MaketRandevu/application/libraries/Permissions.php

96 lines
2.9 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php defined('BASEPATH') or exit('No direct script access allowed');
/* ----------------------------------------------------------------------------
* IFLRandevu - İzmir Fen Lisesi Randevu Portalı
*
* @package EasyAppointments
* @author A.Tselegidis <alextselegidis@gmail.com>
* @copyright Copyright (c) Alex Tselegidis
* @license https://opensource.org/licenses/GPL-3.0 - GPLv3
* @link https://easyappointments.org
* @since v1.5.0
* ---------------------------------------------------------------------------- */
/**
* Permissions library.
*
* Handles permission related functionality.
*
* @package Libraries
*/
class Permissions
{
/**
* @var EA_Controller|CI_Controller
*/
protected EA_Controller|CI_Controller $CI;
/**
* Permissions constructor.
*/
public function __construct()
{
$this->CI = &get_instance();
$this->CI->load->model('appointments_model');
$this->CI->load->model('roles_model');
$this->CI->load->model('secretaries_model');
$this->CI->load->model('users_model');
$this->CI->load->library('timezones');
}
/**
* Check if a user is allowed to manage the provided customer.
*
* The "limit_customer_access" setting changes the access permissions to customer entries. In order for a provider
* or a secretary to be able to make changes to a customer, they will first need to at least have a single
* appointment with them.
*
* @param int $user_id
* @param int $customer_id
*
* @return bool
*/
public function has_customer_access(int $user_id, int $customer_id): bool
{
$role_id = $this->CI->users_model->value($user_id, 'id_roles');
$role_slug = $this->CI->roles_model->value($role_id, 'slug');
$limit_customer_access = setting('limit_customer_access');
if ($role_slug === DB_SLUG_ADMIN || !$limit_customer_access) {
return true;
}
if ($role_slug === DB_SLUG_PROVIDER) {
return $this->CI->appointments_model
->query()
->where(['id_users_provider' => $user_id, 'id_users_customer' => $customer_id])
->get()
->num_rows() > 0;
}
if ($role_slug === DB_SLUG_SECRETARY) {
$secretary = $this->CI->secretaries_model->find($user_id);
foreach ($secretary['providers'] as $secretary_provider_id) {
$has_appointments_with_customer =
$this->CI->appointments_model
->query()
->where(['id_users_provider' => $secretary_provider_id, 'id_users_customer' => $customer_id])
->get()
->num_rows() > 0;
if ($has_appointments_with_customer) {
return true;
}
}
return false;
}
return false;
}
}