1 files changed, 48 insertions, 17 deletions

diff --git a/application/modules/user/controllers/GroupController.php b/application/modules/user/controllers/GroupController.php
index 37cdee8..fb0d2a9 100644
--- a/application/modules/user/controllers/GroupController.php
+++ b/application/modules/user/controllers/GroupController.php
@@ -10,6 +10,7 @@ class User_GroupController extends Zend_Controller_Action
 	protected $rolemapper = null;
 	protected $groupList = null;
 	protected $userIDsNamespace = null;
+	protected $membership;
 
 	public function init()
 	{
@@ -22,6 +23,11 @@ class User_GroupController extends Zend_Controller_Action
 			$this->personmapper = new Application_Model_PersonMapper();
 			$this->rolemapper = new Application_Model_RoleMapper();
 			$this->groupList = $this->groupMapper->fetchAll();
+			
+			$userIDsNamespace = Zend_Session::namespaceGet('userIDs');
+			$this->membership = new Application_Model_Membership();
+			$this->membershipMapper->find($userIDsNamespace['membershipID'],$this->membership);
+			
 		} else {
 			$this->_helper->redirector('login', 'auth');
 			return;
@@ -30,6 +36,10 @@ class User_GroupController extends Zend_Controller_Action
 
 	public function indexAction()
 	{
+		// ACL show overview
+		if(!Pbs_Acl::checkRight('gso'))
+			$this->_redirect('/user');
+		
 		$this->view->groupList = $this->groupList;
 
 		// Search
@@ -62,6 +72,10 @@ class User_GroupController extends Zend_Controller_Action
 
 	public function addAction()
 	{
+		// ACL create new group
+		if(!Pbs_Acl::checkRight('gc'))
+			$this->_redirect('/user');
+			
 		if (!isset($_POST["add"])){
 			$addForm = new user_Form_GroupAdd(array('grouplist' => $this->groupList));
 		} else {
@@ -139,6 +153,11 @@ class User_GroupController extends Zend_Controller_Action
 
 	public function editAction()
 	{
+		// ACL edit a group
+		// TODO: THERE IS NO RIGHT TO EDIT A GROUP
+		#if(!Pbs_Acl::checkRight(''))
+		#	$this->_redirect('/user');
+			
 		$groupID = $this->_request->getParam('groupID');
 		if(!isset($groupID)) {
 			if(count($this->userIDsNamespace) > 0) {
@@ -176,27 +195,42 @@ class User_GroupController extends Zend_Controller_Action
 
 	public function showAction()
 	{
+		// ACL create new group
+		if(!Pbs_Acl::checkRight('gsdo') && !Pbs_Acl::checkRight('gsdog'))
+			$this->_redirect('/user');
+			
 		$groupID = $this->_request->getParam('groupID');
-		if(!isset($groupID)) {
+		if($groupID == '' || !Pbs_Acl::checkRight('gsdog')) {
 			if(count($this->userIDsNamespace) > 0) {
 				$groupID = $this->userIDsNamespace['groupID'];
 			}
 		}
-		if($groupID) {
+		if($groupID == $this->membership->getGroupID() && !Pbs_Acl::checkRight('gsdo'))
+			$this->_redirect('/user');
+		
+		$this->view->usergroup = $this->membership->getGroupID();
+		$this->view->requestgroup = $groupID;
+		// ACL is he allowed to see the requests of a group ?
+		// TODO: THERE IS NO RIGHT TO EDIT A GROUP
+		# if(Pbs_Acl::checkRight('')){		
 			$groupRequests = $this->groupRequestMapper->findBy(array('groupID' => $groupID),true);
 			if(isset($groupRequests)) {
 				foreach($groupRequests as $groupRequest) {
 					$person = $this->personmapper->find($groupRequest['personID']);
 					$groupRequestList[] = array(
-					'grouprequestID' => $groupRequest['grouprequestID'],
-					'person' => $person
+						'grouprequestID' => $groupRequest['grouprequestID'],
+						'person' => $person
 					);
 				}
 				if(is_array($groupRequestList)) {
 					$this->view->groupRequestList = $groupRequestList;
 				}
+				// TODO: expand with al inherit roles
 				$this->view->roleList = $this->rolemapper->findBy(array('groupID' => $groupID),true);
 			}
+		# }
+		
+		if(Pbs_Acl::checkRight('gsmg')){
 			$members = $this->membershipMapper->findBy(array('groupID' => $groupID),true);
 			if(isset($members)) {
 				foreach($members as $member) {
@@ -225,19 +259,16 @@ class User_GroupController extends Zend_Controller_Action
 					$this->view->page 		= $memberPagination->getRequestPage();
 				}
 			}
-			$groupgroups = $this->groupGroupsMapper->findBy(array('groupID' => $groupID),true);
-			if(is_object($groupgroups)) {
-				$parentGroup = $this->groupMapper->find($groupgroups->getParentID());
-				$this->view->$parentGroup = $parentGroup;
-			}
-			$group = $this->groupMapper->find($groupID);
-			$this->view->userIDsNamespace = $this->userIDsNamespace;
-			$this->view->group = $group;
-			$this->view->groupID = $groupID;
-		} else {
-			$this->_redirect('/user/');
-			return;
 		}
+		$groupgroups = $this->groupGroupsMapper->findBy(array('groupID' => $groupID),true);
+		if(is_object($groupgroups)) {
+			$parentGroup = $this->groupMapper->find($groupgroups->getParentID());
+			$this->view->$parentGroup = $parentGroup;
+		}
+		$group = $this->groupMapper->find($groupID);
+		$this->view->userIDsNamespace = $this->userIDsNamespace;
+		$this->view->group = $group;
+		$this->view->groupID = $groupID;
 	}
 
 	public function linkAction()
@@ -355,4 +386,4 @@ class User_GroupController extends Zend_Controller_Action
 			}
 
 		}	}
-}
\ No newline at end of file
+}