Commit 840c40ae authored by lphuberdeau's avatar lphuberdeau

[MOD] Adding granular permissions, batch loading, fixing several WYSIWYCA...

[MOD] Adding granular permissions, batch loading, fixing several WYSIWYCA issues (summary: merging perms-take2)
parent 7efa71bf
......@@ -1516,6 +1516,7 @@ lib/contribution/contributionlib.php -text
lib/contribution/index.php -text
lib/copyrights/copyrightslib.php -text
lib/copyrights/index.php -text
lib/core/lib/Category/Manipulator.php -text
lib/core/lib/DeclFilter.php -text
lib/core/lib/DeclFilter/CatchAllFilterRule.php -text
lib/core/lib/DeclFilter/CatchAllUnsetRule.php -text
......@@ -1532,6 +1533,21 @@ lib/core/lib/Multilingual/Aligner/BilingualAligner.php -text
lib/core/lib/Multilingual/Aligner/SentenceSegmentor.php -text
lib/core/lib/Multilingual/Aligner/ShortestPathFinder.php -text
lib/core/lib/Multilingual/MachineTranslation/GoogleTranslateWrapper.php -text
lib/core/lib/Perms.php -text
lib/core/lib/Perms/Accessor.php -text
lib/core/lib/Perms/Check.php -text
lib/core/lib/Perms/Check/Creator.php -text
lib/core/lib/Perms/Check/Direct.php -text
lib/core/lib/Perms/Check/Indirect.php -text
lib/core/lib/Perms/Resolver.php -text
lib/core/lib/Perms/Resolver/Default.php -text
lib/core/lib/Perms/Resolver/Static.php -text
lib/core/lib/Perms/ResolverFactory.php -text
lib/core/lib/Perms/ResolverFactory/CategoryFactory.php -text
lib/core/lib/Perms/ResolverFactory/GlobalFactory.php -text
lib/core/lib/Perms/ResolverFactory/ObjectFactory.php -text
lib/core/lib/Perms/ResolverFactory/StaticFactory.php -text
lib/core/lib/Perms/ResolverFactory/TestFactory.php -text
lib/core/lib/TikiDb.php -text
lib/core/lib/TikiDb/Adodb.php -text
lib/core/lib/TikiDb/Bridge.php -text
......@@ -1557,7 +1573,7 @@ lib/core/test/AcceptanceTests/SearchTest.php -text
lib/core/test/AcceptanceTests/TikiLibrariesAccessTest.php -text
lib/core/test/AllTests.php -text
lib/core/test/AllTestsAcceptance.php -text
lib/core/test/DeclFilter/AllTests.php -text
lib/core/test/Category/ManipulatorTest.php -text
lib/core/test/DeclFilter/BaseTest.php -text
lib/core/test/DeclFilter/CatchAllFilterTest.php -text
lib/core/test/DeclFilter/CatchAllUnsetTest.php -text
......@@ -1567,7 +1583,6 @@ lib/core/test/DeclFilter/KeyPatternUnsetTest.php -text
lib/core/test/DeclFilter/StaticKeyFilterTest.php -text
lib/core/test/DeclFilter/StaticKeyUnsetTest.php -text
lib/core/test/JitFilter/AccessTest.php -text
lib/core/test/JitFilter/AllTests.php -text
lib/core/test/JitFilter/FilterTest.php -text
lib/core/test/JitFilter/IteratorTest.php -text
lib/core/test/Multilingual/Aligner/AllTests.php -text
......@@ -1577,21 +1592,34 @@ lib/core/test/Multilingual/Aligner/ShortestPathFinderTest.php -text
lib/core/test/Multilingual/AllTests.php -text
lib/core/test/Multilingual/MachineTranslation/AllTests.php -text
lib/core/test/Multilingual/MachineTranslation/GoogleTranslateWrapperTest.php -text
lib/core/test/Perms/AccessorTest.php -text
lib/core/test/Perms/BaseTest.php -text
lib/core/test/Perms/Check/CreatorTest.php -text
lib/core/test/Perms/Check/DirectTest.php -text
lib/core/test/Perms/Check/IndirectTest.php -text
lib/core/test/Perms/CheckSequenceTest.php -text
lib/core/test/Perms/MixedTest.php -text
lib/core/test/Perms/Resolver/DefaultTest.php -text
lib/core/test/Perms/Resolver/StaticTest.php -text
lib/core/test/Perms/ResolverFactory/CategoryFactoryTest.php -text
lib/core/test/Perms/ResolverFactory/GlobalFactoryTest.php -text
lib/core/test/Perms/ResolverFactory/ObjectFactoryTest.php -text
lib/core/test/Perms/ResolverFactory/TestFactoryTest.php -text
lib/core/test/TikiAcceptanceTestDBRestorer.php -text
lib/core/test/TikiFilter/AllTests.php -text
lib/core/test/TikiFilter/CallbackTest.php -text
