fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-26 05:42:13 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge #1311 일반 게시판의 관리자가 최고관리자의 게시물을 삭제 및 수정을 할 수있는 권한을 제어. by qw5414

Browse source 
* pr/1311:
  관리자 식별을 확실하게 할 수 있도록 개선
  일반 게시판의 관리자가 최고관리자의 게시물을 삭제 및 수정을 할 수있는 권한을 제어.
This commit is contained in:
Kijin Sung 2015-10-08 14:08:54 +09:00
commit 5dc39d2e22
8 changed files with 115 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

17
modules/document/document.admin.controller.php
View file

@ -79,6 +79,13 @@ class documentAdminController extends document
$oDocument = $oDocumentModel->getDocument($document_srl);
if(!$oDocument->isExists()) continue;
$oMemberModel = getModel('member');
$logged_info = Context::get('logged_info');
$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
{
return new Object();
}
$source_category_srl = $oDocument->get('category_srl');
unset($obj);
@ -727,13 +734,21 @@ class documentAdminController extends document
*/
function procDocumentAdminMoveToTrash()
{
$logged_info = Context::get('logged_info');
$document_srl = Context::get('document_srl');
$oDocumentModel = getModel('document');
$oDocumentController = getController('document');
$oDocument = $oDocumentModel->getDocument($document_srl, false, false);
if(!$oDocument->isGranted()) return $this->stop('msg_not_permitted');
$oMemberModel = getModel('member');
$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
{
return new Object(-1, 'msg_admin_document_no_move_to_trash');
}
$oModuleModel = getModel('module');
$module_info = $oModuleModel->getModuleInfoByDocumentSrl($document_srl);

21
modules/document/document.controller.php
View file

@ -366,6 +366,8 @@ class documentController extends document
}
if(!$source_obj->document_srl || !$obj->document_srl) return new Object(-1,'msg_invalied_request');
if(!$obj->status && $obj->is_secret == 'Y') $obj->status = 'SECRET';
if(!$obj->status) $obj->status = 'PUBLIC';
@ -617,6 +619,16 @@ class documentController extends document
}
else if($isEmptyTrash && $oDocument == null) return new Object(-1, 'document is not exists');
$oMemberModel = getModel('member');
$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
$logged_info = Context::get('logged_info');
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
{
return new Object(-1, 'msg_document_is_admin_not_permitted');
}
if(!$oDocument->isExists() || $oDocument->document_srl != $document_srl) return new Object(-1, 'msg_invalid_document');
// Check if a permossion is granted
if(!$oDocument->isGranted()) return new Object(-1, 'msg_not_permitted');
@ -717,6 +729,7 @@ class documentController extends document
*/
function moveDocumentToTrash($obj)
{
$logged_info = Context::get('logged_info');
$trash_args = new stdClass();
// Get trash_srl if a given trash_srl doesn't exist
if(!$obj->trash_srl) $trash_args->trash_srl = getNextSequence();
@ -725,6 +738,14 @@ class documentController extends document
$oDocumentModel = getModel('document');
$oDocument = $oDocumentModel->getDocument($obj->document_srl);
$oMemberModel = getModel('member');
$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
{
return new Object(-1, 'msg_admin_document_no_move_to_trash');
}
$trash_args->module_srl = $oDocument->get('module_srl');
$obj->module_srl = $oDocument->get('module_srl');
// Cannot throw data from the trash to the trash

7
modules/document/lang/lang.xml
View file

@ -327,6 +327,10 @@
<value xml:lang="tr"><![CDATA[%d makale silinmiştir]]></value>
<value xml:lang="vi"><![CDATA[%d bài viết đã được xóa.]]></value>
</item>
<item name="msg_document_is_admin_not_permitted">
<value xml:lang="ko"><![CDATA[최고관리자의 게시글을 지울 권한이 없습니다.]]></value>
<value xml:lang="en"><![CDATA[You don't have permission to delete the posts of Top Admin.]]></value>
</item>
<item name="move_target_module">
<value xml:lang="ko"><![CDATA[대상 페이지]]></value>
<value xml:lang="en"><![CDATA[Target module ]]></value>
@ -874,4 +878,7 @@
<value xml:lang="jp"><![CDATA[タイトルがないドキュメントです。]]></value>
<value xml:lang="zh-TW"><![CDATA[此文章無標題。]]></value>
</item>
<item name="msg_admin_document_no_move_to_trash">
<value xml:lang="ko"><![CDATA[최고관리자의 게시물을 휴지통으로 이동시킬 권한이 없습니다.]]></value>
</item>
</lang>