Merge out from the pre_0.1 branch

git-svn-id: file:///svn-source/pmgr/branches/sandbox_0.1@810 97e9348a-65ac-dc4b-aefc-98561f571b83
2009-08-28 20:48:52 +00:00
parent fbc2de9427 7bcee943a5
commit 50eb7c0f5d
76 changed files with 2627 additions and 376 deletions
--- a/site/app_controller.php
+++ b/site/app_controller.php
@@ -35,6 +35,7 @@
 * @subpackage    cake.app
 */
 class AppController extends Controller {
+  var $uses = array('Option', 'Permission');
  var $helpers = array('Html', 'Form', 'Javascript', 'Format', 'Time', 'Grid');
  var $components = array('DebugKit.Toolbar');

@@ -280,10 +281,8 @@ class AppController extends Controller {
   */

  function beforeFilter() {
-    $this->params['dev'] =
-      (!empty($this->params['dev_route']));
-    $this->params['admin'] =
-      (!empty($this->params['admin_route']) || !empty($this->params['dev_route']));
+    $this->params['dev']   = $this->Option->enabled('dev');
+    $this->params['admin'] = $this->Option->enabled('admin');

    if (!$this->params['dev'])
      Configure::write('debug', '0');
@@ -296,6 +295,11 @@ class AppController extends Controller {
 	$this->sideMenuEnable($area_name, $this->dev_area, false);
      if (empty($this->params['admin']))
 	$this->sideMenuEnable($area_name, $this->admin_area, false);
+
+    $this->authorize("controller.{$this->params['controller']}");
+    $this->authorize("controller.{$this->params['controller']}");
+    $this->authorize("action.{$this->params['controller']}.{$this->params['action']}");
+    $this->authorize("action.{$this->params['controller']}.{$this->params['action']}");
  }
  }

@@ -1148,14 +1152,26 @@ class AppController extends Controller {
      echo "  <cell><![CDATA[$data]]></cell>\n"; 
  }

+  function authorize($name) {
+    if ($this->Permission->deny($name))
+      $this->UNAUTHORIZED("Unauthorized: $name");
+  }
+
+  function UNAUTHORIZED($msg) {
+    //$this->redirect('controller' => '???', 'action' => 'login');
+    //$this->render('/unauthorized');
+    $this->set('message', '<H2>' . $msg . '</H2>');
+    $this->render_empty();
+  }
+
  function INTERNAL_ERROR($msg, $depth = 0) {
    INTERNAL_ERROR($msg, false, $depth+1);
    $this->render_empty();
-    $this->_stop();
  }

  function render_empty() {
-    $this->render('/empty');
+    echo $this->render('/empty');
+    $this->_stop();
  }

 }