I have two roles admin and member
Now I want that the member only can edit his records (Participant), but how I could to that?
And the admin can edit all records from Participant.
public function isAuthorized($user){
if(in_array($this->action, array('edit'))){
if($user['id'] != $this->Session->read('Auth.Participant.user_id')) {
return false;
}
}
return true;
}
But with my function, nobody can do something with edit:(
public function isAuthorized($user) {
// Admin can access every action
if (isset($user['role']) && $user['role'] === 'admin') {
return true;
}
if (isset($user['role']) && $user['role'] === 'member') {
if(in_array($this->action, array('edit'))){
if($user['id'] != $this->Session->read('Auth.Participant.user_id')) {
return false;
}
else{
return true;
}
}
}
//Default deny
return false;
}
Related
I develop function for update user, but in backend, I have error:
System.NullReferenceException: 'The object reference is not defined to an instance of an object.' users was null.
I think because users is null, and I don't know how to make a call to fill users data. this error displays in the condition if(id!= users.ID) ,how to fix this problem, here is my code:
[ResponseType(typeof(void))]
// [HttpPut]
[AcceptVerbs("OPTIONS")]
public IHttpActionResult PutUsers(string id, Users users)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
if (id != users.Id)
{
return BadRequest();
}
db.Entry(users).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!UsersExists(id))
{
return NotFound();
}
else
{
throw;
}
}
return StatusCode(HttpStatusCode.NoContent);
}
and this user.controller:
$scope.userEdit = function () {
console.log('edit');
var idsForEdit = [];
angular.forEach($scope.listeOfUsers, function (item,$uibModalInstance, index) {
console.log($scope.listeOfUsers);
if (item.checked) {
console.log(item.checked);
console.log(item.Id);
//idsForEdit.push(item);
$scope.registration.Email=item.Email;
$scope.registration.Password=item.PasswordHash;
$scope.registration.Users_Role=item.Role;
$scope.registration.Site=item.Site;
$scope.registration.Id=item.Id;
$scope.ok = function () {
console.log("ok");
// $scope.Action = "Update";
User.Update({
id: item.Id
}, $scope.Users=item.Users
, function (response) {
console.log(response);
console.log("ok");
SweetAlert.swal({
title: "Opération effectuée avec succès!",
text: "Click pour quitter!",
type: "success"
});
$state.go($state.current, $stateParams, {
reload: true,
inherit: false,
notify: true
});
$uibModalInstance.close();
},
function (err) {
});
console.log($scope.user);
};
}
});
//$scope.isEditDirty==true;
};
Your code should be -
[ResponseType(typeof(void))]
// [HttpPut]
[AcceptVerbs("OPTIONS")]
public IHttpActionResult PutUsers(string id, Users users)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
if(users != null)
{
if (id != users.Id)
{
return BadRequest();
}
db.Entry(users).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!UsersExists(id))
{
return NotFound();
}
else
{
throw;
}
}
}
return StatusCode(HttpStatusCode.NoContent);
}
Using C# 6.0 new features - Null Conditional Operator
[ResponseType(typeof(void))]
// [HttpPut]
[AcceptVerbs("OPTIONS")]
public IHttpActionResult PutUsers(string id, Users users)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
if (id != users?.Id)
{
return BadRequest();
}
db.Entry(users).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!UsersExists(id))
{
return NotFound();
}
else
{
throw;
}
}
return StatusCode(HttpStatusCode.NoContent);
}
I get the following error:
TypeError: this.isUserLoggedIn is not a function
at userHasPermissionForView (accountService.js:159)
at Object.checkPermissionForView (accountService.js:155)
at edCareApp.js:232
When I call the function this.isUserLoggedIn in the following Service.
See below:
** Line 159: ** if (!this.isUserLoggedIn()) {
in the file accountService.js:
angular.module("edCare")
.service('accountService', function ($http, createAccountUrl, createAccountUserUrl, tokenUrl, tokenKey, $cookieStore, $rootScope) {
this.isUserAuthenticated = function () {
var token = sessionStorage.getItem(tokenKey);
if (token)
return true;
else
return false;
}
this.isUserLoggedIn = function () {
if ($rootScope.repository.loggedUser != null)
return true;
else
return false;
}
this.checkPermissionForView = function (view) {
return userHasPermissionForView(view);
};
var userHasPermissionForView = function (view) {
** Line 159: ** if (!this.isUserLoggedIn()) {
return false;
}
if (!view.permissions || !view.permissions.length) {
return true;
}
return userHasPermission(view.permissions);
};
this.userHasPermission = function (requiredPermissions) {
if (!this.isUserLoggedIn()) {
return false;
}
var found = false;
angular.forEach(requiredPermissions, function (requiredPermission, index) {
if ($rootScope.permissions.loggedUser.permissions.indexOf(requiredPermission)
>= 0) {
found = true;
return;
}
});
return found;
};
});
It looks a simple mistake, but I just can't see what I'm doing wrong.
Would someone please help.
Thanks.
The userHasPermissionForView function needs to be bound to the this context:
this.checkPermissionForView = function (view) {
̶r̶e̶t̶u̶r̶n̶ ̶u̶s̶e̶r̶H̶a̶s̶P̶e̶r̶m̶i̶s̶s̶i̶o̶n̶F̶o̶r̶V̶i̶e̶w̶(̶v̶i̶e̶w̶)̶;̶
return userHasPermissionForView.bind(this)(view);
};
var userHasPermissionForView = function (view) {
if (!this.isUserLoggedIn()) {
return false;
}
if (!view.permissions || !view.permissions.length) {
return true;
}
return userHasPermission(view.permissions);
};
I have a filter that is on ng-repeat and compares strings of all objects (including nested ones) to a search string. If the search string is found in the object, it returns true.
I'm looking for a way to extend this functionality so that when the search string matches with a string in the object, the filter will return true for that object and will return true for all nested objects in the matching object (this is a tree view, I'm searching for a node and want to show all children nodes when matched).
How would I do that?
My filter looks like this:
.filter('deepFilter', function ($filter) {
return function(text) {
return function (value) {
if(text && text.length > 0) {
var searchTerm = text;
if (angular.isObject(value)) {
var found = false;
angular.forEach(value, function(v) {
found = found || $filter('deepFilter')(searchTerm)(v);
});
return found;
} else if (angular.isString(value)) {
if (value.indexOf(searchTerm) !== -1) {
return true;
} else {
return false;
}
}
} else {
return true;
}
};
};
});
The solution I found is by using a function in the isString part of the filter, and iterating over the collection. If I find the object, I look for it's children using a recursive function and set a visibleAsAChild property for these. Then, I've added a condition in the isObject evaluation to return true for these object that have visibleAsAChild prop.
I'm not sure if this is the most efficient way to do it, but it certainly works.
.filter('deepFilter', function ($filter) {
var currentObject;
var setChildrenToVisible = function(node) {
angular.forEach(node.nodes, function(node) {
if(node.nodes) {
setChildrenToVisible(node);
}
node.visibleAsAChild = true;
});
};
var lookupChildren = function(o, value) {
// console.log(o);
angular.forEach(o.nodes, function(node) {
if (node.name === value) {
setChildrenToVisible(node);
}
});
};
return function(text) {
return function (value) {
if(text && text.length > 0) {
var searchTerm = text;
if (angular.isObject(value)) {
var found = false;
angular.forEach(value, function(v) {
found = found || $filter('deepFilter')(searchTerm)(v);
});
if(found && value.hasOwnProperty('id')) {
currentObject = value;
}
if(value.hasOwnProperty('id') && value.visibleAsAChild) {
return true;
}
return found;
} else if (angular.isString(value)) {
if (value.indexOf(searchTerm) !== -1) {
if(currentObject){
lookupChildren(currentObject, value);
}
return true;
} else {
return false;
}
}
} else {
return true;
}
};
};
I tried to do that like as:
$scope.showCloneIcon = function(scope)
{
if(scope.$parentNodeScope !== null){
var parent_value = scope.$parentNodeScope.$modelValue.type_value;
if(parent_value === 'array_objects'){
return true;
}
}
return true;
};
So, it does not hide element where I use ng-show
Please try this
$scope.showCloneIcon = function(scope)
{
if(scope.$parent !== null)
{
var parent_value = scope.$parent.$modelValue.type_value;
if(parent_value === 'array_objects')
{
return true;
}
}
return true;
};
i'm trying to override get: calls in Alloy model, very similar to Backbone, i wrote this but doesn't work
extendModel: function(Model) {
_.extend(Model.prototype, {
// extended functions and properties go here
get: function (attr) {
if (attr=='image')
{
return Ti.Utils.base64decode(this['image'])
}
return this[attr];
}
});
return Model;
},
Here is how i am overriding the set and add methods hope it helps you:
exports.definition = {
config: {
adapter: {
type: "properties",
collection_name: "careCenter",
idAttribute : "CareCenterID"
}
},
extendModel: function(Model) {
_.extend(Model.prototype, {
idAttribute : "CareCenterID"
// extended functions and properties go here
});
return Model;
},
extendCollection: function(Collection) {
_.extend(Collection.prototype, {
add : function(attrs, opts){
var isDuplicated = false;
if(attrs && attrs.get){
isDuplicated = this.any(function(model){
return model.get("CareCenterID") === attrs.get("CareCenterID");
});
}
if(isDuplicated){
return false;
} else {
Backbone.Collection.prototype.add.call(this, attrs, opts);
}
},
comparator : function(model){
return -model.get("state");
}
});
return Collection;
}
}
extendModel: function(Model) {
_.extend(Model.prototype, {
idAttribute : "RecipientID",
set : function(attrs, opts){
if(attrs.Age != null){
var age = attrs.Age;
var result = "";
if(age <= Alloy.CFG.INFANT){
result = "infant";
} else if(age <= Alloy.CFG.CHILD){
result = "child";
} else if(age <= Alloy.CFG.TEENAGER){
result = "teenager";
} else {
result = "adult";
}
attrs.Group = result;
}
return Backbone.Model.prototype.set.call(this, attrs, opts);
}
});
return Model;
},