summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMax Kremmel <xing@synapse.plus.com>2007-03-31 13:01:09 +0000
committerMax Kremmel <xing@synapse.plus.com>2007-03-31 13:01:09 +0000
commit3acb24c80ff096fa757229e5113a08b071ed4251 (patch)
tree20509afa0ba372615fdf7a2dbf2a8a56785dcd5e
parent3d5ce6f74a577cfb4d95a8c1ea6aac216b81a316 (diff)
downloadliberty-3acb24c80ff096fa757229e5113a08b071ed4251.tar.gz
liberty-3acb24c80ff096fa757229e5113a08b071ed4251.tar.bz2
liberty-3acb24c80ff096fa757229e5113a08b071ed4251.zip
lots of content permissions work. tentatively added updateUserPermissions() to service load function.
-rw-r--r--LibertyContent.php36
-rwxr-xr-xLibertySystem.php25
-rw-r--r--bit_setup_inc.php6
-rw-r--r--content_permissions.php57
-rw-r--r--content_permissions_inc.php8
-rw-r--r--templates/content_permissions_inc.tpl155
-rw-r--r--templates/service_content_edit_tab_inc.tpl16
-rw-r--r--templates/service_content_icon_inc.tpl10
8 files changed, 208 insertions, 105 deletions
diff --git a/LibertyContent.php b/LibertyContent.php
index 74c96b7..fd1aa47 100644
--- a/LibertyContent.php
+++ b/LibertyContent.php
@@ -3,7 +3,7 @@
* Management of Liberty content
*
* @package liberty
-* @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertyContent.php,v 1.190 2007/03/31 10:41:11 squareing Exp $
+* @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertyContent.php,v 1.191 2007/03/31 13:01:08 squareing Exp $
* @author spider <spider@steelsun.com>
*/
@@ -73,12 +73,12 @@ class LibertyContent extends LibertyBase {
* Permissions hash specific to this LibertyContent object
* @public
*/
- var $mPerms;
+ var $mPerms = array();
/**
* Preferences hash specific to this LibertyContent object - accessed via getPreference/storePreference
* @private
*/
- var $mPrefs;
+ var $mPrefs = array();
/**
* Admin control permission specific to this LibertyContent type
* @private
@@ -919,7 +919,7 @@ class LibertyContent extends LibertyBase {
}
LibertyContent::prepGetList( $pParamHash );
- if( $this->isValid() && empty( $this->mPerms ) && $this->mContentTypeGuid ) {
+ if( $this->isValid() && $this->mContentTypeGuid ) {
$query = "
SELECT lcperm.`perm_name`, ug.`group_id`, ug.`group_name`, up.`perm_desc`
FROM `".BIT_DB_PREFIX."liberty_content_permissions` lcperm
@@ -930,7 +930,7 @@ class LibertyContent extends LibertyBase {
$bindVars = array( $this->mContentId );
$ret = $this->mDb->getAll( $query, $bindVars );
}
- return( $ret );
+ return $ret;
}
/**
@@ -957,10 +957,11 @@ class LibertyContent extends LibertyBase {
foreach( $perms as $perm ) {
if( in_array( $perm['group_id'], $userGroups ) ) {
$this->mPerms[$perm['perm_name']] = $perm;
+ $this->mPerms[$perm['perm_name']]['package'] = $this->mType['handler_package'];
}
}
}
- return( count( $perms ) );
+ return( count( $perms ));
}
/**
@@ -972,7 +973,7 @@ class LibertyContent extends LibertyBase {
*/
function updateUserPermissions( $pPackage = NULL ) {
$ret = FALSE;
- if( $this->isValid() && $this->loadPermissions() ) {
+ if( $this->isValid() && $this->hasAssignedPermissions() ) {
global $gBitUser;
if( empty( $pPackage ) ) {
@@ -992,15 +993,20 @@ class LibertyContent extends LibertyBase {
return $ret;
}
+ /**
+ * Check to see if the loaded content has individually assigned permissions
+ *
+ * @access public
+ * @return TRUE on success, FALSE on failure - mErrors will contain reason for failure
+ */
function hasAssignedPermissions() {
$ret = FALSE;
if( $this->isValid() ) {
- $ret = count( $this->mPerms );
+ $ret = $this->loadPermissions();
}
return $ret;
}
-
/**
* Function that determines if this content specified permission for the current gBitUser, and will throw a fatal error if not.
