Skip to content
Snippets Groups Projects
Commit 7e73fcd7 authored by Uma's avatar Uma
Browse files

Refinement on action controller checkpermission api

parent 09b7c4fc
Branches
Tags
1 merge request!366Check permission handled on TransferOwnership action of Accounts module
Show whitespace changes
Inline Side-by-side
includes/runtime/Controller.php
+ 11
1
View file @ 7e73fcd7
......@@ -115,7 +115,17 @@ abstract class Vtiger_Action_Controller extends Vtiger_Controller {
function checkPermission(Vtiger_Request $request) {
$permissions = $this->requiresPermission($request);
foreach($permissions as $permission) {
if(!Users_Privileges_Model::isPermitted($request->get($permission['module_parameter']), $permission['action'], $request->get($permission['record_parameter']))) {
if(array_key_exists('module_parameter', $permission)){
$moduleParameter = $request->get($permission['module_parameter']);
}else{
$moduleParameter = 'module';
}
if(array_key_exists('record_parameter', $permission)){
$recordParameter = $request->get($permission['record_parameter']);
}else{
$recordParameter = '';
}
if(!Users_Privileges_Model::isPermitted($moduleParameter, $permission['action'], $recordParameter)) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Copyright 2023 Vtiger. All rights reserved.