diff options
| -rw-r--r-- | LibertyContent.php | 36 | ||||
| -rwxr-xr-x | LibertySystem.php | 25 | ||||
| -rw-r--r-- | bit_setup_inc.php | 6 | ||||
| -rw-r--r-- | content_permissions.php | 57 | ||||
| -rw-r--r-- | content_permissions_inc.php | 8 | ||||
| -rw-r--r-- | templates/content_permissions_inc.tpl | 155 | ||||
| -rw-r--r-- | templates/service_content_edit_tab_inc.tpl | 16 | ||||
| -rw-r--r-- | templates/service_content_icon_inc.tpl | 10 |
8 files changed, 208 insertions, 105 deletions
diff --git a/LibertyContent.php b/LibertyContent.php index 74c96b7..fd1aa47 100644 --- a/LibertyContent.php +++ b/LibertyContent.php @@ -3,7 +3,7 @@ * Management of Liberty content * * @package liberty -* @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertyContent.php,v 1.190 2007/03/31 10:41:11 squareing Exp $ +* @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertyContent.php,v 1.191 2007/03/31 13:01:08 squareing Exp $ * @author spider <spider@steelsun.com> */ @@ -73,12 +73,12 @@ class LibertyContent extends LibertyBase { * Permissions hash specific to this LibertyContent object * @public */ - var $mPerms; + var $mPerms = array(); /** * Preferences hash specific to this LibertyContent object - accessed via getPreference/storePreference * @private */ - var $mPrefs; + var $mPrefs = array(); /** * Admin control permission specific to this LibertyContent type * @private @@ -919,7 +919,7 @@ class LibertyContent extends LibertyBase { } LibertyContent::prepGetList( $pParamHash ); - if( $this->isValid() && empty( $this->mPerms ) && $this->mContentTypeGuid ) { + if( $this->isValid() && $this->mContentTypeGuid ) { $query = " SELECT lcperm.`perm_name`, ug.`group_id`, ug.`group_name`, up.`perm_desc` FROM `".BIT_DB_PREFIX."liberty_content_permissions` lcperm @@ -930,7 +930,7 @@ class LibertyContent extends LibertyBase { $bindVars = array( $this->mContentId ); $ret = $this->mDb->getAll( $query, $bindVars ); } - return( $ret ); + return $ret; } /** @@ -957,10 +957,11 @@ class LibertyContent extends LibertyBase { foreach( $perms as $perm ) { if( in_array( $perm['group_id'], $userGroups ) ) { $this->mPerms[$perm['perm_name']] = $perm; + $this->mPerms[$perm['perm_name']]['package'] = $this->mType['handler_package']; } } } - return( count( $perms ) ); + return( count( $perms )); } /** @@ -972,7 +973,7 @@ class LibertyContent extends LibertyBase { */ function updateUserPermissions( $pPackage = NULL ) { $ret = FALSE; - if( $this->isValid() && $this->loadPermissions() ) { + if( $this->isValid() && $this->hasAssignedPermissions() ) { global $gBitUser; if( empty( $pPackage ) ) { @@ -992,15 +993,20 @@ class LibertyContent extends LibertyBase { return $ret; } + /** + * Check to see if the loaded content has individually assigned permissions + * + * @access public + * @return TRUE on success, FALSE on failure - mErrors will contain reason for failure + */ function hasAssignedPermissions() { $ret = FALSE; if( $this->isValid() ) { - $ret = count( $this->mPerms ); + $ret = $this->loadPermissions(); } return $ret; } - /** * Function that determines if this content specified permission for the current gBitUser, and will throw a fatal error if not. * @@ -1103,21 +1109,21 @@ class LibertyContent extends LibertyBase { * @param integer Content Itentifier * @return bool true ( will not currently report a failure ) */ - function storePermission( $pGroupId, $pPermName, $pObjectId=NULL ) { - if( !@$this->verifyId( $pObjectId )) { - $pObjectId = $this->mContentId; + function storePermission( $pGroupId, $pPermName, $pContentId=NULL ) { + if( !@$this->verifyId( $pContentId )) { + $pContentId = $this->mContentId; } - if( @BitBase::verifyId( $pGroupId ) && !empty( $pPermName )) { + if( @BitBase::verifyId( $pGroupId ) && !empty( $pPermName ) && @BitBase::verifyId( $pContentId )) { $query = " DELETE FROM `".BIT_DB_PREFIX."liberty_content_permissions` WHERE `group_id` = ? AND `perm_name` = ? AND `content_id` = ?"; - $result = $this->mDb->query( $query, array( $pGroupId, $pPermName, $pObjectId ), -1, -1 ); + $result = $this->mDb->query( $query, array( $pGroupId, $pPermName, $pContentId ), -1, -1 ); $query = " INSERT INTO `".BIT_DB_PREFIX."liberty_content_permissions` ( `group_id`,`content_id`, `perm_name` ) VALUES( ?, ?, ? )"; - $result = $this->mDb->query( $query, array( $pGroupId, $pObjectId, $pPermName )); + $result = $this->mDb->query( $query, array( $pGroupId, $pContentId, $pPermName )); return TRUE; } return FALSE; diff --git a/LibertySystem.php b/LibertySystem.php index d676ccf..257d67e 100755 --- a/LibertySystem.php +++ b/LibertySystem.php @@ -3,7 +3,7 @@ * System class for handling the liberty package * * @package liberty -* @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertySystem.php,v 1.65 2007/03/21 18:08:07 wjames5 Exp $ +* @version $Header: /cvsroot/bitweaver/_bit_liberty/LibertySystem.php,v 1.66 2007/03/31 13:01:08 squareing Exp $ * @author spider <spider@steelsun.com> */ @@ -745,6 +745,8 @@ function liberty_plugins_div_style( $pParamHash ) { return $ret; } + +// ================== Liberty Service Functions ================== function liberty_content_load_sql() { global $gBitSystem, $gBitUser; $ret = array(); @@ -767,7 +769,7 @@ function liberty_content_list_sql() { return $ret; } -function liberty_content_preview(&$pObject) { +function liberty_content_preview( &$pObject ) { global $gBitSystem, $gBitUser; if ($gBitSystem->isFeatureActive('liberty_display_status') && ($gBitUser->hasPermission('p_liberty_edit_content_status') || $gBitUser->hasPermission('p_libert_edit_all_status'))) { $pObject->mInfo['content_status_id'] = $_REQUEST['content_status_id']; @@ -777,4 +779,23 @@ function liberty_content_preview(&$pObject) { } } +function liberty_content_load( &$pObject ) { + if( $pObject->isValid() ) { + // transparently update user permissions for this content object + // this might not be the wisest course of action since it distorts permissions on the entire site with respect to the active package - xing + $pObject->updateUserPermissions(); + } +} + +function liberty_content_display( &$pObject, &$pParamHash ) { + if( $pObject->isValid() ) { + global $gBitUser, $gBitSystem; + + // make sure user has appropriate permissions to view this content + if( !empty( $pParamHash['perm_name'] )) { + $pObject->verifyPermission( $pParamHash['perm_name'] ); + } + } +} + ?> diff --git a/bit_setup_inc.php b/bit_setup_inc.php index 443f6b7..86d0121 100644 --- a/bit_setup_inc.php +++ b/bit_setup_inc.php @@ -3,7 +3,7 @@ * base package include * * @author spider <spider@steelsun.com> - * @version $Revision: 1.14 $ + * @version $Revision: 1.15 $ * @package liberty * @subpackage functions */ @@ -21,6 +21,10 @@ $gLibertySystem->registerService( 'liberty', LIBERTY_PKG_NAME, array( 'content_edit_mini_tpl' => 'bitpackage:liberty/service_content_edit_mini_inc.tpl', 'content_edit_tab_tpl' => 'bitpackage:liberty/service_content_edit_tab_inc.tpl', 'content_icon_tpl' => 'bitpackage:liberty/service_content_icon_inc.tpl', + 'content_display_function' => 'liberty_content_display', + 'content_load_function' => 'liberty_content_load', + //'content_edit_function' => 'liberty_content_edit', + //'content_store_function' => 'liberty_content_store', 'content_load_sql_function' => 'liberty_content_load_sql', 'content_list_sql_function' => 'liberty_content_list_sql', 'content_preview_function' => 'liberty_content_preview', diff --git a/content_permissions.php b/content_permissions.php index 3e60a9a..b694116 100644 --- a/content_permissions.php +++ b/content_permissions.php @@ -1,6 +1,6 @@ <?php /** - * @version $Revision: 1.2 $ + * @version $Revision: 1.3 $ * @package liberty * @subpackage functions */ @@ -9,7 +9,58 @@ * bit setup */ require_once( '../bit_setup_inc.php' ); -require_once( LIBERTY_PKG_PATH.'content_permissions_inc.php' ); -$gBitSystem->display( 'bitpackage:liberty/content_permissions.tpl', tra( 'Content Permissions' ) ); +$gBitSystem->verifyPermission( 'p_liberty_assign_content_perms' ); + +// If we haven't got any content loaded yet, load it +if( empty( $gContent )) { + // make sure we have a content_id we can work with + if( empty( $_REQUEST["content_id"] ) || $_REQUEST["content_id"] < 1 ) { + $gBitSmarty->assign( 'msg', tra( "No valid content id given." )); + $gBitSystem->display( 'error.tpl' ); +die; + } + + $gContent = new LibertyContent(); + $gContent = $gContent->getLibertyObject( $_REQUEST['content_id'] ); +} +$gBitSmarty->assign_by_ref( 'gContent', $gContent ); + +// Process the form +// send the user to the content page if he wants to +if( !empty( $_REQUEST['back'] )) { + header( "Location: ".$gContent->getDisplayUrl() ); + die; +} + +// Update database if needed +if( @BitBase::verifyId( $_REQUEST["group_id"] ) && @BitBase::verifyId( $gContent->mContentId ) && !empty( $_REQUEST["perm"] ) && !empty( $_REQUEST['action'] )) { + $gBitUser->verifyTicket( TRUE ); + if( $_REQUEST["action"] == 'assign' ) { + $gContent->storePermission( $_REQUEST["group_id"], $_REQUEST["perm"], $gContent->mContentId ); + } elseif( $_REQUEST["action"] == 'remove' ) { + $gContent->removePermission( $_REQUEST["group_id"], $_REQUEST["perm"] ); + } +} + +// Now we have to get the individual object permissions if any +$contentPerms['assigned'] = $gContent->loadAllObjectPermissions( $_REQUEST ); + +// Get a list of groups +$listHash = array( 'sort_mode' => 'group_name_asc' ); +$userGroups = $gBitUser->getAllGroups( $listHash ); +$contentPerms['groups'] = $userGroups["data"]; + +// Get a list of permissions +if( empty( $assignPerms )) { + if( !empty( $gContent->mType['handler_package'] )) { + $contentPerms['assignable'] = $gBitUser->getGroupPermissions( NULL, $gContent->mType['handler_package'] ); + } else { + // this is a last resort and will dump all perms a user has + $contentPerms['assignable'] = $gBitUser->mPerms; + } +} +$gBitSmarty->assign( 'contentPerms', $contentPerms ); + +$gBitSystem->display( 'bitpackage:liberty/content_permissions.tpl', tra( 'Content Permissions' )); ?> diff --git a/content_permissions_inc.php b/content_permissions_inc.php index 40b38e6..1e1d277 100644 --- a/content_permissions_inc.php +++ b/content_permissions_inc.php @@ -1,14 +1,10 @@ <?php /** - * @version $Revision: 1.5 $ + * @version $Revision: 1.6 $ * @package liberty * @subpackage functions */ -if( !empty( $verify_permission ) ) { - $gBitSystem->verifyPermission( $verify_permission ); -} else { - $gBitSystem->verifyPermission( 'p_admin' ); -} +$gBitSystem->verifyPermission( 'p_liberty_assign_content_perms' ); // If we haven't got any content loaded yet, load it if( empty( $gContent ) ) { diff --git a/templates/content_permissions_inc.tpl b/templates/content_permissions_inc.tpl index 70bd4e2..f90e1f2 100644 --- a/templates/content_permissions_inc.tpl +++ b/templates/content_permissions_inc.tpl @@ -1,75 +1,98 @@ +{strip} <h2>{tr}Assign permissions to{/tr}: {$gContent->getTitle()}</h2> -{* you can't have a form within a form - services are inserted into forms - xing -form legend="Content Permissions"*} - <input type="hidden" name="perm_content_id" value="{$gContent->mContentId}" /> +{if !