*
@@ -1103,21 +1109,21 @@ class LibertyContent extends LibertyBase {
* @param integer Content Itentifier
* @return bool true ( will not currently report a failure )
*/
- function storePermission( $pGroupId, $pPermName, $pObjectId=NULL ) {
- if( !@$this->verifyId( $pObjectId )) {
- $pObjectId = $this->mContentId;
+ function storePermission( $pGroupId, $pPermName, $pContentId=NULL ) {
+ if( !@$this->verifyId( $pContentId )) {
+ $pContentId = $this->mContentId;
}
- if( @BitBase::verifyId( $pGroupId ) && !empty( $pPermName )) {
+ if( @BitBase::verifyId( $pGroupId ) && !empty( $pPermName ) && @BitBase::verifyId( $pContentId )) {
$query = "
DELETE FROM `".BIT_DB_PREFIX."liberty_content_permissions`
WHERE `group_id` = ? AND `perm_name` = ? AND `content_id` = ?";
- $result = $this->mDb->query( $query, array( $pGroupId, $pPermName, $pObjectId ), -1, -1 );
+ $result = $this->mDb->query( $query, array( $pGroupId, $pPermName, $pContentId ), -1, -1 );
$query = "
INSERT INTO `".BIT_DB_PREFIX."liberty_content_permissions`
( `group_id`,`content_id`, `perm_name` )
VALUES( ?, ?, ? )";
- $result = $this->mDb->query( $query, array( $pGroupId, $pObjectId, $pPermName ));
+ $result = $this->mDb->query( $query, array( $pGroupId, $pContentId, $pPermName ));
return TRUE;
}
return FALSE;
diff --git a/LibertySystem.php b/LibertySystem.php
index d676ccf..257d67e 100755
--- a/LibertySystem.php
+++ b/LibertySystem.php
@@ -3,7 +3,7 @@
* System class for handling the liberty package
*
* @package liberty
-* @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertySystem.php,v 1.65 2007/03/21 18:08:07 wjames5 Exp $
+* @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertySystem.php,v 1.66 2007/03/31 13:01:08 squareing Exp $
* @author spider <spider@steelsun.com>
*/
@@ -745,6 +745,8 @@ function liberty_plugins_div_style( $pParamHash ) {
return $ret;
}
+
+// ================== Liberty Service Functions ==================
function liberty_content_load_sql() {
global $gBitSystem, $gBitUser;
$ret = array();
@@ -767,7 +769,7 @@ function liberty_content_list_sql() {
return $ret;
}
-function liberty_content_preview(&$pObject) {
+function liberty_content_preview( &$pObject ) {
global $gBitSystem, $gBitUser;
if ($gBitSystem->isFeatureActive('liberty_display_status') && ($gBitUser->hasPermission('p_liberty_edit_content_status') || $gBitUser->hasPermission('p_libert_edit_all_status'))) {
$pObject->mInfo['content_status_id'] = $_REQUEST['content_status_id'];
@@ -777,4 +779,23 @@ function liberty_content_preview(&$pObject) {
}
}
+function liberty_content_load( &$pObject ) {
+ if( $pObject->isValid() ) {
+ // transparently update user permissions for this content object
+ // this might not be the wisest course of action since it distorts permissions on the entire site with respect to the active package - xing
+ $pObject->updateUserPermissions();
+ }
+}
+
+function liberty_content_display( &$pObject, &$pParamHash ) {
+ if( $pObject->isValid() ) {
+ global $gBitUser, $gBitSystem;
+
+ // make sure user has appropriate permissions to view this content
+ if( !empty( $pParamHash['perm_name'] )) {
+ $pObject->verifyPermission( $pParamHash['perm_name'] );
+ }
+ }
+}
+
?>
diff --git a/bit_setup_inc.php b/bit_setup_inc.php
index 443f6b7..86d0121 100644
--- a/bit_setup_inc.php
+++ b/bit_setup_inc.php
@@ -3,7 +3,7 @@
* base package include
*
* @author spider <spider@steelsun.com>
- * @version $Revision: 1.14 $
+ * @version $Revision: 1.15 $
* @package liberty
* @subpackage functions
*/
@@ -21,6 +21,10 @@ $gLibertySystem->registerService( 'liberty', LIBERTY_PKG_NAME, array(
