Ejemplo n.º 1
0
 /**
  * Run the database seeds.
  *
  * @return void
  */
 public function run()
 {
     DB::table('users')->delete();
     $thisIP = getHostByName(getHostName());
     $testuser = User::create(array('username' => 'admin', 'email' => '*****@*****.**', 'password' => Hash::make('admin'), 'created_ip' => $thisIP, 'last_ip' => $thisIP, 'created_by_user_id' => 1));
     DB::table('user_permissions')->delete();
     UserPermission::create(array('user_id' => $testuser->id, 'solder_full' => true));
 }
Ejemplo n.º 2
0
 /**
  * @param $userId
  * @param $permissionId
  * @return array
  */
 public function getUserPermissions($userId)
 {
     if (!isset($this->permissions[$userId])) {
         $permissions = UserPermission::model()->findAllByAttributes(array('user_id' => $userId));
         $this->permissions[$userId] = CHtml::listData($permissions, 'permission_id', 'permission_id');
     }
     return $this->permissions[$userId];
 }
 /**
  * Make changes to the database.
  *
  * @return void
  */
 public function up()
 {
     Schema::create('user_permissions', function ($table) {
         $table->increments('id');
         $table->integer('user_id');
         $table->boolean('solder_full')->default(0);
         $table->boolean('solder_users')->default(0);
         $table->boolean('solder_modpacks')->default(0);
         $table->boolean('solder_mods')->default(0);
         $table->boolean('solder_create')->default(0);
         $table->boolean('mods_create')->default(0);
         $table->boolean('mods_manage')->default(0);
         $table->boolean('mods_delete')->default(0);
         $table->string('modpacks')->nullable();
         $table->timestamps();
     });
     $perm = new UserPermission();
     $perm->user_id = 1;
     $perm->solder_full = true;
     $perm->save();
 }
Ejemplo n.º 4
0
     $stmt->execute();
     $result = $stmt->fetchAll();
     $index = 0;
     $id_array = array();
     foreach ($result as $row) {
         $id_array[$index++] = $row['id'];
         $index++;
     }
     if (@$remain != '' && $exact_phrase != "on") {
         return array_values(array_unique(array_merge($id_array, search($where, substr($remain, 1), $exact_phrase, $case_sensitivity, $search_array))));
     }
     return array_values(array_intersect($id_array, $search_array));
 }
 $current_user = new User($_SESSION['uid'], $pdo);
 $user_perms = new User_Perms($_SESSION['uid'], $pdo);
 $current_user_permission = new UserPermission($_SESSION['uid'], $pdo);
 //$s_getFTime = getmicrotime();
 if ($_GET['where'] == 'author_locked_files') {
     $view_able_files_id = $current_user->getExpiredFileIds();
 } else {
     $view_able_files_id = $current_user_permission->getViewableFileIds(false);
 }
 //$e_getFTime = getmicrotime();
 $id_array_len = sizeof($view_able_files_id);
 $query_array = array();
 $search_result = search(@$_GET['where'], @$_GET['keyword'], @$_GET['exact_phrase'], @$_GET['case_sensitivity'], $view_able_files_id);
 // Call the plugin API
 callPluginMethod('onSearch');
 list_files($search_result, $current_user_permission, $GLOBALS['CONFIG']['dataDir'], false, false);
 echo '<br />';
 draw_footer();
Ejemplo n.º 5
0
<?php

if (system\Helper::arcIsAjaxRequest() == true) {
    $groups = UserGroup::getAllGroups();
    $table = "<table class=\"table table-hover table-condensed\">";
    $table .= "<thead><tr><th>Module</th><th>Status</th><th></th></tr></thead><tbody>";
    foreach ($groups as $group) {
        $permissions = UserPermission::getByGroupID($group->id);
        $table .= "<tr class=\"active\"><td colspan=\"2\"><strong>" . $group->name . "</strong></td><td class=\"text-right\"><a class=\"btn btn-primary btn-xs\" onclick=\"editPermission(" . $group->id . ",0);\"><i class=\"fa fa-plus\"></i> Create</a></td></tr>";
