summaryrefslogtreecommitdiffstats
path: root/application/modules/user/controllers/BootmenuController.php
diff options
context:
space:
mode:
authormichael pereira2011-04-05 16:21:08 +0200
committermichael pereira2011-04-05 16:21:08 +0200
commit6e476cbdc86f66a154b6794967adaba1a2d0f004 (patch)
tree7d4133c41110704fe5a3038575245c9d6da25a27 /application/modules/user/controllers/BootmenuController.php
parentSession-Controller erstellt (diff)
downloadpbs2-6e476cbdc86f66a154b6794967adaba1a2d0f004.tar.gz
pbs2-6e476cbdc86f66a154b6794967adaba1a2d0f004.tar.xz
pbs2-6e476cbdc86f66a154b6794967adaba1a2d0f004.zip
Rechte in Alle Controller
Diffstat (limited to 'application/modules/user/controllers/BootmenuController.php')
-rw-r--r--application/modules/user/controllers/BootmenuController.php49
1 files changed, 21 insertions, 28 deletions
diff --git a/application/modules/user/controllers/BootmenuController.php b/application/modules/user/controllers/BootmenuController.php
index 84c31ff..78fdde7 100644
--- a/application/modules/user/controllers/BootmenuController.php
+++ b/application/modules/user/controllers/BootmenuController.php
@@ -135,8 +135,7 @@ class user_BootmenuController extends Zend_Controller_Action
$bootmenu = new Application_Model_BootMenu($_POST);
$bootmenu->setCreated(time());
-
- $bootmenu->setMembershipID($this->membership->getID());
+
$bootmenu->setGroupID($this->membership->getGroupID());
try{
@@ -156,8 +155,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function editbootmenuAction()
{
- //TODO ACL Is he allowed to edit BootMenus?
- if(false)
+ //ACL Is he allowed to edit BootMenus?
+ if(!Pbs_Acl::checkRight('booe'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
$bootmenuID = $this->_request->getParam('bootmenuID');
@@ -172,26 +171,21 @@ class user_BootmenuController extends Zend_Controller_Action
if (!isset($_POST["editbootmenu"])){
- $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page));
+ $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page));
$bootmenuForm->populate($bootmenu->toArray());
}else{
- $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page),$_POST);
+ $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page),$_POST);
if ($bootmenuForm->isValid($_POST)) {
$bootmenuold = $bootmenu;
$bootmenu = new Application_Model_BootMenu($_POST);
- $bootmenu->setMembershipID($this->membership->getID());
$bootmenu->setGroupID($this->membership->getGroupID());
$bootmenu->setCreated(time());
$bootmenu->setID($bootmenuID);
- //TODO ACL Is he allowed to edit this?
- if(false)
- $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
-
try {
$this->bootmenuMapper->save($bootmenu);
}catch(Zend_Exception $e)
@@ -212,8 +206,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function deletebootmenuAction()
{
- //TODO ACL Is he allowed to delete Bootmenu?
- if(false)
+ //ACL Is he allowed to delete Bootmenu?
+ if(!Pbs_Acl::checkRight('bood'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden');
try{
@@ -240,8 +234,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function addbootmenuentryAction()
{
- //TODO ACL Darf er BootMenuEntries erstellen?
- if(false)
+ //ACL Darf er BootMenuEntries erstellen?
+ if(!Pbs_Acl::checkRight('booae'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/addresult/forbidden');
$bootmenuID = $this->_request->getParam('bootmenuID');
@@ -255,6 +249,9 @@ class user_BootmenuController extends Zend_Controller_Action
$bootoslist = $bootosMapper->fetchAll();
$configlist = $configMapper->fetchAll();
+ if($this->membership->getGroupID() != $this->bootmenuMapper->find($bootmenuID)->getGroupID())
+ $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
+
if (!isset($_POST["addbootmenuentry"])){
$bootmenuentryForm = new user_Form_BootmenuEntries(array(
@@ -262,8 +259,7 @@ class user_BootmenuController extends Zend_Controller_Action
'maxorder'=> $maxorder,
'configlist'=> $configlist,
'page' => $this->page,
- 'action' => 'addbootmenuentry',
- 'rights' => 'meta'
+ 'action' => 'addbootmenuentry'
));
$bootmenuentryForm->populate(array('order' => $maxorder));
@@ -278,8 +274,7 @@ class user_BootmenuController extends Zend_Controller_Action
'maxorder'=> $maxorder,
'configlist'=>$configlist,
'page' => $this->page,
- 'action' => 'addbootmenuentry',
- 'rights' => 'meta'),$_POST);
+ 'action' => 'addbootmenuentry'),$_POST);
if ($bootmenuentryForm->isValid($_POST)) {
@@ -312,8 +307,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function editbootmenuentryAction()
{
- //TODO ACL Is he allowed to edit BootMenus?
- if(false)
+ //ACL Is he allowed to edit BootMenus?
+ if(!Pbs_Acl::checkRight('booee'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
$bootmenuentryID = $this->_request->getParam('bootmenuentryID');
@@ -344,7 +339,6 @@ class user_BootmenuController extends Zend_Controller_Action
'kcl' => $bootmenuentry->getKcl(),
'page' => $this->page,
'action' => 'editbootmenuentry',
- 'rights' => 'all'
));
if(!isset($_POST['configID'])){
@@ -363,8 +357,7 @@ class user_BootmenuController extends Zend_Controller_Action
'configlist'=> $configlist,
'kcl' => $bootmenuentry->getKcl(),
'page' => $this->page,
- 'action' => 'editbootmenuentry',
- 'rights' => 'all'),$_POST);
+ 'action' => 'editbootmenuentry'),$_POST);
if ($bootmenuentryForm->isValid($_POST)) {
@@ -378,8 +371,8 @@ class user_BootmenuController extends Zend_Controller_Action
$bootmenuentryold->getConfigID() != $bootmenuentry->getConfigID() ||
$bootmenuentryold->getKcl() != $bootmenuentry->getKcl() ||
$bootmenuentryold->getKclappend() != $bootmenuentry->getKclappend()){
- //TODO ACL Is he allowed to edit this?
- if(false)
+ //ACL Is he allowed to edit this?
+ if(Pbs_Acl::checkRight('booeem'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
}
@@ -410,8 +403,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function removebootmenuentryAction()
{
- //TODO ACL Is he allowed to delete Bootos?
- if(false)
+ //ACL Is he allowed to delete Bootos?
+ if(!Pbs_Acl::checkRight('boode'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden');
try{