From 915bd91d7b3c2516633b7f568fbb574e0d893218 Mon Sep 17 00:00:00 2001 From: Dennis Eichhorn Date: Fri, 9 Mar 2018 22:26:22 +0100 Subject: [PATCH] Change permission check from int to string --- Admin/Install/Navigation.install.json | 10 +++++----- Controller.php | 20 ++++++++++---------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/Admin/Install/Navigation.install.json b/Admin/Install/Navigation.install.json index b61d0d9..9b9c97e 100644 --- a/Admin/Install/Navigation.install.json +++ b/Admin/Install/Navigation.install.json @@ -10,7 +10,7 @@ "icon": null, "order": 40, "from": "News", - "permission": null, + "permission": { "type": null, "element": null }, "parent": 1000201001, "children": [ { @@ -24,7 +24,7 @@ "icon": null, "order": 1, "from": "News", - "permission": null, + "permission": { "type": null, "element": null }, "parent": 1000701001, "children": [] }, @@ -39,7 +39,7 @@ "icon": null, "order": 5, "from": "News", - "permission": null, + "permission": { "type": null, "element": null }, "parent": 1000701001, "children": [] }, @@ -54,7 +54,7 @@ "icon": null, "order": 10, "from": "News", - "permission": null, + "permission": { "type": null, "element": null }, "parent": 1000701001, "children": [] }, @@ -69,7 +69,7 @@ "icon": null, "order": 15, "from": "News", - "permission": null, + "permission": { "type": null, "element": null }, "parent": 1000701001, "children": [] } diff --git a/Controller.php b/Controller.php index d796cde..6a71457 100644 --- a/Controller.php +++ b/Controller.php @@ -107,7 +107,7 @@ class Controller extends ModuleAbstract implements WebInterface $view = new View($this->app, $request, $response); if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission( - PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::DASHBOARD) + PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::DASHBOARD) ) { $view->setTemplate('/Web/Backend/Error/403_inline'); $response->getHeader()->setStatusCode(RequestStatusCode::R_403); @@ -162,7 +162,7 @@ class Controller extends ModuleAbstract implements WebInterface if ($article->getCreatedBy()->getId() !== $accountId && !$this->app->accountManager->get($accountId)->hasPermission( - PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ARTICLE, $article->getId()) + PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ARTICLE, $article->getId()) ) { $view->setTemplate('/Web/Backend/Error/403_inline'); $response->getHeader()->setStatusCode(RequestStatusCode::R_403); @@ -191,7 +191,7 @@ class Controller extends ModuleAbstract implements WebInterface $view = new View($this->app, $request, $response); if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission( - PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ARCHIVE) + PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ARCHIVE) ) { $view->setTemplate('/Web/Backend/Error/403_inline'); $response->getHeader()->setStatusCode(RequestStatusCode::R_403); @@ -222,7 +222,7 @@ class Controller extends ModuleAbstract implements WebInterface $view = new View($this->app, $request, $response); if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission( - PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ARTICLE) + PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ARTICLE) ) { $view->setTemplate('/Web/Backend/Error/403_inline'); $response->getHeader()->setStatusCode(RequestStatusCode::R_403); @@ -285,7 +285,7 @@ class Controller extends ModuleAbstract implements WebInterface public function apiNewsUpdate(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */ { if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission( - PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ARTICLE) + PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ARTICLE) ) { $response->set('news_update', null); $response->getHeader()->setStatusCode(RequestStatusCode::R_403); @@ -341,7 +341,7 @@ class Controller extends ModuleAbstract implements WebInterface public function apiNewsCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */ { if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission( - PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ARTICLE) + PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ARTICLE) ) { $response->set('news_create', null); $response->getHeader()->setStatusCode(RequestStatusCode::R_403); @@ -399,7 +399,7 @@ class Controller extends ModuleAbstract implements WebInterface public function apiNewsGet(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */ { if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission( - PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ARTICLE) + PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ARTICLE) ) { $response->set('news_read', null); $response->getHeader()->setStatusCode(RequestStatusCode::R_403); @@ -449,7 +449,7 @@ class Controller extends ModuleAbstract implements WebInterface public function apiBadgeCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */ { if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission( - PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::BADGE) + PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::BADGE) ) { $response->set('badge_create', null); $response->getHeader()->setStatusCode(RequestStatusCode::R_403); @@ -551,7 +551,7 @@ class Controller extends ModuleAbstract implements WebInterface public function apiNewsDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */ { if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission( - PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ARTICLE) + PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ARTICLE) ) { $response->set('news_delete', null); $response->getHeader()->setStatusCode(RequestStatusCode::R_403); @@ -583,7 +583,7 @@ class Controller extends ModuleAbstract implements WebInterface public function apiDeleteNewsBadge(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */ { if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission( - PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::BADGE) + PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::BADGE) ) { $response->set('badge_delete', null); $response->getHeader()->setStatusCode(RequestStatusCode::R_403);