From c25b74d405bb9d2b0b296e6e2ef8a59a9bd6039d Mon Sep 17 00:00:00 2001
From: Marco <marco1@live.de>
Date: Sat, 29 Jul 2017 18:19:00 +0200
Subject: [PATCH] Provide read access to user's roles via 'Auth' interface

---
 src/Auth.php | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)

diff --git a/src/Auth.php b/src/Auth.php
index ea26663..c11b79d 100644
--- a/src/Auth.php
+++ b/src/Auth.php
@@ -1135,6 +1135,61 @@ final class Auth extends UserManager {
 		return $this->getStatus() === Status::SUSPENDED;
 	}
 
+	/**
+	 * Returns whether the currently signed-in user has the specified role
+	 *
+	 * @param int $role the role as one of the constants from the {@see Role} class
+	 * @return bool
+	 *
+	 * @see Role
+	 */
+	public function hasRole($role) {
+		$role = (int) $role;
+
+		if (isset($_SESSION) && isset($_SESSION[self::SESSION_FIELD_ROLES])) {
+			return (((int) $_SESSION[self::SESSION_FIELD_ROLES]) & $role) === $role;
+		}
+		else {
+			return false;
+		}
+	}
+
+	/**
+	 * Returns whether the currently signed-in user has *any* of the specified roles
+	 *
+	 * @param int[] ...$roles the roles as constants from the {@see Role} class
+	 * @return bool
+	 *
+	 * @see Role
+	 */
+	public function hasAnyRole(...$roles) {
+		foreach ($roles as $role) {
+			if ($this->hasRole($role)) {
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	/**
+	 * Returns whether the currently signed-in user has *all* of the specified roles
+	 *
+	 * @param int[] ...$roles the roles as constants from the {@see Role} class
+	 * @return bool
+	 *
+	 * @see Role
+	 */
+	public function hasAllRoles(...$roles) {
+		foreach ($roles as $role) {
+			if (!$this->hasRole($role)) {
+				return false;
+			}
+		}
+
+		return true;
+	}
+
 	/**
 	 * Sets whether the currently signed-in user has been remembered by a long-lived cookie
 	 *