Merge pull request #3692 from clumsy-stefan/FixAPIUsers
[API] Fix User variable from array to objectpull/3698/head
Isaac Connor
GitHub
commit
2aad56574e
|
|
@ -22,7 +22,7 @@ class CameraModelsController extends AppController {
|
|||
* So it has been decided for now to just let everyone read it.
|
||||
|
||||
global $user;
|
||||
$canView = (!$user) || ($user['System'] != 'None');
|
||||
$canView = (!$user) || ($user->System() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -81,7 +81,7 @@ class CameraModelsController extends AppController {
|
|||
if ($this->request->is('post')) {
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if (!$canEdit) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -105,7 +105,7 @@ class CameraModelsController extends AppController {
|
|||
$this->CameraModel->id = $id;
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if (!$canEdit) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -135,7 +135,7 @@ class CameraModelsController extends AppController {
|
|||
*/
|
||||
public function delete($id = null) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if (!$canEdit) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class EventDataController extends AppController {
|
|||
parent::beforeFilter();
|
||||
global $user;
|
||||
# We already tested for auth in appController, so we just need to test for specific permission
|
||||
$canView = (!$user) || ($user['Events'] != 'None');
|
||||
$canView = (!$user) || ($user->Events() != 'None');
|
||||
if (!$canView) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ class EventsController extends AppController {
|
|||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
global $user;
|
||||
$canView = (!$user) || ($user['Events'] != 'None');
|
||||
$canView = (!$user) || ($user->Events() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -40,7 +40,7 @@ class EventsController extends AppController {
|
|||
|
||||
global $user;
|
||||
require_once __DIR__ .'/../../../includes/Event.php';
|
||||
$allowedMonitors = $user ? preg_split('@,@', $user['MonitorIds'], NULL, PREG_SPLIT_NO_EMPTY) : null;
|
||||
$allowedMonitors = $user ? preg_split('@,@', $user->MonitorIds(), NULL, PREG_SPLIT_NO_EMPTY) : null;
|
||||
|
||||
if ( $allowedMonitors ) {
|
||||
$mon_options = array('Event.MonitorId' => $allowedMonitors);
|
||||
|
|
@ -135,7 +135,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
global $user;
|
||||
$allowedMonitors = $user ? preg_split('@,@', $user['MonitorIds'], NULL, PREG_SPLIT_NO_EMPTY) : null;
|
||||
$allowedMonitors = $user ? preg_split('@,@', $user->MonitorIds(), NULL, PREG_SPLIT_NO_EMPTY) : null;
|
||||
|
||||
if ( $allowedMonitors ) {
|
||||
$mon_options = array('Event.MonitorId' => $allowedMonitors);
|
||||
|
|
@ -188,7 +188,7 @@ class EventsController extends AppController {
|
|||
public function add() {
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['Events'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->Events() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -214,7 +214,7 @@ class EventsController extends AppController {
|
|||
public function edit($id = null) {
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['Events'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->Events() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -247,7 +247,7 @@ class EventsController extends AppController {
|
|||
*/
|
||||
public function delete($id = null) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['Events'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->Events() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ class FramesController extends AppController {
|
|||
parent::beforeFilter();
|
||||
global $user;
|
||||
# We already tested for auth in appController, so we just need to test for specific permission
|
||||
$canView = (!$user) || ($user['Events'] != 'None');
|
||||
$canView = (!$user) || ($user->Events() != 'None');
|
||||
if (!$canView) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -34,7 +34,7 @@ class FramesController extends AppController {
|
|||
$this->Frame->recursive = -1;
|
||||
|
||||
global $user;
|
||||
$allowedMonitors = $user ? preg_split('@,@', $user['MonitorIds'], NULL, PREG_SPLIT_NO_EMPTY) : null;
|
||||
$allowedMonitors = $user ? preg_split('@,@', $user->MonitorIds(), NULL, PREG_SPLIT_NO_EMPTY) : null;
|
||||
if ( $allowedMonitors ) {
|
||||
$mon_options = array('Event.MonitorId' => $allowedMonitors);
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class GroupsController extends AppController {
|
|||
parent::beforeFilter();
|
||||
global $user;
|
||||
# We already tested for auth in appController, so we just need to test for specific permission
|
||||
