public function init() { $identity = Zend_Auth::getInstance()->getIdentity(); $parentId = $this->_getParam('parentId'); // Check organisation-data access if ($parentId) { $model = new Model_Organisation(); $id = $model->checkOrganisationPresent($identity->account_id); if ($id != $parentId) { $this->_helper->FlashMessenger->addMessage(array('error' => "Access denied.")); $this->_redirect("/wep/dashboard"); } } $this->_helper->layout()->setLayout('layout_wep'); $this->view->blockManager()->enable('partial/dashboard.phtml'); $this->view->blockManager()->enable('partial/primarymenu.phtml'); $this->view->blockManager()->enable('partial/add-activity-menu.phtml'); $this->view->blockManager()->enable('partial/published-list.phtml'); $this->view->blockManager()->enable('partial/organisation-data.phtml'); $this->view->blockManager()->enable('partial/organisation-menu.phtml'); // for role user check if the user has permission to add, publish ,if not disable menu. if ($identity->role == 'user') { $model = new Model_Wep(); $userPermission = $model->getUserPermission($identity->user_id); $permission = $userPermission->hasPermission(Iati_WEP_PermissionConts::ADD_ACTIVITY); $publishPermission = $userPermission->hasPermission(Iati_WEP_PermissionConts::PUBLISH); if (!$permission) { $this->view->blockManager()->disable('partial/add-activity-menu.phtml'); } if (!$publishPermission) { $this->view->blockManager()->disable('partial/published-list.phtml'); } } $this->view->blockManager()->enable('partial/usermgmtmenu.phtml'); }
protected function _hasPermissionForState($state) { $identity = Zend_Auth::getInstance()->getIdentity(); if ($identity->role == 'user') { $model = new Model_Wep(); $userPermission = $model->getUserPermission($identity->user_id); $required_permissions = $this->PERMISSIONS[$state]; foreach ($required_permissions as $permission) { if (!$userPermission->hasPermission($permission)) { return false; } } } return true; }
public function editAction() { $user_id = $this->getRequest()->getParam('user_id'); $auth = Zend_Auth::getInstance()->getIdentity(); $roleName = $auth->role; $uploadDir = Zend_Registry::get('config')->upload_dir . "/image/"; //$uploadDir = APPLICATION_PATH.'/../public/uploads/image/'; if ($user_id != $auth->user_id) { $this->_helper->FlashMessenger->addMessage(array('error' => 'Access denied.')); $this->_redirect('/user/user/myaccount'); } $userModel = new User_Model_DbTable_User(); $row = $userModel->getUserById($user_id); $profileModel = new User_Model_DbTable_Profile(); $row1 = $profileModel->getProfileByUserId($user_id); $accountObj = new User_Model_DbTable_Account(); //$userName = strtok($row['user_name'], '_'); $names = explode('_', $row['user_name']); $last = array_pop($names); $userName = implode('_', $names); $account = $accountObj->getAccountRowByUserName('account', 'username', $userName); $form = new User_Form_User_Edit(); if ($this->getRequest()->isPost()) { $formData = $this->getRequest()->getPost(); if ($form->isValid($formData)) { $data['name'] = $form->getValue('name'); $data['address'] = $form->getValue('address'); $data['telephone'] = $form->getValue('telephone'); $data['twitter'] = !$form->getValue('twitter') ? $form->getValue('twitter') : '@' . preg_replace("/@/", "", $form->getValue('twitter'), 1); $data['first_name'] = $form->getValue('first_name'); $data['middle_name'] = $form->getValue('middle_name'); $data['last_name'] = $form->getValue('last_name'); $data['email'] = $form->getValue('email'); $data['url'] = $form->getValue('url'); $data['disqus_comments'] = $form->getValue('disqus_comments'); $accountObj->updateAccount($data, $userName); $value = $userModel->updateUser($data, $user_id); $profileModel->updateProfile($data, $user_id); if ($roleName != 'user') { $upload = new Zend_File_Transfer_Adapter_Http(); $upload->setDestination($uploadDir); $upload->addFilter(new App_Filter_File_Resize(array('width' => 150, 'height' => 100, 'keepRatio' => true))); $source = $upload->getFileName(); if (is_string($source)) { $data['file_name'] = basename($source); } try { $upload->receive(); $accountObj->insertFileNameOrUpdate($data, $userName); } catch (Zend_File_Transfer_Exception $e) { $e->getMessage(); } } $this->_helper->FlashMessenger->addMessage(array('message' => 'Profile saved