/** * get all modules, that are enabled for the user * * we use the ACL here instead of an DB internal table mapping, because * we need the acl and the acl rules later, if the user uses the module. * So the rules are stored in the cached ACL object if user calls an action * of a module and then we don't need to query to DB again. * * It's a little bit overhead here to work through all modules and check if * there is one avail. privilige, but we just have this load one time and * later only the cached object is used. * * @return Webdesktop_Model_Modules_ModuleSet * @access public */ public function getAllUserModules() { $userModules = new Webdesktop_Model_ModuleSet(); foreach ($this->getAllModules(TRUE) as $obj) { $rights = array(); foreach ($obj->getModuleActions() as $action) { $rights[$action] = $this->acl->isAllowed($obj->getModuleId(), $action) === TRUE ? TRUE : FALSE; } if (in_array(TRUE, $rights, TRUE)) { $obj->setUserPriviligesActions($rights); $userModules->add($obj); } } return $userModules; }
/** * Main request method * * Every call to a module/action should be routed through this method, as * it is responsible for loading and ACL validating the call. * * It dynamicly load the right module class on the backend and passes the * request. * * @return array * @todo refactor: I think it can be removed -> self::detectCallParameters() * @todo refactor: remove the pass in of the config object * @todo refactor: use method chaining on $obj * @todo introduce Admin_Model_DbRow_Module to remove Db Column names */ public function requestAction() { if ($this->detectCallParameters(TRUE, TRUE) === FALSE) { return $this->defaultResponses('Invalid call, need Module and Action defined', self::REQUEST_ERROR_PRECONDITION); } $dbModules = new Webdesktop_Model_DbTable_Modules(); $module = $dbModules->findModuleById($this->module); if ($module->count() === 1) { try { $class = $module->current()->m_classname; $obj = new $class(); if ($obj->has($this->action) === FALSE) { throw new Exception('Action is not defined'); } if ($this->acl->isAllowed($module->current()->m_moduleId, $this->action) === FALSE) { return $this->defaultResponses('No userrights to perform this action', self::REQUEST_ERROR_BADREQUEST); } } catch (Exception $e) { return $this->defaultResponses($e->getMessage(), self::REQUEST_ERROR_PRECONDITION); } $obj->setWebDesktopConfig($this->config); $obj->setRequest($this->getRequest()); $obj->setResponse($this->getResponse()); $obj->init(); try { $return = $obj->{$this->action . 'Action'}(); } catch (Webdesktop_Model_Exception $e) { return $this->defaultResponses($e->getMessage(), self::REQUEST_ERROR_PRECONDITION); } $this->_helper->json->sendJson($return); } else { return $this->defaultResponses('Cannot request Module, module not found', self::REQUEST_ERROR_PRECONDITION); } }