SPIP has an extendable autoriser() function enabling the verification of authorisations. This function accepts 5 arguments. Only the first is necessary, and the others are all optional.
autoriser($faire, $type, $id, $qui, $opt);
The function returns true or false depending on the authorisation requested and the user(editor) who is connected (or the requested user passed as an explicit parameter). Here are what the different arguments are used for:
-
$fairecorresponds to the action requested. For example "modifier" (modify) or "voir" (view), -
$typeis generally used to define the object type, for example "auteur" (author) or "article", -
$idis used to provide the identifier of the requested object, for example "8" as an article number, -
$quiis used to enquire or assign authorisation for a specific author. When not provided, it assumes the currently connected author. The argument is typically anid_auteurnumber. This variable will be filed up with all of the available information relating to the designated author in the form of an array, -
$optis an array of options, usually empty. When an authorisation requires additional arguments to be passed, they are entered in this array.