本文整理汇总了PHP中AppController::isAuthorized方法的典型用法代码示例。如果您正苦于以下问题:PHP AppController::isAuthorized方法的具体用法?PHP AppController::isAuthorized怎么用?PHP AppController::isAuthorized使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类AppController的用法示例。
在下文中一共展示了AppController::isAuthorized方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: isAuthorized
/**
* IsAuthorized method.
*
* @param array $user Authenticated user.
*
* @return bool
*/
public function isAuthorized($user)
{
if (in_array($this->request->action, ['properties'])) {
return $this->Auth->user('id');
}
return parent::isAuthorized($user);
}示例2: isAuthorized
public function isAuthorized($user)
{
if ($user['group_id'] == 6 || $user['group_id'] == 7) {
if (in_array($this->action, array('index', 'listamensaje', 'leermensaje', 'leido', 'contador', 'enviarmensaje'))) {
return true;
} else {
if ($this->Auth->user('id')) {
$this->Session->setFlash('no se puede acceder');
// $this->redirect($this->Auth->redirect());
$this->redirect(array('controller' => 'users', 'action' => 'index'));
}
}
}
// if ($user['group_id']==7 ){
// if(in_array($this->action,array('enviarmensaje','index','leermensaje'))){
// return true;
// }else {
// if($this->Auth->user('id')){
// $this->Session->setFlash('no se puede acceder');
// // $this->redirect($this->Auth->redirect());
// $this->redirect(array('controller'=>'users','action'=>'index'));
// }
// }
// }
return parent::isAuthorized($user);
}示例3: isAuthorized
public function isAuthorized($user)
{
if ($this->action === "repo" || $this->action === "detail") {
return true;
}
return parent::isAuthorized($user);
}示例4: isAuthorized
public function isAuthorized($user)
{
if (in_array($this->request->action, array('index', 'logout'))) {
return true;
}
return parent::isAuthorized($user);
}示例5: isAuthorized
public function isAuthorized($user)
{
$action = $this->action;
if ($action === 'add') {
$organizationId = $this->request->params['pass'][0];
$this->loadModel('Organization');
$organization = $this->Organization->findById($organizationId);
//is this organization approved
if ($organization['Organization']['status_id'] != 2) {
$this->Session->setFlash('This organization must be approved before adding new events.');
return false;
}
//am I an organization admin of some kind for this organization?
return $this->_isOrgAdminFor($organizationId);
} else {
if ($action === 'edit' || $action === 'admin') {
$event_id = $this->request->params['pass'][0];
$event = $this->Event->findById($event_id);
if (!$event) {
throw new NotFoundException('Invalid event');
}
$organizationId = $event['Event']['organization_id'];
//am I an organization admin of some kind for this organization?
return $this->_isOrgAdminFor($organizationId);
}
}
return parent::isAuthorized($user);
}示例6: isAuthorized
public function isAuthorized($user)
{
if ($this->request->action === 'index') {
return true;
}
return parent::isAuthorized($user);
}示例7: isAuthorized
/**
* Test to see if a user is authorized to make a request.
*
* @param array $user Member record for the user.
* @param CakeRequest $request The request the user is attempting to make.
* @return bool True if the user is authorized to make the request, otherwise false.
* @link http://api20.cakephp.org/class/cake-request
*/
public function isAuthorized($user, $request)
{
// allows full access to see everything
if (parent::isAuthorized($user, $request)) {
return true;
}
// Get the member_id details have been requested for & the logged in users member_id
$logMemberId = $this->_getLoggedInMemberId();
if (isset($request->params['pass'][0])) {
$reqMemberId = $request->params['pass'][0];
} else {
$reqMemberId = $logMemberId;
}
$memberAdmin = $this->Member->GroupsMember->isMemberInGroup($logMemberId, Group::MEMBERSHIP_ADMIN);
switch ($request->action) {
case 'view':
// Allow everyone to view their own transaction history
if ($reqMemberId == $logMemberId or $memberAdmin) {
return true;
}
return false;
case 'edit':
// we'll sort this out later
return true;
}
}示例8: isAuthorized
public function isAuthorized($user)
{
if (in_array($this->action, array('index', 'view', 'filedownload'))) {
return true;
}
return parent::isAuthorized($user);
}示例9: isAuthorized
public function isAuthorized($user)
{
if (isset($user['role']) && $user['role'] === 'storekeeper') {
return true;
}
return parent::isAuthorized($user);
}示例10: isAuthorized
/**
* isAuthorized method
*
* @return boolean
*/
public function isAuthorized($user)
{
if (parent::isAuthorized($user)) {
return true;
}
return true;
}示例11: isAuthorized
/**
* Test to see if a user is authorized to make a request.
*
* @param array $user Member record for the user.
* @param CakeRequest $request The request the user is attempting to make.
* @return bool True if the user is authorized to make the request, otherwise false.
