public function isAuthorized($user) { if (in_array(strtolower($this->action), array('add', 'edit', 'delete', 'index', 'adminlinks'))) { return AuthComponent::User('role') == '3' ? true : false; } return true; }
function beforeFilter() { $hasAdmin = $this->User->hasAdminUser(); $this->set('has_admin', $hasAdmin); // RSS Authentication by user model if ($this->RequestHandler->isRss()) { $this->Auth->allow('index'); $this->Security->loginOptions = array('type' => 'basic', 'login' => 'authenticate', 'realm' => 'My_RSS_Feeds'); $this->Security->loginUsers = array(); $this->Security->requireLogin('*'); } // UsersControllerの認証除外設定 if (get_class($this) == "UsersController") { if (!$hasAdmin) { $this->Auth->allow(array('add')); } $this->Auth->allow(array('reset_password', 'reset_password_mail')); } if (isset($this->Auth)) { //コントローラー側でさらに詳細を判別 $this->Auth->authorize = 'controller'; //ログインできるユーザの条件をデータベースのフィールドの値で指定 $this->Auth->userScope = array("User.disabled" => 0); //ログイン処理を行うactionを指定(/users/loginがデフォルト)。 $this->Auth->loginAction = "/users/login"; //ログインが失敗した際のエラーメッセージ $this->Auth->loginError = __("Invalid username or password", true); //権限が無いactionを実行した際のエラーメッセージ $this->Auth->authError = __('You have no privileges', true); //ログイン後にリダイレクトするURL $this->Auth->loginRedirect = "/users/index"; //ユーザIDとパスワードがあるmodelを指定(’User’がデフォルト) $this->Auth->userModel = "User"; //ユーザIDとパスワードのフィールドを指定(username、password がデフォルト) $this->Auth->fields = array("username" => "loginname", "password" => "password"); //自動リダイレクトしない $this->Auth->autoRedirect = false; // ログインユーザ情報をviewに受け渡し $login_user = $this->Auth->User(); $this->set('login_user', $login_user['User']); } $project = $this->Project->getProjectInfo(); $this->set('project_info', $project["Project"]); $sprint = $this->Sprint->getActiveSprintList(); $this->set('sprint_info', $sprint); }
protected function _getCurrentUserId() { if (isset($this->Auth)) { $user_id = $this->Auth->User("id"); } else { $user_id = AuthComponent::User("id"); } return $user_id; }
public function isSubscribed($subscribedUsers) { foreach ($subscribedUsers as $user) { if ($user['User']['id'] == AuthComponent::User('id')) { return $user['Notification']['token']; } } return null; }
public function isAuthorized($user) { parent::isAuthorized($user); if ($this->request->action === 'add') { return $this->Thread->SubForum->canPostHere($this->request->params['id']); } if ($this->request->action === 'sticky' || $this->request->action === 'lock' || $this->request->action === 'setHome') { return AuthComponent::User('role') == '3'; } if ($this->request->action === 'edit') { $articleId = $this->request->params['id']; return $this->Thread->isOwnedBy($articleId); } return true; }
public function displayTopics($sub_forum_id = null, $slug = null) { $this->SubForum->id = $sub_forum_id; if (!$this->SubForum->exists()) { throw new NotFoundException('Sub forum not found'); } $this->paginate = array('conditions' => array('Thread.sub_forum_id' => $sub_forum_id, 'Thread.thread_id' => '0'), 'order' => array('Thread.sticky' => 'DESC', 'Thread.latest_reply_thread_id' => 'DESC'), 'limit' => 15); $this->SubForum->recursive = -1; $subForum = $this->SubForum->read(); $this->set('subForum', $subForum); $this->set('title_for_layout', 'Forums • ' . $subForum['SubForum']['name']); $this->set('subForumName', $subForum['SubForum']['name']); $this->set('threads', $this->paginate('SubForum.Thread')); if (AuthComponent::User('role') == '3') { $this->render('admin_display_topics'); } }
public function canPostHere($id = null) { $subForumRole = $this->field('role', array('id' => $id)); return AuthComponent::User('role') >= $subForumRole; }
public function editThread($data = null, $threadId = null) { $this->set($data); $this->set('lasteditor', AuthComponent::User('id')); if ($this->save($this->data)) { if ($data[$this->alias]['notification']) { $this->Notification->deleteAll(array('thread_id' => $this->id, 'user_id' => AuthComponent::User('id'))); $this->Notification->addNotification($threadId); } else { $this->Notification->deleteAll(array('thread_id' => $this->id, 'user_id' => AuthComponent::User('id'))); } return true; } return false; }
public function isAuthorized($user) { return AuthComponent::User('role') >= '1' ? true : false; }
public function isOwnedBy($messageId) { return $this->field('id', array('id' => $messageId, 'user_id' => AuthComponent::User('id'))) == $messageId; }