Permalink
Browse files

Removed features module, cleaned up checkAccess and added business ch…

…eckModuleAccess function
  • Loading branch information...
veggiefrog committed May 26, 2012
1 parent 9bb6c86 commit 3ed79adef79d3b3f3ddd7442ccfe27a91f319496
Showing with 9 additions and 11 deletions.
  1. +9 −11 private/checkAccess.php
View
@@ -20,20 +20,18 @@
//
function ciniki_toolbox_checkAccess($ciniki, $business_id, $method, $excel_id) {
//
- // Check if the module is enabled for this business, don't really care about the ruleset
+ // Check if the business is active and the module is enabled
//
- $strsql = "SELECT ruleset FROM ciniki_businesses, ciniki_business_modules "
- . "WHERE ciniki_businesses.id = '" . ciniki_core_dbQuote($ciniki, $business_id) . "' "
- . "AND ciniki_businesses.status = 1 " // Business is active
- . "AND ciniki_businesses.id = ciniki_business_modules.business_id "
- . "AND ciniki_business_modules.package = 'ciniki' "
- . "AND ciniki_business_modules.module = 'toolbox' "
- . "";
- require_once($ciniki['config']['core']['modules_dir'] . '/core/private/dbHashQuery.php');
- $rc = ciniki_core_dbHashQuery($ciniki, $strsql, 'businesses', 'module');
+ require_once($ciniki['config']['core']['modules_dir'] . '/businesses/private/checkModuleAccess.php');
+ $rc = ciniki_businesses_checkModuleAccess($ciniki, $business_id, 'ciniki', 'toolbox');
if( $rc['stat'] != 'ok' ) {
- return array('stat'=>'fail', 'err'=>array('pkg'=>'ciniki', 'code'=>'65', 'msg'=>'Access denied', 'err'=>$rc['err']));
+ return $rc;
+ }
+
+ if( !isset($rc['ruleset']) ) {
+ return array('stat'=>'fail', 'err'=>array('pkg'=>'ciniki', 'code'=>'65', 'msg'=>'No permissions granted'));
}
+ $modules = $rc['modules'];
//
// Check the user has permission to the business,

0 comments on commit 3ed79ad

Please sign in to comment.