blackicedbear/FHC-Core
1
0
Fork 0
mirror of https://github.com/FH-Complete/FHC-Core.git synced 2026-06-17 20:19:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Check permissions FIX

Browse Source
This commit is contained in:
paolo
2016-04-22 16:43:01 +02:00
parent 18df562208
commit f154e6dd5d
5 changed files with 17 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
application/core/FHC_Model.php
+10
View File
@@ -95,4 +95,14 @@ class DB_Model extends FHC_Model
{
$this->_addonID = $addonID;
}
/**
* Method getAddonID
*
* @return string _addonID
*/
public function getAddonID()
{
return $this->_addonID;
}
}
application/models/Nation_model.php
+2 -2
View File
@@ -21,7 +21,7 @@ class Nation_model extends DB_Model
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->_addonID, 'person'))
if(isAllowed($this->getAddonID(), 'nation'))
{
$result = $this->db->query($this->_getNationQuery($notLocked, $orderEnglish));
}
@@ -61,7 +61,7 @@ class Nation_model extends DB_Model
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->_addonID, 'person'))
if(isAllowed($this->getAddonID(), 'nation'))
{
$result = $this->db->query($this->_federalStateQuery);
}
application/models/person/Person_model.php
+3 -3
View File
@@ -54,7 +54,7 @@ class Person_model extends DB_Model
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->_addonID, 'person'))
if(isAllowed($this->getAddonID(), 'person'))
{
if((isset($code)) && (isset($email)))
{
@@ -135,7 +135,7 @@ class Person_model extends DB_Model
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->_addonID, 'person'))
if(isAllowed($this->getAddonID(), 'person'))
{
if($this->_validate($person))
{
@@ -331,7 +331,7 @@ class Person_model extends DB_Model
{
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->_addonID, 'person'))
if(isAllowed($this->getAddonID(), 'person'))
{
return $this->_saveInterestedStudent($interestedStudent);
}
application/models/studies/Course_model.php
+1 -1
View File
@@ -33,7 +33,7 @@ class Course_model extends DB_Model
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->_addonID, 'person'))
if(isAllowed($this->getAddonID(), 'course'))
{
$result = $this->db->query($this->_enabledCoursesQuery);
}
application/models/studies/Plan_model.php
+1 -1
View File
@@ -24,7 +24,7 @@ class Plan_model extends DB_Model
// Checks if the operation is permitted by the API caller
// All the code should be put inside this if statement
if(isAllowed($this->_addonID, 'person'))
if(isAllowed($this->getAddonID(), 'plan'))
{
$result = $this->db->query($this->_planQuery, array($courseOfStudiesID));
}