Allow users to edit existing documents, even if they belong in categories they don't have permission to write in anymore

modules/board/board.controller.php

@@ -71,33 +71,15 @@ class BoardController extends Board
 		}
 
 		// Check category
-		$category_list = DocumentModel::getCategoryList($this->module_srl);
+		if (!$obj->category_srl && !$this->grant->manager && $this->module_info->allow_no_category !== 'Y')
-		if (count($category_list) > 0)
 		{
-			if ($obj->category_srl)
+			$category_list = DocumentModel::getCategoryList($this->module_srl);
+			if (count($category_list) > 0)
 			{
-				if (isset($category_list[$obj->category_srl]))
+				return new BaseObject(-1, sprintf(lang('common.filter.isnull'), lang('common.category')));
-				{
-					if (!$category_list[$obj->category_srl]->grant)
-					{
-						return new BaseObject(-1, 'msg_not_permitted');
-					}
-				}
-				else
-				{
-					$obj->category_srl = 0;
-				}
-			}
-			if (!$obj->category_srl && $this->module_info->allow_no_category !== 'Y')
-			{
-				if (!$this->grant->manager)
-				{
-					return new BaseObject(-1, sprintf(lang('common.filter.isnull'), lang('common.category')));
-				}
 			}
 		}
 
-
 		// unset document style if not manager
 		if(!$this->grant->manager)
 		{
@@ -134,7 +116,6 @@ class BoardController extends Board
 
 		$manual = false;
 		$logged_info = Context::get('logged_info');
-
 		$oDocument = DocumentModel::getDocument($obj->document_srl);
 
 		// Set anonymous information when insert mode or status is temp

modules/board/board.view.php

@@ -859,60 +859,6 @@ class BoardView extends Board
 		// Fix any missing module configurations
 		BoardModel::fixModuleConfig($this->module_info);
 
-		/**
-		 * check if the category option is enabled not not
-		 */
-		if ($this->module_info->use_category === 'Y')
-		{
-			// get the user group information
-			if(Context::get('is_logged'))
-			{
-				$group_srls = array_keys($this->user->group_list);
-			}
-			else
-			{
-				$group_srls = array();
-			}
-
-			// check the grant after obtained the category list
-			$category_list = array();
-			$normal_category_list = DocumentModel::getCategoryList($this->module_srl);
-			if(count($normal_category_list))
-			{
-				foreach($normal_category_list as $category_srl => $category)
-				{
-					$is_granted = TRUE;
-					if(isset($category->group_srls) && $category->group_srls)
-					{
-						$category_group_srls = explode(',',$category->group_srls);
-						$is_granted = FALSE;
-						if(count(array_intersect($group_srls, $category_group_srls))) $is_granted = TRUE;
-
-					}
-					if($is_granted) $category_list[$category_srl] = $category;
-				}
-			}
-
-			// check if at least one category is granted
-			$grant_exists = false;
-			foreach ($category_list as $category)
-			{
-				if ($category->grant)
-				{
-					$grant_exists = true;
-				}
-			}
-			if ($grant_exists)
-			{
-				Context::set('category_list', $category_list);
-			}
-			else
-			{
-				$this->module_info->use_category = 'N';
-				Context::set('category_list', array());
-			}
-		}
-
 		// GET parameter document_srl from request
 		$document_srl = Context::get('document_srl');
 		$oDocument = DocumentModel::getDocument(0);
@@ -988,12 +934,70 @@ class BoardView extends Board
 				}
 			}
 		}
-		if(!$oDocument->get('status')) $oDocument->add('status', DocumentModel::getDefaultStatus());
 
 		$statusList = $this->_getStatusNameList();
-		if(count($statusList) > 0) Context::set('status_list', $statusList);
+		if (count($statusList) > 0)
+		{
+			Context::set('status_list', $statusList);
+		}
+		if (!$oDocument->get('status'))
+		{
+			$oDocument->add('status', DocumentModel::getDefaultStatus());
+		}
 
