diff options
| author | Christian Hofmaier | 2017-11-30 16:35:04 +0100 |
|---|---|---|
| committer | Christian Hofmaier | 2017-11-30 16:35:04 +0100 |
| commit | 9d9bb6390020c3cb138b9c62a8acd1fd8e274c6b (patch) | |
| tree | 5137e6e2875704969784b7db53ed2d2457e33799 /modules-available/statistics_reporting/page.inc.php | |
| parent | [news] reworked permission system from "click and you get error" to "button i... (diff) | |
| download | slx-admin-9d9bb6390020c3cb138b9c62a8acd1fd8e274c6b.tar.gz slx-admin-9d9bb6390020c3cb138b9c62a8acd1fd8e274c6b.tar.xz slx-admin-9d9bb6390020c3cb138b9c62a8acd1fd8e274c6b.zip | |
[statistics_reporting] reworked permission system from "click and you get error" to "button is disabled due to lack of permission"
Diffstat (limited to 'modules-available/statistics_reporting/page.inc.php')
| -rw-r--r-- | modules-available/statistics_reporting/page.inc.php | 47 |
1 files changed, 23 insertions, 24 deletions
diff --git a/modules-available/statistics_reporting/page.inc.php b/modules-available/statistics_reporting/page.inc.php index 9862a82e..5d586b6c 100644 --- a/modules-available/statistics_reporting/page.inc.php +++ b/modules-available/statistics_reporting/page.inc.php @@ -55,8 +55,6 @@ class Page_Statistics_Reporting extends Page if (User::hasPermission("table.export") && User::hasPermission("table.view.$this->type")) { $this->doExport(); // Does not return - } else { - Message::addError('main.no-permission'); } } // Get report - fetch data exactly the way it would automatically be reported @@ -67,10 +65,7 @@ class Page_Statistics_Reporting extends Page Header('Content-Disposition: attachment; filename=remote-report.json'); Header('Content-Type: application/json; charset=utf-8'); die(json_encode($report)); - } else { - Message::addError('main.no-permission'); } - } } @@ -109,6 +104,7 @@ class Page_Statistics_Reporting extends Page $data['tables'][] = array( 'name' => Dictionary::translate('table_' . $table, true), 'value' => $table, + 'allowed' => User::hasPermission("table.view.$table"), 'selected' => ($this->type === $table) ? 'selected' : '', ); } @@ -130,15 +126,17 @@ class Page_Statistics_Reporting extends Page $data['settingsButtonClass'] = 'danger'; } + $data['allowedExport'] = User::hasPermission("table.export") && User::hasPermission("table.view.$this->type"); + $data['allowedDownload'] = User::hasPermission("reporting.download"); + $data['allowedReportChange'] = User::hasPermission("reporting.change"); + Render::addTemplate('columnChooser', $data); $data['data'] = $this->fetchData(GETDATA_PRINTABLE); - if (User::hasPermission("table.view.$this->type")) + if (User::hasPermission("table.view.$this->type")) { Render::addTemplate('table-' . $this->type, $data); - else - Message::addError('main.no-permission'); - + } } } @@ -146,23 +144,24 @@ class Page_Statistics_Reporting extends Page { $this->action = Request::any('action', false, 'string'); if ($this->action === 'setReporting') { - if (!User::hasPermission("reporting.change")) { - die("Permission denied."); - } - $state = Request::post('reporting', false, 'string'); - if ($state === false) { - die('Missing setting value.'); - } - RemoteReport::setReportingEnabled($state); - $data = array(); - if (RemoteReport::isReportingEnabled()) { - $data['class'] = 'default'; - $data['checked'] = true; + if (User::hasPermission("reporting.change")) { + $state = Request::post('reporting', false, 'string'); + if ($state === false) { + die('Missing setting value.'); + } + RemoteReport::setReportingEnabled($state); + $data = array(); + if (RemoteReport::isReportingEnabled()) { + $data['class'] = 'default'; + $data['checked'] = true; + } else { + $data['class'] = 'danger'; + } + Header('Content-Type: application/json; charset=utf-8'); + die(json_encode($data)); } else { - $data['class'] = 'danger'; + die('No permission.'); } - Header('Content-Type: application/json; charset=utf-8'); - die(json_encode($data)); } else { echo 'Invalid action.'; } |