diff options
author | Simon | 2011-04-11 12:25:08 +0200 |
---|---|---|
committer | Simon | 2011-04-11 12:25:08 +0200 |
commit | 7b2a0e435b7b8bb61bb15cd578c24a3e1e12ba61 (patch) | |
tree | 32cb37caf728ff6a6ffd70e8d34892151675c5c1 /application | |
parent | Layout an rechte angepasst & send-post zum testen an datenbank angepasst (diff) | |
parent | ACL im RoleController (diff) | |
download | pbs2-7b2a0e435b7b8bb61bb15cd578c24a3e1e12ba61.tar.gz pbs2-7b2a0e435b7b8bb61bb15cd578c24a3e1e12ba61.tar.xz pbs2-7b2a0e435b7b8bb61bb15cd578c24a3e1e12ba61.zip |
Merge branch 'master' of openslx.org:lsfks/master-teamprojekt/pbs2
Diffstat (limited to 'application')
7 files changed, 120 insertions, 44 deletions
diff --git a/application/modules/user/controllers/GroupController.php b/application/modules/user/controllers/GroupController.php index a767f82..a853a75 100644 --- a/application/modules/user/controllers/GroupController.php +++ b/application/modules/user/controllers/GroupController.php @@ -82,8 +82,7 @@ class User_GroupController extends Zend_Controller_Action } } if(!isset($groupID)) { - $addForm = new user_Form_GroupAdd(array('grouplist' => $this->groupList)); - $this->view->addForm = $addForm; + $this->_helper->redirector('add', 'group'); return; } if (!isset($_POST["save"])){ diff --git a/application/modules/user/controllers/PersonController.php b/application/modules/user/controllers/PersonController.php index 41f7122..ad8f596 100644 --- a/application/modules/user/controllers/PersonController.php +++ b/application/modules/user/controllers/PersonController.php @@ -277,7 +277,7 @@ class user_PersonController extends Zend_Controller_Action $this->view->userIDsNamespace = $this->userIDsNamespace; $this->view->personList = $this->personmapper->fetchAll(); - + // Search $search = $this->_request->getParam('search'); $mySearch = new Pbs_Search(); @@ -302,6 +302,9 @@ class user_PersonController extends Zend_Controller_Action } public function searchAction(){ + if(Pbs_Acl::checkRight('pso')) { + $this->_redirect('/user'); + } $this->_redirect('/user/person/showall/search/'.($_GET['search'])); } diff --git a/application/modules/user/controllers/RoleController.php b/application/modules/user/controllers/RoleController.php index 88e2eeb..74efd70 100644 --- a/application/modules/user/controllers/RoleController.php +++ b/application/modules/user/controllers/RoleController.php @@ -22,6 +22,9 @@ class User_RoleController extends Zend_Controller_Action public function indexAction() { + if(!Pbs_Acl::checkRight('ro')) { + $this->_redirect('/user'); + } if(isset($this->userIDsNamespace['groupID'])) { $this->view->roleList = $this->roleMapper->findBy(array('groupID' => $this->userIDsNamespace['groupID']),true); @@ -46,6 +49,10 @@ class User_RoleController extends Zend_Controller_Action $this->view->roleList = $pagination->getElements(); $this->view->pagination = $pagination->pagination($pageurl); $this->view->page = $pagination->getRequestPage(); + $this->view->addRight = Pbs_Acl::checkRight('ra'); + $this->view->editRight = Pbs_Acl::checkRight('re'); + $this->view->deleteRight = Pbs_Acl::checkRight('rd'); + $this->view->detailsRight = Pbs_Acl::checkRight('rdd'); $this->view->userIDsNamespace = $this->userIDsNamespace; } else { $this->_helper->redirector('selectmembership', 'person'); @@ -54,11 +61,17 @@ class User_RoleController extends Zend_Controller_Action } public function searchAction(){ + if(Pbs_Acl::checkRight('ro')) { + $this->_redirect('/user'); + } $this->_redirect('/user/role/index/search/'.