Commit eed9ba8a5f0bb86c5cf4825fbac7056b841be911
1 parent
a398fe83
tested getSectionLinks (db)
added and tested getPage (db) fixed access constants to match db git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@575 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
38 additions
and
18 deletions
lib/session/SiteMap.inc
| @@ -3,11 +3,11 @@ | @@ -3,11 +3,11 @@ | ||
| 3 | require_once("$default->owl_fs_root/lib/security/permission.inc"); | 3 | require_once("$default->owl_fs_root/lib/security/permission.inc"); |
| 4 | 4 | ||
| 5 | // define access constants | 5 | // define access constants |
| 6 | -define("None", -1); | ||
| 7 | -define("Guest", 0); | ||
| 8 | -define("User", 1); | ||
| 9 | -define("UnitAdmin", 2); | ||
| 10 | -define("SysAdmin", 3); | 6 | +define("None", 1); |
| 7 | +define("Guest", 2); | ||
| 8 | +define("User", 3); | ||
| 9 | +define("UnitAdmin", 4); | ||
| 10 | +define("SysAdmin", 5); | ||
| 11 | 11 | ||
| 12 | /** | 12 | /** |
| 13 | * $Id$ | 13 | * $Id$ |
| @@ -151,24 +151,24 @@ class SiteMap { | @@ -151,24 +151,24 @@ class SiteMap { | ||
| 151 | * @param string the section to return links for | 151 | * @param string the section to return links for |
| 152 | */ | 152 | */ |
| 153 | function getSectionLinksUsingDB($sSectionName) { | 153 | function getSectionLinksUsingDB($sSectionName) { |
| 154 | - /* | ||
| 155 | - $default->owl_site_access_table = "site_access_lookup"; | ||
| 156 | - $default->owl_site_sections_table = "site_sections_lookup"; | ||
| 157 | - $default->owl_sitemap_table = "sitemap"; | ||
| 158 | - */ | ||
| 159 | global $default, $lang_err_database; | 154 | global $default, $lang_err_database; |
| 160 | $sql = new Owl_DB(); | 155 | $sql = new Owl_DB(); |
| 161 | // lookup sectionID | 156 | // lookup sectionID |
| 162 | - $sectionID = lookupID($default->site_sections_table, "name", $sSectionName); | 157 | + $sectionID = lookupID($default->owl_site_sections_table, "name", $sSectionName); |
| 163 | if ($sectionID) { | 158 | if ($sectionID) { |
| 164 | // initialise result array | 159 | // initialise result array |
| 165 | $results = array("descriptions" => array(), "links" => array()); | 160 | $results = array("descriptions" => array(), "links" => array()); |
| 166 | 161 | ||
| 167 | - if ($sql->query("SELECT link_text, action FROM $default->sitemap_table WHERE section_id=$sectionID")) { | 162 | + if ($sql->query("SELECT link_text, action, access_id FROM $default->owl_sitemap_table WHERE section_id=$sectionID")) { |
| 168 | while ($sql->next_record()) { | 163 | while ($sql->next_record()) { |
| 169 | - // add this array to the resultset array | ||
| 170 | - $results["descriptions"][] = $sql->f("link_text"); | ||
| 171 | - $results["links"][] = generateControllerUrl($sql->f("action")); | 164 | + // check permissions |
| 165 | + if ($this->hasPermission($sql->f("access_id"))) { | ||
| 166 | + // add this array to the resultset array if there is link text | ||
| 167 | + if (strlen($sql->f("link_text")) > 0) { | ||
| 168 | + $results["descriptions"][] = $sql->f("link_text"); | ||
| 169 | + $results["links"][] = generateControllerUrl($sql->f("action")); | ||
| 170 | + } | ||
| 171 | + } | ||
| 172 | } | 172 | } |
| 173 | // now check if we have anything in the results array before returning it | 173 | // now check if we have anything in the results array before returning it |
| 174 | if (count($results) > 0) { | 174 | if (count($results) > 0) { |
| @@ -202,9 +202,11 @@ class SiteMap { | @@ -202,9 +202,11 @@ class SiteMap { | ||
| 202 | foreach ($this->aSiteMap[$sSectionName] as $requiredAccess => $pages) { | 202 | foreach ($this->aSiteMap[$sSectionName] as $requiredAccess => $pages) { |
| 203 | if ($this->hasPermission($requiredAccess)) { | 203 | if ($this->hasPermission($requiredAccess)) { |
| 204 | foreach ($pages as $action => $pageDetail) { | 204 | foreach ($pages as $action => $pageDetail) { |
| 205 | - // add this array to the resultset array | ||
| 206 | - $results["descriptions"][] = $pages[$action]["description"]; | ||
| 207 | - $results["links"][] = generateControllerUrl($action); | 205 | + // add this array to the resultset array if there is link text |
| 206 | + if (strlen($pages[$action]["description"]) > 0) { | ||
| 207 | + $results["descriptions"][] = $pages[$action]["description"]; | ||
| 208 | + $results["links"][] = generateControllerUrl($action); | ||
| 209 | + } | ||
| 208 | } | 210 | } |
| 209 | } | 211 | } |
| 210 | } | 212 | } |
| @@ -242,6 +244,24 @@ class SiteMap { | @@ -242,6 +244,24 @@ class SiteMap { | ||
| 242 | * @return string the page to redirect to, or false if the user doesn't have access to the page | 244 | * @return string the page to redirect to, or false if the user doesn't have access to the page |
| 243 | */ | 245 | */ |
| 244 | function getPageUsingDB($action) { | 246 | function getPageUsingDB($action) { |
| 247 | + global $default, $lang_err_database; | ||
| 248 | + $sql = new Owl_DB(); | ||
| 249 | + // lookup the page and access_id from the sitemap | ||
| 250 | + if ($sql->query("SELECT page, access_id FROM $default->owl_sitemap_table WHERE action='$action'")) { | ||
| 251 | + if ($sql->next_record()) { | ||
| 252 | + // check permissions | ||
| 253 | + if ($this->hasPermission($sql->f("access_id"))) { | ||
| 254 | + // return the page | ||
| 255 | + return $sql->f("page"); | ||
| 256 | + } | ||
| 257 | + } else { | ||
| 258 | + $_SESSION["errorMessage"] = $lang_err_database; | ||
| 259 | + return false; | ||
| 260 | + } | ||
| 261 | + } else { | ||
| 262 | + $_SESSION["errorMessage"] = $lang_err_database; | ||
| 263 | + return false; | ||
| 264 | + } | ||
| 245 | } | 265 | } |
| 246 | 266 | ||
| 247 | /** | 267 | /** |