        foreach ($permissions as $permission) {
            $table .= "<tr><td>" . $permission->permission . "</td><td>";
            $page = Page::getBySEOURL($permission->permission);
            if ($page->id != 0) {
                $table .= "<div class=\"label label-success\"><i class=\"fa fa-check\"></i> Valid</div>";
            } else {
                $table .= "<div class=\"label label-danger\"><i class=\"fa fa-close\"></i> Invalid</div>";
            }
            $table .= "</td>" . "<td class=\"text-right\"><div class=\"btn-group\"><a class=\"btn btn-success btn-xs\" onclick=\"editPermission({$group->id},{$permission->id});\"><i class=\"fa fa-pencil\"></i> Edit<a/><a onclick=\"deletePermission({$permission->id});\" class=\"btn btn-danger btn-xs\"><i class=\"fa fa-remove\"></i> Remove<a/></div></td>" . "</tr>";
        }
    }
    $table .= "</tbody></table>";
    system\Helper::arcReturnJSON(["html" => $table]);
}
Ejemplo n.º 6
0
    // status != 0 -> file checked out to another user. status = uid of the check-out person
    // query to find out who...
    $checkout_person_obj = $file_data_obj->getCheckerOBJ();
    $full_name = $checkout_person_obj->getFullName();
    $GLOBALS['smarty']->assign('checkout_person_full_name', $full_name);
    $GLOBALS['smarty']->assign('checkout_person_email', $checkout_person_obj->getEmailAddress());
}
// Can they Read?
if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->READ_RIGHT) {
    $view_link = 'view_file.php?id=' . e::h($full_requestId) . '&state=' . ($state + 1);
    $GLOBALS['smarty']->assign('view_link', $view_link);
}
// Lets figure out which buttons to show
if ($status == 0 || $status == -1 && $file_data_obj->isOwner($_SESSION['uid'])) {
    // check if user has modify rights
    $user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['pdo']);
    if ($user_perms->getAuthority($request_id, $file_data_obj) >= $user_perms->WRITE_RIGHT && !isset($revision_id) && !$file_data_obj->isArchived()) {
        // if so, display link for checkout
        $check_out_link = "check-out.php?id={$request_id}" . '&state=' . ($state + 1) . '&access_right=modify';
        $GLOBALS['smarty']->assign('check_out_link', $check_out_link);
    }
    if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->ADMIN_RIGHT && !@isset($revision_id) && !$file_data_obj->isArchived()) {
        // if user is also the owner of the file AND file is not checked out
        // additional actions are available
        $edit_link = "edit.php?id={$request_id}&state=" . ($state + 1);
        $GLOBALS['smarty']->assign('edit_link', $edit_link);
    }
}
////end if ($status == 0)
// ability to view revision history is always available
// put it outside the block
Ejemplo n.º 7
0
<?php

if (system\Helper::arcIsAjaxRequest() == true) {
    $permission = UserPermission::getByID($_POST["id"]);
    $data = "<div class=\"form-group\"><label for=\"module\">Module</label>" . "<select id=\"module\" class=\"form-control\">";
    $pages = Page::getAllPages();
    foreach ($pages as $page) {
        $data .= "<option value=\"" . $page->seourl . "\"";
        if ($page->seourl == $permission->permission) {
            $data .= " selected";
        }
        $data .= ">" . $page->seourl . "</option>";
    }
    $data .= "</select></div>";
    system\Helper::arcReturnJSON(["data" => $data]);
}
Ejemplo n.º 8
0
<?php

fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
//if(empty($idUser) || !fAuthorization::checkACL('user', 'delete')) {
if (empty($idUser)) {
    header('Location: ' . SITE);
    exit("No se ha podido acceder a esta secci&oacite;n");
}
$id = fRequest::encode('id', 'integer');
if (empty($id)) {
    exit;
}
try {
    $u = new User($id);
    $up = new UserPermission();
    $userPermissions = $up->getByIdUser($u->getIdUser());
