public function _login() { $oView = new _view('auth::login'); $this->oLayout->add('main', $oView); if (_root::getRequest()->isPost()) { $sLogin = _root::getParam('login'); $sPass = sha1(_root::getParam('password')); $oModelAccount = new model_account(); $tAccount = $oModelAccount->getListAccount(); if (_root::getAuth()->checkLoginPass($tAccount, $sLogin, $sPass)) { $oAccount = _root::getAuth()->getAccount(); $tPermission = model_permission::getInstance()->findByGroup($oAccount->groupe); //on purge les permissions en session _root::getACL()->purge(); //boucle sur les permissions if ($tPermission) { foreach ($tPermission as $oPermission) { if ($oPermission->allowdeny == 'ALLOW') { _root::getACL()->allow($oPermission->action, $oPermission->element); } else { _root::getACL()->deny($oPermission->action, $oPermission->element); } } } _root::redirect('prive::list'); } } }
public function before() { _root::getAuth()->enable(); //on check les permissions if (!_root::getACL()->can('edit', 'acl')) { _root::redirect('prive::list'); } $this->oLayout = new _layout('template1'); $this->oLayout->addModule('menu', 'menu::index'); }
public function _index() { $tLink = array('Articles' => 'article::list', 'Articles pagine' => 'article::listPagination', 'Articles via module table' => 'article::listModuleTable', 'Utiliser des classes metiers' => 'article::myclass', 'Appeler des sous module' => 'private_article::list', 'Graphiques' => 'chart::examples', 'Graphiques SVG' => 'chart::examplesSVG', 'Google Map' => 'default::googleMap', 'Auteurs xml' => 'auteurxml::list', 'Products "virtuel"' => 'virtualProducts::list', 'Prive' => 'prive::list'); if (_root::getACL()->can('edit', 'acl')) { $tLink['Manage accounts'] = 'account::list'; $tLink['Manage groups'] = 'group::list'; $tLink['Manage permission'] = 'permission::list'; } $oView = new _view('menu::index'); $oView->tLink = $tLink; return $oView; }
public function _edit() { if (!_root::getACL()->can('edit', 'article')) { //on verifie que l'utilisateur a le droit d'acceder a cette page _root::redirect('prive::list'); } $tMessage = $this->save(); $oArticleModel = new model_article(); $oArticle = $oArticleModel->findById(_root::getParam('id')); $oView = new _view('prive::edit'); $oView->oArticle = $oArticle; $oView->tColumn = $oArticleModel->getListColumn(); $oView->tId = $oArticleModel->getIdTab(); $oPluginXsrf = new plugin_xsrf(); $oView->token = $oPluginXsrf->getToken(); $oView->tMessage = $tMessage; $this->oLayout->add('main', $oView); }
public function loadForUser($oUser) { //on purge _root::getACL()->purge(); $tPermission = $this->findListByGroup($oUser->exampleUserGroups_id); if ($tPermission) { foreach ($tPermission as $oPermission) { _root::getACL()->allow($oPermission->actionName, $oPermission->itemName); } } }
?> ">Edit</a> </td> <?php } ?> </tr> <?php } ?> <?php } ?> </table> <?php if (_root::getACL()->can('add', 'article')) { ?> <p ><a href="<?php echo $this->getLink('prive::new'); ?> ">New</a></p> <?php } ?>