($_GET['search'])); } public function addAction() { + if(!Pbs_Acl::checkRight('ra')) { + $this->_redirect('/user'); + } if(isset($this->userIDsNamespace['groupID'])) { $roleID = $this->userIDsNamespace['roleID']; $rights = $this->rightMapper->fetchAll(); @@ -70,9 +83,9 @@ class User_RoleController extends Zend_Controller_Action } } if (!isset($_POST["add"])){ - $addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist)); + $addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist, 'inheritanceright' => Pbs_Acl::checkRight('rir'), 'addrighttoroleright' => Pbs_Acl::checkRight('rar'))); } else { - $addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist),$_POST); + $addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist, 'inheritanceright' => Pbs_Acl::checkRight('rir'), 'addrighttoroleright' => Pbs_Acl::checkRight('rar')),$_POST); if ($addForm->isValid($_POST)) { $_POST['groupID'] = $this->userIDsNamespace['groupID']; $role = new Application_Model_Role($_POST); @@ -105,7 +118,6 @@ class User_RoleController extends Zend_Controller_Action return; } } - $this->view->addForm = $addForm; } else { $this->_helper->redirector('selectmembership', 'person'); @@ -115,6 +127,9 @@ class User_RoleController extends Zend_Controller_Action public function editAction() { + if(!Pbs_Acl::checkRight('re')) { + $this->_redirect('/user'); + } $roleID = $this->_request->getParam('roleID'); if(!isset($roleID)) { if(count($this->userIDsNamespace) > 0) { @@ -122,8 +137,7 @@ class User_RoleController extends Zend_Controller_Action } } if(!isset($roleID)) { - $addForm = new user_Form_RoleAdd(); - $this->view->addForm = $addForm; + $this->_helper->redirector('add', 'role'); return; } else { $roleMapper = new Application_Model_RoleMapper(); @@ -137,9 +151,9 @@ class User_RoleController extends Zend_Controller_Action $_POST['description'] = $role->getDescription(); $_POST['groupID'] = $role->getGroupID(); $_POST['inheritance'] = $role->getInheritance(); - $editForm = new user_Form_RoleEdit(array('roleID' => $roleID)); + $editForm = new user_Form_RoleEdit(array('roleID' => $roleID, 'inheritanceright' => Pbs_Acl::checkRight('rir'))); } else { - $editForm = new user_Form_RoleEdit(array('roleID' => $roleID), $_POST); + $editForm = new user_Form_RoleEdit(array('roleID' => $roleID, 'inheritanceright' => Pbs_Acl::checkRight('rir')), $_POST); if ($editForm->isValid($_POST)) { $role = new Application_Model_Role($_POST); @@ -175,6 +189,9 @@ class User_RoleController extends Zend_Controller_Action public function showAction() { + if(!Pbs_Acl::checkRight('rdd')) { + $this->_redirect('/user'); + } $roleID = $this->_request->getParam('roleID'); if(!isset($roleID)) { if(count($this->userIDsNamespace) > 0) { @@ -210,6 +227,10 @@ class User_RoleController extends Zend_Controller_Action } else { $this->view->rightsAvailable = true; } + $this->view->editRight = Pbs_Acl::checkRight('re'); + $this->view->deleteRight = Pbs_Acl::checkRight('rd'); + $this->view->addRightToRoleRight = Pbs_Acl::checkRight('rar'); + $this->view->removeRightOfRoleRight = Pbs_Acl::checkRight('rrr'); $this->view->role = $this->roleMapper->find($roleID); $this->view->roleID = $roleID; $this->view->userIDsNamespace = $this->userIDsNamespace; @@ -227,6 +248,9 @@ class User_RoleController extends Zend_Controller_Action public function deleteAction() { + if(!Pbs_Acl::checkRight('rd')) { + $this->_redirect('/user'); + } $this->_helper->viewRenderer->setNoRender(); $roleID = $this->_request->getParam('roleID'); if(!isset($roleID)) { @@ -268,6 +292,9 @@ class User_RoleController extends Zend_Controller_Action public function linkrightAction() { + if(!Pbs_Acl::checkRight('rar')) { + $this->_redirect('/user'); + } $roleID = $this->_request->getParam('roleID'); if(!isset($roleID)) { if(count($this->userIDsNamespace) > 0) { @@ -346,6 +373,9 @@ class User_RoleController extends Zend_Controller_Action public function unlinkrightAction() { + if(!Pbs_Acl::checkRight('rrr')) { + $this->_redirect('/user'); + } $this->_helper-> viewRenderer-> setNoRender(); $rightRolesID = $this->_request->getParam('rightrolesID'); if(isset($rightRolesID)) { diff --git a/application/modules/user/forms/RoleAdd.php b/application/modules/user/forms/RoleAdd.php index d165701..89cd540 100644 --- a/application/modules/user/forms/RoleAdd.php +++ b/application/modules/user/forms/RoleAdd.php @@ -3,11 +3,21 @@ class user_Form_RoleAdd extends Zend_Form { private $rightlist; + private $inheritanceright; + private $addrighttoroleright; public function setRightlist($rightlist){ $this->rightlist = $rightlist; } + public function setAddrighttoroleright($addrighttoroleright){ + $this->addrighttoroleright = $addrighttoroleright; + } + + public function setInheritanceright($inheritanceright){ + $this->inheritanceright = $inheritanceright; + } + public function init() { $this->setName("RoleAdd"); @@ -32,7 +42,7 @@ class user_Form_RoleAdd extends Zend_Form )); $sform = new Zend_Form_SubForm(array('legend' => 'Rights:')); - + $sform->addElement('button', 'checkAll', array( 'required' => false, 'ignore' => true, @@ -40,33 +50,36 @@ class user_Form_RoleAdd extends Zend_Form 'class' => 'leftbutton', 'onclick' => "checkAllCheckBoxes(new Array('inheritance'));", )); - - $sform->addElement('button', 'uncheckAll', array( + + if($this->addrighttoroleright) { + $sform->addElement('button', 'uncheckAll', array( 'required' => false, 'ignore' => true, 'label' => 'Uncheck All', 'onclick' => "uncheckAllCheckBoxes(new Array('inheritance'));", - )); - if(count($this->rightlist) > 0) { - foreach($this->rightlist as $rightcategory => $rights) { - foreach($rights as $rightID => $rightTitle) { - $element = $this->createElement('checkbox', "$rightID", array( + )); + if(count($this->rightlist) > 0) { + foreach($this->rightlist as $rightcategory => $rights) { + foreach($rights as $rightID => $rightTitle) { + $element = $this->createElement('checkbox', "$rightID", array( 'label' => $rightTitle . ':', 'belongsTo' => 'rights', - )); - $elements[] = $rightID; - $sform->addElement($element); + )); + $elements[] = $rightID; + $sform->addElement($element); + } + $sform->addDisplayGroup($elements, "$rightcategory", array("legend" => $rightcategory . ":")); + unset($elements); } - $sform->addDisplayGroup($elements, "$rightcategory", array("legend" => $rightcategory . ":")); - unset($elements); } + $this->addSubForm($sform, 'rights'); } - - $this->addSubForm($sform, 'rights'); - $this->addElement('checkbox', 'inheritance', array( + if($this->inheritanceright) { + $this->addElement('checkbox', 'inheritance', array( 'label' => 'Inheritance:', - )); + )); + } $this->addElement('submit', 'add', array( 'required' => false, diff --git a/application/modules/user/forms/RoleEdit.php b/application/modules/user/forms/RoleEdit.php index 938ebce..66e9e62 100644 --- a/application/modules/user/forms/RoleEdit.php +++ b/application/modules/user/forms/RoleEdit.php @@ -3,11 +3,16 @@ class user_Form_RoleEdit extends Zend_Form { private $roleID; + private $inheritanceright; public function setRoleID($roleID){ $this->roleID = $roleID; } + public function setInheritanceright($inheritanceright){ + $this->inheritanceright = $inheritanceright; + } + public function init() { $this->setName("RoleEdit"); @@ -33,15 +38,17 @@ class user_Form_RoleEdit extends Zend_Form 'value' => $_POST['description'], )); - if($_POST['inheritance'] == 1) { - $this->addElement('checkbox', 'inheritance', array( + if($this->inheritanceright) { + if($_POST['inheritance'] == 1) { + $this->addElement('checkbox', 'inheritance', array( 'label' => 'Inheritance:', 'checked' => 'checked', - )); - } else { - $this->addElement('checkbox', 'inheritance', array( + )); + } else { + $this->addElement('checkbox', 'inheritance', array( 'label' => 'Inheritance:', - )); + )); + } } $this->addElement('hidden', 'groupID', array( diff --git a/application/modules/user/views/scripts/role/index.phtml b/application/modules/user/views/scripts/role/index.phtml index 2fb27bc..baee6e4 100644 --- a/application/modules/user/views/scripts/role/index.phtml +++ b/application/modules/user/views/scripts/role/index.phtml @@ -2,14 +2,20 @@ if($this->userIDsNamespace['groupID']) { ?