diff options
| author | Björn Geiger | 2011-04-05 17:36:16 +0200 |
|---|---|---|
| committer | Björn Geiger | 2011-04-05 17:36:16 +0200 |
| commit | e0935357c77f0fbeea2b0ffaec447d3521368006 (patch) | |
| tree | 6009c5511dfbf6dba493baed536212b23d2cfc4f /application/modules | |
| parent | Paging bei Person, Group und Role (diff) | |
| parent | recht für superadmin vergessen (diff) | |
| download | pbs2-e0935357c77f0fbeea2b0ffaec447d3521368006.tar.gz pbs2-e0935357c77f0fbeea2b0ffaec447d3521368006.tar.xz pbs2-e0935357c77f0fbeea2b0ffaec447d3521368006.zip | |
Merge branch 'master' of ssh://git.openslx.org/lsfks/master-teamprojekt/pbs2
Diffstat (limited to 'application/modules')
11 files changed, 266 insertions, 145 deletions
diff --git a/application/modules/user/controllers/BootisoController.php b/application/modules/user/controllers/BootisoController.php index 877cb65..654e7eb 100644 --- a/application/modules/user/controllers/BootisoController.php +++ b/application/modules/user/controllers/BootisoController.php @@ -58,8 +58,8 @@ class user_BootisoController extends Zend_Controller_Action $groupID = $this->membership->getGroupID(); - //TODO ACL Darf er BootISOMenu sehen? - if(false) + //ACL Darf er BootISOMenu sehen? + if(!Pbs_Acl::checkRight('bai') && !Pbs_Acl::checkRight('bui')) $this->_redirect('/user/index'); $groupgroupsMapper = new Application_Model_GroupGroupsMapper(); @@ -84,11 +84,11 @@ class user_BootisoController extends Zend_Controller_Action $mySearch = new Pbs_Search(); $mySearch->setSearchTerm($search); $mySearch->setModule('bootiso'); - $this->view->searchform = $mySearch->searchForm(); if($search != ''){ $this->view->search = $mySearch->getSearchTerm(); $this->view->bootisolist = $mySearch->search($this->view->bootisolist); } + $this->view->searchform = $mySearch->searchForm(); // Pagination $pagination = new Pbs_Pagination(); @@ -101,9 +101,8 @@ class user_BootisoController extends Zend_Controller_Action $this->view->pagination = $pagination->pagination($pageurl); $this->view->page = $pagination->getRequestPage(); $this->view->bootisolist= $this->view->bootisolist; - - - + + $prebootMapper = new Application_Model_PreBootMapper(); $this->view->prebootlist = array(); @@ -126,8 +125,8 @@ class user_BootisoController extends Zend_Controller_Action - //TODO ACL Darf er BootISOs downloaden? - if(false) + //ACL Darf er BootISOs downloaden? + if(!Pbs_Acl::checkRight('bdld')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/downloadresult/forbidden'); $prebootID = $this->_request->getParam('prebootID'); @@ -159,8 +158,8 @@ class user_BootisoController extends Zend_Controller_Action public function createbootisoAction() { - //TODO ACL Darf er BootISOs erstellen? - if(false) + //ACL Darf er BootISOs erstellen? + if(!Pbs_Acl::checkRight('bc')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/addresult/forbidden'); $groupgroupsMapper = new Application_Model_GroupGroupsMapper(); @@ -176,7 +175,6 @@ class user_BootisoController extends Zend_Controller_Action 'action' => 'createbootiso', 'prebootlist' => $prebootlist, 'groupdepth' => $childgroups, - 'rights' => null, 'page'=>$this->page)); } else { @@ -184,14 +182,12 @@ class user_BootisoController extends Zend_Controller_Action 'action' => 'createbootiso', 'prebootlist' => $prebootlist, 'groupdepth' => $childgroups, - 'rights' => null, 'page'=>$this->page),$_POST); if ($bootisoForm->isValid($_POST)) { $bootiso = new Application_Model_BootIso($_POST); - $bootiso->setMembershipID($this->membership->getID()); $bootiso->setGroupID($this->membership->getGroupID()); $bootiso->setCreated(time()); @@ -227,8 +223,8 @@ class user_BootisoController extends Zend_Controller_Action public function editbootisoAction() { - //TODO ACL Darf er BootISOs editieren? - if(false) + //ACL Darf er BootISOs editieren? + if(!Pbs_Acl::checkRight('be')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/modifyresult/forbidden'); $bootisoID = $this->_request->getParam('bootisoID'); @@ -255,7 +251,6 @@ class user_BootisoController extends Zend_Controller_Action 'action' => 'editbootiso', 'prebootlist' => $prebootlist, 'groupdepth' => $childgroups, - 'rights' => 'meta', 'page' => $this->page)); $bootisoForm->populate($bootiso->toArray()); @@ -264,7 +259,6 @@ class user_BootisoController extends Zend_Controller_Action 'action' => 'editbootiso', 'prebootlist' => $prebootlist, 'groupdepth' => $childgroups, - 'rights' => 'meta', 'page' => $this->page),$_POST); if ($bootisoForm->isValid($_POST)) { @@ -272,7 +266,6 @@ class user_BootisoController extends Zend_Controller_Action $bootisoold = $bootiso; $bootiso = new Application_Model_BootIso($_POST); - $bootiso->setMembershipID($this->membership->getID()); $bootiso->setGroupID($this->membership->getGroupID()); $bootiso->setCreated(time()); $bootiso->setID($bootisoID); @@ -282,8 +275,8 @@ class user_BootisoController extends Zend_Controller_Action $bootiso->getExpires() != $bootisoold->getExpires() || $bootiso->getPublic() != $bootisoold->getPublic() || $bootiso->getSerialnumber() != $bootisoold->getSerialnumber()){ - //TODO ACL Is he allowed to edit other than Metadata? - if(false) + //ACL Is he allowed to edit other than Metadata? + if(Pbs_Acl::checkRight('bem')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/modifyresult/forbidden'); } @@ -317,8 +310,8 @@ class user_BootisoController extends Zend_Controller_Action public function deletebootisoAction() { - //TODO ACL Darf er BootISOs löschen? - if(false) + //ACL Darf er BootISOs löschen? + if(!Pbs_Acl::checkRight('bd')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/deleteresult/forbidden'); try{ diff --git a/application/modules/user/controllers/BootmenuController.php b/application/modules/user/controllers/BootmenuController.php index dfe9f20..f24cb47 100644 --- a/application/modules/user/controllers/BootmenuController.php +++ b/application/modules/user/controllers/BootmenuController.php @@ -57,8 +57,8 @@ class user_BootmenuController extends Zend_Controller_Action } - //TODO ACL Darf er Bootmenus sehen? - if(false) + //ACL Darf er Bootmenus sehen? + if(!Pbs_Acl::checkRight('booai') && !Pbs_Acl::checkRight('booui')) $this->_redirect('/user/index'); $this->bootMenumapper = new Application_Model_BootMenuMapper(); @@ -66,8 +66,7 @@ class user_BootmenuController extends Zend_Controller_Action $bootosMapper = new Application_Model_BootOsMapper(); $configMapper = new Application_Model_ConfigMapper(); - if(true){ - //TODO nur Bootmenus von Admins + if(Pbs_Acl::checkRight('booai')){ $bootmenu = $this->bootmenuMapper->findBy(array('groupID' => $this->membership->getGroupID())); foreach ($bootmenu as $bm){ $bootmenuID = $bm->getID(); @@ -93,11 +92,11 @@ class user_BootmenuController extends Zend_Controller_Action $mySearch = new Pbs_Search(); $mySearch->setSearchTerm($search); $mySearch->setModule('bootmenu'); - $this->view->searchform = $mySearch->searchForm(); if($search != ''){ $this->view->search = $mySearch->getSearchTerm(); $bootmenu = $mySearch->search($bootmenu); } + $this->view->searchform = $mySearch->searchForm(); // Pagination $pagination = new Pbs_Pagination(); @@ -122,23 +121,23 @@ class user_BootmenuController extends Zend_Controller_Action public function createbootmenuAction() { - //TODO ACL Darf er BootMenus erstellen? - if(false) + //ACL Darf er BootMenus erstellen? + if(!Pbs_Acl::checkRight('booc')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/addresult/forbidden'); if (!isset($_POST["createbootmenu"])){ - $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu', 'rights' => 'all','page' => $this->page)); + $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu','page' => $this->page)); } else { - $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu', 'rights' => 'all','page' => $this->page),$_POST); + $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu','page' => $this->page),$_POST); if ($bootmenuForm->isValid($_POST)) { $bootmenu = new Application_Model_BootMenu($_POST); - $bootmenu->setMembershipID($this->membership->getID()); - $bootmenu->setGroupID($this->membership->getGroupID()); $bootmenu->setCreated(time()); + $bootmenu->setGroupID($this->membership->getGroupID()); + try{ $this->bootmenuMapper->save($bootmenu); }catch(Zend_Exception $e){ @@ -156,8 +155,8 @@ class user_BootmenuController extends Zend_Controller_Action public function editbootmenuAction() { - //TODO ACL Is he allowed to edit BootMenus? - if(false) + //ACL Is he allowed to edit BootMenus? + if(!Pbs_Acl::checkRight('booe')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); $bootmenuID = $this->_request->getParam('bootmenuID'); @@ -172,26 +171,21 @@ class user_BootmenuController extends Zend_Controller_Action if (!isset($_POST["editbootmenu"])){ - $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page)); + $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page)); $bootmenuForm->populate($bootmenu->toArray()); }else{ - $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page),$_POST); + $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page),$_POST); if ($bootmenuForm->isValid($_POST)) { $bootmenuold = $bootmenu; $bootmenu = new Application_Model_BootMenu($_POST); - $bootmenu->setMembershipID($this->membership->getID()); $bootmenu->setGroupID($this->membership->getGroupID()); $bootmenu->setCreated(time()); $bootmenu->setID($bootmenuID); - //TODO ACL Is he allowed to edit this? - if(false) - $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); - try { $this->bootmenuMapper->save($bootmenu); }catch(Zend_Exception $e) @@ -212,8 +206,8 @@ class user_BootmenuController extends Zend_Controller_Action public function deletebootmenuAction() { - //TODO ACL Is he allowed to