Details
-
Improvement
-
Resolution: Unresolved
-
Medium
-
None
-
None
-
None
Description
In some cases you want to check from php or tpl if a special user has access to a node or contentobject.
The function checkAccess which is used for object->attribute('can_read') ... or node->attribue('can_read')
uses the current user.
It would be usefull to make the user id optional. It it is set use it otherwise use as default the currentuserid.
current code: ezcontenobject
function checkAccess( $functionName, $originalClassID = false, $parentClassID = false, $returnAccessList = false, $language = false ) { $classID = $originalClassID; $user = eZUser::currentUser(); $userID = $user->attribute( 'contentobject_id' );
improved code
function checkAccess( $functionName, $originalClassID = false, $parentClassID = false, $returnAccessList = false, $language = false, $userID = false ) { $classID = $originalClassID; if ( $userID == false ) { $user = eZUser::currentUser(); $userID = $user->attribute( 'contentobject_id' ); } else { $user = eZUser::fetch( $userID ); if ( !is_object( $user ) ) return 0; } }
eZContentObjectTreeNode::checkAccess should be updated, too.