    foreach ($userPermissions as $item) {
        if (!empty($item) && $item != 'null') {
            $up = new UserPermission(array('id_user' => $u->getIdUser(), 'id_permission' => $item->getIdPermission()));
            $up->delete();
        }
    }
    $u->delete();
} catch (Exception $e) {
    die($e->getMessage());
}
die('1');
Ejemplo n.º 9
0
    $u->setCellphone(fRequest::encode('cellphone', 'string'));
    $u->setNextel(fRequest::encode('nextel', 'string'));
    $u->setNextel(fRequest::encode('fax', 'string'));
    $u->setNextel(fRequest::encode('address', 'string'));
    $u->store();
} catch (Exception $e) {
    die('El correo electrónico ya está asociado con una cuenta' . $e->getMessage());
}
$regions = array_unique(fRequest::encode('region', 'array'));
$permissions = array_unique(fRequest::encode('permission', 'array'));
try {
    foreach ($regions as $item) {
        if (!empty($item) && $item != 'null') {
            $ur = new UserRegion();
            $ur->setIdUser($u->getIdUser());
            $ur->setIdRegion($item);
            $ur->store();
        }
    }
    foreach ($permissions as $item) {
        if (!empty($item) && $item != 'null') {
            $up = new UserPermission();
            $up->setIdUser($u->getIdUser());
            $up->setIdPermission($item);
            $up->store();
        }
    }
} catch (Exception $e) {
    die($e->getMessage());
}
die('1');
Ejemplo n.º 10
0
<?php

if (system\Helper::arcIsAjaxRequest() == true) {
    $permission = new UserPermission();
    $permission->delete($_POST["id"]);
    system\Helper::arcAddMessage("success", "Permission deleted");
}
Ejemplo n.º 11
0
 public function postCreate()
 {
     $rules = array('email' => 'required|email|unique:users', 'username' => 'required|min:3|max:30|unique:users', 'password' => 'required|min:3');
     $validation = Validator::make(Input::all(), $rules);
     if ($validation->fails()) {
         return Redirect::to('user/create')->withErrors($validation->messages());
     }
     $creator = Auth::user()->id;
     $creatorIP = Request::ip();
     $user = new User();
     $user->email = Input::get('email');
     $user->username = Input::get('username');
     $user->password = Hash::make(Input::get('password'));
     $user->created_ip = $creatorIP;
     $user->created_by_user_id = $creator;
     $user->updated_by_ip = $creatorIP;
     $user->updated_by_user_id = $creator;
     $user->save();
     $perm = new UserPermission();
     $perm->user_id = $user->id;
     $perm->solder_full = Input::get('solder-full') ? true : false;
     $perm->solder_users = Input::get('manage-users') ? true : false;
     $perm->solder_keys = Input::get('manage-keys') ? true : false;
     $perm->solder_clients = Input::get('manage-clients') ? true : false;
     /* Mod Perms */
     $perm->mods_create = Input::get('mod-create') ? true : false;
     $perm->mods_manage = Input::get('mod-manage') ? true : false;
     $perm->mods_delete = Input::get('mod-delete') ? true : false;
     /* Modpack Perms */
     $perm->modpacks_create = Input::get('modpack-create') ? true : false;
     $perm->modpacks_manage = Input::get('modpack-manage') ? true : false;
     $perm->modpacks_delete = Input::get('modpack-delete') ? true : false;
     $modpack = Input::get('modpack');
     if (!empty($modpack)) {
         $perm->modpacks = $modpack;
     } else {
         $perm->modpacks = null;
     }
     $perm->save();
     return Redirect::to('user/edit/' . $user->id)->with('success', 'User created!');
 }
Ejemplo n.º 12
0
<?php

try {
    $admin_button = UserPermission::rideShareLogUserHas('admin.submissions') ? '<a href="/admin" class="btn btn-sm btn-danger" style="position: absolute;top: 64px;right: 12px;">Go To Admin Area</a>' : '';
} catch (\Exception $e) {
    $admin_button = '';
}
?>
<!DOCTYPE html>
