コード例 #1
0
ファイル: BxAccntModule.php プロジェクト: blas-dmx/trident 
 public function checkAllowedDelete(&$aDataEntry, $isPerformAction = false)
 {
     if (isAdmin() && (int) $aDataEntry['id'] == getLoggedId()) {
         return _t('_sys_txt_access_denied');
     }
     // check ACL
     $aCheck = checkActionModule($this->_iProfileId, 'delete account', 'system', $isPerformAction);
     if ($aCheck[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) {
         return $aCheck[CHECK_ACTION_MESSAGE];
     }
     return CHECK_ACTION_RESULT_ALLOWED;
 }
コード例 #2
0
 public function getCode()
 {
     if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' && ($iProfileId = bx_get('profile_id', 'post')) && ($iAclLevelId = bx_get('acl_level_id', 'post'))) {
         $sMsg = '';
         bx_import('BxDolAcl');
         $aCheck = checkActionModule($iProfileId, 'set acl level', 'system', false);
         if (isAdmin() || $aCheck[CHECK_ACTION_RESULT] === CHECK_ACTION_RESULT_ALLOWED) {
             $oAcl = BxDolAcl::getInstance();
             if ($oAcl->setMembership($iProfileId, $iAclLevelId, 0, true)) {
                 checkActionModule($iProfileId, 'delete account', 'system', true);
             } else {
                 $sMsg = _t('_error occured');
             }
         } else {
             $sMsg = $aCheck[CHECK_ACTION_MESSAGE];
         }
         header('Content-type: text/html; charset=utf-8');
         echo $sMsg;
         exit;
     }
     return parent::getCode();
 }
コード例 #3
0
 protected function setMembership($mixedProfileId, $iAclLevelId)
 {
     bx_import('BxDolAcl');
     if (!is_array($mixedProfileId)) {
         $mixedProfileId = array($mixedProfileId);
     }
     $iPerformerId = bx_get_logged_profile_id();
     $aCheck = checkActionModule($iPerformerId, 'set acl level', 'system', false);
     if (!isAdmin() && $aCheck[CHECK_ACTION_RESULT] !== CHECK_ACTION_RESULT_ALLOWED) {
         return $aCheck[CHECK_ACTION_MESSAGE];
     }
     $iSet = 0;
     $oAcl = BxDolAcl::getInstance();
     foreach ($mixedProfileId as $iProfileId) {
         if (!$oAcl->setMembership($iProfileId, $iAclLevelId, 0, true)) {
             continue;
         }
         $iSet += 1;
         checkActionModule($iPerformerId, 'set acl level', 'system', true);
         // perform action
     }
     return count($mixedProfileId) != $iSet ? _t('_error occured') : '';
 }
コード例 #4
0
ファイル: BxDolCmts.php プロジェクト: blas-dmx/trident 
 public function checkActionErrorMsg($sAction)
 {
     $iId = $this->_getAuthorId();
     $a = checkActionModule($iId, $sAction, 'system');
     return $a[CHECK_ACTION_RESULT] !== CHECK_ACTION_RESULT_ALLOWED ? $a[CHECK_ACTION_MESSAGE] : '';
 }
コード例 #5
0
 /**
  * @return CHECK_ACTION_RESULT_ALLOWED if access is granted or error message if access is forbidden.
  */
 public function checkAllowedDelete(&$aDataEntry, $isPerformAction = false)
 {
     // moderator always has access
     if ($this->_isModerator($isPerformAction)) {
         return CHECK_ACTION_RESULT_ALLOWED;
     }
     // check ACL and owner (checked by account! not as profile as ususal)
     $aCheck = checkActionModule($this->_iProfileId, 'delete entry', $this->getName(), $isPerformAction);
     $oProfile = BxDolProfile::getInstanceByContentAndType($aDataEntry[$this->_oConfig->CNF['FIELD_ID']], $this->_aModule['name']);
     if (!$oProfile) {
         return _t('_sys_txt_error_occured');
     }
     if ($oProfile->getAccountId() == $this->_iAccountId && $aCheck[CHECK_ACTION_RESULT] === CHECK_ACTION_RESULT_ALLOWED) {
         return CHECK_ACTION_RESULT_ALLOWED;
     }
     return _t('_sys_txt_access_denied');
 }
コード例 #6
0
ファイル: BxInvModule.php プロジェクト: blas-dmx/trident 
 public function isAllowedDeleteRequest($iProfileId, $bPerform = false)
 {
     $aCheckResult = checkActionModule($iProfileId, 'delete request', $this->getName(), $bPerform);
     return $aCheckResult[CHECK_ACTION_RESULT] !== CHECK_ACTION_RESULT_ALLOWED ? $aCheckResult[CHECK_ACTION_MESSAGE] : true;
 }
コード例 #7
0
 public function isAllowedShare($aEvent, $bPerform = false)
 {
     if (isAdmin()) {
         return true;
     }
     $iUserId = (int) $this->getUserId();
     if ($iUserId == 0) {
         return false;
     }
     $aCheckResult = checkActionModule($iUserId, 'share', $this->getName(), $bPerform);
     return $aCheckResult[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED ? $aCheckResult[CHECK_ACTION_MESSAGE] : true;
 }
コード例 #8
0
 protected function _isModerator($isPerformAction = false)
 {
     // check moderator ACL
     $aCheck = checkActionModule($this->_iProfileId, 'edit any entry', $this->getName(), $isPerformAction);
     return $aCheck[CHECK_ACTION_RESULT] === CHECK_ACTION_RESULT_ALLOWED;
 }
コード例 #9
0
 /**
  * @return CHECK_ACTION_RESULT_ALLOWED if access is granted or error message if access is forbidden. So make sure to make strict(===) checking.
