diff options
author | Igor Scheller <igor.scheller@igorshp.de> | 2018-11-12 14:41:23 +0100 |
---|---|---|
committer | msquare <msquare@notrademark.de> | 2018-12-02 12:53:31 +0100 |
commit | c33940f64a1e5b59afd700010247382f5b7b2df3 (patch) | |
tree | 453b8810c90cd78e75a1425a4f4f002e585d121a /includes/controller/shifts_controller.php | |
parent | 951828a4f1175f99666a48629ea125640cc7c598 (diff) |
Moved permission checks to Authenticator class
Diffstat (limited to 'includes/controller/shifts_controller.php')
-rw-r--r-- | includes/controller/shifts_controller.php | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index 375ea6b6..caf124ba 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -43,13 +43,11 @@ function shift_edit_link($shift) */ function shift_edit_controller() { - global $privileges; - $msg = ''; $valid = true; $request = request(); - if (!in_array('admin_shifts', $privileges)) { + if (!auth()->can('admin_shifts')) { redirect(page_link_to('user_shifts')); } @@ -203,10 +201,9 @@ function shift_edit_controller() */ function shift_delete_controller() { - global $privileges; $request = request(); - if (!in_array('user_shifts_admin', $privileges)) { + if (!auth()->can('user_shifts_admin')) { redirect(page_link_to('user_shifts')); } @@ -253,11 +250,10 @@ function shift_delete_controller() */ function shift_controller() { - global $privileges; $user = auth()->user(); $request = request(); - if (!in_array('user_shifts', $privileges)) { + if (!auth()->can('user_shifts')) { redirect(page_link_to('/')); } @@ -332,9 +328,7 @@ function shifts_controller() */ function shift_next_controller() { - global $privileges; - - if (!in_array('user_shifts', $privileges)) { + if (!auth()->can('user_shifts')) { redirect(page_link_to('/')); } @@ -363,7 +357,7 @@ function shifts_json_export_controller() if (!$user) { engelsystem_error('Key invalid.'); } - if (!in_array('shifts_json_export', privileges_for_user($user->id))) { + if (!auth()->can('shifts_json_export')) { engelsystem_error('No privilege for shifts_json_export.'); } |