-
Notifications
You must be signed in to change notification settings - Fork 0
/
AdminController.php
99 lines (77 loc) · 2.77 KB
/
AdminController.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
namespace App\Controller;
use Cake\Event\Event;
use Cake\ORM\TableRegistry;
use Symfony\Component\Config\Definition\Exception\Exception;
class AdminController extends AppController {
function beforeFilter(Event $event) {
parent::beforeFilter($event);
$this->viewBuilder()->layout('admin');
// Display an error if the user is not logged in
if (!($this->loggedIn && $this->admin)) {
$this->response->statusCode(403);
return $this->response;
}
// Handle selection of the admin control panel
if (count($this->adminTheaters) == 0 && !$this->superAdmin) {
// Do nothing if the user is not a theater admin
} else if ($this->Cookie->read('ta_theater_admin') == null) {
// If none set, Set the admin to be viewing the admin panel for their first assigned theater
if ($this->superAdmin) {
$this->adminTheater = 0;
} else {
$this->Cookie->write("ta_theater_admin", $this->adminTheaters[0]->theater_id);
$this->adminTheater = $this->adminTheaters[0]->theater_id;
}
} else if ($this->Cookie->read('ta_theater_admin') == 0) {
// Set the user as having selected the super admin console
if ($this->superAdmin) {
$this->adminTheater = 0;
} else {
// If not allowed, set the panel as the first allowed panel again
$this->Cookie->write("ta_theater_admin", $this->adminTheaters[0]->theater_id);
$this->adminTheater = $this->adminTheaters[0]->theater_id;
}
} else if ($this->superAdmin) {
// Read the theater from the cookie directly
$this->adminTheater = $this->Cookie->read('ta_theater_admin');
} else {
// If the user has a panel selected, verify
$selected = $this->Cookie->read('ta_theater_admin');
$found = false;
// Search through allowed theaters to find the selected
foreach ($this->adminTheaters as $theater) {
if ($theater->theater_id == $selected) {
$this->adminTheater = $theater->theater_id;
$found = true;
break;
}
}
// If none found, reset to first allowed
if (!$found) {
$this->Cookie->write("ta_theater_admin", $this->adminTheaters[0]->theater_id);
$this->adminTheater = $this->adminTheaters[0]->theater_id;
}
}
// Set default permissions
$this->canCashier = false;
$this->canManage = false;
// Calculate the current permissions
if ($this->superAdmin) {
$this->canCashier = true;
$this->canManage = true;
} else {
foreach ($this->adminTheaters as $theater) {
if ($theater->theater_id == $this->adminTheater) {
$this->canCashier = $theater->access_level >= 1;
$this->canManage = $theater->access_level >= 2;
break;
}
}
}
// Pass the current permissions to the view
$this->set("adminTheater", $this->adminTheater);
$this->set("canCashier", $this->canCashier);
$this->set("canManage", $this->canManage);
}
}