From 3925c24487fca6f2cff52073173aa95d35972042 Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Thu, 30 Dec 2021 23:55:10 +0900
Subject: [PATCH] Add option to disable admin content protection
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

최고관리자의 글을 게시판 관리자가 수정/삭제하지 못하도록 하는 기능은
게시판을 위키 등 협업 용도로 사용하는 경우 불편을 유발할 수 있으므로
옵션으로 켜고 끌 수 있도록 합니다. 기본값은 수정/삭제 금지입니다.
---
 modules/board/board.admin.controller.php |  4 ++-
 modules/board/board.controller.php       | 36 +++++++++++++++++----
 modules/board/board.view.php             | 41 +++++++++++++++++++-----
 modules/board/lang/en.php                |  2 ++
 modules/board/lang/ko.php                |  2 ++
 modules/board/tpl/board_insert.html      |  8 +++++
 modules/comment/comment.controller.php   | 31 +++++++++---------
 modules/comment/comment.model.php        |  2 +-
 modules/document/document.controller.php |  5 ---
 9 files changed, 95 insertions(+), 36 deletions(-)

diff --git a/modules/board/board.admin.controller.php b/modules/board/board.admin.controller.php
index c9b824c10..457a359e9 100644
--- a/modules/board/board.admin.controller.php
+++ b/modules/board/board.admin.controller.php
@@ -58,7 +58,9 @@ class boardAdminController extends board {
 		if($args->skip_bottom_list_for_robot != 'Y') $args->skip_bottom_list_for_robot = 'N';
 		if($args->use_anonymous != 'Y') $args->use_anonymous = 'N';
 		if($args->consultation != 'Y') $args->consultation = 'N';
-		if($args->protect_content!= 'Y') $args->protect_content = 'N';
+		if($args->protect_content != 'Y') $args->protect_content = 'N';
+		if($args->protect_admin_content_update != 'Y') $args->protect_admin_content_update = 'N';
+		if($args->protect_admin_content_delete != 'Y') $args->protect_admin_content_delete = 'N';
 		if(!in_array($args->order_target,$this->order_target) && !array_key_exists($args->order_target, $extra_order_target)) $args->order_target = 'list_order';
 		if(!in_array($args->order_type, array('asc', 'desc'))) $args->order_type = 'asc';
 		
diff --git a/modules/board/board.controller.php b/modules/board/board.controller.php
index 0664b9a29..2593f8b2c 100644
--- a/modules/board/board.controller.php
+++ b/modules/board/board.controller.php
@@ -127,10 +127,13 @@ class boardController extends board
 			}
 			
 			// Protect admin document
-			$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
-			if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+			if ($this->module_info->protect_admin_content_update !== 'N')
 			{
-				throw new Rhymix\Framework\Exception('msg_admin_document_no_modify');
+				$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
+				if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+				{
+					throw new Rhymix\Framework\Exception('msg_admin_document_no_modify');
+				}
 			}
 			
 			// if document status is temp
@@ -327,6 +330,15 @@ class boardController extends board
 			}
 		}
 
+		if ($this->module_info->protect_admin_content_delete !== 'N' && $this->user->is_admin !== 'Y')
+		{
+			$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
+			if($member_info->is_admin === 'Y')
+			{
+				return new BaseObject(-1, 'document.msg_document_is_admin_not_permitted');
+			}
+		}
+
 		if($this->module_info->protect_document_regdate > 0 && $this->grant->manager == false)
 		{
 			if($oDocument->get('regdate') < date('YmdHis', strtotime('-'.$this->module_info->protect_document_regdate.' day')))
@@ -473,10 +485,13 @@ class boardController extends board
 			}
 		}
 
-		$member_info = MemberModel::getMemberInfo($comment->member_srl);
-		if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+		if ($this->module_info->protect_admin_content_update !== 'N')
 		{
-			throw new Rhymix\Framework\Exception('msg_admin_comment_no_modify');
+			$member_info = MemberModel::getMemberInfo($comment->member_srl);
+			if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+			{
+				throw new Rhymix\Framework\Exception('msg_admin_comment_no_modify');
+			}
 		}
 
 		// INSERT if comment_srl does not exist.
@@ -582,6 +597,15 @@ class boardController extends board
 			}
 		}
 		
