public function link_to_destroy(&$record) { if (AK_DEV_MODE && User::currentUserCan('destroy action', 'Admin::Permissions')) { return $this->_controller->url_helper->link_to($this->_controller->t('delete'), array('action' => 'destroy', 'id' => $record->getId()), array('class' => 'seccondary')); } }
protected function _protectUserFromBeingModified() { $self_editing = $this->User->getId() == $this->CurrentUser->getId(); if ($this->User->isNewRecord()) { return; } elseif (!User::currentUserCan('Set roles', 'Admin::Users') && $this->User->hasRootPrivileges() && !$self_editing) { $this->flash['error'] = $this->t('You don\'t have the privileges to modify selected user.'); $this->redirectToAction('listing'); } elseif (!$self_editing && !User::currentUserCan('Edit other users', 'Admin::Users')) { $this->flash['error'] = $this->t('You can\' modify other users account.'); $this->redirectToAction('listing'); } }
public function can($task, $extension = null, $force_reload = false) { return User::currentUserCan($task, $extension, $force_reload); }
public function link_to_destroy(&$record) { if (User::currentUserCan('destroy action', 'Admin::Roles')) { return $this->_controller->url_helper->link_to($this->_controller->t('Delete'), array('action' => 'destroy', 'id' => $record->getId()), array('class' => 'action')); } }
public function link_to_destroy(&$record) { if (User::currentUserCan('destroy action', 'Admin::Users') && $this->_controller->CurrentUser->id != $record->id && (User::currentUserCan('Edit other users', 'Admin::Users') || $this->_controller->CurrentUser->id == $record->id)) { return $this->_controller->url_helper->link_to($this->_controller->t('Delete'), array('action' => 'destroy', 'id' => $record->getId()), array('class' => 'action')); } }