fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-08 11:11:39 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge #1311 일반 게시판의 관리자가 최고관리자의 게시물을 삭제 및 수정을 할 수있는 권한을 제어. by qw5414

Browse source 
* pr/1311:
  관리자 식별을 확실하게 할 수 있도록 개선
  일반 게시판의 관리자가 최고관리자의 게시물을 삭제 및 수정을 할 수있는 권한을 제어.
This commit is contained in:
Kijin Sung 2015-10-08 14:08:54 +09:00
commit 5dc39d2e22
8 changed files with 115 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

18
modules/board/board.view.php
View file

@ -643,6 +643,7 @@ class boardView extends board
}
$oDocumentModel = getModel('document');
$logged_info = Context::get('logged_info');
/**
* check if the category option is enabled not not
@ -652,7 +653,6 @@ class boardView extends board
// get the user group information
if(Context::get('is_logged'))
{
$logged_info = Context::get('logged_info');
$group_srls = array_keys($logged_info->group_list);
}
else
@ -686,6 +686,9 @@ class boardView extends board
$oDocument = $oDocumentModel->getDocument(0, $this->grant->manager);
$oDocument->setDocument($document_srl);
$oMemberModel = getModel('member');
$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
if($oDocument->get('module_srl') == $oDocument->get('member_srl')) $savedDoc = TRUE;
$oDocument->add('module_srl', $this->module_srl);
@ -693,6 +696,10 @@ class boardView extends board
{
return new Object(-1, 'msg_protect_content');
}
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
{
return new Object(-1, 'msg_admin_document_no_modify');
}
// if the document is not granted, then back to the password input form
$oModuleModel = getModel('module');
@ -925,6 +932,7 @@ class boardView extends board
**/
function dispBoardModifyComment()
{
$logged_info = Context::get('logged_info');
// check grant
if(!$this->grant->write_comment)
{
@ -945,6 +953,14 @@ class boardView extends board
$oCommentModel = getModel('comment');
$oComment = $oCommentModel->getComment($comment_srl, $this->grant->manager);
$oMemberModel = getModel('member');
$member_info = $oMemberModel->getMemberInfoByMemberSrl($oComment->member_srl);
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
{
return new Object(-1, 'msg_admin_comment_no_modify');
}
// if the comment is not exited, alert an error message
if(!$oComment->isExists())
{