<html ng-app="rideShareLogApp">
<head>
  <meta charset="utf8" />
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <meta name="description" content="RideShareLog Rideshare Applicaiton">
  <meta name="author" content="jsoro@ACME">
  <link rel="shortcut icon" href="/assets/favicon.ico" type="image/x-icon" />

  <title>@yield('page_title')</title>
</head>
<body>

  @yield('page_styles')
  <script type="text/javascript">
    @yield('script_data')
  </script>
  @yield('page_scripts')

  <div class="navbar navbar-default" role="navigation">
    <div class="container-fluid">
      <div class="navbar-header">
Ejemplo n.º 13
0
 /**
  * 
  * @return UserPermission Permission of the user of a group
  */
 public function getPermissions()
 {
     return UserPermission::getByGroupID($this->id);
 }
Ejemplo n.º 14
0
 public function action_do_create()
 {
     $rules = array('email' => 'required|email|unique:users', 'username' => 'required|min:3|max:30|unique:users', 'password' => 'required|min:3');
     $validation = Validator::make(Input::all(), $rules);
     if ($validation->fails()) {
         return Redirect::back()->with_errors($validation->errors);
     }
     $user = new User();
     $user->email = Input::get('email');
     $user->username = Input::get('username');
     $user->password = Hash::make(Input::get('password'));
     $user->save();
     $perm = new UserPermission();
     $perm->user_id = $user->id;
     $perm->solder_full = Input::get('solder-full') ? true : false;
     $perm->solder_users = Input::get('manage-users') ? true : false;
     $perm->solder_modpacks = Input::get('manage-packs') ? true : false;
     $perm->solder_mods = Input::get('manage-mods') ? true : false;
     $perm->solder_create = Input::get('solder-create') ? true : false;
     $perm->mods_create = Input::get('mod-create') ? true : false;
     $perm->mods_manage = Input::get('mod-manage') ? true : false;
     $perm->mods_delete = Input::get('mod-delete') ? true : false;
     $modpack = Input::get('modpack');
     if (!empty($modpack)) {
         $perm->modpacks = $modpack;
     } else {
         $perm->modpacks = null;
     }
     $perm->save();
     return Redirect::to('user/edit/' . $user->id)->with('success', 'User created!');
 }
Ejemplo n.º 15
0
    if (Session::token() !== Input::get('_token')) {
        throw new Illuminate\Session\TokenMismatchException();
    }
});
/*******************************************************************************************
 * Custom Filters
 ******************************************************************************************/
Route::filter('rideShareLogSession', function () {
    if (!Session::has('user')) {
        // No access, return Error
        $baseCtrl = new \BaseController();
        $errmsg = 'Session not active. Please close this window, refresh the RideShareLog access page on ACME Intranet, and try again.';
        $e = new \Exception($errmsg);
        if (Request::ajax()) {
            return $baseCtrl->handleError($e);
        }
        return $baseCtrl->handleRideShareLogError($e, 'Failed application filter: ' . $errmsg);
    }
});
Route::filter('rideShareLogAdmin', function () {
    if (!UserPermission::rideShareLogUserHas('admin.submissions')) {
        // No access, return Error
        $baseCtrl = new \BaseController();
        $errmsg = 'You do not have access to the Admin Section. If you should have access to this section, please contact Administration.';
        $e = new \Exception($errmsg);
        if (Request::ajax()) {
            return $baseCtrl->handleError($e);
        }
        return $baseCtrl->handleRideShareLogError($e, 'Failed application filter: ' . $errmsg);
    }
});
Ejemplo n.º 16
0
 public function getPermissions()
 {
     $permissions = new UserPermission();
