for ($i = 1; $i <= $count_role; $i++) { $role_id = $_POST['link_id' . $i]; $role = new Roles(); $task_count = (int) $_POST['taskcount']; for ($j = 1; $j <= $task_count; $j++) { $task_id = $_POST['taskid' . $j]; $chk = $role_id . '~' . $task_id; if ($_POST[$chk]) { try { $role->assign_tasks_to_role($task_id, $role_id); } catch (PAException $e) { $msg = "{$e->message}"; $error = TRUE; } } else { $task_exist = Roles::is_roletask_exist($role_id, $task_id); if ($task_exist) { Roles::delete_taskrole($role_id, $task_id); } } } } header("Location:assign_tasks.php?msg=9015"); exit; } $permission_denied_msg = ''; if (!$configure_permission) { $error = TRUE; $permission_denied_msg = "Sorry! you are not authorized to view the content of this page"; } $page = new PageRenderer("setup_module", PAGE_TASK_MANAGE, "", 'container_two_column.tpl', 'header.tpl', PRI, HOMEPAGE, $network_info);
/** Purpose : this function checks if a given user has permission to given task @param : $uid, $task_id @return : TRUE, FALSE **/ public static function check_permission($uid, $task_id) { Logger::log("Enter: function Roles::check_permission"); if (SUPER_USER_ID == $uid) { return TRUE; //TODO:same holds true for network owner } $role_obj = Roles::get_user_role($uid); if (empty($role)) { Logger::log("Exit: function Roles::check_permission"); return FALSE; } $role = $role_obj->role_id; $perm = Roles::is_roletask_exist($role, $task_id); //dont support multiple roles of user Logger::log("Exit: function Roles::check_permission"); return $perm; }
public static function check_permission($uid, $task_id) { $result = false; Logger::log("Enter: function Roles::check_permission"); if (SUPER_USER_ID == $uid) { return TRUE; //TODO:same holds true for network owner } $role_obj = Roles::get_user_roles($uid); foreach ($role_obj as $r_obj) { $result = Roles::is_roletask_exist($r_obj->role_id, $task_id); if ($result) { break; } // user have permission for this task! } Logger::log("Exit: function Roles::check_permission"); return $result; }