fixe a bug to access data

041e248b · Jerome Mariette · 4b735bf7 · 041e248b
Commit 041e248b authored Nov 27, 2012 by Jerome Mariette
--- a/ui/nG6/pi1/class.tx_nG6_pi1.php
+++ b/ui/nG6/pi1/class.tx_nG6_pi1.php
@@ -104,39 +104,31 @@ class tx_nG6_pi1 extends tslib_pibase {
 		if($this->piVars['upgrade']){
 			$content = tx_nG6_upgrade::upgrade($this->piVars['upgrade']);
 		} else {
+			switch((string)$this->conf['view'])	{
-			// If the user is authorized to access the specified project/run, display the page
+				// If the plugin is configured to display results by project
-			if (tx_nG6_db::user_is_authorized($GLOBALS['TSFE']->fe_user->user['uid'], $this->piVars['project_id'], $this->piVars['run_id'])) {
+				case 'project':
-				switch((string)$this->conf['view'])	{
+					if ($this->piVars['analyze_id']) {
-					// If the plugin is configured to display results by project
+						$content .= $this->pi_analyze_view();
-					case 'project':
+					} elseif ($this->piVars['project_id'] && $this->piVars['run_id']) {
-						if ($this->piVars['analyze_id']) {
+						$content .= $this->pi_run_view();
-							$content .= $this->pi_analyze_view();
+					} else {
-						} elseif ($this->piVars['project_id'] && $this->piVars['run_id']) {
-							$content .= $this->pi_run_view();
-						} else {
-							$content .= $this->pi_project_view();
-						}
-						break;
-					// If the plugin is configured to display results by run
-					case 'run':
-						if ($this->piVars['analyze_id']) {
-							$content .= $this->pi_analyze_view();
-						} else {
-							$content .= $this->pi_run_view();
-						}
-						break;
-					// If the plugin is not configured, display by project is default
-					default:
 						$content .= $this->pi_project_view();
-						break;
+					}
-				}
+					break;
-			// If the user is not authorized
+				// If the plugin is configured to display results by run
-			} else {
+				case 'run':
-				$content .= $this->pi_getLL('not_authorized','[not_authorized]');
+					if ($this->piVars['analyze_id']) {
+						$content .= $this->pi_analyze_view();
+					} else {
+						$content .= $this->pi_run_view();
+					}
+					break;
+				// If the plugin is not configured, display by project is default
+				default:
+					$content .= $this->pi_project_view();
+					break;
 			}
 		}
 		return $this->pi_wrapInBaseClass($content);
 	}
@@ -151,65 +143,72 @@ class tx_nG6_pi1 extends tslib_pibase {
 		// If a single element
 		if ($this->piVars['project_id']) {
-			$projects = array('project_'.$this->piVars['project_id'] => tx_nG6_db::select_project($this->piVars['project_id']));
+			if (tx_nG6_db::user_is_authorized($user_id, $this->piVars['project_id'], $this->piVars['run_id'])) {
+				$projects = array('project_'.$this->piVars['project_id'] => tx_nG6_db::select_project($this->piVars['project_id']));
+			}
 		} else {
 			$projects = tx_nG6_db::select_all_user_projects($user_id, 'tx_nG6_project.name');
 		}
-		$smarty = new Smarty();
-		$smarty->setTemplateDir(t3lib_extMgm::extPath('nG6').'/pi1');
+		// If there is no project the user can access
-		$smarty->setCompileDir(t3lib_extMgm::extPath('nG6').'/res/smarty/templates_c');
+		if (count($projects) > 0) {
-		$smarty->setCacheDir(t3lib_extMgm::extPath('nG6').'/res/smarty/cache');
+			$smarty = new Smarty();
-		$smarty->setConfigDir(t3lib_extMgm::extPath('nG6').'/res/smarty/configs');
+			$smarty->setTemplateDir(t3lib_extMgm::extPath('nG6').'/pi1');
-		$smarty->security = true;
+			$smarty->setCompileDir(t3lib_extMgm::extPath('nG6').'/res/smarty/templates_c');
-		$smarty->security_settings['MODIFIER_FUNCS'] = array('count');		
+			$smarty->setCacheDir(t3lib_extMgm::extPath('nG6').'/res/smarty/cache');
-		// Add some information to the table
+			$smarty->setConfigDir(t3lib_extMgm::extPath('nG6').'/res/smarty/configs');
-		$project_ids = "";
+			$smarty->security = true;
-		foreach($projects as $project_id => $project_values) {
+			$smarty->security_settings['MODIFIER_FUNCS'] = array('count');		
-			// project admin ?