$canView = (!$user) || ($user['Groups'] != 'None');
|
||||
$canView = (!$user) || ($user->Groups() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -93,7 +93,7 @@ class GroupsController extends AppController {
|
|||
global $user;
|
||||
# We already tested for auth in appController,
|
||||
# so we just need to test for specific permission
|
||||
$canEdit = (!$user) || ($user['Groups'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->Groups() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -134,7 +134,7 @@ class GroupsController extends AppController {
|
|||
global $user;
|
||||
# We already tested for auth in appController,
|
||||
# so we just need to test for specific permission
|
||||
$canEdit = (!$user) || ($user['Groups'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->Groups() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -176,7 +176,7 @@ class GroupsController extends AppController {
|
|||
global $user;
|
||||
# We already tested for auth in appController,
|
||||
# so we just need to test for specific permission
|
||||
$canEdit = (!$user) || ($user['Groups'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->Groups() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ class HostController extends AppController {
|
|||
} else {
|
||||
$permission = 'Edit';
|
||||
}
|
||||
$allowed = (!$user) || ($user['System'] == $permission );
|
||||
$allowed = (!$user) || ($user->System() == $permission );
|
||||
if ( !$allowed ) {
|
||||
throw new UnauthorizedException(__("Insufficient privileges"));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ class LogsController extends AppController {
|
|||
parent::beforeFilter();
|
||||
global $user;
|
||||
# We already tested for auth in appController, so we just need to test for specific permission
|
||||
$canView = (!$user) || ($user['System'] != 'None');
|
||||
$canView = (!$user) || ($user->System() != 'None');
|
||||
if (!$canView) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -66,7 +66,7 @@ class LogsController extends AppController {
|
|||
*/
|
||||
public function add() {
|
||||
global $user;
|
||||
$canAdd = (!$user) || (($user['System'] == 'Edit') || ZM_LOG_INJECT);
|
||||
$canAdd = (!$user) || (($user->System() == 'Edit') || ZM_LOG_INJECT);
|
||||
if (!$canAdd) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -88,7 +88,7 @@ class LogsController extends AppController {
|
|||
*/
|
||||
public function edit($id = null) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if (!$canEdit) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -115,7 +115,7 @@ class LogsController extends AppController {
|
|||
* @return void
|
||||
*/
|
||||
public function delete($id = null) {
|
||||
$canDelete = (!$user) || ($user['System'] == 'Edit');
|
||||
$canDelete = (!$user) || ($user->System() == 'Edit');
|
||||
if (!$canDelete) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ class ManufacturersController extends AppController {
|
|||
* So it has been decided for now to just let everyone read it.
|
||||
|
||||
global $user;
|
||||
$canView = (!$user) || ($user['System'] != 'None');
|
||||
$canView = (!$user) || ($user->System() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -81,7 +81,7 @@ class ManufacturersController extends AppController {
|
|||
if ( $this->request->is('post') ) {
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -107,7 +107,7 @@ class ManufacturersController extends AppController {
|
|||
$this->Manufacturer->id = $id;
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -139,7 +139,7 @@ class ManufacturersController extends AppController {
|
|||
*/
|
||||
public function delete($id = null) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ class MonitorsController extends AppController {
|
|||
if ( $this->request->is('post') ) {
|
||||
|
||||
global $user;
|
||||
$canAdd = (!$user) || ($user['System'] == 'Edit' );
|
||||
$canAdd = (!$user) || ($user->System() == 'Edit' );
|
||||
if ( !$canAdd ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -189,7 +189,7 @@ class MonitorsController extends AppController {
|
|||
throw new NotFoundException(__('Invalid monitor'));
|
||||
}
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -277,9 +277,9 @@ class MonitorsController extends AppController {
|
|||
$password = $_SESSION['password'];
|
||||
}
|
||||
|
||||
$auth = ' -U ' .$user['Username'].' -P '.$password;
|
||||
$auth = ' -U ' .$user->Username().' -P '.$password;
|
||||
} else if (ZM_AUTH_RELAY == 'none') {
|
||||
$auth = ' -U ' .$user['Username'];
|
||||
$auth = ' -U ' .$user->Username();
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ class ServerStatsController extends AppController {
|
|||
* So it has been decided for now to just let everyone read it.