+		if ($this->module_info->protect_admin_content_delete !== 'N' && $this->user->is_admin !== 'Y')
+		{
+			$member_info = MemberModel::getMemberInfo($comment->get('member_srl'));
+			if($member_info->is_admin === 'Y')
+			{
+				return new BaseObject(-1, 'comment.msg_admin_comment_no_delete');
+			}
+		}
+
 		if($this->module_info->protect_comment_regdate > 0 && $this->grant->manager == false)
 		{
 			if($comment->get('regdate') < date('YmdHis', strtotime('-'.$this->module_info->protect_document_regdate.' day')))
diff --git a/modules/board/board.view.php b/modules/board/board.view.php
index 8a465b70f..1ecf65c89 100644
--- a/modules/board/board.view.php
+++ b/modules/board/board.view.php
@@ -863,10 +863,13 @@ class boardView extends board
 				}
 			}
 			
-			$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
-			if($member_info->is_admin == 'Y' && $this->user->is_admin != 'Y')
+			if ($this->module_info->protect_admin_content_update !== 'N')
 			{
-				throw new Rhymix\Framework\Exception('msg_admin_document_no_modify');
+				$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
+				if($member_info->is_admin == 'Y' && $this->user->is_admin != 'Y')
+				{
+					throw new Rhymix\Framework\Exception('msg_admin_document_no_modify');
+				}
 			}
 		}
 
@@ -1003,6 +1006,15 @@ class boardView extends board
 			}
 		}
 
+		if ($this->module_info->protect_admin_content_delete !== 'N')
+		{
+			$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
+			if($member_info->is_admin == 'Y' && $this->user->is_admin != 'Y')
+			{
+				throw new Rhymix\Framework\Exception('document.msg_document_is_admin_not_permitted');
+			}
+		}
+
 		Context::set('oDocument',$oDocument);
 
 		/**
@@ -1120,7 +1132,6 @@ class boardView extends board
 	 **/
 	function dispBoardModifyComment()
 	{
-		$logged_info = Context::get('logged_info');
 		// check grant
 		if(!$this->grant->write_comment)
 		{
@@ -1170,12 +1181,16 @@ class boardView extends board
 			}
 		}
 
-		$member_info = MemberModel::getMemberInfo($oComment->member_srl);
-		if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+		$logged_info = Context::get('logged_info');
+		if ($this->module_info->protect_admin_content_update !== 'N' && $logged_info->is_admin !== 'Y' && $logged_info->member_srl !== $oComment->member_srl)
 		{
-			throw new Rhymix\Framework\Exception('msg_admin_comment_no_modify');
+			$member_info = MemberModel::getMemberInfo($oComment->member_srl);
+			if($member_info->is_admin === 'Y')
+			{
+				throw new Rhymix\Framework\Exception('msg_admin_comment_no_modify');
+			}
 		}
-
+		
 		// setup the comment variables on context
 		Context::set('oSourceComment', CommentModel::getComment());
 		Context::set('oComment', $oComment);
@@ -1227,6 +1242,16 @@ class boardView extends board
 			}
 		}
 
