r3257 - trunk/apps/qubit/modules/informationobject/templates

Sun, 13 Sep 2009 18:18:17 -0700 

Author: sevein
Date: Sun Sep 13 18:19:45 2009
New Revision: 3257

Log:
Add security check for editing links in context menu.

Modified:
   trunk/apps/qubit/modules/informationobject/templates/_contextMenu.php

Modified: trunk/apps/qubit/modules/informationobject/templates/_contextMenu.php
==============================================================================
--- trunk/apps/qubit/modules/informationobject/templates/_contextMenu.php       
Sun Sep 13 17:09:18 2009        (r3256)
+++ trunk/apps/qubit/modules/informationobject/templates/_contextMenu.php       
Sun Sep 13 18:19:45 2009        (r3257)
@@ -35,7 +35,9 @@
     <?php endif; ?>
 
     <?php include_component('digitalobject', 'imageflow', array('thumbnails' 
=> $thumbnails)) ?>
-    <?php echo link_to('Edit', array('module' => 'digitalobject', 'action' => 
'edit', 'id' => $informationObject->id)) ?>
+    <?php if (SecurityPriviliges::editCredentials($sf_user, 
'informationObject')): ?>
+      <?php echo link_to('Edit', array('module' => 'digitalobject', 'action' 
=> 'edit', 'id' => $informationObject->id)) ?>
+    <?php endif; ?>
 
     <?php if (count($informationObjects) > 1): ?>
       <div class="label">
@@ -45,7 +47,9 @@
     <?php endif; ?>
     
     <?php include_component('physicalobject', 'contextMenu', 
array('physicalObjects' => $physicalObjects, 'informationObject' => 
$informationObject)) ?>
-    <?php echo link_to('Edit', array('module' => 'informationobject', 'action' 
=> 'editPhysicalObjects', 'id' => $informationObject->id)) ?>
+    <?php if (SecurityPriviliges::editCredentials($sf_user, 
'informationObject')): ?>
+      <?php echo link_to('Edit', array('module' => 'informationobject', 
'action' => 'editPhysicalObjects', 'id' => $informationObject->id)) ?>
+    <?php endif; ?>
 
     <div class="label"><?php echo __('export') ?></div>
     <ul><li><?php echo link_to(__('Dublin Core 1.1 XML'), array('module' => 
'informationobject', 'action' => 'exportDc', 'id' => $informationObject->id)) 
?></li>

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Qubit Toolkit Commits" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to 
[email protected]
For more options, visit this group at 
http://groups.google.ca/group/qubit-commits?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to