'content_edit_mini_tpl' => 'bitpackage:liberty/service_content_edit_mini_inc.tpl',
'content_edit_tab_tpl' => 'bitpackage:liberty/service_content_edit_tab_inc.tpl',
'content_icon_tpl' => 'bitpackage:liberty/service_content_icon_inc.tpl',
+ 'content_display_function' => 'liberty_content_display',
+ 'content_load_function' => 'liberty_content_load',
+ //'content_edit_function' => 'liberty_content_edit',
+ //'content_store_function' => 'liberty_content_store',
'content_load_sql_function' => 'liberty_content_load_sql',
'content_list_sql_function' => 'liberty_content_list_sql',
'content_preview_function' => 'liberty_content_preview',
diff --git a/content_permissions.php b/content_permissions.php
index 3e60a9a..b694116 100644
--- a/content_permissions.php
+++ b/content_permissions.php
@@ -1,6 +1,6 @@
<?php
/**
- * @version $Revision: 1.2 $
+ * @version $Revision: 1.3 $
* @package liberty
* @subpackage functions
*/
@@ -9,7 +9,58 @@
* bit setup
*/
require_once( '../bit_setup_inc.php' );
-require_once( LIBERTY_PKG_PATH.'content_permissions_inc.php' );
-$gBitSystem->display( 'bitpackage:liberty/content_permissions.tpl', tra( 'Content Permissions' ) );
+$gBitSystem->verifyPermission( 'p_liberty_assign_content_perms' );
+
+// If we haven't got any content loaded yet, load it
+if( empty( $gContent )) {
+ // make sure we have a content_id we can work with
+ if( empty( $_REQUEST["content_id"] ) || $_REQUEST["content_id"] < 1 ) {
+ $gBitSmarty->assign( 'msg', tra( "No valid content id given." ));
+ $gBitSystem->display( 'error.tpl' );
+die;
+ }
+
+ $gContent = new LibertyContent();
+ $gContent = $gContent->getLibertyObject( $_REQUEST['content_id'] );
+}
+$gBitSmarty->assign_by_ref( 'gContent', $gContent );
+
+// Process the form
+// send the user to the content page if he wants to
+if( !empty( $_REQUEST['back'] )) {
+ header( "Location: ".$gContent->getDisplayUrl() );
+ die;
+}
+
+// Update database if needed
+if( @BitBase::verifyId( $_REQUEST["group_id"] ) && @BitBase::verifyId( $gContent->mContentId ) && !empty( $_REQUEST["perm"] ) && !empty( $_REQUEST['action'] )) {
+ $gBitUser->verifyTicket( TRUE );
+ if( $_REQUEST["action"] == 'assign' ) {
+ $gContent->storePermission( $_REQUEST["group_id"], $_REQUEST["perm"], $gContent->mContentId );
+ } elseif( $_REQUEST["action"] == 'remove' ) {
+ $gContent->removePermission( $_REQUEST["group_id"], $_REQUEST["perm"] );
+ }
+}
+
+// Now we have to get the individual object permissions if any
+$contentPerms['assigned'] = $gContent->loadAllObjectPermissions( $_REQUEST );
+
+// Get a list of groups
+$listHash = array( 'sort_mode' => 'group_name_asc' );
+$userGroups = $gBitUser->getAllGroups( $listHash );
+$contentPerms['groups'] = $userGroups["data"];
+
+// Get a list of permissions
+if( empty( $assignPerms )) {
+ if( !empty( $gContent->mType['handler_package'] )) {
+ $contentPerms['assignable'] = $gBitUser->getGroupPermissions( NULL, $gContent->mType['handler_package'] );
+ } else {
+ // this is a last resort and will dump all perms a user has
+ $contentPerms['assignable'] = $gBitUser->mPerms;
+ }
+}
+$gBitSmarty->assign( 'contentPerms', $contentPerms );
+
+$gBitSystem->display( 'bitpackage:liberty/content_permissions.tpl', tra( 'Content Permissions' ));
?>
diff --git a/content_permissions_inc.php b/content_permissions_inc.php
index 40b38e6..1e1d277 100644
--- a/content_permissions_inc.php
+++ b/content_permissions_inc.php
@@ -1,14 +1,10 @@
<?php
/**
- * @version $Revision: 1.5 $
+ * @version $Revision: 1.6 $
* @package liberty
* @subpackage functions
*/
-if( !empty( $verify_permission ) ) {
- $gBitSystem->verifyPermission( $verify_permission );
-} else {
