return false;
66: }
67: 
68: ?>