/**
  * Gets and checks the requested user
  * @return boolean False if processing can continue
  */
 protected function BeforeInit()
 {
     $this->user = User::Schema()->ByID(Request::GetData('user'));
     if (!$this->user || !self::Guard()->Allow(BackendAction::AssignGroups(), $this->user)) {
         //TODO: Error message
         Response::Redirect(BackendRouter::ModuleUrl(new UserList()));
     }
     return parent::BeforeInit();
 }
Example #2
0
 /**
  * True if user group can be assigned
  * @return bool
  */
 protected function CanAssignGroup()
 {
     return self::Guard()->Allow(BackendAction::AssignGroups(), $this->site);
 }
Example #3
0
 private function CanAssignGroup()
 {
     return self::Guard()->Allow(BackendAction::AssignGroups(), $this->Content());
 }
Example #4
0
 private function GrantOnUser(BackendAction $action, User $user)
 {
     $allowed = false;
     switch ($action) {
         case BackendAction::Delete():
         case BackendAction::ChangeIsAdmin():
             $allowed = $this->IsAdministrator() && !$this->GetUser()->Equals($user);
             break;
         case BackendAction::AssignGroups():
             $allowed = $this->IsAdministrator() && !$user->GetIsAdmin();
             break;
         case BackendAction::Edit():
         case BackendAction::Read():
             $allowed = $this->IsAdministrator() || $this->GetUser()->Equals($user);
             break;
         case BackendAction::Create():
             $allowed = $this->IsAdministrator();
             break;
     }
     return $allowed ? GrantResult::Allowed() : GrantResult::NoAccess();
 }
Example #5
0
 /**
  * True if current user can assign user groups
  * @param User $user The user for assignment
  * @return boolean Returns true if the action is allowed
  */
 protected function CanAssignGroups(User $user)
 {
     return self::Guard()->Allow(BackendAction::AssignGroups(), $user);
 }