lib/core/test/TikiFilter/MapTest.php -text
lib/core/test/TikiFilter/WordTest.php -text
lib/core/test/TikiFilter/XssTest.php -text
lib/core/test/TikiSeleniumTestCase.php -text
lib/core/test/TikiTestCase.php -text
lib/core/test/WikiParser/AllTests.php -text
lib/core/test/WikiParser/PluginArgumentParserTest.php -text
lib/core/test/WikiParser/PluginMatcherTest.php -text
lib/core/test/WikiParser/PluginParserTest.php -text
lib/core/test/WikiParser/PluginRepositoryTest.php -text
lib/core/test/WikiParser/wikiplugin_foo.php -text
lib/core/test/bootstrap.php -text
lib/core/test/create_dump_db_file.php -text
lib/core/test/phpunit.xml -text
lib/core/test/restore_db_dump.php -text
lib/core/test/upgrade_test_database_dump_file.php -text
lib/csslib.php -text
......@@ -2527,6 +2555,7 @@ lib/setup/menus.php -text
lib/setup/openid.php -text
lib/setup/output_compression.php -text
lib/setup/patches.php -text
lib/setup/perms.php -text
lib/setup/phplayers.php -text
lib/setup/polls.php -text
lib/setup/prefs.php -text
......@@ -3582,6 +3611,7 @@ templates/browse_file_gallery.tpl -text
templates/browsedcategory.tpl -text
templates/categobjects.tpl -text
templates/categorize.tpl -text
templates/category_tree_entry.tpl -text
templates/categpath.tpl -text
templates/comment-body.tpl -text
templates/comment-footer.tpl -text
......@@ -4413,7 +4443,6 @@ tests/testfile.txt -text
/tiki-calendar_params_ical.php -text
/tiki-calendar_setup.php -text
/tiki-calendars_rss.php -text
/tiki-categpermissions.php -text
/tiki-change_password.php -text
/tiki-channel.php -text
/tiki-charts.php -text
......
......@@ -14,8 +14,9 @@ if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== false) {
require_once('tiki-setup.php');
global $prefs;
$catobjperms = Perms::get( array( 'type' => $cat_type, 'object' => $cat_objid ) );
if ($prefs['feature_categories'] == 'y' && $tiki_p_view_categories == 'y') {
if ($prefs['feature_categories'] == 'y' && $catobjperms->modify_object_categories ) {
global $categlib; include_once('lib/categories/categlib.php');
$smarty->assign('cat_categorize', 'n');
......@@ -45,19 +46,28 @@ if ($prefs['feature_categories'] == 'y' && $tiki_p_view_categories == 'y') {
// Drop the staging category if page without staging prefix is attempted to be categorized in both staging category and approved category
$_REQUEST['cat_categories'] = array_diff($_REQUEST['cat_categories'],Array($prefs['wikiapproval_staging_category']));
}
$categlib->update_object_categories(isset($_REQUEST['cat_categories'])?$_REQUEST['cat_categories']:'', $cat_objid, $cat_type, $cat_desc, $cat_name, $cat_href);
$categlib->update_object_categories(isset($_REQUEST['cat_categories'])?$_REQUEST['cat_categories']:'', $cat_objid, $cat_type, $cat_desc, $cat_name, $cat_href, $_REQUEST['cat_managed']);
$cats = $categlib->get_object_categories($cat_type, $cat_objid);
if (isset($section) && $section == 'wiki' && $prefs['feature_wiki_mandatory_category'] > 0)
$categories = $categlib->list_categs($prefs['feature_wiki_mandatory_category']);
else
$categories = $categlib->list_categs();
$categories = Perms::filter( array( 'type' => 'category' ), 'object', $categories, array( 'object' => 'categId' ), 'view_category' );
$num_categories = count($categories);
$can = $catobjperms->modify_object_categories;
for ($iCat = 0; $iCat < $num_categories; $iCat++) {
$catperms = Perms::get( array( 'type' => 'category', 'object' => $categories[$i]['categId'] ) );
if (in_array($categories[$iCat]["categId"], $cats)) {
$categories[$iCat]["incat"] = 'y';
$categories[$i]['canchange'] = $can && $catperms->remove_object;
} else {
$categories[$iCat]["incat"] = 'n';
$categories[$i]['canchange'] = $can && $catperms->add_object;
}
}
$smarty->assign_by_ref('categories', $categories["data"]);
......
