Merge pull request #786 from conory/pr/permission

module.xml <action>에 permission 속성 추가

modules/module/conf/module.xml

@@ -1,45 +1,21 @@
 <?xml version="1.0" encoding="utf-8"?>
 <module>
 	<grants />
-	<permissions>
-		<permission action="dispModuleSelectList" target="root" />
-		<permission action="dispModuleSkinInfo" target="all-managers" />
-		<permission action="dispModuleFileBox" target="root" />
-		<permission action="dispModuleFileBoxAdd" target="root" />
-		
-		<permission action="getModuleSkinInfoList" target="root" />
-		<permission action="getFileBoxListHtml" target="root" />
-		<permission action="getModuleInfoByMenuItemSrl" target="root" />
-		<permission action="getLangListByLangcodeForAutoComplete" target="manager" />
-		
-		<permission action="procModuleFileBoxAdd" target="root" />
-		<permission action="procModuleFileBoxDelete" target="root" />
-		
-		<permission action="getModuleAdminLangCode" target="manager" />
-		<permission action="getModuleAdminLangListByName" target="manager" />
-		<permission action="getModuleAdminLangListByValue" target="manager" />
-		<permission action="getModuleAdminMultilingualHtml" target="manager" />
-		<permission action="getModuleAdminLangListHtml" target="manager" />
-		
-		<permission action="procModuleAdminInsertGrant" target="manager" check_var="module_srl" />
-		<permission action="procModuleAdminUpdateSkinInfo" target="manager" check_var="module_srl" />
-		<permission action="procModuleAdminInsertLang" target="manager" />
-	</permissions>
 	<actions>
-		<action name="dispModuleSelectList" type="view" />
-		<action name="dispModuleSkinInfo" type="view" />
-		<action name="dispModuleFileBox" type="view" />
-		<action name="dispModuleFileBoxAdd" type="view" />
+		<action name="dispModuleSelectList" type="view" permission="root" />
+		<action name="dispModuleSkinInfo" type="view" permission="all-managers" />
+		<action name="dispModuleFileBox" type="view" permission="root" />
+		<action name="dispModuleFileBoxAdd" type="view" permission="root" />
 		<action name="dispModuleChangeLang" type="mobile" />
 		
-		<action name="getModuleSkinInfoList" type="model" />
-		<action name="getFileBoxListHtml" type="model" />
-		<action name="getModuleInfoByMenuItemSrl" type="model" />
-		<action name="getLangListByLangcodeForAutoComplete" type="model" />
+		<action name="getModuleSkinInfoList" type="model" permission="root" />
+		<action name="getFileBoxListHtml" type="model" permission="root" />
+		<action name="getModuleInfoByMenuItemSrl" type="model" permission="root" />
+		<action name="getLangListByLangcodeForAutoComplete" type="model" permission="manager" />
 		<action name="getLangByLangcode" type="model" />
 		
-		<action name="procModuleFileBoxAdd" type="controller" />
-		<action name="procModuleFileBoxDelete" type="controller" />
+		<action name="procModuleFileBoxAdd" type="controller" permission="root" />
+		<action name="procModuleFileBoxDelete" type="controller" permission="root" />
 		
 		<action name="dispModuleAdminContent" type="view" menu_name="installedModule" menu_index="true" admin_index="true" />
 		<action name="dispModuleAdminCategory" type="view" menu_name="installedModule" />
@@ -54,12 +30,12 @@
 		<action name="getModuleAdminModuleList" type="model" />
 		<action name="getModuleAdminModuleInfo" type="model" />
 		<action name="getModuleAdminGrant" type="model" />
-		<action name="getModuleAdminLangCode" type="model" />
-		<action name="getModuleAdminLangListByName" type="model" />
-		<action name="getModuleAdminLangListByValue" type="model" />
+		<action name="getModuleAdminLangCode" type="model" permission="manager" />
+		<action name="getModuleAdminLangListByName" type="model" permission="manager" />
+		<action name="getModuleAdminLangListByValue" type="model" permission="manager" />
 		<action name="getModuleAdminModuleSearcherHtml" type="model" />
-		<action name="getModuleAdminMultilingualHtml" type="model" />
-		<action name="getModuleAdminLangListHtml" type="model" />
+		<action name="getModuleAdminMultilingualHtml" type="model" permission="manager" />
+		<action name="getModuleAdminLangListHtml" type="model" permission="manager" />
 		
 		<action name="procModuleAdminInsertCategory" type="controller" ruleset="insertCategory" />
 		<action name="procModuleAdminUpdateCategory" type="controller" ruleset="updateCategory" />
@@ -67,9 +43,9 @@
 		<action name="procModuleAdminModuleSetup" type="controller" ruleset="insertModuleSetup" />
 		<action name="procModuleAdminModuleGrantSetup" type="controller" ruleset="insertModulesGrant" />		
 		<action name="procModuleAdminCopyModule" type="controller" ruleset="copyModule" />
-		<action name="procModuleAdminInsertGrant" type="controller" />
-		<action name="procModuleAdminUpdateSkinInfo" type="controller" />
-		<action name="procModuleAdminInsertLang" type="controller" />
+		<action name="procModuleAdminInsertGrant" type="controller" permission="manager" check_var="module_srl" />
+		<action name="procModuleAdminUpdateSkinInfo" type="controller" permission="manager" check_var="module_srl" />
+		<action name="procModuleAdminInsertLang" type="controller" permission="manager" />
 		<action name="procModuleAdminDeleteLang" type="controller" />
 		<action name="procModuleAdminGetList" type="controller" />
 		<action name="procModuleAdminSetDesignInfo" type="controller" />

