public function testCheckUserAuthLevel() { fAuthorization::setAuthLevels(array('user' => 20, 'admin' => 50)); fAuthorization::setUserAuthLevel('user'); $this->assertEquals(TRUE, fAuthorization::checkAuthLevel('user')); $this->assertEquals(FALSE, fAuthorization::checkAuthLevel('admin')); fAuthorization::setUserAuthLevel('admin'); $this->assertEquals(TRUE, fAuthorization::checkAuthLevel('user')); $this->assertEquals(TRUE, fAuthorization::checkAuthLevel('admin')); }
} ?> </select> </td> <td colspan="6"></td> </tr> <tr> <td class="privilege" colspan="8"><input type="checkbox" id="selectPermissions" /><label for="selectPermissions">Seleccionar todos los permisos</label></td> </tr> <?php $p = new Permission(); $up = new UserPermission(); $userPermissions = $up->getByIdUser($u->getIdUser()); $sections = Section::findAll(); foreach ($sections as $item) { if ($item->getIdSection() == 11 && !fAuthorization::checkAuthLevel('super')) { continue; } ?> <tr> <td class="privilege" colspan="8"><?php echo $item->prepareName(); ?> </td> </tr> <?php $i = 0; $permissions = $p->getByIdSection($item->getIdSection()); foreach ($permissions as $p) { $i++; $checked = false;
<?php $section = 'categories'; $section_id = 25; $sub = 'listGcategory'; $typeOfUser = fAuthorization::checkAuthLevel('super'); $where = ""; if (!$typeOfUser) { $where = " WHERE " . fSession::get('where_at'); } ?> <?php $limit = fRequest::encode('limit', 'integer'); $page = fRequest::encode('p', 'integer'); if ($page < 1) { exit; } $start = ($page - 1) * $limit; $categories = fRecordSet::buildFromSQL('EconomicUnitCategory', "SELECT * FROM economic_unit_categories {$where} LIMIT {$start},{$limit}", "SELECT count(*) FROM economic_unit_categories {$where}", $limit, $page); if ($categories->count() == 0) { echo '<div class="notification information" > Por el momento no hay registros en <b> Categorías de Geolocalización</b>. </div>'; } else { $p = new Pagination($categories->getPages(), $categories->getPage(), 3); $pagination = $p->getPaginationLinks(); ?> <center> <table class="contenttoc" style="width:auto; float:left"> <tr>
<div class="container-fluid"> <a class="brand" href="index.php">Tattle </a> <ul class="nav"> <? $current_url = fURL::getWithQueryString(); echo '<li' . ($current_url == '' ? ' class="active"' : '') . '><a href="index.php">Alerts</a></li>'. "\n"; $check_list = Check::makeURL('list'); echo '<li' . ($current_url == $check_list ? ' class="active"' : '') . '><a href="' . $check_list . '" >Checks</a></li>' . "\n"; $subscription_list = Subscription::makeURL('list'); echo '<li' . ($current_url == $subscription_list ? ' class="active"' : '') .'><a href="' . $subscription_list . '" >Subscriptions</a></li>' . "\n"; $dashboard_list = Dashboard::makeURL('list'); echo '<li' . ($current_url == $dashboard_list ? ' class="active"' : '') . '><a href="' . $dashboard_list . '">Dashboards</a></li>'; $setting_list = Setting::makeURL('list'); echo '<li' . ($current_url == $setting_list ? ' class="active"' : '') . '><a href="' . $setting_list . '" >Settings</a></li>' . "\n"; if (fAuthorization::checkAuthLevel('admin')) { $user_list = User::makeURL('list'); echo '<li><a href="' . User::makeURL('list') . '" >Users</a></li>'; } ?> </ul> <?php if (is_numeric(fSession::get('user_id'))) { ?> <p class="pull-right"> Logged in as <a href="<?php echo User::makeUrl('edit', fSession::get('user_id')); ?> "><?php echo fSession::get('user_name'); ?>
<tr> <td> <label for="type"> Asentamiento: </label> </td> <td> <input type="text" size="80" name="reserve" id="reserve" /> </td> </tr> <tr> <td> <label for="type"> Teléfono: </label> </td> <td> <input type="text" size="80" name="phone" id="phone" /> </td> </tr> <?php if (fAuthorization::checkAuthLevel('super')) { ?> <tr class="regionRow"> <td><label>Región</label></td> <td> <select class="state" name="state"> <option value="0">Estado</option> <?php $r = Region::findAll(1); foreach ($r as $item) { ?> <option value="<?php echo $item->prepareIdRegion(); ?> "><?php echo $item->prepareName();
<?php fSession::open(); $idUser = fSession::get(SESSION_ID_USER); if (empty($idUser) || !fAuthorization::checkAuthLevel("employee")) { exit("No se ha podido acceder a esta secci&oacite;n"); } $id = fRequest::encode('id', 'string'); if (strstr($id, ",")) { fORMDatabase::retrieve()->query("DELETE FROM economic_unit_categories WHERE economic_unit_category_id IN ({$id})"); } else { fORMDatabase::retrieve()->query("DELETE FROM economic_unit_categories WHERE economic_unit_category_id IN ({$id})"); }
<table class="zebra-striped"> <thead> <tr> <th>Username</th> <th>Email</th> <th>Action</th> </tr></thead><tbody> <?php $first = TRUE; foreach ($users as $user) { ?> <tr> <td><?php echo $user->prepareUsername() ?></td> <td><?php echo $user->prepareEmail() ?></td> <td><?php if (fSession::get('user_id') == $user->getUserId() || fAuthorization::checkAuthLevel('admin')) { echo '<a href="' . User::makeUrl('edit',$user) . '">Edit</a>'; } ?> <?php if (fAuthorization::checkAuthLevel('admin') || $user->getUserId() != 1) { ?> <a href="<?php echo User::makeUrl('delete',$user); ?>">Delete</a></td> <?php } ?> </tr> <?php } ?> </tbody></table> <? } catch (fEmptySetException $e) { ?> <p class="info">There are currently no Tattle users? <a href="<?php echo '<a href="'. User::makeUrl('add'); ?>">Add one now</a></p> <?php } ?> </div> <?php $tmpl->place('footer') ?>
if ($sub == 'add') { echo ' class="active"'; } ?> ><a href="<?php echo USER; ?> add.php">Agregar</a></li> <?php } ?> </div> <?php if (fAuthorization::checkAuthLevel('employee')) { ?> <div id="user-mn" class="<?php echo $section == 'categories' ? 'shown' : 'hidden'; ?> "> <li<?php if ($sub == 'list') { echo ' class="active"'; } ?> ><a href="<?php echo CATEGORIES; ?> list.php">Listar</a></li>
/** * Check user's auth level, based on fAuthorization. */ public static function checkUserAuthLevel($level) { return fAuthorization::checkAuthLevel($level); }