-			$projects[$project_id]['is_admin'] = tx_nG6_db::is_project_administrator($GLOBALS['TSFE']->fe_user->user['uid'], $project_values['id']);
-			// project manager ?
-			$projects[$project_id]['is_manager'] = tx_nG6_db::is_project_manager($GLOBALS['TSFE']->fe_user->user['uid'], $project_values['id']);
-			// project member ?
-			$projects[$project_id]['is_member'] = tx_nG6_db::is_project_member($GLOBALS['TSFE']->fe_user->user['uid'], $project_values['id']);
-			$project_ids .= $project_values['id'].",";
-			$projects[$project_id]['href'] = $this->pi_list_linkSingle($project_values['name'],$project_values['id'],1, array('project_id'=>$project_values['id']));
-		}
-		$smarty->assign('projects', $projects);
-		$smarty->assign('login_user', $GLOBALS['TSFE']->loginUser);
-		$smarty->assign('user_id', $GLOBALS['TSFE']->fe_user->user['uid']);
-		$smarty->assign('data_folder', $this->conf["data"]);
-		$smarty->assign('from_email', $this->conf["FromEmail"]);
-		$smarty->assign('server_name', $this->conf["server_name"]);
-		$smarty->assign('project_ids', substr($project_ids,0,-1));
-		$smarty->assign('pid', $this->conf['userpidList']);
-		// If it's a single project, add runs and analysis information
-		if (count($projects) == 1) {
-			// Get all users on project
-			$project_users = tx_nG6_db::get_all_users_on_project($projects[key($projects)]['id']);
-			$smarty->assign('project_users', $project_users);
-			// Add some information to the table
-			$project_runs = tx_nG6_db::get_project_runs($projects[key($projects)]['id']);
-			foreach($project_runs as $run_id => $run_values) {
-				$project_runs[$run_id]['is_admin'] = tx_nG6_db::is_administrator($GLOBALS['TSFE']->fe_user->user['uid'], 'run', $run_values['id']);
-				$project_runs[$run_id]['href'] = $this->pi_list_linkSingle($run_values['name'],$run_values['id'],1, array('run_id'=>$run_values['id'], 'project_id'=>$run_values['project_id']));
-			}
-			$smarty->assign('project_runs', $project_runs);
-			$project_analysis = tx_nG6_db::get_project_analysis($projects[key($projects)]['id']);
 			// Add some information to the table
-			foreach($project_analysis as $analysis_id => $analysis_values) {
+			$project_ids = "";
-				$project_analysis[$analysis_id]['is_admin'] = tx_nG6_db::is_administrator($GLOBALS['TSFE']->fe_user->user['uid'], 'analyze', $analysis_values['id']);
+			foreach($projects as $project_id => $project_values) {
-				$project_analysis[$analysis_id]['href'] = $this->pi_list_linkSingle($analysis_values['name'],$analysis_values['id'],1, array('analyze_id'=>$analysis_values['id'], 'project_id'=>$this->piVars['project_id']));
+				// project admin ?
+				$projects[$project_id]['is_admin'] = tx_nG6_db::is_project_administrator($GLOBALS['TSFE']->fe_user->user['uid'], $project_values['id']);
+				// project manager ?
+				$projects[$project_id]['is_manager'] = tx_nG6_db::is_project_manager($GLOBALS['TSFE']->fe_user->user['uid'], $project_values['id']);
+				// project member ?
