CC-3590: Calendar GUI->DJ user should not be able to invoke "Add Show" window
-add user type into javascript as a variable so we can check permissions on js side
This commit is contained in:
Martin Konecny
parent
16f3a331bb
commit
da8a5296b0
|
|
@ -76,6 +76,14 @@ class Bootstrap extends Zend_Application_Bootstrap_Bootstrap
|
||||||
|
|
||||||
$view->headScript()->appendFile($baseUrl.'/js/airtime/common/common.js?'.$CC_CONFIG['airtime_version'],'text/javascript');
|
$view->headScript()->appendFile($baseUrl.'/js/airtime/common/common.js?'.$CC_CONFIG['airtime_version'],'text/javascript');
|
||||||
|
|
||||||
|
$user = Application_Model_User::GetCurrentUser();
|
||||||
|
if (!is_null($user)){
|
||||||
|
$userType = $user->getType();
|
||||||
|
} else {
|
||||||
|
$userType = "";
|
||||||
|
}
|
||||||
|
$view->headScript()->appendScript("var userType = '$userType';");
|
||||||
|
|
||||||
if (Application_Model_Preference::GetPlanLevel() != "disabled"
|
if (Application_Model_Preference::GetPlanLevel() != "disabled"
|
||||||
&& ($_SERVER['REQUEST_URI'] != '/Dashboard/stream-player' || $_SERVER['REQUEST_URI'] != '/audiopreview/audio-preview-player')) {
|
&& ($_SERVER['REQUEST_URI'] != '/Dashboard/stream-player' || $_SERVER['REQUEST_URI'] != '/audiopreview/audio-preview-player')) {
|
||||||
$client_id = Application_Model_Preference::GetClientId();
|
$client_id = Application_Model_Preference::GetClientId();
|
||||||
|
|
|
||||||
|
|
@ -295,7 +295,11 @@ class Application_Model_User {
|
||||||
|
|
||||||
public static function GetCurrentUser() {
|
public static function GetCurrentUser() {
|
||||||
$userinfo = Zend_Auth::getInstance()->getStorage()->read();
|
$userinfo = Zend_Auth::getInstance()->getStorage()->read();
|
||||||
|
|
||||||
return new self($userinfo->id);
|
if (is_null($userinfo)){
|
||||||
|
return null;
|
||||||
|
} else {
|
||||||
|
return new self($userinfo->id);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -94,7 +94,7 @@ function pad(number, length) {
|
||||||
function dayClick(date, allDay, jsEvent, view){
|
function dayClick(date, allDay, jsEvent, view){
|
||||||
// The show from will be preloaded if the user is admin or program manager.
|
// The show from will be preloaded if the user is admin or program manager.
|
||||||
// Hence, if the user if DJ then it won't open anything.
|
// Hence, if the user if DJ then it won't open anything.
|
||||||
if($.trim($("#add-show-form").html()) != ""){
|
if(userType == "A" || userType == "P"){
|
||||||
var now, today, selected, chosenDate, chosenTime;
|
var now, today, selected, chosenDate, chosenTime;
|
||||||
|
|
||||||
now = adjustDateToServerDate(new Date(), serverTimezoneOffset);
|
now = adjustDateToServerDate(new Date(), serverTimezoneOffset);
|
||||||
|
|
@ -212,7 +212,9 @@ function viewDisplay( view ) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if(($("#add-show-form").length == 1) && ($("#add-show-form").css('display')=='none') && ($('.fc-header-left > span').length == 5)) {
|
if(($("#add-show-form").length == 1) && ($("#add-show-form").css('display')=='none') && ($('.fc-header-left > span').length == 5)) {
|
||||||
if($.trim($("#add-show-form").html()) != ""){
|
|
||||||
|
//userType is defined in bootstrap.php, and is derived from the currently logged in user.
|
||||||
|
if(userType == "A" || userType == "P"){
|
||||||
makeAddShowButton();
|
makeAddShowButton();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue