8 changes

Old New 
... ...  
2 2 class UsersController extends AppController
3 3 {
4       var $beforeFilters = array( array('action'=>'requireAccess','except'=>array('forgotpassword','resetpassword','login')),
5                                   array('action'=>'requireAccess','only'=>array('add', 'edit','delete'),'args'=>array('admin'))
6                                 );
  4     var $beforeFilters = array( array('action'=>'requireAccess','except'=>array('forgotpassword','resetpassword','login')));
7 5                                 
8 6     var $components = array('queue_email');
... ...  
10 8     
11 9     function index(){
  10         // check permissions
  11         $this->requireAccess('Perm.admin');
  12         
12 13         $this->Users->recursive = 0;
13 14         $this->paginate = array('order'=>array('lastname' => 'ASC'));
... ...  
16 17 
17 18     function add() {
  19         // check permissions
  20         $this->requireAccess('Perm.admin');
  21         
18 22         if (!empty($this->data)) {
19 23             // check if we need to add a new group
... ...  
52 56 
53 57     function edit($id = null) {
  58         // check permissions
  59         $this->requireAccess('Perm.admin');
54 60         
55 61         if (!$id && empty($this->data)) {
... ...  
107 113 
108 114     function delete($id = null) {
  115         // check permissions
  116         $this->requireAccess('Perm.admin');
109 117         if (!$id) {
110 118             $this->setFlash('Invalid id for User','err');
... ...  
166 174                 
167 175                 $user2['Perm.role'] = $user2['User.role'];
168                   // add some custom permissions based on a persons role.. 
169                   // this is where we grant admin / managers greater access
170                   if ($user2['User.role'] == 'admin' || $user2['User.role'] == 'manager')
171                   {
172                       $user2['Perm.tab.admin'] = true;    // enable the admin tab
173                       $user2['Perm.contacts.all'] = true;    // let admins / managers access all contacts ont he system
174                   }
175 176 
  177                     
176 178                 // load the client settings and any permissions
177 179                 $client2 = array();
... ...  
201 203                 // merge settings and permissions from the package, client and user into one Auth component
202 204                 $auth = array_merge($package,$client2,$user2,$manager);
  205                 
  206                 
  207                 
  208                 
  209                 
  210                 // DO NOT LEAVE THIS IN!!!!!!!!!!!!!
  211                 
  212                 
  213                 
  214                 // WOW such a big hack to temporarily give admin perms to do everything so we dont have to keep updating it
  215                 // this is where we grant admin / managers greater access
  216                 if ($auth['User.role'] == 'admin' || $user2['User.role'] == 'manager')
  217                 {
  218                     foreach ($auth as $key=>$perm){
  219                         if (substr($key,0,5)=='Perm.'){
  220                             $auth[$key] = true;
  221                         }
  222                     }
  223                 }
  224 
  225                 // END OF HACKAGE!!!!
  226                 
  227                 
  228                 
  229                 
  230 
203 231                 ksort($auth);
204 232                 $this->Session->write('Auth', $auth);
... ...

Old	New
...	...
2	2	class UsersController extends AppController
3	3	{
4		var $beforeFilters = array( array('action'=>'requireAccess','except'=>array('forgotpassword','resetpassword','login')),
5		array('action'=>'requireAccess','only'=>array('add', 'edit','delete'),'args'=>array('admin'))
6		);
	4	var $beforeFilters = array( array('action'=>'requireAccess','except'=>array('forgotpassword','resetpassword','login')));
7	5
8	6	var $components = array('queue_email');
...	...
10	8
11	9	function index(){
	10	// check permissions
	11	$this->requireAccess('Perm.admin');
	12
12	13	$this->Users->recursive = 0;
13	14	$this->paginate = array('order'=>array('lastname' => 'ASC'));
...	...
16	17
17	18	function add() {
	19	// check permissions
	20	$this->requireAccess('Perm.admin');
	21
18	22	if (!empty($this->data)) {
19	23	// check if we need to add a new group
...	...
52	56
53	57	function edit($id = null) {
	58	// check permissions
	59	$this->requireAccess('Perm.admin');
54	60
55	61	if (!$id && empty($this->data)) {
...	...
107	113
108	114	function delete($id = null) {
	115	// check permissions
	116	$this->requireAccess('Perm.admin');
109	117	if (!$id) {
110	118	$this->setFlash('Invalid id for User','err');
...	...
166	174
167	175	$user2['Perm.role'] = $user2['User.role'];
168		// add some custom permissions based on a persons role..
169		// this is where we grant admin / managers greater access
170		if ($user2['User.role'] == 'admin' \|\| $user2['User.role'] == 'manager')
171		{
172		$user2['Perm.tab.admin'] = true; // enable the admin tab
173		$user2['Perm.contacts.all'] = true; // let admins / managers access all contacts ont he system
174		}
175	176
	177
176	178	// load the client settings and any permissions
177	179	$client2 = array();
...	...
201	203	// merge settings and permissions from the package, client and user into one Auth component
202	204	$auth = array_merge($package,$client2,$user2,$manager);
	205
	206
	207
	208
	209
	210	// DO NOT LEAVE THIS IN!!!!!!!!!!!!!
	211
	212
	213
	214	// WOW such a big hack to temporarily give admin perms to do everything so we dont have to keep updating it
	215	// this is where we grant admin / managers greater access
	216	if ($auth['User.role'] == 'admin' \|\| $user2['User.role'] == 'manager')
	217	{
	218	foreach ($auth as $key=>$perm){
	219	if (substr($key,0,5)=='Perm.'){
	220	$auth[$key] = true;
	221	}
	222	}
	223	}
	224
	225	// END OF HACKAGE!!!!
	226
	227
	228
	229
	230
203	231	ksort($auth);
204	232	$this->Session->write('Auth', $auth);
...	...