Provide read access to user's roles via 'Auth' interface

2025-07-11 11:36:24 +02:00 · 2017-07-29 18:19:00 +02:00
parent 2278b86fba
commit c25b74d405
1 changed files with 55 additions and 0 deletions
--- a/src/Auth.php
+++ b/src/Auth.php
@ -1135,6 +1135,61 @@ final class Auth extends UserManager {
 		return $this->getStatus() === Status::SUSPENDED;
 	}

+	/**
+	 * Returns whether the currently signed-in user has the specified role
+	 *
+	 * @param int $role the role as one of the constants from the {@see Role} class
+	 * @return bool
+	 *
+	 * @see Role
+	 */
+	public function hasRole($role) {
+		$role = (int) $role;
+
+		if (isset($_SESSION) && isset($_SESSION[self::SESSION_FIELD_ROLES])) {
+			return (((int) $_SESSION[self::SESSION_FIELD_ROLES]) & $role) === $role;
+		}
+		else {
+			return false;
+		}
+	}
+
+	/**
+	 * Returns whether the currently signed-in user has *any* of the specified roles
+	 *
+	 * @param int[] ...$roles the roles as constants from the {@see Role} class
+	 * @return bool
+	 *
+	 * @see Role
+	 */
+	public function hasAnyRole(...$roles) {
+		foreach ($roles as $role) {
+			if ($this->hasRole($role)) {
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	/**
+	 * Returns whether the currently signed-in user has *all* of the specified roles
+	 *
+	 * @param int[] ...$roles the roles as constants from the {@see Role} class
+	 * @return bool
+	 *
+	 * @see Role
+	 */
+	public function hasAllRoles(...$roles) {
+		foreach ($roles as $role) {
+			if (!$this->hasRole($role)) {
+				return false;
+			}
+		}
+
+		return true;
+	}
+
 	/**
 	 * Sets whether the currently signed-in user has been remembered by a long-lived cookie
 	 *