summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorSebastian Wagner2011-09-07 15:37:33 +0200
committerSebastian Wagner2011-09-07 15:37:33 +0200
commit4015bbaa962fcca3f8fa52abcd28b61e7bb91104 (patch)
tree1bc9b1043590fde09a28f821846b15b5746af5ff /application
parentsome changes (diff)
parentweitere Korrektur (diff)
downloadpoolctrl-4015bbaa962fcca3f8fa52abcd28b61e7bb91104.tar.gz
poolctrl-4015bbaa962fcca3f8fa52abcd28b61e7bb91104.tar.xz
poolctrl-4015bbaa962fcca3f8fa52abcd28b61e7bb91104.zip
Merge branch 'master' of git.openslx.org:lsfks/projekte/poolctrl
Conflicts: application/controllers/EventController.php
Diffstat (limited to 'application')
-rw-r--r--application/configs/application.ini.dist2
-rw-r--r--application/controllers/EventController.php257
-rw-r--r--application/layouts/default.phtml19
3 files changed, 147 insertions, 131 deletions
diff --git a/application/configs/application.ini.dist b/application/configs/application.ini.dist
index d979317..a444d79 100644
--- a/application/configs/application.ini.dist
+++ b/application/configs/application.ini.dist
@@ -20,7 +20,7 @@ resources.layout.layout = "default"
resources.layout.layoutPath = APPLICATION_PATH "/layouts"
pbs2.host =
pbs2.login = /resource/login/
-pbs2.checkright = /resource/checkright/apikey
+pbs2.checkright = /resource/checkright/apikey/
pbs2.getbootoss = /resource/getbootos/apikey/
pbs2.getpools = /resource/getpool/apikey/
pbs2.addbootmenu = /resource/addbootmenu/apikey/
diff --git a/application/controllers/EventController.php b/application/controllers/EventController.php
index dd4ceee..798f674 100644
--- a/application/controllers/EventController.php
+++ b/application/controllers/EventController.php
@@ -34,42 +34,8 @@ class EventController extends Zend_Controller_Action
} else {
$apikey = $this->_request->getParam('apikey');
}
- if($apikey == ""){
- $email = $this->_request->getParam('email');
- $password = $this->_request->getParam('password');
- if(!isset($email)) {
- header('HTTP/1.0 401 No email is set');
- die();
- }
- if(!isset($password)) {
- header('HTTP/1.0 401 No password is set');
- die();
- }
- $loginquery = "email=" . $email . "&password=" . $password;
- $loginApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['login'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', $loginquery);
- $loginXMLString = $loginApiResult['http-body'];
- if(strlen($loginXMLString) > 0) {
- $loginXML = new SimpleXMLElement($loginXMLString);
- $login = $loginXML->login;
- $success = sprintf("%s", $login->success);
- if ($success === "true") {
- $bootstrap = $this->getInvokeArg('bootstrap');
- $this->config = $bootstrap->getOptions();
- $this->pbs2host = $this->config['pbs2']['host'];
- $this->gearmanServerHost = $this->config['gearman']['server']['host'];
- $this->gearmanServerPort = $this->config['gearman']['server']['port'];
- $this->gearmanWorkerWaitTime = $this->config['gearman']['worker']['waitTime'];
- $this->gearmanWorkerUpdateRate = $this->config['gearman']['worker']['updateRate'];
- $this->gearmanClient = new GearmanClient();
- $this->gearmanClient->addServer($this->gearmanServerHost);
- $this->eventMapper = new Application_Model_EventMapper();
- $this->eventcategoryMapper = new Application_Model_EventcategoryMapper();
- } else {
- header('HTTP/1.0 401 Wrong email or password');
- die();
- }
- }
- } else {
+ if($apikey != ""){
+ $this->acl = new Poolctrl_Acl($this->pbs2host, $this->config['pbs2']['checkright'] . $apikey, 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
$bootstrap = $this->getInvokeArg('bootstrap');
$this->config = $bootstrap->getOptions();
