CC-1665: Scheduled stream rebroadcasting and recording

-verify user that is deleting has current permissions
2012-08-21 16:54:41 -04:00 · 2012-08-21 16:54:41 -04:00 · ecfc27431a
parent a1b91aebbd
commit ecfc27431a
1 changed files with 36 additions and 14 deletions
--- a/airtime_mvc/application/controllers/WebstreamController.php
+++ b/airtime_mvc/application/controllers/WebstreamController.php
@ -27,6 +27,8 @@ class WebstreamController extends Zend_Controller_Action
        $webstream->setDbLength("00:00:00");
        $webstream->setDbName("Untitled Webstream");

+        Application_Model_Library::changePlaylist($obj->getId(), $type);
+
        $this->view->ws = new Application_Model_Webstream($webstream);
        $this->view->action = "new";
        $this->view->html = $this->view->render('webstream/webstream.phtml');
@ -52,6 +54,14 @@ class WebstreamController extends Zend_Controller_Action
        $request = $this->getRequest();
        $id = $request->getParam("ids");

+        if (!$this->isAuthorized($id)) {
+            header("Status: 401 Not Authorized");
+            return;
+        }       
+        
+        $type = "stream";
+        Application_Model_Library::changePlaylist(null, $type);
+
        $webstream = CcWebstreamQuery::create()->findPK($id)->delete();

        $this->view->ws = null;
@ -60,6 +70,28 @@ class WebstreamController extends Zend_Controller_Action

    }

+    public function isAuthorized($id)
+    {
+        $hasPermission = false;
+        if ($user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER))) {
+            $hasPermission = true;
+        }
+
+        if ($user->isUserType(UTYPE_HOST)) {
+            if ($id != -1) {
+                $webstream = CcWebstreamQuery::create()->findPK($id);
+                //we are updating a playlist. Ensure that if the user is a host/dj, that he has the correct permission. 
+                $user = Application_Model_User::getCurrentUser();
+
+                if ($webstream->getDbCreatorId() == $user->getId()) {
+                    $hasPermission = true;
+                }
+            }
+        }
+
+        return $hasPermission;
+    }
+
    public function saveAction()
    {
        $request = $this->getRequest();
@ -68,11 +100,6 @@ class WebstreamController extends Zend_Controller_Action
        $user = Application_Model_User::getCurrentUser();
        $hasPermission = $user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER, UTYPE_HOST));

-        if (!$hasPermission) {
-            header("Status: 401 Not Authorized");
-            return;
-        }
-
        $id = $request->getParam("id");

        $parameters = array();
@ -82,15 +109,10 @@ class WebstreamController extends Zend_Controller_Action
        $parameters['description'] = trim($request->getParam("description"));
        $parameters['url'] = trim($request->getParam("url"));

-        if ($parameters['id'] != -1) {
-            $webstream = CcWebstreamQuery::create()->findPK($parameters['id']);
-            //we are updating a playlist. Ensure that if the user is a host/dj, that he has the correct permission. 
-            $user = Application_Model_User::getCurrentUser();
-            if ($webstream->getDbCreatorId() != $user->getId()) {
-                header("Status: 401 Not Authorized");
-                return;
-            } 
-        } 
+        if (!$this->isAuthorized($id)) {
+            header("Status: 401 Not Authorized");
+            return;
+        }


        list($analysis, $mime, $di) = Application_Model_Webstream::analyzeFormData($parameters);