diff options
| author | Simon | 2011-04-05 16:27:15 +0200 |
|---|---|---|
| committer | Simon | 2011-04-05 16:27:15 +0200 |
| commit | 8025728274992a9b2d7816bc986f86aac15e9383 (patch) | |
| tree | 1ceb34a8a0a0506d97f707e733bb30438c2f5210 | |
| parent | Suche gefixt & Neues Recht für Session (diff) | |
| parent | Rechte in Alle Controller (diff) | |
| download | pbs2-8025728274992a9b2d7816bc986f86aac15e9383.tar.gz pbs2-8025728274992a9b2d7816bc986f86aac15e9383.tar.xz pbs2-8025728274992a9b2d7816bc986f86aac15e9383.zip | |
Merge branch 'master' of openslx.org:lsfks/master-teamprojekt/pbs2
| -rw-r--r-- | application/models/BootMenuMapper.php | 13 | ||||
| -rw-r--r-- | application/modules/user/controllers/BootmenuController.php | 49 |
2 files changed, 31 insertions, 31 deletions
diff --git a/application/models/BootMenuMapper.php b/application/models/BootMenuMapper.php index 60c506d..1043897 100644 --- a/application/models/BootMenuMapper.php +++ b/application/models/BootMenuMapper.php @@ -93,16 +93,23 @@ class Application_Model_BootMenuMapper } } - public function find($id, Application_Model_BootMenu $botmenu) + public function find($id, Application_Model_BootMenu $botmenu = null) { $result = $this->getDbTable()->find($id); if (0 == count($result)) { return; } - $row = $result->current(); - $botmenu->setID($row->bootmenuID)->setMembershipID($row->membershipID)->setGroupID($row->groupID)->setTitle($row->title)->setCreated($row->created); + if($botmenu == null){ + $botmenu = new Application_Model_BootMenu(); + $botmenu->setID($row->bootmenuID)->setMembershipID($row->membershipID)->setGroupID($row->groupID)->setTitle($row->title)->setCreated($row->created); + return $botmenu; + }else{ + $botmenu->setID($row->bootmenuID)->setMembershipID($row->membershipID)->setGroupID($row->groupID)->setTitle($row->title)->setCreated($row->created); + } + + } public function fetchAll() diff --git a/application/modules/user/controllers/BootmenuController.php b/application/modules/user/controllers/BootmenuController.php index cb7810b..f24cb47 100644 --- a/application/modules/user/controllers/BootmenuController.php +++ b/application/modules/user/controllers/BootmenuController.php @@ -135,8 +135,7 @@ class user_BootmenuController extends Zend_Controller_Action $bootmenu = new Application_Model_BootMenu($_POST); $bootmenu->setCreated(time()); - - $bootmenu->setMembershipID($this->membership->getID()); + $bootmenu->setGroupID($this->membership->getGroupID()); try{ @@ -156,8 +155,8 @@ class user_BootmenuController extends Zend_Controller_Action public function editbootmenuAction() { - //TODO ACL Is he allowed to edit BootMenus? - if(false) + //ACL Is he allowed to edit BootMenus? + if(!Pbs_Acl::checkRight('booe')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); $bootmenuID = $this->_request->getParam('bootmenuID'); @@ -172,26 +171,21 @@ class user_BootmenuController extends Zend_Controller_Action if (!isset($_POST["editbootmenu"])){ - $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page)); + $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page)); $bootmenuForm->populate($bootmenu->toArray()); }else{ - $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page),$_POST); + $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page),$_POST); if ($bootmenuForm->isValid($_POST)) { $bootmenuold = $bootmenu; $bootmenu = new Application_Model_BootMenu($_POST); - $bootmenu->setMembershipID($this->membership->getID()); $bootmenu->setGroupID($this->membership->getGroupID()); $bootmenu->setCreated(time()); $bootmenu->setID($bootmenuID); - //TODO ACL Is he allowed to edit