......@@ -14,6 +14,7 @@ if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== false) {
}
require_once('tiki-setup.php');
global $prefs, $userlib;
$catobjperms = Perms::get( array( 'type' => $cat_type, 'object' => $cat_objid ) );
$smarty->assign('mandatory_category', '-1');
if ($prefs['feature_categories'] == 'y' && isset($cat_type) && isset($cat_objid)) {
......@@ -44,29 +45,28 @@ if ($prefs['feature_categories'] == 'y' && isset($cat_type) && isset($cat_objid)
$all_categories = $categlib->list_categs();
}
$smarty->assign('mandatory_category', $prefs[$pref]);
} else
} else {
$all_categories = $categlib->list_categs();
$categories = array();
for ($i = 0; $i < count($all_categories); $i++) {
if ( $tikilib->user_has_perm_on_object($user,$all_categories[$i]['categId'],'category','tiki_p_view_categories')
|| $tikilib->user_has_perm_on_object($user,$all_categories[$i]['categId'],'category','tiki_p_admin_categories')
) {
$categories[] = $all_categories[$i];
}
}
if (isset ($categories)) {
if( ! empty( $all_categories ) ) {
$categories = Perms::filter( array( 'type' => 'category' ), 'object', $all_categories, array( 'object' => 'categId' ), 'view_category' );
} else {
$categories = array();
}
$num_categories = count($categories);
}
else {
$num_categories = 0;
};
$can = $catobjperms->modify_object_categories;
for ($i = 0; $i < $num_categories; $i++) {
$catperms = Perms::get( array( 'type' => 'category', 'object' => $categories[$i]['categId'] ) );
if (!empty($cats) && in_array($categories[$i]["categId"], $cats)) {
$categories[$i]["incat"] = 'y';
$categories[$i]['canchange'] = $can && $catperms->remove_object;
} else {
$categories[$i]["incat"] = 'n';
$categories[$i]['canchange'] = $can && $catperms->add_object;
}
if (isset($_REQUEST["cat_categories"]) && isset($_REQUEST["cat_categorize"]) && $_REQUEST["cat_categorize"] == 'on') {
if (in_array($categories[$i]["categId"], $_REQUEST["cat_categories"])) {
......@@ -84,10 +84,11 @@ else {
$tree_nodes = array();
foreach ($categories as $c) {
if (isset($c['name']) || $c['parentId'] != 0) {
$smarty->assign( 'category_data', $c );
$tree_nodes[] = array(
'id' => $c['categId'],
'parent' => $c['parentId'],
'data' => '<span class="tips" title="'.$c['description'].'"><input type="checkbox" name="cat_categories[]" value="' . $c['categId'] . ($c['incat'] == 'y' ? '" checked="checked"' : '" ') . '/> ' . $c['name'] . '</span>'
'data' => $smarty->fetch( 'category_tree_entry.tpl' ),
);
if ($c['parentId'] == 0) {
$tree_nodes[count($tree_nodes) - 1]['data'] = '<strong>'.$tree_nodes[count($tree_nodes) - 1]['data'].'</strong>';
......
