public function __construct($module, $url_params = '', $sf_request, $sf_user) { $this->module = $module; $this->url_params = $url_params; $this->sf_request = $sf_request; $this->sf_user = $sf_user; $this->access = Users::getAccessSchema($module, $sf_user, $sf_request->getParameter('projects_id')); }
public function __construct($sf_user, $sf_request) { $this->sf_user = $sf_user; $this->sf_request = $sf_request; $this->projects_id = $sf_request->getParameter('projects_id'); $this->access = array(); $this->access['projects'] = Users::getAccessSchema('projects', $sf_user); $this->access['tasks'] = Users::getAccessSchema('tasks', $sf_user, $this->projects_id); $this->access['tickets'] = Users::getAccessSchema('tickets', $sf_user, $this->projects_id); $this->access['discussions'] = Users::getAccessSchema('discussions', $sf_user, $this->projects_id); }
public function __construct($sf_user, $sf_request) { $this->sf_user = $sf_user; $this->user = $sf_user->getAttribute('user'); $this->sf_request = $sf_request; $this->access = array(); if ($sf_user->isAuthenticated()) { $this->access['projects'] = Users::getAccessSchema('projects', $sf_user); $this->access['tasks'] = Users::getAccessSchema('tasks', $sf_user); $this->access['tickets'] = Users::getAccessSchema('tickets', $sf_user); $this->access['discussions'] = Users::getAccessSchema('discussions', $sf_user); } }
public function executeDoMultipleDelete(sfWebRequest $request) { $access = Users::getAccessSchema($request->getParameter('table'), $this->getUser()); if (!$access['delete']) { $this->redirect('accessForbidden/index'); } if ($selected_items = $request->getParameter('selected_items')) { if (strlen($selected_items) > 0) { Doctrine_Query::create()->delete()->from($request->getParameter('table'))->whereIn('id', explode(',', $selected_items))->execute(); Attachments::resetAttachments(); } } $this->redirect($request->getParameter('table') . '/index' . (($projects_id = $request->getParameter('projects_id')) > 0 ? '?projects_id=' . $projects_id : '')); }
?> </div> <div id="extraFieldsInDescription"><?php echo ExtraFieldsList::renderDescriptionFileds('tickets', $tickets, $sf_user); ?> </div> <div><?php include_component('attachments', 'attachmentsList', array('bind_type' => 'tickets', 'bind_id' => $tickets->getId())); ?> </div> </div> </div> <br> <?php echo input_hidden_tag('item_name', $tickets->getName()) . input_hidden_tag('item_description', $tickets->getDescription()); $comments_access = Users::getAccessSchema('ticketsComments', $sf_user, isset($projects) ? $projects->getId() : false); if ($comments_access['view']) { $lc = new cfgListingController($sf_context->getModuleName(), 'tickets_id=' . $tickets->getId() . (isset($projects) ? '&projects_id=' . $projects->getId() : '')); ?> <table width="100%" class="resetPadding"> <tr> <td> <table> <tr> <td style="padding-right: 15px;"><?php if ($comments_access['insert']) { echo $lc->insert_button(__('Add Comment')); } ?>
?> </td> <td><span class="pageHeading"><?php echo ($tasks->getTasksLabelId() > 0 ? $tasks->getTasksLabels()->getName() . ': ' : '') . $tasks->getName() . ($tasks->getTasksStatusId() > 0 ? ' [' . $tasks->getTasksStatus()->getName() . '] ' : ''); ?> </span></td> <td><?php include_partial('tasksComments/gotoNext'); ?> </td> </tr> </table> </div> <?php $comments_access = Users::getAccessSchema('tasksComments', $sf_user, $projects->getId()); ?> <table> <?php if (Users::hasAccess('insert', 'tasksComments', $sf_user, $projects->getId())) { ?> <td style="padding-right: 15px;"><?php echo link_to_modalbox(image_tag('icons/comment_small.png') . ' ' . __('Add Comment'), 'tasksComments/new?projects_id=' . $projects->getId() . '&tasks_id=' . $tasks->getId() . '&redirect_to=tasksComments'); ?> </td> <?php } ?> <?php
?> </div> <div id="extraFieldsInDescription"><?php echo ExtraFieldsList::renderDescriptionFileds('discussions', $discussions, $sf_user); ?> </div> <div><?php include_component('attachments', 'attachmentsList', array('bind_type' => 'discussions', 'bind_id' => $discussions->getId())); ?> </div> </div> </div> <br> <?php echo input_hidden_tag('item_name', $discussions->getName()) . input_hidden_tag('item_description', $discussions->getDescription()); $comments_access = Users::getAccessSchema('discussionsComments', $sf_user, $projects->getId()); if ($comments_access['view']) { $lc = new cfgListingController($sf_context->getModuleName(), 'projects_id=' . $sf_request->getParameter('projects_id') . '&discussions_id=' . $discussions->getId()); ?> <table width="100%" class="resetPadding"> <tr> <td> <table> <tr> <td style="padding-right: 15px;"><?php if ($comments_access['insert']) { echo $lc->insert_button(__('Add Comment')); } ?>
public static function hasAccess($access, $module, $sf_user, $projects_id = false) { $schema = Users::getAccessSchema($module, $sf_user, $projects_id); if (strstr($access, '|')) { foreach (explode('|', $access) as $a) { if ($schema[$a]) { return true; } } } elseif ($schema[$access]) { return true; } return false; }