mirror of
https://github.com/FH-Complete/FHC-Core.git
synced 2026-07-18 15:32:17 +00:00
- Added requiredPermissions to the application/config/udfmasterschema.json and set them as mandatory
- Removed the private method _isAllowed from application/controllers/widgets/UDF.php - Removed required permissions from views application/views/system/fas_udf.php and application/views/system/infocenter/zgvpruefungen.php - Widget views application/views/widgets/checkbox, dropdown, textarea and textfield now they print the attribute disabled - Added constant DISABLED to application/widgets/html/HTMLWidget.php - Removed private property _requiredPermissions from application/widgets/udf/UDFWidget.php - application/widgets/udf/UDFWidget.php does not check permissions anymore and does not store them anymore - Added constants PERMISSION_TYPE_READ and PERMISSION_TYPE_WRITE to application/libraries/UDFLib.php - Removed constant PERMISSION_TYPE from application/libraries/UDFLib.php - Removed public method isAllowed from application/libraries/UDFLib.php - Added private methods _readAllowed, _writeAllowed, _setRequiredPermissions and _setReadOnly to application/libraries/UDFLib.php - UDFLib->displayUDFWidget now checks if permissions are declared in the UDF JSON and if the user is allowed to read and write such UDF - UDFLib->saveUDFs now checks if the user has the permissions to write such UDF - Now the UDFs are even displayed in read only mode
This commit is contained in:
@@ -26,9 +26,6 @@ class UDF extends FHC_Controller
|
||||
|
||||
// Loads the UDFLib with HTTP GET/POST parameters
|
||||
$this->_loadUDFLib();
|
||||
|
||||
// Checks if the caller is allow to use this UDF widget
|
||||
$this->_isAllowed();
|
||||
}
|
||||
|
||||
//------------------------------------------------------------------------------------------------------------------
|
||||
@@ -63,17 +60,6 @@ class UDF extends FHC_Controller
|
||||
//------------------------------------------------------------------------------------------------------------------
|
||||
// Private methods
|
||||
|
||||
/**
|
||||
* Checks if the user is allowed to use this UDFWidget
|
||||
*/
|
||||
private function _isAllowed()
|
||||
{
|
||||
if (!$this->udflib->isAllowed())
|
||||
{
|
||||
$this->terminateWithJsonError('You are not allowed to access to this content');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Loads the UDFLib with the UDF_UNIQUE_ID parameter
|
||||
* If the parameter UDF_UNIQUE_ID is not given then the execution of the controller is terminated and
|
||||
@@ -105,3 +91,4 @@ class UDF extends FHC_Controller
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user