*/
class SoftwaresController extends AppController {
+ public function initialize() {
+
+ parent::initialize();
+
+
+
+ $this->loadComponent('Search.Prg', [
+ // This is default config. You can modify "actions" as needed to make
+ // the PRG component work only for specified methods.
+ 'actions' => ['index', 'lookup']
+ ]);
+
+ $this->paginate = [
+ 'limit' => Configure::read('LIMIT'),
+ 'order' => [
+ 'Softwares.softwarename' => Configure::read('ORDER')
+ ],
+ 'contain' => ['Licenses', 'Reviews', 'Screenshots', 'Relationships', 'SoftwaresStatistics', 'RawMetricsSoftwares']
+ ];
+ }
+
+ /**
+ * Manage all rights for the controllers' actions.
+ * Returns true if the user can use the currrent action, FALSE otherwise.
+ * Returns true for add a project if the user is connected
+ * Returns true for edit and delete action if the user is owner.
+ * @param Array $user User informations
+ * @return boolean
+ */
+ public function isAuthorized($user) {
+
+
+ if ($this->request->action === 'addReview'){
+ $this->loadModel("Users");
+ return $this->Users->isAdministration($this->Auth->user('id'));
+ }
+
+ if ($this->request->action === 'edit') {
+ return false;
+ }
+
+ return parent::isAuthorized($user);
+ }
public function beforeFilter(\Cake\Event\Event $event)
{
parent::beforeFilter($event);
- $this->Auth->allow();
+// $this->Auth->allow(['index', 'view']);
+// $this->Auth->deny('edit');
}
/**
return $this->redirect(['action' => 'index']);
}
- /**
- * Manage all rights for the controllers' actions.
- * Returns true if the user can use the currrent action, FALSE otherwise.
- * Returns true for add a project if the user is connected
- * Returns true for edit and delete action if the user is owner.
- * @param Array $user
- * @return boolean
- */
- public function isAuthorized($user) {
- // All registered users can add projects
- if ($this->request->action === 'add') {
- return true;
- }
-
- // The owner of a software can edit and delete the software.
- if (in_array($this->request->action, ['edit', 'delete'])) {
- $softwareId = (int) $this->request->params['pass'][0];
- if ($this->Softwares->isOwnedBy($softwareId, $user['id'])) {
- return true;
- }
- }
- return parent::isAuthorized($user);
- }
debug ($review);
$this->Flash->error(__('The review could not be saved. Please, try again.'));
}
+ $isAuthorized = $this->Auth->isAuthorized($this->Auth->user()); // La j'encule une mouche !!!
$user = $this->Auth->user();
- $this->set(compact('review', 'user', 'software'));
- $this->set('_serialize', ['review', 'user', 'software']);
+ $this->set(compact('review','user', 'isAuthorized', 'software'));
+ $this->set('_serialize', ['review','user' ,'isAuthorized', 'software']);
}else if ($this->request->is('post') && $this->request->is('json')) {
$review = $this->Softwares->Reviews->patchEntity($review, $this->request->data);
if ($this->Softwares->Reviews->save($review)) {
$message = "Success";
+ $isAuthorized = $this->Auth->isAuthorized($this->Auth->user());
$user = $this->Auth->user();
- $this->set(compact('review', 'user', 'software'));
- $this->set('_serialize', ['review', 'user', 'software']);
+ $this->set(compact('review','user', 'isAuthorized', 'software'));
+ $this->set('_serialize', ['review','user' ,'isAuthorized', 'software']);
} else {
debug($review->errors());
$message = "Error";
]);
}else{//Pour le template vant le post des données.
+ $isAuthorized = $this->Auth->isAuthorized($this->Auth->user());
$user = $this->Auth->user();
- $this->set(compact('review', 'user', 'software'));
- $this->set('_serialize', ['review','user','software']);
+ $this->set(compact('review','user', 'isAuthorized', 'software'));
+ $this->set('_serialize', ['review','user' ,'isAuthorized', 'software']);
}
}
- public function initialize() {
-
- parent::initialize();
-
- $this->loadComponent("Auth");
-
- $this->loadComponent('Search.Prg', [
- // This is default config. You can modify "actions" as needed to make
- // the PRG component work only for specified methods.
- 'actions' => ['index', 'lookup']
- ]);
- $this->paginate = [
- 'limit' => Configure::read('LIMIT'),
- 'order' => [
- 'Softwares.softwarename' => Configure::read('ORDER')
- ],
- 'contain' => ['Licenses', 'Reviews', 'Screenshots', 'Relationships', 'SoftwaresStatistics', 'RawMetricsSoftwares']
- ];
- }
}