summaryrefslogtreecommitdiff
path: root/content_permissions.php
blob: e7c0e6a34c95bea019a0dcb75c8786cfff4fcb6c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php
/**
 * @version  $Revision$
 * @package  liberty
 * @subpackage functions
 */

/**
 * bit setup
 */
require_once( '../kernel/setup_inc.php' );

$gBitSystem->verifyPermission( 'p_liberty_assign_content_perms' );

require_once( LIBERTY_PKG_PATH.'lookup_content_inc.php' );

if( $gContent == null ) {
	$gBitSystem->setHttpStatus(404);
	$gBitSystem->fatalError('Could not find the requested content.');
}

// Process the form
// send the user to the content page if he wants to
if( !empty( $_REQUEST['back'] )) {
	bit_redirect( $gContent->getDisplayUrl() );
}

// Update database if needed
if( !empty( $_REQUEST['action'] ) && @BitBase::verifyId( $gContent->mContentId )) {
	if( $_REQUEST["action"] == 'expunge' ) {
		if( $gContent->expungeContentPermissions() ) {
			$feedback['success'] = tra( 'The content permissions were successfully removed.' );
		} else {
			$feedback['error'] = tra( 'The content permissions were not removed.' );
		}
	}

	if( @BitBase::verifyId( $_REQUEST["group_id"] ) && !empty( $_REQUEST["perm"] )) {
		$gBitUser->verifyTicket( TRUE );
		if( $_REQUEST["action"] == 'assign' ) {
			$gContent->storePermission( $_REQUEST["group_id"], $_REQUEST["perm"] );
		} elseif( $_REQUEST["action"] == 'negate' ) {
			$gContent->storePermission( $_REQUEST["group_id"], $_REQUEST["perm"], TRUE );
		} elseif( $_REQUEST["action"] == 'remove' ) {
			$gContent->removePermission( $_REQUEST["group_id"], $_REQUEST["perm"] );
		}
	}
}

// Get a list of groups
$listHash = array( 'sort_mode' => 'group_id_asc', 'visible' => 1 );
$contentPerms['groups'] = $gBitUser->getAllGroups( $listHash );

if( !empty( $gContent->mType['handler_package'] )) {
	$contentPerms['assignable'] = $gBitUser->getGroupPermissions( array( 'package' => $gContent->mType['handler_package'] ));
} else {
	// this is a last resort and will dump all perms a user has
	$contentPerms['assignable'] = $gBitUser->mPerms;
}

// Now we have to get the individual object permissions if any
if( $contentPerms['assigned'] = $gContent->getContentPermissionsList() ) {
	// merge assigned permissions with group permissions
	foreach( array_keys( $contentPerms['groups'] ) as $groupId ) {
		if( !empty( $contentPerms['assigned'][$groupId] )) {
			$contentPerms['groups'][$groupId]['perms'] = array_merge( $contentPerms['groups'][$groupId]['perms'], $contentPerms['assigned'][$groupId] );
		}
	}
}
$gBitSmarty->assign( 'contentPerms', $contentPerms );

// if we've called this page as part of an ajax update, we output the appropriate data
if( $gBitThemes->isAjaxRequest() ) {
	if( count( $contentPerms['groups'] <= 10 )) {
		$size = 'large/';
	} else {
		$size = 'small/';
	}

	$gid = $_REQUEST['group_id'];
	$perm = $_REQUEST['perm'];

	// we're applying the same logic as in the template. if you fix / change anything here, please update the template as well.
	$biticon = array(
		'ipackage' => 'icons',
		'iname'    => $size.'media-playback-stop',
		'iexplain' => '',
		'iforce'   => 'icon',
	);
	$action = 'assign';
	if( !empty( $contentPerms['groups'][$gid]['perms'][$perm] )) {
		$biticon['iname'] = $size.'dialog-ok';
		if( !empty( $contentPerms['assigned'][$gid][$perm] )) {
			$assigned = $contentPerms['assigned'][$gid][$perm];
			$biticon['iname'] = $size.'list-add';
			$action = 'negate';
		}
		if( !empty( $assigned['is_revoked'] )) {
			$biticon['iname'] = $size.'list-remove';
			$action = 'remove';
		}
	}

	require_once $gBitSmarty->_get_plugin_filepath( 'function', 'biticon' );
	$ret = '<a title="'.$contentPerms['groups'][$gid]['group_name']." :: ".$perm.'" '.
			'href="javascript:void(0);" onclick="BitAjax.updater('.
			"'{$perm}{$gid}', ".
			"'".LIBERTY_PKG_URL."content_permissions.php', ".
			"'action={$action}&amp;content_id={$gContent->mContentId}&amp;perm={$perm}&amp;group_id={$gid}'".
		')">'.smarty_function_biticon( $biticon, $gBitSmarty ).'</a>';
	echo $ret;
	die;
}

// enable ajaxed permission updating
$gBitThemes->loadAjax( 'mochikit' );
$gBitSystem->display( 'bitpackage:liberty/content_permissions.tpl', tra( 'Content Permissions' ), array( 'display_mode' => 'display' ));
?>