modules/module/module.model.php

@@ -848,22 +848,29 @@ class moduleModel extends module
 			{
 				if(is_array($permissions)) $permission_list = $permissions;
 				else $permission_list[] = $permissions;
-
+				
 				$buff[] = '$info->permission = new stdClass;';
-
-				$info->permission = new stdClass();
+				$buff[] = '$info->permission_check = new stdClass;';
+				
+				$info->permission = new stdClass;
+				$info->permission_check = new stdClass;
+				
 				foreach($permission_list as $permission)
 				{
 					$action = $permission->attrs->action;
 					$target = $permission->attrs->target;
-
-					$info->permission->{$action} = $target;
-					$info->permission_check->{$action}->key = $permission->attrs->check_var ?: '';
-					$info->permission_check->{$action}->type = $permission->attrs->check_type ?: '';
+					
+					$info->permission->$action = $target;
 					
 					$buff[] = sprintf('$info->permission->%s = \'%s\';', $action, $target);
-					$buff[] = sprintf('$info->permission_check->%s->key = \'%s\';', $action, $info->permission_check->{$action}->key);
-					$buff[] = sprintf('$info->permission_check->%s->type = \'%s\';', $action, $info->permission_check->{$action}->type);
+					
+					$info->permission_check->$action = new stdClass;
+					$info->permission_check->$action->key = $permission->attrs->check_var ?: '';
+					$info->permission_check->$action->type = $permission->attrs->check_type ?: '';
+					
+					$buff[] = sprintf('$info->permission_check->%s = new stdClass;', $action);
+					$buff[] = sprintf('$info->permission_check->%s->key = \'%s\';', $action, $info->permission_check->$action->key);
+					$buff[] = sprintf('$info->permission_check->%s->type = \'%s\';', $action, $info->permission_check->$action->type);
 				}
 			}
 			// for admin menus
@@ -874,6 +881,7 @@ class moduleModel extends module
 
 				$buff[] = '$info->menu = new stdClass;';
 				$info->menu = new stdClass();
+				
 				foreach($menu_list as $menu)
 				{
 					$menu_name = $menu->attrs->name;
@@ -896,20 +904,46 @@ class moduleModel extends module
 			{
 				if(is_array($actions)) $action_list = $actions;
 				else $action_list[] = $actions;
-
+				
+				if(!isset($info->permission))
+				{
+					$buff[] = '$info->permission = new stdClass;';
+					$buff[] = '$info->permission_check = new stdClass;';
+					
+					$info->permission = new stdClass;
+					$info->permission_check = new stdClass;
+				}
+				
 				$buff[] = '$info->action = new stdClass;';
 				$info->action = new stdClass();
+				
 				foreach($action_list as $action)
 				{
 					$name = $action->attrs->name;
-
+					
+					// <action permission="...">
+					if($action->attrs->permission)
+					{
+						$info->permission->$name = $action->attrs->permission;
+						
+						$buff[] = sprintf('$info->permission->%s = \'%s\';', $name, $info->permission->$name);
+						
+						$info->permission_check->$name = new stdClass;
+						$info->permission_check->$name->key = $action->attrs->check_var ?: '';
+						$info->permission_check->$name->type = $action->attrs->check_type ?: '';
+						
+						$buff[] = sprintf('$info->permission_check->%s = new stdClass;', $name);
+						$buff[] = sprintf('$info->permission_check->%s->key = \'%s\';', $name, $info->permission_check->$name->key);
+						$buff[] = sprintf('$info->permission_check->%s->type = \'%s\';', $name, $info->permission_check->$name->type);
+					}
+					
 					$type = $action->attrs->type;
 					$grant = $action->attrs->grant?$action->attrs->grant:'guest';
 					$standalone = $action->attrs->standalone=='false'?'false':'true';
 					$ruleset = $action->attrs->ruleset?$action->attrs->ruleset:'';
 					$method = $action->attrs->method?$action->attrs->method:'';
 					$check_csrf = $action->attrs->check_csrf=='false'?'false':'true';
-
+					
 					$index = $action->attrs->index;
 					$admin_index = $action->attrs->admin_index;
 					$setup_index = $action->attrs->setup_index;
@@ -1951,7 +1985,7 @@ class moduleModel extends module
 		$privilege_list = array_keys((array) $xml_info->grant);
 		
 		// Prepend default 'privilege name'
-		// is_admin, manager, is_site_admin not distinguish because of compatibility.
+		// manager, is_site_admin not distinguish because of compatibility.
 		array_unshift($privilege_list, 'access', 'is_admin', 'manager', 'is_site_admin', 'root');
 		
 		// Unique
@@ -1965,8 +1999,8 @@ class moduleModel extends module
 			{
 				$grant->{$val} = true;
 			}
-			// If a module manager, grant all (except 'root')
-			else if($is_module_admin === true && $val !== 'root')
+			// If a module manager, grant all (except 'root', 'is_admin')
+			else if($is_module_admin === true && $val !== 'root' && $val !== 'is_admin')
 			{
 				$grant->{$val} = true;
 			}