delete Bootmenu? - if(false) + //ACL Is he allowed to delete Bootmenu? + if(!Pbs_Acl::checkRight('bood')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden'); try{ @@ -240,8 +234,8 @@ class user_BootmenuController extends Zend_Controller_Action public function addbootmenuentryAction() { - //TODO ACL Darf er BootMenuEntries erstellen? - if(false) + //ACL Darf er BootMenuEntries erstellen? + if(!Pbs_Acl::checkRight('booae')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/addresult/forbidden'); $bootmenuID = $this->_request->getParam('bootmenuID'); @@ -255,6 +249,9 @@ class user_BootmenuController extends Zend_Controller_Action $bootoslist = $bootosMapper->fetchAll(); $configlist = $configMapper->fetchAll(); + if($this->membership->getGroupID() != $this->bootmenuMapper->find($bootmenuID)->getGroupID()) + $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); + if (!isset($_POST["addbootmenuentry"])){ $bootmenuentryForm = new user_Form_BootmenuEntries(array( @@ -262,8 +259,7 @@ class user_BootmenuController extends Zend_Controller_Action 'maxorder'=> $maxorder, 'configlist'=> $configlist, 'page' => $this->page, - 'action' => 'addbootmenuentry', - 'rights' => 'meta' + 'action' => 'addbootmenuentry' )); $bootmenuentryForm->populate(array('order' => $maxorder)); @@ -278,8 +274,7 @@ class user_BootmenuController extends Zend_Controller_Action 'maxorder'=> $maxorder, 'configlist'=>$configlist, 'page' => $this->page, - 'action' => 'addbootmenuentry', - 'rights' => 'meta'),$_POST); + 'action' => 'addbootmenuentry'),$_POST); if ($bootmenuentryForm->isValid($_POST)) { @@ -312,8 +307,8 @@ class user_BootmenuController extends Zend_Controller_Action public function editbootmenuentryAction() { - //TODO ACL Is he allowed to edit BootMenus? - if(false) + //ACL Is he allowed to edit BootMenus? + if(!Pbs_Acl::checkRight('booee')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); $bootmenuentryID = $this->_request->getParam('bootmenuentryID'); @@ -344,7 +339,6 @@ class user_BootmenuController extends Zend_Controller_Action 'kcl' => $bootmenuentry->getKcl(), 'page' => $this->page, 'action' => 'editbootmenuentry', - 'rights' => 'all' )); if(!isset($_POST['configID'])){ @@ -363,8 +357,7 @@ class user_BootmenuController extends Zend_Controller_Action 'configlist'=> $configlist, 'kcl' => $bootmenuentry->getKcl(), 'page' => $this->page, - 'action' => 'editbootmenuentry', - 'rights' => 'all'),$_POST); + 'action' => 'editbootmenuentry'),$_POST); if ($bootmenuentryForm->isValid($_POST)) { @@ -378,8 +371,8 @@ class user_BootmenuController extends Zend_Controller_Action $bootmenuentryold->getConfigID() != $bootmenuentry->getConfigID() || $bootmenuentryold->getKcl() != $bootmenuentry->getKcl() || $bootmenuentryold->getKclappend() != $bootmenuentry->getKclappend()){ - //TODO ACL Is he allowed to edit this? - if(false) + //ACL Is he allowed to edit this? + if(Pbs_Acl::checkRight('booeem')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden'); } @@ -410,8 +403,8 @@ class user_BootmenuController extends Zend_Controller_Action public function removebootmenuentryAction() { - //TODO ACL Is he allowed to delete Bootos? - if(false) + //ACL Is he allowed to delete Bootos? + if(!Pbs_Acl::checkRight('boode')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden'); try{ diff --git a/application/modules/user/controllers/BootosController.php b/application/modules/user/controllers/BootosController.php index e1b4f7b..12e2d68 100644 --- a/application/modules/user/controllers/BootosController.php +++ b/application/modules/user/controllers/BootosController.php @@ -57,8 +57,8 @@ class user_BootosController extends Zend_Controller_Action $groupID = $this->membership->getGroupID(); - //TODO ACL Darf er BootOsMenu sehen? - if(false) + //ACL Darf er BootOs sehen? + if(!Pbs_Acl::checkRight('boai') && !Pbs_Acl::checkRight('boui')) $this->_redirect('/user/index'); $configMapper = new Application_Model_ConfigMapper(); @@ -71,11 +71,11 @@ class user_BootosController extends Zend_Controller_Action $mySearch = new Pbs_Search(); $mySearch->setSearchTerm($search); $mySearch->setModule('bootos'); - $this->view->searchform = $mySearch->searchForm(); if($search != ''){ $this->view->search = $mySearch->getSearchTerm(); $this->view->bootoslist = $mySearch->search($this->view->bootoslist); } + $this->view->searchform = $mySearch->searchForm(); // Pagination $pagination = new Pbs_Pagination(); @@ -110,8 +110,8 @@ class user_BootosController extends Zend_Controller_Action public function createbootosAction() { - //TODO ACL Darf er BootISOs erstellen? - if(false) + //ACL Darf er BootISOs erstellen? + if(!Pbs_Acl::checkRight('boc')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/addresult/forbidden'); $groupID = $this->membership->getGroupID(); @@ -119,7 +119,6 @@ class user_BootosController extends