|
||||
|
||||
global $user;
|
||||
$canView = (!$user) || ($user['System'] != 'None');
|
||||
$canView = (!$user) || ($user->System() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -80,7 +80,7 @@ class ServerStatsController extends AppController {
|
|||
public function add() {
|
||||
if ( $this->request->is('post') ) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if (!$canEdit) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -104,7 +104,7 @@ class ServerStatsController extends AppController {
|
|||
$this->ServerStat->id = $id;
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -134,7 +134,7 @@ class ServerStatsController extends AppController {
|
|||
*/
|
||||
public function delete($id = null) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ class ServersController extends AppController {
|
|||
* So it has been decided for now to just let everyone read it.
|
||||
|
||||
global $user;
|
||||
$canView = (!$user) || ($user['System'] != 'None');
|
||||
$canView = (!$user) || ($user->System() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -81,7 +81,7 @@ class ServersController extends AppController {
|
|||
if ( $this->request->is('post') ) {
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -105,7 +105,7 @@ class ServersController extends AppController {
|
|||
$this->Server->id = $id;
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -135,7 +135,7 @@ class ServersController extends AppController {
|
|||
*/
|
||||
public function delete($id = null) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class SnapshotsController extends AppController {
|
|||
parent::beforeFilter();
|
||||
global $user;
|
||||
# We already tested for auth in appController, so we just need to test for specific permission
|
||||
$canView = (!$user) || ($user['Snapshots'] != 'None');
|
||||
$canView = (!$user) || ($user->Snapshots() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -93,7 +93,7 @@ class SnapshotsController extends AppController {
|
|||
global $user;
|
||||
# We already tested for auth in appController,
|
||||
# so we just need to test for specific permission
|
||||
$canEdit = (!$user) || ($user['Snapshots'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->Snapshots() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -134,7 +134,7 @@ class SnapshotsController extends AppController {
|
|||
global $user;
|
||||
# We already tested for auth in appController,
|
||||
# so we just need to test for specific permission
|
||||
$canEdit = (!$user) || ($user['Snapshots'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->Snapshots() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -176,7 +176,7 @@ class SnapshotsController extends AppController {
|
|||
global $user;
|
||||
# We already tested for auth in appController,
|
||||
# so we just need to test for specific permission
|
||||
$canEdit = (!$user) || ($user['Snapshots'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->Snapshots() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ public $components = array('RequestHandler');
|
|||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
global $user;
|
||||
$canView = (!$user) || ($user['System'] != 'None');
|
||||
$canView = (!$user) || ($user->System() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -60,7 +60,7 @@ public function add() {
|
|||
if ($this->request->is('post')) {
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -86,7 +86,7 @@ public function edit($id = null) {
|
|||
}
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -112,7 +112,7 @@ public function edit($id = null) {
|
|||
public function delete($id = null) {
|
||||
$this->State->id = $id;
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -131,7 +131,7 @@ public function delete($id = null) {
|
|||
|
||||
public function change() {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class StorageController extends AppController {
|
|||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
global $user;
|
||||
$canView = (!$user) || ($user['System'] != 'None');
|
||||
$canView = (!$user) || ($user->System() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -84,7 +84,7 @@ class StorageController extends AppController {
|
|||
if ( $this->request->is('post') ) {
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -110,7 +110,7 @@ class StorageController extends AppController {
|
|||
$this->Storage->id = $id;
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
@ -142,7 +142,7 @@ class StorageController extends AppController {
|
|||
*/
|
||||
public function delete($id = null) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || ($user['System'] == 'Edit');
|
||||
$canEdit = (!$user) || ($user->System() == 'Edit');
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class UserPreferenceController extends AppController {
|
|||
parent::beforeFilter();
|
||||
global $user;
|
||||
# We already tested for auth in appController, so we just need to test for specific permission
|
||||
$canView = (!$user) || ($user['Users'] != 'None');
|
||||
$canView = (!$user) || ($user->Users() != 'None');
|
||||
if (!$canView) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ class UsersController extends AppController {
|
|||
|
||||
global $user;
|
||||
# We already tested for auth in appController, so we just need to test for specific permission
|
||||
$canView = (!$user) || ($user['System'] != 'None');
|
||||
$canView = (!$user) || ($user->System() != 'None');
|
||||
if (!$canView) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -36,7 +36,7 @@ class UsersController extends AppController {
|
|||
|
||||
global $user;
