/**
* IsAuthorized method.
*
* @param array $user Authenticated user.
*
* @return bool
*/
public function isAuthorized($user)
{
if (in_array($this->request->action, ['properties'])) {
return $this->Auth->user('id');
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
if ($user['group_id'] == 6 || $user['group_id'] == 7) {
if (in_array($this->action, array('index', 'listamensaje', 'leermensaje', 'leido', 'contador', 'enviarmensaje'))) {
return true;
} else {
if ($this->Auth->user('id')) {
$this->Session->setFlash('no se puede acceder');
// $this->redirect($this->Auth->redirect());
$this->redirect(array('controller' => 'users', 'action' => 'index'));
}
}
}
// if ($user['group_id']==7 ){
// if(in_array($this->action,array('enviarmensaje','index','leermensaje'))){
// return true;
// }else {
// if($this->Auth->user('id')){
// $this->Session->setFlash('no se puede acceder');
// // $this->redirect($this->Auth->redirect());
// $this->redirect(array('controller'=>'users','action'=>'index'));
// }
// }
// }
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
if ($this->action === "repo" || $this->action === "detail") {
return true;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
if (in_array($this->request->action, array('index', 'logout'))) {
return true;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
$action = $this->action;
if ($action === 'add') {
$organizationId = $this->request->params['pass'][0];
$this->loadModel('Organization');
$organization = $this->Organization->findById($organizationId);
//is this organization approved
if ($organization['Organization']['status_id'] != 2) {
$this->Session->setFlash('This organization must be approved before adding new events.');
return false;
}
//am I an organization admin of some kind for this organization?
return $this->_isOrgAdminFor($organizationId);
} else {
if ($action === 'edit' || $action === 'admin') {
$event_id = $this->request->params['pass'][0];
$event = $this->Event->findById($event_id);
if (!$event) {
throw new NotFoundException('Invalid event');
}
$organizationId = $event['Event']['organization_id'];
//am I an organization admin of some kind for this organization?
return $this->_isOrgAdminFor($organizationId);
}
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
if ($this->request->action === 'index') {
return true;
}
return parent::isAuthorized($user);
}
/**
* Test to see if a user is authorized to make a request.
*
* @param array $user Member record for the user.
* @param CakeRequest $request The request the user is attempting to make.
* @return bool True if the user is authorized to make the request, otherwise false.
* @link http://api20.cakephp.org/class/cake-request
*/
public function isAuthorized($user, $request)
{
// allows full access to see everything
if (parent::isAuthorized($user, $request)) {
return true;
}
// Get the member_id details have been requested for & the logged in users member_id
$logMemberId = $this->_getLoggedInMemberId();
if (isset($request->params['pass'][0])) {
$reqMemberId = $request->params['pass'][0];
} else {
$reqMemberId = $logMemberId;
}
$memberAdmin = $this->Member->GroupsMember->isMemberInGroup($logMemberId, Group::MEMBERSHIP_ADMIN);
switch ($request->action) {
case 'view':
// Allow everyone to view their own transaction history
if ($reqMemberId == $logMemberId or $memberAdmin) {
return true;
}
return false;
case 'edit':
// we'll sort this out later
return true;
}
}
public function isAuthorized($user)
{
if (in_array($this->action, array('index', 'view', 'filedownload'))) {
return true;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
if (isset($user['role']) && $user['role'] === 'storekeeper') {
return true;
}
return parent::isAuthorized($user);
}
/**
* isAuthorized method
*
* @return boolean
*/
public function isAuthorized($user)
{
if (parent::isAuthorized($user)) {
return true;
}
return true;
}
/**
* Test to see if a user is authorized to make a request.
*
* @param array $user Member record for the user.
* @param CakeRequest $request The request the user is attempting to make.
* @return bool True if the user is authorized to make the request, otherwise false.