Zend_Controller_Action $groupgroupsMapper = new Application_Model_GroupGroupsMapper(); $childgroups = count($groupgroupsMapper->getChildGroups($groupID)); - //TODO nur configs von admins $configMapper = new Application_Model_ConfigMapper(); $configlist = $configMapper->findBy(array("groupID" => $groupID)); @@ -128,7 +127,6 @@ class user_BootosController extends Zend_Controller_Action 'action' => 'createbootos', 'groupdepth' => $childgroups, 'configlist'=>$configlist, - 'rights' => 'all', 'page' => $this->page)); } else { @@ -136,14 +134,12 @@ class user_BootosController extends Zend_Controller_Action 'action' => 'createbootos', 'groupdepth' => $childgroups, 'configlist'=>$configlist, - 'rights' => 'all', 'page' => $this->page),$_POST); if ($bootosForm->isValid($_POST)) { $bootos = new Application_Model_BootOs($_POST); - $bootos->setMembershipID($this->membership->getID()); $bootos->setGroupID($this->membership->getGroupID()); $bootos->setCreated(time()); @@ -194,8 +190,8 @@ class user_BootosController extends Zend_Controller_Action public function checkupdateAction($bootos) { - //TODO ACL Is he allowed to update Preboots? - if(false) + //ACL Is he allowed to update Preboots? + if(!Pbs_Acl::checkRight('bou')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/updateresult/forbidden'); $bootosID = $bootos->getID(); @@ -231,8 +227,8 @@ class user_BootosController extends Zend_Controller_Action public function updatebootosAction() { - //TODO ACL Is he allowed to update Preboots? - if(false) + //ACL Is he allowed to update Preboots? + if(!Pbs_Acl::checkRight('bou')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/updateresult/forbidden'); $bootosID = $this->_request->getParam('bootosID'); @@ -266,8 +262,8 @@ class user_BootosController extends Zend_Controller_Action public function editbootosAction() { - //TODO ACL Is he allowed to edit Preboots? - if(false) + //ACL Is he allowed to edit Preboots? + if(!Pbs_Acl::checkRight('boe')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/modifyresult/forbidden'); $bootosID = $this->_request->getParam('bootosID'); @@ -294,7 +290,6 @@ class user_BootosController extends Zend_Controller_Action 'action' => 'editbootos', 'groupdepth' => $childgroups, 'configlist'=>$configlist, - 'rights' => 'meta', 'page' => $this->page)); $bootosForm->populate($bootos->toArray()); @@ -304,7 +299,6 @@ class user_BootosController extends Zend_Controller_Action 'action' => 'editbootos', 'groupdepth' => $childgroups, 'configlist'=>$configlist, - 'rights' => 'meta', 'page' => $this->page),$_POST); if ($bootosForm->isValid($_POST)) { @@ -312,7 +306,6 @@ class user_BootosController extends Zend_Controller_Action $bootosold = $bootos; $bootos = new Application_Model_BootOs($_POST); - $bootos->setMembershipID($this->membership->getID()); $bootos->setGroupID($this->membership->getGroupID()); $bootos->setCreated(time()); if($bootos->getConfigID() == '') @@ -323,14 +316,14 @@ class user_BootosController extends Zend_Controller_Action $bootos->getDefaultkcl() != $bootosold->getDefaultkcl() || $bootos->getExpires() != $bootosold->getExpires() || $bootos->getPublic() != $bootosold->getPublic() ){ - //TODO ACL Is he allowed to edit this? - if(false) + //ACL Is he allowed to edit this? + if(Pbs_Acl::checkRight('boem')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/modifyresult/forbidden'); } if($bootos->getPath_kernel() != $bootosold->getPath_kernel() || $bootos->getPath_init() != $bootosold->getPath_init()){ - //TODO ACL Is he allowed to edit the Kernel/Init Path? - if(false) + //ACL Is he allowed to edit the Kernel/Init Path? + if(Pbs_Acl::checkRight('boem')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/modifyresult/forbidden'); $path_tmp = "../resources/bootos/"; @@ -380,8 +373,8 @@ class user_BootosController extends Zend_Controller_Action public function deletebootosAction() { - //TODO ACL Is he allowed to delete Bootos? - if(false) + //ACL Is he allowed to delete Bootos? + if(!Pbs_Acl::checkRight('bod')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/deleteresult/forbidden'); try{ diff --git a/application/modules/user/controllers/ClientController.php b/application/modules/user/controllers/ClientController.php index 9fe4b03..73c5279 100644 --- a/application/modules/user/controllers/ClientController.php +++ b/application/modules/user/controllers/ClientController.php @@ -54,11 +54,11 @@ class User_ClientController extends Zend_Controller_Action $mySearch = new Pbs_Search(); $mySearch->setSearchTerm($search); $mySearch->setModule('client'); - $this->view->searchform = $mySearch->searchForm(); if($search != ''){ $this->view->search = $mySearch->getSearchTerm(); $clientsInGroup = $mySearch->search($clientsInGroup); } + $this->view->searchform = $mySearch->searchForm(); // Pagination $pagination = new Pbs_Pagination(); diff --git