Modif du 9/11 par Sylvain

2020-11-09 13:55:15 +01:00 · 2020-11-09 13:55:15 +01:00 · c5d4eb1a54
parent 8f14755c53
commit c5d4eb1a54
4 changed files with 28 additions and 13 deletions
--- a/core/module/page/view/edit/edit.php
+++ b/core/module/page/view/edit/edit.php
@ -271,18 +271,21 @@ echo template::formOpen('pageEditForm');
 						<div class='col6'>
 							<?php echo template::select('pageEditGroup', self::$groupPublics, [
 								'label' => 'Groupe requis pour accéder à la page :',
-								'selected' => $this->getData(['page', $this->getUrl(2), 'group'])
+								'selected' => $this->getData(['page', $this->getUrl(2), 'group']),
+								'disabled' => $this->getUser('group') < self::GROUP_MODERATOR ? true : false
 							]); ?>
 						</div>
 						<div class='col12'>
 							<?php echo template::text('pageEditMetaTitle', [
 								'label' => 'Méta-titre',
-								'value' => $this->getData(['page', $this->getUrl(2), 'metaTitle'])
+								'value' => $this->getData(['page', $this->getUrl(2), 'metaTitle']),
+								'disabled' => $this->getUser('group') < self::GROUP_MODERATOR ? true : false
 							]); ?>
 							<?php echo template::textarea('pageEditMetaDescription', [
 								'label' => 'Méta-description',
 								//'maxlength' => '500',
-								'value' => $this->getData(['page', $this->getUrl(2), 'metaDescription'])
+								'value' => $this->getData(['page', $this->getUrl(2), 'metaDescription']),
+								'disabled' => $this->getUser('group') < self::GROUP_MODERATOR ? true : false
 							]); ?>
 						</div>
 					</div>
--- a/core/vendor/filemanager/config/config.php
+++ b/core/vendor/filemanager/config/config.php
@ -13,6 +13,17 @@ ob_start('mb_output_handler');
 date_default_timezone_set('Europe/Paris');
 setlocale(LC_CTYPE, 'fr_FR'); //correct transliteration

+// Validation des actions (delete, rename) par lecture du groupe de l'utilisateur via cookie et user.json
+if( is_file('../../../site/data/user.json')){
+	$json = file_get_contents('../../../site/data/user.json');
+	$user = json_decode($json, true);
+	$val = $user['user'][$_COOKIE["ZWII_USER_ID"]]['group'] >= 3 ? true : false;
+}
+else{
+	$val = false;
+}
+
+
 /*
 |--------------------------------------------------------------------------
 | Optional security
@ -336,18 +347,18 @@ $config = array(
 	//*************************
 	//Permissions configuration
 	//******************
-	'delete_files'                            => true,
+	'delete_files'                            => $val,
 	'create_folders'                          => true,
-	'delete_folders'                          => true,
+	'delete_folders'                          => $val,
 	'upload_files'                            => true,
-	'rename_files'                            => true,
-	'rename_folders'                          => true,
+	'rename_files'                            => $val,
+	'rename_folders'                          => $val,
 	'duplicate_files'                         => true,
 	'extract_files'                           => true,
-	'copy_cut_files'                          => true, // for copy/cut files
-	'copy_cut_dirs'                           => true, // for copy/cut directories
-	'chmod_files'                             => true, // change file permissions
-	'chmod_dirs'                              => true, // change folder permissions
+	'copy_cut_files'                          => $val, // for copy/cut files
+	'copy_cut_dirs'                           => $val, // for copy/cut directories
+	'chmod_files'                             => $val, // change file permissions
+	'chmod_dirs'                              => $val, // change folder permissions
 	'preview_text_files'                      => true, // eg.: txt, log etc.
 	'edit_text_files'                         => true, // eg.: txt, log etc.
 	'create_text_files'                       => true, // only create files with exts. defined in $config['editable_text_file_exts']
--- a/module/blog/blog.php
+++ b/module/blog/blog.php
@ -493,7 +493,7 @@ class blog extends common {
 			ksort(self::$users);
 			foreach(self::$users as $userId => &$userFirstname) {
 			// Les membres ne sont pas éditeurs, les exclure de la liste
-				if ( $this->getData(['user', $userId, 'group']) < self::GROUP_MODERATOR) {
+				if ( $this->getData(['user', $userId, 'group']) < self::GROUP_EDITOR) {
 					unset(self::$users[$userId]);
 				}
 				$userFirstname = $userFirstname . ' ' . $this->getData(['user', $userId, 'lastname']) . ' (' .  self::$groupEdits[$this->getData(['user', $userId, 'group'])] . ')';
--- a/module/blog/view/edit/edit.php
+++ b/module/blog/view/edit/edit.php
@ -96,7 +96,8 @@
 						<?php echo template::select('blogEditConsent', $module::$articleConsent  , [
 							'label' => 'Edition /  Suppression',
 							'selected' => is_numeric($this->getData(['module', $this->getUrl(0), $this->getUrl(2), 'editConsent'])) ? $module::EDIT_GROUP : $this->getData(['module', $this->getUrl(0), $this->getUrl(2), 'editConsent']),
-							'help' => 'Les utilisateurs des groupes supérieurs accèdent à l\'article sans restriction'
+							'help' => 'Les utilisateurs des groupes supérieurs accèdent à l\'article sans restriction',
+							'disabled' => $this->getUser('group') < self::GROUP_MODERATOR ? true : false
 						]); ?>
 					</div>
 				</div>