1 files changed, 38 insertions, 0 deletions

diff --git a/classes/Profile.php b/classes/Profile.php
index 5b4394d3b..e3b35533a 100644
--- a/classes/Profile.php
+++ b/classes/Profile.php
@@ -661,4 +661,42 @@ class Profile extends Memcached_DataObject
     {
         $this->revokeRole(Profile_role::SILENCED);
     }
+
+    /**
+     * Does this user have the right to do X?
+     *
+     * With our role-based authorization, this is merely a lookup for whether the user
+     * has a particular role. The implementation currently uses a switch statement
+     * to determine if the user has the pre-defined role to exercise the right. Future
+     * implementations may allow per-site roles, and different mappings of roles to rights.
+     *
+     * @param $right string Name of the right, usually a constant in class Right
+     * @return boolean whether the user has the right in question
+     */
+
+    function hasRight($right)
+    {
+        $result = false;
+        if (Event::handle('UserRightsCheck', array($this, $right, &$result))) {
+            switch ($right)
+            {
+            case Right::DELETEOTHERSNOTICE:
+            case Right::SANDBOXUSER:
+            case Right::SILENCEUSER:
+            case Right::DELETEUSER:
+                $result = $this->hasRole(Profile_role::MODERATOR);
+                break;
+            case Right::CONFIGURESITE:
+                $result = $this->hasRole(Profile_role::ADMINISTRATOR);
+                break;
+            case Right::NEWNOTICE:
+                $result = !$this->isSilenced();
+                break;
+            default:
+                $result = false;
+                break;
+            }
+        }
+        return $result;
+    }
 }