public function testCheckUserAuthLevel()
{
fAuthorization::setAuthLevels(array('user' => 20, 'admin' => 50));
fAuthorization::setUserAuthLevel('user');
$this->assertEquals(TRUE, fAuthorization::checkAuthLevel('user'));
$this->assertEquals(FALSE, fAuthorization::checkAuthLevel('admin'));
fAuthorization::setUserAuthLevel('admin');
$this->assertEquals(TRUE, fAuthorization::checkAuthLevel('user'));
$this->assertEquals(TRUE, fAuthorization::checkAuthLevel('admin'));
}
}
?>
</select>
</td>
<td colspan="6"></td>
</tr>
<tr>
<td class="privilege" colspan="8"><input type="checkbox" id="selectPermissions" /><label for="selectPermissions">Seleccionar todos los permisos</label></td>
</tr>
<?php
$p = new Permission();
$up = new UserPermission();
$userPermissions = $up->getByIdUser($u->getIdUser());
$sections = Section::findAll();
foreach ($sections as $item) {
if ($item->getIdSection() == 11 && !fAuthorization::checkAuthLevel('super')) {
continue;
}
?>
<tr>
<td class="privilege" colspan="8"><?php
echo $item->prepareName();
?>
</td>
</tr>
<?php
$i = 0;
$permissions = $p->getByIdSection($item->getIdSection());
foreach ($permissions as $p) {
$i++;
$checked = false;
<?php
$section = 'categories';
$section_id = 25;
$sub = 'listGcategory';
$typeOfUser = fAuthorization::checkAuthLevel('super');
$where = "";
if (!$typeOfUser) {
$where = " WHERE " . fSession::get('where_at');
}
?>
<?php
$limit = fRequest::encode('limit', 'integer');
$page = fRequest::encode('p', 'integer');
if ($page < 1) {
exit;
}
$start = ($page - 1) * $limit;
$categories = fRecordSet::buildFromSQL('EconomicUnitCategory', "SELECT * FROM economic_unit_categories {$where} LIMIT {$start},{$limit}", "SELECT count(*) FROM economic_unit_categories {$where}", $limit, $page);
if ($categories->count() == 0) {
echo '<div class="notification information" >
Por el momento no hay registros en <b> Categorías de Geolocalización</b>.
</div>';
} else {
$p = new Pagination($categories->getPages(), $categories->getPage(), 3);
$pagination = $p->getPaginationLinks();
?>
<center>
<table class="contenttoc" style="width:auto; float:left">
<tr>
<div class="container-fluid">
<a class="brand" href="index.php">Tattle </a>
<ul class="nav">
<?
$current_url = fURL::getWithQueryString();
echo '<li' . ($current_url == '' ? ' class="active"' : '') . '><a href="index.php">Alerts</a></li>'. "\n";
$check_list = Check::makeURL('list');
echo '<li' . ($current_url == $check_list ? ' class="active"' : '') . '><a href="' . $check_list . '" >Checks</a></li>' . "\n";
$subscription_list = Subscription::makeURL('list');
echo '<li' . ($current_url == $subscription_list ? ' class="active"' : '') .'><a href="' . $subscription_list . '" >Subscriptions</a></li>' . "\n";
$dashboard_list = Dashboard::makeURL('list');
echo '<li' . ($current_url == $dashboard_list ? ' class="active"' : '') . '><a href="' . $dashboard_list . '">Dashboards</a></li>';
$setting_list = Setting::makeURL('list');
echo '<li' . ($current_url == $setting_list ? ' class="active"' : '') . '><a href="' . $setting_list . '" >Settings</a></li>' . "\n";
if (fAuthorization::checkAuthLevel('admin')) {
$user_list = User::makeURL('list');
echo '<li><a href="' . User::makeURL('list') . '" >Users</a></li>';
}
?>
</ul>
<?php
if (is_numeric(fSession::get('user_id'))) {
?>
<p class="pull-right">
Logged in as <a href="<?php
echo User::makeUrl('edit', fSession::get('user_id'));
?>
"><?php
echo fSession::get('user_name');
?>
<tr>
<td> <label for="type"> Asentamiento: </label> </td>
<td> <input type="text" size="80" name="reserve" id="reserve" /> </td>
</tr>
<tr>
<td> <label for="type"> Teléfono: </label> </td>
<td> <input type="text" size="80" name="phone" id="phone" /> </td>
</tr>
<?php
if (fAuthorization::checkAuthLevel('super')) {
?>
<tr class="regionRow">
<td><label>Región</label></td>
<td>
<select class="state" name="state">
<option value="0">Estado</option>
<?php
$r = Region::findAll(1);
foreach ($r as $item) {
?>
<option value="<?php
echo $item->prepareIdRegion();
?>
"><?php
echo $item->prepareName();
<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkAuthLevel("employee")) {
exit("No se ha podido acceder a esta secci&oacite;n");
}
$id = fRequest::encode('id', 'string');
if (strstr($id, ",")) {
fORMDatabase::retrieve()->query("DELETE FROM economic_unit_categories WHERE economic_unit_category_id IN ({$id})");
} else {
fORMDatabase::retrieve()->query("DELETE FROM economic_unit_categories WHERE economic_unit_category_id IN ({$id})");
}
<table class="zebra-striped">
<thead>
<tr>
<th>Username</th>
<th>Email</th>
<th>Action</th>
</tr></thead><tbody>
<?php
$first = TRUE;
foreach ($users as $user) {
?>
<tr>
<td><?php echo $user->prepareUsername() ?></td>
<td><?php echo $user->prepareEmail() ?></td>
<td><?php if (fSession::get('user_id') == $user->getUserId() || fAuthorization::checkAuthLevel('admin')) { echo '<a href="' . User::makeUrl('edit',$user) . '">Edit</a>'; } ?>
<?php if (fAuthorization::checkAuthLevel('admin') || $user->getUserId() != 1) {
?> <a href="<?php echo User::makeUrl('delete',$user); ?>">Delete</a></td>
<?php } ?>
</tr>
<?php } ?>
</tbody></table>
<?
} catch (fEmptySetException $e) {
?>
<p class="info">There are currently no Tattle users? <a href="<?php echo '<a href="'. User::makeUrl('add'); ?>">Add one now</a></p>
<?php
}
?>
</div>
<?php $tmpl->place('footer') ?>
if ($sub == 'add') {
echo ' class="active"';
}
?>
><a href="<?php
echo USER;
?>
add.php">Agregar</a></li>
<?php
}
?>
</div>
<?php
if (fAuthorization::checkAuthLevel('employee')) {
?>
<div id="user-mn" class="<?php
echo $section == 'categories' ? 'shown' : 'hidden';
?>
">
<li<?php
if ($sub == 'list') {
echo ' class="active"';
}
?>
><a href="<?php
echo CATEGORIES;
?>
list.php">Listar</a></li>
/**
* Check user's auth level, based on fAuthorization.
*/
public static function checkUserAuthLevel($level)
{
return fAuthorization::checkAuthLevel($level);
}
