function admin_search($pattern = null)
{
$user = parent::getUser();
# code after form submit
if (!empty($this->data)) {
$pattern = "'%" . $this->data['Rule']['pattern'] . "%'";
$WILDCARD = "'*'";
$search_result = $this->Rule->query('SELECT *
FROM rules LEFT JOIN groups on rules.group_id = groups.id
LEFT JOIN locations as loc1 on rules.location_id = loc1.id
LEFT JOIN locations as loc2 on groups.location_id = loc2.id
WHERE (rules.sitename LIKE ' . $pattern . ' OR rules.sitename = ' . $WILDCARD . ')
AND (rules.location_id = 1 OR rules.location_id = ' . $this->data['Rule']['locations'] . ')
ORDER BY sitename, priority;', $cachequeries = false);
#pr($search_result);
$this->set('results', $search_result);
}
if (in_array($user['Role']['name'], $this->priv_roles)) {
$allowed_locations = parent::getAdminLocationIds();
$find_condition = array('fields' => array('Location.*'), 'conditions' => array("AND" => array('Location.id' => $allowed_locations, 'Location.id NOT' => "1")), 'order' => 'Location.code');
} else {
$find_condition = array('fields' => array('Location.*'), 'order' => 'Location.code', 'conditions' => array("id NOT" => "1"));
}
$locations_list = $this->Location->find('all', $find_condition);
$locations = Set::combine($locations_list, '{n}.Location.id', array('%s %s', '{n}.Location.code', '{n}.Location.name'));
$this->set(compact('locations'));
}
function admin_index()
{
# get global settings
$settings = $this->CommonTasks->getGlobalSettings();
$this->set('settings', $settings);
$user = parent::getUser();
$conditions = array();
# get proxys / locations
if (!in_array($user['Role']['name'], $this->priv_roles)) {
$allowed_locations = parent::getAdminLocationIds();
$conditions['Location.id'] = $allowed_locations;
}
# If form has been submitted
if (!empty($this->data) && isset($this->data['User']['searchstring'])) {
$string = $this->data['User']['searchstring'];
$conditions = array("User.username LIKE '%{$string}%' OR User.realname LIKE '%{$string}%'");
}
$this->User->recursive = 0;
$this->set('users', $this->paginate('User', $conditions));
}
function isAuthorized()
{
$parent = parent::isAuthorized();
if (!is_null($parent)) {
return $parent;
}
if ($this->action == 'admin_start') {
return true;
}
if ($this->action == 'admin_view') {
$locs = parent::getAdminLocationIds();
array_push($locs, 1);
$locId = $this->params['pass'][0];
if (!parent::checkSecurity($locId, $locs)) {
$this->Tracker->back();
}
return true;
}
return false;
}
function isAuthorized()
{
$parent = parent::isAuthorized();
if (!is_null($parent)) {
return $parent;
}
$locs = parent::getAdminLocationIds();
if (in_array($this->action, array('admin_delete', 'admin_view'))) {
$log = $this->Log->read(null, $this->passedArgs['0']);
$locId = $log['Location']['id'];
if (!parent::checkSecurity($locId)) {
$this->Tracker->back();
}
return true;
}
if (in_array($this->action, array('admin_searchlist'))) {
if (isset($this->data)) {
$proxy = $this->ProxySetting->read(null, $this->data['Log']['proxyId']);
$locId = $proxy['Location']['id'];
if (!parent::checkSecurity($locId)) {
$this->Tracker->back();
}
}
return true;
}
if (in_array($this->action, array('admin_createRule'))) {
// security check in action
return true;
}
return false;
}
