- Added method hasAtLeastOne to the library PermissionLib

- Adapted the method isAllowed of the library FiltersLib to use hasAtLeastOne
- Corrected/added comments
This commit is contained in:
Paolo
2018-06-29 11:51:16 +02:00
parent 2b15c88410
commit 2cba129076
4 changed files with 40 additions and 30 deletions
+4 -28
View File
@@ -98,43 +98,19 @@ class FiltersLib
/**
* Checks if at least one of the permissions given as parameter (requiredPermissions) belongs
* to the authenticated user, if confirmed then is allowed to use this FilterWidget.
* If the parameter requiredPermissions is NOT given, then no one is allow to use this FilterWidget
* NOTE: PermissionLib is loaded hedere
* If the parameter requiredPermissions is NOT given or is not present in the session,
* then NO one is allow to use this FilterWidget
* Wrapper method to permissionlib->hasAtLeastOne
*/
public function isAllowed($requiredPermissions = null)
{
$this->_ci->load->library('PermissionLib'); // Load permission library
$isAllowed = false; // by default is not allowed
// Gets the required permissions from the session if they are not provided as parameter
$rq = $requiredPermissions;
if ($rq == null) $rq = $this->getElementSession(self::REQUIRED_PERMISSIONS_PARAMETER);
// If the parameter requiredPermissions is NOT given, then no one is allow to use this FilterWidget
if ($rq != null)
{
// If requiredPermissions is NOT an array then converts it to an array
if (!is_array($rq))
{
$rq = array($rq);
}
// Checks if at least one of the permissions given as parameter belongs to the authenticated user...
for ($p = 0; $p < count($rq); $p++)
{
$isAllowed = $this->_ci->permissionlib->isEntitled(
array(
self::PERMISSION_FILTER_METHOD => $rq[$p].':'.self::PERMISSION_TYPE
),
self::PERMISSION_FILTER_METHOD
);
if ($isAllowed) break; // ...if confirmed then is allowed to use this FilterWidget
}
}
return $isAllowed;
return $this->_ci->permissionlib->hasAtLeastOne($rq, self::PERMISSION_FILTER_METHOD, self::PERMISSION_TYPE);
}
/**
+34
View File
@@ -204,4 +204,38 @@ class PermissionLib
return $checkPermissions;
}
/**
* Checks if at least one of the permissions given as parameter (requiredPermissions) belongs to the authenticated user
* It checks the given permissions against a given method (controller method name) and a given permission type (R and/or W)
*/
public function hasAtLeastOne($requiredPermissions, $method, $permissionType)
{
$isAllowed = false; // by default is NOT allowed
// If the parameter requiredPermissions is NOT given, then no one is allow to use this FilterWidget
if ($requiredPermissions != null)
{
// If requiredPermissions is NOT an array then converts it to an array
if (!is_array($requiredPermissions))
{
$requiredPermissions = array($requiredPermissions);
}
// Checks if at least one of the permissions given as parameter belongs to the authenticated user...
for ($p = 0; $p < count($requiredPermissions); $p++)
{
$isAllowed = $this->_ci->permissionlib->isEntitled(
array(
$method => $requiredPermissions[$p].':'.$permissionType
),
$method
);
if ($isAllowed === true) break; // ...if confirmed then is allowed to use this FilterWidget
}
}
return $isAllowed;
}
}
@@ -2,7 +2,7 @@
$APP = 'infocenter';
$NOTBEFORE = '2018-03-01 18:00:00';
$filterWidgetArray = array(
'query' => '
SELECT
+1 -1
View File
@@ -59,7 +59,7 @@ class FilterWidget extends Widget
$this->_initFilterWidget($args); // checks parameters and initialize properties
// Let's start if it's allowed
// NOTE: If it is NOT allowed then no date are loaded
// NOTE: If it is NOT allowed then no data are loaded
if ($this->filterslib->isAllowed($this->_requiredPermissions)) $this->_startFilterWidget();
}