implement permissions for Questgroups, Quests and Sidequests

controllers/QuestgroupsController.inc

@@ -65,10 +65,28 @@
 			// Get Questgrouphierarchy
 			$questgroupshierarchy = $this->Questgroupshierarchy->getHierarchyById($questgroup['questgroupshierarchy_id']);
 			
+			// Get Character
+			$character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']);
+			
+			// Check permission
+			$previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']);
+			if(!is_null($previousQuestgroup)) {
+				if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) {
+					throw new \nre\exceptions\AccessDeniedException();
+				}
+			}
+			
 			// Get child Questgroupshierarchy
 			$childQuestgroupshierarchy = $this->Questgroupshierarchy->getChildQuestgroupshierarchy($questgroupshierarchy['id']);
-			foreach($childQuestgroupshierarchy as &$hierarchy) {
+			foreach($childQuestgroupshierarchy as &$hierarchy)
+			{
+				// Get Questgroups
 				$hierarchy['questgroups'] = $this->Questgroups->getQuestgroupsForHierarchy($hierarchy['id'], $questgroup['id']);
+				
+				// Check permission of Questgroups
+				for($i=1; $i<count($hierarchy['questgroups']); $i++) {
+					$hierarchy['questgroups'][$i]['access'] =  $this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id']);
+				}
 			}
 			
 			// Get texts
@@ -79,10 +97,15 @@
 			if(count($childQuestgroupshierarchy) == 0)
 			{
 				$quests = $this->Quests->getQuestsForQuestgroup($questgroup['id']);
-				
-				// Attach sidequests
-				foreach($quests as &$quest) {
-					$quest['sidequests'] = $this->Quests->getSidequestsForQuest($quest['id']);
+				for($i=0; $i<count($quests); $i++)
+				{
+					// Check permission
+					if($i > 0) {
+						$quests[$i]['access'] = $this->Quests->hasCharacterSolvedQuest($quests[$i-1]['id'], $character['id']);
+					}
+					
+					// Attach sidequests
+					$quests[$i]['sidequests'] = $this->Quests->getSidequestsForQuest($quests[$i]['id']);
 				}
 			}
 			

controllers/QuestsController.inc

@@ -24,7 +24,7 @@
 		 * 
 		 * @var array
 		 */
-		public $models = array('seminaries', 'questgroups', 'quests', 'questtexts', 'media', 'questtypes');
+		public $models = array('seminaries', 'questgroups', 'quests', 'questtexts', 'media', 'questtypes', 'questgroupshierarchy');
 		/**
 		 * User permissions
 		 * 
@@ -68,6 +68,35 @@
 			// Get Quest
 			$quest = $this->Quests->getQuestByUrl($seminary['id'], $questgroup['id'], $questUrl);
 			
+			// Get Character
+			$character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']);
+			
+			// Check permissions
+			$previousQuests = $this->Quests->getPreviousQuests($quest['id']);
+			if(count($previousQuests) == 0)
+			{
+				// Previous Questgroup
+				$previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']);
+				if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) {
+					throw new \nre\exceptions\AccessDeniedException();
+				}
+			}
+			else
+			{
+				// Previous Quests
+				$solved = false;
+				foreach($previousQuests as &$previousQuest)
+				{
+					if($this->Quests->hasCharacterSolvedQuest($previousQuest['id'], $character['id'])) {
+						$solved = true;
+						break;
+					}
+				}
+				if(!$solved) {
+					throw new \nre\exceptions\AccessDeniedException();
+				}
+			}
+			
 			// Get Questtext
 			$questtext = null;
 			if(is_null($questtexttypeUrl)) {
@@ -111,7 +140,7 @@
 			
 			// Task
 			$task = null;
-			if($questtext['type'] == 'Prolog')
+			if($questtexttypeUrl == 'Prolog')
 			{
 				// Questtype
 				$questtype = $this->Questtypes->getQuesttypeById($quest['questtype_id']);
@@ -120,10 +149,20 @@
 				$task = $this->runAndRenderTask($questtype['classname']);
 			}
 			
-			// Next Quest
+			// Next Quest/Questgroup
 			$nextQuests = null;
-			if($questtexttypeUrl == 'Epilog') {
+			$nextQuestgroup = null;
+			if($questtexttypeUrl == 'Epilog')
+			{
+				// Next Quest
 				$nextQuests = $this->Quests->getNextQuests($quest['id']);
+				
+				// Next Questgroup
+				if(empty($nextQuests))
+				{
+					$nextQuestgroup = $this->Questgroups->getNextQuestgroup($questgroup['id']);
+					$nextQuestgroup['hierarchy'] = $this->Questgroupshierarchy->getHierarchyById($nextQuestgroup['questgroupshierarchy_id']);
+				}
 			}
 			
 			
@@ -135,6 +174,7 @@
 			$this->set('queststatus', $questStatus);
 			$this->set('queststatustext', $questStatusText);
 			$this->set('nextquests', $nextQuests);
+			$this->set('nextquestgroup', $nextQuestgroup);
 			$this->set('task', $task);
 			$this->set('media', $questmedia);
 		}
@@ -167,6 +207,38 @@
 			// Get Sidequest
 			$sidequest = $this->Quests->getSidequestByUrl($seminary['id'], $questgroup['id'], $quest['id'], $sidequestUrl);
 			
+			// Get Character
+			$character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']);
+			
+			// Check permission
+			$previousQuests = $this->Quests->getPreviousQuests($quest['id']);
+			if(count($previousQuests) == 0)
+			{
+				// Previous Questgroup
+				$previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']);
+				if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) {
+					throw new \nre\exceptions\AccessDeniedException();
+				}
+			}
+			else
+			{
+				// Previous Quests
+				if(count($previousQuests) > 0)
+				{
+					$solved = false;
+					foreach($previousQuests as &$previousQuest)
+					{
+						if($this->Quests->hasCharacterSolvedQuest($previousQuest['id'], $character['id'])) {
+							$solved = true;
+							break;
+						}
+					}
+					if(!$solved) {
+						throw new \nre\exceptions\AccessDeniedException();
+					}
+				}
+			}
+			
 			// Get Questtext
 			$questtext = $this->Questtexts->getQuesttextForSidequest($sidequest['id']);
 			
@@ -215,7 +287,7 @@
 			
 			// Task
 			$task = null;
-			if(!is_null($sidequesttext) && $sidequesttext['type'] == 'Prolog')
+			if($sidequesttexttypeUrl == 'Prolog')
 			{
 				// Questtype
 				$questtype = $this->Questtypes->getQuesttypeById($sidequest['questtype_id']);

controllers/SeminariesController.inc

@@ -90,10 +90,20 @@
 			// Created user
 			$seminary['creator'] = $this->Users->getUserById($seminary['created_user_id']);
 			
+			// Get Character
+			$character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']);
+			
 			// Questgrouphierarchy and Questgroups
 			$questgroupshierarchy = $this->Questgroupshierarchy->getHierarchyForSeminary($seminary['id']);
-			foreach($questgroupshierarchy as &$hierarchy) {
+			foreach($questgroupshierarchy as &$hierarchy)
+			{
+				// Get Questgroups
 				$hierarchy['questgroups'] = $this->Questgroups->getQuestgroupsForHierarchy($hierarchy['id']);
+				
+				// Check permission of Questgroups
+				for($i=1; $i<count($hierarchy['questgroups']); $i++) {
+					$hierarchy['questgroups'][$i]['access'] =  $this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id']);
+				}
 			}