Revize 1156
Přidáno uživatelem Ondřej Fibich před více než 13 roky(ů)
| freenetis/branches/testing/application/models/groups_aro_map.php | ||
|---|---|---|
|
* @property integer $aro_id
|
||
|
*/
|
||
|
class Groups_aro_map_Model extends ORM
|
||
|
{
|
||
|
{function e() {return $this->db->last_query();}
|
||
|
/**
|
||
|
* Table name is groups_aro_map not groups_aro_maps
|
||
|
*
|
||
| freenetis/branches/testing/application/controllers/phone_invoices.php | ||
|---|---|---|
|
*/
|
||
|
class Phone_invoices_Controller extends Controller
|
||
|
{
|
||
|
|
||
|
|
||
|
/**
|
||
|
* Fuction checks access rights
|
||
|
* Return true if user with $login may view own $axo_section
|
||
|
* in this controller else return false
|
||
|
* @see Phone_invoices_Controller::user_field
|
||
|
*
|
||
|
* @param string $axo_value object to view
|
||
|
* @param string $login
|
||
|
* @staticvar gacl $gacl_class
|
||
|
* @return boolean returns true if member has enough access rights
|
||
|
*/
|
||
|
private static function _acl_check_view($axo_value, $login)
|
||
|
{
|
||
|
static $gacl_class = NULL;
|
||
|
|
||
|
if ($gacl_class == NULL)
|
||
|
{
|
||
|
require_once(APPPATH . 'vendors/phpgacl/gacl.class.php');
|
||
|
$gacl_class = new gacl();
|
||
|
}
|
||
|
|
||
|
return !empty($login) && $gacl_class->acl_check(
|
||
|
'freenetis', 'view_own', 'all', $login, 'Phone_invoices_Controller', $axo_value
|
||
|
);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Index of controller
|
||
|
* Redirects to show_all
|
||
|
*/
|
||
| ... | ... | |
|
|
||
|
if (!$this->acl_check_view(
|
||
|
'Phone_invoices_Controller', 'user_invoices',
|
||
|
$user_model->member_id
|
||
|
$user_model->member_id, TRUE
|
||
|
))
|
||
|
{
|
||
|
echo ' <b style="color: red;">(' . __('Is not telephonists') . '!)</b>';
|
||
| freenetis/branches/testing/application/controllers/unit_tester.php | ||
|---|---|---|
|
*
|
||
|
* @author Ondřej Fibich
|
||
|
* @package Controller
|
||
|
* @version 1.1
|
||
|
* @version 1.2
|
||
|
*/
|
||
|
class Unit_tester_Controller extends Controller
|
||
|
{
|
||
| ... | ... | |
|
{
|
||
|
die("Wrong argument.");
|
||
|
}
|
||
|
// server name
|
||
|
$sn = strtolower($_SERVER['SERVER_NAME']);
|
||
|
// check access
|
||
|
if (!in_array(strtolower($_SERVER['SERVER_NAME']), self::$ENABLED_SERVER_NAME))
|
||
|
if (!in_array($sn, self::$ENABLED_SERVER_NAME) || Config::get('unit_tester'))
|
||
|
{
|
||
|
echo "This test should be accessed from domains: <br>";
|
||
|
echo implode(', ', self::$ENABLED_SERVER_NAME) . "<br>";
|
||
|
echo "Add your domain to Unit_tester_Controller#ENABLED_SERVER_NAME for running test.";
|
||
|
echo "Enabled it at differrent domain by adding ";
|
||
|
echo "<code>\$config['unit_tester'] = TRUE;</code>";
|
||
|
echo " into config.php by adding.";
|
||
|
exit();
|
||
|
}
|
||
|
// overload Kohana error handlers
|
||
| ... | ... | |
|
/* Load model */
|
||
|
if ($tag == "model")
|
||
|
{
|
||
|
$class_name = strtoupper(substr($file_name, 0, 1)) . substr($file_name, 1) . "_Model";
|
||
|
$class_name = ucfirst($file_name) . "_Model";
|
||
|
}
|
||
|
else
|
||
|
{
|
||
| freenetis/branches/testing/application/libraries/MY_Controller.php | ||
|---|---|---|
|
'installation'
|
||
|
);
|
||
|
|
||
|
/** @var gacl PHP GACL class */
|
||
|
public $gacl_class;
|
||
|
/** @var unknown_type */
|
||
|
public $arr;
|
||
|
/** @var Setting_Model Settings */
|
||
| ... | ... | |
|
|
||
|
/**
|
||
|
* Checks user's access to system
|
||
|
*
|
||
|
* @author Ondřej Fibich
|
||
|
*
|
||
|
* @param type $axo_section_value AXO section value - Controller name
|
||
|
* @param type $axo_value AXO value - part of Controller
|
||
|
* @param type $aco_type ACO type of action (view, new, edit, delete, confirm)
|
||
|
* @param integer $member_id Member to check access
|
||
|
* @param boolean $force_own Force to use own rules for not logged user
|
||
|
* Used at: Phone_invoices_Controller#user_field()
|
||
|
* @return bool
|
||
|
*/
|
||
|
private function acl_check($axo_section, $axo_value, $aco_type, $member_id = NULL)
|
||
|
private function acl_check(
|
||
|
$axo_section, $axo_value, $aco_type, $member_id = NULL,
|
||
|
$force_own = FALSE)
|
||
|
{
|
||
|
// groups aro map loaded?
