coderkun/questlab
1
0
Fork 0
Code Issues 15 Pull requests Projects Releases Wiki Activity

correct rights for managing Characters (Issue #156)

Browse source
This commit is contained in:
coderkun 2014-04-26 13:31:17 +02:00
commit 670091a3bb
4 changed files with 9 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

10
controllers/CharactersController.inc
View file

@ -37,10 +37,10 @@
* @var array
*/
public $permissions = array(
'index' => array('admin', 'moderator'),
'index' => array('admin', 'moderator', 'user'),
'character' => array('admin', 'moderator', 'user'),
'register' => array('admin', 'moderator', 'user'),
'manage' => array('admin', 'moderator')
'manage' => array('admin', 'moderator', 'user')
);
/**
* User seminary permissions
@ -307,19 +307,19 @@
switch($actions[$action])
{
case _('Admin'):
if(count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) <= 0 || !in_array('admin', \hhu\z\controllers\SeminaryController::$character['characterroles'])) {
if(count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) <= 0 && !in_array('admin', \hhu\z\controllers\SeminaryController::$character['characterroles'])) {
throw new \nre\exceptions\AccessDeniedException();
}
$role = 'admin';
break;
case _('Moderator'):
if(count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) <= 0 || !in_array('admin', \hhu\z\controllers\SeminaryController::$character['characterroles'])) {
if(count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) <= 0 && !in_array('admin', \hhu\z\controllers\SeminaryController::$character['characterroles'])) {
throw new \nre\exceptions\AccessDeniedException();
}
$role = 'moderator';
break;
case _('User'):
if(count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) <= 0 || count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\SeminaryController::$character['characterroles'])) <= 0) {
if(count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) <= 0 && count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\SeminaryController::$character['characterroles'])) <= 0) {
throw new \nre\exceptions\AccessDeniedException();
}
$role = 'user';

1
controllers/SeminarymenuController.inc
View file

@ -37,6 +37,7 @@
// Set userdata
$this->set('loggedUser', \hhu\z\controllers\IntermediateController::$user);
$this->set('loggedSeminary', \hhu\z\controllers\SeminaryController::$seminary);
$this->set('loggedCharacter', \hhu\z\controllers\SeminaryController::$character);
}

4
views/html/characters/manage.tpl
View file

@ -30,7 +30,7 @@
</fieldset>
<fieldset>
<legend><?=_('Add role')?></legend>
<?php if(in_array('admin', \hhu\z\controllers\SeminaryController::$character['characterroles'])) : ?>
<?php if(count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) > 0 || !in_array('admin', \hhu\z\controllers\SeminaryController::$character['characterroles'])) : ?>
<input type="submit" name="actions[addrole]" value="<?=_('Admin')?>" />
<input type="submit" name="actions[addrole]" value="<?=_('Moderator')?>" />
<?php endif ?>
@ -38,7 +38,7 @@
</fieldset>
<fieldset>
<legend><?=_('Remove role')?></legend>
<?php if(in_array('admin', \hhu\z\controllers\SeminaryController::$character['characterroles'])) : ?>
<?php if(count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) > 0 || !in_array('admin', \hhu\z\controllers\SeminaryController::$character['characterroles'])) : ?>
<input type="submit" name="actions[removerole]" value="<?=_('Admin')?>" />
<input type="submit" name="actions[removerole]" value="<?=_('Moderator')?>" />
<?php endif ?>

2
views/html/seminarymenu/index.tpl
View file

@ -1,5 +1,5 @@
<li><a href="<?=$linker->link(array('seminaries',$loggedSeminary['url']))?>" class="smnry"><i class="fa fa-chevron-right fa-fw"></i><?=$loggedSeminary['title']?></a></li>
<?php if(count(array_intersect(array('admin','moderator'),$loggedUser['roles'])) > 0) : ?><li><a href="<?=$linker->link(array('characters',$loggedSeminary['url']))?>" class="smnry"><i class="fa fa-users fa-fw"></i><?=_('Characters')?></a></li><?php endif ?>
<?php if(count(array_intersect(array('admin','moderator'),$loggedUser['roles'])) > 0 || count(array_intersect(array('admin','moderator'),$loggedCharacter['characterroles']))) : ?><li><a href="<?=$linker->link(array('characters',$loggedSeminary['url']))?>" class="smnry"><i class="fa fa-users fa-fw"></i><?=_('Characters')?></a></li><?php endif ?>
<li><a href="<?=$linker->link(array('charactergroups','index',$loggedSeminary['url']))?>" class="smnry"><i class="fa fa-users fa-fw"></i><?=_('Character Groups')?></a></li>
<li><a href="<?=$linker->link(array('achievements','index',$loggedSeminary['url']))?>" class="smnry"><i class="fa fa-trophy fa-fw"></i><?=_('Achievements')?></a></li>
<li><a href="<?=$linker->link(array('library','index',$loggedSeminary['url']))?>" class="smnry"><i class="fa fa-book fa-fw"></i><?=_('Library')?></a></li>