/** * Checks for a role * * @param string $roleName * @return boolean */ public function hasRole($role) { if (!$this->loggedIn) { return false; } return $this->user->hasRole($role); }
public function testRoles() { $user = new User(); $user->role = User::ROLE_ADMIN; $this->assertTrue($user->isAdmin()); $this->assertTrue($user->hasRole(User::ROLE_ADMIN)); $this->assertTrue($user->hasRole(User::ROLE_POWER)); $this->assertTrue($user->hasRole(User::ROLE_USER)); $user->role = User::ROLE_USER; $this->assertTrue($user->hasRole(User::ROLE_USER)); $this->assertFalse($user->hasRole(User::ROLE_ADMIN)); }
public function postAdd() { $rules = ['firstname' => 'required|min:2', 'lastname' => 'required|min:2', 'address' => 'required|min:5', 'phone' => 'required|min:7']; if (!Auth::check()) { array_push($rules, ['email' => 'required|email|unique:users']); } $validator = Validator::make(Input::all(), $rules); if ($validator->fails()) { return Redirect::to("checkout")->withErrors($validator)->withInput(Input::except('')); } else { if (Auth::check()) { $user = User::find(Auth::user()->id); } else { $user = new User(); $user->email = Input::get('email'); $password = str_random(10); $user->password = Hash::make($password); } $user->firstname = Input::get('firstname'); $user->lastname = Input::get('lastname'); $user->address = Input::get('address'); $user->phone = Input::get('phone'); if ($user->save()) { $role = Role::where('name', '=', 'Customer')->first(); if (!$user->hasRole("Customer")) { $user->roles()->attach($role->id); } $order = new Order(); $order->user_id = $user->id; $order->status_id = OrderStatus::where('title', '=', 'Новый')->first()->id; $order->comment = 'Телефон: <b>' . $user->phone . '</b><br>Адрес: <b>' . $user->address . '</b><br>Комментарий покупателя: ' . '<i>' . Input::get('comment') . '</i>'; if ($order->save()) { $cart = Cart::content(); foreach ($cart as $product) { $orderDetails = new OrderDetails(); $orderDetails->order_id = $order->id; $orderDetails->product_id = $product->id; $orderDetails->quantity = $product->qty; $orderDetails->price = $product->price; $orderDetails->save(); } } if (!Auth::check()) { Mail::send('mail.registration', ['firstname' => $user->firstname, 'login' => $user->email, 'password' => $password, 'setting' => Config::get('setting')], function ($message) { $message->to(Input::get('email'))->subject("Регистрация прошла успешно"); }); } $orderId = $order->id; Mail::send('mail.order', ['cart' => $cart, 'order' => $order, 'phone' => $user->phone, 'user' => $user->firstname . ' ' . $user->lastname], function ($message) use($orderId) { $message->to(Input::get('email'))->subject("Ваша заявка №{$orderId} принята"); }); Cart::destroy(); return Redirect::to("checkout/thanks/spasibo-vash-zakaz-prinyat")->with('successcart', 'ok', ['cart' => $cart]); } } }
?> <br/> Modifié le <?php echo $user->nice_modification_date; ?> </td> </tr> <tr> <td colspan="4"> <table> <tr> <td>Roles:</td> <?php $result = mysql_query("SELECT id_role, name FROM webfinance_roles") or wf_mysqldie(); while ($role = mysql_fetch_assoc($result)) { printf("<td><input type='checkbox' name='role[]' %s value='%s' >%s</td>", $User->hasRole($role['name'], $user->id_user) > 0 ? "checked" : "", $role['name'], $role['name']); } ?> </tr> </table> </td> </tr> <tr> <td colspan="4" style="text-align: center;"> <?php $save_off = '/imgs/boutons/' . urlencode(_('Save') . "_off_" . $User->prefs->theme) . ".png"; $save_on = '/imgs/boutons/' . urlencode(_('Save') . "_on_" . $User->prefs->theme) . ".png"; $cancel_off = '/imgs/boutons/' . urlencode(_('Cancel') . "_off_" . $User->prefs->theme) . ".png"; $cancel_on = '/imgs/boutons/' . urlencode(_('Cancel') . "_on_" . $User->prefs->theme) . ".png"; ?> <img onclick="checkForm(document.forms['userdata']);" src="<?php
/** * Check whether a user has one of our defined rights * * We define extra rights; this function checks to see if a * user has one of them. * * @param User $user User being checked * @param string $right Right we're checking * @param boolean &$result out, result of the check * * @return boolean hook result */ function onUserRightsCheck($user, $right, &$result) { switch ($right) { case self::REVIEWFLAGS: case self::CLEARFLAGS: $result = $user->hasRole('moderator'); return false; // done processing! } return true; // unchanged! }
function canDelete(User $user = null) { if (null === $user) { return false; } $is_admin = $user->hasRole("contact_editor"); $is_private = $this->private_to_user_id == $user->id; return $is_private || $is_admin; }