  */
 public function checkAllowedEditAnyEntry($isPerformAction = false)
 {
     $aCheck = checkActionModule($this->_iProfileId, 'edit any entry', $this->getName(), $isPerformAction);
     if ($aCheck[CHECK_ACTION_RESULT] === CHECK_ACTION_RESULT_ALLOWED) {
         return CHECK_ACTION_RESULT_ALLOWED;
     }
     return _t('_sys_txt_access_denied');
 }
コード例 #10
0
ファイル: BxDolAccount.php プロジェクト: Baloo7super/dolphin 
 /**
  * @return CHECK_ACTION_RESULT_ALLOWED if access is granted or error message if access is forbidden.
  */
 public static function isAllowedDelete($iProfileId, $aContentInfo, $isPerformAction = false)
 {
     $aCheck = checkActionModule($iProfileId, 'delete account', 'system', $isPerformAction);
     if ($aCheck[CHECK_ACTION_RESULT] !== CHECK_ACTION_RESULT_ALLOWED) {
         return MsgBox($aCheck[CHECK_ACTION_MESSAGE]);
     }
     return CHECK_ACTION_RESULT_ALLOWED;
 }
コード例 #11
0
ファイル: BxSitesModule.php プロジェクト: Baloo7super/dolphin 
 public function isModeratorAccess($isPerformAction = false)
 {
     $aCheck = checkActionModule($this->_iProfileId, 'manage sites', $this->getName(), $isPerformAction);
     return $aCheck[CHECK_ACTION_RESULT] === CHECK_ACTION_RESULT_ALLOWED;
 }
コード例 #12
0
 /**
  * @return CHECK_ACTION_RESULT_ALLOWED if access is granted or error message if access is forbidden.
  */
 public function checkAllowedDelete(&$aDataEntry, $isPerformAction = false)
 {
     // moderator always has access
     if ($this->_isModerator($isPerformAction)) {
         return CHECK_ACTION_RESULT_ALLOWED;
     }
     // check ACL and owner (checked by account! not as profile as ususal)
     bx_import('BxDolProfile');
     $oProfileAurhor = BxDolProfile::getInstance($aDataEntry[$this->_oConfig->CNF['FIELD_AUTHOR']]);
     $aCheck = checkActionModule($this->_iProfileId, 'delete entry', $this->getName(), $isPerformAction);
     if ($oProfileAurhor->getAccountId() == $this->_iAccountId && $aCheck[CHECK_ACTION_RESULT] === CHECK_ACTION_RESULT_ALLOWED) {
         return CHECK_ACTION_RESULT_ALLOWED;
     }
     return _t('_sys_txt_access_denied');
 }
コード例 #13
0
 /**
  * @return CHECK_ACTION_RESULT_ALLOWED if access is granted or error message if access is forbidden. So make sure to make strict(===) checking.
  */
 public function checkAllowedSetThumb()
 {
     // check ACL
     $aCheck = checkActionModule($this->_iProfileId, 'set thumb', $this->getName(), false);
     if ($aCheck[CHECK_ACTION_RESULT] !== CHECK_ACTION_RESULT_ALLOWED) {
         return $aCheck[CHECK_ACTION_MESSAGE];
     }
     return CHECK_ACTION_RESULT_ALLOWED;
 }
コード例 #14
0
ファイル: BxContactModule.php プロジェクト: blas-dmx/trident 
 protected function isAllowedContact($bPerform = false)
 {
     $iUserId = $this->getUserId();
     $aCheckResult = checkActionModule($iUserId, 'contact', $this->getName(), $bPerform);
     return $aCheckResult[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED ? $aCheckResult[CHECK_ACTION_MESSAGE] : true;
 }