successfully.')); $this->_redirect('user/user/myaccount/user_id/' . $row->user_id); } else { $form->populate($formData); } } else { $form->populate($row->toArray()); $form->populate($row1->toArray()); if ($roleName != 'superadmin' && $roleName != 'groupadmin') { $form->populate($account->toArray()); } } $this->view->form = $form; $identity = Zend_Auth::getInstance()->getIdentity(); $this->_helper->layout()->setLayout('layout_wep'); if ($identity->role == 'user') { $model = new Model_Wep(); $userPermission = $model->getUserPermission($identity->user_id); $permission = $userPermission->hasPermission(Iati_WEP_PermissionConts::VIEW_ACTIVITIES); if ($permission == '0') { $this->view->blockManager()->disable('partial/primarymenu.phtml'); } $permission = $userPermission->hasPermission(Iati_WEP_PermissionConts::ADD_ACTIVITY); if ($permission == '0') { $this->view->blockManager()->disable('partial/add-activity-menu.phtml'); } } $this->view->blockManager()->enable('partial/dashboard.phtml'); if ($identity->role == 'user' || $identity->role == 'admin') { $this->view->blockManager()->enable('partial/primarymenu.phtml'); $this->view->blockManager()->enable('partial/add-activity-menu.phtml'); $this->view->blockManager()->enable('partial/published-list.phtml'); $this->view->blockManager()->enable('partial/organisation-data.phtml'); $this->view->blockManager()->enable('partial/download-my-data.phtml'); $this->view->blockManager()->enable('partial/usermgmtmenu.phtml'); $this->view->blockManager()->enable('partial/uploaded-docs.phtml'); // for role user check if the user has permission to add, publish ,if not disable menu. if ($identity->role == 'user') { $model = new Model_Wep(); $userPermission = $model->getUserPermission($identity->user_id); $permission = $userPermission->hasPermission(Iati_WEP_PermissionConts::ADD_ACTIVITY); $publishPermission = $userPermission->hasPermission(Iati_WEP_PermissionConts::PUBLISH); if (!$permission) { $this->view->blockManager()->disable('partial/add-activity-menu.phtml'); } if (!$publishPermission) { $this->view->blockManager()->disable('partial/published-list.phtml'); } } } elseif ($identity->role == 'groupadmin') { $this->view->blockManager()->enable('partial/groupadmin-menu.phtml'); } else { $this->view->blockManager()->enable('partial/superadmin-menu.phtml'); } }
public function listPublishedFilesAction() { $identity = Zend_Auth::getInstance()->getIdentity(); $orgId = $identity->account_id; // set publish permission to true so that we should only check permission for user. $publishPermission = 1; if ($identity->role == 'user') { $model = new Model_Wep(); $userPermission = $model->getUserPermission($identity->user_id); $publishPermission = $userPermission->hasPermission(Iati_WEP_PermissionConts::PUBLISH); } $modelRegistryInfo = new Model_RegistryInfo(); $registryInfo = $modelRegistryInfo->getOrgRegistryInfo($orgId); // Create Registry Form For Activities $formForActivities = new Form_Wep_PublishToRegistry(); $formForActivities->setAction($this->view->baseUrl() . '/wep/publish-in-registry'); if ($registryInfo->update_registry) { $formForActivities->push_to_registry->setAttrib('disabled', 'disabled'); } $this->view->formForActivities = $formForActivities; // Create Registry Form For Organisation $formForOrganisation = new Form_Organisation_PublishToRegistry(); $formForOrganisation->setAction($this->view->baseUrl() . '/organisation/publish-in-registry'); if ($registryInfo->update_registry) { $formForOrganisation->push_to_registry_for_organisation->setAttrib('disabled', 'disabled'); } $this->view->formForOrganisation = $formForOrganisation; // Fetch Publish Data For Activities $db = new Model_Published(); $publishedFilesOfActivities = $db->getAllPublishedInfo($orgId); $this->view->published_files_activities = $publishedFilesOfActivities; // Fetch Publish Data For Organisation $organisationpublishedModel = new Model_OrganisationPublished(); $publishedFilesOfOrganisation = $organisationpublishedModel->getAllPublishedInfo($orgId); $this->view->published_files_organisation = $publishedFilesOfOrganisation; $this->view->publish_permission = $publishPermission; if (Simplified_Model_Simplified::isSimplified()) { $this->view->blockManager()->disable('partial/organisation-data.phtml'); $this->view->blockManager()->enable('partial/simplified-info.phtml'); } }