     return $permissions->getCollection(["permission" => $this->seourl]);
 }
Ejemplo n.º 17
0
 function _edit($id)
 {
     $data = $_POST['user'];
     // check if user want to change the password
     if (strlen($data['password']) > 0) {
         // check if pass and confirm are egal and >= 5 chars
         if (strlen($data['password']) >= 5 && $data['password'] == $data['confirm']) {
             $data['password'] = sha1($data['password']);
             unset($data['confirm']);
         } else {
             Flash::set('error', __('Password and Confirm are not the same or too small!'));
             redirect(get_url('user/edit/' . $id));
         }
     } else {
         unset($data['password'], $data['confirm']);
     }
     $user = User::findById($id);
     $user->setFromData($data);
     if ($user->save()) {
         if (AuthUser::hasPermission('administrator')) {
             // now we need to add permissions
             $data = isset($_POST['user_permission']) ? $_POST['user_permission'] : array();
             UserPermission::setPermissionsFor($user->id, $data);
         }
         Flash::set('success', __('User has been saved!'));
     } else {
         Flash::set('error', __('User has not been saved!'));
     }
     if (AuthUser::getId() == $id) {
         redirect(get_url('user/edit/' . $id));
     } else {
         redirect(get_url('user'));
     }
 }
Ejemplo n.º 18
0
 public static function getByID($id)
 {
     $permission = new UserPermission();
     $permission->get(['id' => $id]);
     return $permission;
 }
Ejemplo n.º 19
0
 /**
  * @param array $fields
  * @param array $params
  * @return Cursor
  */
 public function getUserPermissions($fields = array(), $params = array())
 {
     return $this->getManyByConnection(UserPermission::className(), $fields, $params, 'userpermissions');
 }
Ejemplo n.º 20
0
 private function _edit($id)
 {
     $data = $_POST['user'];
     // CSRF checks
     if (isset($_POST['csrf_token'])) {
         $csrf_token = $_POST['csrf_token'];
         if (!SecureToken::validateToken($csrf_token, BASE_URL . 'user/edit')) {
             Flash::set('error', __('Invalid CSRF token found!'));
             redirect(get_url('user/add'));
         }
     } else {
         Flash::set('error', __('No CSRF token found!'));
         redirect(get_url('user/edit'));
     }
     // check if user want to change the password
     if (strlen($data['password']) > 0) {
         // check if pass and confirm are egal and >= 5 chars
         if (strlen($data['password']) >= 5 && $data['password'] == $data['confirm']) {
             unset($data['confirm']);
         } else {
             Flash::set('error', __('Password and Confirm are not the same or too small!'));
             redirect(get_url('user/edit/' . $id));
         }
     } else {
         unset($data['password'], $data['confirm']);
     }
     $user = Record::findByIdFrom('User', $id);
     if (isset($data['password'])) {
         $data['password'] = AuthUser::generateHashedPassword($data['password'], $user->salt);
     }
     $user->setFromData($data);
     if ($user->save()) {
         if (AuthUser::hasPermission('administrator')) {
             // now we need to add permissions
             $data = isset($_POST['user_permission']) ? $_POST['user_permission'] : array();
             UserPermission::setPermissionsFor($user->id, $data);
         }
         Flash::set('success', __('User has been saved!'));
     } else {
         Flash::set('error', __('User has not been saved!'));
     }
     if (AuthUser::getId() == $id) {
         redirect(get_url('user/edit/' . $id));
     } else {
         redirect(get_url('user'));
     }
 }
Ejemplo n.º 21
0
    // status != 0 -> file checked out to another user. status = uid of the check-out person
    // query to find out who...
