diff options
| author | Udo Walter | 2017-04-10 17:00:10 +0200 |
|---|---|---|
| committer | Udo Walter | 2017-04-10 17:00:10 +0200 |
| commit | 9361d6f74a7407278d4f89911db5be369ec9fcca (patch) | |
| tree | 1158f9a0ef0aafd1283b60856efcfb4b89ef9877 /modules-available/permissionmanager | |
| parent | Merge branch 'permission-manager' of git.openslx.org:openslx-ng/slx-admin int... (diff) | |
| download | slx-admin-9361d6f74a7407278d4f89911db5be369ec9fcca.tar.gz slx-admin-9361d6f74a7407278d4f89911db5be369ec9fcca.tar.xz slx-admin-9361d6f74a7407278d4f89911db5be369ec9fcca.zip | |
[permission-manager] added permission check functionality + bugfixes
Diffstat (limited to 'modules-available/permissionmanager')
4 files changed, 48 insertions, 13 deletions
diff --git a/modules-available/permissionmanager/inc/permissionutil.inc.php b/modules-available/permissionmanager/inc/permissionutil.inc.php index d6adf2bf..8442f288 100644 --- a/modules-available/permissionmanager/inc/permissionutil.inc.php +++ b/modules-available/permissionmanager/inc/permissionutil.inc.php @@ -2,6 +2,41 @@ class PermissionUtil { + public static function userHasPermission($userid, $permissionid, $locationid) { + $locations = array(); + if (!is_null($locationid)) { + $res = Database::simpleQuery("SELECT locationid, parentlocationid FROM location"); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $locations[$row["locationid"]] = $row["parentlocationid"]; + } + if (!array_key_exists($locationid, $locations)) return false; + } + + $res = Database::simpleQuery("SELECT role_x_permission.permissionid as 'permissionid', + role_x_location.locid as 'locationid' + FROM user_x_role + INNER JOIN role_x_permission ON user_x_role.roleid = role_x_permission.roleid + LEFT JOIN role_x_location ON role_x_permission.roleid = role_x_location.roleid + WHERE user_x_role.userid = :userid", array("userid" => $userid)); + + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $userPermission = trim($row["permissionid"], "*"); + if (substr($permissionid, 0, strlen($userPermission)) === $userPermission) { + if (is_null($locationid) || $locationid == $row["locationid"]) { + return true; + } else { + $parentlocid = $locationid; + while ($parentlocid != 0) { + $parentlocid = $locations[$parentlocid]; + if ($parentlocid == $row["locationid"]) return true; + } + } + } + } + return false; + } + + public static function getPermissions() { $permissions = array(); diff --git a/modules-available/permissionmanager/page.inc.php b/modules-available/permissionmanager/page.inc.php index 30cc07c3..326d5b24 100644 --- a/modules-available/permissionmanager/page.inc.php +++ b/modules-available/permissionmanager/page.inc.php @@ -135,7 +135,7 @@ class Page_PermissionManager extends Page $res .= Render::parse($genModuleBox ? "modulepermissionbox" : (is_array($v) ? "permissiontreenode" : "permission"), array("id" => $genModuleBox ? $k : $permString.".".$k, "name" => $genModuleBox ? Module::get($k)->getDisplayName(): $k, - "HTML" => self::generatePermissionHTML($v, $genModuleBox ? $k : $permString.".".$k), + "HTML" => is_array($v) ? self::generatePermissionHTML($v, $genModuleBox ? $k : $permString.".".$k) : "", "description" => $v)); } return $res; diff --git a/modules-available/permissionmanager/templates/modulepermissionbox.html b/modules-available/permissionmanager/templates/modulepermissionbox.html index d298409b..69bde718 100644 --- a/modules-available/permissionmanager/templates/modulepermissionbox.html +++ b/modules-available/permissionmanager/templates/modulepermissionbox.html @@ -6,6 +6,8 @@ </div> </div> <div class='panel-body'> - {{{HTML}}} + <ul class='list-group'> + {{{HTML}}} + </ul> </div> </div>
\ No newline at end of file diff --git a/modules-available/permissionmanager/templates/permissiontreenode.html b/modules-available/permissionmanager/templates/permissiontreenode.html index e9656902..47bff1f2 100644 --- a/modules-available/permissionmanager/templates/permissiontreenode.html +++ b/modules-available/permissionmanager/templates/permissiontreenode.html @@ -1,11 +1,9 @@ -<ul class='list-group'> - <li class='list-group-item'> - <div class='checkbox'> - <input name='permissions[]' value='{{id}}.*' type='checkbox' class='form-control'> - <label>{{name}}</label> - </div> - <ul class='list-group'> - {{{HTML}}} - </ul> - </li> -</ul>
\ No newline at end of file +<li class='list-group-item'> + <div class='checkbox'> + <input name='permissions[]' value='{{id}}.*' type='checkbox' class='form-control'> + <label>{{name}}</label> + </div> + <ul class='list-group'> + {{{HTML}}} + </ul> +</li> |