Collections functions
Encryption functions
General functions
Render functions
Theme permission functions
Video functions
Resource functions

compute_featured_collections_acess_control()

Description

Compute the featured collections allowed based on current access control

TRUE if user has access to all featured collections. If some access control is in place, then the
return will be an array with all the allowed featured collections

Parameters

This function accepts no parameters.

Return

boolean|array Returns FALSE if user should not see any featured collections (usually means misconfiguration) -or-

Location

include/collections_functions.php lines 5016 to 5112

Definition

 
function compute_featured_collections_acess_control()
    {
    global 
$CACHE_FC_ACCESS_CONTROL;
    if(!
is_null($CACHE_FC_ACCESS_CONTROL))
        {
        return 
$CACHE_FC_ACCESS_CONTROL;
        }

    
$all_fcs sql_query(sprintf("SELECT ref, parent FROM collection WHERE `type` = %s"COLLECTION_TYPE_FEATURED), "featured_collections");
    
$all_fcs reshape_array_by_value_keys($all_fcs'ref''parent');
    
$root_fcs array_filter($all_fcs, function($v) { return $v == 0; });

    
$fcs_allowed = array();
    
$fcs_not_allowed = array();

    if(!
checkperm("j*"))
        {
        
$fc_root_allowed_refs array_filter($root_fcs'permission_j'ARRAY_FILTER_USE_KEY);
        if(empty(
$fc_root_allowed_refs))
            {
            
// Misconfiguration - user can only see specific FCs but none have been selected
            
return false;
            }

        
$root_fcs $fc_root_allowed_refs;
        }

    
// BFS traverse the tree to establish what FCs are allowed
    
$queue = new SplQueue();
    
$queue->setIteratorMode(SplQueue::IT_MODE_DELETE);
    foreach(
array_keys($root_fcs) as $root_fc_ref)
        {
        
$queue->enqueue($root_fc_ref);
        }

    while(!
$queue->isEmpty())
        {
        
$fc $queue->dequeue();

        
$fc_parent = ($all_fcs[$fc] > $all_fcs[$fc] : 0);
        
$fc_children array_keys($all_fcs$fc);
        
$fcs_allowed_flipped array_flip($fcs_allowed);
        
$fcs_not_allowed_flipped array_flip($fcs_not_allowed);
        
$is_fc_allowed false;

        
// Has the node itself OR its parent been marked as no access already? Mark all nodes' children the same
        
if(isset($fcs_not_allowed_flipped[$fc]) || isset($fcs_not_allowed_flipped[$fc_parent]))
            {
            
$fc_not_allowed_refs $fc_children;
            }
        
// Filter out featured collections explicitly forbidden
        
else if(permission_negative_j($fc))
            {
            
$fcs_not_allowed[] = $fc;
            
$fc_not_allowed_refs $fc_children;
            }
        else if(
$fc_parent && permission_negative_j($fc_parent))
            {
            
// Filter out featured collections where the parent has been explicitly forbidden
            
$fcs_not_allowed[] = $fc_parent;
            
$fc_not_allowed_refs $fc_children;
            }
        else
            {
            
$is_fc_allowed true;
            
$fc_not_allowed_refs array_filter($fc_children'permission_negative_j');
            }

        if(
$is_fc_allowed && !isset($fcs_allowed_flipped[$fc]))
            {
            
$fcs_allowed[] = $fc;
            }

        
$fcs_allowed array_merge($fcs_allowedarray_diff($fc_children$fc_not_allowed_refs));
        
$fcs_not_allowed array_merge($fcs_not_allowed$fc_not_allowed_refs);

        foreach(
$fc_children as $fc_child_ref)
            {
            
$queue->enqueue($fc_child_ref);
            }
        }

    
$count_all_fcs count($all_fcs);
    if(
$count_all_fcs === count($fcs_allowed))
        {
        
// No access control needed! User should see all featured collections
        
$return true;
        }
    else
        {
        
$return $fcs_allowed;
        }

    
$CACHE_FC_ACCESS_CONTROL $return;

    return 
$return;
    }

This article was last updated 30th November 2020 16:35 Europe/London time based on the source file dated 25th November 2020 10:35 Europe/London time.