composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

- Bug fix: Ticket #2 (User rights not applied properly)

Browse Source 
SVN:0.7.2[72]
This commit is contained in:
Denis Flaven
2009-06-27 08:31:31 +00:00
parent 4bdec745d2
commit 70bbd07973
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
addons/userrights/userrightsmatrix.class.inc.php
View File

@@ -314,7 +314,7 @@ class UserRightsMatrix extends UserRightsAddOnAPI
$oLogin = $oSet->Fetch();
if ($oLogin->Get('password') == $sPassword)
{
return true;
return $oLogin->Get('userid');
}
// todo: throw an exception?
return false;
@@ -326,7 +326,7 @@ class UserRightsMatrix extends UserRightsAddOnAPI
return $oNullFilter;
}
public function IsActionAllowed($sUserName, $sClass, $iActionCode, dbObjectSet $aInstances)
public function IsActionAllowed($iUserId, $sClass, $iActionCode, dbObjectSet $aInstances)
{
if (!array_key_exists($iActionCode, self::$m_aActionCodes))
{
@@ -334,7 +334,7 @@ class UserRightsMatrix extends UserRightsAddOnAPI
}
$sAction = self::$m_aActionCodes[$iActionCode];
$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT UserRightsMatrixClassGrant WHERE class = '$sClass' AND action = '$sAction' AND login = '$sUserName'"));
$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT UserRightsMatrixClassGrant WHERE class = '$sClass' AND action = '$sAction' AND userid = '$iUserId'"));
if ($oSet->Count() < 1)
{
return UR_ALLOWED_NO;
@@ -354,7 +354,7 @@ class UserRightsMatrix extends UserRightsAddOnAPI
return $iRetCode;
}
public function IsActionAllowedOnAttribute($sUserName, $sClass, $sAttCode, $iActionCode, dbObjectSet $aInstances)
public function IsActionAllowedOnAttribute($iUserId, $sClass, $sAttCode, $iActionCode, dbObjectSet $aInstances)
{
if (!array_key_exists($iActionCode, self::$m_aActionCodes))
{
@@ -362,7 +362,7 @@ class UserRightsMatrix extends UserRightsAddOnAPI
}
$sAction = self::$m_aActionCodes[$iActionCode];
$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT UserRightsMatrixAttributeGrant WHERE UserRightsMatrixAttributeGrant.class = '$sClass' AND UserRightsMatrixAttributeGrant.attcode = '$sAttCode' AND UserRightsMatrixAttributeGrant.action = '$sAction' AND UserRightsMatrixAttributeGrant.login = '$sUserName'"));
$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT UserRightsMatrixAttributeGrant WHERE UserRightsMatrixAttributeGrant.class = '$sClass' AND UserRightsMatrixAttributeGrant.attcode = '$sAttCode' AND UserRightsMatrixAttributeGrant.action = '$sAction' AND UserRightsMatrixAttributeGrant.userid = '$iUserId'"));
if ($oSet->Count() < 1)
{
return UR_ALLOWED_NO;
@@ -382,9 +382,9 @@ class UserRightsMatrix extends UserRightsAddOnAPI
return $iRetCode;
}
public function IsStimulusAllowed($sUserName, $sClass, $sStimulusCode, dbObjectSet $aInstances)
public function IsStimulusAllowed($iUserId, $sClass, $sStimulusCode, dbObjectSet $aInstances)
{
$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT UserRightsMatrixClassStimulusGrant WHERE class = '$sClass' AND stimulus = '$sStimulusCode' AND login = '$sUserName'"));
$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT UserRightsMatrixClassStimulusGrant WHERE class = '$sClass' AND stimulus = '$sStimulusCode' AND userid = '$iUserId'"));
if ($oSet->Count() < 1)
{
return UR_ALLOWED_NO;