public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null) { global $db, $ENTRADA_USER; // This was done so that the correct proxy_id was being used as $role->details["id"] was not using the "masked" id. // I'm sure there is a way to get this ID without using the SESSION but I needed to get this into production ASAP. // I will fix this as soon as I find out how to access the masked ID without going through the session. if (!is_department_head($ENTRADA_USER->getActiveId())) { return false; } else { return true; } return false; }
exit; } else { if (!isset($_SESSION["isAuthorized"]) || !$_SESSION["isAuthorized"]) { header("Location: " . ENTRADA_URL . (isset($_SERVER["REQUEST_URI"]) ? "?url=" . rawurlencode(clean_input($_SERVER["REQUEST_URI"], array("nows", "url"))) : "")); exit; } elseif (!$ENTRADA_ACL->amIAllowed('mydepartment', 'read', 'DepartmentHead') && !$ENTRADA_ACL->amIAllowed('myowndepartment', 'read', 'DepartmentRep')) { $ONLOAD[] = "setTimeout('window.location=\\'" . ENTRADA_URL . "/" . $MODULE . "\\'', 15000)"; $ERROR++; $ERRORSTR[] = "You do not have the permissions required to use this module.<br /><br />If you believe you are receiving this message in error please contact <a href=\"mailto:" . html_encode($AGENT_CONTACTS["administrator"]["email"]) . "\">" . html_encode($AGENT_CONTACTS["administrator"]["name"]) . "</a> for assistance."; echo display_error(); application_log("error", "Group [" . $_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["group"] . "] and role [" . $_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["role"] . "] do not have access to this module [" . $MODULE . "]"); } else { // Attempt to get the departmentID from the department heads table as most of the time this file will // be accessed by department heads, however, there are also department reps that may access this file // therefore a fall back needs to be added to grab their department. $departmentID = is_department_head($ENTRADA_USER->getActiveId()); if (!$departmentID || $departmentID == 0) { $departmentID = get_user_departments($ENTRADA_USER->getActiveId()); $departmentID = $departmentID[0]["department_id"]; } $departmentOuput = fetch_department_title($departmentID); $BREADCRUMB[] = array("url" => "", "title" => "Undergraduate Medical Teaching for " . $departmentOuput); $years = getMinMaxARYears(); if (isset($years["start_year"]) && $years["start_year"] != "") { $PROCESSED["year_reported"] = $_POST['year_reported']; ?> <style type="text/css"> h1 { page-break-before: always; border-bottom: 2px #CCCCCC solid; font-size: 24px;
if (!isset($_SESSION["isAuthorized"]) || !$_SESSION["isAuthorized"]) { header("Location: " . ENTRADA_URL . (isset($_SERVER["REQUEST_URI"]) ? "?url=" . rawurlencode(clean_input($_SERVER["REQUEST_URI"], array("nows", "url"))) : "")); exit; } elseif (!$ENTRADA_ACL->amIAllowed('mydepartment', 'read', 'DepartmentHead') && !$ENTRADA_ACL->amIAllowed('myowndepartment', 'read', 'DepartmentRep')) { $ONLOAD[] = "setTimeout('window.location=\\'" . ENTRADA_URL . "/" . $MODULE . "\\'', 15000)"; $ERROR++; $ERRORSTR[] = "You do not have the permissions required to use this module.<br /><br />If you believe you are receiving this message in error please contact <a href=\"mailto:" . html_encode($AGENT_CONTACTS["administrator"]["email"]) . "\">" . html_encode($AGENT_CONTACTS["administrator"]["name"]) . "</a> for assistance."; echo display_error(); application_log("error", "Group [" . $_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["group"] . "] and role [" . $_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["role"] . "] do not have access to this module [" . $MODULE . "]"); } else { $BREADCRUMB[] = array("url" => "", "title" => "Undergraduate Medical Teaching"); $years = getMinMaxARYears(); if (isset($years["start_year"]) && $years["start_year"] != "") { $PROCESSED["department_id"] = $_POST['department_id']; //$PROCESSED["department_id"] $PROCESSED["department_id"] = is_department_head($ENTRADA_USER->getActiveId()); if (!$PROCESSED["department_id"] || $PROCESSED["department_id"] == 0) { $PROCESSED["department_id"] = get_user_departments($ENTRADA_USER->getActiveId()); $PROCESSED["department_id"] = $PROCESSED["department_id"][0]["department_id"]; } $departmentOutput = fetch_department_title($PROCESSED["department_id"]); if (isset($_POST["start_year"]) && $_POST["start_year"] != "") { $PROCESSED["start_year"] = (int) $_POST["start_year"]; $startYear = $PROCESSED["start_year"]; } if (isset($_POST["end_year"]) && $_POST["end_year"] != "") { $PROCESSED["end_year"] = (int) $_POST["end_year"]; $endYear = $PROCESSED["end_year"]; } ?> <style type="text/css">