|
||
|
if (empty($this->groups_aro_map))
|
||
| ... | ... | |
|
}
|
||
|
|
||
|
// check own?
|
||
|
if ($member_id == $_SESSION['member_id'])
|
||
|
if (($member_id == $_SESSION['member_id']) || $force_own)
|
||
|
{
|
||
|
// check own access
|
||
|
if ($this->groups_aro_map->has_access(
|
||
| ... | ... | |
|
|
||
|
/**
|
||
|
* Fuction checks access rights
|
||
|
* Return true if currently logged user (stored in $_SESSION['username'])
|
||
|
* Return true if currently logged user (stored in $_SESSION['user_id'])
|
||
|
* may view own $axo_value object in $axo_section
|
||
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
||
|
* may view all $axo_value object in $axo_section else return false
|
||
|
*
|
||
|
* @param $axo_section group of objects to view
|
||
|
* @param $axo_value object to view
|
||
|
* @param $member_id optional variable, id of other member who is being showed by logged member
|
||
|
* @return boolean returns true if member has enough access rights
|
||
|
* @param $axo_section Group of objects to view
|
||
|
* @param $axo_value Object to view
|
||
|
* @param $member_id Optional variable, id of other member
|
||
|
* who is being showed by logged member
|
||
|
* @param boolean $force_own Force to use own rules for not logged user
|
||
|
* Used at: Phone_invoices_Controller#user_field()
|
||
|
* @return boolean returns true if member has enough access rights
|
||
|
*/
|
||
|
public function acl_check_view($axo_section, $axo_value, $member_id = NULL)
|
||
|
public function acl_check_view(
|
||
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
||
|
{
|
||
|
return $this->acl_check($axo_section, $axo_value, 'view', $member_id);
|
||
|
return $this->acl_check(
|
||
|
$axo_section, $axo_value, 'view', $member_id, $force_own
|
||
|
);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Fuction checks access rights
|
||
|
* Return true if currently logged user (stored in $_SESSION['username'])
|
||
|
* Return true if currently logged user (stored in $_SESSION['user_id'])
|
||
|
* may view own $axo_value object in $axo_section
|
||
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
||
|
* may edit all $axo_value object in $axo_section else return false
|
||
|
*
|
||
|
* @param $axo_section group of objects to edit
|
||
|
* @param $axo_value object to edit
|
||
|
* @param $member_id optional variable, id of other member who is being showed by logged member
|
||
|
* @return boolean returns true if member has enough access rights
|
||
|
* @param $axo_section Group of objects to edit
|
||
|
* @param $axo_value Object to edit
|
||
|
* @param $member_id Optional variable, id of other member
|
||
|
* who is being showed by logged member
|
||
|
* @param boolean $force_own Force to use own rules for not logged user
|
||
|
* Used at: Phone_invoices_Controller#user_field()
|
||
|
* @return boolean Returns true if member has enough access rights
|
||
|
*/
|
||
|
public function acl_check_edit($axo_section, $axo_value, $member_id = NULL)
|
||
|
public function acl_check_edit(
|
||
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
||
|
{
|
||
|
return $this->acl_check($axo_section, $axo_value, 'edit', $member_id);
|
||
|
return $this->acl_check(
|
||
|
$axo_section, $axo_value, 'edit', $member_id, $force_own
|
||
|
);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Fuction checks access rights
|
||
|
* Return true if currently logged user (stored in $_SESSION['username'])
|
||
|
* Return true if currently logged user (stored in $_SESSION['user_id'])
|
||
|
* may view own $axo_value object in $axo_section
|
||
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
||
|
* may add all $axo_value object in $axo_section else return false
|
||
|
*
|
||
|
* @param $axo_section group of objects to edit
|
||
|
* @param $axo_value object to add
|
||
|
* @param $member_id optional variable, id of other member who is being showed by logged member
|
||
|
* @return boolean returns true if member has enough access rights
|
||
|
* @param $axo_section Group of objects to edit
