<?php

class Permissions {
	
	
	public static function checkRights($command,$rights) {
		if (session_id() == '') {
			session_start();
		}
		if (!array_key_exists($command, $rights)) {
			echo json_encode(array("status" => "ERROR", "code" => ERROR_COMMAND_NOT_FOUND, "msg" => ERROR_COMMAND_NOT_FOUND_MSG));
			return false;
		}
		$cmdRights = $rights[$command];
		if ($cmdRights["loggedin"] == 1) {
			if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));
				return false;
			}
		}
		if ($cmdRights["isadmin"] == 1) {
			if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));
				return false;
			} else {
				if ($_SESSION['is_admin'] == false) {
					echo json_encode(array("status" => "ERROR", "code" => ERROR_COMMAND_NOT_ADMIN, "msg" => ERROR_COMMAND_NOT_ADMIN_MSG));
					return false;
				}
			}
		}
		if (!is_null($cmdRights["rights"])) {
			foreach ($cmdRights["rights"] as $aRight) {
				if ($aRight == 'timetracking') {
					if (($_SESSION['is_admin']) || ($_SESSION['right_timetracking'])) {
						return true;
					}
				} else if ($aRight == 'timemanager') {
					if ($_SESSION['right_timemanager']) {
						return true;
					}
				} else if ($aRight == 'tasks') {
					if (($_SESSION['is_admin']) || ($_SESSION['right_tasks'])) {
						return true;
					}
				} else if ($aRight == 'tasksmanagement') {
					if ($_SESSION['right_tasksmanagement']) {
						return true;
					}
				}
			}
			echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));
			return false;
		}
		return true;
	}
}