diff options
| author | Dj Padzensky <djpadz@padz.net> | 2016-07-14 13:20:56 -0700 |
|---|---|---|
| committer | Dj Padzensky <djpadz@padz.net> | 2016-07-14 13:20:56 -0700 |
| commit | 5969eb8e3030c822333872f24daa23b9eac1f4f7 (patch) | |
| tree | 3bacb341f515b214211676689d899172336cd52f /app/Template/user_view | |
| parent | 6e35d8f22aa828b9dcd72d749034754e1a00a525 (diff) | |
Added tighter access controls to profile section
Diffstat (limited to 'app/Template/user_view')
| -rw-r--r-- | app/Template/user_view/sidebar.php | 68 |
1 files changed, 42 insertions, 26 deletions
diff --git a/app/Template/user_view/sidebar.php b/app/Template/user_view/sidebar.php index d200a7f5..3dc6b7bc 100644 --- a/app/Template/user_view/sidebar.php +++ b/app/Template/user_view/sidebar.php @@ -12,18 +12,26 @@ </li> <?php endif ?> <?php if ($this->user->isAdmin() || $this->user->isCurrentUser($user['id'])): ?> - <li <?= $this->app->checkMenuSelection('UserViewController', 'timesheet') ?>> - <?= $this->url->link(t('Time tracking'), 'UserViewController', 'timesheet', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'lastLogin') ?>> - <?= $this->url->link(t('Last logins'), 'UserViewController', 'lastLogin', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'sessions') ?>> - <?= $this->url->link(t('Persistent connections'), 'UserViewController', 'sessions', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'passwordReset') ?>> - <?= $this->url->link(t('Password reset history'), 'UserViewController', 'passwordReset', array('user_id' => $user['id'])) ?> - </li> + <?php if ($this->user->hasAccess('UserViewController', 'timesheet')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'timesheet') ?>> + <?= $this->url->link(t('Time tracking'), 'UserViewController', 'timesheet', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'lastLogin')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'lastLogin') ?>> + <?= $this->url->link(t('Last logins'), 'UserViewController', 'lastLogin', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'sessions')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'sessions') ?>> + <?= $this->url->link(t('Persistent connections'), 'UserViewController', 'sessions', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'passwordReset')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'passwordReset') ?>> + <?= $this->url->link(t('Password reset history'), 'UserViewController', 'passwordReset', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> <?php endif ?> <?= $this->hook->render('template:user:sidebar:information', array('user' => $user)) ?> @@ -42,13 +50,13 @@ </li> <?php endif ?> - <?php if ($user['is_ldap_user'] == 0): ?> + <?php if ($user['is_ldap_user'] == 0 && $this->user->hasAccess('UserCredentialController', 'changePassword')): ?> <li <?= $this->app->checkMenuSelection('UserCredentialController', 'changePassword') ?>> <?= $this->url->link(t('Change password'), 'UserCredentialController', 'changePassword', array('user_id' => $user['id'])) ?> </li> <?php endif ?> - <?php if ($this->user->isCurrentUser($user['id'])): ?> + <?php if ($this->user->isCurrentUser($user['id']) && $this->user->hasAccess('TwoFactorController', 'index')): ?> <li <?= $this->app->checkMenuSelection('TwoFactorController', 'index') ?>> <?= $this->url->link(t('Two factor authentication'), 'TwoFactorController', 'index', array('user_id' => $user['id'])) ?> </li> @@ -58,18 +66,26 @@ </li> <?php endif ?> - <li <?= $this->app->checkMenuSelection('UserViewController', 'share') ?>> - <?= $this->url->link(t('Public access'), 'UserViewController', 'share', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'notifications') ?>> - <?= $this->url->link(t('Notifications'), 'UserViewController', 'notifications', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'external') ?>> - <?= $this->url->link(t('External accounts'), 'UserViewController', 'external', array('user_id' => $user['id'])) ?> - </li> - <li <?= $this->app->checkMenuSelection('UserViewController', 'integrations') ?>> - <?= $this->url->link(t('Integrations'), 'UserViewController', 'integrations', array('user_id' => $user['id'])) ?> - </li> + <?php if ($this->user->hasAccess('UserViewController', 'share')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'share') ?>> + <?= $this->url->link(t('Public access'), 'UserViewController', 'share', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'notifications')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'notifications') ?>> + <?= $this->url->link(t('Notifications'), 'UserViewController', 'notifications', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'external')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'external') ?>> + <?= $this->url->link(t('External accounts'), 'UserViewController', 'external', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> + <?php if ($this->user->hasAccess('UserViewController', 'integrations')): ?> + <li <?= $this->app->checkMenuSelection('UserViewController', 'integrations') ?>> + <?= $this->url->link(t('Integrations'), 'UserViewController', 'integrations', array('user_id' => $user['id'])) ?> + </li> + <?php endif ?> <?php endif ?> <?php if ($this->user->hasAccess('UserCredentialController', 'changeAuthentication')): ?> |