Replaced resource names with constants for "cannot" checks

This commit is contained in:
Alex Tselegidis 2021-12-15 08:05:08 +01:00
parent 568ff9be2e
commit ff03b71060
10 changed files with 42 additions and 42 deletions

View file

@ -59,7 +59,7 @@ class About extends EA_Controller {
{ {
session(['dest_url' => site_url('about')]); session(['dest_url' => site_url('about')]);
if (cannot('view', 'user_settings')) if (cannot('view', PRIV_USER_SETTINGS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }

View file

@ -43,7 +43,7 @@ class Admins extends EA_Controller {
{ {
session(['dest_url' => site_url('admins')]); session(['dest_url' => site_url('admins')]);
if (cannot('view', 'users')) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -68,7 +68,7 @@ class Admins extends EA_Controller {
{ {
try try
{ {
if (cannot('view', 'users')) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -100,7 +100,7 @@ class Admins extends EA_Controller {
{ {
$admin = json_decode(request('admin'), TRUE); $admin = json_decode(request('admin'), TRUE);
if (cannot('add', 'users')) if (cannot('add', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -127,7 +127,7 @@ class Admins extends EA_Controller {
{ {
$admin = json_decode(request('admin'), TRUE); $admin = json_decode(request('admin'), TRUE);
if (cannot('edit', 'users')) if (cannot('edit', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -152,7 +152,7 @@ class Admins extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', 'users')) if (cannot('delete', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -178,7 +178,7 @@ class Admins extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', PRIV_USERS)) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }

View file

@ -55,7 +55,7 @@ class Appointments extends EA_Controller {
{ {
try try
{ {
if (cannot('view', 'appointments')) if (cannot('view', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -87,7 +87,7 @@ class Appointments extends EA_Controller {
{ {
$appointment = json_decode(request('appointment'), TRUE); $appointment = json_decode(request('appointment'), TRUE);
if (cannot('add', 'appointments')) if (cannot('add', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -114,7 +114,7 @@ class Appointments extends EA_Controller {
{ {
$appointment = json_decode(request('appointment'), TRUE); $appointment = json_decode(request('appointment'), TRUE);
if (cannot('edit', 'appointments')) if (cannot('edit', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -139,7 +139,7 @@ class Appointments extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', 'appointments')) if (cannot('delete', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -165,7 +165,7 @@ class Appointments extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', PRIV_APPOINTMENTS)) if (cannot('view', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }

View file

@ -329,7 +329,7 @@ class Backend_api extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', 'appointments')) if (cannot('delete', PRIV_APPOINTMENTS))
{ {
throw new Exception('You do not have the required permissions for this task.'); throw new Exception('You do not have the required permissions for this task.');
} }

View file

@ -178,7 +178,7 @@ class Categories extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', PRIV_SERVICES)) if (cannot('view', PRIV_SERVICES))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }

View file

@ -44,7 +44,7 @@ class Customers extends EA_Controller {
{ {
session(['dest_url' => site_url('customers')]); session(['dest_url' => site_url('customers')]);
if (cannot('view', 'customers')) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -69,7 +69,7 @@ class Customers extends EA_Controller {
{ {
try try
{ {
if (cannot('view', 'customers')) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -116,7 +116,7 @@ class Customers extends EA_Controller {
{ {
$customer = json_decode(request('customer'), TRUE); $customer = json_decode(request('customer'), TRUE);
if (cannot('add', 'customers')) if (cannot('add', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -143,7 +143,7 @@ class Customers extends EA_Controller {
{ {
$customer = json_decode(request('customer'), TRUE); $customer = json_decode(request('customer'), TRUE);
if (cannot('edit', 'customers')) if (cannot('edit', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -168,7 +168,7 @@ class Customers extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', 'customers')) if (cannot('delete', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -194,7 +194,7 @@ class Customers extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', PRIV_USERS)) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }

View file

@ -44,7 +44,7 @@ class Providers extends EA_Controller {
{ {
session(['dest_url' => site_url('providers')]); session(['dest_url' => site_url('providers')]);
if (cannot('view', 'users')) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -70,7 +70,7 @@ class Providers extends EA_Controller {
{ {
try try
{ {
if (cannot('view', 'users')) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -102,7 +102,7 @@ class Providers extends EA_Controller {
{ {
$provider = json_decode(request('provider'), TRUE); $provider = json_decode(request('provider'), TRUE);
if (cannot('add', 'users')) if (cannot('add', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -129,7 +129,7 @@ class Providers extends EA_Controller {
{ {
$provider = json_decode(request('provider'), TRUE); $provider = json_decode(request('provider'), TRUE);
if (cannot('edit', 'users')) if (cannot('edit', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -154,7 +154,7 @@ class Providers extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', 'users')) if (cannot('delete', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -180,7 +180,7 @@ class Providers extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', PRIV_USERS)) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }

View file

@ -44,7 +44,7 @@ class Secretaries extends EA_Controller {
{ {
session(['dest_url' => site_url('secretaries')]); session(['dest_url' => site_url('secretaries')]);
if (cannot('view', 'users')) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -70,7 +70,7 @@ class Secretaries extends EA_Controller {
{ {
try try
{ {
if (cannot('view', 'users')) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -102,7 +102,7 @@ class Secretaries extends EA_Controller {
{ {
$secretary = json_decode(request('secretary'), TRUE); $secretary = json_decode(request('secretary'), TRUE);
if (cannot('add', 'users')) if (cannot('add', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -129,7 +129,7 @@ class Secretaries extends EA_Controller {
{ {
$secretary = json_decode(request('secretary'), TRUE); $secretary = json_decode(request('secretary'), TRUE);
if (cannot('edit', 'users')) if (cannot('edit', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -154,7 +154,7 @@ class Secretaries extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', 'users')) if (cannot('delete', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -180,7 +180,7 @@ class Secretaries extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', PRIV_USERS)) if (cannot('view', PRIV_USERS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }

View file

@ -43,7 +43,7 @@ class Services extends EA_Controller {
{ {
session(['dest_url' => site_url('services')]); session(['dest_url' => site_url('services')]);
if (cannot('view', 'services')) if (cannot('view', PRIV_SERVICES))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -68,7 +68,7 @@ class Services extends EA_Controller {
{ {
try try
{ {
if (cannot('view', 'services')) if (cannot('view', PRIV_SERVICES))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -100,7 +100,7 @@ class Services extends EA_Controller {
{ {
$service = json_decode(request('service'), TRUE); $service = json_decode(request('service'), TRUE);
if (cannot('add', 'services')) if (cannot('add', PRIV_SERVICES))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -127,7 +127,7 @@ class Services extends EA_Controller {
{ {
$service = json_decode(request('service'), TRUE); $service = json_decode(request('service'), TRUE);
if (cannot('edit', 'services')) if (cannot('edit', PRIV_SERVICES))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -152,7 +152,7 @@ class Services extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', 'services')) if (cannot('delete', PRIV_SERVICES))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }

View file

@ -40,7 +40,7 @@ class Unavailabilities extends EA_Controller {
{ {
try try
{ {
if (cannot('view', 'unavailabilities')) if (cannot('view', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -72,7 +72,7 @@ class Unavailabilities extends EA_Controller {
{ {
$unavailability = json_decode(request('unavailability'), TRUE); $unavailability = json_decode(request('unavailability'), TRUE);
if (cannot('add', 'unavailabilities')) if (cannot('add', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -99,7 +99,7 @@ class Unavailabilities extends EA_Controller {
{ {
$unavailability = json_decode(request('unavailability'), TRUE); $unavailability = json_decode(request('unavailability'), TRUE);
if (cannot('edit', 'unavailabilities')) if (cannot('edit', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -124,7 +124,7 @@ class Unavailabilities extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', 'unavailabilities')) if (cannot('delete', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }
@ -150,7 +150,7 @@ class Unavailabilities extends EA_Controller {
{ {
try try
{ {
if (cannot('delete', 'users')) if (cannot('view', PRIV_APPOINTMENTS))
{ {
show_error('Forbidden', 403); show_error('Forbidden', 403);
} }