this? - if(false) - $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); - try { $this->bootmenuMapper->save($bootmenu); }catch(Zend_Exception $e) @@ -212,8 +206,8 @@ class user_BootmenuController extends Zend_Controller_Action public function deletebootmenuAction() { - //TODO ACL Is he allowed to delete Bootmenu? - if(false) + //ACL Is he allowed to delete Bootmenu? + if(!Pbs_Acl::checkRight('bood')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden'); try{ @@ -240,8 +234,8 @@ class user_BootmenuController extends Zend_Controller_Action public function addbootmenuentryAction() { - //TODO ACL Darf er BootMenuEntries erstellen? - if(false) + //ACL Darf er BootMenuEntries erstellen? + if(!Pbs_Acl::checkRight('booae')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/addresult/forbidden'); $bootmenuID = $this->_request->getParam('bootmenuID'); @@ -255,6 +249,9 @@ class user_BootmenuController extends Zend_Controller_Action $bootoslist = $bootosMapper->fetchAll(); $configlist = $configMapper->fetchAll(); + if($this->membership->getGroupID() != $this->bootmenuMapper->find($bootmenuID)->getGroupID()) + $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); + if (!isset($_POST["addbootmenuentry"])){ $bootmenuentryForm = new user_Form_BootmenuEntries(array( @@ -262,8 +259,7 @@ class user_BootmenuController extends Zend_Controller_Action 'maxorder'=> $maxorder, 'configlist'=> $configlist, 'page' => $this->page, - 'action' => 'addbootmenuentry', - 'rights' => 'meta' + 'action' => 'addbootmenuentry' )); $bootmenuentryForm->populate(array('order' => $maxorder)); @@ -278,8 +274,7 @@ class user_BootmenuController extends Zend_Controller_Action 'maxorder'=> $maxorder, 'configlist'=>$configlist, 'page' => $this->page, - 'action' => 'addbootmenuentry', - 'rights' => 'meta'),$_POST); + 'action' => 'addbootmenuentry'),$_POST); if ($bootmenuentryForm->isValid($_POST)) { @@ -312,8 +307,8 @@ class user_BootmenuController extends Zend_Controller_Action public function editbootmenuentryAction() { - //TODO ACL Is he allowed to edit BootMenus? - if(false) + //ACL Is he allowed to edit BootMenus? + if(!Pbs_Acl::checkRight('booee')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); $bootmenuentryID = $this->_request->getParam('bootmenuentryID'); @@ -344,7 +339,6 @@ class user_BootmenuController extends Zend_Controller_Action 'kcl' => $bootmenuentry->getKcl(), 'page' => $this->page, 'action' => 'editbootmenuentry', - 'rights' => 'all' )); if(!isset($_POST['configID'])){ @@ -363,8 +357,7 @@ class user_BootmenuController extends Zend_Controller_Action 'configlist'=> $configlist, 'kcl' => $bootmenuentry->getKcl(), 'page' => $this->page, - 'action' => 'editbootmenuentry', - 'rights' => 'all'),$_POST); + 'action' => 'editbootmenuentry'),$_POST); if ($bootmenuentryForm->isValid($_POST)) { @@ -378,8 +371,8 @@ class user_BootmenuController extends Zend_Controller_Action $bootmenuentryold->getConfigID() != $bootmenuentry->getConfigID() || $bootmenuentryold->getKcl() != $bootmenuentry->getKcl() || $bootmenuentryold->getKclappend() != $bootmenuentry->getKclappend()){ - //TODO ACL Is he allowed to edit this? - if(false) + //ACL Is he allowed to edit this? + if(Pbs_Acl::checkRight('booeem')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); } @@ -410,8 +403,8 @@ class user_BootmenuController extends Zend_Controller_Action public function removebootmenuentryAction() { - //TODO ACL Is he allowed to delete Bootos? - if(false) + //ACL Is he allowed to delete Bootos? + if(!Pbs_Acl::checkRight('boode')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden'); try{ |