summaryrefslogtreecommitdiffstats
path: root/application/modules/user/controllers/ClientController.php
diff options
context:
space:
mode:
authorSimon2011-03-29 15:08:20 +0200
committerSimon2011-03-29 15:08:20 +0200
commit0a0ac542fd4733505a80910d526fe501aff13362 (patch)
tree90abbecc663249464f68bf65994e075c068502ef /application/modules/user/controllers/ClientController.php
parentAcl in Filter implementiert (diff)
downloadpbs2-0a0ac542fd4733505a80910d526fe501aff13362.tar.gz
pbs2-0a0ac542fd4733505a80910d526fe501aff13362.tar.xz
pbs2-0a0ac542fd4733505a80910d526fe501aff13362.zip
ACL in ClientController
Diffstat (limited to 'application/modules/user/controllers/ClientController.php')
-rw-r--r--application/modules/user/controllers/ClientController.php32
1 files changed, 16 insertions, 16 deletions
diff --git a/application/modules/user/controllers/ClientController.php b/application/modules/user/controllers/ClientController.php
index 7846d94..163ea95 100644
--- a/application/modules/user/controllers/ClientController.php
+++ b/application/modules/user/controllers/ClientController.php
@@ -23,7 +23,9 @@ class User_ClientController extends Zend_Controller_Action
public function indexAction()
{
- // TODO: ACL: is he authorized to see this ?
+ // ACL: is he authorized to see this ?
+ if(!Pbs_Acl::checkRight('clo'))
+ $this->_redirect('/user');
// Get the Clients which booted with a bootiso of this group
$result = $this->_request->getParam('deleteresult');
@@ -55,8 +57,10 @@ class User_ClientController extends Zend_Controller_Action
$mac = $this->_request->getParam('mac');
$hh = $this->_request->getParam('hh');
- // TODO: ACL: is he authorized to create new clients?
- #if( he is allowed){
+ // ACL: is he authorized to create new clients?
+ if(!Pbs_Acl::checkRight('cla'))
+ $this->_redirect('/user');
+
if (!isset($_POST["add"])){
$addclient = new user_Form_Client(array('buttontext' => 'Create Client'));
$this->view->addclient = $addclient;
@@ -77,16 +81,16 @@ class User_ClientController extends Zend_Controller_Action
}
$this->view->addclient = $addclient;
}
- #}else{
- # $this->_redirect('/user/');
- #}
}
public function removeclientAction()
{
$clientID = $this->_request->getParam('clientID');
- // TODO: ACL: is he authorized to delete clients?
- #if( he is allowed){
+
+ // ACL: is he authorized to delete clients?
+ if(!Pbs_Acl::checkRight('cld'))
+ $this->_redirect('/user');
+
$clientMapper = new Application_Model_ClientMapper();
if(is_numeric($clientID)){
$client = new Application_Model_Client();
@@ -101,14 +105,13 @@ class User_ClientController extends Zend_Controller_Action
}
}
$this->_redirect('/user/client/index/deleteresult/error');
- #}else{
- # $this->_redirect('/user/');
- #}
}
public function editclientAction(){
- // TODO: ACL: Is he authorized to edit clients ?
- #if( he is allowed){
+ // ACL: Is he authorized to edit clients ?
+ if(!Pbs_Acl::checkRight('cle'))
+ $this->_redirect('/user');
+
if (!isset($_POST["add"])){
$clientID = $this->_request->getParam('clientID');
$client = new Application_Model_Client();
@@ -146,9 +149,6 @@ class User_ClientController extends Zend_Controller_Action
}
$this->view->editclient = $editclient;
}
- #}else{
- # $this->_redirect('/user/');
- #}
}