summaryrefslogtreecommitdiffstats
path: root/application/controllers
diff options
context:
space:
mode:
authorBjörn Geiger2011-07-26 15:25:43 +0200
committerBjörn Geiger2011-07-26 15:25:43 +0200
commitb92edb65c3a31e1b1f188b7b7b13fb2254b0f6c6 (patch)
tree0bf035ae97bf7c44ede7e25df6e69cf0e0ed4c17 /application/controllers
parentminor (diff)
downloadpbs2-b92edb65c3a31e1b1f188b7b7b13fb2254b0f6c6.tar.gz
pbs2-b92edb65c3a31e1b1f188b7b7b13fb2254b0f6c6.tar.xz
pbs2-b92edb65c3a31e1b1f188b7b7b13fb2254b0f6c6.zip
getpool und getbootos api nun auch mit übergabe einer id
Diffstat (limited to 'application/controllers')
-rw-r--r--application/controllers/ResourceController.php23
1 files changed, 20 insertions, 3 deletions
diff --git a/application/controllers/ResourceController.php b/application/controllers/ResourceController.php
index 3283ae0..46904a1 100644
--- a/application/controllers/ResourceController.php
+++ b/application/controllers/ResourceController.php
@@ -753,7 +753,15 @@ class ResourceController extends Zend_Controller_Action
$configsMapper = new Application_Model_ConfigMapper();
$groupID = $this->membership->getGroupID();
- $bootos = $bootosMapper->findBy(array('groupid' => $groupID));
+ if(isset($params['bootosid'])) {
+ $bootos = array($bootosMapper->find($params['bootosid']));
+ if($bootos[0]->getGroupID() != $groupID) {
+ header('HTTP/1.0 403 No Right to Show this Bootos');
+ die();
+ }
+ } else {
+ $bootos = $bootosMapper->findBy(array('groupid' => $groupID));
+ }
if($bootos == null){
header('HTTP/1.0 400 No Bootos was found');
@@ -820,13 +828,22 @@ class ResourceController extends Zend_Controller_Action
header('HTTP/1.0 400 No API-Key');
die();
}
- $pool = new Application_Model_Pool();
+
$poolMapper = new Application_Model_PoolMapper();
$poolEntriesMapper = new Application_Model_PoolEntriesMapper();
$clientMapper = new Application_Model_ClientMapper();
$client = new Application_Model_Client();
$groupID = $this->membership->getGroupID();
- $pool = $poolMapper->findBy(array('groupid' => $groupID));
+
+ if(isset($params['poolid'])) {
+ $pool = array( $poolMapper->find($params['poolid']));
+ if($pool[0]->getGroupID() != $groupID) {
+ header('HTTP/1.0 403 No Right to Show this Pool');
+ die();
+ }
+ } else {
+ $pool = $poolMapper->findBy(array('groupid' => $groupID));
+ }
if($pool == null){
header('HTTP/1.0 400 No Pool was found');