Interdiction des suppressions depuis le module en sus du routage
This commit is contained in:
parent
95b7d1f74e
commit
6214f6a363
|
|
@ -601,7 +601,7 @@ class user extends common
|
|||
'news' => [
|
||||
'add' => $this->getInput('profilEditNewsAdd', helper::FILTER_BOOLEAN),
|
||||
'edit' => $this->getInput('profilEditNewsEdit', helper::FILTER_BOOLEAN),
|
||||
'delete' => $this->getInput('profilEditNewsEdit', helper::FILTER_BOOLEAN),
|
||||
'delete' => $this->getInput('profilEditNewsDelete', helper::FILTER_BOOLEAN),
|
||||
'option' => $this->getInput('profilEditNewsOption', helper::FILTER_BOOLEAN),
|
||||
'config' => $this->getInput('profilEditNewsAdd', helper::FILTER_BOOLEAN) ||
|
||||
$this->getInput('profilEditNewsEdit', helper::FILTER_BOOLEAN) ||
|
||||
|
|
@ -729,7 +729,7 @@ class user extends common
|
|||
'news' => [
|
||||
'add' => $this->getInput('profilAddNewsAdd', helper::FILTER_BOOLEAN),
|
||||
'edit' => $this->getInput('profilAddNewsEdit', helper::FILTER_BOOLEAN),
|
||||
'delete' => $this->getInput('profilAddNewsEdit', helper::FILTER_BOOLEAN),
|
||||
'delete' => $this->getInput('profilAddNewsDelete', helper::FILTER_BOOLEAN),
|
||||
'option' => $this->getInput('profilAddNewsOption', helper::FILTER_BOOLEAN),
|
||||
'config' => $this->getInput('profilAddNewsAdd', helper::FILTER_BOOLEAN) ||
|
||||
$this->getInput('profilAddNewsEdit', helper::FILTER_BOOLEAN) ||
|
||||
|
|
|
|||
|
|
@ -592,7 +592,9 @@ class blog extends common
|
|||
*/
|
||||
public function delete()
|
||||
{
|
||||
if ($this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
|
||||
if (
|
||||
$this->getUser('permission', 'blog', 'delete') === false ||
|
||||
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'access' => false
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
|
||||
# version 6.9
|
||||
- Bloque l'effacement de l'article selon le profil
|
||||
# version 6.8
|
||||
- Erreur de décompte des commentaires approuvés ou non dans l'index
|
||||
# version 6.7
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
# Version 3.10
|
||||
- Bloque l'effacement selon le profil
|
||||
# Version 3.9
|
||||
- Redirection des pages orphelines
|
||||
# Version 3.8
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
class form extends common
|
||||
{
|
||||
|
||||
const VERSION = '3.9';
|
||||
const VERSION = '3.10';
|
||||
const REALNAME = 'Formulaire';
|
||||
const DATADIRECTORY = ''; // Contenu localisé inclus par défaut (page.json et module.json)
|
||||
|
||||
|
|
@ -344,7 +344,9 @@ class form extends common
|
|||
public function delete()
|
||||
{
|
||||
// Jeton incorrect
|
||||
if ($this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
if (
|
||||
$this->getUser('permission', 'form', 'delete') === false ||
|
||||
$this->getUrl(3) !== $_SESSION['csrf']) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/data',
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
# Version 3.9
|
||||
- Bloque l'effacement de la galerie selon le profil
|
||||
# Version 3.8
|
||||
- Version compare null, dataversion not initialize
|
||||
- Bug de positionnement des boutons de retour
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class gallery extends common
|
|||
{
|
||||
|
||||
|
||||
const VERSION = '3.8';
|
||||
const VERSION = '3.9';
|
||||
const REALNAME = 'Galerie';
|
||||
const DATADIRECTORY = self::DATA_DIR . 'gallery/';
|
||||
|
||||
|
|
@ -500,7 +500,8 @@ class gallery extends common
|
|||
{
|
||||
// $url prend l'adresse sans le token
|
||||
// La galerie n'existe pas
|
||||
if ($this->getData(['module', $this->getUrl(0), 'content', $this->getUrl(2)]) === null) {
|
||||
if ($this->getUser('permission', 'gallery', 'delete') === false ||
|
||||
$this->getData(['module', $this->getUrl(0), 'content', $this->getUrl(2)]) === null) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'access' => false
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
# Version 4.5
|
||||
- Bloque l'effacement de l'article selon le profil
|
||||
# Version 4.4
|
||||
- Intl date Formats
|
||||
- Bug un conflit avec le style de la page
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
class news extends common
|
||||
{
|
||||
|
||||
const VERSION = '4.3';
|
||||
const VERSION = '4.4';
|
||||
const REALNAME = 'News';
|
||||
const DATADIRECTORY = self::DATA_DIR . 'news/';
|
||||
|
||||
|
|
@ -365,7 +365,8 @@ class news extends common
|
|||
public function delete()
|
||||
{
|
||||
// La news n'existe pas
|
||||
if ($this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
|
||||
if ($this->getUser('permission', 'news', 'delete') === false ||
|
||||
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'access' => false
|
||||
|
|
|
|||
Loading…
Reference in New Issue