diff options
| author | vincent-peugnet <v.peugnet@free.fr> | 2020-01-11 19:40:13 +0100 |
|---|---|---|
| committer | vincent-peugnet <v.peugnet@free.fr> | 2020-01-11 19:40:13 +0100 |
| commit | 19b603a228a63ae91d45a16dc104f795ea0cd244 (patch) | |
| tree | 9d99978aefc76afc5403b2263c682d03f60c0ca3 | |
| parent | b7c2d553face9ccdc5f96bcaaa181510c4328530 (diff) | |
| download | wcms-19b603a228a63ae91d45a16dc104f795ea0cd244.tar.gz wcms-19b603a228a63ae91d45a16dc104f795ea0cd244.zip | |
fix editor delete add edit rights
| -rw-r--r-- | app/class/Controllerpage.php | 13 | ||||
| -rw-r--r-- | app/view/templates/home.php | 4 |
2 files changed, 11 insertions, 6 deletions
diff --git a/app/class/Controllerpage.php b/app/class/Controllerpage.php index e12d76e..1eb4a3d 100644 --- a/app/class/Controllerpage.php +++ b/app/class/Controllerpage.php @@ -203,9 +203,13 @@ class Controllerpage extends Controller public function log($id) { - $this->setpage($id, 'pagelog'); - $this->importpage(); - var_dump($this->page); + if($this->user->issupereditor()) { + $this->setpage($id, 'pagelog'); + $this->importpage(); + var_dump($this->page); + } else { + $this->routedirect('pageread/', ['page' => $id]); + } } public function add($id) @@ -216,6 +220,7 @@ class Controllerpage extends Controller if ($this->user->iseditor() && !$this->importpage()) { $this->page->reset(); + $this->page->addauthor($this->user->id()); if (!empty(Config::defaultpage())) { $defaultpage = $this->pagemanager->get(Config::defaultpage()); if ($defaultpage !== false) { @@ -236,7 +241,7 @@ class Controllerpage extends Controller public function confirmdelete($id) { $this->setpage($id, 'pageconfirmdelete'); - if ($this->user->iseditor() && $this->importpage()) { + if ($this->importpage() && ($this->user->issupereditor() || $this->page->authors() === [$this->user->id()] )) { $this->showtemplate('confirmdelete', ['page' => $this->page, 'pageexist' => true]); diff --git a/app/view/templates/home.php b/app/view/templates/home.php index f95c60f..d3d9a99 100644 --- a/app/view/templates/home.php +++ b/app/view/templates/home.php @@ -87,9 +87,9 @@ <tr> <?php if($user->issupereditor()) { ?><td class="hidephone"><input type="checkbox" name="pagesid[]" value="<?= $item->id() ?>" id="id_<?= $item->id() ?>" form="multiedit"></td><?php } ?> <td><label title="<?= $item->title() ?>" for="id_<?= $item->id() ?>"><?= $item->id() ?></label></td> - <td><a href="<?= $this->upage('pageedit', $item->id()) ?>"><img src="<?= Wcms\Model::iconpath() ?>edit.png" class="icon"></a></td> + <td><?php if($user->issupereditor() || in_array($user->id(), $item->authors())) { ?><a href="<?= $this->upage('pageedit', $item->id()) ?>"><img src="<?= Wcms\Model::iconpath() ?>edit.png" class="icon"></a><?php } ?></td> <td><a href="<?= $this->upage('pageread/', $item->id()) ?>" target="_blank"><img src="<?= Wcms\Model::iconpath() ?>read.png" class="icon"></a></td> - <td class="delete"><a href="<?= $this->upage('pagedelete', $item->id()) ?>">✖</a></td> + <td class="delete"><?php if($user->issupereditor() || $item->authors() === [$user->id()]) { ?><a href="<?= $this->upage('pagedelete', $item->id()) ?>">✖</a><?php } ?></td> <?php if ($user->issupereditor()) { ?> <td class="hidephone"><a href="<?= $this->upage('pagedownload', $item->id()) ?>" download><img src="<?= Wcms\Model::iconpath() ?>download.png" class="icon"></a></td> <?php } |