Merge branch 'master' of ssh://git.openslx.org/lsfks/master-teamprojekt/pbs2

1 files changed, 30 insertions, 37 deletions

diff --git a/application/modules/user/controllers/BootmenuController.php b/application/modules/user/controllers/BootmenuController.php
index dfe9f20..f24cb47 100644
--- a/application/modules/user/controllers/BootmenuController.php
+++ b/application/modules/user/controllers/BootmenuController.php
@@ -57,8 +57,8 @@ class user_BootmenuController extends Zend_Controller_Action
 		}
 		
 		
-		//TODO ACL Darf er Bootmenus sehen?
-    	if(false)
+		//ACL Darf er Bootmenus sehen?
+    	if(!Pbs_Acl::checkRight('booai') && !Pbs_Acl::checkRight('booui'))
     		$this->_redirect('/user/index');
 		
     	$this->bootMenumapper = new Application_Model_BootMenuMapper();
@@ -66,8 +66,7 @@ class user_BootmenuController extends Zend_Controller_Action
 	    $bootosMapper = new Application_Model_BootOsMapper();
 	    $configMapper = new Application_Model_ConfigMapper();
 	   
-	    if(true){    		
-	    	//TODO nur Bootmenus von Admins
+	    if(Pbs_Acl::checkRight('booai')){    		
 	    	$bootmenu = $this->bootmenuMapper->findBy(array('groupID' => $this->membership->getGroupID()));
 	    	foreach ($bootmenu as $bm){
 		    	$bootmenuID = $bm->getID();
@@ -93,11 +92,11 @@ class user_BootmenuController extends Zend_Controller_Action
 		$mySearch = new Pbs_Search();
 		$mySearch->setSearchTerm($search);
 		$mySearch->setModule('bootmenu');
-		$this->view->searchform = $mySearch->searchForm();
 		if($search != ''){
 			$this->view->search = $mySearch->getSearchTerm();			
 			$bootmenu = $mySearch->search($bootmenu);			
 		}
+		$this->view->searchform = $mySearch->searchForm();
 	    
 	    // Pagination
 	    $pagination = new Pbs_Pagination();	
@@ -122,23 +121,23 @@ class user_BootmenuController extends Zend_Controller_Action
     
     public function createbootmenuAction()
     {
-    	//TODO ACL Darf er BootMenus erstellen?
-    	if(false)
+    	//ACL Darf er BootMenus erstellen?
+    	if(!Pbs_Acl::checkRight('booc'))
     		$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/addresult/forbidden');
     		    	
         if (!isset($_POST["createbootmenu"])){
-    	    $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu', 'rights' => 'all','page' => $this->page));
+    	    $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu','page' => $this->page));
     	} else {
     			
-    	    $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu', 'rights' => 'all','page' => $this->page),$_POST);
+    	    $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu','page' => $this->page),$_POST);
     			    			
     		if ($bootmenuForm->isValid($_POST)) {
 
     		    $bootmenu = new Application_Model_BootMenu($_POST);
-    		    $bootmenu->setMembershipID($this->membership->getID());
-    		    $bootmenu->setGroupID($this->membership->getGroupID());
     		    $bootmenu->setCreated(time());
 
+    		    $bootmenu->setGroupID($this->membership->getGroupID());
+
     		    try{  
     		        $this->bootmenuMapper->save($bootmenu);
     		    }catch(Zend_Exception $e){
@@ -156,8 +155,8 @@ class user_BootmenuController extends Zend_Controller_Action
     public function editbootmenuAction()
     {
         
-        //TODO ACL Is he allowed to edit BootMenus?
-    	if(false)
+        //ACL Is he allowed to edit BootMenus?
+    	if(!Pbs_Acl::checkRight('booe'))
     		$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
         
     	$bootmenuID = $this->_request->getParam('bootmenuID');
@@ -172,26 +171,21 @@ class user_BootmenuController extends Zend_Controller_Action
     		
     	if (!isset($_POST["editbootmenu"])){
 
-    		$bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page));
+    		$bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page));
     		$bootmenuForm->populate($bootmenu->toArray()); 
     		
     	}else{
-    		$bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page),$_POST);
+    		$bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page),$_POST);
     			    			
     		if ($bootmenuForm->isValid($_POST)) {
 
     			$bootmenuold = $bootmenu;
     			
     			$bootmenu = new Application_Model_BootMenu($_POST);
-    			$bootmenu->setMembershipID($this->membership->getID());
     			$bootmenu->setGroupID($this->membership->getGroupID());
     		   	$bootmenu->setCreated(time());
     		    $bootmenu->setID($bootmenuID);
     		    
