Exemplo n.º 1
0
function require_action_auth($callback)
{
    check_login($callback);
    $target = $callback->controller;
    $id = $callback->currId;
    if (!has_action_auth($target, $id)) {
        $callback->flash("Sorry, you don't have permission to edit {$target} {$id}", 'error');
        if ($callback->action == $callback->defaultAction) {
            redirect_to(ADMIN_URL);
        } else {
            redirect_to(ADMIN_URL . '/' . $callback->controller);
        }
    }
    return true;
}
 function showAction()
 {
     $this->user = new User($this->args[1]);
     if (strlen($this->user->username) < 1) {
         $this->flash('The user you requested could not be found. ' . 'You may have found a bad link, or the user may no longer be in the system.', 'error');
         redirect_to(ADMIN_URL . '/users');
     }
     $this->setTitle($this->user->name);
     $this->setSubject($this->user->name);
     //    $this->canEdit =$_SESSION['user']->can_write('user',$this->args[1]);
     $this->canEdit = has_action_auth('users', $this->user->id);
     $this->groups = array();
     if ($this->user->admin_privileges) {
         $this->groups[] = "<strong>Concerto Administrators</strong>";
     }
     $group_objs = $this->user->list_groups();
     if (is_array($group_objs)) {
         foreach ($this->user->list_groups() as $group) {
             $this->groups[] = '<a href="' . ADMIN_URL . "/groups/show/{$group->id}\">{$group->name}</a>";
         }
     }
     $types = sql_select('type', array('id', 'name'), NULL, 'ORDER BY name');
     foreach ($types as $type) {
         $contentids = sql_select('content', 'content.id, content.user_id, SUM(moderation_flag) as mod_status', '', 'LEFT JOIN feed_content ON content.id = feed_content.content_id WHERE content.type_id = ' . $type['id'] . ' AND content.user_id=' . $this->user->id . ' GROUP BY content.id ORDER BY content.name');
         if (is_array($contentids)) {
             foreach ($contentids as $id) {
                 if ($id['mod_status'] >= 1) {
                     $this->contents['approved'][$type['name']][] = new Content($id['id']);
                 } else {
                     if ($id['mod_status'] == 0 && !is_null($id['mod_status'])) {
                         $this->contents['denied'][$type['name']][] = new Content($id['id']);
                     } else {
                         $this->contents['pending'][$type['name']][] = new Content($id['id']);
                     }
                 }
             }
         }
     }
     $this->notifications = Newsfeed::get_for_user($this->user->id, 0);
 }