Index: trunk/core/kernel/processors/main_processor.php =================================================================== diff -u -N -r4834 -r4840 --- trunk/core/kernel/processors/main_processor.php (.../main_processor.php) (revision 4834) +++ trunk/core/kernel/processors/main_processor.php (.../main_processor.php) (revision 4840) @@ -680,6 +680,18 @@ } /** + * Allows to check if permission exists directly in template and perform additional actions if required + * + * @param Array $params + * @return bool + */ + function CheckPermission($params) + { + $perm_helper =& $this->Application->recallObject('PermissionsHelper'); + return $perm_helper->TagPermissionCheck($params, 'm_CheckPermission'); + } + + /** * Checks if user is logged in and if not redirects it to template passed * * @param Array $params @@ -691,56 +703,31 @@ $t = $next_t; } - if ($permission_groups = getArrayValue($params, 'permissions')) { - echo 'PermGroups: '.$permission_groups.'
'; - $permission_groups = explode('|', $permission_groups); - $group_has_permission = false; - foreach ($permission_groups as $permission_group) { - $permissions = explode(',', $permission_group); - $has_permission = true; - foreach ($permissions as $permission) { - $has_permission = $has_permission && $this->Application->CheckPermission($permission, isset($params['system']) && $params['system'] ? 1 : 0); - } - $group_has_permission = $group_has_permission || $has_permission; - - if ($group_has_permission) { - return; - } - } - - if (!$this->Application->LoggedIn()) { - $this->Application->Redirect( $params['login_template'], Array('next_template'=>$t) ); - } - else { - if (isset($params['no_permissions_template'])) { - $t = $params['no_permissions_template']; - } - else { - $t = $this->Application->IsAdmin() ? 'no_permission' : $this->Application->ConfigValue('NoPermissionTemplate'); - } - - $redirect_params = $this->Application->isDebugMode() ? Array('from_template' => 1, 'perms' => $params['permissions'], 'next_template' => $this->Application->GetVar('t')) : Array(); - $this->Application->Redirect($t, $redirect_params); - } + // check by permissions: begin + $perm_helper =& $this->Application->recallObject('PermissionsHelper'); + $perm_status = $perm_helper->TagPermissionCheck($params, 'm_RequireLogin'); + if (!$perm_status) { + list($redirect_template, $redirect_params) = $perm_helper->getPermissionTemplate($params); + $this->Application->Redirect($redirect_template, $redirect_params); } - - $condition = getArrayValue($params,'condition'); - if(!$condition) - { + // check by permissions: end + + // check by configuration value: begin + $condition = getArrayValue($params, 'condition'); + if (!$condition) { $condition = true; } - else - { - if( substr($condition,0,1) == '!' ) - { - $condition = !$this->Application->ConfigValue( substr($condition,1) ); + else { + if (substr($condition, 0, 1) == '!') { + $condition = !$this->Application->ConfigValue(substr($condition, 1)); } - else - { + else { $condition = $this->Application->ConfigValue($condition); } } - + // check by configuration value: end + + // check by belonging to group: begin $group = $this->SelectParam($params, 'group'); $group_access = true; if ($group) { @@ -751,9 +738,9 @@ $group_access = in_array($group_id, $groups); } } - - if( (!$this->Application->LoggedIn() || !$group_access) && $condition ) - { + // check by belonging to group: end + + if ((!$this->Application->LoggedIn() || !$group_access) && $condition) { if ( $this->Application->LoggedIn() && !$group_access) { $this->Application->Redirect( $params['no_group_perm_template'], Array('next_template'=>$t) ); } @@ -763,7 +750,7 @@ if ($session_expired) { $redirect_params['expired'] = $session_expired; } - $this->Application->Redirect( $params['login_template'], $redirect_params); + $this->Application->Redirect($params['login_template'], $redirect_params); } }