coderkun/questlab
1
0
Fork 0
Code Issues 15 Pull requests Projects Releases Wiki Activity

do not check Questgroup and Quest permissions for Seminary-admins and -moderators

Browse source
This commit is contained in:
coderkun 2014-04-18 18:34:53 +02:00
commit 8d9e0473a1
4 changed files with 56 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

7
controllers/QuestgroupsController.inc
View file

@ -71,12 +71,15 @@
$character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']); $character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']);
// Check permission // Check permission
if(count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
{
$previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']); $previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']);
if(!is_null($previousQuestgroup)) { if(!is_null($previousQuestgroup)) {
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) { if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) {
throw new \nre\exceptions\AccessDeniedException(); throw new \nre\exceptions\AccessDeniedException();
} }
} }
}
// Get child Questgroupshierarchy // Get child Questgroupshierarchy
$childQuestgroupshierarchy = null; $childQuestgroupshierarchy = null;
@ -92,7 +95,7 @@
foreach($hierarchy['questgroups'] as $i => &$group) foreach($hierarchy['questgroups'] as $i => &$group)
{ {
// Check permission of Questgroups // Check permission of Questgroups
if($i >= 1) if($i >= 1 && count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
{ {
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id'])) if(!$this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id']))
{ {
@ -163,7 +166,7 @@
$quests[] = $currentQuest; $quests[] = $currentQuest;
} }
} }
while(!is_null($currentQuest) && $currentQuest['solved']); while(!is_null($currentQuest) && ($currentQuest['solved'] || count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) > 0));
} }

5
controllers/QuestsController.inc
View file

@ -147,6 +147,8 @@
$character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']); $character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']);
// Check permissions // Check permissions
if(count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
{
$previousQuests = $this->Quests->getPreviousQuests($quest['id']); $previousQuests = $this->Quests->getPreviousQuests($quest['id']);
if(count($previousQuests) == 0) if(count($previousQuests) == 0)
{ {
@ -189,6 +191,7 @@
throw new \nre\exceptions\AccessDeniedException(); throw new \nre\exceptions\AccessDeniedException();
} }
} }
}
// Set status “entered” // Set status “entered”
$this->Quests->setQuestEntered($quest['id'], $character['id']); $this->Quests->setQuestEntered($quest['id'], $character['id']);
@ -270,7 +273,7 @@
$nextQuests = null; $nextQuests = null;
$charactedHasChoosenNextQuest = false; $charactedHasChoosenNextQuest = false;
$nextQuestgroup = null; $nextQuestgroup = null;
if($questtexttypeUrl == 'Epilog' || $this->Questtexts->getQuesttextCountOfQuest($quest['id'], 'Epilog') == 0) if($questtexttypeUrl == 'Epilog' || ($solved && $this->Questtexts->getQuesttextCountOfQuest($quest['id'], 'Epilog') == 0) || count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) > 0)
{ {
// Next Quest // Next Quest
$nextQuests = $this->Quests->getNextQuests($quest['id']); $nextQuests = $this->Quests->getNextQuests($quest['id']);

2
controllers/SeminariesController.inc
View file

@ -115,7 +115,7 @@
foreach($hierarchy['questgroups'] as $i => &$questgroup) foreach($hierarchy['questgroups'] as $i => &$questgroup)
{ {
// Check permission of Questgroups // Check permission of Questgroups
if($i >= 1) if($i >= 1 && count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
{ {
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id'])) if(!$this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id']))
{ {

18
views/html/quests/quest.tpl
View file

@ -55,21 +55,21 @@
<section> <section>
<?php if(!is_null($task)) : ?> <?php if(!is_null($task)) : ?>
<h1 id="task"><?=_('Task')?></h1> <h1 id="task"><?=_('Task')?></h1>
<p><?=\hhu\z\Utils::t($quest['task'])?></p> <p><?=$t->t($quest['task'])?></p>
<?=$task?> <?=$task?>
<?php endif ?>
<?php if($solved && !is_null($task)) : ?> <?php if($solved) : ?>
<p><?=_('Task already successfully solved')?>:</p> <p><?=_('Task already successfully solved')?>:
<?php endif ?>
<ul> <ul>
<?php if(!is_null($task)) : ?>
<li><a href="<?=$linker->link(null,0,false,array('show-answer'=>'true'),true,'task')?>"><?=_('Show answer')?></a></li> <li><a href="<?=$linker->link(null,0,false,array('show-answer'=>'true'),true,'task')?>"><?=_('Show answer')?></a></li>
<li><a href="<?=$linker->link('Epilog',5)?>"><?=_('Skip Quest')?></a></l> <li><a href="<?=$linker->link('Epilog',5)?>"><?=_('Skip Quest')?></a></l>
<?php elseif(count($nextquests) == 0) : ?>
<li><a href="<?=$linker->link('Epilog',5)?>"><?=_('continue')?></a></l>
<?php endif ?>
</ul> </ul>
<?php endif ?>
<?php else : ?>
<?php if(count($nextquests) == 0) : ?>
<p><a href="<?=$linker->link('Epilog',5)?>"><?=_('continue')?></a></p>
<?php endif ?>
<?php endif ?>
</section> </section>
<?php endif ?> <?php endif ?>