From 198221618856ef22ab8f69874b8d4e101db3746d Mon Sep 17 00:00:00 2001 From: michael pereira Date: Tue, 5 Apr 2011 15:35:32 +0200 Subject: Rechte in Controller eingepflanzt --- .../modules/user/controllers/BootisoController.php | 35 +++++++--------- .../user/controllers/BootmenuController.php | 18 ++++---- .../modules/user/controllers/BootosController.php | 39 ++++++++---------- .../modules/user/controllers/ConfigController.php | 48 ++++++++++++---------- .../modules/user/controllers/PrebootController.php | 41 ++++++++---------- 5 files changed, 84 insertions(+), 97 deletions(-) (limited to 'application/modules') diff --git a/application/modules/user/controllers/BootisoController.php b/application/modules/user/controllers/BootisoController.php index a6fbe9e..84d51ab 100644 --- a/application/modules/user/controllers/BootisoController.php +++ b/application/modules/user/controllers/BootisoController.php @@ -58,8 +58,8 @@ class user_BootisoController extends Zend_Controller_Action $groupID = $this->membership->getGroupID(); - //TODO ACL Darf er BootISOMenu sehen? - if(false) + //ACL Darf er BootISOMenu sehen? + if(!Pbs_Acl::checkRight('bai') && !Pbs_Acl::checkRight('bui')) $this->_redirect('/user/index'); $groupgroupsMapper = new Application_Model_GroupGroupsMapper(); @@ -91,9 +91,8 @@ class user_BootisoController extends Zend_Controller_Action $this->view->pagination = $pagination->pagination($pageurl); $this->view->page = $pagination->getRequestPage(); $this->view->bootisolist= $this->view->bootisolist; - - - + + $prebootMapper = new Application_Model_PreBootMapper(); $this->view->prebootlist = array(); @@ -112,8 +111,8 @@ class user_BootisoController extends Zend_Controller_Action - //TODO ACL Darf er BootISOs downloaden? - if(false) + //ACL Darf er BootISOs downloaden? + if(!Pbs_Acl::checkRight('bdld')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/downloadresult/forbidden'); $prebootID = $this->_request->getParam('prebootID'); @@ -145,8 +144,8 @@ class user_BootisoController extends Zend_Controller_Action public function createbootisoAction() { - //TODO ACL Darf er BootISOs erstellen? - if(false) + //ACL Darf er BootISOs erstellen? + if(!Pbs_Acl::checkRight('bc')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/addresult/forbidden'); $groupgroupsMapper = new Application_Model_GroupGroupsMapper(); @@ -162,7 +161,6 @@ class user_BootisoController extends Zend_Controller_Action 'action' => 'createbootiso', 'prebootlist' => $prebootlist, 'groupdepth' => $childgroups, - 'rights' => null, 'page'=>$this->page)); } else { @@ -170,14 +168,12 @@ class user_BootisoController extends Zend_Controller_Action 'action' => 'createbootiso', 'prebootlist' => $prebootlist, 'groupdepth' => $childgroups, - 'rights' => null, 'page'=>$this->page),$_POST); if ($bootisoForm->isValid($_POST)) { $bootiso = new Application_Model_BootIso($_POST); - $bootiso->setMembershipID($this->membership->getID()); $bootiso->setGroupID($this->membership->getGroupID()); $bootiso->setCreated(time()); @@ -213,8 +209,8 @@ class user_BootisoController extends Zend_Controller_Action public function editbootisoAction() { - //TODO ACL Darf er BootISOs editieren? - if(false) + //ACL Darf er BootISOs editieren? + if(!Pbs_Acl::checkRight('be')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/modifyresult/forbidden'); $bootisoID = $this->_request->getParam('bootisoID'); @@ -241,7 +237,6 @@ class user_BootisoController extends Zend_Controller_Action 'action' => 'editbootiso', 'prebootlist' => $prebootlist, 'groupdepth' => $childgroups, - 'rights' => 'meta', 'page' => $this->page)); $bootisoForm->populate($bootiso->toArray()); @@ -250,7 +245,6 @@ class user_BootisoController extends Zend_Controller_Action 'action' => 'editbootiso', 'prebootlist' => $prebootlist, 'groupdepth' => $childgroups, - 'rights' => 'meta', 'page' => $this->page),$_POST); if ($bootisoForm->isValid($_POST)) { @@ -258,7 +252,6 @@ class user_BootisoController extends Zend_Controller_Action $bootisoold = $bootiso; $bootiso = new Application_Model_BootIso($_POST); - $bootiso->setMembershipID($this->membership->getID()); $bootiso->setGroupID($this->membership->getGroupID()); $bootiso->setCreated(time()); $bootiso->setID($bootisoID); @@ -268,8 +261,8 @@ class user_BootisoController extends Zend_Controller_Action $bootiso->getExpires() != $bootisoold->getExpires() || $bootiso->getPublic() != $bootisoold->getPublic() || $bootiso->getSerialnumber() != $bootisoold->getSerialnumber()){ - //TODO ACL Is he allowed to edit other than Metadata? - if(false) + //ACL Is he allowed to edit other than Metadata? + if(Pbs_Acl::checkRight('bem')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/modifyresult/forbidden'); } @@ -303,8 +296,8 @@ class user_BootisoController extends Zend_Controller_Action public function deletebootisoAction() { - //TODO ACL Darf er BootISOs löschen? - if(false) + //ACL Darf er BootISOs löschen? + if(!Pbs_Acl::checkRight('bd')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/deleteresult/forbidden'); try{ diff --git a/application/modules/user/controllers/BootmenuController.php b/application/modules/user/controllers/BootmenuController.php index 7843b3f..b18adbe 100644 --- a/application/modules/user/controllers/BootmenuController.php +++ b/application/modules/user/controllers/BootmenuController.php @@ -57,8 +57,8 @@ class user_BootmenuController extends Zend_Controller_Action } - //TODO ACL Darf er Bootmenus sehen? - if(false) + //ACL Darf er Bootmenus sehen? + if(!Pbs_Acl::checkRight('booai') && !Pbs_Acl::checkRight('booui')) $this->_redirect('/user/index'); $this->bootMenumapper = new Application_Model_BootMenuMapper(); @@ -66,8 +66,7 @@ class user_BootmenuController extends Zend_Controller_Action $bootosMapper = new Application_Model_BootOsMapper(); $configMapper = new Application_Model_ConfigMapper(); - if(true){ - //TODO nur Bootmenus von Admins + if(Pbs_Acl::checkRight('booai')){ $bootmenu = $this->bootmenuMapper->findBy(array('groupID' => $this->membership->getGroupID())); foreach ($bootmenu as $bm){ $bootmenuID = $bm->getID(); @@ -107,22 +106,23 @@ class user_BootmenuController extends Zend_Controller_Action public function createbootmenuAction() { - //TODO ACL Darf er BootMenus erstellen? - if(false) + //ACL Darf er BootMenus erstellen? + if(!Pbs_Acl::checkRight('booc')) $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/addresult/forbidden'); if (!isset($_POST["createbootmenu"])){ - $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu', 'rights' => 'all','page' => $this->page)); + $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu','page' => $this->page)); } else { - $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu', 'rights' => 'all','page' => $this->page),$_POST); + $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu','page' => $this->page),$_POST); if ($bootmenuForm->isValid($_POST)) { $bootmenu = new Application_Model_BootMenu($_POST); + $bootmenu->setCreated(time()); + $bootmenu->setMembershipID($this->membership->getID()); $bootmenu->setGroupID($this->membership->getGroupID()); - $bootmenu->setCreated(time()); try{ $this->bootmenuMapper->save($bootmenu); diff --git a/application/modules/user/controllers/BootosController.php b/application/modules/user/controllers/BootosController.php index 8f602fe..34fddd0 100644 --- a/application/modules/user/controllers/BootosController.php +++ b/application/modules/user/controllers/BootosController.php @@ -57,8 +57,8 @@ class user_BootosController extends Zend_Controller_Action $groupID = $this->membership->getGroupID(); - //TODO ACL Darf er BootOsMenu sehen? - if(false) + //ACL Darf er BootOs sehen? + if(!Pbs_Acl::checkRight('boai') && !Pbs_Acl::checkRight('boui')) $this->_redirect('/user/index'); $configMapper = new Application_Model_ConfigMapper(); @@ -96,8 +96,8 @@ class user_BootosController extends Zend_Controller_Action public function createbootosAction() { - //TODO ACL Darf er BootISOs erstellen? - if(false) + //ACL Darf er BootISOs erstellen? + if(!Pbs_Acl::checkRight('boc')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/addresult/forbidden'); $groupID = $this->membership->getGroupID(); @@ -105,7 +105,6 @@ class user_BootosController extends Zend_Controller_Action $groupgroupsMapper = new Application_Model_GroupGroupsMapper(); $childgroups = count($groupgroupsMapper->getChildGroups($groupID)); - //TODO nur configs von admins $configMapper = new