> <h1>Roles</h1> - <?php echo $this->searchform; ?> - <?php echo $this->formButton('addrole', 'Add Role', array( + <?php + echo $this->searchform; + if($this->addRight) echo $this->formButton('addrole', 'Add Role', array( 'onclick' => 'self.location="/user/role/add"', - 'class' => 'addbutton'))?> + 'class' => 'addbutton')); + ?> <table> <tr> <th>Title <span class='code'>title</span></th> - <th colspan=3>Actions</th> + <?php + if($this->detailsRight || $this->editRight || $this->deleteRight) { + echo '<th colspan=3>Actions</th>'; + } + ?> </tr> <?php $count = 0; @@ -18,6 +24,8 @@ if($this->userIDsNamespace['groupID']) { <tr <?php if($role['roleID'] == $this->userIDsNamespace['roleID']) echo 'class="selectedEntry"'; else echo 'class="entry"'; ?>> <td><?php echo $role['title'] ?></td> + <?php if($this->detailsRight) { + ?> <td class='action'><a href="<?php echo $this->url( array( @@ -28,6 +36,10 @@ if($this->userIDsNamespace['groupID']) { ), 'default', true) ?>"> <img src='/media/img/show.png' alt='Show Group' /></a></td> + <?php + } + if($this->editRight) { + ?> <td class='action'><a href="<?php echo $this->url( array( @@ -38,6 +50,10 @@ if($this->userIDsNamespace['groupID']) { ), 'default', true) ?>"> <img src='/media/img/edit.png' alt='Edit Group' /></a></td> + <?php + } + if($this->deleteRight) { + ?> <td class='action'><a href="<?php echo $this->url( array( @@ -49,6 +65,9 @@ if($this->userIDsNamespace['groupID']) { 'default', true) ?>"> <img src='/media/img/delete.png' alt='Delete Group' /></a> </td> + <?php + } + ?> </tr> <?php $count++; diff --git a/application/modules/user/views/scripts/role/show.phtml b/application/modules/user/views/scripts/role/show.phtml index 8194353..e91c106 100644 --- a/application/modules/user/views/scripts/role/show.phtml +++ b/application/modules/user/views/scripts/role/show.phtml @@ -9,13 +9,13 @@ if($this->roleID) { <h1>Role Details</h1> <?php } - ?> - <?php echo $this->formButton('deleterole', 'Delete', array( + if($this->deleteRight) echo $this->formButton('deleterole', 'Delete', array( 'onclick' => 'self.location="/user/role/delete/roleID/' . $this->role->getID() .'"', - 'class' => 'rightbutton'))?> - <?php echo $this->formButton('editrole', 'Edit', array( + 'class' => 'rightbutton')); + if($this->editRight) echo $this->formButton('editrole', 'Edit', array( 'onclick' => 'self.location="/user/role/edit/roleID/' . $this->role->getID() .'"', - 'class' => 'rightbutton'))?> + 'class' => 'rightbutton')); + ?> <span class="clear"></span> <table> <tr> @@ -33,7 +33,7 @@ if($this->roleID) { <h2>Rights:</h2> <?php if($this->rightsAvailable === true) { - echo $this->formButton('linkright', 'Add Rights', array( + if($this->addRightToRoleRight) echo $this->formButton('linkright', 'Add Rights', array( 'onclick' => 'self.location="/user/role/linkright/roleID/' . $this->role->getID() .'"', 'class' => 'addbutton'))?> <br /> @@ -51,7 +51,7 @@ if($this->roleID) { <tr> <th>Title</th> <th>Description</th> - <th>Remove</th> + <?php if($this->removeRightOfRoleRight) echo '<th>Remove</th>'; ?> </tr> <?php @@ -60,6 +60,8 @@ if($this->roleID) { <tr class="entry"> <td><?php echo $right->getTitle(); ?></td> <td><?php echo $right->getDescription(); ?></td> + <?php if($this->removeRightOfRoleRight) { + ?> <td class='action'><a href="<?php echo $this->url( array( @@ -71,6 +73,9 @@ if($this->roleID) { 'default', true) ?>"> <img src='/media/img/delete.png' alt='Remove Right' /></a> </td> + <?php + } + ?> </tr> <?php } |