- $gBitSystem->verifyPermission( 'p_admin' );
-}
+$gBitSystem->verifyPermission( 'p_liberty_assign_content_perms' );
// If we haven't got any content loaded yet, load it
if( empty( $gContent ) ) {
diff --git a/templates/content_permissions_inc.tpl b/templates/content_permissions_inc.tpl
index 70bd4e2..f90e1f2 100644
--- a/templates/content_permissions_inc.tpl
+++ b/templates/content_permissions_inc.tpl
@@ -1,75 +1,98 @@
+{strip}
<h2>{tr}Assign permissions to{/tr}: {$gContent->getTitle()}</h2>
-{* you can't have a form within a form - services are inserted into forms - xing
-form legend="Content Permissions"*}
- <input type="hidden" name="perm_content_id" value="{$gContent->mContentId}" />
+{if !$contentPerms.assigned}
+ {formhelp warning="No Individual permissions set. Global Permissions apply."}
+{/if}
- <div class="row">
- {formlabel label="Assign this Permission" for="perm"}
- {forminput}
- <select name="perm" id="perm">
- {foreach from=$assignPerms item=perm}
- <option value="{$perm.perm_name}">{$perm.perm_desc}</option>
- {/foreach}
- </select>
- {formhelp note=""}
- {/forminput}
- </div>
+{if $contentPerms.groups|count > 10}
- <div class="row">
- {formlabel label="To this Group" for="group_id"}
- {forminput}
- <select name="perm_group_id" id="group_id">
- {foreach from=$userGroups item=group}
- <option value="{$group.group_id}">{$group.group_name}</option>
- {/foreach}
- </select>
- {formhelp note=""}
- {/forminput}
- </div>
+ {foreach from=$contentPerms.groups item=group}
+ <h3>{tr}Permissions for{/tr}: {$group.group_name}</h3>
+ <table class="data">
+ <tr>
+ <th>{tr}Permission{/tr}</th>
+ <th>{tr}Status{/tr}</th>
+ </tr>
+ {foreach from=$contentPerms.assignable item=perm}
+ <tr>
+ <td>{$perm.perm_desc} <em>({$perm.perm_name})</em></td>
+ {assign var=icon value="icons/media-playback-stop"}
+ {assign var=action value="assign"}
+ {foreach from=$contentPerms.assigned item=ass}
+ {if $ass.group_id == $group.group_id and $ass.perm_name == $perm.perm_name}
+ {assign var=icon value="icons/dialog-ok"}
+ {assign var=action value="remove"}
+ {/if}
+ {/foreach}
+ <td style="text-align:center">{smartlink ititle=Allow ibiticon=$icon action=$action content_id=$gContent->mContentId perm=$perm.perm_name group_id=$group.group_id}</td>
+ </tr>
+ {/foreach}
+ </table>
+ <br /><hr /><br />
+ {/foreach}
- <div class="row submit">
- <input type="submit" name="back" value="{tr}Go back to content{/tr}" />
- <input type="submit" name="assign" value="{tr}Assign Permission{/tr}" />
- </div>
-{*/form*}
+{else}
-<br />
+ {form}
+ <input type="hidden" name="content_id" value="{$gContent->mContentId}" />
+ <input type="hidden" name="action" value="assign" />
-<table class="data">
- <caption>{tr}Permissions assigned to this content{/tr}</caption>
- <tr>
- <th>{smartlink content_id=$gContent->mContentId ititle=Group isort=group_name idefault=1}</th>
- <th>{smartlink content_id=$gContent->mContentId ititle=Permission isort=perm_name}</th>
- <th>{tr}Action{/tr}</th>
- </tr>
- {foreach from=$assignedPerms item=perm}
- <tr class="{cycle values="even,odd"}">
- <td>{$perm.group_name}</td>
- <td>
- {$perm.perm_name}
- <br />
- {$perm.perm_desc}
- </td>
- <td align="right">
- {smartlink ititle="Remove Permission" ibiticon="icons/edit-delete" action=remove perm_content_id=$gContent->mContentId perm=$perm.perm_name group_id=$perm.group_id}
- </td>
- </tr>
- {foreachelse}
- <tr class="norecords">
- <td colspan="3">{tr}No individual permissions, global permissions apply{/tr}</td>
- </tr>
- {/foreach}
-</table>
+ <div class="row">
+ {formlabel label="Assign this Permission" for="perm"}
+ {forminput}
