abijah/pmgr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Replaced the hardcoded 'level' checks, and incorporated (as a first pass) the new permission mechanism

Browse Source 
git-svn-id: file:///svn-source/pmgr/branches/pre_0.1_work_20090819@802 97e9348a-65ac-dc4b-aefc-98561f571b83
This commit is contained in:
abijah
2009-08-28 07:11:14 +00:00
parent 43c957baa2
commit a3b376544c
13 changed files with 92 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
site/controllers/accounts_controller.php
View File

@@ -98,9 +98,8 @@ class AccountsController extends AppController {
$conditions[] = array('Account.type' => strtoupper($params['action']));
}
// REVISIT <AP>: 20090811
// No security issues have been worked out yet
$conditions[] = array('Account.level >=' => 10);
$conditions[] = array('Account.level >=' =>
$this->Permission->level('controller.accounts'));
return $conditions;
}
@@ -181,9 +180,8 @@ class AccountsController extends AppController {
('order' => array('CloseTransaction.stamp' => 'DESC'))),
),
'conditions' => array(array('Account.id' => $id),
// REVISIT <AP>: 20090811
// No security issues have been worked out yet
array('Account.level >=' => 10),
array('Account.level >=' =>
$this->Permission->level('controller.accounts')),
),
)
);