--- branches/paul/admin/assign.phtml 2004/03/07 19:15:27 66
+++ branches/paul/admin/assign.phtml 2004/03/18 19:24:54 67
@@ -11,7 +11,6 @@
require_once ($GLOBAL_ADMIN_INC."forms.php");
-
// HTML header
printf("\n");
printf("\n");
@@ -20,6 +19,16 @@
printf("\n");
+// Default access settings
+$sess_time_human = "";
+$sess_staff_account = "";
+$sess_staff_id = 0;
+$sess_access_level = 0;
+$sess_access = "";
+$sess_last_name = "";
+$sess_first_name = "";
+
+
// Page header
require_once ($GLOBAL_ADMIN_HEADER);
@@ -34,6 +43,7 @@
// Load user session variables
$sess_time_human = $sessionClass->time_human;
$sess_staff_account = $sessionClass->staff_account;
+ $sess_staff_id = $accessClass->staff_id;
$sess_access_level = $accessClass->access_level;
$sess_access = $accessClass->access;
$sess_last_name = $accessClass->last_name;
@@ -42,55 +52,81 @@
}
-// If the cookie is set and access level is appropriate
+/********************************************
+** Functions requiring author level access **
+********************************************/
if(isset($libsession) && $sess_access_level >= 20) {
// Determine which transaction function to call
switch ($transaction){
- // Bridging Assignments
- case "assignLibunitStaff":
- assignLibunitStaff($con, $staff_id_array, $libunit_id);
- break;
+ // Bridging Assignments
case "assignResFeature":
- assignResFeature($con, $feature_id_array, $resource_id);
+ assignResFeature($feature_id_array, $resource_id);
break;
case "assignResLoc":
- assignResLoc($con, $location_id_array, $resource_id);
+ assignResLoc($location_id_array, $resource_id);
break;
case "assignResMastersubject":
- assignResMastersubject($con, $mastersubject_id_array, $resource_id);
- break;
- case "assignServLoc":
- assignServLoc($con, $location_id_array, $service_id);
- break;
- case "assignServServtype":
- assignServServtype($con, $servicetype_id_array, $service_id);
- break;
- case "assignStaffLibunit":
- assignStaffLibunit($con, $libunit_id_array, $staff_id);
- break;
- case "assignStaffSub":
- assignStaffSub($con, $staff_id, $subject_id_array);
+ assignResMastersubject($mastersubject_id_array, $resource_id);
break;
case "assignSubCoursesub":
- assignSubCoursesub($con, $coursesub_id_array, $subject_id);
- break;
+ if (authSubject($sess_access_level, $sess_staff_id, $subject_id))
+ assignSubCoursesub($coursesub_id_array, $subject_id);
+ else require_once ($GLOBAL_NO_ACCESS);
+ break;
case "assignSubLoc":
- assignSubLoc($con, $location_id_array, $subject_id);
+ if (authSubject($sess_access_level, $sess_staff_id, $subject_id))
+ assignSubLoc($location_id_array, $subject_id);
+ else require_once ($GLOBAL_NO_ACCESS);
break;
case "assignSubMaster":
- assignSubMaster($con, $mastersubject_id_array, $subject_id);
- break;
+ if (authSubject($sess_access_level, $sess_staff_id, $subject_id))
+ assignSubMaster($mastersubject_id_array, $subject_id);
+ else require_once ($GLOBAL_NO_ACCESS);
+ break;
case "assignSubStaff":
- assignSubStaff($con, $staff_id_array, $subject_id);
+ if (authSubject($sess_access_level, $sess_staff_id, $subject_id))
+ assignSubStaff($staff_id_array, $subject_id);
+ else require_once ($GLOBAL_NO_ACCESS);
break;
- }
- // Link to return to admin console
- adminReturn($sess_access_level);
+ } // end author assigns
+
+
+
+ /*********************************************
+ ** Functions requiring manager level access **
+ *********************************************/
+ if(isset($libsession) && $sess_access_level >= 100) {
+
+ // Determine which transaction function to call
+ switch ($transaction){
+
+ // Bridging Assignments
+ case "assignLibunitStaff":
+ assignLibunitStaff($staff_id_array, $libunit_id);
+ break;
+ case "assignServLoc":
+ assignServLoc($location_id_array, $service_id);
+ break;
+ case "assignServServtype":
+ assignServServtype($servicetype_id_array, $service_id);
+ break;
+ case "assignStaffLibunit":
+ assignStaffLibunit($libunit_id_array, $staff_id);
+ break;
+ case "assignStaffSub":
+ assignStaffSub($staff_id, $subject_id_array);
+ break;
+ } // end manager assigns
+
+ } // end manager functions
+
+ // Link to return to admin console
+ adminReturn($sess_access_level);
-} // logged in
+} // end logged in at author or higher
// No access
else require_once ($GLOBAL_NO_ACCESS);