diff --git a/core/module/page/view/edit/edit.php b/core/module/page/view/edit/edit.php
index a6b63d17..b4b3418e 100644
--- a/core/module/page/view/edit/edit.php
+++ b/core/module/page/view/edit/edit.php
@@ -271,18 +271,21 @@ echo template::formOpen('pageEditForm');
'Groupe requis pour accéder à la page :',
- 'selected' => $this->getData(['page', $this->getUrl(2), 'group'])
+ 'selected' => $this->getData(['page', $this->getUrl(2), 'group']),
+ 'disabled' => $this->getUser('group') < self::GROUP_MODERATOR ? true : false
]); ?>
'Méta-titre',
- 'value' => $this->getData(['page', $this->getUrl(2), 'metaTitle'])
+ 'value' => $this->getData(['page', $this->getUrl(2), 'metaTitle']),
+ 'disabled' => $this->getUser('group') < self::GROUP_MODERATOR ? true : false
]); ?>
'Méta-description',
//'maxlength' => '500',
- 'value' => $this->getData(['page', $this->getUrl(2), 'metaDescription'])
+ 'value' => $this->getData(['page', $this->getUrl(2), 'metaDescription']),
+ 'disabled' => $this->getUser('group') < self::GROUP_MODERATOR ? true : false
]); ?>
diff --git a/core/vendor/filemanager/config/config.php b/core/vendor/filemanager/config/config.php
index 73e03b8b..c17db810 100644
--- a/core/vendor/filemanager/config/config.php
+++ b/core/vendor/filemanager/config/config.php
@@ -13,6 +13,17 @@ ob_start('mb_output_handler');
date_default_timezone_set('Europe/Paris');
setlocale(LC_CTYPE, 'fr_FR'); //correct transliteration
+// Validation des actions (delete, rename) par lecture du groupe de l'utilisateur via cookie et user.json
+if( is_file('../../../site/data/user.json')){
+ $json = file_get_contents('../../../site/data/user.json');
+ $user = json_decode($json, true);
+ $val = $user['user'][$_COOKIE["ZWII_USER_ID"]]['group'] >= 3 ? true : false;
+}
+else{
+ $val = false;
+}
+
+
/*
|--------------------------------------------------------------------------
| Optional security
@@ -336,18 +347,18 @@ $config = array(
//*************************
//Permissions configuration
//******************
- 'delete_files' => true,
+ 'delete_files' => $val,
'create_folders' => true,
- 'delete_folders' => true,
+ 'delete_folders' => $val,
'upload_files' => true,
- 'rename_files' => true,
- 'rename_folders' => true,
+ 'rename_files' => $val,
+ 'rename_folders' => $val,
'duplicate_files' => true,
'extract_files' => true,
- 'copy_cut_files' => true, // for copy/cut files
- 'copy_cut_dirs' => true, // for copy/cut directories
- 'chmod_files' => true, // change file permissions
- 'chmod_dirs' => true, // change folder permissions
+ 'copy_cut_files' => $val, // for copy/cut files
+ 'copy_cut_dirs' => $val, // for copy/cut directories
+ 'chmod_files' => $val, // change file permissions
+ 'chmod_dirs' => $val, // change folder permissions
'preview_text_files' => true, // eg.: txt, log etc.
'edit_text_files' => true, // eg.: txt, log etc.
'create_text_files' => true, // only create files with exts. defined in $config['editable_text_file_exts']
diff --git a/module/blog/blog.php b/module/blog/blog.php
index 795cff2e..f8562735 100644
--- a/module/blog/blog.php
+++ b/module/blog/blog.php
@@ -493,7 +493,7 @@ class blog extends common {
ksort(self::$users);
foreach(self::$users as $userId => &$userFirstname) {
// Les membres ne sont pas éditeurs, les exclure de la liste
- if ( $this->getData(['user', $userId, 'group']) < self::GROUP_MODERATOR) {
+ if ( $this->getData(['user', $userId, 'group']) < self::GROUP_EDITOR) {
unset(self::$users[$userId]);
}
$userFirstname = $userFirstname . ' ' . $this->getData(['user', $userId, 'lastname']) . ' (' . self::$groupEdits[$this->getData(['user', $userId, 'group'])] . ')';
diff --git a/module/blog/view/edit/edit.php b/module/blog/view/edit/edit.php
index 1b8c37a6..38f06390 100644
--- a/module/blog/view/edit/edit.php
+++ b/module/blog/view/edit/edit.php
@@ -96,7 +96,8 @@
'Edition / Suppression',
'selected' => is_numeric($this->getData(['module', $this->getUrl(0), $this->getUrl(2), 'editConsent'])) ? $module::EDIT_GROUP : $this->getData(['module', $this->getUrl(0), $this->getUrl(2), 'editConsent']),
- 'help' => 'Les utilisateurs des groupes supérieurs accèdent à l\'article sans restriction'
+ 'help' => 'Les utilisateurs des groupes supérieurs accèdent à l\'article sans restriction',
+ 'disabled' => $this->getUser('group') < self::GROUP_MODERATOR ? true : false
]); ?>