* @link http://api20.cakephp.org/class/cake-request
*/
public function isAuthorized($user, $request)
{
if (parent::isAuthorized($user, $request)) {
return true;
}
$authGranted = false;
// Only history page implemented so far
if ($request->params['action'] != 'history') {
return false;
}
// Get the member_id details have been requested for & the logged in users member_id
$logMemberId = $this->_getLoggedInMemberId();
if (isset($request->params['pass'][0])) {
$reqMemberId = $request->params['pass'][0];
} else {
$reqMemberId = $logMemberId;
}
// Allow everyone to view their own transaction history
if ($reqMemberId == $logMemberId) {
$authGranted = true;
} elseif ($this->Member->GroupsMember->isMemberInGroup($logMemberId, Group::SNACKSPACE_ADMIN)) {
// Only allow 'Full Access' (via parent::isAuthorized) and 'Snackspace Admins' to view the transaction history of others
$authGranted = true;
}
return $authGranted;
}示例12: isAuthorized
public function isAuthorized($user = null)
{
$owner_allowed = array();
$user_allowed = array();
$admin_allowed = array_merge($owner_allowed, $user_allowed, array('display'));
$developer_allowed = array_merge($admin_allowed, array());
# All registered users can:
if (in_array($this->action, $user_allowed)) {
return true;
}
# Admin users can:
// if ($user['rol'] === 'admin')
if ($user['Rol']['weight'] >= User::ADMIN) {
if (in_array($this->action, $admin_allowed)) {
return true;
}
}
# Developer users can:
if ($user['Rol']['weight'] >= User::DEVELOPER) {
if (in_array($this->action, $developer_allowed)) {
return true;
}
}
# The owner of an user can:
if (in_array($this->action, $owner_allowed)) {
$userId = $this->request->params['pass'][0];
if ($this->Event->isOwnedBy($userId, $user['id'])) {
return true;
}
}
return parent::isAuthorized($user);
}示例13: isAuthorized
public function isAuthorized($user)
{
if ($user['group_id'] == '7') {
if (in_array($this->action, array('subirexamen'))) {
return true;
} else {
if ($this->Auth->user('id')) {
$this->Session->setFlash('no se puede acceder');
$this->redirect(array('controller' => 'users', 'action' => 'index'));
}
}
} else {
if ($user['group_id'] == '6') {
if (in_array($this->action, array('index', 'getexams', 'download'))) {
return true;
} else {
if ($this->Auth->user('id')) {
$this->Session->setFlash('no se puede acceder');
$this->redirect(array('controller' => 'users', 'action' => 'index'));
}
}
}
}
return parent::isAuthorized($user);
}示例14: isAuthorized
public function isAuthorized($user)
{
if (isset($user['role']) && $user['role'] === 'teacher') {
if (in_array($this->action, array('add'))) {
return true;
}
}
/**}else {
$this->Session->setFlash(__('You don\'t have the right to add a teacher.'), 'flash/error');
$this->redirect(array('action' => 'index'));**/
//return false;
if (isset($user['role']) && $user['role'] === 'teacher') {
} else {
if (isset($user['role']) && $user['role'] === 'admin') {
} else {
$this->Session->setFlash(__('You don\'t have the right to access to groups.'), 'flash/error');
}
}
// The owner of a post can edit and delete it
if (in_array($this->action, array('edit', 'delete'))) {
$postId = (int) $this->request->params['pass'][0];
if ($this->Group->isOwnedBy($postId, $user['id'])) {
return true;
}
}
return parent::isAuthorized($user);
}示例15: isAuthorized
/**
* isAuthorized Method
* Allows Hippa Admin to Add, Edit, Delete Everything
* Client Managers & MU MAnagers can only Add Edit Delete to their own group
* Users cannot see
* @return void
*/
public function isAuthorized($user)
{
$group = $this->Session->read('Auth.User.group_id');
// Test group role. Is admin?
$client = $this->Session->read('Auth.User.client_id');
// Test Client.
$acct = $this->Session->read('Auth.User.Client.account_type');
// Get account type
if ($group == 2) {
if (in_array($this->action, array('index', 'view', 'add'))) {
// Allow Managers to Add
return true;
}
if (in_array($this->action, array('edit', 'delete', 'sendFile'))) {
// Allow Managers to Edit, delete their own
$id = $this->request->params['pass'][0];
if ($this->BusinessAssociateAgreement->isOwnedBy($id, $client)) {
return true;
}
}
}
if ($group == 3 || $acct == 'Initial') {
$this->Session->setFlash('You are not authorized to view that!');
$this->redirect(array('controller' => 'dashboard', 'action' => 'index'));
return false;
}
return parent::isAuthorized($user);
}开发者ID:dipeshpatel306,项目名称:effective-adventure,代码行数:35,代码来源:BusinessAssociateAgreementsController.php