From 281a9a40960403b4483af33eec5cebab10e32684 Mon Sep 17 00:00:00 2001 From: Simon Date: Mon, 18 Apr 2011 12:42:30 +0200 Subject: Role Controller geändert --- application/modules/user/controllers/PersonController.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'application/modules/user/controllers/PersonController.php') diff --git a/application/modules/user/controllers/PersonController.php b/application/modules/user/controllers/PersonController.php index 4f6b975..d70067a 100644 --- a/application/modules/user/controllers/PersonController.php +++ b/application/modules/user/controllers/PersonController.php @@ -411,6 +411,9 @@ class user_PersonController extends Zend_Controller_Action public function deleterequestAction() { + if(!Pbs_Acl::checkRight('gdm')) { + $this->_redirect('/user'); + } $grouprequestID = $this->_request->getParam('grouprequestID'); $grouprequest = $this->groupRequestMapper->find($grouprequestID); try { -- cgit v1.2.3-55-g7522 From 5d621c6ce29d2059480b3283daf14162c74365db Mon Sep 17 00:00:00 2001 From: Simon Date: Mon, 18 Apr 2011 13:16:23 +0200 Subject: Rechte in PersonController korrigiert --- application/modules/user/controllers/PersonController.php | 6 +++--- application/modules/user/controllers/RoleController.php | 1 + application/modules/user/views/scripts/auth/delete.phtml | 5 +++-- application/modules/user/views/scripts/role/show.phtml | 13 ++++++++----- library/Pbs/NewMember.php | 2 +- 5 files changed, 16 insertions(+), 11 deletions(-) (limited to 'application/modules/user/controllers/PersonController.php') diff --git a/application/modules/user/controllers/PersonController.php b/application/modules/user/controllers/PersonController.php index d70067a..76cd958 100644 --- a/application/modules/user/controllers/PersonController.php +++ b/application/modules/user/controllers/PersonController.php @@ -58,11 +58,11 @@ class user_PersonController extends Zend_Controller_Action $this->_redirect('/user'); } $this->view->showRight = Pbs_Acl::checkRight('psod'); - $this->view->editRight = Pbs_Acl::checkRight('peoa'); - $this->view->deleteRight = Pbs_Acl::checkRight('pd'); + $this->view->editRight = Pbs_Acl::checkRight('peod'); + $this->view->deleteRight = Pbs_Acl::checkRight('pdo'); $this->view->showOtherRight = Pbs_Acl::checkRight('psood'); $this->view->editOtherRight = Pbs_Acl::checkRight('peoa'); - $this->view->deleteOtherRight = Pbs_Acl::checkRight('pdo'); + $this->view->deleteOtherRight = Pbs_Acl::checkRight('pd'); $this->view->suspendRight = Pbs_Acl::checkRight('psa'); $this->view->userIDsNamespace = $this->userIDsNamespace; diff --git a/application/modules/user/controllers/RoleController.php b/application/modules/user/controllers/RoleController.php index 8d2b044..93a2cfa 100644 --- a/application/modules/user/controllers/RoleController.php +++ b/application/modules/user/controllers/RoleController.php @@ -217,6 +217,7 @@ class User_RoleController extends Zend_Controller_Action $roleID = $this->userIDsNamespace['roleID']; } } + $this->view->membership = $this->membership; if($roleID) { $roleMapper = new Application_Model_RoleMapper(); $role = $roleMapper->find($roleID); diff --git a/application/modules/user/views/scripts/auth/delete.phtml b/application/modules/user/views/scripts/auth/delete.phtml index 83afc80..75d9ef6 100644 --- a/application/modules/user/views/scripts/auth/delete.phtml +++ b/application/modules/user/views/scripts/auth/delete.phtml @@ -1,6 +1,7 @@

Delete Account

-Do you really want to delete account? +Do you really want to delete account?
+This will delete all of your data on the server. deleteconfirmform->setAction($this->url()); echo $this->deleteconfirmform; -?> \ No newline at end of file +?> diff --git a/application/modules/user/views/scripts/role/show.phtml b/application/modules/user/views/scripts/role/show.phtml index 765153f..0e440f2 100644 --- a/application/modules/user/views/scripts/role/show.phtml +++ b/application/modules/user/views/scripts/role/show.phtml @@ -9,10 +9,12 @@ if($this->roleID) {

Role Details

deleteRight && $this->roleID == $this->userIDsNamespace['roleID']) echo $this->formButton('deleterole', 'Delete', array( + if($this->deleteRight && $this->role->getGroupID() == $this->membership->getGroupID()) + echo $this->formButton('deleterole', 'Delete', array( 'onclick' => 'self.location="/user/role/delete/roleID/' . $this->role->getID() .'"', 'class' => 'rightbutton')); - if($this->editRight && $this->roleID == $this->userIDsNamespace['roleID']) echo $this->formButton('editrole', 'Edit', array( + if($this->editRight && $this->role->getGroupID() == $this->membership->getGroupID()) + echo $this->formButton('editrole', 'Edit', array( 'onclick' => 'self.location="/user/role/edit/roleID/' . $this->role->getID() .'"', 'class' => 'rightbutton')); ?> @@ -38,7 +40,7 @@ if($this->roleID) {

Rights:

rightsAvailable === true) { - if($this->addRightToRoleRight && $this->roleID == $this->userIDsNamespace['roleID']) { + if($this->addRightToRoleRight && $this->role->getGroupID() == $this->membership->getGroupID()) { echo $this->formButton('linkright', 'Add Rights', array( 'onclick' => 'self.location="/user/role/linkright/roleID/' . $this->role->getID() .'"', 'class' => 'addbutton'))?> @@ -48,7 +50,8 @@ if($this->rightsAvailable === true) { if(count($this->rightsList)==0) { echo "There are no Rights to display."; } else { - if($this->removeRightOfRoleRight && $this->roleID == $this->userIDsNamespace['roleID']) echo $this->formButton('deleteallrights', 'Delete All Rights', array( + if($this->removeRightOfRoleRight && $this->role->getGroupID() == $this->membership->getGroupID()) + echo $this->formButton('deleteallrights', 'Delete All Rights', array( 'onclick' => 'self.location="/user/role/unlinkright/rightrolesID/' . $this->roleID . '-all"', 'class' => 'rightbutton'));?>
@@ -63,7 +66,7 @@ if(count($this->rightsList)==0) { foreach($rights as $right): ?>
-
removeRightOfRoleRight && $this->roleID == $this->userIDsNamespace['roleID']) { +
removeRightOfRoleRight && $this->role->getGroupID() == $this->membership->getGroupID()) { ?>