function hasPermission($permission_value)
{
require_once 'AMP/System/Permission/Manager.inc.php';
$manager = new AMPSystem_PermissionManager();
$manager->readUser($this->getName());
return $manager->authorized($permission_value);
}
function _allowedFields($fields)
{
$permission_manager =& AMPSystem_PermissionManager::instance();
//clear non-allowed fields as specified by 'per' element in XML
foreach ($fields as $fieldname => $field_def) {
if (!isset($field_def['per'])) {
continue;
}
$per_constant = $permission_manager->convertDescriptor($field_def['per']);
if (!AMP_Authorized($per_constant)) {
unset($fields[$fieldname]);
}
}
//clear non_allowed submit actions as specified by the map
$map =& $this->_get_map();
foreach ($this->submit_button[$this->_submit_group]['elements'] as $action => $field_def) {
if (!$map) {
continue;
}
if (!$map->isAllowed($action)) {
$this->removeSubmit($action);
}
}
return $fields;
}
function init()
{
$this->per_manager = AMPSystem_PermissionManager::instance();
$this->menuset = $this->_allowedItems($this->_convertPermissions($this->_init_map_values()));
$this->menuset = $this->_convertUrls($this->menuset);
$this->_mapForms();
$this->_mapLists();
$this->_buildMap();
}
function AMP_init_user()
{
if (!isset($_SERVER['REMOTE_USER'])) {
return false;
}
$AMP_Permission =& AMPSystem_PermissionManager::instance();
$AMP_CurrentUser = false;
$AMP_CurrentUser =& $AMP_Permission->readUser($_SERVER['REMOTE_USER']);
if ($AMP_CurrentUser) {
if (!defined('AMP_SYSTEM_USER_ID')) {
define('AMP_SYSTEM_USER_ID', $AMP_CurrentUser->id);
}
$content_roots = AMP_lookup('userSiteRoots');
if (isset($content_roots[AMP_SYSTEM_USER_ID])) {
if (!defined('AMP_CONTENT_MAP_ROOT_SECTION')) {
define('AMP_CONTENT_MAP_ROOT_SECTION', $content_roots[AMP_SYSTEM_USER_ID]);
}
$sections = AMP_lookup('sections');
if (!defined('AMP_CONTENT_SECTION_NAME_ROOT')) {
if (AMP_CONTENT_MAP_ROOT_SECTION != AMP_CONTENT_SECTION_ID_ROOT) {
define('AMP_CONTENT_SECTION_NAME_ROOT', $sections[AMP_CONTENT_MAP_ROOT_SECTION]);
} else {
define('AMP_CONTENT_SECTION_NAME_ROOT', AMP_SITE_NAME);
}
}
} else {
define('AMP_CONTENT_MAP_ROOT_SECTION', AMP_CONTENT_SECTION_ID_ROOT);
define('AMP_CONTENT_SECTION_NAME_ROOT', AMP_SITE_NAME);
}
//ACL user def code
if (!defined('AMP_SYSTEM_USER_TYPE')) {
define('AMP_SYSTEM_USER_TYPE', 'users');
}
if (!defined('AMP_SYSTEM_USER_ID_ACL')) {
define('AMP_SYSTEM_USER_ID_ACL', 'user_' . $AMP_CurrentUser->id);
}
if (!AMP_Authorized(AMP_PERMISSION_CONTENT_ACCESS)) {
trigger_error('content access not authorized for user ' . $AMP_CurrentUser->getName());
ampredirect(AMP_SITE_URL);
}
//ENSURE THAT THE current user is allowed to see this page
if (!$AMP_Permission->authorizedPage()) {
trigger_error('unauthorized page access attempt by ' . $AMP_CurrentUser->getName());
ampredirect($AMP_Permission->userHome());
}
}
}
<?php
require_once 'AMP/System/Base.php';
$AMP_Permission =& AMPSystem_PermissionManager::instance();
ampredirect($AMP_Permission->userHome());
/*
$modid=38;
require_once("Connections/freedomrising.php");
$index_user_settings = $dbcon->GetAssoc("Select id, system_home from users where name = ".$dbcon->qstr($_SERVER['REMOTE_USER']));
if (isset($index_user_settings['system_home'])&&$index_user_settings['system_home']!='') {
header('Location: '.$index_user_settings['system_home']);
} else {
header('Location: articlelist.php');
}
include ("footer.php");
*/
function AMPSystem_NavManager()
{
$this->per_manager =& AMPSystem_PermissionManager::instance();
$this->loadNavs();
}
function &_loadPermissionManager()
{
if (isset($this->_per_manager)) {
return true;
}
require_once 'AMP/System/Permission/Manager.inc.php';
$this->_per_manager =& AMPSystem_PermissionManager::instance();
}
function AMP_Authorized($id)
{
static $permissions = false;
if (!$permissions) {
require_once 'AMP/System/Permission/Manager.inc.php';
$permissions = AMPSystem_PermissionManager::instance();
}
return $permissions->authorized($id);
}
function AMPSystemLookup_Permissions()
{
$perManager =& AMPSystem_PermissionManager::instance();
$this->criteria = join(" AND ", array('publish=1', 'id in (' . join(',', $perManager->entireSet()) . ' )'));
$this->init();
}
