Ejemplo n.º 1
0
 public static function Verification($permission_name, $crud = __CanRead__)
 {
     session_start();
     $account_name = $_SESSION['login'];
     if (!is_null($account_name)) {
         $account = AccountService::GetByName($account_name, true);
         if (!is_null($account)) {
             $roles = UserRoleService::GetByUserId($account->account_id);
             $permission = PermissionService::GetByName($permission_name);
             $res = false;
             for ($i = 0; $i < count($roles); $i++) {
                 $rps = RolePermissionService::GetByRoleIdPermissionId($roles[$i]->role_id, $permission->permission_id);
                 foreach ($rps as $value) {
                     $rr = PermissionHelper::setPermissionFlag(__CanCreate__, $value->cancreate) | PermissionHelper::setPermissionFlag(__CanRead__, $value->canread) | PermissionHelper::setPermissionFlag(__CanUpdate__, $value->canupdate) | PermissionHelper::setPermissionFlag(__CanRemove__, $value->canremove);
                     if (($rr & $crud) == $crud) {
                         $res = true;
                     }
                 }
             }
         }
     } else {
         header('Location: /account/permission');
     }
     if (!$res) {
         header('Location: /account/permission');
     }
 }
Ejemplo n.º 2
0
 function action_Remove()
 {
     PermissionHelper::Verification('Editor');
     $unit_id = $_GET['id'];
     $unit = UnitService::GetById($unit_id);
     UnitService::Delete($unit);
     header("Location: /Unit/item");
 }
Ejemplo n.º 3
0
 function action_Remove()
 {
     PermissionHelper::Verification('Editor');
     $section_id = $_GET['id'];
     $section = SectionService::GetById($section_id);
     CatalogueService::Delete($section);
     header("Location: /section/item");
 }
Ejemplo n.º 4
0
 public function action_remove()
 {
     PermissionHelper::Verification('Editor');
     $id = $_GET['id'];
     $review = ReviewService::GetById($id);
     ReviewService::Delete($review);
     header("Location: /Review/item");
 }
 function action_Remove()
 {
     PermissionHelper::Verification('Editor');
     $group_id = $_GET['id'];
     $group = AttributeGroupService::GetById($group_id);
     AttributeGroupService::Delete($group);
     header("Location: /AttributeGroup/item");
 }
Ejemplo n.º 6
0
 public function action_new()
 {
     PermissionHelper::Verification('Editor');
     $roleName = $_POST['roleName'];
     $userName = $_POST['userName'];
     $model = new UserRole();
     $model->user_id = UserService::GetByName($userName)->user_id;
     $model->role_id = RoleService::GetByName($roleName)->role_id;
     UserRoleService::Create($model);
     header('Location: /Role/item');
 }
Ejemplo n.º 7
0
 public function action_NewStatus()
 {
     PermissionHelper::Verification('Editor');
     $name = $_POST['InputStatus'];
     $order_id = $_POST['id'];
     $order = OrderService::GetById($order_id);
     $oldStatus = $order->statusorder_id;
     $order->statusorder_id = StatusService::GetByName($name)->statusorder_id;
     OrderService::Save($order);
     header("Location: /Order/Item?id=" . $oldStatus);
 }
Ejemplo n.º 8
0
 function action_new()
 {
     PermissionHelper::Verification('Editor');
     $name = $_POST['inputName'];
     $sectionName = $_POST['inputSection'];
     $attribute = $_POST['attributes'];
     $catalogue = new Catalogue();
     $catalogue->name = $name;
     $catalogue->section_id = SectionService::GetByName($sectionName)->section_id;
     CatalogueService::Create($catalogue);
     $catalogue = CatalogueService::GetByName($name);
     for ($i = 0; $i < count($attribute); $i++) {
         $value = new CatalogueAttribute();
         $value->catalogue_id = $catalogue->catalogue_id;
         $value->attribute_id = AttributeService::GetByName(trim($attribute[$i]))->attribute_id;
         CatalogueAttributeService::Create($value);
     }
     header("Location: /Catalog/Item");
 }
Ejemplo n.º 9
0
 function action_remove()
 {
     PermissionHelper::Verification('Editor');
     $tovarId = $_GET['tovarId'];
     ProductService::Delete(ProductService::GetById($tovarId));
     header("Location: /product/itemadmin");
 }
Ejemplo n.º 10
0
        include_once "comun/inc.template_pop_arriba.php";
    }
}
// Si el usuario no esta logueado y no se esta solicitando la ejecucion de ningun proceso
// se guarda la URL para aplicar el patron ReturnTo luego del logueo.
if (!RegistryHelper::isUserLogged() && $action_name != 'Login') {
    //Codigo de ReturnTo
    if (isset($_GET['accion']) && $_GET['accion'] != 'logout') {
        $params['returnAction'] = urlencode($_SERVER["QUERY_STRING"]);
    }
    Application::Go("Login", "", $params);
}
// Se valida que el usuario logueado tenga el permiso para ejecutar la accion solitada
// segun su rol.
$rol = RegistryHelper::getRolUsuario();
if ($action_name != 'Login' && !PermissionHelper::validateAccess($action_name, $rol->descripcion)) {
    Application::Go("PermisoDenegado");
}
// Si el usuario esta logueado y se solicita LOGIN, redirigir a INICIO
if (RegistryHelper::isUserLogged() && $action_name == 'Login') {
    Application::Go("Inicio", "", $params);
}
// Incluir el archivo con la clase
include_once 'acciones/' . $modulo . '/accion.' . $class_name . '.php';
// Crear la clase de la accion correspondiente
eval('$actionController = new $class_name;');
?>
		 <div class='aplicacion'>
			<?php 
$actionController->ejecutarCiclo();
?>
Ejemplo n.º 11
0
<?php

require_once __ROOT__ . '/application/Service/UserRoleService.php';
if (isset($_SESSION['login'])) {
    if (PermissionHelper::VerificationBool('Editor')) {
        ?>
        <div class="btn-group">
            <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown" aria-haspopup="true"
                    aria-expanded="false">
                Каталог <span class="caret"></span>
            </button>
            <ul class="dropdown-menu">
                <li><a href="/Catalog/Create">Добавить каталог</a></li>
                <li><a href="/Catalog/Item">Список каталогов</a></li>
            </ul>
        </div>
        <div class="btn-group">
            <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown" aria-haspopup="true"
                    aria-expanded="false">
                Разделы <span class="caret"></span>
            </button>
            <ul class="dropdown-menu">
                <li><a href="/Section/Create">Добавить раздел каталога</a></li>
                <li><a href="/Section/Item">Список разделов</a></li>
            </ul>
        </div>
        <div class="btn-group">
            <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown" aria-haspopup="true"
                    aria-expanded="false">
                Группы атрибутов <span class="caret"></span>
            </button>
Ejemplo n.º 12
0
 public function action_Remove()
 {
     PermissionHelper::Verification('Editor');
     $id = $_GET['id'];
     AttributeService::Delete(AttributeService::GetById($id));
     header("Location: /Attribute/Item");
 }