|
||
|
* @param $axo_value Object to add
|
||
|
* @param $member_id Optional variable, id of other member
|
||
|
* who is being showed by logged member
|
||
|
* @param boolean $force_own Force to use own rules for not logged user
|
||
|
* Used at: Phone_invoices_Controller#user_field()
|
||
|
* @return boolean Returns true if member has enough access rights
|
||
|
*/
|
||
|
public function acl_check_new($axo_section, $axo_value, $member_id = NULL)
|
||
|
public function acl_check_new(
|
||
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
||
|
{
|
||
|
return $this->acl_check($axo_section, $axo_value, 'new', $member_id);
|
||
|
return $this->acl_check(
|
||
|
$axo_section, $axo_value, 'new', $member_id, $force_own
|
||
|
);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Fuction checks access rights
|
||
|
* Return true if currently logged user (stored in $_SESSION['username'])
|
||
|
* Return true if currently logged user (stored in $_SESSION['user_id'])
|
||
|
* may view own $axo_value object in $axo_section
|
||
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
||
|
* may delete all $axo_value object in $axo_section else return false
|
||
|
*
|
||
|
* @param $axo_section group of objects to edit
|
||
|
* @param $axo_value object to delete
|
||
|
* @param $member_id optional variable, id of other member who is being showed by logged member
|
||
|
* @return boolean returns true if member has enough access rights
|
||
|
* @param $axo_section Group of objects to edit
|
||
|
* @param $axo_value Object to delete
|
||
|
* @param $member_id Optional variable, id of other member
|
||
|
* who is being showed by logged member
|
||
|
* @param boolean $force_own Force to use own rules for not logged user
|
||
|
* Used at: Phone_invoices_Controller#user_field()
|
||
|
* @return boolean Returns true if member has enough access rights
|
||
|
*/
|
||
|
public function acl_check_delete($axo_section, $axo_value, $member_id = NULL)
|
||
|
public function acl_check_delete(
|
||
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
||
|
{
|
||
|
return $this->acl_check($axo_section, $axo_value, 'delete', $member_id);
|
||
|
return $this->acl_check(
|
||
|
$axo_section, $axo_value, 'delete', $member_id, $force_own
|
||
|
);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Fuction checks access rights
|
||
|
* Return true if currently logged user (stored in $_SESSION['username'])
|
||
|
* Return true if currently logged user (stored in $_SESSION['user_id'])
|
||
|
* may view own $axo_value object in $axo_section
|
||
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
||
|
* may confirm all $axo_value object in $axo_section else return false
|
||
|
*
|
||
|
* @param $axo_section group of objects to edit
|
||
|
* @param $axo_value object to confirm
|
||
|
* @param $member_id optional variable, id of other member who is being showed by logged member
|
||
|
* @return boolean returns true if member has enough access rights
|
||
|
* @param $axo_section Group of objects to confirm
|
||
|
* @param $axo_value Object to confirm
|
||
|
* @param $member_id Optional variable, id of other member
|
||
|
* who is being showed by logged member
|
||
|
* @param boolean $force_own Force to use own rules for not logged user
|
||
|
* Used at: Phone_invoices_Controller#user_field()
|
||
|
* @return boolean Returns true if member has enough access rights
|
||
|
*/
|
||
|
public function acl_check_confirm($axo_section, $axo_value, $member_id = NULL)
|
||
|
public function acl_check_confirm(
|
||
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
||
|
{
|
||
|
return $this->acl_check($axo_section, $axo_value, 'confirm', $member_id);
|
||
|
return $this->acl_check(
|
||
|
$axo_section, $axo_value, 'confirm', $member_id, $force_own
|
||
|
);
|
||
|
}
|
||
|
|
||
|
/**
|
||
Také k dispozici: Unified diff
Upravy:
- pridano nucene vynuceni own akce u overovani uzivatelkych prav pro fungovani telefonnich faktur
- unit_tester je mozne zapnout na jinych domenach nez locahost a 127.0.0.1 skrze config.php