From 85c7d1157407b132a9f0b71840f65d7ce0119abf Mon Sep 17 00:00:00 2001
From: Simon
Date: Wed, 13 Apr 2011 14:10:26 +0200
Subject: Zweiter Teil der Rechte in Group Controller
---
.../modules/user/controllers/GroupController.php | 41 ++++++++++++++--------
1 file changed, 27 insertions(+), 14 deletions(-)
(limited to 'application/modules/user/controllers')
diff --git a/application/modules/user/controllers/GroupController.php b/application/modules/user/controllers/GroupController.php
index fb0d2a9..d9fd368 100644
--- a/application/modules/user/controllers/GroupController.php
+++ b/application/modules/user/controllers/GroupController.php
@@ -300,6 +300,10 @@ class User_GroupController extends Zend_Controller_Action
public function deleteAction()
{
+ // ACL delete a group
+ if(!Pbs_Acl::checkRight('gd'))
+ $this->_redirect('/user');
+
$this->_helper->viewRenderer->setNoRender();
$groupID = $this->_request->getParam('groupID');
if(!isset($groupID)) {
@@ -335,6 +339,10 @@ class User_GroupController extends Zend_Controller_Action
public function grantpersonAction()
{
+ // ACL grant a membership to request
+ if(!Pbs_Acl::checkRight('gam'))
+ $this->_redirect('/user');
+
$this->_helper->viewRenderer->setNoRender();
if(isset($_POST['grouprequestID']) && isset($_POST['roleID'])) {
$groupRequest = $this->groupRequestMapper->find($_POST['grouprequestID']);
@@ -369,21 +377,26 @@ class User_GroupController extends Zend_Controller_Action
public function revokepersonAction()
{
+
$this->_helper->viewRenderer->setNoRender();
$membershipID = $this->_request->getParam('membershipID');
- if(isset($membershipID)) {
- $membership = $this->membershipMapper->find($membershipID);
- if(isset($membership)) {
- try {
- $this->membershipMapper->delete($membership);
- } catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "
";
- echo "Message: " . $e->getMessage() . "
";
- return;
+ $rr = $this->membershipMapper->find($membershipID);
+
+ if(($rr->getGroupID() == $this->membership->getGroupID && Pbs_Acl::checkRight('gdmo') ) || ( $rr->getGroupID() != $this->membership->getGroupID && Pbs_Acl::checkRight('gdmog'))){
+ if(isset($membershipID)) {
+ $membership = $this->membershipMapper->find($membershipID);
+ if(isset($membership)) {
+ try {
+ $this->membershipMapper->delete($membership);
+ } catch(Zend_Exception $e)
+ {
+ echo "Caught exception: " . get_class($e) . "
";
+ echo "Message: " . $e->getMessage() . "
";
+ return;
+ }
+ $this->_redirect("/user/group/show/groupID/" . $membership->getGroupID());
}
- $this->_redirect("/user/group/show/groupID/" . $membership->getGroupID());
- }
-
- } }
+ }
+ }
+ }
}
--
cgit v1.2.3-55-g7522