From 9c84558f5fcbfce7cd0321226c01f0f03e7bbee1 Mon Sep 17 00:00:00 2001 From: Paolo Date: Tue, 7 Sep 2021 12:13:59 +0200 Subject: [PATCH] - Added requiredPermissions to the application/config/udfmasterschema.json and set them as mandatory - Removed the private method _isAllowed from application/controllers/widgets/UDF.php - Removed required permissions from views application/views/system/fas_udf.php and application/views/system/infocenter/zgvpruefungen.php - Widget views application/views/widgets/checkbox, dropdown, textarea and textfield now they print the attribute disabled - Added constant DISABLED to application/widgets/html/HTMLWidget.php - Removed private property _requiredPermissions from application/widgets/udf/UDFWidget.php - application/widgets/udf/UDFWidget.php does not check permissions anymore and does not store them anymore - Added constants PERMISSION_TYPE_READ and PERMISSION_TYPE_WRITE to application/libraries/UDFLib.php - Removed constant PERMISSION_TYPE from application/libraries/UDFLib.php - Removed public method isAllowed from application/libraries/UDFLib.php - Added private methods _readAllowed, _writeAllowed, _setRequiredPermissions and _setReadOnly to application/libraries/UDFLib.php - UDFLib->displayUDFWidget now checks if permissions are declared in the UDF JSON and if the user is allowed to read and write such UDF - UDFLib->saveUDFs now checks if the user has the permissions to write such UDF - Now the UDFs are even displayed in read only mode --- application/config/udfmasterschema.json | 16 +- application/controllers/widgets/UDF.php | 15 +- application/libraries/UDFLib.php | 267 ++++++++++++------ application/views/system/fas_udf.php | 3 +- .../views/system/infocenter/zgvpruefungen.php | 2 +- application/views/widgets/checkbox.php | 4 +- application/views/widgets/dropdown.php | 2 + application/views/widgets/textarea.php | 4 +- application/views/widgets/textfield.php | 4 +- application/widgets/html/HTMLWidget.php | 46 +-- application/widgets/udf/UDFWidget.php | 34 +-- 11 files changed, 235 insertions(+), 162 deletions(-) diff --git a/application/config/udfmasterschema.json b/application/config/udfmasterschema.json index fa06dc80d..ab3faa8c9 100644 --- a/application/config/udfmasterschema.json +++ b/application/config/udfmasterschema.json @@ -9,6 +9,13 @@ "name": { "type": "string" }, + "type": { + "type": "string", + "enum": ["checkbox", "textfield", "textarea", "date", "dropdown", "multipledropdown"] + }, + "requiredPermissions": { + "type": "array" + }, "description": { "type": "array", }, @@ -18,10 +25,6 @@ "title": { "type": "array", }, - "type": { - "type": "string", - "enum": ["checkbox", "textfield", "textarea", "date", "dropdown", "multipledropdown"] - }, "sort": { "type": "integer" }, @@ -67,5 +70,6 @@ } } }, - "required": ["type", "name"] -} \ No newline at end of file + "required": ["type", "name", "requiredPermissions"] +} + diff --git a/application/controllers/widgets/UDF.php b/application/controllers/widgets/UDF.php index 5b4c45776..3ba745a10 100644 --- a/application/controllers/widgets/UDF.php +++ b/application/controllers/widgets/UDF.php @@ -26,9 +26,6 @@ class UDF extends FHC_Controller // Loads the UDFLib with HTTP GET/POST parameters $this->_loadUDFLib(); - - // Checks if the caller is allow to use this UDF widget - $this->_isAllowed(); } //------------------------------------------------------------------------------------------------------------------ @@ -63,17 +60,6 @@ class UDF extends FHC_Controller //------------------------------------------------------------------------------------------------------------------ // Private methods - /** - * Checks if the user is allowed to use this UDFWidget - */ - private function _isAllowed() - { - if (!