use instead of session streamPermission
This commit is contained in:
Isaac Connor
parent
3a676cd569
commit
c6aae346b9
|
|
@ -8,7 +8,6 @@ App::uses('AppController', 'Controller');
|
||||||
*/
|
*/
|
||||||
class ServersController extends AppController {
|
class ServersController extends AppController {
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Components
|
* Components
|
||||||
*
|
*
|
||||||
|
|
@ -16,18 +15,15 @@ class ServersController extends AppController {
|
||||||
*/
|
*/
|
||||||
public $components = array('Paginator', 'RequestHandler');
|
public $components = array('Paginator', 'RequestHandler');
|
||||||
|
|
||||||
|
|
||||||
public function beforeFilter() {
|
public function beforeFilter() {
|
||||||
parent::beforeFilter();
|
parent::beforeFilter();
|
||||||
$canView = $this->Session->Read('streamPermission');
|
$canView = (!$user) || ($user['system'] != 'None');
|
||||||
if ($canView =='None') {
|
if ( !$canView ) {
|
||||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* index method
|
* index method
|
||||||
*
|
*
|
||||||
|
|
@ -78,8 +74,9 @@ public function beforeFilter() {
|
||||||
public function add() {
|
public function add() {
|
||||||
if ( $this->request->is('post') ) {
|
if ( $this->request->is('post') ) {
|
||||||
|
|
||||||
if ($this->Session->Read('systemPermission') != 'Edit')
|
global $user;
|
||||||
{
|
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||||
|
if ( !$canEdit ) {
|
||||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
@ -103,14 +100,16 @@ public function beforeFilter() {
|
||||||
public function edit($id = null) {
|
public function edit($id = null) {
|
||||||
$this->Server->id = $id;
|
$this->Server->id = $id;
|
||||||
|
|
||||||
if (!$this->Server->exists($id)) {
|
global $user;
|
||||||
throw new NotFoundException(__('Invalid server'));
|
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||||
}
|
if ( !$canEdit ) {
|
||||||
if ($this->Session->Read('systemPermission') != 'Edit')
|
|
||||||
{
|
|
||||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ( !$this->Server->exists($id) ) {
|
||||||
|
throw new NotFoundException(__('Invalid server'));
|
||||||
|
}
|
||||||
if ( $this->Server->save($this->request->data) ) {
|
if ( $this->Server->save($this->request->data) ) {
|
||||||
$message = 'Saved';
|
$message = 'Saved';
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -133,15 +132,17 @@ public function beforeFilter() {
|
||||||
* @return void
|
* @return void
|
||||||
*/
|
*/
|
||||||
public function delete($id = null) {
|
public function delete($id = null) {
|
||||||
|
global $user;
|
||||||
|
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||||
|
if ( !$canEdit ) {
|
||||||
|
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$this->Server->id = $id;
|
$this->Server->id = $id;
|
||||||
if ( !$this->Server->exists() ) {
|
if ( !$this->Server->exists() ) {
|
||||||
throw new NotFoundException(__('Invalid server'));
|
throw new NotFoundException(__('Invalid server'));
|
||||||
}
|
}
|
||||||
if ($this->Session->Read('systemPermission') != 'Edit')
|
|
||||||
{
|
|
||||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
$this->request->allowMethod('post', 'delete');
|
$this->request->allowMethod('post', 'delete');
|
||||||
|
|
||||||
#$this->daemonControl($this->Server->id, 'stop');
|
#$this->daemonControl($this->Server->id, 'stop');
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue