summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--content_role_permissions.php117
-rw-r--r--templates/content_role_permissions.tpl75
-rw-r--r--templates/content_role_permissions_inc.tpl98
3 files changed, 290 insertions, 0 deletions
diff --git a/content_role_permissions.php b/content_role_permissions.php
new file mode 100644
index 0000000..30fa466
--- /dev/null
+++ b/content_role_permissions.php
@@ -0,0 +1,117 @@
+<?php
+/**
+ * @version $Revision$
+ * @package liberty
+ * @subpackage functions
+ */
+
+/**
+ * bit setup
+ */
+require_once( '../kernel/setup_inc.php' );
+
+$gBitSystem->verifyPermission( 'p_liberty_assign_content_perms' );
+
+require_once( LIBERTY_PKG_PATH.'lookup_content_inc.php' );
+
+if( $gContent == null ) {
+ $gBitSystem->fatalError('Could not find the requested content.', NULL, NULL, HttpStatusCodes::HTTP_NOT_FOUND );
+}
+
+// Process the form
+// send the user to the content page if he wants to
+if( !empty( $_REQUEST['back'] )) {
+ bit_redirect( $gContent->getDisplayUrl() );
+}
+
+// Update database if needed
+if( !empty( $_REQUEST['action'] ) && @BitBase::verifyId( $gContent->mContentId )) {
+ if( $_REQUEST["action"] == 'expunge' ) {
+ if( $gContent->expungeContentPermissions() ) {
+ $feedback['success'] = tra( 'The content permissions were successfully removed.' );
+ } else {
+ $feedback['error'] = tra( 'The content permissions were not removed.' );
+ }
+ }
+
+ if( @BitBase::verifyId( $_REQUEST["role_id"] ) && !empty( $_REQUEST["perm"] )) {
+ $gBitUser->verifyTicket( TRUE );
+ if( $_REQUEST["action"] == 'assign' ) {
+ $gContent->storePermission( $_REQUEST["role_id"], $_REQUEST["perm"] );
+ } elseif( $_REQUEST["action"] == 'negate' ) {
+ $gContent->storePermission( $_REQUEST["role_id"], $_REQUEST["perm"], TRUE );
+ } elseif( $_REQUEST["action"] == 'remove' ) {
+ $gContent->removePermission( $_REQUEST["role_id"], $_REQUEST["perm"] );
+ }
+ }
+}
+
+// Get a list of roles
+$listHash = array( 'sort_mode' => 'role_id_asc', 'visible' => 1 );
+$contentPerms['roles'] = $gBitUser->getAllRoles( $listHash );
+
+if( !empty( $gContent->mType['handler_package'] )) {
+ $contentPerms['assignable'] = $gBitUser->getRolePermissions( array( 'package' => $gContent->mType['handler_package'] ));
+} else {
+ // this is a last resort and will dump all perms a user has
+ $contentPerms['assignable'] = $gBitUser->mPerms;
+}
+
+// Now we have to get the individual object permissions if any
+if( $contentPerms['assigned'] = $gContent->getContentPermissionsList() ) {
+ // merge assigned permissions with rol permissions
+ foreach( array_keys( $contentPerms['roles'] ) as $roleId ) {
+ if( !empty( $contentPerms['assigned'][$roleId] )) {
+ $contentPerms['roles'][$roleId]['perms'] = array_merge( $contentPerms['roles'][$roleId]['perms'], $contentPerms['assigned'][$roleId] );
+ }
+ }
+}
+$gBitSmarty->assign( 'contentPerms', $contentPerms );
+
+// if we've called this page as part of an ajax update, we output the appropriate data
+if( $gBitThemes->isAjaxRequest() ) {
+ if( count( $contentPerms['roles'] <= 10 )) {
+ $size = 'large/';
+ } else {
+ $size = 'small/';
+ }
+
+ $gid = $_REQUEST['role_id'];
+ $perm = $_REQUEST['perm'];
+
+ // we're applying the same logic as in the template. if you fix / change anything here, please update the template as well.
+ $biticon = array(
+ 'ipackage' => 'icons',
+ 'iname' => $size.'media-playback-stop',
+ 'iexplain' => '',
+ 'iforce' => 'icon',
+ );
+ $action = 'assign';
+ if( !empty( $contentPerms['roles'][$gid]['perms'][$perm] )) {
+ $biticon['iname'] = $size.'dialog-ok';
+ if( !empty( $contentPerms['assigned'][$gid][$perm] )) {
+ $assigned = $contentPerms['assigned'][$gid][$perm];
+ $biticon['iname'] = $size.'list-add';
+ $action = 'negate';
+ }
+ if( !empty( $assigned['is_revoked'] )) {
+ $biticon['iname'] = $size.'list-remove';
+ $action = 'remove';
+ }
+ }
+
+ require_once $gBitSmarty->_get_plugin_filepath( 'function', 'biticon' );
+ $ret = '<a title="'.$contentPerms['roles'][$gid]['role_name']." :: ".$perm.'" '.
+ 'href="javascript:void(0);" onclick="BitAjax.updater('.
+ "'{$perm}{$gid}', ".
+ "'".LIBERTY_PKG_URL."content_permissions.php', ".
+ "'action={$action}&amp;content_id={$gContent->mContentId}&amp;perm={$perm}&amp;role_id={$gid}'".
+ ')">'.smarty_function_biticon( $biticon, $gBitSmarty ).'</a>';
+ echo $ret;
+ die;
+}
+
+// enable ajaxed permission updating
+$gBitThemes->loadAjax( 'mochikit' );
+$gBitSystem->display( 'bitpackage:liberty/content_permissions.tpl', tra( 'Content Permissions' ), array( 'display_mode' => 'display' ));
+?>
diff --git a/templates/content_role_permissions.tpl b/templates/content_role_permissions.tpl
new file mode 100644
index 0000000..c40d736
--- /dev/null
+++ b/templates/content_role_permissions.tpl
@@ -0,0 +1,75 @@
+<div class="admin liberty">
+ <div class="header">
+ <h1>{tr}Assign permissions{/tr}</h1>
+ </div>
+
+ <div class="body">
+ <h2>{tr}Assign permissions to{/tr}: {$gContent->getTitle()}</h2>
+
+ {if !$contentPerms.assigned}
+ {formfeedback warning="No Individual permissions set. Global Permissions apply."}
+ {/if}
+
+ {if $contentPerms.assigned || $gBitThemes->isJavascriptEnabled()}
+ {smartlink ititle="Clear all custom content permissions" action=expunge content_id=$gContent->mContentId}
+ {/if}
+
+ {if count($contentPerms.roles) <= 10}
+ {assign var=size value="large/"}
+ {/if}
+
+ <table class="data">
+ <caption>{tr}Permissions set for this content item{/tr}</caption>
+ <tr>
+ <th>{tr}Permission{/tr}</th>
+ {foreach from=$contentPerms.roles item=role}
+ <th onmouseover="BitBase.showById('f{$role.role_id}');BitBase.hideById('a{$role.role_id}')">
+ <abbr id="a{$role.role_id}" title="{$role.role_name}">{if count($contentPerms.roles) gt 10}{$role.role_name|truncate:4:false}{else}{$role.role_name}{/if}</abbr>
+ <span id="f{$role.role_id}" style="display:none">{$role.role_name}</span>
+ </th>
+ {/foreach}
+ </tr>
+
+ {foreach from=$contentPerms.assignable key=perm item=permInfo name=perms}
+ <tr class="{cycle values="odd,even"}">
+ <td>{$permInfo.perm_desc}{if $gBitUser->isAdmin()}<br /><em>({$permInfo.perm_name})</em>{/if}</td>
+ {foreach from=$contentPerms.roles key=roleId item=roleInfo}
+ {assign var=icon value="media-playback-stop"} {* default icon *}
+ {assign var=action value="assign"} {* default action *}
+ {if $roleInfo.perms.$perm} {* global active permissions *}
+ {assign var=icon value="dialog-ok"} {* default active permission icon *}
+ {if $contentPerms.assigned.$roleId.$perm.is_revoked}
+ {assign var=icon value="list-remove"} {* is_revoked icon *}
+ {assign var=action value="remove"} {* remove permission if we have a custom one *}
+ {elseif $contentPerms.assigned.$roleId.$perm}
+ {assign var=icon value="list-add"} {* custon permission icon *}
+ {assign var=action value="negate"} {* remove permission if we have a custom one *}
+ {/if}
+ {/if}
+
+ <td style="text-align:center">
+ {if $gBitThemes->isJavascriptEnabled()}
+ <span id="{$perm}{$roleId}">
+ <a title="{$contentPerms.roles.$roleId.role_name} :: {$perm}" href="javascript:void(0);" onclick="BitAjax.updater('{$perm}{$roleId}', '{$smarty.const.LIBERTY_PKG_URL}content_permissions.php', 'action={$action}&amp;content_id={$gContent->mContentId}&amp;perm={$perm}&amp;role_id={$roleId}')">
+ {biticon iname=$size$icon iexplain="" iforce="icon"}
+ </a>
+ </span>
+ {else}
+ {smartlink itra=false ititle="`$contentPerms.roles.$roleId.role_name` :: $perm" ibiticon=icons/$size$icon iforce="icon" action=$action content_id=$gContent->mContentId perm=$perm role_id=$roleId}
+ {/if}
+ </td>
+ {/foreach}
+ </tr>
+ {/foreach}
+ </table>
+
+ <h2>{tr}Legend{/tr}</h2>
+
+ <dl>
+ <dt>{biticon iname="list-add" iexplain=""} Custom Permission: Always Allow</dt>
+ <dt>{biticon iname="list-remove" iexplain=""} Custom Permission: Always Deny</dt>
+ <dt>{biticon iname="dialog-ok" iexplain=""} Global Permission: Allow</dt>
+ <dt>{biticon iname="media-playback-stop" iexplain=""} Global Permission: Deny</dt>
+ </dl>
+ </div><!-- end .body -->
+</div><!-- end .liberty -->
diff --git a/templates/content_role_permissions_inc.tpl b/templates/content_role_permissions_inc.tpl
new file mode 100644
index 0000000..0668975
--- /dev/null
+++ b/templates/content_role_permissions_inc.tpl
@@ -0,0 +1,98 @@
+{strip}
+<h2>{tr}Assign permissions to{/tr}: {$gContent->getTitle()}</h2>
+
+{if !$contentPerms.assigned}
+ {formhelp warning="No Individual permissions set. Global Permissions apply."}
+{/if}
+
+{if $contentPerms.roles|count > 10}
+
+ {foreach from=$contentPerms.roles item=role}
+ <h3>{tr}Permissions for{/tr}: {$role.role_name}</h3>
+ <table class="data">
+ <tr>
+ <th>{tr}Permission{/tr}</th>
+ <th>{tr}Status{/tr}</th>
+ </tr>
+ {foreach from=$contentPerms.assignable item=perm}
+ <tr>
+ <td>{$perm.perm_desc} <em>({$perm.perm_name})</em></td>
+ {assign var=icon value="icons/media-playback-stop"}
+ {assign var=action value="assign"}
+ {foreach from=$contentPerms.assigned item=ass}
+ {if $ass.role_id == $role.role_id and $ass.perm_name == $perm.perm_name}
+ {assign var=icon value="icons/dialog-ok"}
+ {assign var=action value="remove"}
+ {/if}
+ {/foreach}
+ <td style="text-align:center">{smartlink ititle=Allow ibiticon=$icon iforce="icon" action=$action content_id=$gContent->mContentId perm=$perm.perm_name role_id=$role.role_id}</td>
+ </tr>
+ {/foreach}
+ </table>
+ <br /><hr /><br />
+ {/foreach}
+
+{else}
+
+ {form}
+ <input type="hidden" name="content_id" value="{$gContent->mContentId}" />
+ <input type="hidden" name="action" value="assign" />
+
+ <div class="row">
+ {formlabel label="Assign this Permission" for="perm"}
+ {forminput}
+ <select name="perm" id="perm">
+ {foreach from=$contentPerms.assignable item=perm}
+ <option value="{$perm.perm_name}">{$perm.perm_desc}</option>
+ {/foreach}
+ </select>
+ {formhelp note=""}
+ {/forminput}
+ </div>
+
+ <div class="row">
+ {formlabel label="To this Group" for="role_id"}
+ {forminput}
+ <select name="role_id" id="role_id">
+ {foreach from=$contentPerms.roles item=role}
+ <option value="{$role.role_id}">{$role.role_name}</option>
+ {/foreach}
+ </select>
+ {formhelp note=""}
+ {/forminput}
+ </div>
+
+ <div class="row submit">
+ <input type="submit" name="back" value="{tr}Go back to content{/tr}" />
+ <input type="submit" name="assign" value="{tr}Assign Permission{/tr}" />
+ </div>
+ {/form}
+
+ {if $contentPerms.assigned}
+ <br />
+
+ <table class="data">
+ <caption>{tr}Permissions assigned to this content{/tr}</caption>
+ <tr>
+ <th>{smartlink content_id=$gContent->mContentId ititle=Group isort=role_name idefault=1}</th>
+ <th>{smartlink content_id=$gContent->mContentId ititle=Permission isort=perm_name}</th>
+ <th>{tr}Action{/tr}</th>
+ </tr>
+ {foreach from=$contentPerms.assigned item=perm}
+ <tr class="{cycle values="even,odd"}">
+ <td>{$perm.role_name}</td>
+ <td>{$perm.perm_desc} <em>({$perm.perm_name})</em></td>
+ <td class="alignright">
+ {smartlink ititle="Remove Permission" ibiticon="icons/edit-delete" iforce="icon" action=remove content_id=$gContent->mContentId perm=$perm.perm_name role_id=$perm.role_id}
+ </td>
+ </tr>
+ {foreachelse}
+ <tr class="norecords">
+ <td colspan="3">{tr}No individual permissions, global permissions apply{/tr}</td>
+ </tr>
+ {/foreach}
+ </table>
+ {/if}
+
+{/if}
+{/strip}