$this->udflib->isAllowed()) - { - $this->terminateWithJsonError('You are not allowed to access to this content'); - } - } - /** * Loads the UDFLib with the UDF_UNIQUE_ID parameter * If the parameter UDF_UNIQUE_ID is not given then the execution of the controller is terminated and @@ -105,3 +91,4 @@ class UDF extends FHC_Controller } } } + diff --git a/application/libraries/UDFLib.php b/application/libraries/UDFLib.php index f9ad7d20d..756c382dd 100644 --- a/application/libraries/UDFLib.php +++ b/application/libraries/UDFLib.php @@ -30,13 +30,14 @@ class UDFLib // ...to specify permissions that are needed to use this TableWidget const REQUIRED_PERMISSIONS_PARAMETER = 'requiredPermissions'; + const PERMISSION_TABLE_METHOD = 'UDFWidget'; // Name for fake method to be checked by the PermissionLib + const PERMISSION_TYPE_READ = 'r'; + const PERMISSION_TYPE_WRITE = 'w'; + // ...to specify the primary key name and value const PRIMARY_KEY_NAME = 'primaryKeyName'; const PRIMARY_KEY_VALUE = 'primaryKeyValue'; - const PERMISSION_TABLE_METHOD = 'UDFWidget'; // Name for fake method to be checked by the PermissionLib - const PERMISSION_TYPE = 'rw'; - // HTML components const LABEL = 'title'; const TITLE = 'description'; @@ -76,10 +77,10 @@ class UDFLib // Public methods /** - * UDFWidget - */ - public function UDFWidget($args, $htmlArgs = array()) - { + * UDFWidget + */ + public function UDFWidget($args, $htmlArgs = array()) + { if ((isset($args[self::SCHEMA_ARG_NAME]) && !isEmptyString($args[self::SCHEMA_ARG_NAME])) && (isset($args[self::TABLE_ARG_NAME]) && !isEmptyString($args[self::TABLE_ARG_NAME]))) { @@ -112,16 +113,17 @@ class UDFLib show_error(self::TABLE_ARG_NAME.' parameter is missing!'); } } - } + } - /** + /** * It renders the HTML of the UDF * * NOTE: When this method is called $widgetData contains different data from * parameter $args in the constructor */ - public function displayUDFWidget(&$widgetData) + public function displayUDFWidget(&$widgetData) { + $field = null; $schema = $widgetData[self::SCHEMA_ARG_NAME]; // schema attribute $table = $widgetData[self::TABLE_ARG_NAME]; // table attribute @@ -155,7 +157,7 @@ class UDFLib $found = false; // used to check if the field is found or not in the json schema $this->_sortJsonSchemas($jsonSchemasArray); // Sort the list of UDF by sort property - + // Loops through json schemas foreach ($jsonSchemasArray as $jsonSchema) { @@ -169,21 +171,37 @@ class UDFLib { show_error(sprintf('%s.%s: Attribute "name" not present in the json schema', $schema, $table)); } + // If the requiredPermissions property is not present then show an error + if (!isset($jsonSchema->{self::REQUIRED_PERMISSIONS_PARAMETER})) + { + show_error(sprintf('%s.%s: Attribute "requiredPermissions" not present in the json schema', $schema, $table)); + } + + // Set the required permissions for this UDF + $this->_setRequiredPermissions($jsonSchema->{self::NAME}, $jsonSchema->{self::REQUIRED_PERMISSIONS_PARAMETER}); // If a UDF is specified and is present in the json schemas list or no UDF is specified if ((isset($field) && $field == $jsonSchema->{self::NAME}) || !isset($field)) { - // Set attributes using phrases - $this->_setAttributesWithPhrases($jsonSchema, $widgetData[HTMLWidget::HTML_ARG_NAME]); + // If the user has the permissions to read this field + if ($this->_readAllowed($jsonSchema->{self::REQUIRED_PERMISSIONS_PARAMETER})) + { + // Set attributes using phrases + $this->_setAttributesWithPhrases($jsonSchema, $widgetData[HTMLWidget::HTML_ARG_NAME]); - // Set validation attributes - $this->_setValidationAttributes($jsonSchema, $widgetData[HTMLWidget::HTML_ARG_NAME]); + // Set validation attributes + $this->_setValidationAttributes($jsonSchema, $widgetData[HTMLWidget::HTML_ARG_NAME]); - // Set name and id attributes - $this->_setNameAndId($jsonSchema, $widgetData[HTMLWidget::HTML_ARG_NAME]); + // Set name and id attributes + $this->_setNameAndId($jsonSchema, $widgetData[HTMLWidget::HTML_ARG_NAME]); - // Render the HTML for this UDF - $this->_render($jsonSchema, $widgetData); + // Set if the field is in read only mode + $this->_setReadOnly($jsonSchema, $widgetData[HTMLWidget::HTML_ARG_NAME]); + + // Render the HTML for this UDF + $this->_render($jsonSchema, $widgetData); + } + // otherwise the UDF is not displayed // If a UDf is specified and it was found then stop looking through this list if (isset($field) && $field == $jsonSchema->{self::NAME}) @@ -213,7 +231,7 @@ class UDFLib show_error(sprintf('%s.%s: Does not contain "jsons" field', $schema, $table)); } } - } + } /** * Manage UDFs @@ -249,6 +267,22 @@ class UDFLib { $decodedUDFDefinition = $decodedUDFDefinitions[$i]; // Definition of a single UDF + // Checks if the requiredPermissions is available and it is a valid array or a valid string + if (isset($decodedUDFDefinition->{self::REQUIRED_PERMISSIONS_PARAMETER}) + && (!isEmptyArray($decodedUDFDefinition->{self::REQUIRED_PERMISSIONS_PARAMETER}) + || !isEmptyString($decodedUDFDefinition->{self::REQUIRED_PERMISSIONS_PARAMETER}))) + { + // Then check if the user has the permissions to write such UDF + if (!$this->_writeAllowed($decodedUDFDefinition->{self::REQUIRED_PERMISSIONS_PARAMETER})) + { + $notValidUDFsArray[] = error('Writing not allowed for UDF: '.$decodedUDFDefinition->{self::NAME}); + } + } + else + { + $notValidUDFsArray[] = error('Writing permissions not defined for UDF: '.$decodedUDFDefinition->{self::NAME}); + } + // Loops through the UDFs values that should be stored foreach ($udfsParameters as $key => $val) { @@ -468,12 +502,32 @@ class UDFLib */ public function saveUDFs($udfUniqueId, $udfs) { + $udfToBewritten = array(); // UDFs to be written into database + // Read the all session for this udf widget $session = $this->getSession(); // If session is empty then return an error if ($session == null) return error('No UDFWidget loaded'); + // Get the required permission from the session + $requiredPermissions = $session[self::REQUIRED_PERMISSIONS_PARAMETER]; + + // For each UDF that is trying to save + foreach ($udfs as $udfName => $udfValue) + { + // If the UDFs exists in the requiredPermissions array + if (array_key_exists($udfName, $requiredPermissions)) + { + // Then check if the user has the permissions to write such UDF + if ($this->_writeAllowed($requiredPermissions[$udfName])) + { + // If allowed then save the UDF name and value to be stored later into the database + $udfToBewritten[$udfName] = $udfValue; + } + } + } + // Workaround to load CI $this->_ci->load->model('system/UDF_model', 'UDFModel'); @@ -490,30 +544,56 @@ class UDFLib // Returns the result of the database update operation to save UDFs return $dbModel->update( array($session[self::PRIMARY_KEY_NAME] => $session[self::PRIMARY_KEY_VALUE]), - (array)$udfs + $udfToBewritten ); } - /** - * Checks if at least one of the permissions given as parameter (requiredPermissions) belongs - * to the authenticated user, if confirmed then is allowed to use this UDFWidget. - * If the parameter requiredPermissions is NOT given or is not present in the session, - * then NO one is allow to