summaryrefslogtreecommitdiffstats
path: root/application/modules/user/controllers/GroupController.php
diff options
context:
space:
mode:
Diffstat (limited to 'application/modules/user/controllers/GroupController.php')
-rw-r--r--application/modules/user/controllers/GroupController.php112
1 files changed, 78 insertions, 34 deletions
diff --git a/application/modules/user/controllers/GroupController.php b/application/modules/user/controllers/GroupController.php
index 37cdee8..9a5380a 100644
--- a/application/modules/user/controllers/GroupController.php
+++ b/application/modules/user/controllers/GroupController.php
@@ -10,6 +10,7 @@ class User_GroupController extends Zend_Controller_Action
protected $rolemapper = null;
protected $groupList = null;
protected $userIDsNamespace = null;
+ protected $membership;
public function init()
{
@@ -22,6 +23,11 @@ class User_GroupController extends Zend_Controller_Action
$this->personmapper = new Application_Model_PersonMapper();
$this->rolemapper = new Application_Model_RoleMapper();
$this->groupList = $this->groupMapper->fetchAll();
+
+ $userIDsNamespace = Zend_Session::namespaceGet('userIDs');
+ $this->membership = new Application_Model_Membership();
+ $this->membershipMapper->find($userIDsNamespace['membershipID'],$this->membership);
+
} else {
$this->_helper->redirector('login', 'auth');
return;
@@ -30,6 +36,10 @@ class User_GroupController extends Zend_Controller_Action
public function indexAction()
{
+ // ACL show overview
+ if(!Pbs_Acl::checkRight('gso'))
+ $this->_redirect('/user');
+
$this->view->groupList = $this->groupList;
// Search
@@ -45,13 +55,13 @@ class User_GroupController extends Zend_Controller_Action
// Pagination
$pagination = new Pbs_Pagination();
- $pagination->setPerPage(5);
+ $pagination->setPerPage(10);
$pagination->setElement($this->view->groupList);
$pagination->setRequestPage($this->_request->getParam('page'));
$pagination->setPageUrl('/user/group/index'.((isset($this->view->search))?'/search/'.$this->view->search:''));
$this->view->groupList = $pagination->getElements();
- $this->view->pagination = $pagination->pagination($pageurl);
+ $this->view->pagination = $pagination->pagination();
$this->view->page = $pagination->getRequestPage();
$this->view->userIDsNamespace = $this->userIDsNamespace;
}
@@ -62,6 +72,10 @@ class User_GroupController extends Zend_Controller_Action
public function addAction()
{
+ // ACL create new group
+ if(!Pbs_Acl::checkRight('gc'))
+ $this->_redirect('/user');
+
if (!isset($_POST["add"])){
$addForm = new user_Form_GroupAdd(array('grouplist' => $this->groupList));
} else {
@@ -139,6 +153,11 @@ class User_GroupController extends Zend_Controller_Action
public function editAction()
{
+ // ACL edit a group
+ // TODO: THERE IS NO RIGHT TO EDIT A GROUP
+ #if(!Pbs_Acl::checkRight(''))
+ # $this->_redirect('/user');
+
$groupID = $this->_request->getParam('groupID');
if(!isset($groupID)) {
if(count($this->userIDsNamespace) > 0) {
@@ -176,27 +195,42 @@ class User_GroupController extends Zend_Controller_Action
public function showAction()
{
+ // ACL create new group
+ if(!Pbs_Acl::checkRight('gsdo') && !Pbs_Acl::checkRight('gsdog'))
+ $this->_redirect('/user');
+
$groupID = $this->_request->getParam('groupID');
- if(!isset($groupID)) {
+ if($groupID == '' || !Pbs_Acl::checkRight('gsdog')) {
if(count($this->userIDsNamespace) > 0) {
$groupID = $this->userIDsNamespace['groupID'];
}
}
- if($groupID) {
+ if($groupID == $this->membership->getGroupID() && !Pbs_Acl::checkRight('gsdo'))
+ $this->_redirect('/user');
+
+ $this->view->usergroup = $this->membership->getGroupID();
+ $this->view->requestgroup = $groupID;
+ // ACL is he allowed to see the requests of a group ?
