Commit 041e248b authored by Jerome Mariette's avatar Jerome Mariette
Browse files

fixe a bug to access data

parent 4b735bf7
...@@ -104,9 +104,6 @@ class tx_nG6_pi1 extends tslib_pibase { ...@@ -104,9 +104,6 @@ class tx_nG6_pi1 extends tslib_pibase {
if($this->piVars['upgrade']){ if($this->piVars['upgrade']){
$content = tx_nG6_upgrade::upgrade($this->piVars['upgrade']); $content = tx_nG6_upgrade::upgrade($this->piVars['upgrade']);
} else { } else {
// If the user is authorized to access the specified project/run, display the page
if (tx_nG6_db::user_is_authorized($GLOBALS['TSFE']->fe_user->user['uid'], $this->piVars['project_id'], $this->piVars['run_id'])) {
switch((string)$this->conf['view']) { switch((string)$this->conf['view']) {
// If the plugin is configured to display results by project // If the plugin is configured to display results by project
case 'project': case 'project':
...@@ -131,12 +128,7 @@ class tx_nG6_pi1 extends tslib_pibase { ...@@ -131,12 +128,7 @@ class tx_nG6_pi1 extends tslib_pibase {
$content .= $this->pi_project_view(); $content .= $this->pi_project_view();
break; break;
} }
// If the user is not authorized
} else {
$content .= $this->pi_getLL('not_authorized','[not_authorized]');
}
} }
return $this->pi_wrapInBaseClass($content); return $this->pi_wrapInBaseClass($content);
} }
...@@ -151,10 +143,15 @@ class tx_nG6_pi1 extends tslib_pibase { ...@@ -151,10 +143,15 @@ class tx_nG6_pi1 extends tslib_pibase {
// If a single element // If a single element
if ($this->piVars['project_id']) { if ($this->piVars['project_id']) {
if (tx_nG6_db::user_is_authorized($user_id, $this->piVars['project_id'], $this->piVars['run_id'])) {
$projects = array('project_'.$this->piVars['project_id'] => tx_nG6_db::select_project($this->piVars['project_id'])); $projects = array('project_'.$this->piVars['project_id'] => tx_nG6_db::select_project($this->piVars['project_id']));
}
} else { } else {
$projects = tx_nG6_db::select_all_user_projects($user_id, 'tx_nG6_project.name'); $projects = tx_nG6_db::select_all_user_projects($user_id, 'tx_nG6_project.name');
} }
// If there is no project the user can access
if (count($projects) > 0) {
$smarty = new Smarty(); $smarty = new Smarty();
$smarty->setTemplateDir(t3lib_extMgm::extPath('nG6').'/pi1'); $smarty->setTemplateDir(t3lib_extMgm::extPath('nG6').'/pi1');
$smarty->setCompileDir(t3lib_extMgm::extPath('nG6').'/res/smarty/templates_c'); $smarty->setCompileDir(t3lib_extMgm::extPath('nG6').'/res/smarty/templates_c');
...@@ -165,7 +162,6 @@ class tx_nG6_pi1 extends tslib_pibase { ...@@ -165,7 +162,6 @@ class tx_nG6_pi1 extends tslib_pibase {
// Add some information to the table // Add some information to the table
$project_ids = ""; $project_ids = "";
foreach($projects as $project_id => $project_values) { foreach($projects as $project_id => $project_values) {
// project admin ? // project admin ?
$projects[$project_id]['is_admin'] = tx_nG6_db::is_project_administrator($GLOBALS['TSFE']->fe_user->user['uid'], $project_values['id']); $projects[$project_id]['is_admin'] = tx_nG6_db::is_project_administrator($GLOBALS['TSFE']->fe_user->user['uid'], $project_values['id']);
// project manager ? // project manager ?
...@@ -210,6 +206,9 @@ class tx_nG6_pi1 extends tslib_pibase { ...@@ -210,6 +206,9 @@ class tx_nG6_pi1 extends tslib_pibase {
$smarty->assign('project_analysis', $project_analysis); $smarty->assign('project_analysis', $project_analysis);
} }
return $smarty->fetch('project_view.tpl'); return $smarty->fetch('project_view.tpl');
} else {
return "Access denied - You are not authorized to access this page.";
}
} }
...@@ -224,10 +223,14 @@ class tx_nG6_pi1 extends tslib_pibase { ...@@ -224,10 +223,14 @@ class tx_nG6_pi1 extends tslib_pibase {
// If a single element // If a single element
if ($this->piVars['run_id']) { if ($this->piVars['run_id']) {
if (tx_nG6_db::user_is_authorized($user_id, $this->piVars['project_id'], $this->piVars['run_id'])) {
$runs = array('run_'.$this->piVars['run_id'] => tx_nG6_db::select_run($this->piVars['run_id'])); $runs = array('run_'.$this->piVars['run_id'] => tx_nG6_db::select_run($this->piVars['run_id']));
}
} else { } else {
$runs = tx_nG6_db::select_all_user_runs($user_id); $runs = tx_nG6_db::select_all_user_runs($user_id);
} }
if (count($runs) > 0) {
$smarty = new Smarty(); $smarty = new Smarty();
$smarty->setTemplateDir(t3lib_extMgm::extPath('nG6').'/pi1'); $smarty->setTemplateDir(t3lib_extMgm::extPath('nG6').'/pi1');
$smarty->setCompileDir(t3lib_extMgm::extPath('nG6').'/res/smarty/templates_c'); $smarty->setCompileDir(t3lib_extMgm::extPath('nG6').'/res/smarty/templates_c');
...@@ -274,6 +277,9 @@ class tx_nG6_pi1 extends tslib_pibase { ...@@ -274,6 +277,9 @@ class tx_nG6_pi1 extends tslib_pibase {
$smarty->assign('run_analysis', $run_analysis); $smarty->assign('run_analysis', $run_analysis);
} }
return $smarty->fetch('run_view.tpl'); return $smarty->fetch('run_view.tpl');
} else {
return "Access denied - You are not authorized to access this page.";
}
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment