use instead of session streamPermission
This commit is contained in:
Isaac Connor
parent
3a676cd569
commit
c6aae346b9
|
|
@ -8,7 +8,6 @@ App::uses('AppController', 'Controller');
|
|||
*/
|
||||
class ServersController extends AppController {
|
||||
|
||||
|
||||
/**
|
||||
* Components
|
||||
*
|
||||
|
|
@ -16,18 +15,15 @@ class ServersController extends AppController {
|
|||
*/
|
||||
public $components = array('Paginator', 'RequestHandler');
|
||||
|
||||
|
||||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
$canView = $this->Session->Read('streamPermission');
|
||||
if ($canView =='None') {
|
||||
$canView = (!$user) || ($user['system'] != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* index method
|
||||
*
|
||||
|
|
@ -78,8 +74,9 @@ public function beforeFilter() {
|
|||
public function add() {
|
||||
if ( $this->request->is('post') ) {
|
||||
|
||||
if ($this->Session->Read('systemPermission') != 'Edit')
|
||||
{
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
}
|
||||
|
|
@ -103,14 +100,16 @@ public function beforeFilter() {
|
|||
public function edit($id = null) {
|
||||
$this->Server->id = $id;
|
||||
|
||||
if (!$this->Server->exists($id)) {
|
||||
throw new NotFoundException(__('Invalid server'));
|
||||
}
|
||||
if ($this->Session->Read('systemPermission') != 'Edit')
|
||||
{
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
}
|
||||
|
||||
if ( !$this->Server->exists($id) ) {
|
||||
throw new NotFoundException(__('Invalid server'));
|
||||
}
|
||||
if ( $this->Server->save($this->request->data) ) {
|
||||
$message = 'Saved';
|
||||
} else {
|
||||
|
|
@ -133,15 +132,17 @@ public function beforeFilter() {
|
|||
* @return void
|
||||
*/
|
||||
public function delete($id = null) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
}
|
||||
|
||||
$this->Server->id = $id;
|
||||
if ( !$this->Server->exists() ) {
|
||||
throw new NotFoundException(__('Invalid server'));
|
||||
}
|
||||
if ($this->Session->Read('systemPermission') != 'Edit')
|
||||
{
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
}
|
||||
$this->request->allowMethod('post', 'delete');
|
||||
|
||||
#$this->daemonControl($this->Server->id, 'stop');
|
||||
|
|
|
|||
Loading…
Reference in New Issue