......@@ -2835,12 +2835,6 @@ INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_events', 'Can view events details', 'registered', 'calendar');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_tiki_calendar', 'Can view Tikiwiki tools calendar', 'basic', 'calendar');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_edit_categorized', 'Can edit items in categories', 'registered', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_categories', 'Can view categories', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_categorized', 'Can view categorized items', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_search_categorized', 'Can search on objects of this category', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_charts', 'Can admin charts', 'admin', 'charts', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_autoval_chart_suggestio', 'Autovalidate suggestions', 'editors', 'charts');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_suggest_chart_item', 'Can suggest items', 'basic', 'charts');
......@@ -3109,6 +3103,13 @@ INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_invite', 'Can invite user in groups', 'editors', 'tiki');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_delete_account', 'Can delete his own account', 'admin', 'tiki');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_importer', 'Can use the Tiki Importer', 'admin', 'tiki', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_category', 'Can see the category in a listing', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_modify_object_categories', 'Can change the categories on the object', 'editors', 'tiki');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_add_object', 'Can add objects in the category', 'editors', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_remove_object', 'Can remove objects from the category', 'editors', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_create_category', 'Can create new categories', 'admin', 'category');
UPDATE users_permissions SET feature_check = 'feature_wiki' WHERE permName IN(
'tiki_p_admin_wiki',
......
......@@ -2835,12 +2835,6 @@ INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_events', 'Can view events details', 'registered', 'calendar');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_tiki_calendar', 'Can view Tikiwiki tools calendar', 'basic', 'calendar');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_edit_categorized', 'Can edit items in categories', 'registered', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_categories', 'Can view categories', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_categorized', 'Can view categorized items', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_search_categorized', 'Can search on objects of this category', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_charts', 'Can admin charts', 'admin', 'charts', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_autoval_chart_suggestio', 'Autovalidate suggestions', 'editors', 'charts');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_suggest_chart_item', 'Can suggest items', 'basic', 'charts');
......@@ -3109,6 +3103,13 @@ INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_invite', 'Can invite user in groups', 'editors', 'tiki');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_delete_account', 'Can delete his own account', 'admin', 'tiki');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_importer', 'Can use the Tiki Importer', 'admin', 'tiki', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_category', 'Can see the category in a listing', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_modify_object_categories', 'Can change the categories on the object', 'editors', 'tiki');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_add_object', 'Can add objects in the category', 'editors', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_remove_object', 'Can remove objects from the category', 'editors', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_create_category', 'Can create new categories', 'admin', 'category');
UPDATE users_permissions SET feature_check = 'feature_wiki' WHERE permName IN(
'tiki_p_admin_wiki',
......
This source diff could not be displayed because it is too large. You can view the blob instead.
......@@ -3417,17 +3417,6 @@ INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_view_tiki_calendar', 'Can view Tikiwiki tools calendar', 'basic', 'calendar');
INSERT INTO "users_permissions" ("permName","permDesc","level","type","admin") VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_edit_categorized', 'Can edit items in categories', 'registered', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_view_categories', 'Can view categories', 'basic', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_view_categorized', 'Can view categorized items', 'basic', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_search_categorized', 'Can search on objects of this category', 'basic', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type","admin") VALUES ('tiki_p_admin_charts', 'Can admin charts', 'admin', 'charts', 'y');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_autoval_chart_suggestio', 'Autovalidate suggestions', 'editors', 'charts');
......@@ -3927,6 +3916,19 @@ INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('
INSERT INTO "users_permissions" ("permName","permDesc","level","type","admin") VALUES ('tiki_p_admin_importer', 'Can use the Tiki Importer', 'admin', 'tiki', 'y');
INSERT INTO "users_permissions" ("permName","permDesc","level","type","admin") VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_view_category', 'Can see the category in a listing', 'basic', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_modify_object_categories', 'Can change the categories on the object', 'editors', 'tiki');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_add_object', 'Can add objects in the category', 'editors', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_remove_object', 'Can remove objects from the category', 'editors', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_create_category', 'Can create new categories', 'admin', 'category');
UPDATE users_permissions SET feature_check = 'feature_wiki' WHERE permName IN(
'tiki_p_admin_wiki',
......
......@@ -3429,17 +3429,6 @@ INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_view_tiki_calendar', 'Can view Tikiwiki tools calendar', 'basic', 'calendar');
INSERT INTO "users_permissions" ("permName","permDesc","level","type","admin") VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_edit_categorized', 'Can edit items in categories', 'registered', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_view_categories', 'Can view categories', 'basic', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_view_categorized', 'Can view categorized items', 'basic', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_search_categorized', 'Can search on objects of this category', 'basic', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type","admin") VALUES ('tiki_p_admin_charts', 'Can admin charts', 'admin', 'charts', 'y');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_autoval_chart_suggestio', 'Autovalidate suggestions', 'editors', 'charts');
......@@ -3939,6 +3928,19 @@ INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('
INSERT INTO "users_permissions" ("permName","permDesc","level","type","admin") VALUES ('tiki_p_admin_importer', 'Can use the Tiki Importer', 'admin', 'tiki', 'y');
"INSERT" INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_view_category', 'Can see the category in a listing', 'basic', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_modify_object_categories', 'Can change the categories on the object', 'editors', 'tiki');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_add_object', 'Can add objects in the category', 'editors', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_remove_object', 'Can remove objects from the category', 'editors', 'category');
INSERT INTO "users_permissions" ("permName","permDesc","level","type") VALUES ('tiki_p_create_category', 'Can create new categories', 'admin', 'category');
UPDATE users_permissions SET feature_check = 'feature_wiki' WHERE permName IN(
'tiki_p_admin_wiki',
......
This diff is collapsed.
......@@ -2835,12 +2835,6 @@ INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_events', 'Can view events details', 'registered', 'calendar');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_tiki_calendar', 'Can view Tikiwiki tools calendar', 'basic', 'calendar');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_edit_categorized', 'Can edit items in categories', 'registered', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_categories', 'Can view categories', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_categorized', 'Can view categorized items', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_search_categorized', 'Can search on objects of this category', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_charts', 'Can admin charts', 'admin', 'charts', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_autoval_chart_suggestio', 'Autovalidate suggestions', 'editors', 'charts');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_suggest_chart_item', 'Can suggest items', 'basic', 'charts');
......@@ -3109,6 +3103,13 @@ INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_invite', 'Can invite user in groups', 'editors', 'tiki');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_delete_account', 'Can delete his own account', 'admin', 'tiki');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_importer', 'Can use the Tiki Importer', 'admin', 'tiki', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type, admin) VALUES ('tiki_p_admin_categories', 'Can admin categories', 'editors', 'category', 'y');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_view_category', 'Can see the category in a listing', 'basic', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_modify_object_categories', 'Can change the categories on the object', 'editors', 'tiki');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_add_object', 'Can add objects in the category', 'editors', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_remove_object', 'Can remove objects from the category', 'editors', 'category');
INSERT INTO users_permissions (permName, permDesc, level, type) VALUES ('tiki_p_create_category', 'Can create new categories', 'admin', 'category');
UPDATE users_permissions SET feature_check = 'feature_wiki' WHERE permName IN(
'tiki_p_admin_wiki',
......
