Merge branch 'master' of ssh://git.openslx.org/lsfks/master-teamprojekt/pbs2

author: Björn Geiger 2011-03-29 15:23:28 +0200
committer: Björn Geiger 2011-03-29 15:23:28 +0200
commit: 6b7b96530dbc0d71cfc2fe724bd346fb47a625e4 (patch)
tree: ba8657e6ff29521d4067d624307d54ce6d90c113
parent: Fehler in RightModel korrigiert (diff)
parent: Merge branch 'master' of openslx.org:lsfks/master-teamprojekt/pbs2 (diff)
download: pbs2-6b7b96530dbc0d71cfc2fe724bd346fb47a625e4.tar.gz
pbs2-6b7b96530dbc0d71cfc2fe724bd346fb47a625e4.tar.xz
pbs2-6b7b96530dbc0d71cfc2fe724bd346fb47a625e4.zip
3 files changed, 43 insertions, 29 deletions
diff --git a/application/modules/user/controllers/ClientController.php b/application/modules/user/controllers/ClientController.php
index 7846d94..163ea95 100644
--- a/application/modules/user/controllers/ClientController.php
+++ b/application/modules/user/controllers/ClientController.php
@@ -23,7 +23,9 @@ class User_ClientController extends Zend_Controller_Action
 
 	public function indexAction()
 	{
-		// TODO: ACL: is he authorized to see this ?
+		// ACL: is he authorized to see this ?
+		if(!Pbs_Acl::checkRight('clo'))
+			$this->_redirect('/user');
 
 		// Get the Clients which booted with a bootiso of this group
 		$result = $this->_request->getParam('deleteresult');
@@ -55,8 +57,10 @@ class User_ClientController extends Zend_Controller_Action
 		$mac = $this->_request->getParam('mac');
 		$hh = $this->_request->getParam('hh');
 
-		// TODO: ACL: is he authorized to create new clients?
-		#if( he is allowed){
+		// ACL: is he authorized to create new clients?
+		if(!Pbs_Acl::checkRight('cla'))
+			$this->_redirect('/user');
+			
 		if (!isset($_POST["add"])){
 			$addclient = new user_Form_Client(array('buttontext' => 'Create Client'));
 			$this->view->addclient = $addclient;
@@ -77,16 +81,16 @@ class User_ClientController extends Zend_Controller_Action
 			}
 			$this->view->addclient = $addclient;
 		}
-		#}else{
-		#	$this->_redirect('/user/');
-		#}
 	}
 
 	public function removeclientAction()
 	{
 		$clientID = $this->_request->getParam('clientID');
-		// TODO: ACL: is he authorized to delete clients?
-		#if( he is allowed){
+		
+		// ACL: is he authorized to delete clients?
+		if(!Pbs_Acl::checkRight('cld'))
+			$this->_redirect('/user');			
+		
 		$clientMapper = new Application_Model_ClientMapper();
 		if(is_numeric($clientID)){
 			$client = new Application_Model_Client();
@@ -101,14 +105,13 @@ class User_ClientController extends Zend_Controller_Action
 			}
 		}
 		$this->_redirect('/user/client/index/deleteresult/error');
-		#}else{
-		#	$this->_redirect('/user/');
-		#}
 	}
 
 	public function editclientAction(){
-		// TODO: ACL: Is he authorized to edit clients ?
-		#if( he is allowed){
+		// ACL: Is he authorized to edit clients ?
+		if(!Pbs_Acl::checkRight('cle'))
+			$this->_redirect('/user');
+			
 		if (!isset($_POST["add"])){
 			$clientID = $this->_request->getParam('clientID');
 			$client = new Application_Model_Client();
@@ -146,9 +149,6 @@ class User_ClientController extends Zend_Controller_Action
 			}
 			$this->view->editclient = $editclient;
 		}
-		#}else{
-		#	$this->_redirect('/user/');
-		#}
 	}
 
 
diff --git a/application/modules/user/controllers/PoolController.php b/application/modules/user/controllers/PoolController.php
index 07dfec5..15a3f1e 100644
--- a/application/modules/user/controllers/PoolController.php
+++ b/application/modules/user/controllers/PoolController.php
@@ -23,7 +23,9 @@ class User_PoolController extends Zend_Controller_Action
 
 	public function indexAction()
 	{
-		// TODO: ACL: is he allowed to see the pools of a group
+		// ACL: is he allowed to see the pools of a group
+		if(!Pbs_Acl::checkRight('poo'))
+			$this->_redirect('/user');
 			