+		$logged_info = Context::get('logged_info');
+		if ($this->module_info->protect_admin_content_delete !== 'N' && $logged_info->is_admin !== 'Y' && $logged_info->member_srl !== $oComment->member_srl)
+		{
+			$member_info = MemberModel::getMemberInfo($oComment->member_srl);
+			if($member_info->is_admin === 'Y')
+			{
+				throw new Rhymix\Framework\Exception('msg_admin_comment_no_delete');
+			}
+		}
+		
 		// if the comment is not existed, then back to the board content page
 		if(!$oComment->isExists() )
 		{
diff --git a/modules/board/lang/en.php b/modules/board/lang/en.php
index 8d5a97631..8b2c7bd9a 100644
--- a/modules/board/lang/en.php
+++ b/modules/board/lang/en.php
@@ -56,6 +56,7 @@ $lang->allow_no_category = 'Do not require category';
 $lang->about_allow_no_category = 'Allow users to write documents without selecting a category.';
 $lang->protect_content = 'Protect Content';
 $lang->protect_comment = 'Protect Comment';
+$lang->protect_admin_content = 'Protect Admin Content';
 $lang->protect_regdate = 'Update/Delete Time Limit';
 $lang->cancel_vote = 'Vote Cancellation';
 $lang->filter_specialchars = 'Block Abuse of Unicode Symbols';
@@ -73,6 +74,7 @@ $lang->about_document_force_to_move = 'When a document is deleted, move to Trash
 $lang->about_non_login_vote = 'Allow users who are not logged in to vote on articles.';
 $lang->about_protect_regdate = 'Prevent updating or deleting a document or comment after a certain amount of time has passed. (Unit: day)';
 $lang->about_protect_content = 'Prevent updating a document if there are comments on it.';
+$lang->about_protect_admin_content = 'Prevent updating or deleting a document or comment written by the administrator, even by a user who is permitted to manage the board.';
 $lang->msg_protect_delete_content = 'You cannot delete a document with comments on it.';
 $lang->msg_protect_update_content = 'You cannot update a document with comments on it.';
 $lang->msg_admin_document_no_modify = 'You cannot edit the administrator\'s document.';
diff --git a/modules/board/lang/ko.php b/modules/board/lang/ko.php
index 4e42d86d9..e4dc36217 100644
--- a/modules/board/lang/ko.php
+++ b/modules/board/lang/ko.php
@@ -57,6 +57,7 @@ $lang->allow_no_category = '미분류 허용';
 $lang->about_allow_no_category = '분류를 선택하지 않은 글도 허용하려면 체크하세요.';
 $lang->protect_content = '글 보호 기능';
 $lang->protect_comment = '댓글 보호 기능';
+$lang->protect_admin_content = '최고관리자 보호 기능';
 $lang->protect_regdate = '기간 제한 기능';
 $lang->cancel_vote = '추천/비추천/신고 취소 허용';
 $lang->filter_specialchars = '유니코드 특수문자 오남용 금지';
@@ -72,6 +73,7 @@ $lang->about_filter_specialchars = '가독성에 악영향을 주는 과도한 
 $lang->about_non_login_vote = '로그인하지 않은 방문자도 추천할 수 있도록 합니다.';
 $lang->about_protect_regdate = '글이나 댓글을 작성한 후 일정 기간이 지나면 수정 또는 삭제할 수 없도록 합니다. (단위 : day)';
 $lang->about_protect_content = '댓글이 달린 글은 수정 또는 삭제할 수 없도록 합니다.';
+$lang->about_protect_admin_content = '최고관리자가 작성한 글이나 댓글은 게시판 관리 권한이 있는 회원이라도 수정 또는 삭제할 수 없도록 합니다.';
 $lang->msg_protect_delete_content = '댓글이 달린 글은 삭제할 수 없습니다.';
 $lang->msg_protect_update_content = '댓글이 달린 글은 수정할 수 없습니다.';
 $lang->msg_admin_document_no_modify = '최고관리자의 게시물을 수정할 권한이 없습니다.';
diff --git a/modules/board/tpl/board_insert.html b/modules/board/tpl/board_insert.html
index 3e48b35c9..a79709df1 100644
--- a/modules/board/tpl/board_insert.html
+++ b/modules/board/tpl/board_insert.html
@@ -358,6 +358,14 @@
 				<p>{$lang->about_protect_comment}</p>
 			</div>
 		</div>
+		<div class="x_control-group">
+			<label class="x_control-label">{$lang->protect_admin_content}</label>
+			<div class="x_controls">
+				<label class="x_inline" for="protect_admin_content_delete"><input type="checkbox" name="protect_admin_content_delete" id="protect_admin_content_delete" value="Y" checked="checked"|cond="$module_info->protect_admin_content_delete !== 'N'" /> {$lang->cmd_delete}</label>
+				<label class="x_inline" for="protect_admin_content_update"><input type="checkbox" name="protect_admin_content_update" id="protect_admin_content_update" value="Y" checked="checked"|cond="$module_info->protect_admin_content_update !== 'N'" /> {$lang->cmd_modify}</label>
+				<p>{$lang->about_protect_admin_content}</p>
+			</div>
+		</div>
 		<div class="x_control-group">
 			<label class="x_control-label">{$lang->protect_regdate}</label>
 			<div class="x_controls">
diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php
index ed23b3783..bcdeafb96 100644
--- a/modules/comment/comment.controller.php
+++ b/modules/comment/comment.controller.php
@@ -1045,8 +1045,6 @@ class commentController extends comment
 	 */
 	function deleteComment($comment_srl, $is_admin = FALSE, $isMoveToTrash = FALSE, $childs = null)
 	{
-		$logged_info = Context::get('logged_info');
-
 		// check if comment already exists
 		$comment = CommentModel::getComment($comment_srl);
 		if(!$comment->isExists())
@@ -1058,8 +1056,10 @@ class commentController extends comment
 			return new BaseObject(-1, 'msg_not_permitted');
 		}
 
