Commit 3c92faebf968d40546e10ef4ae28e1ae928ee9e7
1 parent
4abe715d
moved group lookup outside the array loops
added code for case where the user has no session (for pages that don't require access control eg. login.php) git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@323 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
19 additions
and
7 deletions
lib/SiteMap.inc
| @@ -44,7 +44,21 @@ class SiteMap { | @@ -44,7 +44,21 @@ class SiteMap { | ||
| 44 | */ | 44 | */ |
| 45 | function getPage($action, $userID) { | 45 | function getPage($action, $userID) { |
| 46 | global $default; | 46 | global $default; |
| 47 | - $default->log->debug("Sitemap::getPage function start; action=$action; userID=$userID"); | 47 | + |
| 48 | + $groupIDs = array(); | ||
| 49 | + | ||
| 50 | + // if there is no session (ie. requesting login page) | ||
| 51 | + // then userID will be "" or unset or something | ||
| 52 | + if (!$userID) { | ||
| 53 | + // no session, so set groupID to Anonymous group | ||
| 54 | + $groupIDs[] = lookupID($default->owl_groups_table, "name", "Anonymous"); | ||
| 55 | + } else { | ||
| 56 | + // lookup the groups this user is in | ||
| 57 | + $groupIDs = lookupGroupIDs($userID); | ||
| 58 | + } | ||
| 59 | + | ||
| 60 | + $default->log->debug("Sitemap::getPage function start; action=$action; userID=$userID; groupIDs=" . arrayToString($groupIDs)); | ||
| 61 | + | ||
| 48 | // for each section | 62 | // for each section |
| 49 | foreach ($this->siteMapArray as $section => $valArr) { | 63 | foreach ($this->siteMapArray as $section => $valArr) { |
| 50 | $default->log->debug("Sitemap::getPage section=$section"); | 64 | $default->log->debug("Sitemap::getPage section=$section"); |
| @@ -56,16 +70,14 @@ class SiteMap { | @@ -56,16 +70,14 @@ class SiteMap { | ||
| 56 | // now loop through pages until we find the right one | 70 | // now loop through pages until we find the right one |
| 57 | foreach ($pageArr as $ackshin => $page) { | 71 | foreach ($pageArr as $ackshin => $page) { |
| 58 | if ($ackshin == $action) { | 72 | if ($ackshin == $action) { |
| 59 | - // lookup the groups this user is in | ||
| 60 | - $groupIDs = lookupGroupIDs($userID); | ||
| 61 | - // now check if we have the right group access by | ||
| 62 | - // looping through the groupID array and returning the page | ||
| 63 | - // if the current groupID <= $reqGrpID | ||
| 64 | - | ||
| 65 | // FIXME: this won't work once we have lots of groups will it?? | 73 | // FIXME: this won't work once we have lots of groups will it?? |
| 66 | // we're assuming that the default groups will be created in the right | 74 | // we're assuming that the default groups will be created in the right |
| 67 | // order, so that groups with sys and unit access have lower ids than | 75 | // order, so that groups with sys and unit access have lower ids than |
| 68 | // the required ones! | 76 | // the required ones! |
| 77 | + | ||
| 78 | + // now check if we have the right group access by | ||
| 79 | + // looping through the groupID array and returning the page | ||
| 80 | + // if the current groupID <= $reqGrpID | ||
| 69 | for ($i = 0; $i<count($groupIDs); $i++) { | 81 | for ($i = 0; $i<count($groupIDs); $i++) { |
| 70 | $default->log->debug("Sitemap::getPage current groupid=" . $groupIDs[$i] . "; reqGrpID=$reqGrpID"); | 82 | $default->log->debug("Sitemap::getPage current groupid=" . $groupIDs[$i] . "; reqGrpID=$reqGrpID"); |
| 71 | if ($groupIDs[$i] <= $reqGrpID) { | 83 | if ($groupIDs[$i] <= $reqGrpID) { |