 		$result = $this->_request->getParam('deleteresult');
 		if($result != ""){
@@ -76,13 +78,16 @@ class User_PoolController extends Zend_Controller_Action
 		// extract the un-assigned clients from the clientlist of the group
 		$freeclients  = $this->arrayDiff($clientsArray,$assignedclientsArray);
 
-
-		$this->view->freeclients = $freeclients;
+		if(Pbs_Acl::checkRight('posuc'))			
+			$this->view->freeclients = $freeclients;
 	}
 
 	public function createpoolAction()
 	{
-		// TODO: ACL: is he allowed to create a pool?
+		// ACL: is he allowed to create a pool?
+		if(!Pbs_Acl::checkRight('poc'))
+			$this->_redirect('/user');
+			
 		if (!isset($_POST["add"])){
 			$addfilterform = new user_Form_Pool(array('buttontext' => 'Create Pool'));
 			$this->view->addpool = $addfilterform;
@@ -107,8 +112,11 @@ class User_PoolController extends Zend_Controller_Action
 	public function deletepoolAction()
 	{
 		$poolID = $this->_request->getParam('poolID');
-		// TODO: ACL: is he allowed to delete a pool?
-		#if( he is allowed){
+		
+		// ACL: is he allowed to delete a pool?
+		if(!Pbs_Acl::checkRight('pod'))
+			$this->_redirect('/user');
+			
 		if(is_numeric($poolID)){
 			$poolmapper = new Application_Model_PoolMapper();
 			$pool = new Application_Model_Pool();
@@ -124,14 +132,14 @@ class User_PoolController extends Zend_Controller_Action
 			}
 		}
 		$this->_redirect('/user/pool/index/deleteresult/error');
-		#}else{
-		#	$this->_redirect('/user/');
-		#}
 	}
 
 	public function editpoolAction()
 	{
-		// TODO: ACL: is he allowed to edit a pool?
+		// ACL: is he allowed to edit a pool?
+		if(!Pbs_Acl::checkRight('poe'))
+			$this->_redirect('/user');
+		
 		if (!isset($_POST["add"])){
 			$poolID = $this->_request->getParam('poolID');
 			$pool = new Application_Model_Pool();
@@ -179,7 +187,10 @@ class User_PoolController extends Zend_Controller_Action
 		$clientID = $this->_request->getParam('clientID');
 		$poolID = $this->_request->getParam('poolID');
 
-		// TODO: ACL: Is he allowed to link clients to pools?
+		// ACL: Is he allowed to link clients to pools?
+		if(!Pbs_Acl::checkRight('polc'))
+			$this->_redirect('/user');
+		
 		if(!isset($_POST['clientID']) && ($clientID == '')){
 			$clientmapper = new Application_Model_ClientMapper();
 			$clients = $clientmapper->findBy('groupID',$this->membership->getGroupID());
@@ -228,7 +239,10 @@ class User_PoolController extends Zend_Controller_Action
 	{
 		$poolentriesID = $this->_request->getParam('poolentriesID');
 			
-		// TODO: ACL: Is he allowed to unlink clients from pools?
+		// ACL: Is he allowed to unlink clients from pools?
+		if(!Pbs_Acl::checkRight('pouc'))
+			$this->_redirect('/user');
+			
 		if(is_numeric($poolentriesID)){
 			$poolentriesMapper = new Application_Model_PoolEntriesMapper();
 			$poolentry = new Application_Model_PoolEntries();
diff --git a/application/modules/user/views/scripts/pool/index.phtml b/application/modules/user/views/scripts/pool/index.phtml
index b6e50c3..2890768 100644
--- a/application/modules/user/views/scripts/pool/index.phtml
+++ b/application/modules/user/views/scripts/pool/index.phtml
@@ -91,7 +91,7 @@
     <?php endforeach ?> 
     </table>
     
-<?php if (count($this->freeclients)>0): ?>
+<?php if (isset($this->freeclients) && count($this->freeclients)>0): ?>
 <h2>Free clients</h2>
 <table >
 <tr>
author	Björn Geiger	2011-03-29 15:23:28 +0200
committer	Björn Geiger	2011-03-29 15:23:28 +0200
commit	6b7b96530dbc0d71cfc2fe724bd346fb47a625e4 (patch)
tree	ba8657e6ff29521d4067d624307d54ce6d90c113
parent	Fehler in RightModel korrigiert (diff)
parent	Merge branch 'master' of openslx.org:lsfks/master-teamprojekt/pbs2 (diff)
download	pbs2-6b7b96530dbc0d71cfc2fe724bd346fb47a625e4.tar.gz pbs2-6b7b96530dbc0d71cfc2fe724bd346fb47a625e4.tar.xz pbs2-6b7b96530dbc0d71cfc2fe724bd346fb47a625e4.zip