* @link http://api20.cakephp.org/class/cake-request
*/
public function isAuthorized($user, $request)
{
if (parent::isAuthorized($user, $request)) {
return true;
}
$authGranted = false;
// Only history page implemented so far
if ($request->params['action'] != 'history') {
return false;
}
// Get the member_id details have been requested for & the logged in users member_id
$logMemberId = $this->_getLoggedInMemberId();
if (isset($request->params['pass'][0])) {
$reqMemberId = $request->params['pass'][0];
} else {
$reqMemberId = $logMemberId;
}
// Allow everyone to view their own transaction history
if ($reqMemberId == $logMemberId) {
$authGranted = true;
} elseif ($this->Member->GroupsMember->isMemberInGroup($logMemberId, Group::SNACKSPACE_ADMIN)) {
// Only allow 'Full Access' (via parent::isAuthorized) and 'Snackspace Admins' to view the transaction history of others
$authGranted = true;
}
return $authGranted;
}
public function isAuthorized($user = null)
{
$owner_allowed = array();
$user_allowed = array();
$admin_allowed = array_merge($owner_allowed, $user_allowed, array('display'));
$developer_allowed = array_merge($admin_allowed, array());
# All registered users can:
if (in_array($this->action, $user_allowed)) {
return true;
}
# Admin users can:
// if ($user['rol'] === 'admin')
if ($user['Rol']['weight'] >= User::ADMIN) {
if (in_array($this->action, $admin_allowed)) {
return true;
}
}
# Developer users can:
if ($user['Rol']['weight'] >= User::DEVELOPER) {
if (in_array($this->action, $developer_allowed)) {
return true;
}
}
# The owner of an user can:
if (in_array($this->action, $owner_allowed)) {
$userId = $this->request->params['pass'][0];
if ($this->Event->isOwnedBy($userId, $user['id'])) {
return true;
}
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
if ($user['group_id'] == '7') {
if (in_array($this->action, array('subirexamen'))) {
return true;
} else {
if ($this->Auth->user('id')) {
$this->Session->setFlash('no se puede acceder');
$this->redirect(array('controller' => 'users', 'action' => 'index'));
}
}
} else {
if ($user['group_id'] == '6') {
if (in_array($this->action, array('index', 'getexams', 'download'))) {
return true;
} else {
if ($this->Auth->user('id')) {
$this->Session->setFlash('no se puede acceder');
$this->redirect(array('controller' => 'users', 'action' => 'index'));
}
}
}
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
if (isset($user['role']) && $user['role'] === 'teacher') {
if (in_array($this->action, array('add'))) {
return true;
}
}
/**}else {
$this->Session->setFlash(__('You don\'t have the right to add a teacher.'), 'flash/error');
$this->redirect(array('action' => 'index'));**/
//return false;
if (isset($user['role']) && $user['role'] === 'teacher') {
} else {
if (isset($user['role']) && $user['role'] === 'admin') {
} else {
$this->Session->setFlash(__('You don\'t have the right to access to groups.'), 'flash/error');
}
}
// The owner of a post can edit and delete it
if (in_array($this->action, array('edit', 'delete'))) {
$postId = (int) $this->request->params['pass'][0];
if ($this->Group->isOwnedBy($postId, $user['id'])) {
return true;
}
}
return parent::isAuthorized($user);
}
/**
* isAuthorized Method
* Allows Hippa Admin to Add, Edit, Delete Everything
* Client Managers & MU MAnagers can only Add Edit Delete to their own group
* Users cannot see
* @return void
*/
public function isAuthorized($user)
{
$group = $this->Session->read('Auth.User.group_id');
// Test group role. Is admin?
$client = $this->Session->read('Auth.User.client_id');
// Test Client.
$acct = $this->Session->read('Auth.User.Client.account_type');
// Get account type
if ($group == 2) {
if (in_array($this->action, array('index', 'view', 'add'))) {
// Allow Managers to Add
return true;
}
if (in_array($this->action, array('edit', 'delete', 'sendFile'))) {
// Allow Managers to Edit, delete their own
$id = $this->request->params['pass'][0];
if ($this->BusinessAssociateAgreement->isOwnedBy($id, $client)) {
return true;
}
}
}
if ($group == 3 || $acct == 'Initial') {
$this->Session->setFlash('You are not authorized to view that!');
$this->redirect(array('controller' => 'dashboard', 'action' => 'index'));
return false;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
switch ($this->action) {
case 'add':
if ($user['Role']['name'] !== 'patient') {
return true;
} else {
// tylko doktor albo pani Bożena z rejestracji mogą stworzyc wizytę bo wiedzą kiedy lekarz ma wolne
return false;
}
case 'index':
// No tylko zwracamy inne rzeczy
return true;
case 'view':
if ($user['Role']['name'] == 'doctor' || $user['Role']['name'] == 'receptionist' || $user['Role']['name'] == 'admin') {
return true;
} else {
$visit_id = $this->params['pass'][0];
$visit = $this->Visit->findById($visit_id);
if ($visit) {
if ($visit['Patient']['id'] == $user['Patient']['id']) {
return true;
}
}
}
return false;
case 'edit':
if ($user['Role']['name'] !== 'patient') {
return true;
}
return parent::isAuthorized($user);
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
if ($this->action === 'profil') {
return true;
}
return parent::isAuthorized($user);
}
/**
* Check to see if a user is authorized to perform an action.
* @param array $user Array of user data
* @param CakeRequest $request The request the user is attempting to perform.
* @return bool True if the user is authorized to perform the action, false otherwise.
*/
public function isAuthorized($user, $request)
{
// pass all requests to the parent.
