diff options
| author | Björn Geiger | 2011-03-29 15:01:46 +0200 |
|---|---|---|
| committer | Björn Geiger | 2011-03-29 15:01:46 +0200 |
| commit | 80c93c720cddb0e97c955da2fef0fd02b3827972 (patch) | |
| tree | 17c54fd08fd5420bdce9fa6cfe833a2e20c977fd /application/modules | |
| parent | Merge branch 'master' of openslx.org:lsfks/master-teamprojekt/pbs2 (diff) | |
| download | pbs2-80c93c720cddb0e97c955da2fef0fd02b3827972.tar.gz pbs2-80c93c720cddb0e97c955da2fef0fd02b3827972.tar.xz pbs2-80c93c720cddb0e97c955da2fef0fd02b3827972.zip | |
Rollenverwaltung besser abgesichert
Diffstat (limited to 'application/modules')
| -rw-r--r-- | application/modules/user/controllers/RoleController.php | 234 |
1 files changed, 143 insertions, 91 deletions
diff --git a/application/modules/user/controllers/RoleController.php b/application/modules/user/controllers/RoleController.php index 0b0cb7d..009524f 100644 --- a/application/modules/user/controllers/RoleController.php +++ b/application/modules/user/controllers/RoleController.php @@ -27,7 +27,7 @@ class User_RoleController extends Zend_Controller_Action $this->view->groupID = $this->userIDsNamespace['groupID']; $this->view->roleList = $roleList; } else { - $this->_helper->redirector('groupselect', 'role'); + $this->_helper->redirector('selectmembership', 'person'); return; } } @@ -40,7 +40,6 @@ class User_RoleController extends Zend_Controller_Action } else { $addForm = new user_Form_RoleAdd(array('rightlist' => $rightList),$_POST); if ($addForm->isValid($_POST)) { - $_POST['groupID'] = $this->userIDsNamespace['groupID']; $role = new Application_Model_Role($_POST); try { @@ -58,7 +57,7 @@ class User_RoleController extends Zend_Controller_Action $this->view->addForm = $addForm; } else { - $this->_helper->redirector('groupselect', 'role'); + $this->_helper->redirector('selectmembership', 'person'); return; } } @@ -75,33 +74,44 @@ class User_RoleController extends Zend_Controller_Action $addForm = new user_Form_RoleAdd(); $this->view->addForm = $addForm; return; - } - if (!isset($_POST["save"])){ - $role = $this->roleMapper->find($roleID); - $_POST['title'] = $role->getTitle(); - $_POST['description'] = $role->getDescription(); - $_POST['groupID'] = $role->getGroupID(); - $_POST['inheritance'] = $role->getInheritance(); - $editForm = new user_Form_RoleEdit(array('roleID' => $roleID)); } else { - $editForm = new user_Form_RoleEdit(array('roleID' => $roleID), $_POST); - if ($editForm->isValid($_POST)) { - - $role = new Application_Model_Role($_POST); - $role->setID($this->_request->getParam('roleID')); - try { - $this->roleMapper->save($role); - } catch(Zend_Exception $e) - { - echo "Caught exception: " . get_class($e) . "<br/>"; - echo "Message: " . $e->getMessage() . "<br/>"; + $roleMapper = new Application_Model_RoleMapper(); + $role = $roleMapper->find($roleID); + $roleGroupID = $role->getGroupID(); + } + if($this->userIDsNamespace['groupID'] == $roleGroupID) { + if (!isset($_POST["save"])){ + $role = $this->roleMapper->find($roleID); + $_POST['title'] = $role->getTitle(); + $_POST['description'] = $role->getDescription(); + $_POST['groupID'] = $role->getGroupID(); + $_POST['inheritance'] = $role->getInheritance(); + $editForm = new user_Form_RoleEdit(array('roleID' => $roleID)); + } else { + $editForm = new user_Form_RoleEdit(array('roleID' => $roleID), $_POST); + if ($editForm->isValid($_POST)) { + + $role = new Application_Model_Role($_POST); + $role->setID($this->_request->getParam('roleID')); + try { + $this->roleMapper->save($role); + } catch(Zend_Exception $e) + { + echo "Caught exception: " . get_class($e) . "<br/>"; + echo "Message: " . $e->getMessage() . "<br/>"; + return; + } + $this->_redirect($_SERVER['HTTP_REFERER']); return; } - $this->_redirect($_SERVER['HTTP_REFERER']); - return; } + $this->view->editForm = $editForm; + } else { + $pbsNotifier = new Pbs_Notifier(); + echo $pbsNotifier->notify('modify','forbidden'); + $this->_helper-> viewRenderer-> setNoRender(); + return; } - $this->view->editForm = $editForm; } public function showAction() @@ -113,19 +123,29 @@ class User_RoleController extends Zend_Controller_Action } } if($roleID) { - $rightroles = $this->rightRolesMapper->findBy('roleID', $roleID); - if(count($rightroles) > 0) { - foreach($rightroles as $rightrole) { - $right = $this->rightMapper->find($rightrole['rightID']); - $rightsList[] = $right; - } - if(is_array($rightsList)) { - $this->view->rightsList = $rightsList; + $roleMapper = new Application_Model_RoleMapper(); + $role = $roleMapper->find($roleID); + $roleGroupID = $role->getGroupID(); + if($this->userIDsNamespace['groupID'] == $roleGroupID) { + $rightroles = $this->rightRolesMapper->findBy('roleID', $roleID); + if(count($rightroles) > 0) { + foreach($rightroles as $rightrole) { + $right = $this->rightMapper->find($rightrole['rightID']); + $rightsList[] = $right; + } + if(is_array($rightsList)) { + $this->view->rightsList = $rightsList; + } } + $this->view->role = $this->roleMapper->find($roleID); + $this->view->roleID = $roleID; + $this->view->userIDsNamespace = $this->userIDsNamespace; + } else { + $pbsNotifier = new Pbs_Notifier(); + echo $pbsNotifier->notify('view','forbidden'); + $this->_helper-> viewRenderer-> setNoRender(); + return; } - $this->view->role = $this->roleMapper->find($roleID); - $this->view->roleID = $roleID; - $this->view->userIDsNamespace = $this->userIDsNamespace; } else { $this->_helper->redirector('', 'role'); return; @@ -142,17 +162,27 @@ class User_RoleController extends Zend_Controller_Action } } if (isset($roleID)){ - $role = $this->roleMapper->find($roleID); - try { - $this->roleMapper->delete($role); - } catch(Zend_Exception $e) - { - echo "Caught exception: " . get_class($e) . "<br/>"; - echo "Message: " . $e->getMessage() . "<br/>"; + $roleMapper = new Application_Model_RoleMapper(); + $role = $roleMapper->find($roleID); + $roleGroupID = $role->getGroupID(); + if($this->userIDsNamespace['groupID'] == $roleGroupID) { + $role = $this->roleMapper->find($roleID); + try { + $this->roleMapper->delete($role); + } catch(Zend_Exception $e) + { + echo "Caught exception: " . get_class($e) . "<br/>"; + echo "Message: " . $e->getMessage() . "<br/>"; + return; + } + $this->_helper->redirector('', 'role'); + return; + } else { + $pbsNotifier = new Pbs_Notifier(); + echo $pbsNotifier->notify('delete','forbidden'); + $this->_helper-> viewRenderer-> setNoRender(); return; } - $this->_helper->redirector('', 'role'); - return; } else { $this->_helper->redirector('', 'role'); return; @@ -168,50 +198,61 @@ class User_RoleController extends Zend_Controller_Action } } if(isset($roleID)) { - $rightroles = $this->rightRolesMapper->findBy('roleID', $roleID); - $rights = $this->rightMapper->fetchAll(); - if(count($rightroles) > 0) { - if(count($rights) > 0) { - foreach($rights as $right) { - foreach($rightroles as $rightrole) { - if($right->getID() == $rightrole['rightID']) { - $found = true; - break; + $roleMapper = new Application_Model_RoleMapper(); + $role = $roleMapper->find($roleID); + $roleGroupID = $role->getGroupID(); + if($this->userIDsNamespace['groupID'] == $roleGroupID) { + $rightroles = $this->rightRolesMapper->findBy('roleID', $roleID); + $rights = $this->rightMapper->fetchAll(); + if(count($rightroles) > 0) { + if(count($rights) > 0) { + foreach($rights as $right) { + foreach($rightroles as $rightrole) { + if($right->getID() == $rightrole['rightID']) { + $found = true; + break; + } } + if(!