......@@ -214,48 +214,18 @@ class BlogLib extends TikiLib {
$query = "select * from `tiki_blog_posts` $mid order by ".$this->convertSortMode($sort_mode);
$query_cant = "select count(*) from `tiki_blog_posts` $mid";
$result = $this->query($query,$bindvars,$maxRecords,$offset);
$result = $this->fetchAll($query,$bindvars,$maxRecords,$offset);
$cant = $this->getOne($query_cant,$bindvars);
$ret = array();
global $prefs, $userlib, $user, $tiki_p_admin;
while ($res = $result->fetchRow()) {
$add = TRUE;
if ($tiki_p_admin != 'y' && $userlib->object_has_one_permission($res['blogId'], 'blog')) {
// quiz permissions override category permissions
if (!$userlib->object_has_permission($user, $res['blogId'], 'blog', 'tiki_p_read_blog'))
{
$add = FALSE;
}
} elseif ($tiki_p_admin != 'y' && $prefs['feature_categories'] == 'y') {
// no quiz permissions so now we check category permissions
global $categlib;
if (!is_object($categlib)) {
include_once('lib/categories/categlib.php');
}
unset($tiki_p_view_categorized); // unset this var in case it was set previously
$perms_array = $categlib->get_object_categories_perms($user, 'blog', $res['blogId']);
if ($perms_array) {
$is_categorized = TRUE;
foreach ($perms_array as $perm => $value) {
$$perm = $value;
}
} else {
$is_categorized = FALSE;
}
if ($is_categorized && isset($tiki_p_view_categorized) && $tiki_p_view_categorized != 'y') {
$add = FALSE;
}
}
if ($add) {
$query2 = "select `title` from `tiki_blogs` where `blogId`=?";
$title = $this->getOne($query2,array($res["blogId"]));
$res["blogtitle"] = $title;
$ret[] = $res;
}
$result = Perms::filter( array( 'type' => 'blog' ), 'object', $result, array( 'object' => 'blogId' ), 'read_blog' );
global $prefs;
foreach( $result as $res ) {
$query2 = "select `title` from `tiki_blogs` where `blogId`=?";
$title = $this->getOne($query2,array($res["blogId"]));
$res["blogtitle"] = $title;
$ret[] = $res;
}
$retval = array();
......
This diff is collapsed.
......@@ -970,61 +970,60 @@ class Comments extends TikiLib {
}
$query = "select * from `tiki_forums` $mid order by `section` asc,".$this->convertSortMode($sort_mode);
$result = $this->query($query,$bindvars);
$result = $this->fetchAll($query,$bindvars);
$result = Perms::filter( array( 'type' => 'forum' ), 'object', $result, array( 'object' => 'forumId' ), 'forum_read' );
$ret = array();
$count = 0;
$cant = 0;
$off = 0;
while ( $res = $result->fetchRow() ) {
$objperm = $this->get_perm_object($res['forumId'], 'forum', '', false);
if ( $res['forumId'] != '' && $objperm['tiki_p_forum_read'] == 'y' ) {
$cant++; // Count the whole number of forums the user has access to
if ( ( $maxRecords > -1 && $count >= $maxRecords ) || $off++ < $offset ) continue;
foreach( $result as $res ) {
$cant++; // Count the whole number of forums the user has access to
$forum_age = ceil(($this->now - $res["created"]) / (24 * 3600));
if ( ( $maxRecords > -1 && $count >= $maxRecords ) || $off++ < $offset ) continue;
// Get number of topics on this forum
$res['threads'] = $this->count_comments_threads('forum:'.$res['forumId']);
$forum_age = ceil(($this->now - $res["created"]) / (24 * 3600));
// Get number of posts on this forum
$res['comments'] = $this->count_comments('forum:'.$res['forumId']);
// Get number of topics on this forum
$res['threads'] = $this->count_comments_threads('forum:'.$res['forumId']);
// Get number of users that posted at least one comment on this forum
$res['users'] = $this->getOne(
'select count(distinct `userName`) from `tiki_comments` where `object`=? and `objectType`=?',
array($res['forumId'], 'forum')
);
// Get number of posts on this forum
$res['comments'] = $this->count_comments('forum:'.$res['forumId']);
// Get lock status
$res['is_locked'] = $this->is_object_locked('forum:'.$res['forumId']) ? 'y' : 'n';
// Get number of users that posted at least one comment on this forum
$res['users'] = $this->getOne(
'select count(distinct `userName`) from `tiki_comments` where `object`=? and `objectType`=?',
array($res['forumId'], 'forum')
);
// Get data of the last post of this forum
if ( $res['comments'] > 0 ) {
$result2 = $this->query(