+				$projects[$project_id]['is_member'] = tx_nG6_db::is_project_member($GLOBALS['TSFE']->fe_user->user['uid'], $project_values['id']);
+				$project_ids .= $project_values['id'].",";
+				$projects[$project_id]['href'] = $this->pi_list_linkSingle($project_values['name'],$project_values['id'],1, array('project_id'=>$project_values['id']));
 			}
-			$smarty->assign('h_project_analysis', tx_nG6_utils::trace_hierarchy($project_analysis));
+			$smarty->assign('projects', $projects);
-			$smarty->assign('project_analysis', $project_analysis);
+			$smarty->assign('login_user', $GLOBALS['TSFE']->loginUser);
-		}	
+			$smarty->assign('user_id', $GLOBALS['TSFE']->fe_user->user['uid']);
-		return $smarty->fetch('project_view.tpl');
+			$smarty->assign('data_folder', $this->conf["data"]);
+			$smarty->assign('from_email', $this->conf["FromEmail"]);
+			$smarty->assign('server_name', $this->conf["server_name"]);
+			$smarty->assign('project_ids', substr($project_ids,0,-1));
+			$smarty->assign('pid', $this->conf['userpidList']);
+			// If it's a single project, add runs and analysis information
+			if (count($projects) == 1) {
+				// Get all users on project
+				$project_users = tx_nG6_db::get_all_users_on_project($projects[key($projects)]['id']);
+				$smarty->assign('project_users', $project_users);
+				// Add some information to the table
+				$project_runs = tx_nG6_db::get_project_runs($projects[key($projects)]['id']);
+				foreach($project_runs as $run_id => $run_values) {
+					$project_runs[$run_id]['is_admin'] = tx_nG6_db::is_administrator($GLOBALS['TSFE']->fe_user->user['uid'], 'run', $run_values['id']);
+					$project_runs[$run_id]['href'] = $this->pi_list_linkSingle($run_values['name'],$run_values['id'],1, array('run_id'=>$run_values['id'], 'project_id'=>$run_values['project_id']));
+				}
+				$smarty->assign('project_runs', $project_runs);
+				$project_analysis = tx_nG6_db::get_project_analysis($projects[key($projects)]['id']);
+				// Add some information to the table
+				foreach($project_analysis as $analysis_id => $analysis_values) {
+					$project_analysis[$analysis_id]['is_admin'] = tx_nG6_db::is_administrator($GLOBALS['TSFE']->fe_user->user['uid'], 'analyze', $analysis_values['id']);
+					$project_analysis[$analysis_id]['href'] = $this->pi_list_linkSingle($analysis_values['name'],$analysis_values['id'],1, array('analyze_id'=>$analysis_values['id'], 'project_id'=>$this->piVars['project_id']));
+				}
+				$smarty->assign('h_project_analysis', tx_nG6_utils::trace_hierarchy($project_analysis));
+				$smarty->assign('project_analysis', $project_analysis);
+			}	
+			return $smarty->fetch('project_view.tpl');
+		} else {
+			return "Access denied - You are not authorized to access this page.";
+		}
 	}
@@ -224,56 +223,63 @@ class tx_nG6_pi1 extends tslib_pibase {
 		// If a single element
 		if ($this->piVars['run_id']) {
-			$runs = array('run_'.$this->piVars['run_id'] => tx_nG6_db::select_run($this->piVars['run_id']));
+			if (tx_nG6_db::user_is_authorized($user_id, $this->piVars['project_id'], $this->piVars['run_id'])) {
+				$runs = array('run_'.$this->piVars['run_id'] => tx_nG6_db::select_run($this->piVars['run_id']));
+			}
 		} else {
 			$runs = tx_nG6_db::select_all_user_runs($user_id);
 		}
-		$smarty = new Smarty();
-		$smarty->setTemplateDir(t3lib_extMgm::extPath('nG6').'/pi1');
-		$smarty->setCompileDir(t3lib_extMgm::extPath('nG6').'/res/smarty/templates_c');
-		$smarty->setCacheDir(t3lib_extMgm::extPath('nG6').'/res/smarty/cache');
-		$smarty->setConfigDir(t3lib_extMgm::extPath('nG6').'/res/smarty/configs');
-		$smarty->security = true;
-		$smarty->security_settings['MODIFIER_FUNCS'] = array('count');
-		// Add some information to the table
-		$run_ids = "";
-		foreach($runs as $run_id => $run_values) {
-			if (tx_nG6_db::is_administrator($user_id, 'run', $run_values['id']) ) {
-				$runs[$run_id]['is_admin'] = true;
-			} else {
-				$runs[$run_id]['is_admin'] = false;
-			}
-			$run_ids .= $run_values['id'].",";
-			if ($this->piVars['project_id']) {
-				$runs[$run_id]['href'] = $this->pi_list_linkSingle($run_values['name'],$run_values['id'],1, array('run_id'=>$run_values['id'], 'project_id'=>$run_values['project_id']));	
