<?php
/**
 * authorize module User
 * 
 * @author gERD Schaufelberger <gerd@exit0.net>
 * @copyright 2004 by http://wombat.exit0.net
 * @package wombatSite
 * @subpackage user
 */
 
/**
 * Authorize agains user name
 * 
 * This module allows to check whether a special user is logged in or not. 
 * If the rule is empty, this module will simply require any authenticated
 * user to gain access. 
 * 
 * If a rule is specified, it defines a single user name. So access will be 
 * only granted if the user-name of the current user equals the rule. Using 
 * a "!" in front of the user name negates the request - in other words, it  
 * denies access for a specified user. 
 * 
 * @version 1.0.0
 * @package wombatSite
 * @subpackage user
 */
class wbAuthorize_User
{
   /**
    * authorize against rule
	*
	* @access public
	* @param string $rule 
	* @return boolean $result true on success
	*/
    function checkAuthorisation( $rule )
    {
		$auth	=&	wbFactory::singleton( 'wbAuth' );
		
		// check if user is logged in
		if( !$auth->isAuthenticated() ) {
			return false;
		}
		
		// require special user
		if( empty( $rule ) ) {
			return true;
		}
		
		$data	=	$auth->getUserData();
		// negate request
		if( $rule[0] === '!' ) {
			$rule	=	substr( $rule, 1 );
			if( $data['user'] !== $rule ) {
				return true;
			}
		}
		// normal request
		else if( $data['user'] === $rule ) {
			return true;
		}
		
        return false;
    }
}
?>