+ <select name="perm" id="perm">
+ {foreach from=$contentPerms.assignable item=perm}
+ <option value="{$perm.perm_name}">{$perm.perm_desc}</option>
+ {/foreach}
+ </select>
+ {formhelp note=""}
+ {/forminput}
+ </div>
+
+ <div class="row">
+ {formlabel label="To this Group" for="group_id"}
+ {forminput}
+ <select name="group_id" id="group_id">
+ {foreach from=$contentPerms.groups item=group}
+ <option value="{$group.group_id}">{$group.group_name}</option>
+ {/foreach}
+ </select>
+ {formhelp note=""}
+ {/forminput}
+ </div>
+
+ <div class="row submit">
+ <input type="submit" name="back" value="{tr}Go back to content{/tr}" />
+ <input type="submit" name="assign" value="{tr}Assign Permission{/tr}" />
+ </div>
+ {/form}
+
+ {if $contentPerms.assigned}
+ <br />
-{* probably not needed - xing
-<br /><hr /><br />
+ <table class="data">
+ <caption>{tr}Permissions assigned to this content{/tr}</caption>
+ <tr>
+ <th>{smartlink content_id=$gContent->mContentId ititle=Group isort=group_name idefault=1}</th>
+ <th>{smartlink content_id=$gContent->mContentId ititle=Permission isort=perm_name}</th>
+ <th>{tr}Action{/tr}</th>
+ </tr>
+ {foreach from=$contentPerms.assigned item=perm}
+ <tr class="{cycle values="even,odd"}">
+ <td>{$perm.group_name}</td>
+ <td>{$perm.perm_desc} <em>({$perm.perm_name})</em></td>
+ <td align="right">
+ {smartlink ititle="Remove Permission" ibiticon="icons/edit-delete" action=remove content_id=$gContent->mContentId perm=$perm.perm_name group_id=$perm.group_id}
+ </td>
+ </tr>
+ {foreachelse}
+ <tr class="norecords">
+ <td colspan="3">{tr}No individual permissions, global permissions apply{/tr}</td>
+ </tr>
+ {/foreach}
+ </table>
+ {/if}
-<h2>{tr}Permission explanation{/tr}</h2>
-{foreach from=$assignPerms item=perm}
- <dl class="help">
- <dt>{$perm.perm_name}</dt>
- <dd>{$perm.perm_desc}</dd>
- </dl>
-{/foreach}
-*}
+{/if}
+{/strip}
diff --git a/templates/service_content_edit_tab_inc.tpl b/templates/service_content_edit_tab_inc.tpl
index a177f30..7c7bb43 100644
--- a/templates/service_content_edit_tab_inc.tpl
+++ b/templates/service_content_edit_tab_inc.tpl
@@ -1,13 +1,5 @@
-
-{php}
-global $gContent;
-//vd( $gContent );
-{/php}
-
-{if $gBitUser->hasPermission('p_liberty_assign_content_perms')}
-{jstab title="Permissions"}
-
-{include file="bitpackage:liberty/content_permissions_inc.tpl"}
-
-{/jstab}
+{if $gBitUser->hasPermission( 'p_liberty_assign_content_perms' )}
+ {jstab title="Permissions"}
+ {include file="bitpackage:liberty/content_permissions_inc.tpl"}
+ {/jstab}
{/if}
diff --git a/templates/service_content_icon_inc.tpl b/templates/service_content_icon_inc.tpl
index 83b072e..a99c121 100644
--- a/templates/service_content_icon_inc.tpl
+++ b/templates/service_content_icon_inc.tpl
@@ -1,3 +1,13 @@
+{strip}
{if $gBitSystem->isFeatureActive( 'liberty_cache' ) && $gContent->isCached()}
<a title="{tr}Refresh cache{/tr}" href="{$gContent->getDisplayUrl()}&amp;refresh_liberty_cache={$gContent->mContentId}">{biticon ipackage="icons" iname="view-refresh" iexplain="Refresh cache"}</a>
{/if}
+{if $gBitUser->hasPermission( 'p_liberty_assign_content_perms' ) and $serviceHash.content_id}
+ {if $gContent->mPerms} {* don't think there is a serviceHash way of working out if there are individual permissions set *}
+ {assign var=perm_icon value="icons/emblem-readonly"}
+ {else}
+ {assign var=perm_icon value="icons/emblem-shared"}
+ {/if}
+ {smartlink ipackage=liberty ifile=content_permissions.php ititle="Assign Permissions" ibiticon=$perm_icon ipackage=liberty ifile="content_permissions.php" content_id=$serviceHash.content_id}
+{/if}
+{/strip}