diff options
author | Björn Geiger | 2011-04-11 10:59:36 +0200 |
---|---|---|
committer | Björn Geiger | 2011-04-11 10:59:36 +0200 |
commit | 8159b6bb65b9b69a7a2ef737d4fa11a5232c10f1 (patch) | |
tree | 1fb0d122e396cd24d80022fef260d5b2aff4a259 /application/modules/user/controllers/RoleController.php | |
parent | Super Admin hat wieder alle Rechte (diff) | |
download | pbs2-8159b6bb65b9b69a7a2ef737d4fa11a5232c10f1.tar.gz pbs2-8159b6bb65b9b69a7a2ef737d4fa11a5232c10f1.tar.xz pbs2-8159b6bb65b9b69a7a2ef737d4fa11a5232c10f1.zip |
ACL im RoleController
Diffstat (limited to 'application/modules/user/controllers/RoleController.php')
-rw-r--r-- | application/modules/user/controllers/RoleController.php | 44 |
1 files changed, 37 insertions, 7 deletions
diff --git a/application/modules/user/controllers/RoleController.php b/application/modules/user/controllers/RoleController.php index 88e2eeb..74efd70 100644 --- a/application/modules/user/controllers/RoleController.php +++ b/application/modules/user/controllers/RoleController.php @@ -22,6 +22,9 @@ class User_RoleController extends Zend_Controller_Action public function indexAction() { + if(!Pbs_Acl::checkRight('ro')) { + $this->_redirect('/user'); + } if(isset($this->userIDsNamespace['groupID'])) { $this->view->roleList = $this->roleMapper->findBy(array('groupID' => $this->userIDsNamespace['groupID']),true); @@ -46,6 +49,10 @@ class User_RoleController extends Zend_Controller_Action $this->view->roleList = $pagination->getElements(); $this->view->pagination = $pagination->pagination($pageurl); $this->view->page = $pagination->getRequestPage(); + $this->view->addRight = Pbs_Acl::checkRight('ra'); + $this->view->editRight = Pbs_Acl::checkRight('re'); + $this->view->deleteRight = Pbs_Acl::checkRight('rd'); + $this->view->detailsRight = Pbs_Acl::checkRight('rdd'); $this->view->userIDsNamespace = $this->userIDsNamespace; } else { $this->_helper->redirector('selectmembership', 'person'); @@ -54,11 +61,17 @@ class User_RoleController extends Zend_Controller_Action } public function searchAction(){ + if(Pbs_Acl::checkRight('ro')) { + $this->_redirect('/user'); + } $this->_redirect('/user/role/index/search/'.($_GET['search'])); } public function addAction() { + if(!Pbs_Acl::checkRight('ra')) { + $this->_redirect('/user'); + } if(isset($this->userIDsNamespace['groupID'])) { $roleID = $this->userIDsNamespace['roleID']; $rights = $this->rightMapper->fetchAll(); @@ -70,9 +83,9 @@ class User_RoleController extends Zend_Controller_Action } } if (!isset($_POST["add"])){ - $addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist)); + $addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist, 'inheritanceright' => Pbs_Acl::checkRight('rir'), 'addrighttoroleright' => Pbs_Acl::checkRight('rar'))); } else { - $addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist),$_POST); + $addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist, 'inheritanceright' => Pbs_Acl::checkRight('rir'), 'addrighttoroleright' => Pbs_Acl::checkRight('rar')),$_POST); if ($addForm->isValid($_POST)) { $_POST['groupID'] = $this->userIDsNamespace['groupID']; $role = new Application_Model_Role($_POST); @@ -105,7 +118,6 @@ class User_RoleController extends Zend_Controller_Action return; } } - $this->view->addForm = $addForm; } else { $this->_helper->redirector('selectmembership', 'person'); @@ -115,6 +127,9 @@ class User_RoleController extends Zend_Controller_Action public function editAction() { + if(!Pbs_Acl::checkRight('re')) { + $this->_redirect('/user'); + } $roleID = $this->_request->getParam('roleID'); if(!isset($roleID)) { if(count($this->userIDsNamespace) > 0) { @@ -122,8 +137,7 @@ class User_RoleController extends Zend_Controller_Action } } if(!isset($roleID)) { - $addForm = new user_Form_RoleAdd(); - $this->view->addForm = $addForm; + $this->_helper->redirector('add', 'role'); return; } else { $roleMapper = new Application_Model_RoleMapper(); @@ -137,9 +151,9 @@ class User_RoleController extends Zend_Controller_Action $_POST['description'] = $role->getDescription(); $_POST['groupID'] = $role->getGroupID(); $_POST['inheritance'] = $role->getInheritance(); - $editForm = new user_Form_RoleEdit(array('roleID' => $roleID)); + $editForm = new user_Form_RoleEdit(array('roleID' => $roleID, 'inheritanceright' => Pbs_Acl::checkRight('rir'))); } else { - $editForm = new user_Form_RoleEdit(array('roleID' => $roleID), $_POST); + $editForm = new user_Form_RoleEdit(array('roleID' => $roleID, 'inheritanceright' => Pbs_Acl::checkRight('rir')), $_POST); if ($editForm->isValid($_POST)) { $role = new Application_Model_Role($_POST); @@ -175,6 +189,9 @@ class User_RoleController extends Zend_Controller_Action public function showAction() { + if(!Pbs_Acl::checkRight('rdd')) { + $this->_redirect('/user'); + } $roleID = $this->_request->getParam('roleID'); if(!isset($roleID)) { if(count($this->userIDsNamespace) > 0) { @@ -210,6 +227,10 @@ class User_RoleController extends Zend_Controller_Action } else { $this->view->rightsAvailable = true; } + $this->view->editRight = Pbs_Acl::checkRight('re'); + $this->view->deleteRight = Pbs_Acl::checkRight('rd'); + $this->view->addRightToRoleRight = Pbs_Acl::checkRight('rar'); + $this->view->removeRightOfRoleRight = Pbs_Acl::checkRight('rrr'); $this->view->role = $this->roleMapper->find($roleID); $this->view->roleID = $roleID; $this->view->userIDsNamespace = $this->userIDsNamespace; @@ -227,6 +248,9 @@ class User_RoleController extends Zend_Controller_Action public function deleteAction() { + if(!Pbs_Acl::checkRight('rd')) { + $this->_redirect('/user'); + } $this->_helper->viewRenderer->setNoRender(); $roleID = $this->_request->getParam('roleID'); if(!isset($roleID)) { @@ -268,6 +292,9 @@ class User_RoleController extends Zend_Controller_Action public function linkrightAction() { + if(!Pbs_Acl::checkRight('rar')) { + $this->_redirect('/user'); + } $roleID = $this->_request->getParam('roleID'); if(!isset($roleID)) { if(count($this->userIDsNamespace) > 0) { @@ -346,6 +373,9 @@ class User_RoleController extends Zend_Controller_Action public function unlinkrightAction() { + if(!Pbs_Acl::checkRight('rrr')) { + $this->_redirect('/user'); + } $this->_helper-> viewRenderer-> setNoRender(); $rightRolesID = $this->_request->getParam('rightrolesID'); if(isset($rightRolesID)) { |