summaryrefslogtreecommitdiffstats
path: root/application/modules/user/controllers/BootmenuController.php
diff options
context:
space:
mode:
Diffstat (limited to 'application/modules/user/controllers/BootmenuController.php')
-rw-r--r--application/modules/user/controllers/BootmenuController.php67
1 files changed, 30 insertions, 37 deletions
diff --git a/application/modules/user/controllers/BootmenuController.php b/application/modules/user/controllers/BootmenuController.php
index dfe9f20..f24cb47 100644
--- a/application/modules/user/controllers/BootmenuController.php
+++ b/application/modules/user/controllers/BootmenuController.php
@@ -57,8 +57,8 @@ class user_BootmenuController extends Zend_Controller_Action
}
- //TODO ACL Darf er Bootmenus sehen?
- if(false)
+ //ACL Darf er Bootmenus sehen?
+ if(!Pbs_Acl::checkRight('booai') && !Pbs_Acl::checkRight('booui'))
$this->_redirect('/user/index');
$this->bootMenumapper = new Application_Model_BootMenuMapper();
@@ -66,8 +66,7 @@ class user_BootmenuController extends Zend_Controller_Action
$bootosMapper = new Application_Model_BootOsMapper();
$configMapper = new Application_Model_ConfigMapper();
- if(true){
- //TODO nur Bootmenus von Admins
+ if(Pbs_Acl::checkRight('booai')){
$bootmenu = $this->bootmenuMapper->findBy(array('groupID' => $this->membership->getGroupID()));
foreach ($bootmenu as $bm){
$bootmenuID = $bm->getID();
@@ -93,11 +92,11 @@ class user_BootmenuController extends Zend_Controller_Action
$mySearch = new Pbs_Search();
$mySearch->setSearchTerm($search);
$mySearch->setModule('bootmenu');
- $this->view->searchform = $mySearch->searchForm();
if($search != ''){
$this->view->search = $mySearch->getSearchTerm();
$bootmenu = $mySearch->search($bootmenu);
}
+ $this->view->searchform = $mySearch->searchForm();
// Pagination
$pagination = new Pbs_Pagination();
@@ -122,23 +121,23 @@ class user_BootmenuController extends Zend_Controller_Action
public function createbootmenuAction()
{
- //TODO ACL Darf er BootMenus erstellen?
- if(false)
+ //ACL Darf er BootMenus erstellen?
+ if(!Pbs_Acl::checkRight('booc'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/addresult/forbidden');
if (!isset($_POST["createbootmenu"])){
- $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu', 'rights' => 'all','page' => $this->page));
+ $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu','page' => $this->page));
} else {
- $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu', 'rights' => 'all','page' => $this->page),$_POST);
+ $bootmenuForm = new user_Form_Bootmenu(array('action' => 'createbootmenu','page' => $this->page),$_POST);
if ($bootmenuForm->isValid($_POST)) {
$bootmenu = new Application_Model_BootMenu($_POST);
- $bootmenu->setMembershipID($this->membership->getID());
- $bootmenu->setGroupID($this->membership->getGroupID());
$bootmenu->setCreated(time());
+ $bootmenu->setGroupID($this->membership->getGroupID());
+
try{
$this->bootmenuMapper->save($bootmenu);
}catch(Zend_Exception $e){
@@ -156,8 +155,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function editbootmenuAction()
{
- //TODO ACL Is he allowed to edit BootMenus?
- if(false)
+ //ACL Is he allowed to edit BootMenus?
+ if(!Pbs_Acl::checkRight('booe'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
$bootmenuID = $this->_request->getParam('bootmenuID');
@@ -172,26 +171,21 @@ class user_BootmenuController extends Zend_Controller_Action
if (!isset($_POST["editbootmenu"])){
- $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page));
+ $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page));
$bootmenuForm->populate($bootmenu->toArray());
}else{
- $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu', 'rights' => 'all','page' => $this->page),$_POST);
+ $bootmenuForm = new user_Form_Bootmenu(array('action' => 'editbootmenu','page' => $this->page),$_POST);
if ($bootmenuForm->isValid($_POST)) {
$bootmenuold = $bootmenu;
$bootmenu = new Application_Model_BootMenu($_POST);
- $bootmenu->setMembershipID($this->membership->getID());
$bootmenu->setGroupID($this->membership->getGroupID());
$bootmenu->setCreated(time());
$bootmenu->setID($bootmenuID);
- //TODO ACL Is he allowed to edit this?