Application_Model_ConfigMapper(); $configlist = $configMapper->findBy(array("groupID" => $groupID)); @@ -114,7 +113,6 @@ class user_BootosController extends Zend_Controller_Action 'action' => 'createbootos', 'groupdepth' => $childgroups, 'configlist'=>$configlist, - 'rights' => 'all', 'page' => $this->page)); } else { @@ -122,14 +120,12 @@ class user_BootosController extends Zend_Controller_Action 'action' => 'createbootos', 'groupdepth' => $childgroups, 'configlist'=>$configlist, - 'rights' => 'all', 'page' => $this->page),$_POST); if ($bootosForm->isValid($_POST)) { $bootos = new Application_Model_BootOs($_POST); - $bootos->setMembershipID($this->membership->getID()); $bootos->setGroupID($this->membership->getGroupID()); $bootos->setCreated(time()); @@ -180,8 +176,8 @@ class user_BootosController extends Zend_Controller_Action public function checkupdateAction($bootos) { - //TODO ACL Is he allowed to update Preboots? - if(false) + //ACL Is he allowed to update Preboots? + if(!Pbs_Acl::checkRight('bou')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/updateresult/forbidden'); $bootosID = $bootos->getID(); @@ -217,8 +213,8 @@ class user_BootosController extends Zend_Controller_Action public function updatebootosAction() { - //TODO ACL Is he allowed to update Preboots? - if(false) + //ACL Is he allowed to update Preboots? + if(!Pbs_Acl::checkRight('bou')) $this->_redirect('/user/bootiso/index/page/'.$this->page.'/updateresult/forbidden'); $bootosID = $this->_request->getParam('bootosID'); @@ -252,8 +248,8 @@ class user_BootosController extends Zend_Controller_Action public function editbootosAction() { - //TODO ACL Is he allowed to edit Preboots? - if(false) + //ACL Is he allowed to edit Preboots? + if(!Pbs_Acl::checkRight('boe')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/modifyresult/forbidden'); $bootosID = $this->_request->getParam('bootosID'); @@ -280,7 +276,6 @@ class user_BootosController extends Zend_Controller_Action 'action' => 'editbootos', 'groupdepth' => $childgroups, 'configlist'=>$configlist, - 'rights' => 'meta', 'page' => $this->page)); $bootosForm->populate($bootos->toArray()); @@ -290,7 +285,6 @@ class user_BootosController extends Zend_Controller_Action 'action' => 'editbootos', 'groupdepth' => $childgroups, 'configlist'=>$configlist, - 'rights' => 'meta', 'page' => $this->page),$_POST); if ($bootosForm->isValid($_POST)) { @@ -298,7 +292,6 @@ class user_BootosController extends Zend_Controller_Action $bootosold = $bootos; $bootos = new Application_Model_BootOs($_POST); - $bootos->setMembershipID($this->membership->getID()); $bootos->setGroupID($this->membership->getGroupID()); $bootos->setCreated(time()); if($bootos->getConfigID() == '') @@ -309,14 +302,14 @@ class user_BootosController extends Zend_Controller_Action $bootos->getDefaultkcl() != $bootosold->getDefaultkcl() || $bootos->getExpires() != $bootosold->getExpires() || $bootos->getPublic() != $bootosold->getPublic() ){ - //TODO ACL Is he allowed to edit this? - if(false) + //ACL Is he allowed to edit this? + if(Pbs_Acl::checkRight('boem')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/modifyresult/forbidden'); } if($bootos->getPath_kernel() != $bootosold->getPath_kernel() || $bootos->getPath_init() != $bootosold->getPath_init()){ - //TODO ACL Is he allowed to edit the Kernel/Init Path? - if(false) + //ACL Is he allowed to edit the Kernel/Init Path? + if(Pbs_Acl::checkRight('boem')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/modifyresult/forbidden'); $path_tmp = "../resources/bootos/"; @@ -366,8 +359,8 @@ class user_BootosController extends Zend_Controller_Action public function deletebootosAction() { - //TODO ACL Is he allowed to delete Bootos? - if(false) + //ACL Is he allowed to delete Bootos? + if(!Pbs_Acl::checkRight('bod')) $this->_redirect('/user/bootos/index/page/'.$this->page.'