-		$member_info = MemberModel::getMemberInfo($comment->member_srl);
-		$document_srl = $comment->document_srl;
+		$logged_info = Context::get('logged_info');
+		$member_info = MemberModel::getMemberInfo($comment->get('member_srl'));
+		$module_info = ModuleModel::getModuleInfo($comment->get('module_srl'));
+		$document_srl = $comment->get('document_srl');
 
 		// call a trigger (before)
 		$comment->isMoveToTrash = $isMoveToTrash ? true : false;
@@ -1080,7 +1080,6 @@ class commentController extends comment
 			$deleteAdminComment = TRUE;
 			if(!$is_admin)
 			{
-				$logged_info = Context::get('logged_info');
 				foreach($childs as $val)
 				{
 					if($val->member_srl != $logged_info->member_srl)
@@ -1092,14 +1091,16 @@ class commentController extends comment
 			}
 			else if($is_admin)
 			{
-				$logged_info = Context::get('logged_info');
 				foreach($childs as $val)
 				{
-					$c_member_info = MemberModel::getMemberInfoByMemberSrl($val->member_srl);
-					if($c_member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+					if ($module_info->protect_admin_content_delete !== 'N' && $logged_info->is_admin !== 'Y')
 					{
-						$deleteAdminComment = FALSE;
-						break;
+						$c_member_info = MemberModel::getMemberInfoByMemberSrl($val->member_srl);
+						if($c_member_info->is_admin == 'Y')
+						{
+							$deleteAdminComment = FALSE;
+							break;
+						}
 					}
 				}
 			}
@@ -1125,10 +1126,6 @@ class commentController extends comment
 			}
 		}
 
-		if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
-		{
-			return new BaseObject(-1, 'msg_admin_comment_no_delete');
-		}
 		// begin transaction
 		$oDB = DB::getInstance();
 		$oDB->begin();
@@ -1208,7 +1205,11 @@ class commentController extends comment
 		{
 			return new BaseObject(-1, 'msg_not_permitted');
 		}
-		if($this->user->is_admin !== 'Y')
+		
+		$logged_info = Context::get('logged_info');
+		$module_info = ModuleModel::getModuleInfo($oComment->get('module_srl'));
+		
+		if ($module_info->protect_admin_content_delete !== 'N' && $logged_info->is_admin !== 'Y')
 		{
 			$member_info = MemberModel::getMemberInfo($oComment->get('member_srl'));
 			if($member_info->is_admin === 'Y')
diff --git a/modules/comment/comment.model.php b/modules/comment/comment.model.php
index c7460ca59..f63a4efb3 100644
--- a/modules/comment/comment.model.php
+++ b/modules/comment/comment.model.php
@@ -137,7 +137,7 @@ class commentModel extends comment
 	/**
 	 * Returns the number of child comments
 	 * @param int $comment_srl
-	 * @return int
+	 * @return array
 	 */
 	public static function getChildComments($comment_srl)
 	{
diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php
index 86768be18..868528ad8 100644
--- a/modules/document/document.controller.php
+++ b/modules/document/document.controller.php
@@ -1107,11 +1107,6 @@ class documentController extends document
 		{
 			return new BaseObject(-1, 'msg_not_permitted');
 		}
-		$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
-		if($member_info->is_admin === 'Y' && $this->user->is_admin !== 'Y')
-		{
-			return new BaseObject(-1, 'msg_document_is_admin_not_permitted');
-		}
 
 		//if empty trash, document already deleted, therefore document not delete
 		$args = new stdClass();