public function isModuleActionPermitted($module = false, $action = false)
{
if ($module === false && isset($_REQUEST["m"])) {
$module = $_REQUEST["m"];
}
if ($action === false && isset($_REQUEST["a"])) {
$action = $_REQUEST["a"];
}
/**
* if module not set, it is home module. It is allowed
*/
if ($module === false) {
return true;
}
$data_item_type = 0;
$actionMapping = array();
switch ($module) {
case 'candidates':
$data_item_type = 100;
$actionMapping = Candidates::actionMapping();
break;
case 'companies':
$data_item_type = 200;
$actionMapping = Companies::actionMapping();
break;
case 'contacts':
$data_item_type = 300;
$actionMapping = Contacts::actionMapping();
break;
case 'joborders':
$data_item_type = 400;
$actionMapping = JobOrders::actionMapping();
break;
}
/**
* if $data_item_type is 0, it indicates other modules. so it is allowed
*/
if ($data_item_type <= 0) {
return true;
}
$modulePermission = isset($this->permission[$data_item_type]) ? $this->permission[$data_item_type] : array();
/**
* checks whether any one operation is allowed
*/
$isModulePermited = false;
if ($modulePermission) {
foreach ($modulePermission as $operation => $permission) {
if ($permission > 0) {
$isModulePermited = true;
break;
}
}
}
/**
* since all the operation is not allowed, don't allow
*/
if ($isModulePermited === false) {
return false;
}
/**
* if $action is false, check whether default action exist in action mapping
*/
if ($action === false) {
if (isset($actionMapping["default"])) {
$action = $actionMapping["default"];
}
}
if (!isset($actionMapping[$action])) {
return true;
}
$operation = $actionMapping[$action];
/**
* if the action allowed
*/
if (isset($modulePermission[$operation]) && $modulePermission[$operation] > 0) {
return true;
}
return false;
}
<?php endif; ?>
</td>
<td style="vertical-align:top;">
<?php echo($this->pipelineGraph); ?>
</td>
</tr>
</table>
</td>
</tr>
</table>
<?php
$objRole=Users::getInstance()->getRole();
$allowDelete=$objRole->getModulePermission(400, JobOrders::actionMapping("delete"));
$allowEdit=$objRole->getModulePermission(400, JobOrders::actionMapping("edit"));
if (!isset($this->isPopup)): ?>
<div id="actionbar">
<span style="float:left;">
<?php if ($allowEdit && $this->accessLevel >= ACCESS_LEVEL_EDIT): ?>
<a id="edit_link" href="<?php echo(CATSUtility::getIndexName()); ?>?m=joborders&a=edit&jobOrderID=<?php echo($this->jobOrderID); ?>">
<img src="images/actions/edit.gif" width="16" height="16" class="absmiddle" alt="edit" border="0" /> Edit
</a>
<?php endif; ?>
<?php if ($allowDelete && $this->accessLevel >= ACCESS_LEVEL_DELETE): ?>
<a id="delete_link" href="<?php echo(CATSUtility::getIndexName()); ?>?m=joborders&a=delete&jobOrderID=<?php echo($this->jobOrderID); ?>" onclick="javascript:return confirm('Delete this job order?');">
<img src="images/actions/delete.gif" width="16" height="16" class="absmiddle" alt="delete" border="0" /> Delete
</a>
<?php endif; ?>
