/**
* Method to check User object authorisation against an access control
* object and optionally an access extension object
*
* @param string $action The name of the action to check for permission.
* @param string $assetname The name of the asset on which to perform the action.
*
* @return boolean True if authorised
*
* @since 1.7.0
*/
public function authorise($action, $assetname = null)
{
// Make sure we only check for core.admin once during the run.
if ($this->isRoot === null) {
$this->isRoot = false;
// Check for the configuration file failsafe.
$rootUser = Factory::getApplication()->get('root_user');
// The root_user variable can be a numeric user ID or a username.
if (is_numeric($rootUser) && $this->id > 0 && $this->id == $rootUser) {
$this->isRoot = true;
} elseif ($this->username && $this->username == $rootUser) {
$this->isRoot = true;
} elseif ($this->id > 0) {
// Get all groups against which the user is mapped.
$identities = $this->getAuthorisedGroups();
array_unshift($identities, $this->id * -1);
if (Access::getAssetRules(1)->allow('core.admin', $identities)) {
$this->isRoot = true;
return true;
}
}
}
return $this->isRoot ? true : (bool) Access::check($this->id, $action, $assetname);
}