-    		    //TODO ACL Is he allowed to edit this?
-    			if(false)
-    				$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
-    		        
     		   	try {  
     		       	$this->bootmenuMapper->save($bootmenu);
     		    }catch(Zend_Exception $e)
@@ -212,8 +206,8 @@ class user_BootmenuController extends Zend_Controller_Action
     public function deletebootmenuAction()
     {
 
-    	//TODO ACL Is he allowed to delete Bootmenu?
-    	if(false)
+    	//ACL Is he allowed to delete Bootmenu?
+    	if(!Pbs_Acl::checkRight('bood'))
     		$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden');
 
     	try{
@@ -240,8 +234,8 @@ class user_BootmenuController extends Zend_Controller_Action
     public function addbootmenuentryAction()
     {
     	
-    	//TODO ACL Darf er BootMenuEntries erstellen?
-    	if(false)
+    	//ACL Darf er BootMenuEntries erstellen?
+    	if(!Pbs_Acl::checkRight('booae'))
     		$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/addresult/forbidden');
     		
     	$bootmenuID = $this->_request->getParam('bootmenuID');
@@ -255,6 +249,9 @@ class user_BootmenuController extends Zend_Controller_Action
     	$bootoslist = $bootosMapper->fetchAll(); 
 		$configlist = $configMapper->fetchAll();
 		
+		if($this->membership->getGroupID() != $this->bootmenuMapper->find($bootmenuID)->getGroupID())
+    		$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
+		
     	if (!isset($_POST["addbootmenuentry"])){
     		
     	    $bootmenuentryForm = new user_Form_BootmenuEntries(array(
@@ -262,8 +259,7 @@ class user_BootmenuController extends Zend_Controller_Action
     	    	'maxorder'=> $maxorder, 
     	    	'configlist'=> $configlist,
     	    	'page' => $this->page,
-    	    	'action' => 'addbootmenuentry', 
-    	    	'rights' => 'meta'
+    	    	'action' => 'addbootmenuentry'
     	    ));  
     	    
     	    $bootmenuentryForm->populate(array('order' => $maxorder));
@@ -278,8 +274,7 @@ class user_BootmenuController extends Zend_Controller_Action
     	        	'maxorder'=> $maxorder, 
     	        	'configlist'=>$configlist, 
     	        	'page' => $this->page, 
-    	        	'action' => 'addbootmenuentry', 
-    	    		'rights' => 'meta'),$_POST);
+    	        	'action' => 'addbootmenuentry'),$_POST);
     	        
     		    if ($bootmenuentryForm->isValid($_POST)) {
     		    	
@@ -312,8 +307,8 @@ class user_BootmenuController extends Zend_Controller_Action
 
     public function editbootmenuentryAction()
     {
-    	//TODO ACL Is he allowed to edit BootMenus?
-    	if(false)
+    	//ACL Is he allowed to edit BootMenus?
+    	if(!Pbs_Acl::checkRight('booee'))
     		$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
         
     	$bootmenuentryID = $this->_request->getParam('bootmenuentryID');
@@ -344,7 +339,6 @@ class user_BootmenuController extends Zend_Controller_Action
     			'kcl' => $bootmenuentry->getKcl(),
     	    	'page' => $this->page,
     	    	'action' => 'editbootmenuentry', 
-    	    	'rights' => 'all'
     		));  
 
     		if(!isset($_POST['configID'])){	
@@ -363,8 +357,7 @@ class user_BootmenuController extends Zend_Controller_Action
     	    	'configlist'=> $configlist,
     			'kcl' => $bootmenuentry->getKcl(),
     	    	'page' => $this->page,
-    	    	'action' => 'editbootmenuentry', 
-    	    	'rights' => 'all'),$_POST);
+    	    	'action' => 'editbootmenuentry'),$_POST);
     			    			
     		if ($bootmenuentryForm->isValid($_POST)) {
     			
@@ -378,8 +371,8 @@ class user_BootmenuController extends Zend_Controller_Action
     				$bootmenuentryold->getConfigID() != $bootmenuentry->getConfigID() ||
     				$bootmenuentryold->getKcl() != $bootmenuentry->getKcl() ||
     				$bootmenuentryold->getKclappend() != $bootmenuentry->getKclappend()){
-    					//TODO ACL Is he allowed to edit this?
-    					if(false)
+    					//ACL Is he allowed to edit this?
+    					if(Pbs_Acl::checkRight('booeem'))
     						$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
     			}
      
@@ -410,8 +403,8 @@ class user_BootmenuController extends Zend_Controller_Action
 
     public function removebootmenuentryAction()
     {
-    	//TODO ACL Is he allowed to delete Bootos?
-    	if(false)
+    	//ACL Is he allowed to delete Bootos?
+    	if(!Pbs_Acl::checkRight('boode'))
     		$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden');
 
     	try{