일반 게시판의 관리자가 최고관리자의 게시물을 삭제 및 수정을 할 수있는 권한을 제어.

modules/board/board.controller.php

@@ -67,6 +67,13 @@ class boardController extends board
 			$is_update = true;
 		}
 
+		$oMemberModel = getModel('member');
+		$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
+		if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+		{
+			return new Object(-1, 'msg_admin_document_no_modify');
+		}
+
 		// if use anonymous is true
 		if($this->module_info->use_anonymous == 'Y')
 		{
@@ -289,6 +296,14 @@ class boardController extends board
 			$comment = $oCommentModel->getComment($obj->comment_srl, $this->grant->manager);
 		}
 
+		$oMemberModel = getModel('member');
+		$member_info = $oMemberModel->getMemberInfoByMemberSrl($comment->member_srl);
+
+		if($member_info->is_admin == 'Y' && $logged_info->is_admin == 'N')
+		{
+			return new Object(-1, 'msg_admin_comment_no_modify');
+		}
+
 		// if comment_srl is not existed, then insert the comment
 		if($comment->comment_srl != $obj->comment_srl)
 		{

modules/board/board.view.php

@@ -633,6 +633,7 @@ class boardView extends board
 		}
 
 		$oDocumentModel = getModel('document');
+		$logged_info = Context::get('logged_info');
 
 		/**
 		 * check if the category option is enabled not not
@@ -642,7 +643,6 @@ class boardView extends board
 			// get the user group information
 			if(Context::get('is_logged'))
 			{
-				$logged_info = Context::get('logged_info');
 				$group_srls = array_keys($logged_info->group_list);
 			}
 			else
@@ -676,6 +676,9 @@ class boardView extends board
 		$oDocument = $oDocumentModel->getDocument(0, $this->grant->manager);
 		$oDocument->setDocument($document_srl);
 
+		$oMemberModel = getModel('member');
+		$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
+
 		if($oDocument->get('module_srl') == $oDocument->get('member_srl')) $savedDoc = TRUE;
 		$oDocument->add('module_srl', $this->module_srl);
 
@@ -683,6 +686,10 @@ class boardView extends board
 		{
 			return new Object(-1, 'msg_protect_content');
 		}
+		if($member_info->is_admin == 'Y' && $logged_info->is_admin == 'N')
+		{
+			return new Object(-1, 'msg_admin_document_no_modify');
+		}
 
 		// if the document is not granted, then back to the password input form
 		$oModuleModel = getModel('module');
@@ -915,6 +922,7 @@ class boardView extends board
 	 **/
 	function dispBoardModifyComment()
 	{
+		$logged_info = Context::get('logged_info');
 		// check grant
 		if(!$this->grant->write_comment)
 		{
@@ -935,6 +943,14 @@ class boardView extends board
 		$oCommentModel = getModel('comment');
 		$oComment = $oCommentModel->getComment($comment_srl, $this->grant->manager);
 
+		$oMemberModel = getModel('member');
+		$member_info = $oMemberModel->getMemberInfoByMemberSrl($oComment->member_srl);
+
+		if($member_info->is_admin == 'Y' && $logged_info->is_admin == 'N')
+		{
+			return new Object(-1, 'msg_admin_comment_no_modify');
+		}
+
 		// if the comment is not exited, alert an error message
 		if(!$oComment->isExists())
 		{

modules/board/lang/lang.xml

@@ -375,4 +375,10 @@
 		<value xml:lang="en"><![CDATA[You cannot modify or delete document which has any comment on it.]]></value>
 		<value xml:lang="jp"><![CDATA[コメントが登録された書き込みは修正、または削除が禁止されています。]]></value>
 	</item>
+	<item name="msg_admin_document_no_modify">
+		<value xml:lang="ko"><![CDATA[최고관리자의 게시물을 수정할 권한이 없습니다.]]></value>
+	</item>
+	<item name="msg_admin_comment_no_modify">
+		<value xml:lang="ko"><![CDATA[최고관리자의 댓글을 수정할 권한이 없습니다.]]></value>
+	</item>
 </lang>

modules/comment/comment.controller.php

@@ -779,6 +779,8 @@ class commentController extends comment
 		// create the comment model object
 		$oCommentModel = getModel('comment');
 
+		$logged_info = Context::get('logged_info');
+
 		// check if comment already exists
 		$comment = $oCommentModel->getComment($comment_srl);
 		if($comment->comment_srl != $comment_srl)
@@ -786,6 +788,9 @@ class commentController extends comment
 			return new Object(-1, 'msg_invalid_request');
 		}
 
+		$oMemberModel = getModel('member');
+		$member_info = $oMemberModel->getMemberInfoByMemberSrl($comment->member_srl);
+
 		$document_srl = $comment->document_srl;
 
 		// call a trigger (before)
@@ -806,6 +811,7 @@ class commentController extends comment
 		if(count($childs) > 0)
 		{
 			$deleteAllComment = TRUE;
+			$deleteAdminComment = TRUE;
 			if(!$is_admin)
 			{
 				$logged_info = Context::get('logged_info');
@@ -818,11 +824,28 @@ class commentController extends comment
 					}
 				}
 			}
+			else if($is_admin)
+			{
+				$logged_info = Context::get('logged_info');
+				foreach($childs as $val)
+				{
+					$c_member_info = $oMemberModel->getMemberInfoByMemberSrl($val->member_srl);
+					if($c_member_info->is_admin == 'Y' && $logged_info->is_admin == 'N')
+					{
+						$deleteAdminComment = FALSE;
+						break;
+					}
+				}
+			}
 
 			if(!$deleteAllComment)
 			{
 				return new Object(-1, 'fail_to_delete_have_children');
 			}
+			elseif(!$deleteAdminComment)
+			{
+				return new Object(-1, 'msg_admin_c_comment_no_delete');
+			}
 			else
 			{
 				foreach($childs as $val)
@@ -836,6 +859,10 @@ class commentController extends comment
 			}
 		}
 
