diff options
author | Simon | 2011-03-29 15:08:20 +0200 |
---|---|---|
committer | Simon | 2011-03-29 15:08:20 +0200 |
commit | 0a0ac542fd4733505a80910d526fe501aff13362 (patch) | |
tree | 90abbecc663249464f68bf65994e075c068502ef /application/modules/user/controllers/ClientController.php | |
parent | Acl in Filter implementiert (diff) | |
download | pbs2-0a0ac542fd4733505a80910d526fe501aff13362.tar.gz pbs2-0a0ac542fd4733505a80910d526fe501aff13362.tar.xz pbs2-0a0ac542fd4733505a80910d526fe501aff13362.zip |
ACL in ClientController
Diffstat (limited to 'application/modules/user/controllers/ClientController.php')
-rw-r--r-- | application/modules/user/controllers/ClientController.php | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/application/modules/user/controllers/ClientController.php b/application/modules/user/controllers/ClientController.php index 7846d94..163ea95 100644 --- a/application/modules/user/controllers/ClientController.php +++ b/application/modules/user/controllers/ClientController.php @@ -23,7 +23,9 @@ class User_ClientController extends Zend_Controller_Action public function indexAction() { - // TODO: ACL: is he authorized to see this ? + // ACL: is he authorized to see this ? + if(!Pbs_Acl::checkRight('clo')) + $this->_redirect('/user'); // Get the Clients which booted with a bootiso of this group $result = $this->_request->getParam('deleteresult'); @@ -55,8 +57,10 @@ class User_ClientController extends Zend_Controller_Action $mac = $this->_request->getParam('mac'); $hh = $this->_request->getParam('hh'); - // TODO: ACL: is he authorized to create new clients? - #if( he is allowed){ + // ACL: is he authorized to create new clients? + if(!Pbs_Acl::checkRight('cla')) + $this->_redirect('/user'); + if (!isset($_POST["add"])){ $addclient = new user_Form_Client(array('buttontext' => 'Create Client')); $this->view->addclient = $addclient; @@ -77,16 +81,16 @@ class User_ClientController extends Zend_Controller_Action } $this->view->addclient = $addclient; } - #}else{ - # $this->_redirect('/user/'); - #} } public function removeclientAction() { $clientID = $this->_request->getParam('clientID'); - // TODO: ACL: is he authorized to delete clients? - #if( he is allowed){ + + // ACL: is he authorized to delete clients? + if(!Pbs_Acl::checkRight('cld')) + $this->_redirect('/user'); + $clientMapper = new Application_Model_ClientMapper(); if(is_numeric($clientID)){ $client = new Application_Model_Client(); @@ -101,14 +105,13 @@ class User_ClientController extends Zend_Controller_Action } } $this->_redirect('/user/client/index/deleteresult/error'); - #}else{ - # $this->_redirect('/user/'); - #} } public function editclientAction(){ - // TODO: ACL: Is he authorized to edit clients ? - #if( he is allowed){ + // ACL: Is he authorized to edit clients ? + if(!Pbs_Acl::checkRight('cle')) + $this->_redirect('/user'); + if (!isset($_POST["add"])){ $clientID = $this->_request->getParam('clientID'); $client = new Application_Model_Client(); @@ -146,9 +149,6 @@ class User_ClientController extends Zend_Controller_Action } $this->view->editclient = $editclient; } - #}else{ - # $this->_redirect('/user/'); - #} } |