/** * This func returns paginated evaluation result search result * * @param unknown_type $maxPercent max percent * @param unknown_type $minPercent min percent * @param unknown_type $eventId event id * @param unknown_type $status status * @param unknown_type $limit the limit per page * * @access public * @return void */ function formatSearchEvaluationResult($maxPercent, $minPercent, $eventId, $status, $limit) { $matrixAry = array(); $assignedGroupIDs = array(); $course_id = isset($this->params['form']['course_id']) ? $this->params['form']['course_id'] : "0"; $conditions = $course_id == "A" ? $eventId == "A" ? User::hasRole('superadmin') || User::hasRole('admin') ? array() : array('Event.creator_id' => $this->Auth->user('id')) : array('Event.id' => $eventId) : ($eventId == "A" ? array('Event.course_id' => $course_id) : array('Event.id' => $eventId)); $conditions['event_template_type_id !='] = '3'; $this->Event->recursive = -1; $events = $this->Event->find('all', array('conditions' => $conditions)); foreach ($events as $event) { switch ($status) { case "listNotReviewed": $assignedGroupIDs = array_merge($assignedGroupIDs, $this->GroupEvent->getNotReviewed($event['Event']['id'])); break; case "late": $assignedGroupIDs = array_merge($assignedGroupIDs, $this->GroupEvent->getLate($event['Event']['id'])); break; case "low": $eventTypeId = $event['Event']['event_template_type_id']; $assignedGroupIDs = array_merge($assignedGroupIDs, $this->GroupEvent->getLowMark($event['Event']['id'], $eventTypeId, $maxPercent, $minPercent)); break; default: //$assignedGroupIDs = $this->GroupEvent->getGroupIDsByEventId($eventId); $assignedGroupIDs = array_merge($assignedGroupIDs, $this->GroupEvent->getGroupsByEventId($event['Event']['id'])); break; } } if (!empty($assignedGroupIDs)) { $assignedGroups = array(); // retrieve string of group ids for ($i = 0; $i < count($assignedGroupIDs); $i++) { $groupid = $assignedGroupIDs[$i]['GroupEvent']['group_id']; $groupEventId = $assignedGroupIDs[$i]['GroupEvent']['id']; $group = $this->Group->find('first', array('conditions' => array('Group.id' => $groupid))); $assignedGroups[$i] = $group; //Get Members whom completed evaluation $numOfCompletedCount = $this->EvaluationSubmission->numCountInGroupCompleted($groupEventId); //Check to see if all members are completed this evaluation $numMembers = $this->GroupsMembers->find('count', array('conditions' => 'group_id=' . $group['Group']['id'])); $numOfCompletedCount == $numMembers ? $completeStatus = 1 : ($completeStatus = 0); //Get release status $groupEvent = $this->GroupEvent->getGroupEventByEventIdGroupId($assignedGroupIDs[$i]['GroupEvent']['event_id'], $group['Group']['id']); $released = $this->Evaluation->getGroupReleaseStatus($groupEvent); $assignedGroups[$i]['Group']['complete_status'] = $completeStatus; $assignedGroups[$i]['Group']['num_completed'] = $numOfCompletedCount; $assignedGroups[$i]['Group']['num_members'] = $numMembers; $assignedGroups[$i]['Group']['marked'] = $assignedGroupIDs[$i]['GroupEvent']['marked']; $assignedGroups[$i]['Group']['grade_release_status'] = $released['grade_release_status']; $assignedGroups[$i]['Group']['comment_release_status'] = $released['comment_release_status']; $assignedGroups[$i]['Group']['event_title'] = $this->Event->getEventTitleById($assignedGroupIDs[$i]['GroupEvent']['event_id']); $assignedGroups[$i]['Group']['event_id'] = $assignedGroupIDs[$i]['GroupEvent']['event_id']; } $evlResult['Evaluation']['assignedGroups'] = $assignedGroups; } else { $evlResult['Evaluation']['assignedGroups'] = array(); } $paging['style'] = 'ajax'; $paging['count'] = count($assignedGroupIDs); $paging['show'] = array('10', '25', '50', 'all'); $paging['limit'] = $limit; $matrixAry['data'] = $evlResult; $matrixAry['paging'] = $paging; return $matrixAry; }
function building() { //Get the user home library $user = new User(); $user->id = $this->user_id; $user->find(true); //get the home location $homeLocation = new Location(); $homeLocation->locationId = $user->homeLocationId; $homeLocation->find(true); //If the user is scoped to just see holdings for their location, only make the list available for that location //unless the user a library admin $scopeToLocation = false; if ($homeLocation->useScope == 1 && $homeLocation->restrictSearchByLocation) { if ($user->hasRole('opacAdmin') || $user->hasRole('libraryAdmin')) { $scopeToLocation = false; } else { $scopeToLocation = true; } } $buildings = array(); if ($scopeToLocation) { //publish to all locations $buildings[] = $homeLocation->facetLabel; } else { //publish to all locations for the library $location = new Location(); $location->libraryId = $homeLocation->libraryId; $location->find(); while ($location->fetch()) { $buildings[] = $location->facetLabel; } } return $buildings; }