-			} else {
-				$runs[$run_id]['href'] = $this->pi_list_linkSingle($run_values['name'],$run_values['id'],1, array('run_id'=>$run_values['id']));
-			}
-		}
-		$smarty->assign('runs', $runs);
-		$smarty->assign('login_user', $GLOBALS['TSFE']->loginUser);
-		$smarty->assign('user_id', $GLOBALS['TSFE']->fe_user->user['uid']);
-		$smarty->assign('data_folder', $this->conf["data"]);
-		$smarty->assign('server_name', $this->conf["server_name"]);
-		$smarty->assign('run_ids', substr($run_ids,0,-1));
-		// If it's a single run, add analysis information
+		if (count($runs) > 0) {
-		if (count($runs) == 1) {
+			$smarty = new Smarty();
-			$run_analysis = tx_nG6_db::get_run_analysis($runs[key($runs)]['id']);
+			$smarty->setTemplateDir(t3lib_extMgm::extPath('nG6').'/pi1');
+			$smarty->setCompileDir(t3lib_extMgm::extPath('nG6').'/res/smarty/templates_c');
+			$smarty->setCacheDir(t3lib_extMgm::extPath('nG6').'/res/smarty/cache');
+			$smarty->setConfigDir(t3lib_extMgm::extPath('nG6').'/res/smarty/configs');
+			$smarty->security = true;
+			$smarty->security_settings['MODIFIER_FUNCS'] = array('count');
 			// Add some information to the table
-			foreach($run_analysis as $analysis_id => $analysis_values) {
+			$run_ids = "";
-				$run_analysis[$analysis_id]['is_admin'] = tx_nG6_db::is_administrator($GLOBALS['TSFE']->fe_user->user['uid'], 'analyze', $analysis_values['id']);
+			foreach($runs as $run_id => $run_values) {
+				if (tx_nG6_db::is_administrator($user_id, 'run', $run_values['id']) ) {
+					$runs[$run_id]['is_admin'] = true;
+				} else {
+					$runs[$run_id]['is_admin'] = false;
+				}
+				$run_ids .= $run_values['id'].",";
 				if ($this->piVars['project_id']) {
-					$run_analysis[$analysis_id]['href'] = $this->pi_list_linkSingle($analysis_values['name'],$analysis_values['id'],1, array('analyze_id'=>$analysis_values['id'], 'project_id'=>$this->piVars['project_id'], 'run_id'=>$this->piVars['run_id']));
+					$runs[$run_id]['href'] = $this->pi_list_linkSingle($run_values['name'],$run_values['id'],1, array('run_id'=>$run_values['id'], 'project_id'=>$run_values['project_id']));	
 				} else {
-					$run_analysis[$analysis_id]['href'] = $this->pi_list_linkSingle($analysis_values['name'],$analysis_values['id'],1, array('analyze_id'=>$analysis_values['id'], 'run_id'=>$this->piVars['run_id']));
+					$runs[$run_id]['href'] = $this->pi_list_linkSingle($run_values['name'],$run_values['id'],1, array('run_id'=>$run_values['id']));
 				}
 			}
-			$smarty->assign('h_run_analysis', tx_nG6_utils::trace_hierarchy($run_analysis));
+			$smarty->assign('runs', $runs);
-			$smarty->assign('run_analysis', $run_analysis);
+			$smarty->assign('login_user', $GLOBALS['TSFE']->loginUser);
-		}		
+			$smarty->assign('user_id', $GLOBALS['TSFE']->fe_user->user['uid']);
-		return $smarty->fetch('run_view.tpl');
+			$smarty->assign('data_folder', $this->conf["data"]);
+			$smarty->assign('server_name', $this->conf["server_name"]);
+			$smarty->assign('run_ids', substr($run_ids,0,-1));
+			// If it's a single run, add analysis information
+			if (count($runs) == 1) {
+				$run_analysis = tx_nG6_db::get_run_analysis($runs[key($runs)]['id']);
+				// Add some information to the table
+				foreach($run_analysis as $analysis_id => $analysis_values) {
+					$run_analysis[$analysis_id]['is_admin'] = tx_nG6_db::is_administrator($GLOBALS['TSFE']->fe_user->user['uid'], 'analyze', $analysis_values['id']);
+					if ($this->piVars['project_id']) {
+						$run_analysis[$analysis_id]['href'] = $this->pi_list_linkSingle($analysis_values['name'],$analysis_values['id'],1, array('analyze_id'=>$analysis_values['id'], 'project_id'=>$this->piVars['project_id'], 'run_id'=>$this->piVars['run_id']));
+					} else {
+						$run_analysis[$analysis_id]['href'] = $this->pi_list_linkSingle($analysis_values['name'],$analysis_values['id'],1, array('analyze_id'=>$analysis_values['id'], 'run_id'=>$this->piVars['run_id']));
+					}
+				}
+				$smarty->assign('h_run_analysis', tx_nG6_utils::trace_hierarchy($run_analysis));
+				$smarty->assign('run_analysis', $run_analysis);
+			}		
+			return $smarty->fetch('run_view.tpl');
+		} else {
+			return "Access denied - You are not authorized to access this page.";
+		}
 	}