-		// get Document status config value
+		// Check category grants
+		if ($this->module_info->use_category === 'Y')
+		{
+			$category_list = array();
+			$normal_category_list = DocumentModel::getCategoryList($this->module_srl);
+			$group_srls = $this->user->group_list ?? [];
+			if(count($normal_category_list))
+			{
+				foreach ($normal_category_list as $category_srl => $category)
+				{
+					$is_granted = true;
+					if (isset($category->group_srls) && $category->group_srls)
+					{
+						$category_group_srls = explode(',', $category->group_srls);
+						$is_granted = false;
+						if (count(array_intersect($group_srls, $category_group_srls)))
+						{
+							$is_granted = true;
+						}
+					}
+					if ($oDocument->isExists() && $oDocument->get('category_srl') == $category_srl)
+					{
+						$category->grant = true;
+						$is_granted = true;
+					}
+					if ($is_granted)
+					{
+						$category_list[$category_srl] = $category;
+					}
+				}
+			}
+
+			// check if at least one category is granted
+			$grant_exists = false;
+			foreach ($category_list as $category)
+			{
+				if ($category->grant)
+				{
+					$grant_exists = true;
+				}
+			}
+			if ($grant_exists)
+			{
+				Context::set('category_list', $category_list);
+			}
+			else
+			{
+				$this->module_info->use_category = 'N';
+				Context::set('category_list', array());
+			}
+		}
+
+		// Set to Context
 		Context::set('document_srl',$document_srl);
 		Context::set('oDocument', $oDocument);
 

modules/document/document.controller.php

@@ -756,7 +756,7 @@ class DocumentController extends Document
 				{
 					if (!$category_list[$obj->category_srl]->grant)
 					{
-						return new BaseObject(-1, 'msg_not_permitted');
+						return new BaseObject(-1, 'document.msg_category_not_permitted');
 					}
 				}
 				else
@@ -764,6 +764,10 @@ class DocumentController extends Document
 					$obj->category_srl = 0;
 				}
 			}
+			else
+			{
+				$obj->category_srl = 0;
+			}
 		}
 
 		// Set the read counts and update order.
@@ -1116,7 +1120,7 @@ class DocumentController extends Document
 				{
 					if (!$category_list[$obj->category_srl]->grant)
 					{
-						return new BaseObject(-1, 'msg_not_permitted');
+						return new BaseObject(-1, 'document.msg_category_not_permitted');
 					}
 				}
 				else
@@ -1124,6 +1128,10 @@ class DocumentController extends Document
 					$obj->category_srl = 0;
 				}
 			}
+			else
+			{
+				$obj->category_srl = 0;
+			}
 		}
 
 		// Hash the password if it exists

modules/document/lang/en.php

@@ -38,6 +38,7 @@ $lang->msg_category_not_moved = 'Could not be moved';
 $lang->msg_is_secret = 'This is a secret article.';
 $lang->msg_checked_document_is_deleted = '%d article(s) was(were) deleted.';
 $lang->msg_document_is_admin_not_permitted = 'You don\'t have permission to delete the posts of Top Admin.';
+$lang->msg_category_not_permitted = 'You don\'t have permission to post in the selected category.';
 $lang->move_target_module = 'Target module ';
 $lang->search_target_list['title'] = 'Subject';
 $lang->search_target_list['content'] = 'Content';

modules/document/lang/ko.php

@@ -38,6 +38,7 @@ $lang->msg_category_not_moved = '이동할 수 없습니다.';
 $lang->msg_is_secret = '비밀글입니다.';
 $lang->msg_checked_document_is_deleted = '%d개의 글이 삭제되었습니다.';
 $lang->msg_document_is_admin_not_permitted = '최고 관리자의 게시글을 삭제할 권한이 없습니다.';
+$lang->msg_category_not_permitted = '선택한 분류에 게시할 권한이 없습니다.';
 $lang->move_target_module = '대상 페이지';
 $lang->search_target_list['title'] = '제목';
 $lang->search_target_list['content'] = '내용';