|
||||
# We should actually be able to list our own user, but I'm not bothering at this time.
|
||||
if ($user['System'] == 'None' ) {
|
||||
if ($user->System() == 'None' ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
}
|
||||
|
|
@ -57,7 +57,7 @@ class UsersController extends AppController {
|
|||
|
||||
global $user;
|
||||
# We can view ourselves
|
||||
$canView = ($user['System'] != 'None') or ($user['Id'] == $id);
|
||||
$canView = ($user->System() != 'None') or ($user->Id() == $id);
|
||||
if (!$canView) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -84,7 +84,7 @@ class UsersController extends AppController {
|
|||
public function add() {
|
||||
if ($this->request->is('post')) {
|
||||
global $user;
|
||||
if ($user['System'] != 'Edit') {
|
||||
if ($user->System() != 'Edit') {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
}
|
||||
|
|
@ -120,7 +120,7 @@ class UsersController extends AppController {
|
|||
$this->User->id = $id;
|
||||
|
||||
global $user;
|
||||
$canEdit = ($user['System'] == 'Edit') or (($user['Id'] == $id) and ZM_USER_SELF_EDIT);
|
||||
$canEdit = ($user->System() == 'Edit') or (($user->Id() == $id) and ZM_USER_SELF_EDIT);
|
||||
if (!$canEdit) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -164,7 +164,7 @@ class UsersController extends AppController {
|
|||
|
||||
global $user;
|
||||
# Can't delete ourselves
|
||||
if ( ($user['System'] != 'Edit') or ($user['Id'] == $id) ) {
|
||||
if ( ($user->System() != 'Edit') or ($user->Id() == $id) ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class ZonesController extends AppController {
|
|||
parent::beforeFilter();
|
||||
|
||||
global $user;
|
||||
$canView = (!$user) || ($user['Monitors'] != 'None');
|
||||
$canView = (!$user) || ($user->Monitors() != 'None');
|
||||
if ( !$canView ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -45,7 +45,7 @@ class ZonesController extends AppController {
|
|||
$this->Zone->recursive = -1;
|
||||
|
||||
global $user;
|
||||
$allowedMonitors = $user ? preg_split('@,@', $user['MonitorIds'],NULL, PREG_SPLIT_NO_EMPTY) : null;
|
||||
$allowedMonitors = $user ? preg_split('@,@', $user->MonitorIds(),NULL, PREG_SPLIT_NO_EMPTY) : null;
|
||||
if ( $allowedMonitors ) {
|
||||
$mon_options = array('Zones.MonitorId' => $allowedMonitors);
|
||||
} else {
|
||||
|
|
@ -71,7 +71,7 @@ class ZonesController extends AppController {
|
|||
}
|
||||
|
||||
global $user;
|
||||
$canEdit = (!$user) || $user['Monitors'] == 'Edit';
|
||||
$canEdit = (!$user) || $user->Monitors() == 'Edit';
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -118,7 +118,7 @@ class ZonesController extends AppController {
|
|||
$message = '';
|
||||
if ( $this->request->is(array('post', 'put')) ) {
|
||||
global $user;
|
||||
$canEdit = (!$user) || $user['Monitors'] == 'Edit';
|
||||
$canEdit = (!$user) || $user->Monitors() == 'Edit';
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
@ -149,7 +149,7 @@ class ZonesController extends AppController {
|
|||
}
|
||||
$this->request->allowMethod('post', 'delete');
|
||||
global $user;
|
||||
$canEdit = (!$user) || $user['Monitors'] == 'Edit';
|
||||
$canEdit = (!$user) || $user->Monitors() == 'Edit';
|
||||
if ( !$canEdit ) {
|
||||
throw new UnauthorizedException(__('Insufficient Privileges'));
|
||||
return;
|
||||
|
|
|
|||
Loading…
Reference in New Issue