'select * from `tiki_comments` where `object`= ? and `objectType` = ? order by commentDate desc',
array($res['forumId'], 'forum'));
// Get lock status
$res['is_locked'] = $this->is_object_locked('forum:'.$res['forumId']) ? 'y' : 'n';
// Get data of the last post of this forum
if ( $res['comments'] > 0 ) {
$result2 = $this->query(
'select * from `tiki_comments` where `object`= ? and `objectType` = ? order by commentDate desc',
array($res['forumId'], 'forum'));
$res['lastPostData'] = $result2->fetchRow();
$res['lastPost'] = $res['lastPostData']['commentDate'];
} else {
unset($res['lastPost']);
}
// Generate stats based on this forum's age
if ( $forum_age > 0 ) {
$res['age'] = $forum_age;
$res['posts_per_day'] = $res['comments'] / $forum_age;
$res['users_per_day'] = $res['users'] / $forum_age;
} else {
$res['age'] = 0;
$res['posts_per_day'] = 0;
$res['users_per_day'] = 0;
}
$res['lastPostData'] = $result2->fetchRow();
$res['lastPost'] = $res['lastPostData']['commentDate'];
} else {
unset($res['lastPost']);
}
$ret[] = $res;
++$count;
// Generate stats based on this forum's age
if ( $forum_age > 0 ) {
$res['age'] = $forum_age;
$res['posts_per_day'] = $res['comments'] / $forum_age;
$res['users_per_day'] = $res['users'] / $forum_age;
} else {
$res['age'] = 0;
$res['posts_per_day'] = 0;
$res['users_per_day'] = 0;
}
$ret[] = $res;
++$count;
}
$retval = array();
......@@ -1284,14 +1283,8 @@ class Comments extends TikiLib {
}
$query = "select a.`threadId`, a.`object`, a.`title`, a.`parentId`, a.`commentDate` $parentinfo from `tiki_comments` a $mid ORDER BY a.`commentDate` desc";
$result = $this->query($query,array($user),$max);
$ret = array();
while ($res = $result->fetchRow()) {
if ($this->user_has_perm_on_object($user, $res['forumId'], 'forum', 'tiki_p_forum_read')) {
$ret[] = $res;
}
}
$result = $this->fetchAll($query,array($user),$max);
$ret = Perms::filter( array( 'type' => 'forum' ), 'object', $data, array( 'object' => 'forumId', 'creator' => 'userName' ), 'forum_read' );
return $ret;
}
......
<?php
class Category_Manipulator
{
private $objectType;
private $objectId;
private $current = array();
private $managed = array();
private $new = array();
private $prepared = false;
function __construct( $objectType, $objectId ) {
$this->objectType = $objectType;
$this->objectId = $objectId;
}
function setCurrentCategories( array $categories ) {
$this->current = $categories;
}
function setManagedCategories( array $categories ) {
$this->managed = $categories;
}
function setNewCategories( array $categories ) {
$this->new = $categories;
}
function getAddedCategories() {
if( ! $this->canModifyObject() ) {
return array();
}
$this->prepare();
$attempt = array_diff( $this->new, $this->current );
return $this->filter( $attempt, 'add_object' );
}
function getRemovedCategories() {
if( ! $this->canModifyObject() ) {
return array();
}
$this->prepare();
$attempt = array_diff( $this->current, $this->new );
return $this->filter( $attempt, 'remove_object' );
}
private function filter( $categories, $permission ) {
$out = array();
foreach( $categories as $categ ) {
$perms = Perms::get( array( 'type' => 'category', 'object' => $categ ) );
if( $perms->$permission ) {
$out[] = $categ;
}
}
return $out;
}
private function canModifyObject() {
$objectperms = Perms::get( array( 'type' => $this->objectType, 'object' => $this->objectId ) );
return $objectperms->modify_object_categories;
}
private function prepare() {
if( $this->prepared ) {
return;
}
$categories = $this->managed;
Perms::bulk( array( 'type' => 'category' ), 'object', $categories );
if( $this->managed ) {
$this->current = array_intersect( $this->current, $this->managed );
$this->new = array_intersect( $this->new, $this->new );
}
$this->prepared = true;
}
}
?>
<?php
/**
* Facade class of the permission subsystem. Once configured, the ::get()
* static method can be used to obtain accessors for specific objects.
* The accessor will contain all the rules applicable to the object.
*
* Sample usage:
* $perms = Perms::get( array(
* 'type' => 'wiki page',
* 'object' => 'HomePage',
* ) );
*
* if( $perms->view_calendar ) {
* // ...
* }