function hasPermission($permission_value) { require_once 'AMP/System/Permission/Manager.inc.php'; $manager = new AMPSystem_PermissionManager(); $manager->readUser($this->getName()); return $manager->authorized($permission_value); }
function _allowedFields($fields) { $permission_manager =& AMPSystem_PermissionManager::instance(); //clear non-allowed fields as specified by 'per' element in XML foreach ($fields as $fieldname => $field_def) { if (!isset($field_def['per'])) { continue; } $per_constant = $permission_manager->convertDescriptor($field_def['per']); if (!AMP_Authorized($per_constant)) { unset($fields[$fieldname]); } } //clear non_allowed submit actions as specified by the map $map =& $this->_get_map(); foreach ($this->submit_button[$this->_submit_group]['elements'] as $action => $field_def) { if (!$map) { continue; } if (!$map->isAllowed($action)) { $this->removeSubmit($action); } } return $fields; }
function init() { $this->per_manager = AMPSystem_PermissionManager::instance(); $this->menuset = $this->_allowedItems($this->_convertPermissions($this->_init_map_values())); $this->menuset = $this->_convertUrls($this->menuset); $this->_mapForms(); $this->_mapLists(); $this->_buildMap(); }
function AMP_init_user() { if (!isset($_SERVER['REMOTE_USER'])) { return false; } $AMP_Permission =& AMPSystem_PermissionManager::instance(); $AMP_CurrentUser = false; $AMP_CurrentUser =& $AMP_Permission->readUser($_SERVER['REMOTE_USER']); if ($AMP_CurrentUser) { if (!defined('AMP_SYSTEM_USER_ID')) { define('AMP_SYSTEM_USER_ID', $AMP_CurrentUser->id); } $content_roots = AMP_lookup('userSiteRoots'); if (isset($content_roots[AMP_SYSTEM_USER_ID])) { if (!defined('AMP_CONTENT_MAP_ROOT_SECTION')) { define('AMP_CONTENT_MAP_ROOT_SECTION', $content_roots[AMP_SYSTEM_USER_ID]); } $sections = AMP_lookup('sections'); if (!defined('AMP_CONTENT_SECTION_NAME_ROOT')) { if (AMP_CONTENT_MAP_ROOT_SECTION != AMP_CONTENT_SECTION_ID_ROOT) { define('AMP_CONTENT_SECTION_NAME_ROOT', $sections[AMP_CONTENT_MAP_ROOT_SECTION]); } else { define('AMP_CONTENT_SECTION_NAME_ROOT', AMP_SITE_NAME); } } } else { define('AMP_CONTENT_MAP_ROOT_SECTION', AMP_CONTENT_SECTION_ID_ROOT); define('AMP_CONTENT_SECTION_NAME_ROOT', AMP_SITE_NAME); } //ACL user def code if (!defined('AMP_SYSTEM_USER_TYPE')) { define('AMP_SYSTEM_USER_TYPE', 'users'); } if (!defined('AMP_SYSTEM_USER_ID_ACL')) { define('AMP_SYSTEM_USER_ID_ACL', 'user_' . $AMP_CurrentUser->id); } if (!AMP_Authorized(AMP_PERMISSION_CONTENT_ACCESS)) { trigger_error('content access not authorized for user ' . $AMP_CurrentUser->getName()); ampredirect(AMP_SITE_URL); } //ENSURE THAT THE current user is allowed to see this page if (!$AMP_Permission->authorizedPage()) { trigger_error('unauthorized page access attempt by ' . $AMP_CurrentUser->getName()); ampredirect($AMP_Permission->userHome()); } } }
<?php require_once 'AMP/System/Base.php'; $AMP_Permission =& AMPSystem_PermissionManager::instance(); ampredirect($AMP_Permission->userHome()); /* $modid=38; require_once("Connections/freedomrising.php"); $index_user_settings = $dbcon->GetAssoc("Select id, system_home from users where name = ".$dbcon->qstr($_SERVER['REMOTE_USER'])); if (isset($index_user_settings['system_home'])&&$index_user_settings['system_home']!='') { header('Location: '.$index_user_settings['system_home']); } else { header('Location: articlelist.php'); } include ("footer.php"); */
function AMPSystem_NavManager() { $this->per_manager =& AMPSystem_PermissionManager::instance(); $this->loadNavs(); }
function &_loadPermissionManager() { if (isset($this->_per_manager)) { return true; } require_once 'AMP/System/Permission/Manager.inc.php'; $this->_per_manager =& AMPSystem_PermissionManager::instance(); }
function AMP_Authorized($id) { static $permissions = false; if (!$permissions) { require_once 'AMP/System/Permission/Manager.inc.php'; $permissions = AMPSystem_PermissionManager::instance(); } return $permissions->authorized($id); }
function AMPSystemLookup_Permissions() { $perManager =& AMPSystem_PermissionManager::instance(); $this->criteria = join(" AND ", array('publish=1', 'id in (' . join(',', $perManager->entireSet()) . ' )')); $this->init(); }