a/application/modules/user/controllers/ConfigController.php b/application/modules/user/controllers/ConfigController.php index 4bc2526..498e890 100644 --- a/application/modules/user/controllers/ConfigController.php +++ b/application/modules/user/controllers/ConfigController.php @@ -48,15 +48,14 @@ class user_ConfigController extends Zend_Controller_Action $groupID = $this->membership->getGroupID(); - //TODO ACL Darf er Configs sehen? - if(false) + //ACL Darf er Configs sehen? + if(!Pbs_Acl::checkRight('csai') && !Pbs_Acl::checkRight('csui')) $this->_redirect('/user/index'); $this->configMapper = new Application_Model_ConfigMapper(); $groupMapper = new Application_Model_GroupMapper(); - if(true){ - //TODO nur Configs von Admins + if(Pbs_Acl::checkRight('csai')){ $this->view->configlist = $this->configMapper->findBy(array('groupID' => $this->membership->getGroupID())); }else{ $this->view->configlist = $this->configMapper->findBy(array('membershipID' => $this->membership->getID())); @@ -71,11 +70,11 @@ class user_ConfigController extends Zend_Controller_Action $mySearch = new Pbs_Search(); $mySearch->setSearchTerm($search); $mySearch->setModule('config'); - $this->view->searchform = $mySearch->searchForm(); if($search != ''){ $this->view->search = $mySearch->getSearchTerm(); $this->view->configlist = $mySearch->search($this->view->configlist); } + $this->view->searchform = $mySearch->searchForm(); // Pagination $pagination = new Pbs_Pagination(); @@ -97,22 +96,25 @@ class user_ConfigController extends Zend_Controller_Action public function createconfigAction() { - //TODO ACL Darf er Configs erstellen? - if(false) + //ACL Darf er Configs erstellen? + if(!Pbs_Acl::checkRight('cc')) $this->_redirect('/user/config/index/page/'.$this->page.'/addresult/forbidden'); if (!isset($_POST["createconfig"])){ - $configForm = new user_Form_Config(array('action' => 'createconfig','rights' => null,'page'=>$this->page)); + $configForm = new user_Form_Config(array('action' => 'createconfig','page'=>$this->page)); } else { - $configForm = new user_Form_Config(array('action' => 'createconfig','rights' => null,'page'=>$this->page),$_POST); + $configForm = new user_Form_Config(array('action' => 'createconfig','page'=>$this->page),$_POST); if ($configForm->isValid($_POST)) { $config = new Application_Model_Config($_POST); $config->setCreated(time()); - $config->setMembershipID($this->membership->getID()); - $config->setGroupID($this->membership->getGroupID()); - + + if(Pbs_Acl::checkRight('csai')) + $config->setGroupID($this->membership->getGroupID()); + else + $config->setMembershipID($this->membership->getID()); + try { $this->configMapper->save($config); }catch(Zend_Exception $e) @@ -130,8 +132,8 @@ class user_ConfigController extends Zend_Controller_Action public function editconfigAction() { - //TODO ACL Darf er Configs editieren? - if(false) + //ACL Darf er Configs editieren? + if(!Pbs_Acl::checkRight('ce')) $this->_redirect('/user/config/index/page/'.$this->page.'/modifyresult/forbidden'); $configID = $this->_request->getParam('configID'); @@ -153,11 +155,11 @@ class user_ConfigController extends Zend_Controller_Action if (!isset($_POST["editconfig"])){ - $configForm = new user_Form_Config(array('action' => 'editconfig','rights' => 'meta','page'=>$this->page)); + $configForm = new user_Form_Config(array('action' => 'editconfig','page'=>$this->page)); $configForm->populate($config->toArray()); }else{ - $configForm = new user_Form_Config(array('action' => 'editconfig','rights' => 'meta','page'=>$this->page),$_POST); + $configForm = new user_Form_Config(array('action' => 'editconfig','page'=>$this->page),$_POST); if ($configForm->isValid($_POST)) { @@ -165,13 +167,17 @@ class user_ConfigController extends Zend_Controller_Action $config = new Application_Model_Config($_POST); $config->setCreated(time()); - $config->setMembershipID($this->membership->getID()); - $config->setGroupID($this->membership->getGroupID()); + + if(Pbs_Acl::checkRight('csai')) + $config->setGroupID($this->membership->getGroupID()); + else + $config->setMembershipID($this->membership->getID()); + $config->setID($configID); if($configold->getShellscript() != $config->getShellscript()){ - //TODO ACL Is he allowed to edit other than Metadata? - if(false) + //ACL Is he allowed to edit other than Metadata? + if(Pbs_Acl::checkRight('cem')) $this->_redirect('/user/config/index/page/'.$this->page.'/modifyresult/forbidden'); } @@ -195,8 +201,8 @@ class user_ConfigController extends Zend_Controller_Action public function deleteconfigAction() { - //TODO ACL Darf er Configs löschen? - if(false) + //ACL Darf er Configs löschen? + if(!Pbs_Acl::checkRight('cd')) $this->_redirect('/user/config/index/page/'.$this->page.'