$this->pbs2host = $this->config['pbs2']['host'];
@@ -81,6 +47,9 @@ class EventController extends Zend_Controller_Action
$this->gearmanClient->addServer($this->gearmanServerHost);
$this->eventMapper = new Application_Model_EventMapper();
$this->eventcategoryMapper = new Application_Model_EventcategoryMapper();
+ } else {
+ header('HTTP/1.0 401 No apikey is set');
+ die();
}
} else if (Zend_Auth::getInstance()->hasIdentity()) {
$bootstrap = $this->getInvokeArg('bootstrap');
@@ -105,7 +74,14 @@ class EventController extends Zend_Controller_Action
public function indexAction()
{
- $events = $this->eventMapper->findBy(array("pbs_membershipID", $this->userIDsNamespace['membershipID']));
+ if(!$this->acl->checkRight('eo')) {
+ $this->_redirect('/');
+ }
+ if($this->acl->checkRight('eoo')) {
+ $events = $this->eventMapper->fetchAll();
+ } else {
+ $events = $this->eventMapper->findBy(array("pbs_membershipID", $this->userIDsNamespace['membershipID']));
+ }
if(count($events) > 0) {
$bootOsApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['getbootoss'] . $this->userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', '');
$bootOsXMLString = $bootOsApiResult['http-body'];
@@ -207,6 +183,9 @@ class EventController extends Zend_Controller_Action
public function addAction()
{
+ if(!$this->acl->checkRight('ec')) {
+ $this->_redirect('/');
+ }
$eventcategorylist = $this->eventcategoryMapper->fetchAll();
$bootOsApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['getbootoss'] . $this->userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', '');
$bootOsXMLString = $bootOsApiResult['http-body'];
@@ -324,6 +303,9 @@ class EventController extends Zend_Controller_Action
public function deleteAction()
{
+ if(!$this->acl->checkRight('ed')) {
+ $this->_redirect('/');
+ }
$this->_helper->viewRenderer->setNoRender();
$eventID = $this->_request->getParam('eventID');
if(isset($eventID)) {
@@ -335,6 +317,11 @@ class EventController extends Zend_Controller_Action
$filterApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['deletefilter'] . $this->userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', "bootmenuid=" . $event->getPbs_filterID());
}
$this->eventMapper->find($eventID, $event);
+ if($event->getPbs_membershipID() != $this->userIDsNamespace['membershipID']) {
+ if(!$this->acl->checkRight('edo')) {
+ $this->_redirect('/');
+ }
+ }
try {
$this->eventMapper->delete($event);
} catch(Zend_Exception $e)
@@ -352,49 +339,59 @@ class EventController extends Zend_Controller_Action
public function editAction()
{
- $eventcategorylist = $this->eventcategoryMapper->fetchAll();
- $bootOsApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['getbootoss'] . $this->userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', '');
- $bootOsXMLString = $bootOsApiResult['http-body'];
- if(strlen($bootOsXMLString) > 0) {
- $bootOsXML = new SimpleXMLElement($bootOsXMLString);
- foreach($bootOsXML->bootoslist->bootos as $bootos) {
- $bootosobj = new Application_Model_BootOs();
- $bootosobj->setID(sprintf("%s", $bootos->id));
- $bootosobj->setCreated(sprintf("%s", $bootos->created));
- $bootosobj->setDefaultkcl(sprintf("%s", $bootos->defaultkcl));
- $bootosobj->setDescription(sprintf("%s", $bootos->description));
- $bootosobj->setDistro(sprintf("%s", $bootos->distro));
- $bootosobj->setDistroversion(sprintf("%s", $bootos->distroversion));
- $bootosobj->setExpires(sprintf("%s", $bootos->expires));
- $bootosobj->setGroupID(sprintf("%s", $bootos->groupid));
- $bootosobj->setMembershipID(sprintf("%s", $bootos->membershipid));
- $bootosobj->setPublic(sprintf("%s", $bootos->public));
- $bootosobj->setShare(sprintf("%s", $bootos->share));
- $bootosobj->setShortname(sprintf("%s", $bootos->shortname));
- $bootosobj->setSource(sprintf("%s", $bootos->source));
- $bootosobj->setTitle(sprintf("%s", $bootos->title));
- $bootoslist[$bootosobj->getID()] = $bootosobj;
- }
- }
- $poolApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['getpools'] . $this->userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', '');
- $poolXMLString = $poolApiResult['http-body'];
- if(strlen($poolXMLString) > 0) {
- $poolXML = new SimpleXMLElement($poolXMLString);
- foreach($poolXML->poollist->pool as $pool) {
- $poolobj = new Application_Model_Pool();
- $poolobj->setID(sprintf("%s", $pool->id));
- $poolobj->setDescription(sprintf("%s", $pool->description));
- $poolobj->setGroupID(sprintf("%s", $pool->groupid));
- $poolobj->setLocation(sprintf("%s", $pool->location));
- $poolobj->setTitle(sprintf("%s", $pool->title));
- $poollist[$poolobj->getID()] = $poolobj;
- }
+ if(!$this->acl->checkRight('ee')) {
+ $this->_redirect('/');
}
$eventID = $this->_request->getParam('eventID');
if(!isset($eventID)) {
$this->_helper->redirector('add', 'event');
return;
} else {
+ $eventcategorylist = $this->eventcategoryMapper->fetchAll();
+ $bootOsApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['getbootoss'] . $this->userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', '');
+ $bootOsXMLString = $bootOsApiResult['http-body'];
+ if(strlen($bootOsXMLString) > 0) {
+ $bootOsXML = new SimpleXMLElement($bootOsXMLString);
+ foreach($bootOsXML->bootoslist->bootos as $bootos) {
+ $bootosobj = new Application_Model_BootOs();
+ $bootosobj->setID(sprintf("%s", $bootos->id));
+ $bootosobj->setCreated(sprintf("%s", $bootos->created));
+ $bootosobj->setDefaultkcl(sprintf("%s", $bootos->defaultkcl));
+ $bootosobj->setDescription(sprintf("%s", $bootos->description));
+ $bootosobj->setDistro(sprintf("%s", $bootos->distro));
+ $bootosobj->setDistroversion(sprintf("%s", $bootos->distroversion));
+ $bootosobj->setExpires(sprintf("%s", $bootos->expires));
+ $bootosobj->setGroupID(sprintf("%s", $bootos->groupid));
+ $bootosobj->setMembershipID(sprintf("%s", $bootos->membershipid));
+ $bootosobj->setPublic(sprintf("%s", $bootos->public));
+ $bootosobj->setShare(sprintf("%s", $bootos->share));
+ $bootosobj->setShortname(sprintf("%s", $bootos->shortname));
+ $bootosobj->setSource(sprintf("%s", $bootos->source));
+ $bootosobj->setTitle(sprintf("%s", $bootos->title));
+ $bootoslist[$bootosobj->getID()] = $bootosobj;
+ }
+ }
+ $poolApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['getpools'] . $this->userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', '');
+ $poolXMLString = $poolApiResult['http-body'];
+ if(strlen($poolXMLString) > 0) {
+ $poolXML = new SimpleXMLElement($poolXMLString);
+ foreach($poolXML->poollist->pool as $pool) {
+ $poolobj = new Application_Model_Pool();
+ $poolobj->setID(sprintf("%s", $pool->id));
+ $poolobj->setDescription(sprintf("%s", $pool->description));
+ $poolobj->setGroupID(sprintf("%s", $pool->groupid));
+ $poolobj->setLocation(sprintf("%s", $pool->location));
+ $poolobj->setTitle(sprintf("%s", $pool->title));
+ $poollist[$poolobj->getID()] = $poolobj;
+ }
+ }
+ $event = new Application_Model_Event();
+ $this->eventMapper->find($eventID, $event);
+ if($event->getPbs_membershipID() != $this->userIDsNamespace['membershipID']) {
+ if(!$this->acl->checkRight('eeo')) {
+ $this->_redirect('/');
+ }
+ }
$save = $this->getRequest()->getParam("save");
if (isset($save)){