$contentPerms.assigned} + {formhelp warning="No Individual permissions set. Global Permissions apply."} +{/if} - <div class="row"> - {formlabel label="Assign this Permission" for="perm"} - {forminput} - <select name="perm" id="perm"> - {foreach from=$assignPerms item=perm} - <option value="{$perm.perm_name}">{$perm.perm_desc}</option> - {/foreach} - </select> - {formhelp note=""} - {/forminput} - </div> +{if $contentPerms.groups|count > 10} - <div class="row"> - {formlabel label="To this Group" for="group_id"} - {forminput} - <select name="perm_group_id" id="group_id"> - {foreach from=$userGroups item=group} - <option value="{$group.group_id}">{$group.group_name}</option> - {/foreach} - </select> - {formhelp note=""} - {/forminput} - </div> + {foreach from=$contentPerms.groups item=group} + <h3>{tr}Permissions for{/tr}: {$group.group_name}</h3> + <table class="data"> + <tr> + <th>{tr}Permission{/tr}</th> + <th>{tr}Status{/tr}</th> + </tr> + {foreach from=$contentPerms.assignable item=perm} + <tr> + <td>{$perm.perm_desc} <em>({$perm.perm_name})</em></td> + {assign var=icon value="icons/media-playback-stop"} + {assign var=action value="assign"} + {foreach from=$contentPerms.assigned item=ass} + {if $ass.group_id == $group.group_id and $ass.perm_name == $perm.perm_name} + {assign var=icon value="icons/dialog-ok"} + {assign var=action value="remove"} + {/if} + {/foreach} + <td style="text-align:center">{smartlink ititle=Allow ibiticon=$icon action=$action content_id=$gContent->mContentId perm=$perm.perm_name group_id=$group.group_id}</td> + </tr> + {/foreach} + </table> + <br /><hr /><br /> + {/foreach} - <div class="row submit"> - <input type="submit" name="back" value="{tr}Go back to content{/tr}" /> - <input type="submit" name="assign" value="{tr}Assign Permission{/tr}" /> - </div> -{*/form*} +{else} -<br /> + {form} + <input type="hidden" name="content_id" value="{$gContent->mContentId}" /> + <input type="hidden" name="action" value="assign" /> -<table class="data"> - <caption>{tr}Permissions assigned to this content{/tr}</caption> - <tr> - <th>{smartlink content_id=$gContent->mContentId ititle=Group isort=group_name idefault=1}</th> - <th>{smartlink content_id=$gContent->mContentId ititle=Permission isort=perm_name}</th> - <th>{tr}Action{/tr}</th> - </tr> - {foreach from=$assignedPerms item=perm} - <tr class="{cycle values="even,odd"}"> - <td>{$perm.group_name}</td> - <td> - {$perm.perm_name} - <br /> - {$perm.perm_desc} - </td> - <td align="right"> - {smartlink ititle="Remove Permission" ibiticon="icons/edit-delete" action=remove perm_content_id=$gContent->mContentId perm=$perm.perm_name group_id=$perm.group_id} - </td> - </tr> - {foreachelse} - <tr class="norecords"> - <td colspan="3">{tr}No individual permissions, global permissions apply{/tr}</td> - </tr> - {/foreach} -</table> + <div class="row"> + {formlabel label="Assign this Permission" for="perm"} + {forminput} + <select name="perm" id="perm"> + {foreach from=$contentPerms.assignable