mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-03 16:51:40 +09:00
Allow users to edit existing documents, even if they belong in categories they don't have permission to write in anymore
This commit is contained in:
Kijin Sung
parent
b119578209
commit
e676949669
5 changed files with 77 additions and 82 deletions
|
|
@ -71,33 +71,15 @@ class BoardController extends Board
|
|||
}
|
||||
|
||||
// Check category
|
||||
$category_list = DocumentModel::getCategoryList($this->module_srl);
|
||||
if (count($category_list) > 0)
|
||||
if (!$obj->category_srl && !$this->grant->manager && $this->module_info->allow_no_category !== 'Y')
|
||||
{
|
||||
if ($obj->category_srl)
|
||||
$category_list = DocumentModel::getCategoryList($this->module_srl);
|
||||
if (count($category_list) > 0)
|
||||
{
|
||||
if (isset($category_list[$obj->category_srl]))
|
||||
{
|
||||
if (!$category_list[$obj->category_srl]->grant)
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_permitted');
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$obj->category_srl = 0;
|
||||
}
|
||||
}
|
||||
if (!$obj->category_srl && $this->module_info->allow_no_category !== 'Y')
|
||||
{
|
||||
if (!$this->grant->manager)
|
||||
{
|
||||
return new BaseObject(-1, sprintf(lang('common.filter.isnull'), lang('common.category')));
|
||||
}
|
||||
return new BaseObject(-1, sprintf(lang('common.filter.isnull'), lang('common.category')));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// unset document style if not manager
|
||||
if(!$this->grant->manager)
|
||||
{
|
||||
|
|
@ -134,7 +116,6 @@ class BoardController extends Board
|
|||
|
||||
$manual = false;
|
||||
$logged_info = Context::get('logged_info');
|
||||
|
||||
$oDocument = DocumentModel::getDocument($obj->document_srl);
|
||||
|
||||
// Set anonymous information when insert mode or status is temp
|
||||
|
|
|
|||
|
|
@ -859,60 +859,6 @@ class BoardView extends Board
|
|||
// Fix any missing module configurations
|
||||
BoardModel::fixModuleConfig($this->module_info);
|
||||
|
||||
/**
|
||||
* check if the category option is enabled not not
|
||||
*/
|
||||
if ($this->module_info->use_category === 'Y')
|
||||
{
|
||||
// get the user group information
|
||||
if(Context::get('is_logged'))
|
||||
{
|
||||
$group_srls = array_keys($this->user->group_list);
|
||||
}
|
||||
else
|
||||
{
|
||||
$group_srls = array();
|
||||
}
|
||||
|
||||
// check the grant after obtained the category list
|
||||
$category_list = array();
|
||||
$normal_category_list = DocumentModel::getCategoryList($this->module_srl);
|
||||
if(count($normal_category_list))
|
||||
{
|
||||
foreach($normal_category_list as $category_srl => $category)
|
||||
{
|
||||
$is_granted = TRUE;
|
||||
if(isset($category->group_srls) && $category->group_srls)
|
||||
{
|
||||
$category_group_srls = explode(',',$category->group_srls);
|
||||
$is_granted = FALSE;
|
||||
if(count(array_intersect($group_srls, $category_group_srls))) $is_granted = TRUE;
|
||||
|
||||
}
|
||||
if($is_granted) $category_list[$category_srl] = $category;
|
||||
}
|
||||
}
|
||||
|
||||
// check if at least one category is granted
|
||||
$grant_exists = false;
|
||||
foreach ($category_list as $category)
|
||||
{
|
||||
if ($category->grant)
|
||||
{
|
||||
$grant_exists = true;
|
||||
}
|
||||
}
|
||||
if ($grant_exists)
|
||||
{
|
||||
Context::set('category_list', $category_list);
|
||||
}
|
||||
else
|
||||
{
|
||||
$this->module_info->use_category = 'N';
|
||||
Context::set('category_list', array());
|
||||
}
|
||||
}
|
||||
|
||||
// GET parameter document_srl from request
|
||||
$document_srl = Context::get('document_srl');
|
||||
$oDocument = DocumentModel::getDocument(0);
|
||||
|
|
@ -988,12 +934,70 @@ class BoardView extends Board
|
|||
}
|
||||
}
|
||||
}
|
||||
if(!$oDocument->get('status')) $oDocument->add('status', DocumentModel::getDefaultStatus());
|
||||
|
||||
$statusList = $this->_getStatusNameList();
|
||||
if(count($statusList) > 0) Context::set('status_list', $statusList);
|
||||
if (count($statusList) > 0)
|
||||
{
|
||||
Context::set('status_list', $statusList);
