X-Git-Url: http://git.dj3c1t.com/?a=blobdiff_plain;f=mw%2Fenv%2Fmodules%2Fmw_env_run.php;h=d4b63abf783db282251cb4fcee11d55ba95a0abe;hb=4bc0f6efc262d712b5c6f09375548bf17cd1576d;hp=51b63303199485599dc04adaebdf6fdd69d136b9;hpb=36ed114046cbe3d72a3589230e9f306a54fcc79d;p=mtweb

diff --git a/mw/env/modules/mw_env_run.php b/mw/env/modules/mw_env_run.php
index 51b6330..d4b63ab 100644
--- a/mw/env/modules/mw_env_run.php
+++ b/mw/env/modules/mw_env_run.php
@@ -9,12 +9,12 @@
       return $data->get_session_user();
     }
 
-    function set_etat($etat, $valid_status = true){
+    function set_etat($etat, $valid_role = true){
       if(($this->etat = $this->valid_etat($etat)) !== false){
-        if(!$valid_status || $this->status_ok($this->etat, false)){
+        if(!$valid_role || $this->action_allowed($this->etat, false)){
           return $this->etat;
         }
-        else $this->erreur("Vous n'avez pas le statut requis pour effectuer cette action");
+        else $this->erreur("Vous n'avez pas le role requis pour effectuer cette action");
       }
       else $this->erreur("etat invalide");
       return false;
@@ -75,54 +75,64 @@
       return $this->valid_etat($this->etat);
     }
 
-    function status_ok($etat, $CHECK_FORMAT = true){
-      $OK = $this->config("default_allow");
+    function action_allowed($etat, $CHECK_FORMAT = true){
       $data = $this->data();
       if($CHECK_FORMAT) $etat = $this->valid_etat($etat);
-      if($etat !== false){
-        if(($user_status = $data->get_user_status()) !== false){
-          if(
-            (
-              $action_status = $data->get_action_status(
-                $etat["mod"],
-                $etat["controller"],
-                $etat["action"]
-              )
-            ) !== false
-          ){
-            $action = $etat["mod"]."/".$etat["controller"]."/".$etat["action"];
-            if(isset($action_status[$action])){
-              $OK =
-                   (isset($action_status[$action][0]) && $action_status[$action][0])
-                || (isset($action_status[$action][$user_status]) && $action_status[$action][$user_status]);
-            }
-            else{
-              $action = $etat["mod"]."/".$etat["controller"];
-              if(isset($action_status[$action])){
-                $OK =
-                     (isset($action_status[$action][0]) && $action_status[$action][0])
-                  || (isset($action_status[$action][$user_status]) && $action_status[$action][$user_status]);
-              }
-              else{
-                $action = $etat["mod"];
-                if(isset($action_status[$action])){
-                  $OK =
-                       (isset($action_status[$action][0]) && $action_status[$action][0])
-                    || (isset($action_status[$action][$user_status]) && $action_status[$action][$user_status]);
-                }
-              }
-            }
+      if($etat === false){
+        $this->erreur("etat invalide");
+        return false;
+      }
+      if(($user_roles = $data->get_user_roles()) === false){
+        $this->erreur("Impossible de lire les roles de l'utilisateur courant");
+        return false;
+      }
+      if(!$user_roles){
+        $this->erreur("L'utilisateur courant n'a aucun role");
+        return false;
+      }
+      if(
+        (
+          $action_roles = $data->get_action_roles(
+            $etat["mod"],
+            $etat["controller"],
+            $etat["action"]
+          )
+        ) === false
+      ){
+        $this->erreur("Impossible de lire les roles des actions en base");
+        return false;
+      }
+      foreach($user_roles as $id_role){
+        $OK = $this->config("default_allow");
+        $action = $etat["mod"];
+        if(isset($action_roles[$action])){
+          $OK =
+               (isset($action_roles[$action][0]) && $action_roles[$action][0])
+            || (isset($action_roles[$action][$id_role]) && $action_roles[$action][$id_role]);
+        }
+        if(!$OK){
+          $action = $etat["mod"]."/".$etat["controller"];
+          if(isset($action_roles[$action])){
+            $OK =
+                 (isset($action_roles[$action][0]) && $action_roles[$action][0])
+              || (isset($action_roles[$action][$id_role]) && $action_roles[$action][$id_role]);
+          }
+        }
+        if(!$OK){
+          $action = $etat["mod"]."/".$etat["controller"]."/".$etat["action"];
+          if(isset($action_roles[$action])){
+            $OK =
+                 (isset($action_roles[$action][0]) && $action_roles[$action][0])
+              || (isset($action_roles[$action][$id_role]) && $action_roles[$action][$id_role]);
           }
-          else $this->erreur("Impossible de lire les status des actions en base");
         }
-        else $this->erreur("Impossible de lire le statut de l'utilisateur courant");
+        if($OK) break;
       }
-      else $this->erreur("etat invalide");
       return $OK;
     }
 
-    function run($etat, $valid_status = true, $params = array(), $method = "GET"){
-      if($this->set_etat($etat, $valid_status)){
+    function run($etat, $valid_role = true, $params = array(), $method = "GET"){
+      if($this->set_etat($etat, $valid_role)){
         $controller_file = "mods/".$this->etat("mod")."/".$this->etat("controller").".php";
         if($this->app_file_exists($controller_file = "mods/".$this->etat("mod")."/".$this->etat("controller").".php", "DESC")){
           if(!class_exists("mw_mod")) require $this->app_file("mods/mw_mod.php");