/deleteresult/forbidden'); try{ diff --git a/application/modules/user/controllers/FilterController.php b/application/modules/user/controllers/FilterController.php index f84f501..e9850a9 100644 --- a/application/modules/user/controllers/FilterController.php +++ b/application/modules/user/controllers/FilterController.php @@ -61,11 +61,11 @@ class User_FilterController extends Zend_Controller_Action $mySearch = new Pbs_Search(); $mySearch->setSearchTerm($search); $mySearch->setModule('filter'); - $this->view->searchform = $mySearch->searchForm(); if($search != ''){ $this->view->search = $mySearch->getSearchTerm(); $allFilter = $mySearch->search($allFilter); } + $this->view->searchform = $mySearch->searchForm(); // Pagination $pagination = new Pbs_Pagination(); diff --git a/application/modules/user/controllers/PoolController.php b/application/modules/user/controllers/PoolController.php index 7800c7a..87f330a 100644 --- a/application/modules/user/controllers/PoolController.php +++ b/application/modules/user/controllers/PoolController.php @@ -70,11 +70,11 @@ class User_PoolController extends Zend_Controller_Action $mySearch = new Pbs_Search(); $mySearch->setSearchTerm($search); $mySearch->setModule('pool'); - $this->view->searchform = $mySearch->searchForm(); if($search != ''){ $this->view->search = $mySearch->getSearchTerm(); $yourpools = $mySearch->search($yourpools); } + $this->view->searchform = $mySearch->searchForm(); // Pagination $pagination = new Pbs_Pagination(); diff --git a/application/modules/user/controllers/PrebootController.php b/application/modules/user/controllers/PrebootController.php index 43cbf8a..f283969 100644 --- a/application/modules/user/controllers/PrebootController.php +++ b/application/modules/user/controllers/PrebootController.php @@ -58,8 +58,8 @@ class User_PrebootController extends Zend_Controller_Action $groupID = $this->membership->getGroupID(); - //TODO ACL Darf er PrebootMenu sehen? - if(false) + //ACL Darf er PrebootMenu sehen? + if(!Pbs_Acl::checkRight('pro')) $this->_redirect('/user/index'); $this->view->prebootlist = $this->prebootMapper->findBy(array("groupID" => $groupID)); @@ -69,11 +69,11 @@ class User_PrebootController extends Zend_Controller_Action $mySearch = new Pbs_Search(); $mySearch->setSearchTerm($search); $mySearch->setModule('preboot'); - $this->view->searchform = $mySearch->searchForm(); if($search != ''){ $this->view->search = $mySearch->getSearchTerm(); $this->view->prebootlist = $mySearch->search($this->view->prebootlist); } + $this->view->searchform = $mySearch->searchForm(); // Pagination $pagination = new Pbs_Pagination(); @@ -87,8 +87,7 @@ class User_PrebootController extends Zend_Controller_Action $this->view->page = $pagination->getRequestPage(); $this->view->prebootlist= $this->view->prebootlist; - - + $this->view->update = array(); $update = $this->_request->getParam('checkupdate'); @@ -107,8 +106,8 @@ class User_PrebootController extends Zend_Controller_Action public function createprebootAction() { - //TODO ACL Is he allowed to create Preboots? - if(false) + //ACL Is he allowed to create Preboots? + if(!Pbs_Acl::checkRight('prc')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/addresult/forbidden'); if (!isset($_POST["createpreboot"])){ @@ -124,8 +123,7 @@ class User_PrebootController extends Zend_Controller_Action if ($prebootForm->isValid($_POST)) { $preboot = new Application_Model_PreBoot($_POST); - $preboot->setMembershipID($this->membership->getID()); - $preboot->setGroupID($this->membership->getGroupID()); + $preboot->setGroupID($this->membership->getGroupID()); try { @@ -168,8 +166,8 @@ class User_PrebootController extends Zend_Controller_Action public function checkupdateAction($preboot) { - //TODO ACL Is he allowed to update Preboots? - if(false) + //ACL Is he allowed to update Preboots? + if(!Pbs_Acl::checkRight('pru')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/updateresult/forbidden'); $prebootID = $preboot->getID(); @@ -199,8 +197,8 @@ class User_PrebootController extends Zend_Controller_Action public function updateprebootAction() { - //TODO ACL Is he allowed to update Preboots? - if(false) + //ACL Is he allowed to update Preboots? + if(!Pbs_Acl::checkRight('pru')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/updateresult/forbidden'); $prebootID = $this->_request->getParam('prebootID'); @@ -258,8 +256,8 @@ class User_PrebootController extends Zend_Controller_Action public function editprebootAction() { - //TODO ACL Is he allowed to edit Preboots? - if(false) + //ACL Is he allowed to edit Preboots? + if(!Pbs_Acl::checkRight('pre')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/modifyresult/forbidden'); $prebootID = $this->_request->getParam('prebootID'); @@ -277,16 +275,14 @@ class User_PrebootController extends Zend_Controller_Action if (!isset($_POST["editpreboot"])){ $prebootForm = new user_Form_Preboot(array( - 'action' => 'editpreboot', - 'rights' => 'meta', + 