+ // TODO: THERE IS NO RIGHT TO EDIT A GROUP
+ # if(Pbs_Acl::checkRight('')){
$groupRequests = $this->groupRequestMapper->findBy(array('groupID' => $groupID),true);
if(isset($groupRequests)) {
foreach($groupRequests as $groupRequest) {
$person = $this->personmapper->find($groupRequest['personID']);
$groupRequestList[] = array(
- 'grouprequestID' => $groupRequest['grouprequestID'],
- 'person' => $person
+ 'grouprequestID' => $groupRequest['grouprequestID'],
+ 'person' => $person
);
}
if(is_array($groupRequestList)) {
$this->view->groupRequestList = $groupRequestList;
}
+ // TODO: expand with al inherit roles
$this->view->roleList = $this->rolemapper->findBy(array('groupID' => $groupID),true);
}
+ # }
+
+ if(Pbs_Acl::checkRight('gsmg')){
$members = $this->membershipMapper->findBy(array('groupID' => $groupID),true);
if(isset($members)) {
foreach($members as $member) {
@@ -212,7 +246,7 @@ class User_GroupController extends Zend_Controller_Action
if(is_array($membersList)) {
// Member Pagination
$memberPagination = new Pbs_Pagination();
- $memberPagination->setPerPage(5);
+ $memberPagination->setPerPage(10);
$memberPagination->setElement($membersList);
$memberPagination->setRequestPage($this->_request->getParam('page'));
if($this->_request->getParam('groupID')) {
@@ -225,19 +259,16 @@ class User_GroupController extends Zend_Controller_Action
$this->view->page = $memberPagination->getRequestPage();
}
}
- $groupgroups = $this->groupGroupsMapper->findBy(array('groupID' => $groupID),true);
- if(is_object($groupgroups)) {
- $parentGroup = $this->groupMapper->find($groupgroups->getParentID());
- $this->view->$parentGroup = $parentGroup;
- }
- $group = $this->groupMapper->find($groupID);
- $this->view->userIDsNamespace = $this->userIDsNamespace;
- $this->view->group = $group;
- $this->view->groupID = $groupID;
- } else {
- $this->_redirect('/user/');
- return;
}
+ $groupgroups = $this->groupGroupsMapper->findBy(array('groupID' => $groupID),true);
+ if(is_object($groupgroups)) {
+ $parentGroup = $this->groupMapper->find($groupgroups->getParentID());
+ $this->view->$parentGroup = $parentGroup;
+ }
+ $group = $this->groupMapper->find($groupID);
+ $this->view->userIDsNamespace = $this->userIDsNamespace;
+ $this->view->group = $group;
+ $this->view->groupID = $groupID;
}
public function linkAction()
@@ -269,6 +300,10 @@ class User_GroupController extends Zend_Controller_Action
public function deleteAction()
{
+ // ACL delete a group
+ if(!Pbs_Acl::checkRight('gd'))
+ $this->_redirect('/user');
+
$this->_helper->viewRenderer->setNoRender();
$groupID = $this->_request->getParam('groupID');
if(!isset($groupID)) {
@@ -304,6 +339,10 @@ class User_GroupController extends Zend_Controller_Action
public function grantpersonAction()
{
+ // ACL grant a membership to request
+ if(!Pbs_Acl::checkRight('gam'))
+ $this->_redirect('/user');
+
$this->_helper->viewRenderer->setNoRender();
if(isset($_POST['grouprequestID']) && isset($_POST['roleID'])) {
$groupRequest = $this->groupRequestMapper->find($_POST['grouprequestID']);
@@ -338,21 +377,26 @@ class User_GroupController extends Zend_Controller_Action
public function revokepersonAction()
{
+
$this->_helper->viewRenderer->setNoRender();
$membershipID = $this->_request->getParam('membershipID');
- if(isset($membershipID)) {
- $membership = $this->membershipMapper->find($membershipID);
- if(isset($membership)) {
- try {
- $this->membershipMapper->delete($membership);
- } catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- return;
+ $rr = $this->membershipMapper->find($membershipID);
+
+ if(($rr->getGroupID() == $this->membership->getGroupID && Pbs_Acl::checkRight('gdmo') ) || ( $rr->getGroupID() != $this->membership->getGroupID && Pbs_Acl::checkRight('gdmog'))){
+ if(isset($membershipID)) {
+ $membership = $this->membershipMapper->find($membershipID);
+ if(isset($membership)) {
+ try {
+ $this->membershipMapper->delete($membership);
+ } catch(Zend_Exception $e)
+ {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ return;
+ }
+ $this->_redirect("/user/group/show/groupID/" . $membership->getGroupID());
}
- $this->_redirect("/user/group/show/groupID/" . $membership->getGroupID());
- }
-
- } }
-} \ No newline at end of file
+ }
+ }
+ }
+}