+		if($member_info->is_admin == 'Y' && $logged_info->is_admin == 'N')
+		{
+			return new Object(-1, 'msg_admin_comment_no_delete');
+		}
 		// begin transaction
 		$oDB = DB::getInstance();
 		$oDB->begin();

modules/comment/lang/lang.xml

@@ -312,4 +312,10 @@
 		<value xml:lang="en"><![CDATA[There are no selected comment.]]></value>
 		<value xml:lang="jp"><![CDATA[選択したコメントがありません。]]></value>
 	</item>
+	<item name="msg_admin_comment_no_delete">
+		<value xml:lang="ko"><![CDATA[최고관리자의 댓글을 삭제 할 수 없습니다.]]></value>
+	</item>
+	<item name="msg_admin_c_comment_no_delete">
+		<value xml:lang="ko"><![CDATA[이 댓글에 최고관리자의 댓글이 있어 삭제할 수 없습니다.]]></value>
+	</item>
 </lang>

modules/document/document.admin.controller.php

@@ -79,6 +79,13 @@ class documentAdminController extends document
 			$oDocument = $oDocumentModel->getDocument($document_srl);
 			if(!$oDocument->isExists()) continue;
 
+			$oMemberModel = getModel('member');
+			$logged_info = Context::get('logged_info');
+			$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
+			if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+			{
+				return new Object();
+			}
 			$source_category_srl = $oDocument->get('category_srl');
 
 			unset($obj);
@@ -727,6 +734,7 @@ class documentAdminController extends document
 	  */
 	function procDocumentAdminMoveToTrash()
 	{
+		$logged_info = Context::get('logged_info');
 		$document_srl = Context::get('document_srl');
 
 		$oDocumentModel = getModel('document');
@@ -734,6 +742,13 @@ class documentAdminController extends document
 		$oDocument = $oDocumentModel->getDocument($document_srl, false, false);
 		if(!$oDocument->isGranted()) return $this->stop('msg_not_permitted');
 
+		$oMemberModel = getModel('member');
+		$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
+		if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+		{
+			return new Object(-1, 'msg_admin_document_no_move_to_trash');
+		}
+
 		$oModuleModel = getModel('module');
 		$module_info = $oModuleModel->getModuleInfoByDocumentSrl($document_srl);
 

modules/document/document.controller.php

@@ -358,6 +358,8 @@ class documentController extends document
 		}
 
 		if(!$source_obj->document_srl || !$obj->document_srl) return new Object(-1,'msg_invalied_request');
+
+
 		if(!$obj->status && $obj->is_secret == 'Y') $obj->status = 'SECRET';
 		if(!$obj->status) $obj->status = 'PUBLIC';
 
@@ -606,6 +608,16 @@ class documentController extends document
 		}
 		else if($isEmptyTrash && $oDocument == null) return new Object(-1, 'document is not exists');
 
+		$oMemberModel = getModel('member');
+		$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
+		$logged_info = Context::get('logged_info');
+
+		if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+		{
+			return new Object(-1, 'msg_document_is_admin_not_permitted');
+		}
+
+
 		if(!$oDocument->isExists() || $oDocument->document_srl != $document_srl) return new Object(-1, 'msg_invalid_document');
 		// Check if a permossion is granted
 		if(!$oDocument->isGranted()) return new Object(-1, 'msg_not_permitted');
@@ -706,6 +718,7 @@ class documentController extends document
 	 */
 	function moveDocumentToTrash($obj)
 	{
+		$logged_info = Context::get('logged_info');
 		$trash_args = new stdClass();
 		// Get trash_srl if a given trash_srl doesn't exist
 		if(!$obj->trash_srl) $trash_args->trash_srl = getNextSequence();
@@ -714,6 +727,14 @@ class documentController extends document
 		$oDocumentModel = getModel('document');
 		$oDocument = $oDocumentModel->getDocument($obj->document_srl);
 
+		$oMemberModel = getModel('member');
+		$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
+		if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
+		{
+			return new Object(-1, 'msg_admin_document_no_move_to_trash');
+		}
+
+
 		$trash_args->module_srl = $oDocument->get('module_srl');
 		$obj->module_srl = $oDocument->get('module_srl');
 		// Cannot throw data from the trash to the trash

modules/document/lang/lang.xml

@@ -327,6 +327,10 @@
 		<value xml:lang="tr"><![CDATA[%d makale silinmiştir]]></value>
 		<value xml:lang="vi"><![CDATA[%d bài viết đã được xóa.]]></value>
 	</item>
+	<item name="msg_document_is_admin_not_permitted">
+		<value xml:lang="ko"><![CDATA[최고관리자의 게시글을 지울 권한이 없습니다.]]></value>
+		<value xml:lang="en"><![CDATA[You don't have permission to delete the posts of Top Admin.]]></value>
+	</item>
 	<item name="move_target_module">
 		<value xml:lang="ko"><![CDATA[대상 페이지]]></value>
 		<value xml:lang="en"><![CDATA[Target module ]]></value>
@@ -874,4 +878,7 @@
 		<value xml:lang="jp"><![CDATA[タイトルがないドキュメントです。]]></value>
 		<value xml:lang="zh-TW"><![CDATA[此文章無標題。]]></value>
 	</item>
+	<item name="msg_admin_document_no_move_to_trash">
+		<value xml:lang="ko"><![CDATA[최고관리자의 게시물을 휴지통으로 이동시킬 권한이 없습니다.]]></value>
+	</item>
 </lang>