From d5ec96e90a4bdcecc7423ca407724415817cb372 Mon Sep 17 00:00:00 2001 From: Joe Hunt Date: Sat, 8 Sep 2012 19:07:55 +0200 Subject: [PATCH 1/1] Hide Menu options if not authorized --- themes/aqua/renderer.php | 87 +++++++++++++++++++++++++++++--- themes/cool/renderer.php | 87 +++++++++++++++++++++++++++++--- themes/default/renderer.php | 98 ++++++++++++++++++++++++++++++++----- 3 files changed, 249 insertions(+), 23 deletions(-) diff --git a/themes/aqua/renderer.php b/themes/aqua/renderer.php index 10c3c956..72e200cb 100644 --- a/themes/aqua/renderer.php +++ b/themes/aqua/renderer.php @@ -56,10 +56,13 @@ echo "
"; foreach($applications as $app) { - $acc = access_string($app->name); - echo "" .$acc[0] . ""; + if ($this->check_application_access($app)) + { + $acc = access_string($app->name); + echo "" .$acc[0] . ""; + } } echo "
"; @@ -141,9 +144,13 @@ global $path_to_root; $selected_app = $waapp->get_selected_application(); + if (!$this->check_application_access($selected_app)) + return; foreach ($selected_app->modules as $module) { + if (!$this->check_module_access($module)) + continue; // image echo ""; // values @@ -163,7 +170,7 @@ { echo $img.menu_link($appfunction->link, $appfunction->label)."
\n"; } - else + elseif (!$this->hide_inaccessible_menu_items()) { echo $img.'' .access_string($appfunction->label, true) @@ -183,7 +190,7 @@ { echo $img.menu_link($appfunction->link, $appfunction->label)."
\n"; } - else + elseif (!$this->hide_inaccessible_menu_items()) { echo $img.'' .access_string($appfunction->label, true) @@ -198,6 +205,74 @@ echo ""; } + + function check_application_access($waapp) + { + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + foreach ($waapp->modules as $module) + { + if ($this->check_module_access($module)) + { + return true; + } + } + + return false; + + } + + function check_module_access($module) + { + + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + if (sizeof($module->lappfunctions) > 0) + { + foreach ($module->lappfunctions as $appfunction) + { + if ($appfunction->label != "" && $_SESSION["wa_current_user"]->can_access_page($appfunction->access)) + { + return true; + } + } + } + + if (sizeof($module->rappfunctions) > 0) + { + foreach ($module->rappfunctions as $appfunction) + { + if ($appfunction->label != "" && $_SESSION["wa_current_user"]->can_access_page($appfunction->access)) + { + return true; + } + } + } + + return false; + + } + + function hide_inaccessible_menu_items() + { + global $hide_inaccessible_menu_items; + + if (!isset($hide_inaccessible_menu_items) || $hide_inaccessible_menu_items == 0) + { + return false; + } + + else + { + return true; + } + } } ?> \ No newline at end of file diff --git a/themes/cool/renderer.php b/themes/cool/renderer.php index 92563140..8ce153f2 100644 --- a/themes/cool/renderer.php +++ b/themes/cool/renderer.php @@ -56,10 +56,13 @@ echo "
"; foreach($applications as $app) { - $acc = access_string($app->name); - echo "" .$acc[0] . ""; + if ($this->check_application_access($app)) + { + $acc = access_string($app->name); + echo "" .$acc[0] . ""; + } } echo "
"; @@ -140,9 +143,13 @@ { global $path_to_root; $selected_app = $waapp->get_selected_application(); + if (!$this->check_application_access($selected_app)) + return; foreach ($selected_app->modules as $module) { + if (!$this->check_module_access($module)) + continue; // image echo ""; // values @@ -162,7 +169,7 @@ { echo $img.menu_link($appfunction->link, $appfunction->label)."
\n"; } - else + elseif (!$this->hide_inaccessible_menu_items()) { echo $img.'' .access_string($appfunction->label, true) @@ -182,7 +189,7 @@ { echo $img.menu_link($appfunction->link, $appfunction->label)."
\n"; } - else + elseif (!$this->hide_inaccessible_menu_items()) { echo $img.'' .access_string($appfunction->label, true) @@ -197,6 +204,74 @@ echo ""; } + + function check_application_access($waapp) + { + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + foreach ($waapp->modules as $module) + { + if ($this->check_module_access($module)) + { + return true; + } + } + + return false; + + } + + function check_module_access($module) + { + + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + if (sizeof($module->lappfunctions) > 0) + { + foreach ($module->lappfunctions as $appfunction) + { + if ($appfunction->label != "" && $_SESSION["wa_current_user"]->can_access_page($appfunction->access)) + { + return true; + } + } + } + + if (sizeof($module->rappfunctions) > 0) + { + foreach ($module->rappfunctions as $appfunction) + { + if ($appfunction->label != "" && $_SESSION["wa_current_user"]->can_access_page($appfunction->access)) + { + return true; + } + } + } + + return false; + + } + + function hide_inaccessible_menu_items() + { + global $hide_inaccessible_menu_items; + + if (!isset($hide_inaccessible_menu_items) || $hide_inaccessible_menu_items == 0) + { + return false; + } + + else + { + return true; + } + } } ?> \ No newline at end of file diff --git a/themes/default/renderer.php b/themes/default/renderer.php index c57cc92e..08d015ab 100644 --- a/themes/default/renderer.php +++ b/themes/default/renderer.php @@ -9,6 +9,7 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License here . ***********************************************************************/ + class renderer { function get_icon($category) @@ -34,7 +35,7 @@ function menu_header($title, $no_menu, $is_index) { - global $path_to_root, $help_base_url, $db_connections; + global $path_to_root, $help_base_url, $db_connections, $show_inaccessible_menu_items; echo "\n"; echo "\n"; echo "
\n"; @@ -56,10 +57,13 @@ echo "
"; foreach($applications as $app) { - $acc = access_string($app->name); - echo "" .$acc[0] . ""; + if ($this->check_application_access($app)) + { + $acc = access_string($app->name); + echo "" .$acc[0] . ""; + } } echo "
"; echo "
"; @@ -140,9 +144,12 @@ global $path_to_root; $selected_app = $waapp->get_selected_application(); - + if (!$this->check_application_access($selected_app)) + return; foreach ($selected_app->modules as $module) { + if (!$this->check_module_access($module)) + continue; // image echo ""; // values @@ -162,7 +169,7 @@ { echo $img.menu_link($appfunction->link, $appfunction->label)."
\n"; } - else + elseif (!$this->hide_inaccessible_menu_items()) { echo $img.'' .access_string($appfunction->label, true) @@ -182,7 +189,7 @@ { echo $img.menu_link($appfunction->link, $appfunction->label)."
\n"; } - else + elseif (!$this->hide_inaccessible_menu_items()) { echo $img.'' .access_string($appfunction->label, true) @@ -193,10 +200,79 @@ } echo ""; - } - + } echo ""; } - } + + function check_application_access($waapp) + { + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + foreach ($waapp->modules as $module) + { + if ($this->check_module_access($module)) + { + return true; + } + } + + return false; + + } + + function check_module_access($module) + { + + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + if (sizeof($module->lappfunctions) > 0) + { + foreach ($module->lappfunctions as $appfunction) + { + if ($appfunction->label != "" && $_SESSION["wa_current_user"]->can_access_page($appfunction->access)) + { + return true; + } + } + } + + if (sizeof($module->rappfunctions) > 0) + { + foreach ($module->rappfunctions as $appfunction) + { + if ($appfunction->label != "" && $_SESSION["wa_current_user"]->can_access_page($appfunction->access)) + { + return true; + } + } + } + + return false; + + } + + function hide_inaccessible_menu_items() + { + global $hide_inaccessible_menu_items; + + if (!isset($hide_inaccessible_menu_items) || $hide_inaccessible_menu_items == 0) + { + return false; + } + + else + { + return true; + } + } + } + + ?> \ No newline at end of file -- 2.30.2