    $checkout_person_obj = $file_data_obj->getCheckerOBJ();
    $full_name = $checkout_person_obj->getFullName();
    $GLOBALS['smarty']->assign('checkout_person_full_name', $full_name);
    $GLOBALS['smarty']->assign('checkout_person_email', $checkout_person_obj->getEmailAddress());
}
// Can they Read?
if ($user_permission_obj->getAuthority($_REQUEST['id'], $file_data_obj) >= $user_permission_obj->READ_RIGHT) {
    $view_link = "view_file.php?id={$full_requestId}" . '&state=' . ($_REQUEST['state'] + 1);
    $GLOBALS['smarty']->assign('view_link', $view_link);
}
// Lets figure out which buttons to show
if ($status == 0 || $status == -1 && $file_data_obj->isOwner($_SESSION['uid'])) {
    // check if user has modify rights
    $user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['pdo']);
    if ($user_perms->getAuthority($_REQUEST['id'], $file_data_obj) >= $user_perms->WRITE_RIGHT && !isset($revision_id) && !$file_data_obj->isArchived()) {
        // if so, display link for checkout
        $check_out_link = "check-out.php?id={$request_id}" . '&state=' . ($_REQUEST['state'] + 1) . '&access_right=modify';
        $GLOBALS['smarty']->assign('check_out_link', $check_out_link);
    }
    if ($user_permission_obj->getAuthority($_REQUEST['id'], $file_data_obj) >= $user_permission_obj->ADMIN_RIGHT && !@isset($revision_id) && !$file_data_obj->isArchived()) {
        // if user is also the owner of the file AND file is not checked out
        // additional actions are available
        $edit_link = "edit.php?id={$_REQUEST['id']}&state=" . ($_REQUEST['state'] + 1);
        $GLOBALS['smarty']->assign('edit_link', $edit_link);
    }
}
////end if ($status == 0)
// ability to view revision history is always available
// put it outside the block
Ejemplo n.º 22
0
         fAuthorization::setUserAuthLevel('admin');
         break;
     case 3:
     case 4:
     case 5:
     case 6:
     case 7:
     case 8:
         fAuthorization::setUserAuthLevel('employee');
         break;
     case 9:
     default:
         fAuthorization::setUserAuthLevel('guest');
         break;
 }
 $up = new UserPermission();
 $tmp = $up->getByIdUser($u->prepareIdUser());
 $permissions = array('banner' => array(), 'news' => array(), 'classified' => array(), 'social' => array(), 'poll' => array(), 'turism' => array(), 'plaza' => array(), 'autoplus' => array(), 'real' => array(), 'user' => array(), 'franchise' => array());
 foreach ($tmp as $item) {
     switch ($item->prepareIdPermission()) {
         case 1:
             $permissions['banner'][] = 'add';
             break;
         case 2:
             $permissions['banner'][] = 'edit';
             break;
         case 3:
             $permissions['banner'][] = 'delete';
             break;
         case 4:
             $permissions['news'][] = 'add';
Ejemplo n.º 23
0
 public static function arcGetMenu()
 {
     $menu = [];
     $pages = \Page::getAllPages();
     $groups[] = \UserGroup::getByName("Guests");
     if (self::arcIsUserLoggedIn() == true) {
         $groups = array_merge($groups, self::arcGetUser()->getGroups());
     }
     foreach ($pages as $page) {
         if ($page->hidefrommenu == true || $page->hideonlogin == true && self::arcIsUserLoggedIn() == true) {
             continue;
         }
         if (\UserPermission::hasPermission($groups, $page->seourl)) {
             $data = explode("/", $page->seourl);
             $menu[ucwords($data[0])][$page->title]["name"] = $page->title;
             $menu[ucwords($data[0])][$page->title]["url"] = $page->seourl;
             $menu[ucwords($data[0])][$page->title]["icon"] = $page->iconclass;
         }
     }
     return $menu;
 }
Ejemplo n.º 24
0
if ($user_obj->isAdmin()) {
    $reviewIdCount = sizeof($user_obj->getAllRevieweeIds());
} elseif ($user_obj->isReviewer()) {
    $reviewIdCount = sizeof($user_obj->getRevieweeIds());
} else {
    $reviewIdCount = 0;
}
if ($reviewIdCount > 0) {
    echo '<img src="images/exclamation.gif" /> <a href="toBePublished.php?state=1">' . msg('message_documents_waiting') . '</a>: ' . e::h($reviewIdCount) . '</a><br />';
}
$rejected_files_obj = $user_obj->getRejectedFileIds();
if (isset($rejected_files_obj[0]) && $rejected_files_obj[0] != null) {
    echo '<img src="images/exclamation_red.gif" /> <a href="rejects.php?state=1">' . msg('message_documents_rejected') . '</a>: ' . sizeof($rejected_files_obj) . '<br />';
}
$llen = $user_obj->getNumExpiredFiles();
if ($llen > 0) {
    echo '<img src="images/exclamation_red.gif"><a href="javascript:window.location=\'search.php?submit=submit&sort_by=id&where=author_locked_files&sort_order=asc&keyword=-1&exact_phrase=on\'">' . msg('message_documents_expired') . ': ' . e::h($llen) . '</a><br />';
}
// get a list of documents the user has "view" permission for
// get current user's information-->department
//set values
$user_perms = new UserPermission($_SESSION['uid'], $pdo);
//$start_P = getmicrotime();
$file_id_array = $user_perms->getViewableFileIds(true);
//$end_P = getmicrotime();
list_files($file_id_array, $user_perms, $GLOBALS['CONFIG']['dataDir'], false);
draw_footer();
//Fb::log('<br> <b> Load Page Time: ' . (getmicrotime() - $start_time) . ' </b>');
//echo '<br> <b> Load Permission Time: ' . ($end_P - $start_P) . ' </b>';
//echo '<br> <b> Load Sort Time: ' . ($lsort_e - $lsort_b) . ' </b>';
//echo '<br> <b> Load Table Time: ' . ($llist_e - $llist_b) . ' </b>';
Ejemplo n.º 25
0
function checkUserPermission($file_id, $permittable_right, $obj)
{
    global $pdo;
    $userperm_obj = new UserPermission($_SESSION['uid'], $pdo);
    if (!$userperm_obj->user_obj->isAdmin() && $userperm_obj->getAuthority($file_id, $obj) < $permittable_right) {
        echo msg('error') . ': ' . msg('message_unable_to_find_file') . PHP_EOL;
        echo '       ' . msg('message_please_email') . ' <a href="mailto:' . $GLOBALS['CONFIG']['site_mail'] . '">' . msg('area_admin') . '</a>';
        exit;
    }
}
 public function permission_update($id)
 {
     $rules = ['displayName' => 'Required|String|Max:250', 'name' => 'Required|AlphaNum|Min:3|Max:250', 'value' => 'Required'];
     $v = Validator::make(Input::all(), $rules);
     if ($v->passes()) {
         $perm = UserPermission::findOrFail($id);
         $perm->fill(Input::all());
         if (!$perm->save()) {
             Session::flash('site_notice', 'Error while saving!');
         }
     } else {
         Session::flash('errors', $v->getMessageBag());
     }
     return Redirect::back();
 }
Ejemplo n.º 27
0
										<?php 
    }
    ?>
										<?php 
}
?>
									</select>
								</td>
								<td colspan="6"></td>
							</tr>
							<tr>
								<td class="privilege" colspan="8"><input type="checkbox" id="selectPermissions" /><label for="selectPermissions">Seleccionar todos los permisos</label></td>
							</tr>
							<?php 
$p = new Permission();
$up = new UserPermission();
$userPermissions = $up->getByIdUser($u->getIdUser());
$sections = Section::findAll();
foreach ($sections as $item) {
    if ($item->getIdSection() == 11 && !fAuthorization::checkAuthLevel('super')) {
        continue;
    }
    ?>
							<tr>
								<td class="privilege" colspan="8"><?php 
    echo $item->prepareName();
    ?>
</td>
							</tr>
								<?php 
    $i = 0;
 /**
  * Remove the specified userpermission from storage.
  *
  * @param  int  $id
  * @return Response
  */
 public function destroy($id)
 {
     try {
         UserPermission::deactivate($id);
     } catch (\Exception $e) {
         return $this->handleError($e);
     }
     return Redirect::route('user_permissions.index');
 }