diff options
| author | michael pereira | 2011-04-05 15:35:32 +0200 |
|---|---|---|
| committer | michael pereira | 2011-04-05 15:35:32 +0200 |
| commit | 198221618856ef22ab8f69874b8d4e101db3746d (patch) | |
| tree | 85ece381624332620219983e037bac94776d5d52 /application/modules/user/controllers/ConfigController.php | |
| parent | find Methode angepasst (diff) | |
| download | pbs2-198221618856ef22ab8f69874b8d4e101db3746d.tar.gz pbs2-198221618856ef22ab8f69874b8d4e101db3746d.tar.xz pbs2-198221618856ef22ab8f69874b8d4e101db3746d.zip | |
Rechte in Controller eingepflanzt
Diffstat (limited to 'application/modules/user/controllers/ConfigController.php')
| -rw-r--r-- | application/modules/user/controllers/ConfigController.php | 48 |
1 files changed, 27 insertions, 21 deletions
diff --git a/application/modules/user/controllers/ConfigController.php b/application/modules/user/controllers/ConfigController.php index 83ff804..000a5e9 100644 --- a/application/modules/user/controllers/ConfigController.php +++ b/application/modules/user/controllers/ConfigController.php @@ -48,15 +48,14 @@ class user_ConfigController extends Zend_Controller_Action $groupID = $this->membership->getGroupID(); - //TODO ACL Darf er Configs sehen? - if(false) + //ACL Darf er Configs sehen? + if(!Pbs_Acl::checkRight('csai') && !Pbs_Acl::checkRight('csui')) $this->_redirect('/user/index'); $this->configMapper = new Application_Model_ConfigMapper(); $groupMapper = new Application_Model_GroupMapper(); - if(true){ - //TODO nur Configs von Admins + if(Pbs_Acl::checkRight('csai')){ $this->view->configlist = $this->configMapper->findBy(array('groupID' => $this->membership->getGroupID())); }else{ $this->view->configlist = $this->configMapper->findBy(array('membershipID' => $this->membership->getID())); @@ -82,22 +81,25 @@ class user_ConfigController extends Zend_Controller_Action public function createconfigAction() { - //TODO ACL Darf er Configs erstellen? - if(false) + //ACL Darf er Configs erstellen? + if(!Pbs_Acl::checkRight('cc')) $this->_redirect('/user/config/index/page/'.$this->page.'/addresult/forbidden'); if (!isset($_POST["createconfig"])){ - $configForm = new user_Form_Config(array('action' => 'createconfig','rights' => null,'page'=>$this->page)); + $configForm = new user_Form_Config(array('action' => 'createconfig','page'=>$this->page)); } else { - $configForm = new user_Form_Config(array('action' => 'createconfig','rights' => null,'page'=>$this->page),$_POST); + $configForm = new user_Form_Config(array('action' => 'createconfig','page'=>$this->page),$_POST); if ($configForm->isValid($_POST)) { $config = new Application_Model_Config($_POST); $config->setCreated(time()); - $config->setMembershipID($this->membership->getID()); - $config->setGroupID($this->membership->getGroupID()); - + + if(Pbs_Acl::checkRight('csai')) + $config->setGroupID($this->membership->getGroupID()); + else + $config->setMembershipID($this->membership->getID()); + try { $this->configMapper->save($config); }catch(Zend_Exception $e) @@ -115,8 +117,8 @@ class user_ConfigController extends Zend_Controller_Action public function editconfigAction() { - //TODO ACL Darf er Configs editieren? - if(false) + //ACL Darf er Configs editieren? + if(!Pbs_Acl::checkRight('ce')) $this->_redirect('/user/config/index/page/'.$this->page.'/modifyresult/forbidden'); $configID = $this->_request->getParam('configID'); @@ -138,11 +140,11 @@ class user_ConfigController extends Zend_Controller_Action if (!isset($_POST["editconfig"])){ - $configForm = new user_Form_Config(array('action' => 'editconfig','rights' => 'meta','page'=>$this->page)); + $configForm = new user_Form_Config(array('action' => 'editconfig','page'=>$this->page)); $configForm->populate($config->toArray()); }else{ - $configForm = new user_Form_Config(array('action' => 'editconfig','rights' => 'meta','page'=>$this->page),$_POST); + $configForm = new user_Form_Config(array('action' => 'editconfig','page'=>$this->page),$_POST); if ($configForm->isValid($_POST)) { @@ -150,13 +152,17 @@ class user_ConfigController extends Zend_Controller_Action $config = new Application_Model_Config($_POST); $config->setCreated(time()); - $config->setMembershipID($this->membership->getID()); - $config->setGroupID($this->membership->getGroupID()); + + if(Pbs_Acl::checkRight('csai')) + $config->setGroupID($this->membership->getGroupID()); + else + $config->setMembershipID($this->membership->getID()); + $config->setID($configID); if($configold->getShellscript() != $config->getShellscript()){ - //TODO ACL Is he allowed to edit other than Metadata? - if(false) + //ACL Is he allowed to edit other than Metadata? + if(Pbs_Acl::checkRight('cem')) $this->_redirect('/user/config/index/page/'.$this->page.'/modifyresult/forbidden'); } @@ -180,8 +186,8 @@ class user_ConfigController extends Zend_Controller_Action public function deleteconfigAction() { - //TODO ACL Darf er Configs löschen? - if(false) + //ACL Darf er Configs löschen? + if(!Pbs_Acl::checkRight('cd')) $this->_redirect('/user/config/index/page/'.$this->page.'/deleteresult/forbidden'); try{ |