diff options
author | Björn Geiger | 2011-04-05 13:44:19 +0200 |
---|---|---|
committer | Björn Geiger | 2011-04-05 13:44:19 +0200 |
commit | c1b11591a3009d74cec4a56610070e97883d9251 (patch) | |
tree | 628a571294b2a83bf41a4086c03118924234b81f /application/modules/user/controllers/AuthController.php | |
parent | weiteres Recht hinzugefügt (diff) | |
download | pbs2-c1b11591a3009d74cec4a56610070e97883d9251.tar.gz pbs2-c1b11591a3009d74cec4a56610070e97883d9251.tar.xz pbs2-c1b11591a3009d74cec4a56610070e97883d9251.zip |
Rights im Personen Controller eingeführt, verwalten von anderen Accounts nun auch möglich
Diffstat (limited to 'application/modules/user/controllers/AuthController.php')
-rw-r--r-- | application/modules/user/controllers/AuthController.php | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/application/modules/user/controllers/AuthController.php b/application/modules/user/controllers/AuthController.php index 7eccc98..8160104 100644 --- a/application/modules/user/controllers/AuthController.php +++ b/application/modules/user/controllers/AuthController.php @@ -2,9 +2,7 @@ class User_AuthController extends Zend_Controller_Action { - protected $personmapper = null; - private $db = null; public function init() @@ -120,11 +118,19 @@ class User_AuthController extends Zend_Controller_Action public function deleteAction() { + if($this->_request->getParam('personID')) { + if(!Pbs_Acl::checkRight('peoa')) { + $this->_redirect('/user'); + } + $personID = $this->_request->getParam('personID'); + } else { + if(!Pbs_Acl::checkRight('pdo')) { + $this->_redirect('/user'); + } + $userIDsNamespace = Zend_Session::namespaceGet('userIDs'); + $personID = $userIDsNamespace['personID']; + } if($_POST['confirmdelete']) { - $auth = Zend_Auth::getInstance(); - $result = $this->personmapper->findBy(array('email' => $auth->getIdentity()),true); - $person = $result[0]; - $personID = $person["personID"]; if (isset($personID)){ $this->personmapper = new Application_Model_PersonMapper(); $person = $this->personmapper->find($personID); |