$editForm = new Application_Form_EventEdit(array('eventcategorylist' => $eventcategorylist, 'bootoslist' => $bootoslist, 'poollist' => $poollist, $this->getRequest()->getParams()));
@@ -403,8 +400,6 @@ class EventController extends Zend_Controller_Action
if($this->getRequest()->getParam('end')) {
$this->getRequest()->setParam('end', date ('Y-m-d H:i', strtotime($this->getRequest()->getParam('end'))));
}
- $event = new Application_Model_Event();
- $this->eventMapper->find($eventID, $event);
if($event->getPbs_bootmenuID()) {
$bootmenuApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['deletebootmenu'] . $this->userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', "bootmenuid=" . $event->getPbs_bootmenuID());
unset($bootmenuApiResult);
@@ -475,8 +470,6 @@ class EventController extends Zend_Controller_Action
$this->_redirect('/event/');
}
} else {
- $event = new Application_Model_Event();
- $this->eventMapper->find($eventID, $event);
$this->getRequest()->setParam('title', $event->getTitle());
$this->getRequest()->setParam('immediate', $event->getImmediate());
$this->getRequest()->setParam('start', $event->getStart());
@@ -495,56 +488,64 @@ class EventController extends Zend_Controller_Action
$this->view->params = $params;
}
}
-
- /*
+
+ /*
* ------------------------
* START CALENDAR FUNCTIONS
* ------------------------
*/
-
- public function eventmoveAction() {
-
- $this->_helper->layout->disableLayout();
- $this->_helper->viewRenderer->setNoRender();
-
- $event = new Application_Model_Event();
-
- $evid = $this->getRequest()->getParam('evid');
- $evstart = $this->getRequest()->getParam('evstart');
- $evend = $this->getRequest()->getParam('evend');
- //var_dump($evend);
-
- if ($evid!="null") {
- $this->eventMapper->find($evid,$event); //locate the event in the DB
- $event->setStart(date('Y-m-d H:i:s', strtotime(substr($evstart, 0, 24))));
- if($evend!="null"){
- $event->setEnd(date('Y-m-d H:i:s', strtotime(substr($evend, 0, 24))));
- }
- $this->eventMapper->save($event); //save the event with the new data
- }
- }
-
- public function eventresizeAction() {
-
- $this->_helper->layout->disableLayout();
- $this->_helper->viewRenderer->setNoRender();
- $event = new Application_Model_Event();
-
- $evid = $this->getRequest()->getParam('evid');
- $evend = $this->getRequest()->getParam('evend');
-
- //var_dump(date('Y-m-d H:i:s', strtotime(substr($evend, 0, 24))));
-
- if ($evid!=null) {
- $this->eventMapper->find($evid,$event); //locate the event in the DB
- $event->setEnd(date('Y-m-d H:i:s', strtotime(substr($evend, 0, 24))));
-
- $this->eventMapper->save($event); //save the event with the new data
- }
- }
- public function eventlistAction() {
+ public function eventmoveAction() {
+ if(!$this->acl->checkRight('eo')) {
+ $this->_redirect('/');
+ }
+ $this->_helper->layout->disableLayout();
+ $this->_helper->viewRenderer->setNoRender();
+
+
+ $event = new Application_Model_Event();
+
+
+ $evid = $this->getRequest()->getParam('evid');
+ $evstart = $this->getRequest()->getParam('evstart');
+ $evend = $this->getRequest()->getParam('evend');
+ //var_dump($evend);
+
+ if ($evid!="null") {
+ $this->eventMapper->find($evid,$event); //locate the event in the DB
+ $event->setStart(date('Y-m-d H:i:s', strtotime(substr($evstart, 0, 24))));
+ if($evend!="null"){
+ $event->setEnd(date('Y-m-d H:i:s', strtotime(substr($evend, 0, 24))));
+ }
+ $this->eventMapper->save($event); //save the event with the new data
+ }
+ }
+
+ public function eventresizeAction() {
+ if(!$this->acl->checkRight('eo')) {
+ $this->_redirect('/');
+ }
