public function checkPerm()
{
$act = $this->act == 'list' ? 'SHOW' : strToUpper($this->act);
$name = strToUpper($this->baseName);
if (!$this->auth->hasPerm($act, $name)) {
die(sprintf(_("PERMISSION DENIED [%s/%s]"), $act, $name));
}
if ($this->act == 'list' && $this->bu_id != '') {
// Arrivo da edificio
R3Security::checkActionCatalogForBuilding($this->act, $this->bu_id, $this->id, array('method' => $this->method, 'skip_methods' => array('checkSubActionMapLink')));
} else {
if (!in_array($this->act, array('list', 'add'))) {
R3Security::checkActionCatalog($this->id);
}
}
}
public static function checkActionCatalogForBuilding($act, $bu_id, $ac_id, array $opt = array())
{
$opt = array_merge(array('method' => '', 'skip_methods' => array(), 'kind' => null), $opt);
if (!in_array($opt['method'], $opt['skip_methods'])) {
if ($act == 'add' || $act == 'list' && $bu_id != '') {
R3Security::checkBuilding($bu_id);
} else {
// Can edit/delete the given id
R3Security::checkActionCatalog($ac_id);
}
}
}
