Commit eed9ba8a5f0bb86c5cf4825fbac7056b841be911
1 parent
a398fe83
tested getSectionLinks (db)
added and tested getPage (db) fixed access constants to match db git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@575 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
38 additions
and
18 deletions
lib/session/SiteMap.inc
| ... | ... | @@ -3,11 +3,11 @@ |
| 3 | 3 | require_once("$default->owl_fs_root/lib/security/permission.inc"); |
| 4 | 4 | |
| 5 | 5 | // define access constants |
| 6 | -define("None", -1); | |
| 7 | -define("Guest", 0); | |
| 8 | -define("User", 1); | |
| 9 | -define("UnitAdmin", 2); | |
| 10 | -define("SysAdmin", 3); | |
| 6 | +define("None", 1); | |
| 7 | +define("Guest", 2); | |
| 8 | +define("User", 3); | |
| 9 | +define("UnitAdmin", 4); | |
| 10 | +define("SysAdmin", 5); | |
| 11 | 11 | |
| 12 | 12 | /** |
| 13 | 13 | * $Id$ |
| ... | ... | @@ -151,24 +151,24 @@ class SiteMap { |
| 151 | 151 | * @param string the section to return links for |
| 152 | 152 | */ |
| 153 | 153 | function getSectionLinksUsingDB($sSectionName) { |
| 154 | - /* | |
| 155 | - $default->owl_site_access_table = "site_access_lookup"; | |
| 156 | - $default->owl_site_sections_table = "site_sections_lookup"; | |
| 157 | - $default->owl_sitemap_table = "sitemap"; | |
| 158 | - */ | |
| 159 | 154 | global $default, $lang_err_database; |
| 160 | 155 | $sql = new Owl_DB(); |
| 161 | 156 | // lookup sectionID |
| 162 | - $sectionID = lookupID($default->site_sections_table, "name", $sSectionName); | |
| 157 | + $sectionID = lookupID($default->owl_site_sections_table, "name", $sSectionName); | |
| 163 | 158 | if ($sectionID) { |
| 164 | 159 | // initialise result array |
| 165 | 160 | $results = array("descriptions" => array(), "links" => array()); |
| 166 | 161 | |
| 167 | - if ($sql->query("SELECT link_text, action FROM $default->sitemap_table WHERE section_id=$sectionID")) { | |
| 162 | + if ($sql->query("SELECT link_text, action, access_id FROM $default->owl_sitemap_table WHERE section_id=$sectionID")) { | |
| 168 | 163 | while ($sql->next_record()) { |
| 169 | - // add this array to the resultset array | |
| 170 | - $results["descriptions"][] = $sql->f("link_text"); | |
| 171 | - $results["links"][] = generateControllerUrl($sql->f("action")); | |
| 164 | + // check permissions | |
| 165 | + if ($this->hasPermission($sql->f("access_id"))) { | |
| 166 | + // add this array to the resultset array if there is link text | |
| 167 | + if (strlen($sql->f("link_text")) > 0) { | |
| 168 | + $results["descriptions"][] = $sql->f("link_text"); | |
| 169 | + $results["links"][] = generateControllerUrl($sql->f("action")); | |
| 170 | + } | |
| 171 | + } | |
| 172 | 172 | } |
| 173 | 173 | // now check if we have anything in the results array before returning it |
| 174 | 174 | if (count($results) > 0) { |
| ... | ... | @@ -202,9 +202,11 @@ class SiteMap { |
| 202 | 202 | foreach ($this->aSiteMap[$sSectionName] as $requiredAccess => $pages) { |
| 203 | 203 | if ($this->hasPermission($requiredAccess)) { |
| 204 | 204 | foreach ($pages as $action => $pageDetail) { |
| 205 | - // add this array to the resultset array | |
| 206 | - $results["descriptions"][] = $pages[$action]["description"]; | |
| 207 | - $results["links"][] = generateControllerUrl($action); | |
| 205 | + // add this array to the resultset array if there is link text | |
| 206 | + if (strlen($pages[$action]["description"]) > 0) { | |
| 207 | + $results["descriptions"][] = $pages[$action]["description"]; | |
| 208 | + $results["links"][] = generateControllerUrl($action); | |
| 209 | + } | |
| 208 | 210 | } |
| 209 | 211 | } |
| 210 | 212 | } |
| ... | ... | @@ -242,6 +244,24 @@ class SiteMap { |
| 242 | 244 | * @return string the page to redirect to, or false if the user doesn't have access to the page |
| 243 | 245 | */ |
| 244 | 246 | function getPageUsingDB($action) { |
| 247 | + global $default, $lang_err_database; | |
| 248 | + $sql = new Owl_DB(); | |
| 249 | + // lookup the page and access_id from the sitemap | |
| 250 | + if ($sql->query("SELECT page, access_id FROM $default->owl_sitemap_table WHERE action='$action'")) { | |
| 251 | + if ($sql->next_record()) { | |
| 252 | + // check permissions | |
| 253 | + if ($this->hasPermission($sql->f("access_id"))) { | |
| 254 | + // return the page | |
| 255 | + return $sql->f("page"); | |
| 256 | + } | |
| 257 | + } else { | |
| 258 | + $_SESSION["errorMessage"] = $lang_err_database; | |
| 259 | + return false; | |
| 260 | + } | |
| 261 | + } else { | |
| 262 | + $_SESSION["errorMessage"] = $lang_err_database; | |
| 263 | + return false; | |
| 264 | + } | |
| 245 | 265 | } |
| 246 | 266 | |
| 247 | 267 | /** | ... | ... |