'action' => 'editpreboot', 'page' => $this->page)); $prebootForm->populate($preboot->toArray()); }else{ $prebootForm = new user_Form_Preboot(array( - 'action' => 'editpreboot', - 'rights' => 'meta', + 'action' => 'editpreboot', 'page' => $this->page),$_POST); if ($prebootForm->isValid($_POST)) { @@ -294,7 +290,6 @@ class User_PrebootController extends Zend_Controller_Action $prebootold = $preboot; $preboot = new Application_Model_PreBoot($_POST); - $preboot->setMembershipID($this->membership->getID()); $preboot->setGroupID($this->membership->getGroupID()); $preboot->setID($prebootID); @@ -302,8 +297,8 @@ class User_PrebootController extends Zend_Controller_Action if($preboot->getPath_preboot() != $prebootold->getPath_preboot()){ - //TODO ACL Is he allowed to edit the Preboot Path? - if(false) + //ACL Is he allowed to edit the Preboot Path? + if(Pbs_Acl::checkRight('prem')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/modifyresult/forbidden'); exec("wget -O '".$path_preboot."preboot.zip' ".escapeshellcmd($preboot->getPath_preboot()) ." 2>&1 | grep 'saved'" , $status); @@ -365,8 +360,8 @@ class User_PrebootController extends Zend_Controller_Action public function deleteprebootAction() { - //TODO ACL Is he allowed to delete Preboots? - if(false) + //ACL Is he allowed to delete Preboots? + if(!Pbs_Acl::checkRight('prd')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/deleteresult/forbidden'); try{ diff --git a/application/modules/user/controllers/SessionController.php b/application/modules/user/controllers/SessionController.php new file mode 100644 index 0000000..d149f22 --- /dev/null +++ b/application/modules/user/controllers/SessionController.php @@ -0,0 +1,97 @@ +<?php + +class User_SessionController extends Zend_Controller_Action +{ + private $membership; + public function init() + { + if (Zend_Auth::getInstance()->hasIdentity()) { + $userIDsNamespace = Zend_Session::namespaceGet('userIDs'); + if($userIDsNamespace['membershipID'] ==''){ + $pbsNotifier = new Pbs_Notifier(); + echo $pbsNotifier->notify('No membershipID set','forbidden'); + } + + $membershipMapper = new Application_Model_MembershipMapper(); + $this->membership = new Application_Model_Membership(); + $membershipMapper->find($userIDsNamespace['membershipID'],$this->membership); + } else { + $this->_helper->redirector('login', 'auth'); + } + $this->page = $this->_request->getParam('page'); + } + + public function indexAction() + { + if(!Pbs_Acl::checkRight('so')) + $this->_redirect('/user/index'); + + $sessionMapper = new Application_Model_SessionMapper(); + $bootisoMapper = new Application_Model_BootIsoMapper(); + $bootosMapper = new Application_Model_BootOsMapper(); + $bootmenuentriesMapper = new Application_Model_BootMenuEntriesMapper(); + $membershipMapper = new Application_Model_MembershipMapper(); + $personMapper = new Application_Model_PersonMapper(); + + $bootisos = $bootisoMapper->findBy(array('groupID',$this->membership->getGroupID())); + foreach($bootisos as $bootiso){ + $sessions = $sessionMapper->findBy(array('bootisoID',$bootiso->getID())); + foreach($sessions as $session){ + #echo $session->getBootosID(); + if($session->getBootosID() != '') + $session->setBootosID("[".$session->getBootosID()."] ".$bootosMapper->find($session->getBootosID())->getTitle()); + + if($session->getBootmenuentryID() != '') + $session->setBootmenuentryID("[".$session->getBootmenuentryID()."] ".$bootmenuentriesMapper->find($session->getBootmenuentryID())->getTitle()); + + if($session->getBootisoID() != '') + $session->setBootisoID("[".$session->getBootisoID()."] ".$bootisoMapper->find($session->getBootisoID())->getTitle()); + + if($session->getMembershipID() != ''){ + $personID = $membershipMapper->find($session->getMembershipID())->getPersonID(); + $p = new Application_Model_Person(); + $personMapper->find($personID,$p); + $session->setMembershipID("[".$session->getMembershipID()."] ".$p->getFirstname()." ".$p->getName()); + + } + $mySessions[] =$session; + } + } + // Sort after date/id + usort($mySessions, function($func_a, $func_b) { + if($func_a->getID() == $func_b->getID()) return 0; + return ($func_a->getID() < $func_b->getID()) ? -1 : 1; + }); + + // Search + $search = $this->_request->getParam('search'); + $mySearch = new Pbs_Search(); + $mySearch->setSearchTerm($search); + $mySearch->setModule('session'); + if($search != ''){ + $this->view->search = $mySearch->getSearchTerm(); + $mySessions = $mySearch->search($mySessions); + } + $this->view->searchform = $mySearch->searchForm(); + + // Pagination + $pagination = new Pbs_Pagination(); + $pagination->setPerPage(10); + $pagination->setElement($mySessions); + $pagination->setRequestPage($this->_request->getParam('page')); + $pagination->setPageUrl('/user/session/index'.((isset($this->view->search))?'/search/'.$this->view->search:'')); + $mySessions = $pagination->getElements(); + + $this->view->pagination = $pagination->pagination($pageurl); + $this->view->page = $pagination->getRequestPage(); + $this->view->sessions = $mySessions; + + } + + public function searchAction(){ + $this->_redirect('/user/session/index/search/'.($_GET['search'])); + } + + +} + diff --git a/application/modules/user/layouts/user.phtml b/application/modules/user/layouts/user.phtml index 84873ef..7d80d38 100644 --- a/application/modules/user/layouts/user.phtml +++ b/application/modules/user/layouts/user.phtml @@ -28,19 +28,32 @@ echo $this->headScript()."\n"; <li class='navTreeItem'><a href='/user/'>user</a></li> <li> <ul class='navTreeLevel1'> - <?php if (Zend_Auth::getInstance()->hasIdentity() && count(Zend_Session::namespaceGet('userIDs')) > 0) {?> - <li class='navTreeItem'><a href='/user/person'>Person</a></li> - <li class='navTreeItem'><a href='/user/group'>Group</a></li> - <li class='navTreeItem'><a href='/user/role'>Role</a></li> - <li class='navTreeItem'><a href='/user/bootiso'>BootIso</a></li> - <li class='navTreeItem'><a href='/user/preboot'>PreBoot</a></li> - <li class='navTreeItem'><a href='/user/bootmenu'>BootMenu</a></li> - <li class='navTreeItem'><a href='/user/config'>Config</a></li> - <li class='navTreeItem'><a href='/user/bootos'>BootOs</a></li> - <li class='navTreeItem'><a href='/user/client'>Client</a></li> - <li class='navTreeItem'><a href='/user/filter'>Filter</a></li> - <li class='navTreeItem'><a href='/user/pool'>Pool</a></li> - <?php + <?php if (Zend_Auth::getInstance()->hasIdentity() && count(Zend_Session::namespaceGet('userIDs')) > 0) { + # This should be splitted + if(Pbs_Acl::checkRight('pso') || Pbs_Acl::checkRight('psod')) + echo "<li class='navTreeItem'><a href='/user/person'>Person</a></li>"; + if(Pbs_Acl::checkRight('gso')) + echo "<li class='navTreeItem'><a href='/user/group'>Group</a></li>"; + if(Pbs_Acl::checkRight('ro')) + echo "<li class='navTreeItem'><a href='/user/role'>Role</a></li>"; + if(Pbs_Acl::checkRight('bai') || Pbs_Acl::checkRight('bui')) + echo "<li class='navTreeItem'><a href='/user/bootiso'>BootIso</a></li>"; + if(Pbs_Acl::checkRight('pro')) + echo "<li class='navTreeItem'><a href='/user/preboot'>PreBoot</a></li>"; + if(Pbs_Acl::checkRight('booai') || Pbs_Acl::checkRight('booui')) + echo "<li class='navTreeItem'><a href='/user/bootmenu'>BootMenu</a></li>"; + if(Pbs_Acl::checkRight('csai') || Pbs_Acl::checkRight('csui')) + echo "<li class='navTreeItem'><a href='/user/config'>Config</a></li>"; + if(Pbs_Acl::checkRight('boai') || Pbs_Acl::checkRight('boui')) + echo "<li class='navTreeItem'><a href='/user/bootos'>BootOs</a></li>"; + if(Pbs_Acl::checkRight('clo')) + echo "<li class='navTreeItem'><a href='/user/client'>Client</a></li>"; + if(Pbs_Acl::checkRight('fo')) + echo "<li class='navTreeItem'><a href='/user/filter'>Filter</a></li>"; + if(Pbs_Acl::checkRight('poo')) + echo "<li class='navTreeItem'><a href='/user/pool'>Pool</a></li>"; + if(Pbs_Acl::checkRight('so')) + echo "<li class='navTreeItem'><a href='/user/session'>Session</a></li>"; } ?> <?php if (!Zend_Auth::getInstance()->hasIdentity()) {?> diff --git a/application/modules/user/views/scripts/session/index.phtml b/application/modules/user/views/scripts/session/index.phtml new file mode 100644 index 0000000..bb9f1e2 --- /dev/null +++ b/application/modules/user/views/scripts/session/index.phtml @@ -0,0 +1,31 @@ +<h1>Session</h1> +<?php echo $this->searchform; ?> +<table> +<tr> + <th>ID <span class='code'>sessionID</span></th> + <th>alphasessionID <span class='code'>alphasessionID</span></th> + <th>ClientID <span class='code'>clientID</span></th> + <th>BootmenuentryID <span class='code'>bootmenyentryID</span></th> + <th>BootOsID <span class='code'>bootosID</span></th> + <th>BootIsoID <span class='code'>bootisoID</span></th> + <th>MembershipID <span class='code'>membershipID</span></th> + <th>Time <span class='code'>time</span></th> + <th>IP <span class='code'>ip</span></th> + <th>IPv6 <span class='code'>ip6</span></th> +</tr> +<?php foreach ($this->sessions as $session): ?> + <tr class=entry> + <td><?php echo $this->escape($session->getID()) ?></td> + <td><?php echo $this->escape($session->getAlphasessionID()) ?></td> + <td><?php echo $this->escape($session->getClientID()) ?></td> + <td><?php echo $this->escape($session->getBootmenuentryID()) ?></td> + <td><?php echo $this->escape($session->getBootosID()) ?></td> + <td><?php echo $this->escape($session->getBootisoID()) ?></td> + <td><?php echo $this->escape($session->getMembershipID()) ?></td> + <td><?php echo date('d.m.Y H:i',$this->escape($session->getTime())) ?></td> + <td><?php echo $this->escape($session->getIp()) ?></td> + <td><?php echo $this->escape($session->getIp6()) ?></td> + </tr> +<?php endforeach ?> +</table> +<?php echo $this->pagination; ?> |