gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-06-18 02:59:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check_access() doesn't check for admin anymore

Browse Source 
check_view_access() does it now
This commit is contained in:
Uwe Steinmann 2016-04-13 08:49:32 +02:00
parent e22ca653ed
commit 4c15aa7c49
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
inc/inc.ClassViewCommon.php
View File

@ -171,13 +171,30 @@ class SeedDMS_View_Common {
* Check if the access on the view with given name or the current view itself * Check if the access on the view with given name or the current view itself
* may be accessed. * may be accessed.
* *
* The function behaves differently for admins and other users. For admins
* a view must be explitly disallowed for this function to return false.
* For other users access on a view must be explicitly allow for the this
* function to return true.
*
* @param string|array $name name of view or list of view names * @param string|array $name name of view or list of view names
* @return boolean true if access is allowed otherwise false * @return boolean true if access is allowed otherwise false
*/ */
protected function check_access($name='') { /* {{{ */ protected function check_access($name='') { /* {{{ */
if(!$name) if(!$name)
$name = $this; $name = $this;
return ((isset($this->params['user']) && $this->params['user']->isAdmin()) || (isset($this->params['accessobject']) && $this->params['accessobject']->check_view_access($name))); if(!isset($this->params['accessobject']))
return false;
$access = $this->params['accessobject']->check_view_access($name);
return $access;
if(isset($this->params['user']) && $this->params['user']->isAdmin()) {
if($access === -1)
return false;
else
return true;
}
return ($access === 1);
} /* }}} */ } /* }}} */
/** /**