// This will allow "full access" users to access everything
if (parent::isAuthorized($user, $request)) {
return true;
}
// non-logged in users can never access
$memberId = $this->Member->getIdForMember($user);
if ($memberId <= 0) {
return false;
}
// Logged in users will be redirected to the index page
$this->Auth->unauthorizedRedirect = array('plugin' => 'Tools', 'controller' => 'ToolsTools', 'action' => 'index');
// Array of all request in this plugin that any logged in user can access
$allowedRequests = array('ToolsTools' => array('index'));
// Array of all requests in this plugin that may be restricted
$restrictedRequests = array('ToolsTools' => array('view', 'addbooking', 'listBookings', 'publicAccess', 'deleteBooking'));
if ($this->request->params['plugin'] == 'Tools') {
// is it a general page?
if (array_key_exists($this->request->params['controller'], $allowedRequests)) {
if (in_array($this->request->params['action'], $allowedRequests[$this->request->params['controller']])) {
return true;
}
}
// Is this user allowed to access this page?
if (array_key_exists($this->request->params['controller'], $restrictedRequests)) {
if (in_array($this->request->params['action'], $restrictedRequests[$this->request->params['controller']])) {
return $this->ToolsTool->isUserInducted($this->request->params['pass'][0], $memberId);
}
}
}
return false;
}
public function isAuthorized($user)
{
parent::isAuthorized($user);
if (isset($user['role_id']) && $user['role_id'] == 1 || $user['role_id'] == 2) {
return true;
}
return false;
}
function isAuthorized()
{
$parent = parent::isAuthorized();
if (!is_null($parent)) {
return $parent;
}
return false;
}
public function isAuthorized($user = null)
{
// Only users with a response can use the map
if ($this->action == 'view' && !$this->Session->read('response')) {
return false;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
// All registered users can add partes
if (in_array($this->action, array('add'))) {
return true;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
// All registered users can add articles
if ($this->request->action === 'add') {
return true;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
// Addのみ許可
if ($this->action === 'add') {
return true;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
// ログインしていれば申請できる、フレンド一覧を表示できる
if ($this->Auth->loggedIn()) {
return true;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
switch ($this->action) {
case 'add':
return true;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
// Allow limited access to this controller
if (in_array($this->action, array('complete'))) {
return true;
}
// Just in case the base controller has something to add
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
//Delivered id.
$car = $this->request->params['pass'][0];
if ($this->User->belongsTo($user, $user['id'])) {
return TRUE;
}
return parent::isAuthorized($user);
}
public function isAuthorized($user)
{
$action = $this->action;
if ($action === 'index') {
return $this->_isLoggedIn();
} else {
if ($action === 'add') {
$registration_id = $this->request->params['pass'][0];
$user_id = $this->_getUserId();
$this->loadModel('Registration');
$registration = $this->Registration->find('first', array('conditions' => array('Registration.id' => $registration_id)));
if ($this->_isMine($registration['Registration']['user_id']) || $this->_isOrgAdminFor($registration['Event']['organization_id'])) {
return $this->_isLoggedIn();
} else {
$this->Session->setFlash('You are not yet registered for this event.');
return false;
}
} else {
if ($action === 'edit') {
$hour_id = $this->request->params['pass'][0];
$hour = $this->Hour->findById($hour_id);
if (!$hour) {
throw new NotFoundException('Invalid, Hour Not Found');
}
$this->loadModel("Event");
$event = $this->Event->findById($hour['Registration']['event_id']);
//can only edit the hour if I am an admin
$isOrgAdminForHour = $this->_isOrgAdminFor($event['Event']['organization_id']);
$isHourApproved = $hour['Hour']['status_id'] == 2;
if ($isOrgAdminForHour || !$isOrgAdminForHour && !$isHourApproved) {
return $this->_isLoggedIn();
} else {
$this->Session->setFlash('You are not authorized to edit this hour.');
return false;
}
} else {
if ($action === 'view') {
$hour_id = $this->request->params['pass'][0];
$hour = $this->Hour->findById($hour_id);
if (!$hour) {
throw new NotFoundException('Invalid, Hour Not Found');
}
$this->loadModel("Event");
$event = $this->Event->findById($hour['Registration']['event_id']);
//can only edit or view the hour if it is mine or I am an admin
if ($this->_isMine($hour['Hour']['user_id']) || $this->_isOrgAdminFor($event['Event']['organization_id'])) {
return $this->_isLoggedIn();
} else {
$this->Session->setFlash('This is not your hour to view.');
return false;
}
}
}
}
}
return parent::isAuthorized($user);
}
/**
* isAuthorized Method
* Only Allow Hipaa Admin to add groups
* @return void
*/
public function isAuthorized($user)
{
$group = $this->Session->read('Auth.User.group_id');
// Test group role. Is admin?
if ($group == 2 || $group == 3) {
//deny
return false;
}
return parent::isAuthorized($user);
}
