function isAuthorized()
{
$parent = parent::isAuthorized();
if (!is_null($parent)) {
return $parent;
}
// get global settings
$settings = $this->CommonTasks->getGlobalSettings();
// deny according to global setting
if ($settings['locadmin_manage_users'] != "true") {
return false;
}
if (in_array($this->action, array('admin_view', 'admin_edit', 'admin_delete'))) {
$user = $this->User->read(null, $this->passedArgs['0']);
$locId = $user['Location']['id'];
if (!parent::checkSecurity($locId)) {
$this->Tracker->back();
}
return true;
}
if (in_array($this->action, array('admin_index', 'admin_add'))) {
// rest of security check in function
return true;
}
return false;
}
function isAuthorized()
{
$parent = parent::isAuthorized();
if (!is_null($parent)) {
return $parent;
}
if ($this->action == 'admin_start') {
return true;
}
if ($this->action == 'admin_view') {
$locs = parent::getAdminLocationIds();
array_push($locs, 1);
$locId = $this->params['pass'][0];
if (!parent::checkSecurity($locId, $locs)) {
$this->Tracker->back();
}
return true;
}
return false;
}
function isAuthorized()
{
$parent = parent::isAuthorized();
if (!is_null($parent)) {
return $parent;
}
$locs = parent::getAdminLocationIds();
if (in_array($this->action, array('admin_delete', 'admin_view'))) {
$log = $this->Log->read(null, $this->passedArgs['0']);
$locId = $log['Location']['id'];
if (!parent::checkSecurity($locId)) {
$this->Tracker->back();
}
return true;
}
if (in_array($this->action, array('admin_searchlist'))) {
if (isset($this->data)) {
$proxy = $this->ProxySetting->read(null, $this->data['Log']['proxyId']);
$locId = $proxy['Location']['id'];
if (!parent::checkSecurity($locId)) {
$this->Tracker->back();
}
}
return true;
}
if (in_array($this->action, array('admin_createRule'))) {
// security check in action
return true;
}
return false;
}
function isAuthorized()
{
$parent = parent::isAuthorized();
if (!is_null($parent)) {
return $parent;
}
if (in_array($this->action, array('admin_view', 'admin_edit', 'admin_delete'))) {
$rule = $this->Rule->read(null, $this->passedArgs['0']);
$locId = $rule['Location']['id'];
if (!parent::checkSecurity($locId)) {
$this->Tracker->back();
}
return true;
}
if ($this->action == 'admin_search') {
return true;
}
if ($this->action == 'admin_add') {
// permission check within the function
return true;
}
return false;
}
function isAuthorized($id = null)
{
$parent = parent::isAuthorized();
if (!is_null($parent)) {
return $parent;
}
if (in_array($this->action, array('admin_view', 'admin_edit', 'admin_delete'))) {
$group = $this->Group->read(null, $this->passedArgs['0']);
$locId = $group['Location']['id'];
if (!parent::checkSecurity($locId)) {
$this->Tracker->back();
}
return true;
}
if (in_array($this->action, array('admin_add'))) {
// security check in function
return true;
}
return false;
}
