/** * @param array | string $allowedRoles * $allowedRoles * for grant all access, @ for all logged in users, [] for specific user * @return bool|void */ protected function authorize($allowedRoles = []) { if ($allowedRoles == '@' && !Easol_Authentication::isLoggedIn()) { return redirect('home'); } if (Easol_AuthorizationRoles::hasAccess($allowedRoles)) { if (!($this->router->fetch_class() == 'schools' && $this->router->fetch_method() == 'choose') && Easol_AuthorizationRoles::hasAccess(['System Administrator', 'Data Administrator']) && Easol_Authentication::userdata('SchoolId') == false) { return redirect('schools/choose'); } else { return true; } } return redirect('home/accessdenied'); }
/** * check the request is authorize * @param array $allowedRoles * $allowedRoles * for grant all access, @ for all logged in users, [] for specific user * @return bool */ public static function hasAccess($allowedRoles = []) { if (!is_array($allowedRoles)) { if ($allowedRoles == '*') { return true; } if ($allowedRoles == '@' && Easol_Authentication::isLoggedIn()) { return true; } } if (!Easol_Authentication::userdata('RoleId')) { return false; } foreach ($allowedRoles as $role) { if (array_key_exists($role, self::$roles) && self::$roles[$role] == Easol_Authentication::userdata('RoleId')) { return true; } } return false; }
</div> <!--/. NAV TOP --> <div id="navbar-wrapper"> <nav class="navbar navbar-default navbar-top" role="navigation"> <div class="navbar-header"> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".menu-collapse" aria-expanded="false"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> </div> <?php if (Easol_Authentication::isLoggedIn() && Easol_Authentication::userdata('SchoolId') != false) { ?> <ul class="nav navbar-nav navbar-top-links navbar-right hidden-xs"> <?php if (Easol_AuthorizationRoles::hasAccess(['System Administrator', 'Data Administrator'])) { ?> <li><form class="navbar-form" action="<?php echo site_url("schools/choose"); ?> " method="post"> <select name="school" class="form-control" onChange="this.form.submit()"> <?php foreach ($this->Edfi_School->getAllSchools() as $school) { ?> <option value="<?php echo $school->EducationOrganizationId;