use this UDFWidget - * Wrapper method to permissionlib->hasAtLeastOne - */ - public function isAllowed($requiredPermissions = null) - { - $this->_ci->load->library('PermissionLib'); // Load permission library - - // Gets the required permissions from the session if they are not provided as parameter - $rq = $requiredPermissions; - if ($rq == null) $rq = $this->getSessionElement(self::REQUIRED_PERMISSIONS_PARAMETER); - - return $this->_ci->permissionlib->hasAtLeastOne($rq, self::PERMISSION_TABLE_METHOD, self::PERMISSION_TYPE); - } - // ------------------------------------------------------------------------------------------------- // Private methods + // + + /** + * Checks if at least one of the permissions given as parameter belongs to the authenticated user in read mode + * Wrapper method to permissionlib->hasAtLeastOne + */ + private function _readAllowed($requiredPermissions) + { + $this->_ci->load->library('PermissionLib'); // Load permission library + + return $this->_ci->permissionlib->hasAtLeastOne($requiredPermissions, self::PERMISSION_TABLE_METHOD, self::PERMISSION_TYPE_READ); + } + + /** + * Checks if at least one of the permissions given as parameter belongs to the authenticated user in write mode + * Wrapper method to permissionlib->hasAtLeastOne + */ + private function _writeAllowed($requiredPermissions) + { + $this->_ci->load->library('PermissionLib'); // Load permission library + + return $this->_ci->permissionlib->hasAtLeastOne($requiredPermissions, self::PERMISSION_TABLE_METHOD, self::PERMISSION_TYPE_WRITE); + } + + /** + * Set an array of required permissions for a UDF into the session + */ + private function _setRequiredPermissions($udfName, $permissions) + { + // Get the session for this UDFWidget + $session = $this->getSession(); + + // If does _not_ exist yet in the session + if (!isset($session[self::REQUIRED_PERMISSIONS_PARAMETER])) + { + $session[self::REQUIRED_PERMISSIONS_PARAMETER] = array(); + } + + // Set the required permission in the session for this UDFWidget + $session[self::REQUIRED_PERMISSIONS_PARAMETER][$udfName] = $permissions; + + // Write into the session + $this->setSession($session); + } /** * Print the block for UDFs @@ -654,20 +734,36 @@ class UDFLib return $returnArrayValidation; } - /** - * Set the name and id attribute of the HTML element - */ - private function _setNameAndId($jsonSchema, &$htmlParameters) - { + /** + * Disable the HTML element if in read only mode + */ + private function _setReadOnly($jsonSchema, &$htmlParameters) + { + // If write permissions _not_ exist then set the field as disabled + if (!$this->_writeAllowed($jsonSchema->{self::REQUIRED_PERMISSIONS_PARAMETER})) + { + $htmlParameters[HTMLWidget::DISABLED] = HTMLWidget::DISABLED; // any values is fine + } + else // otherwise restore to default + { + if (isset($htmlParameters[HTMLWidget::DISABLED])) unset($htmlParameters[HTMLWidget::DISABLED]); + } + } + + /** + * Set the name and id attribute of the HTML element + */ + private function _setNameAndId($jsonSchema, &$htmlParameters) + { $htmlParameters[HTMLWidget::HTML_ID] = $jsonSchema->{self::NAME}; $htmlParameters[HTMLWidget::HTML_NAME] = $jsonSchema->{self::NAME}; - } - - /** - * Sort the list of UDF by sort property - */ - private function _sortJsonSchemas(&$jsonSchemasArray) - { + } + + /** + * Sort the list of UDF by sort property + */ + private function _sortJsonSchemas(&$jsonSchemasArray) + { usort($jsonSchemasArray, function ($a, $b) { if (!isset($a->{self::SORT})) { @@ -684,13 +780,13 @@ class UDFLib return ($a->{self::SORT} < $b->{self::SORT}) ? -1 : 1; }); - } - - /** - * Loads