+ $this->_helper->layout->disableLayout();
+ $this->_helper->viewRenderer->setNoRender();
+ $event = new Application_Model_Event();
+
+ $evid = $this->getRequest()->getParam('evid');
+ $evend = $this->getRequest()->getParam('evend');
+ var_dump(date('Y-m-d H:i:s', strtotime(substr($evend, 0, 24))));
+
+ if ($evid!=null) {
+ $this->eventMapper->find($evid,$event); //locate the event in the DB
+ $event->setEnd(date('Y-m-d H:i:s', strtotime(substr($evend, 0, 24))));
+
+ $this->eventMapper->save($event); //save the event with the new data
+ }
+ }
+
+ public function eventlistAction() {
+ if(!$this->acl->checkRight('eo')) {
+ $this->_redirect('/');
+ }
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$poolID = $this->getRequest()->getParam('poolID');
@@ -585,9 +586,13 @@ class EventController extends Zend_Controller_Action
* END CALENDAR FUNCTIONS
* ----------------------
*/
-
-
+
+
public function runAction() {
+ if(!$this->acl->checkRight('er')) {
+ header('HTTP/1.0 403 No Right to run events');
+ die();
+ }
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$startTime = time();
@@ -764,6 +769,10 @@ class EventController extends Zend_Controller_Action
}
public function reportAction() {
+ if(!$this->acl->checkRight('er')) {
+ header('HTTP/1.0 403 No Right to run events');
+ die();
+ }
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
diff --git a/application/layouts/default.phtml b/application/layouts/default.phtml
index c4111fb..138ca5b 100644
--- a/application/layouts/default.phtml
+++ b/application/layouts/default.phtml
@@ -17,12 +17,15 @@ echo $this->headLink()."\n";
echo $this->headScript()."\n";
?>
<script type='text/javascript' src='/media/js/jquery-1.6.2.min.js'></script>
-<script type='text/javascript' src='/media/js/jquery-ui-1.8.16.custom.min.js'></script>
-<script type="text/javascript" src='/media/js/jquery-ui-timepicker-addon.js'></script>
+<script type='text/javascript'
+ src='/media/js/jquery-ui-1.8.16.custom.min.js'></script>
+<script type="text/javascript"
+ src='/media/js/jquery-ui-timepicker-addon.js'></script>
<script type="text/javascript" src='/media/js/script.js'></script>
<!-- files for calendar -->
<script type='text/javascript' src='/media/js/fullcalendar.min.js'></script>
-<script type="text/javascript" src='/media/js/jquery.qtip-1.0.0-rc3.min.js'></script>
+<script type="text/javascript"
+ src='/media/js/jquery.qtip-1.0.0-rc3.min.js'></script>
</head>
<body>
@@ -33,17 +36,21 @@ echo $this->headScript()."\n";
<div id="sidepannel-top" class='portletNavigationTree'>
<ul class='navTreeLevel0'>
<li class='navTreeItem'><a href='/'>Home</a></li>
- <?php if(Zend_Auth::getInstance()->hasIdentity()) { ?>
+ <?php if(Zend_Auth::getInstance()->hasIdentity()) {
+ $userIDsNamespace = Zend_Session::namespaceGet('userIDs');
+ ?>
<li class='navTreeItem'><a href='/person/'>Own Details</a></li>
- <?php if(count(Zend_Session::namespaceGet('userIDs')) > 1) { ?>
+ <?php if(count($userIDsNamespace) > 1) {
+ $acl = new Poolctrl_Acl($pbs2host, $config['pbs2']['checkright'] . $userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);;
+ if($acl->checkRight('eo')) { ?>
<li class='navTreeItem'><a href='/event'>Event</a></li>
+ <?php } ?>
<li class='navTreeItem'><a href='/person/changemembership'>Change
Membership</a></li>
<?php } else { ?>
<li class='navTreeItem'><a href='/person/selectmembership'>Select
Membership</a></li>
<?php } ?>
- <li class='navTreeItem'><a href='/gearman'>Gearman</a></li>
<li class='navTreeItem'><a href='/auth/logout'>Logout</a></li>
<?php } else { ?>
<li class='navTreeItem'><a href='/auth/login'>Login</a></li>