item=perm} + <option value="{$perm.perm_name}">{$perm.perm_desc}</option> + {/foreach} + </select> + {formhelp note=""} + {/forminput} + </div> + + <div class="row"> + {formlabel label="To this Group" for="group_id"} + {forminput} + <select name="group_id" id="group_id"> + {foreach from=$contentPerms.groups item=group} + <option value="{$group.group_id}">{$group.group_name}</option> + {/foreach} + </select> + {formhelp note=""} + {/forminput} + </div> + + <div class="row submit"> + <input type="submit" name="back" value="{tr}Go back to content{/tr}" /> + <input type="submit" name="assign" value="{tr}Assign Permission{/tr}" /> + </div> + {/form} + + {if $contentPerms.assigned} + <br /> -{* probably not needed - xing -<br /><hr /><br /> + <table class="data"> + <caption>{tr}Permissions assigned to this content{/tr}</caption> + <tr> + <th>{smartlink content_id=$gContent->mContentId ititle=Group isort=group_name idefault=1}</th> + <th>{smartlink content_id=$gContent->mContentId ititle=Permission isort=perm_name}</th> + <th>{tr}Action{/tr}</th> + </tr> + {foreach from=$contentPerms.assigned item=perm} + <tr class="{cycle values="even,odd"}"> + <td>{$perm.group_name}</td> + <td>{$perm.perm_desc} <em>({$perm.perm_name})</em></td> + <td align="right"> + {smartlink ititle="Remove Permission" ibiticon="icons/edit-delete" action=remove content_id=$gContent->mContentId perm=$perm.perm_name group_id=$perm.group_id} + </td> + </tr> + {foreachelse} + <tr class="norecords"> + <td colspan="3">{tr}No individual permissions, global permissions apply{/tr}</td> + </tr> + {/foreach} + </table> + {/if} -<h2>{tr}Permission explanation{/tr}</h2> -{foreach from=$assignPerms item=perm} - <dl class="help"> - <dt>{$perm.perm_name}</dt> - <dd>{$perm.perm_desc}</dd> - </dl> -{/foreach} -*} +{/if} +{/strip} diff --git a/templates/service_content_edit_tab_inc.tpl b/templates/service_content_edit_tab_inc.tpl index a177f30..7c7bb43 100644 --- a/templates/service_content_edit_tab_inc.tpl +++ b/templates/service_content_edit_tab_inc.tpl @@ -1,13 +1,5 @@ - -{php} -global $gContent; -//vd( $gContent ); -{/php} - -{if $gBitUser->hasPermission('p_liberty_assign_content_perms')} -{jstab title="Permissions"} - -{include file="bitpackage:liberty/content_permissions_inc.tpl"} - -{/jstab} +{if $gBitUser->hasPermission( 'p_liberty_assign_content_perms' )} + {jstab title="Permissions"} + {include file="bitpackage:liberty/content_permissions_inc.tpl"} + {/jstab} {/if} diff --git a/templates/service_content_icon_inc.tpl b/templates/service_content_icon_inc.tpl index 83b072e..a99c121 100644 --- a/templates/service_content_icon_inc.tpl +++ b/templates/service_content_icon_inc.tpl @@ -1,3 +1,13 @@ +{strip} {if $gBitSystem->isFeatureActive( 'liberty_cache' ) && $gContent->isCached()} <a title="{tr}Refresh cache{/tr}" href="{$gContent->getDisplayUrl()}&refresh_liberty_cache={$gContent->mContentId}">{biticon ipackage="icons" iname="view-refresh" iexplain="Refresh cache"}</a> {/if} +{if $gBitUser->hasPermission( 'p_liberty_assign_content_perms' ) and $serviceHash.content_id} + {if $gContent->mPerms} {* don't think there is a serviceHash way of working out if there are individual permissions set *} + {assign var=perm_icon value="icons/emblem-readonly"} + {else} + {assign var=perm_icon value="icons/emblem-shared"} + {/if} + {smartlink ipackage=liberty ifile=content_permissions.php ititle="Assign Permissions" ibiticon=$perm_icon ipackage=liberty ifile="content_permissions.php" content_id=$serviceHash.content_id} +{/if} +{/strip} |
