1: <?php
 2: 
 3: /**
 4:  * CONTENIDO Chain.
 5:  * Category access feature.
 6:  *
 7:  * @package          Core
 8:  * @subpackage       Chain
 9:  * @author           Unknown
10:  * @copyright        four for business AG <www.4fb.de>
11:  * @license          http://www.contenido.org/license/LIZENZ.txt
12:  * @link             http://www.4fb.de
13:  * @link             http://www.contenido.org
14:  */
15: 
16: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
17: 
18: /**
19:  *
20:  * @param int $idlang
21:  * @param int $idcat
22:  * @param int $idfrontenduser
23:  * @return boolean
24:  */
25: function cecFrontendCategoryAccess($idlang, $idcat, $idfrontenduser) {
26: 
27:     global $cfg;
28: 
29:     // get idcatlang from idcat & lang
30:     // TODO should use cApiCategoryLanguage::loadByCategoryIdAndLanguageId()
31:     $db = cRegistry::getDb();
32:     $db->query("
33:         SELECT
34:             idcatlang
35:         FROM
36:             " . $cfg["tab"]["cat_lang"] . "
37:         WHERE
38:             idcat = " . cSecurity::toInteger($idcat) . "
39:             AND idlang = " . cSecurity::toInteger($idlang));
40:     if ($db->nextRecord()) {
41:         $idcatlang = $db->f('idcatlang');
42:     } else {
43:         return false;
44:     }
45: 
46:     // get frontend user
47:     $frontendUser = new cApiFrontendUser();
48:     $frontendUser->loadByPrimaryKey($idfrontenduser);
49:     if (true !== $frontendUser->isLoaded()) {
50:         return false;
51:     }
52: 
53:     // check if frontend user has access through any group he belongs to
54:     $coll = new cApiFrontendPermissionCollection();
55:     foreach ($frontendUser->getGroupsForUser() as $group) {
56:         if ($coll->checkPerm($group, 'category', 'access', $idcatlang)) {
57:             return true;
58:         }
59:     }
60: 
61:     return false;
62: }
63: 
64: ?>