function check_permission(){
     Logger::debug('Checking Permissions');
     $controller = get_class($this);
     $action = $this->params['action'];
     if(isset(User::$current)){
         $allowed = User::$current->is_permitted_to($action, $controller);
     } else {
         $allowed = Permissions::check_permission($controller, $action);
     }
     
     if(!$allowed){
         isset(User::$current) ? $uname = User::$current->name : $uname = "Guest";
         Logger::warning($uname . " was not allowed to access " . $_SERVER['REQUEST_URI']);
         if(isset(User::$current)){
             if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
                $this->render_ajax('error', '401 - Not Allowed');
             } else {
                $this->error(array('status' => '401')); 
             }
             
         } else {
             $this->flash('error', 'Please LogIn');
             $this->redirect_to_login();
         }
         return false;
     }
     return true;
 }
 function permitted_to($action, $controller){
     if(isset(User::$current)){
         return User::$current->is_permitted_to($action, $controller);
     } else {
         return Permissions::check_permission($controller, $action);
     }
 }
Beispiel #3
0
    public function is_permitted_to($action,$controller){
        if(strpos($controller,'Controller') === false)
            $controller = ucfirst(Toolbox::to_camel_case($controller . "_controller"));

        return Permissions::check_permission($controller, $action, $this->get_role());
    }