/deleteresult/forbidden'); try{ diff --git a/application/modules/user/controllers/ConfigController.php b/application/modules/user/controllers/ConfigController.php index 83ff804..000a5e9 100644 --- a/application/modules/user/controllers/ConfigController.php +++ b/application/modules/user/controllers/ConfigController.php @@ -48,15 +48,14 @@ class user_ConfigController extends Zend_Controller_Action $groupID = $this->membership->getGroupID(); - //TODO ACL Darf er Configs sehen? - if(false) + //ACL Darf er Configs sehen? + if(!Pbs_Acl::checkRight('csai') && !Pbs_Acl::checkRight('csui')) $this->_redirect('/user/index'); $this->configMapper = new Application_Model_ConfigMapper(); $groupMapper = new Application_Model_GroupMapper(); - if(true){ - //TODO nur Configs von Admins + if(Pbs_Acl::checkRight('csai')){ $this->view->configlist = $this->configMapper->findBy(array('groupID' => $this->membership->getGroupID())); }else{ $this->view->configlist = $this->configMapper->findBy(array('membershipID' => $this->membership->getID())); @@ -82,22 +81,25 @@ class user_ConfigController extends Zend_Controller_Action public function createconfigAction() { - //TODO ACL Darf er Configs erstellen? - if(false) + //ACL Darf er Configs erstellen? + if(!Pbs_Acl::checkRight('cc')) $this->_redirect('/user/config/index/page/'.$this->page.'/addresult/forbidden'); if (!isset($_POST["createconfig"])){ - $configForm = new user_Form_Config(array('action' => 'createconfig','rights' => null,'page'=>$this->page)); + $configForm = new user_Form_Config(array('action' => 'createconfig','page'=>$this->page)); } else { - $configForm = new user_Form_Config(array('action' => 'createconfig','rights' => null,'page'=>$this->page),$_POST); + $configForm = new user_Form_Config(array('action' => 'createconfig','page'=>$this->page),$_POST); if ($configForm->isValid($_POST)) { $config = new Application_Model_Config($_POST); $config->setCreated(time()); - $config->setMembershipID($this->membership->getID()); - $config->setGroupID($this->membership->getGroupID()); - + + if(Pbs_Acl::checkRight('csai')) + $config->setGroupID($this->membership->getGroupID()); + else + $config->setMembershipID($this->membership->getID()); + try { $this->configMapper->save($config); }catch(Zend_Exception $e) @@ -115,8 +117,8 @@ class user_ConfigController extends Zend_Controller_Action public function editconfigAction() { - //TODO ACL Darf er Configs editieren? - if(false) + //ACL Darf er Configs editieren? + if(!Pbs_Acl::checkRight('ce')) $this->_redirect('/user/config/index/page/'.$this->page.'/modifyresult/forbidden'); $configID = $this->_request->getParam('configID'); @@ -138,11 +140,11 @@ class user_ConfigController extends Zend_Controller_Action if (!isset($_POST["editconfig"])){ - $configForm = new user_Form_Config(array('action' => 'editconfig','rights' => 'meta','page'=>$this->page)); + $configForm = new user_Form_Config(array('action' => 'editconfig','page'=>$this->page)); $configForm->populate($config->toArray()); }else{ - $configForm = new user_Form_Config(array('action' => 'editconfig','rights' => 'meta','page'=>$this->page),$_POST); + $configForm = new user_Form_Config(array('action' => 'editconfig','page'=>$this->page),$_POST); if ($configForm->isValid($_POST)) { @@ -150,13 +152,17 @@ class user_ConfigController extends Zend_Controller_Action $config = new Application_Model_Config($_POST); $config->setCreated(time()); - $config->setMembershipID($this->membership->getID()); - $config->setGroupID($this->membership->getGroupID()); + + if(Pbs_Acl::checkRight('csai')) + $config->setGroupID($this->membership->getGroupID()); + else + $config->setMembershipID($this->membership->getID()); + $config->setID($configID); if($configold->getShellscript() != $config->getShellscript()){ - //TODO ACL Is he allowed to edit other than Metadata? - if(false) + //ACL Is he allowed to edit other than Metadata? + if(Pbs_Acl::checkRight('cem')) $this->_redirect('/user/config/index/page/'.$this->page.'/modifyresult/forbidden'); } @@ -180,8 +186,8 @@ class user_ConfigController extends Zend_Controller_Action public function deleteconfigAction() { - //TODO ACL Darf er Configs löschen? - if(false) + //ACL Darf er Configs löschen? + if(!Pbs_Acl::checkRight('cd')) $this->_redirect('/user/config/index/page/'.$this->page.'