users)) { $users = array_map('strtolower', StringHelper::trimSplit($section->users)); if (in_array('*', $users)) { return true; } if (in_array($username, $users)) { return true; } } if (! empty($section->groups)) { $groups = array_map('strtolower', StringHelper::trimSplit($section->groups)); foreach ($userGroups as $userGroup) { if (in_array(strtolower($userGroup), $groups)) { return true; } } } return false; } /** * Apply permissions, restrictions and roles to the given user * * @param User $user */ public function applyRoles(User $user) { $username = $user->getUsername(); try { $roles = Config::app('roles'); } catch (NotReadableError $e) { Logger::error( 'Can\'t get permissions and restrictions for user \'%s\'. An exception was thrown:', $username, $e ); return; } $userGroups = $user->getGroups(); $permissions = array(); $restrictions = array(); $roleObjs = array(); foreach ($roles as $roleName => $role) { if ($this->match($username, $userGroups, $role)) { $permissionsFromRole = StringHelper::trimSplit($role->permissions); $permissions = array_merge( $permissions, array_diff($permissionsFromRole, $permissions) ); $restrictionsFromRole = $role->toArray(); unset($restrictionsFromRole['users']); unset($restrictionsFromRole['groups']); unset($restrictionsFromRole['permissions']); foreach ($restrictionsFromRole as $name => $restriction) { if (! isset($restrictions[$name])) { $restrictions[$name] = array(); } $restrictions[$name][] = $restriction; } $roleObj = new Role(); $roleObjs[] = $roleObj ->setName($roleName) ->setPermissions($permissionsFromRole) ->setRestrictions($restrictionsFromRole); } } $user->setPermissions($permissions); $user->setRestrictions($restrictions); $user->setRoles($roleObjs); } }