|
||||
}
|
||||
if (!$oDocument->get('status'))
|
||||
{
|
||||
$oDocument->add('status', DocumentModel::getDefaultStatus());
|
||||
}
|
||||
|
||||
// get Document status config value
|
||||
// Check category grants
|
||||
if ($this->module_info->use_category === 'Y')
|
||||
{
|
||||
$category_list = array();
|
||||
$normal_category_list = DocumentModel::getCategoryList($this->module_srl);
|
||||
$group_srls = $this->user->group_list ?? [];
|
||||
if(count($normal_category_list))
|
||||
{
|
||||
foreach ($normal_category_list as $category_srl => $category)
|
||||
{
|
||||
$is_granted = true;
|
||||
if (isset($category->group_srls) && $category->group_srls)
|
||||
{
|
||||
$category_group_srls = explode(',', $category->group_srls);
|
||||
$is_granted = false;
|
||||
if (count(array_intersect($group_srls, $category_group_srls)))
|
||||
{
|
||||
$is_granted = true;
|
||||
}
|
||||
}
|
||||
if ($oDocument->isExists() && $oDocument->get('category_srl') == $category_srl)
|
||||
{
|
||||
$category->grant = true;
|
||||
$is_granted = true;
|
||||
}
|
||||
if ($is_granted)
|
||||
{
|
||||
$category_list[$category_srl] = $category;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// check if at least one category is granted
|
||||
$grant_exists = false;
|
||||
foreach ($category_list as $category)
|
||||
{
|
||||
if ($category->grant)
|
||||
{
|
||||
$grant_exists = true;
|
||||
}
|
||||
}
|
||||
if ($grant_exists)
|
||||
{
|
||||
Context::set('category_list', $category_list);
|
||||
}
|
||||
else
|
||||
{
|
||||
$this->module_info->use_category = 'N';
|
||||
Context::set('category_list', array());
|
||||
}
|
||||
}
|
||||
|
||||
// Set to Context
|
||||
Context::set('document_srl',$document_srl);
|
||||
Context::set('oDocument', $oDocument);
|
||||
|
||||
|
|
|
|||
|
|
@ -756,7 +756,7 @@ class DocumentController extends Document
|
|||
{
|
||||
if (!$category_list[$obj->category_srl]->grant)
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_permitted');
|
||||
return new BaseObject(-1, 'document.msg_category_not_permitted');
|
||||
}
|
||||
}
|
||||
else
|
||||
|
|
@ -764,6 +764,10 @@ class DocumentController extends Document
|
|||
$obj->category_srl = 0;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$obj->category_srl = 0;
|
||||
}
|
||||
}
|
||||
|
||||
// Set the read counts and update order.
|
||||
|
|
@ -1116,7 +1120,7 @@ class DocumentController extends Document
|
|||
{
|
||||
if (!$category_list[$obj->category_srl]->grant)
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_permitted');
|
||||
return new BaseObject(-1, 'document.msg_category_not_permitted');
|
||||
}
|
||||
}
|
||||
else
|
||||
|
|
@ -1124,6 +1128,10 @@ class DocumentController extends Document
|
|||
$obj->category_srl = 0;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$obj->category_srl = 0;
|
||||
}
|
||||
}
|
||||
|
||||
// Hash the password if it exists
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ $lang->msg_category_not_moved = 'Could not be moved';
|
|||
$lang->msg_is_secret = 'This is a secret article.';
|
||||
$lang->msg_checked_document_is_deleted = '%d article(s) was(were) deleted.';
|
||||
$lang->msg_document_is_admin_not_permitted = 'You don\'t have permission to delete the posts of Top Admin.';
|
||||
$lang->msg_category_not_permitted = 'You don\'t have permission to post in the selected category.';
|
||||
$lang->move_target_module = 'Target module ';
|
||||
$lang->search_target_list['title'] = 'Subject';
|
||||
$lang->search_target_list['content'] = 'Content';
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ $lang->msg_category_not_moved = '이동할 수 없습니다.';
|
|||
$lang->msg_is_secret = '비밀글입니다.';
|
||||
$lang->msg_checked_document_is_deleted = '%d개의 글이 삭제되었습니다.';
|
||||
$lang->msg_document_is_admin_not_permitted = '최고 관리자의 게시글을 삭제할 권한이 없습니다.';
|
||||
$lang->msg_category_not_permitted = '선택한 분류에 게시할 권한이 없습니다.';
|
||||
$lang->move_target_module = '대상 페이지';
|
||||
$lang->search_target_list['title'] = '제목';
|
||||
$lang->search_target_list['content'] = '내용';
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue