diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 7d08bae04..7276ba64c 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -129,11 +129,12 @@ class AppController extends Controller { $this->set('isSiteAdmin', $this->_isSiteAdmin()); // TODO ACL: 5: from Controller to Views - $this->set('isAclAdd', $this->checkAcl('add')); - $this->set('isAclModify', $this->checkAcl('edit')); + //$this->set('isAclAdd', $this->checkAcl('add')); + $this->set('isAclAdd', $this->checkAction('perm_add')); + //$this->set('isAclModify', $this->checkAcl('edit')); + $this->set('isAclModify', $this->checkAction('perm_modify')); $this->set('isAclModifyOrg', $this->checkAction('perm_modify_org')); $this->set('isAclPublish', $this->checkAction('perm_publish')); - $this->set('isAclAdd2', $this->checkAction('perm_add')); $this->set('isAclSync', $this->checkAction('perm_sync')); $this->set('isAclAdmin', $this->checkAction('perm_admin')); $this->set('isAclAudit', $this->checkAction('perm_audit')); @@ -161,7 +162,7 @@ class AppController extends Controller { } /** - * checks if the currently logged user is an org admin (an admin that can manage the users and events of his own organisation) + * checks if the currently logged user is an administrator (an admin that can manage the users and events of his own organisation) */ protected function _isAdmin() { $org = $this->Auth->user('org'); @@ -194,7 +195,9 @@ class AppController extends Controller { if (isset($this->User)) { $user = $this->User->read(false, $this->Auth->user('id')); } else { - $user = ClassRegistry::init('User')->findById($this->Auth->user('id')); + $this->loadModel('User'); + $this->User->recursive = -1; + $user = $this->User->findById($this->Auth->user('id')); } $this->Auth->login($user['User']); } @@ -518,7 +521,9 @@ class AppController extends Controller { */ public function checkAccess() { $aco = ucfirst($this->params['controller']); - $user = ClassRegistry::init('User')->findById($this->Auth->user('id')); + $this->loadModel('User'); + $this->User->recursive = -1; + $user = $this->User->findById($this->Auth->user('id')); return $this->Acl->check($user, 'controllers/' . $aco, '*'); } @@ -527,9 +532,13 @@ class AppController extends Controller { */ public function checkRole() { $modifyRole = false; - $user = ClassRegistry::init('User')->findById($this->Auth->user('id')); + $this->loadModel('User'); + $this->User->recursive = -1; + $user = $this->User->findById($this->Auth->user('id')); if (isset($user['User'])) { - $role = ClassRegistry::init('Role')->findById($user['User']['role_id']); + $this->loadModel('Role'); + $this->Role->recursive = -1; + $role = $this->Role->findById($user['User']['role_id']); if ($role['Role']['perm_modify_org']) { $modifyRole = true; } @@ -542,9 +551,13 @@ class AppController extends Controller { */ public function checkAction($action = 'perm_sync') { $maySync = false; - $user = ClassRegistry::init('User')->findById($this->Auth->user('id')); + $this->loadModel('User'); + $this->User->recursive = -1; + $user = $this->User->findById($this->Auth->user('id')); if (isset($user['User'])) { - $role = ClassRegistry::init('Role')->findById($user['User']['role_id']); + $this->loadModel('Role'); + $this->Role->recursive = -1; + $role = $this->Role->findById($user['User']['role_id']); if ($role['Role'][$action]) { $maySync = true; } @@ -559,9 +572,13 @@ class AppController extends Controller { */ public function checkAuthUser($authkey) { $result = false; - $user = ClassRegistry::init('User')->findByAuthkey($authkey); + $this->loadModel('User'); + $this->User->recursive = -1; + $user = $this->User->findByAuthkey($authkey); if (isset($user['User'])) { - $role = ClassRegistry::init('Role')->findById($user['User']['role_id']); + $this->loadModel('Role'); + $this->Role->recursive = -1; + $role = $this->Role->findById($user['User']['role_id']); if ($role['Role']['perm_auth']) { $result = true; }