the UDF description by the given schema and table - */ - private function _loadUDF($schema, $table) - { + } + + /** + * Loads the UDF description by the given schema and table + */ + private function _loadUDF($schema, $table) + { // Loads UDF model $this->_ci->load->model('system/UDF_model', 'UDFModel'); @@ -722,13 +818,13 @@ class UDFLib } return $udfResults; - } + } - /** - * Render the HTML for the UDF - */ - private function _render($jsonSchema, &$widgetData) - { + /** + * Render the HTML for the UDF + */ + private function _render($jsonSchema, &$widgetData) + { // Checkbox if ($jsonSchema->{self::TYPE} == 'checkbox') { @@ -759,11 +855,11 @@ class UDFLib { $this->_renderDropdown($jsonSchema, $widgetData, true); } - } + } - /** - * Renders a dropdown element - */ + /** + * Renders a dropdown element + */ private function _renderDropdown($jsonSchema, &$widgetData, $multiple = false) { // Selected element/s @@ -805,8 +901,8 @@ class UDFLib } /** - * Renders a textarea element - */ + * Renders a textarea element + */ private function _renderTextarea($jsonSchema, &$widgetData) { $text = null; // text value @@ -823,8 +919,8 @@ class UDFLib } /** - * Renders an input text element - */ + * Renders an input text element + */ private function _renderTextfield($jsonSchema, &$widgetData) { $text = null; // text value @@ -841,8 +937,8 @@ class UDFLib } /** - * Renders a checkbox element - */ + * Renders a checkbox element + */ private function _renderCheckbox($jsonSchema, &$widgetData) { // Set checkbox value if present in the DB @@ -861,11 +957,11 @@ class UDFLib $checkboxWidgetUDF->render(); } - /** - * Sets the attributes of the HTML element using the phrases system - */ - private function _setAttributesWithPhrases($jsonSchema, &$htmlParameters) - { + /** + * Sets the attributes of the HTML element using the phrases system + */ + private function _setAttributesWithPhrases($jsonSchema, &$htmlParameters) + { // By default set to null all the attributes $htmlParameters[HTMLWidget::LABEL] = null; $htmlParameters[HTMLWidget::TITLE] = null; @@ -933,13 +1029,13 @@ class UDFLib } } } - } + } - /** - * Sets the validation attributes of the HTML element using the configuration inside the json schema - */ - private function _setValidationAttributes($jsonSchema, &$htmlParameters) - { + /** + * Sets the validation attributes of the HTML element using the configuration inside the json schema + */ + private function _setValidationAttributes($jsonSchema, &$htmlParameters) + { // Validation attributes set by default to null $htmlParameters[HTMLWidget::REGEX] = null; $htmlParameters[HTMLWidget::REQUIRED] = null; @@ -998,3 +1094,4 @@ class UDFLib } } } + diff --git a/application/views/system/fas_udf.php b/application/views/system/fas_udf.php index 8a1200b6a..e6fa396cf 100644 --- a/application/views/system/fas_udf.php +++ b/application/views/system/fas_udf.php @@ -45,7 +45,6 @@ echo $this->udflib->UDFWidget( array( UDFLib::UDF_UNIQUE_ID => 'fasPersonUDFs', - UDFLib::REQUIRED_PERMISSIONS_PARAMETER => 'basis/person', UDFLib::SCHEMA_ARG_NAME => 'public', UDFLib::TABLE_ARG_NAME => 'tbl_person', UDFLib::PRIMARY_KEY_NAME => 'person_id', @@ -70,7 +69,6 @@ echo $this->udflib->UDFWidget( array( UDFLib::UDF_UNIQUE_ID => 'fasPrestudentUDFs', - UDFLib::REQUIRED_PERMISSIONS_PARAMETER => 'basis/person', UDFLib::SCHEMA_ARG_NAME => 'public', UDFLib::TABLE_ARG_NAME => 'tbl_prestudent', UDFLib::PRIMARY_KEY_NAME => 'prestudent_id', @@ -109,3 +107,4 @@ load->view("templates/footer"); ?> + diff --git a/application/views/system/infocenter/zgvpruefungen.php b/application/views/system/infocenter/zgvpruefungen.php index 05c94c384..2b08dada3 100644 --- a/application/views/system/infocenter/zgvpruefungen.php +++ b/application/views/system/infocenter/zgvpruefungen.php @@ -341,7 +341,6 @@ echo $this->udflib->UDFWidget( array( UDFLib::UDF_UNIQUE_ID => 'infocenterPrestudentUDFs_'.$zgvpruefung->prestudent_id, - UDFLib::REQUIRED_PERMISSIONS_PARAMETER => 'infocenter', UDFLib::SCHEMA_ARG_NAME => 'public', UDFLib::TABLE_ARG_NAME => 'tbl_prestudent', UDFLib::PRIMARY_KEY_NAME => 'prestudent_id', @@ -553,3 +552,4 @@ endforeach; // end foreach zgvpruefungen ?> + diff --git a/application/views/widgets/checkbox.php b/application/views/widgets/checkbox.php index 6debb2afd..811e3c682 100644 --- a/application/views/widgets/checkbox.php +++ b/application/views/widgets/checkbox.php @@ -24,6 +24,7 @@ + - \ No newline at end of file + + diff --git a/application/views/widgets/dropdown.php b/application/views/widgets/dropdown.php index d9faf1978..51db6d536 100644 --- a/application/views/widgets/dropdown.php +++ b/application/views/widgets/dropdown.php @@ -33,6 +33,7 @@ + > + diff --git a/application/views/widgets/textarea.php b/application/views/widgets/textarea.php index c72b52658..5346fefa8 100644 --- a/application/views/widgets/textarea.php +++ b/application/views/widgets/textarea.php @@ -29,9 +29,11 @@ + > - \ No newline at end of file + + diff --git a/application/views/widgets/textfield.php b/application/views/widgets/textfield.php index 73b1daa1b..c5ba81710 100644 --- a/application/views/widgets/textfield.php +++ b/application/views/widgets/textfield.php @@ -31,10 +31,12 @@ + value="" > - \ No newline at end of file + + diff --git a/application/widgets/html/HTMLWidget.php b/application/widgets/html/HTMLWidget.php index 9639890ea..0034edfd9 100644 --- a/application/widgets/html/HTMLWidget.php +++ b/application/widgets/html/HTMLWidget.php @@ -6,18 +6,18 @@ class HTMLWidget extends Widget { // The name of the array present in the data array given to the view that will render this widget - const HTML_ARG_NAME = 'HTML'; + const HTML_ARG_NAME = 'HTML'; const HTML_DEFAULT_VALUE = ''; // Default value of the html element - const HTML_NAME = 'name'; // HTML name attribute - const HTML_ID = 'id'; // HTML id attribute - - // External block definition - const EXTERNAL_BLOCK = 'externalBlock'; // External block name - const EXTERNAL_START_BLOCK_HTML_TAG = '
'; // External block start tag - const EXTERNAL_END_BLOCK_HTML_TAG = '
'; // External block end tag - - // HTML attributes - const LABEL = 'title'; + const HTML_NAME = 'name'; // HTML name attribute + const HTML_ID = 'id'; // HTML id attribute + + // External block definition + const EXTERNAL_BLOCK = 'externalBlock'; // External block name + const EXTERNAL_START_BLOCK_HTML_TAG = '
'; // External block start tag + const EXTERNAL_END_BLOCK_HTML_TAG = '
'; // External block end tag + + // HTML attributes + const LABEL = 'title'; const REGEX = 'regex'; const TITLE = 'description'; const REQUIRED = 'required-field'; @@ -26,11 +26,12 @@ class HTMLWidget extends Widget const MAX_LENGTH = 'max-length'; const MIN_LENGTH = 'min-length'; const PLACEHOLDER = 'placeholder'; + const DISABLED = 'disabled'; - /** - * It gets also the htmlArgs array as parameter, it will be used to set the HTML properties - */ - public function __construct($name, $args = array(), $htmlArgs = array()) + /** + * It gets also the htmlArgs array as parameter, it will be used to set the HTML properties + */ + public function __construct($name, $args = array(), $htmlArgs = array()) { parent::__construct($name, $args); @@ -38,11 +39,11 @@ class HTMLWidget extends Widget $this->_setHtmlProperties($htmlArgs); } - /** - * Initialising html properties, such as the id and name attributes of the HTML element - */ - private function _setHtmlProperties($htmlArgs) - { + /** + * Initialising html properties, such as the id and name attributes of the HTML element + */ + private function _setHtmlProperties($htmlArgs) + { // If $htmlArgs wasn't already stored in $this->_args if (!isset($this->_args[HTMLWidget::HTML_ARG_NAME])) { @@ -58,9 +59,9 @@ class HTMLWidget extends Widget $this->_args[HTMLWidget::HTML_ARG_NAME][$argName] = $argValue; } } - } + } - /** + /** * Prints an attribute name and eventually also the value extracted from $htmlArgs * Set $isValuePresent to false the value should not be displayed */ @@ -113,3 +114,4 @@ class HTMLWidget extends Widget } } } + diff --git a/application/widgets/udf/UDFWidget.php b/application/widgets/udf/UDFWidget.php index 7af3dd926..abbbab022 100644 --- a/application/widgets/udf/UDFWidget.php +++ b/application/widgets/udf/UDFWidget.php @@ -6,8 +6,6 @@ */ class UDFWidget extends HTMLWidget { - private $_requiredPermissions; // The required permissions to use this UDF widget - private $_schema; // Schema name private $_table; // Table name private $_primaryKeyName; // Primary key name @@ -26,26 +24,16 @@ class UDFWidget extends HTMLWidget $this->_initUDFWidget($args); // checks parameters and initialize properties - // Let's start if it's allowed - // NOTE: If it is NOT allowed then no data are loaded - if ($this->udflib->isAllowed($this->_requiredPermissions)) - { - $this->_startUDFWidget($args[UDFLib::UDF_UNIQUE_ID]); - } + $this->_startUDFWidget($args[UDFLib::UDF_UNIQUE_ID]); } /** * Called by the WidgetLib, it renders the HTML of the UDF */ - public function display($widgetData) + public function display($widgetData) { - // Let's start if it's allowed - // NOTE: If it is NOT allowed then no data are loaded - if ($this->_ci->udflib->isAllowed($this->_requiredPermissions)) - { - $this->_ci->udflib->displayUDFWidget($widgetData); - } - } + $this->_ci->udflib->displayUDFWidget($widgetData); + } //------------------------------------------------------------------------------------------------------------------ // Private methods @@ -60,18 +48,11 @@ class UDFWidget extends HTMLWidget // If here then everything is ok // Initialize class properties - $this->_requiredPermissions = null; $this->_schema = null; $this->_table = null; $this->_primaryKeyName = null; $this->_primaryKeyValue = null; - // Retrieved the required permissions parameter if present - if (isset($args[UDFLib::REQUIRED_PERMISSIONS_PARAMETER])) - { - $this->_requiredPermissions = $args[UDFLib::REQUIRED_PERMISSIONS_PARAMETER]; - } - // Retrieved the if (isset($args[UDFLib::SCHEMA_ARG_NAME])) { @@ -113,11 +94,6 @@ class UDFWidget extends HTMLWidget show_error('The parameter "'.UDFLib::UDF_UNIQUE_ID.'" must be specified'); } - if (!isset($args[UDFLib::REQUIRED_PERMISSIONS_PARAMETER])) - { - show_error('The parameter "'.UDFLib::REQUIRED_PERMISSIONS_PARAMETER.'" must be specified'); - } - if (!isset($args[UDFLib::SCHEMA_ARG_NAME])) { show_error('The parameter "'.UDFLib::SCHEMA_ARG_NAME.'" must be specified'); @@ -149,7 +125,6 @@ class UDFWidget extends HTMLWidget $this->udflib->setSession( array( UDFLib::UDF_UNIQUE_ID => $udfUniqueId, // table unique id - UDFLib::REQUIRED_PERMISSIONS_PARAMETER => $this->_requiredPermissions, // UDFLib::SCHEMA_ARG_NAME => $this->_schema, // UDFLib::TABLE_ARG_NAME => $this->_table, // UDFLib::PRIMARY_KEY_NAME => $this->_primaryKeyName, // @@ -158,3 +133,4 @@ class UDFWidget extends HTMLWidget ); } } +