$balance = $balance_lines[$tr->id]; $balance_color = $balance > 0 ? "#e0ffe0" : "#ffe0e0"; $fmt_balance = number_format($balance, 2, ',', ' '); // Formated balance $help_edit = addslashes(_('Click to modify this transaction')); $class = $count % 2 ? "row_odd" : "row_even"; if ($tr->type == "prevision" and $tr->ts_date < mktime(23, 59, 59, date("m"), date("d") - 1, date("Y"))) { $class = "row_error"; } $file = ""; $File = new FileTransaction(); $files = $File->getFiles($tr->id); foreach ($files as $file_object) { $file .= sprintf("<a href='save_transaction?action=file&id_file=%d' title='%s'><img src='/imgs/icons/attachment.png'/></a>", $file_object->id_file, $file_object->name); } if (isset($view) and $view == "edit" and $User->hasRole("manager", $_SESSION['id_user'])) { ?> <input type="hidden" name="query" value="?view=edit&<?php echo $GLOBALS['_SERVER']['QUERY_STRING']; ?> " /> <tr class="<?php echo $class; ?> "> <td> <input type="checkbox" id="chk_<?php echo $tr->id; ?> " name="chk[]" onchange="updateCheck(<?php
function getDonationsForApproval($poc_id = 0, $donation_status = 'TO_BE_APPROVED_BY_POC') { global $sql; $user = new User($poc_id); if (!$user->hasRole($user->role_ids['CFR POC'])) { return $this->_error("User '{$user->user['name']}' is not a POC. Only POCs have approval option."); } $volunteers = $user->getSubordinates(); if (!$volunteers) { return $this->_error("This user don't have any volunteers under them."); } $donations = $sql->getById("SELECT D.id, D.donation_status, D.eighty_g_required, D.created_at, D.updated_at, D.updated_by, D.donation_amount AS amount,\n\t\t\t\tU.id AS user_id, CONCAT(U.first_name,' ',U.last_name) AS user_name, DON.id AS donor_id, CONCAT(DON.first_name, ' ', DON.last_name) AS donor_name\n\t\t\tFROM donations D \n\t\t\tINNER JOIN users U ON D.fundraiser_id=U.id\n\t\t\tINNER JOIN donours DON ON DON.id=D.donour_id\n\t\t\tWHERE donation_status='{$donation_status}' AND D.fundraiser_id IN (" . implode(",", array_keys($volunteers)) . ")"); return $donations; }
?> " /> <input type="hidden" name="id_user" value="<?php echo $Client->id_user; ?> " /> <table border="0" cellspacing="5" cellpadding="0" class="fiche_prospect"> <tr> <td width="100%"><input type="text" name="nom" value="<?php echo preg_replace('/"/', '\\"', $Client->nom); ?> " style="font-size: 18px; font-weight: bold; width: 510px; border-top: none; border-left: none; border-right: none;" /><br/></td> <td nowrap> <?php if ($User->hasRole("manager", $_SESSION['id_user']) || $User->hasRole("employee", $_SESSION['id_user'])) { ?> <input style="width: 75px; background: #eee; color: #7f7f7f; border: solid 1px #aaa;" id="submit_button" onclick="submitForm(this.form);" type="button" value="<?php echo _('Save'); ?> " /> <input style="width: 75px; background: #eee; color: #7f7f7f; border: solid 1px #aaa;" id="cancel_button" type="button" onclick="window.location='fiche_prospect.php?id=<?php echo $facture->id_client; ?> ';" value="<?php echo _('Cancel'); ?> " /> <input style="width: 75px; background: #eee; color: #7f7f7f; border: solid 1px #aaa;" id="delete_button" type="button" onclick="confirmDelete(<?php echo $Client->id; ?>
public function updateEntity($id, $data) { // need to have special handling depending upon role of user // how inefficient is it to spin up a new user object here? Calling service will already have done just that? // contributor role users can't pending state (for review by admin) $user = new User($this->userid, $this->tenantid); if ($user->hasRole('contributor', $this->tenantid)) { $data->{"status"} = 'Pending'; } return parent::updateEntity($id, $data); }
default: echo ' - Erreur inconnue'; break; } */ $output = array(); // Déclarer les objets d'accès aux donées publiques et privées. // Inclure le code du service qui doit fournir une fonction execService(). // Il doit aussi redéfinir la variable $ROLE qui donne le role nécessaire // à l'appel de ce service. Si $ROLE est vide, tout le monde est autorisé. $ROLE = microtime(); // Random role for security reason. include "svc/{$service}.php"; $json = "null"; $user = new User(); if ($user->hasRole($ROLE)) { try { $json = json_encode(execService($input, $user)); } catch (FatalException $e) { $json = "#" + json_encode(array("id" => $e->getCode(), "msg" => $e->getMessage())); } catch (Exception $e) { echo "<pre>"; echo $e->getMessage(); echo "</pre>\n"; $json = "#null"; } } else { $json = "!" . json_encode($ROLE); } // Fermer la connexion à la base de données. $DB = null;