Changeset 339 for trunk/app/controllers/colleges_controller.php

Timestamp:

03/24/08 17:06:55 (10 months ago)

Author:

aarkerio

Message:

Update permission by individual controller rather than general

Files:

• trunk/app/controllers/colleges_controller.php (modified) (2 diffs)

trunk/app/controllers/colleges_controller.php

@@ -3 +3 @@
     *  Karamelo E-Learning Platform
     *  Manuel Montoya 2002-2008 
-    *  GPL License manuel<at>mononeurona<punto>org
+    *  GPLv3 License manuel<at>mononeurona<punto>org
     *  Chipotle Software TM
 */ 
@@ -15 +15 @@
  public $components       = array('Portal');
 
+ public function beforeFilter() 
+ {
+    $this->Auth->allow(array('view'));
+    parent::beforeFilter();
+ }
+ 
  public function isAuthorized() 
- {
-    if ($this->action == 'delete') 
-      {
-    if ($this->Auth->user('group_id') == 1) 
-          {
+ {      
+    if (isset( $this->params[Configure::read('Routing.admin')] )) 
+    {
+        if ($this->Auth->user('group_id') == 1 || $this->Auth->user('group_id') == 2 )  // admin and teachers
+        {
         return true;
-          } else {
-        return false;
-          }
-      }
- 
-    return true;
+        } 
+    } 
+    return false;  // go away !!
  }
+
 
  public function view()