Alex Savenko / analytics

AclRoles.php 1.52 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 
<?php

namespace App\Constants;

class AclRoles
{
    const UNAUTHORIZED = 'Unauthorized';
    const AUTHORIZED = 'Authorized';
    const AUTHOR = 'Author';
    const EDITOR = 'Editor';
    const USER = 'User';
    const ADMINISTRATOR = 'Administrator';

    const ALL_ROLES = [
        self::UNAUTHORIZED,
        self::AUTHORIZED,
        self::AUTHOR,
        self::EDITOR,
        self::USER,
        self::ADMINISTRATOR
    ];

    const ALL_REAL_ROLES = [
        self::AUTHOR,
        self::EDITOR,
        self::USER,
        self::ADMINISTRATOR
    ];

    /**
     * Check if $role can remove user with role $role_to_remove
     *
     * @param $role
     * @param $role_to_remove
     * @return bool
     */
    static public function access_user_delete($role, $role_to_remove)
    {
        $is_accessible = true;
        switch ($role)
        {
            case self::AUTHOR:
                if (in_array($role_to_remove, [self::EDITOR, self::USER, self::ADMINISTRATOR]))
                {
                    $is_accessible = false;
                }
                break;
            case self::EDITOR:
                if (in_array($role_to_remove, [self::USER, self::ADMINISTRATOR]))
                {
                    $is_accessible = false;
                }
                break;
            case self::USER:
                if (in_array($role_to_remove, [self::ADMINISTRATOR]))
                {
                    $is_accessible = false;
                }
                break;
        }
        return $is_accessible;
    }
}