Fixed issue 4, with fine control over the tabs access.
For each tab, at the exception of the project home and the administration area, it possible to control the access rights if the user is anonymous, signed in, member or owner.
This commit is contained in:
Loic d'Anterroches
@@ -24,6 +24,7 @@
|
||||
/**
|
||||
* Project middleware.
|
||||
*
|
||||
* It must be after the session middleware.
|
||||
*/
|
||||
class IDF_Middleware
|
||||
{
|
||||
@@ -49,6 +50,15 @@ class IDF_Middleware
|
||||
} catch (Pluf_HTTP_Error404 $e) {
|
||||
return new Pluf_HTTP_Response_NotFound(sprintf(__('The page <em>%s</em> was not found on the server.'), htmlspecialchars($request->query)));
|
||||
}
|
||||
$request->conf = new IDF_Conf();
|
||||
$request->conf->setProject($request->project);
|
||||
$ak = array('downloads_access_rights' => 'hasDownloadsAccess',
|
||||
'source_access_rights' => 'hasSourceAccess',
|
||||
'issues_access_rights' => 'hasIssuesAccess');
|
||||
$request->rights = array();
|
||||
foreach ($ak as $key=>$val) {
|
||||
$request->rights[$val] = (true === IDF_Precondition::accessTabGeneric($request, $key));
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
@@ -58,12 +68,14 @@ class IDF_Middleware
|
||||
function IDF_Middleware_ContextPreProcessor($request)
|
||||
{
|
||||
$c = array();
|
||||
$c['request'] = $request;
|
||||
if (isset($request->project)) {
|
||||
$c['project'] = $request->project;
|
||||
$c['isOwner'] = $request->user->hasPerm('IDF.project-owner',
|
||||
$request->project);
|
||||
$c['isMember'] = $request->user->hasPerm('IDF.project-member',
|
||||
$request->project);
|
||||
$c = array_merge($c, $request->rights);
|
||||
}
|
||||
return $c;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user