diff options
Diffstat (limited to 'application/modules/user/controllers/PoolController.php')
| -rw-r--r-- | application/modules/user/controllers/PoolController.php | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/application/modules/user/controllers/PoolController.php b/application/modules/user/controllers/PoolController.php index 6ec8aa7..07dfec5 100644 --- a/application/modules/user/controllers/PoolController.php +++ b/application/modules/user/controllers/PoolController.php @@ -5,21 +5,26 @@ class User_PoolController extends Zend_Controller_Action private $membership; public function init() { - $userIDsNamespace = Zend_Session::namespaceGet('userIDs'); - if($userIDsNamespace['membershipID'] ==''){ - $pbsNotifier = new Pbs_Notifier(); - echo $pbsNotifier->notify('No membershipID set','forbidden'); - } + if (Zend_Auth::getInstance()->hasIdentity()) { + $userIDsNamespace = Zend_Session::namespaceGet('userIDs'); + if($userIDsNamespace['membershipID'] ==''){ + $pbsNotifier = new Pbs_Notifier(); + echo $pbsNotifier->notify('No membershipID set','forbidden'); + } - $membershipMapper = new Application_Model_MembershipMapper(); - $this->membership = new Application_Model_Membership(); - $membershipMapper->find($userIDsNamespace['membershipID'],$this->membership); + $membershipMapper = new Application_Model_MembershipMapper(); + $this->membership = new Application_Model_Membership(); + $membershipMapper->find($userIDsNamespace['membershipID'],$this->membership); + ; + } else { + $this->_helper->redirector('login', 'auth'); + } } public function indexAction() { // TODO: ACL: is he allowed to see the pools of a group - + $result = $this->_request->getParam('deleteresult'); if($result != ""){ $pbsNotifier = new Pbs_Notifier(); @@ -184,7 +189,7 @@ class User_PoolController extends Zend_Controller_Action $assignedclientsArray[] = $c->toArray(); } $freeclients = $this->arrayDiff($clients,$assignedclientsArray); - + $poolclient = new user_Form_PoolClient(array('buttontext' => 'Link Client','clients'=> $freeclients)); $this->view->poolclient = $poolclient; }else { @@ -222,7 +227,7 @@ class User_PoolController extends Zend_Controller_Action public function unlinkclientAction() { $poolentriesID = $this->_request->getParam('poolentriesID'); - + // TODO: ACL: Is he allowed to unlink clients from pools? if(is_numeric($poolentriesID)){ $poolentriesMapper = new Application_Model_PoolEntriesMapper(); @@ -230,14 +235,14 @@ class User_PoolController extends Zend_Controller_Action $poolentriesMapper->find($poolentriesID,$poolentry); $clientMapper = new Application_Model_ClientMapper(); $client = new Application_Model_Client(); - + $poolMapper = new Application_Model_PoolMapper(); $pool = new Application_Model_Pool(); - + $clientMapper->find($poolentry->getClientID(),$client); $poolMapper->find($poolentry->getPoolID(),$pool); - - + + if($pool->getGroupID() == $this->membership->getGroupID() && $client->getGroupID() == $this->membership->getGroupID()){ $deletepoolentries = new Application_Model_PoolEntries(); $deletepoolentries->setID($poolentriesID); |