- if(false)
- $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
-
try {
$this->bootmenuMapper->save($bootmenu);
}catch(Zend_Exception $e)
@@ -212,8 +206,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function deletebootmenuAction()
{
- //TODO ACL Is he allowed to delete Bootmenu?
- if(false)
+ //ACL Is he allowed to delete Bootmenu?
+ if(!Pbs_Acl::checkRight('bood'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden');
try{
@@ -240,8 +234,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function addbootmenuentryAction()
{
- //TODO ACL Darf er BootMenuEntries erstellen?
- if(false)
+ //ACL Darf er BootMenuEntries erstellen?
+ if(!Pbs_Acl::checkRight('booae'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/addresult/forbidden');
$bootmenuID = $this->_request->getParam('bootmenuID');
@@ -255,6 +249,9 @@ class user_BootmenuController extends Zend_Controller_Action
$bootoslist = $bootosMapper->fetchAll();
$configlist = $configMapper->fetchAll();
+ if($this->membership->getGroupID() != $this->bootmenuMapper->find($bootmenuID)->getGroupID())
+ $this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
+
if (!isset($_POST["addbootmenuentry"])){
$bootmenuentryForm = new user_Form_BootmenuEntries(array(
@@ -262,8 +259,7 @@ class user_BootmenuController extends Zend_Controller_Action
'maxorder'=> $maxorder,
'configlist'=> $configlist,
'page' => $this->page,
- 'action' => 'addbootmenuentry',
- 'rights' => 'meta'
+ 'action' => 'addbootmenuentry'
));
$bootmenuentryForm->populate(array('order' => $maxorder));
@@ -278,8 +274,7 @@ class user_BootmenuController extends Zend_Controller_Action
'maxorder'=> $maxorder,
'configlist'=>$configlist,
'page' => $this->page,
- 'action' => 'addbootmenuentry',
- 'rights' => 'meta'),$_POST);
+ 'action' => 'addbootmenuentry'),$_POST);
if ($bootmenuentryForm->isValid($_POST)) {
@@ -312,8 +307,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function editbootmenuentryAction()
{
- //TODO ACL Is he allowed to edit BootMenus?
- if(false)
+ //ACL Is he allowed to edit BootMenus?
+ if(!Pbs_Acl::checkRight('booee'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
$bootmenuentryID = $this->_request->getParam('bootmenuentryID');
@@ -344,7 +339,6 @@ class user_BootmenuController extends Zend_Controller_Action
'kcl' => $bootmenuentry->getKcl(),
'page' => $this->page,
'action' => 'editbootmenuentry',
- 'rights' => 'all'
));
if(!isset($_POST['configID'])){
@@ -363,8 +357,7 @@ class user_BootmenuController extends Zend_Controller_Action
'configlist'=> $configlist,
'kcl' => $bootmenuentry->getKcl(),
'page' => $this->page,
- 'action' => 'editbootmenuentry',
- 'rights' => 'all'),$_POST);
+ 'action' => 'editbootmenuentry'),$_POST);
if ($bootmenuentryForm->isValid($_POST)) {
@@ -378,8 +371,8 @@ class user_BootmenuController extends Zend_Controller_Action
$bootmenuentryold->getConfigID() != $bootmenuentry->getConfigID() ||
$bootmenuentryold->getKcl() != $bootmenuentry->getKcl() ||
$bootmenuentryold->getKclappend() != $bootmenuentry->getKclappend()){
- //TODO ACL Is he allowed to edit this?
- if(false)
+ //ACL Is he allowed to edit this?
+ if(Pbs_Acl::checkRight('booeem'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/modifyresult/forbidden');
}
@@ -410,8 +403,8 @@ class user_BootmenuController extends Zend_Controller_Action
public function removebootmenuentryAction()
{
- //TODO ACL Is he allowed to delete Bootos?
- if(false)
+ //ACL Is he allowed to delete Bootos?
+ if(!Pbs_Acl::checkRight('boode'))
$this->_redirect('/user/bootmenu/index/page/'.$this->page.'/deleteresult/forbidden');
try{