/deleteresult/forbidden'); try{ diff --git a/application/modules/user/controllers/PrebootController.php b/application/modules/user/controllers/PrebootController.php index 6944e27..0572c32 100644 --- a/application/modules/user/controllers/PrebootController.php +++ b/application/modules/user/controllers/PrebootController.php @@ -58,8 +58,8 @@ class User_PrebootController extends Zend_Controller_Action $groupID = $this->membership->getGroupID(); - //TODO ACL Darf er PrebootMenu sehen? - if(false) + //ACL Darf er PrebootMenu sehen? + if(!Pbs_Acl::checkRight('pro')) $this->_redirect('/user/index'); $this->view->prebootlist = $this->prebootMapper->findBy(array("groupID" => $groupID)); @@ -76,8 +76,7 @@ class User_PrebootController extends Zend_Controller_Action $this->view->page = $pagination->getRequestPage(); $this->view->prebootlist= $this->view->prebootlist; - - + $this->view->update = array(); $update = $this->_request->getParam('checkupdate'); @@ -92,8 +91,8 @@ class User_PrebootController extends Zend_Controller_Action public function createprebootAction() { - //TODO ACL Is he allowed to create Preboots? - if(false) + //ACL Is he allowed to create Preboots? + if(!Pbs_Acl::checkRight('prc')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/addresult/forbidden'); if (!isset($_POST["createpreboot"])){ @@ -109,8 +108,7 @@ class User_PrebootController extends Zend_Controller_Action if ($prebootForm->isValid($_POST)) { $preboot = new Application_Model_PreBoot($_POST); - $preboot->setMembershipID($this->membership->getID()); - $preboot->setGroupID($this->membership->getGroupID()); + $preboot->setGroupID($this->membership->getGroupID()); try { @@ -153,8 +151,8 @@ class User_PrebootController extends Zend_Controller_Action public function checkupdateAction($preboot) { - //TODO ACL Is he allowed to update Preboots? - if(false) + //ACL Is he allowed to update Preboots? + if(!Pbs_Acl::checkRight('pru')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/updateresult/forbidden'); $prebootID = $preboot->getID(); @@ -184,8 +182,8 @@ class User_PrebootController extends Zend_Controller_Action public function updateprebootAction() { - //TODO ACL Is he allowed to update Preboots? - if(false) + //ACL Is he allowed to update Preboots? + if(!Pbs_Acl::checkRight('pru')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/updateresult/forbidden'); $prebootID = $this->_request->getParam('prebootID'); @@ -243,8 +241,8 @@ class User_PrebootController extends Zend_Controller_Action public function editprebootAction() { - //TODO ACL Is he allowed to edit Preboots? - if(false) + //ACL Is he allowed to edit Preboots? + if(!Pbs_Acl::checkRight('pre')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/modifyresult/forbidden'); $prebootID = $this->_request->getParam('prebootID'); @@ -262,16 +260,14 @@ class User_PrebootController extends Zend_Controller_Action if (!isset($_POST["editpreboot"])){ $prebootForm = new user_Form_Preboot(array( - 'action' => 'editpreboot', - 'rights' => 'meta', + 'action' => 'editpreboot', 'page' => $this->page)); $prebootForm->populate($preboot->toArray()); }else{ $prebootForm = new user_Form_Preboot(array( - 'action' => 'editpreboot', - 'rights' => 'meta', + 'action' => 'editpreboot', 'page' => $this->page),$_POST); if ($prebootForm->isValid($_POST)) { @@ -279,7 +275,6 @@ class User_PrebootController extends Zend_Controller_Action $prebootold = $preboot; $preboot = new Application_Model_PreBoot($_POST); - $preboot->setMembershipID($this->membership->getID()); $preboot->setGroupID($this->membership->getGroupID()); $preboot->setID($prebootID); @@ -287,8 +282,8 @@ class User_PrebootController extends Zend_Controller_Action if($preboot->getPath_preboot() != $prebootold->getPath_preboot()){ - //TODO ACL Is he allowed to edit the Preboot Path? - if(false) + //ACL Is he allowed to edit the Preboot Path? + if(Pbs_Acl::checkRight('prem')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/modifyresult/forbidden'); exec("wget -O '".$path_preboot."preboot.zip' ".escapeshellcmd($preboot->getPath_preboot()) ." 2>&1 | grep 'saved'" , $status); @@ -350,8 +345,8 @@ class User_PrebootController extends Zend_Controller_Action public function deleteprebootAction() { - //TODO ACL Is he allowed to delete Preboots? - if(false) + //ACL Is he allowed to delete Preboots? + if(!Pbs_Acl::checkRight('prd')) $this->_redirect('/user/preboot/index/page/'.$this->page.'/deleteresult/forbidden'); try{ -- cgit v1.2.3-55-g7522