Permissions en test

This commit is contained in:
Fred Tempez 2020-10-12 19:12:38 +02:00
parent 1e2f6b9a6b
commit 6477265a8a
3 changed files with 26 additions and 18 deletions

View File

@ -1449,7 +1449,7 @@ class common {
$articleIds = array_keys(helper::arrayCollumn($this->getData(['module',$parent]), 'publishedOn', 'SORT_DESC'));
foreach ($articleIds as $key => $article) {
// Droits les deux groupes
$this->setData(['module', $parent, $article,'editConsent','group']);
$this->setData(['module', $parent, $article,'editConsent', 3]);
// Limite de taille 500
$this->setData(['module', $parent, $article,'commentMaxlength', '500']);
// Pas d'approbation des commentaires

View File

@ -78,7 +78,7 @@ class blog extends common {
// Permissions d'un article
public static $articleConsent = [
self::EDIT_GROUP => 'Groupe du propriétaire',
self::EDIT_OWNER => 'Propiétaire'
self::EDIT_OWNER => 'Propiétaire'
];
@ -118,7 +118,7 @@ class blog extends common {
'state' => $this->getInput('blogAddState', helper::FILTER_BOOLEAN),
'title' => $this->getInput('blogAddTitle', helper::FILTER_STRING_SHORT, true),
'userId' => $newuserid,
'editConsent' => $this->getInput('blogAddConsent'),
'editConsent' => $this->getInput('blogEditConsent') === self::EDIT_GROUP ? $this->getUser('group') : self::EDIT_OWNER,
'commentMaxlength' => $this->getInput('blogAddCommentMaxlength'),
'commentApproved' => $this->getInput('blogAddCommentApproved', helper::FILTER_BOOLEAN),
'commentClose' => $this->getInput('blogAddCommentClose', helper::FILTER_BOOLEAN),
@ -304,14 +304,14 @@ class blog extends common {
// Gestion des droits d'accès
$filterData=[];
foreach ($articleIds as $key => $value) {
$consent = $this->getData(['module', $this->getUrl(0), $value,'editConsent']);
if (
(
$consent === self::EDIT_OWNER
( // Propriétaire
$this->getData(['module', $this->getUrl(0), $value,'editConsent']) === self::EDIT_OWNER
AND $this->getData(['module', $this->getUrl(0), $value,'userId']) === $this->getUser('id')
) OR (
$consent === self::EDIT_GROUP
AND $this->getUser('group') >= $this->getData(['user',$this->getUser('group'),'group'])
// Groupe
$this->getData(['module', $this->getUrl(0), $this->getUrl(1),'editConsent']) !== self::EDIT_OWNER
AND $this->getUser('group') >= $this->getData(['module',$this->getUrl(0), $value,'editConsent'])
)
) {
$filterData[] = $value;
@ -448,7 +448,7 @@ class blog extends common {
'state' => $this->getInput('blogEditState', helper::FILTER_BOOLEAN),
'title' => $this->getInput('blogEditTitle', helper::FILTER_STRING_SHORT, true),
'userId' => $newuserid,
'editConsent' => $this->getInput('blogEditConsent'),
'editConsent' => $this->getInput('blogEditConsent') === self::EDIT_GROUP ? $this->getUser('group') : self::EDIT_OWNER,
'commentMaxlength' => $this->getInput('blogEditCommentMaxength'),
'commentApproved' => $this->getInput('blogEditCommentApproved', helper::FILTER_BOOLEAN),
'commentClose' => $this->getInput('blogEditCommentClose', helper::FILTER_BOOLEAN),

View File

@ -7,16 +7,24 @@
à <?php echo strftime('%H:%M', $this->getData(['module', $this->getUrl(0), $this->getUrl(1), 'publishedOn'])); ?>
</div>
</div>
<?php if(
$this->getUser('group') >= self::GROUP_ADMIN
AND $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
<?php if (
$this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
AND
( // Propriétaire
$this->getData(['module', $this->getUrl(0), $this->getUrl(1),'editConsent']) === $module::EDIT_OWNER
AND $this->getData(['module', $this->getUrl(0), $this->getUrl(1),'userId']) === $this->getUser('id')
) OR (
// Groupe
$this->getData(['module', $this->getUrl(0), $this->getUrl(1),'editConsent']) !== $module::EDIT_OWNER
AND $this->getUser('group') >= $this->getData(['module',$this->getUrl(0), $this->getUrl(1),'editConsent'])
)
): ?>
<div class="col2">
<?php echo template::button('blogEdit', [
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $this->getUrl(1) . '/' . $_SESSION['csrf'],
'value' => 'Editer'
]); ?>
</div>
<div class="col2">
<?php echo template::button('blogEdit', [
'href' => helper::baseUrl() . $this->getUrl(0) . '/edit/' . $this->getUrl(1) . '/' . $_SESSION['csrf'],
'value' => 'Editer'
]); ?>
</div>
<?php endif; ?>
</div>
<?php $pictureSize = $this->getData(['module', $this->getUrl(0), $this->getUrl(1), 'pictureSize']) === null ? '100' : $this->getData(['module', $this->getUrl(0), $this->getUrl(1), 'pictureSize']); ?>