From 56bd80ff83bfa32cdff3752aa926f7fbb2cd1f52 Mon Sep 17 00:00:00 2001 From: Max Kremmel Date: Sat, 4 Aug 2007 18:27:42 +0000 Subject: improve permission and group logic and fix such restrictions --- Pigeonholes.php | 51 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 35 insertions(+), 16 deletions(-) (limited to 'Pigeonholes.php') diff --git a/Pigeonholes.php b/Pigeonholes.php index 41bf536..8e36763 100644 --- a/Pigeonholes.php +++ b/Pigeonholes.php @@ -1,6 +1,6 @@ - * @version $Revision: 1.94 $ + * @version $Revision: 1.95 $ * @package pigeonholes */ @@ -372,7 +372,7 @@ class Pigeonholes extends LibertyAttachable { /** * Converts a structure path into valid html links - * @param $pPath path given by getPigenholePath() + * @param $pPath path given by getPigeonholePath() * @return the link to display the page. */ function getDisplayPath( $pPath ) { @@ -523,7 +523,7 @@ class Pigeonholes extends LibertyAttachable { **/ function checkPathPermissions( $pPath ) { global $gBitUser, $gBitSystem; - if( $gBitSystem->getConfig( 'pigeonholes_permissions' ) || $gBitSystem->getConfig( 'pigeonholes_groups' ) ) { + if( !empty( $pPath ) && is_array( $pPath )) { foreach( $pPath as $path ) { $contentIds[] = $path['content_id']; } @@ -928,24 +928,43 @@ function pigeonholes_pathlist_sorter( $aa, $ab ) { function pigeonholes_content_display( &$pObject ) { global $gBitSystem, $gBitSmarty, $gBitUser, $gBitThemes; - if( $gBitSystem->isFeatureActive( 'pigeonholes_display_members' ) || $gBitSystem->isFeatureActive( 'pigeonholes_display_path' ) ) { - $pigeonholes = new Pigeonholes(); - if( $gBitUser->hasPermission( 'p_pigeonholes_view' ) ) { - if( $pigeons = $pigeonholes->getPigeonholesFromContentId( $pObject->mContentId ) ) { - foreach( $pigeons as $pigeon ) { + $pigeonholes = new Pigeonholes(); + + // first we need to check permissions + if( $gBitSystem->isFeatureActive( 'pigeonhole_permissions' ) || $gBitSystem->isFeatureActive( 'pigeonholes_groups' )) { + if( $pigeons = $pigeonholes->getPigeonholesFromContentId( $pObject->mContentId )) { + foreach( $pigeons as $pigeon ) { + // we will loop through here until we get one pigeonhole that allows access + if( empty( $access_granted )) { + if( $pigeonholes->checkPathPermissions( $pigeonholes->getPigeonholePath( $pigeon['structure_id'] ))) { + $access_granted = TRUE; + } else { + $access_granted = FALSE; + } + } + } + } + + // we need to check all pigeonholes in the path, load the prefs and work out if the user is allowed to view the page + if( isset( $access_granted ) && $access_granted === FALSE ) { + $msg = tra( "This content is part of a category to which you have no access to. Please log in or request the appropriate permission from the site administrator." ); + $gBitSystem->fatalPermission( NULL, $msg ); + } + } + + if( $gBitSystem->isFeatureActive( 'pigeonholes_display_members' ) || $gBitSystem->isFeatureActive( 'pigeonholes_display_path' )) { + if( $gBitUser->hasPermission( 'p_pigeonholes_view' )) { + if( $pigeons = $pigeonholes->getPigeonholesFromContentId( $pObject->mContentId )) { + foreach( $pigeons as $key => $pigeon ) { $pigeonholes->mContentId = $pigeon['content_id']; $pigeonholes->load( TRUE, FALSE ); - //$pigeonholes->loadPreferences(); $pigeonData[] = $pigeonholes->mInfo; + // set the theme chosen for this page - virtually random if page is part of multiple themes - if( $gBitSystem->isFeatureActive( 'pigeonholes_themes' ) ) { + if( $gBitSystem->isFeatureActive( 'pigeonholes_themes' )) { + // loadPreferences is called by getPreference if needed $gBitThemes->setStyle( $pigeonholes->getPreference( 'style' )); } - // we need to check all pigeonholes in the path, load the prefs and work out if the user is allowed to view the page - if( !$pigeonholes->checkPathPermissions( $pigeonholes->getField( 'path' ) ) ) { - $msg = tra( "This content is part of a category to which you have no access to. Please log in or request the appropriate permission from the site administrator." ); - $gBitSystem->fatalPermission( NULL, $msg ); - } } $gBitSmarty->assign( 'pigeonData', !empty( $pigeonData ) ? $pigeonData : FALSE ); } -- cgit v1.3