Exemple #1
0
 public static function checkPermissions()
 {
     $view = JRequest::getCmd('view');
     if ($view != 'item') {
         return;
     }
     $task = JRequest::getCmd('task');
     $user = JFactory::getUser();
     if ($user->guest && ($task == 'add' || $task == 'edit')) {
         $mainframe = JFactory::getApplication();
         $uri = JURI::getInstance();
         $return = base64_encode($uri->toString());
         $mainframe->enqueueMessage(JText::_('K2_YOU_NEED_TO_LOGIN_FIRST'), 'notice');
         if (K2_JVERSION == '15') {
             $mainframe->redirect('index.php?option=com_user&view=login&return=' . $return . '&tmpl=component');
         } else {
             $mainframe->redirect('index.php?option=com_users&view=login&return=' . $return . '&tmpl=component');
         }
     }
     switch ($task) {
         case 'add':
             if (!K2HelperPermissions::canAddItem()) {
                 JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
             }
             break;
         case 'edit':
         case 'deleteAttachment':
         case 'checkin':
             $cid = JRequest::getInt('cid');
             if (!$cid) {
                 JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
             }
             JTable::addIncludePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'tables');
             $item = JTable::getInstance('K2Item', 'Table');
             $item->load($cid);
             if (!K2HelperPermissions::canEditItem($item->created_by, $item->catid)) {
                 JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
             }
             break;
         case 'save':
             $cid = JRequest::getInt('id');
             if ($cid) {
                 JTable::addIncludePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'tables');
                 $item = JTable::getInstance('K2Item', 'Table');
                 $item->load($cid);
                 if (!K2HelperPermissions::canEditItem($item->created_by, $item->catid)) {
                     JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
                 }
             } else {
                 if (!K2HelperPermissions::canAddItem()) {
                     JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
                 }
             }
             break;
         case 'tag':
             if (!K2HelperPermissions::canAddTag()) {
                 JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
             }
             break;
         case 'extraFields':
             if (!K2HelperPermissions::canRenderExtraFields()) {
                 JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
             }
             break;
     }
 }
Exemple #2
0
 function checkPermissions()
 {
     $view = JRequest::getCmd('view');
     if ($view != 'item') {
         return;
     }
     $task = JRequest::getCmd('task');
     switch ($task) {
         case 'add':
             if (!K2HelperPermissions::canAddItem()) {
                 JError::raiseError(403, JText::_("ALERTNOTAUTH"));
             }
             break;
         case 'edit':
         case 'deleteAttachment':
         case 'checkin':
             $cid = JRequest::getInt('cid');
             if (!$cid) {
                 JError::raiseError(403, JText::_("ALERTNOTAUTH"));
             }
             JTable::addIncludePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'tables');
             $item =& JTable::getInstance('K2Item', 'Table');
             $item->load($cid);
             if (!K2HelperPermissions::canEditItem($item->created_by, $item->catid)) {
                 JError::raiseError(403, JText::_("ALERTNOTAUTH"));
             }
             break;
         case 'save':
             $cid = JRequest::getInt('id');
             if ($cid) {
                 JTable::addIncludePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'tables');
                 $item =& JTable::getInstance('K2Item', 'Table');
                 $item->load($cid);
                 if (!K2HelperPermissions::canEditItem($item->created_by, $item->catid)) {
                     JError::raiseError(403, JText::_("ALERTNOTAUTH"));
                 }
             } else {
                 if (!K2HelperPermissions::canAddItem()) {
                     JError::raiseError(403, JText::_("ALERTNOTAUTH"));
                 }
             }
             break;
         case 'tag':
             if (!K2HelperPermissions::canAddTag()) {
                 JError::raiseError(403, JText::_("ALERTNOTAUTH"));
             }
             break;
         case 'extraFields':
             if (!K2HelperPermissions::canRenderExtraFields()) {
                 JError::raiseError(403, JText::_("ALERTNOTAUTH"));
             }
             break;
     }
 }