$found) { + $rightlist[] = $right; + } + $found = false; } - if(!$found) { - $rightlist[] = $right; - } - $found = false; } - } - } else { - $rightlist = $rights; - } - if(count($rightlist) > 0) { - if (!isset($_POST["link"])){ - $linkForm = new user_Form_LinkRight(array('rightlist' => $rightlist, 'roleID' => $roleID)); } else { - $linkForm = new user_Form_LinkRight(array('rightlist' => $rightlist, 'roleID' => $roleID), $_POST); - if ($linkForm->isValid($_POST)) { - $rightroles = new Application_Model_RightRoles(); - $rightroles->setRightID($_POST['rightID']); - $rightroles->setRoleID($roleID); - try { - $this->rightRolesMapper->save($rightroles); - } catch(Zend_Exception $e) - { - echo "Caught exception: " . get_class($e) . "<br/>"; - echo "Message: " . $e->getMessage() . "<br/>"; + $rightlist = $rights; + } + if(count($rightlist) > 0) { + if (!isset($_POST["link"])){ + $linkForm = new user_Form_LinkRight(array('rightlist' => $rightlist, 'roleID' => $roleID)); + } else { + $linkForm = new user_Form_LinkRight(array('rightlist' => $rightlist, 'roleID' => $roleID), $_POST); + if ($linkForm->isValid($_POST)) { + $rightroles = new Application_Model_RightRoles(); + $rightroles->setRightID($_POST['rightID']); + $rightroles->setRoleID($roleID); + try { + $this->rightRolesMapper->save($rightroles); + } catch(Zend_Exception $e) + { + echo "Caught exception: " . get_class($e) . "<br/>"; + echo "Message: " . $e->getMessage() . "<br/>"; + return; + } + $this->_redirect('/user/role/show/roleID/' . $roleID); return; } - $this->_redirect('/user/role/show/roleID/' . $roleID); - return; } + $this->view->linkForm = $linkForm; + } else { + $this->_redirect('/user/role/show/roleID/' . $roleID); + return; } - $this->view->linkForm = $linkForm; + } else { - $this->_redirect('/user/role/show/roleID/' . $roleID); + $pbsNotifier = new Pbs_Notifier(); + echo $pbsNotifier->notify('link','forbidden'); + $this->_helper-> viewRenderer-> setNoRender(); return; } } else { @@ -229,19 +270,30 @@ class User_RoleController extends Zend_Controller_Action $roleID = $rightRolesID[0]; $rightID = $rightRolesID[1]; if (isset($roleID) && isset($rightID)){ - $rightroles = new Application_Model_RightRoles(); - $rightroles->setRoleID($roleID); - $rightroles->setRightID($rightID); - try { - $this->rightRolesMapper->delete($rightroles); - } catch(Zend_Exception $e) - { - echo "Caught exception: " . get_class($e) . "<br/>"; - echo "Message: " . $e->getMessage() . "<br/>"; + $roleMapper = new Application_Model_RoleMapper(); + $role = $roleMapper->find($roleID); + $roleGroupID = $role->getGroupID(); + if($this->userIDsNamespace['groupID'] == $roleGroupID) { + $rightroles = new Application_Model_RightRoles(); + $rightroles->setRoleID($roleID); + $rightroles->setRightID($rightID); + try { + $this->rightRolesMapper->delete($rightroles); + } catch(Zend_Exception $e) + { + echo "Caught exception: " . get_class($e) . "<br/>"; + echo "Message: " . $e->getMessage() . "<br/>"; + return; + + } + $this->_redirect('/user/role/show/roleID/' . $roleID); + return; + } else { + $pbsNotifier = new Pbs_Notifier(); + echo $pbsNotifier->notify('unlink','forbidden'); + $this->_helper-> viewRenderer-> setNoRender(); return; } - $this->_redirect('/user/role/show/roleID/' . $roleID); - return; } } else { $this->_helper->redirector('', 'role'); |