coderkun/questlab
1
0
Fork 0
Code Issues 15 Pull requests Projects Releases Wiki Activity

do not check Questgroup and Quest permissions for Seminary-admins and -moderators

Browse source
This commit is contained in:
coderkun 2014-04-18 18:34:53 +02:00
commit 8d9e0473a1
4 changed files with 56 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

15
controllers/QuestgroupsController.inc
View file

@ -71,10 +71,13 @@
$character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']); $character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']);
// Check permission // Check permission
$previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']); if(count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
if(!is_null($previousQuestgroup)) { {
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) { $previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']);
throw new \nre\exceptions\AccessDeniedException(); if(!is_null($previousQuestgroup)) {
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) {
throw new \nre\exceptions\AccessDeniedException();
}
} }
} }
@ -92,7 +95,7 @@
foreach($hierarchy['questgroups'] as $i => &$group) foreach($hierarchy['questgroups'] as $i => &$group)
{ {
// Check permission of Questgroups // Check permission of Questgroups
if($i >= 1) if($i >= 1 && count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
{ {
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id'])) if(!$this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id']))
{ {
@ -163,7 +166,7 @@
$quests[] = $currentQuest; $quests[] = $currentQuest;
} }
} }
while(!is_null($currentQuest) && $currentQuest['solved']); while(!is_null($currentQuest) && ($currentQuest['solved'] || count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) > 0));
} }

77
controllers/QuestsController.inc
View file

@ -147,46 +147,49 @@
$character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']); $character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']);
// Check permissions // Check permissions
$previousQuests = $this->Quests->getPreviousQuests($quest['id']); if(count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
if(count($previousQuests) == 0)
{ {
// Previous Questgroup $previousQuests = $this->Quests->getPreviousQuests($quest['id']);
$previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']); if(count($previousQuests) == 0)
if(!is_null($previousQuestgroup) && !$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) {
throw new \nre\exceptions\AccessDeniedException();
}
}
else
{
// Previous Quests
// One previous Quest has to be solved and no other
// following Quests of ones has to be tried
$solved = false;
$tried = false;
foreach($previousQuests as &$previousQuest)
{ {
// // Check previous Quest // Previous Questgroup
if($this->Quests->hasCharacterSolvedQuest($previousQuest['id'], $character['id'])) $previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']);
{ if(!is_null($previousQuestgroup) && !$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) {
$solved = true; throw new \nre\exceptions\AccessDeniedException();
// Check following Quests
$followingQuests = $this->Quests->getNextQuests($previousQuest['id']);
foreach($followingQuests as $followingQuest)
{
// Check following Quest
if($followingQuest['id'] != $quest['id'] && $this->Quests->hasCharacterTriedQuest($followingQuest['id'], $character['id']))
{
$tried = true;
break;
}
}
break;
} }
} }
if(!$solved || $tried) { else
throw new \nre\exceptions\AccessDeniedException(); {
// Previous Quests
// One previous Quest has to be solved and no other
// following Quests of ones has to be tried
$solved = false;
$tried = false;
foreach($previousQuests as &$previousQuest)
{
// // Check previous Quest
if($this->Quests->hasCharacterSolvedQuest($previousQuest['id'], $character['id']))
{
$solved = true;
// Check following Quests
$followingQuests = $this->Quests->getNextQuests($previousQuest['id']);
foreach($followingQuests as $followingQuest)
{
// Check following Quest
if($followingQuest['id'] != $quest['id'] && $this->Quests->hasCharacterTriedQuest($followingQuest['id'], $character['id']))
{
$tried = true;
break;
}
}
break;
}
}
if(!$solved || $tried) {
throw new \nre\exceptions\AccessDeniedException();
}
} }
} }
@ -270,7 +273,7 @@
$nextQuests = null; $nextQuests = null;
$charactedHasChoosenNextQuest = false; $charactedHasChoosenNextQuest = false;
$nextQuestgroup = null; $nextQuestgroup = null;
if($questtexttypeUrl == 'Epilog' || $this->Questtexts->getQuesttextCountOfQuest($quest['id'], 'Epilog') == 0) if($questtexttypeUrl == 'Epilog' || ($solved && $this->Questtexts->getQuesttextCountOfQuest($quest['id'], 'Epilog') == 0) || count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) > 0)
{ {
// Next Quest // Next Quest
$nextQuests = $this->Quests->getNextQuests($quest['id']); $nextQuests = $this->Quests->getNextQuests($quest['id']);

2
controllers/SeminariesController.inc
View file

@ -115,7 +115,7 @@
foreach($hierarchy['questgroups'] as $i => &$questgroup) foreach($hierarchy['questgroups'] as $i => &$questgroup)
{ {
// Check permission of Questgroups // Check permission of Questgroups
if($i >= 1) if($i >= 1 && count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
{ {
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id'])) if(!$this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id']))
{ {

22
views/html/quests/quest.tpl
View file

@ -55,21 +55,21 @@
<section> <section>
<?php if(!is_null($task)) : ?> <?php if(!is_null($task)) : ?>
<h1 id="task"><?=_('Task')?></h1> <h1 id="task"><?=_('Task')?></h1>
<p><?=\hhu\z\Utils::t($quest['task'])?></p> <p><?=$t->t($quest['task'])?></p>
<?=$task?> <?=$task?>
<?php endif ?>
<?php if($solved && !is_null($task)) : ?> <?php if($solved) : ?>
<p><?=_('Task already successfully solved')?>:</p> <p><?=_('Task already successfully solved')?>:
<?php endif ?>
<ul> <ul>
<?php if(!is_null($task)) : ?> <li><a href="<?=$linker->link(null,0,false,array('show-answer'=>'true'),true,'task')?>"><?=_('Show answer')?></a></li>
<li><a href="<?=$linker->link(null,0,false,array('show-answer'=>'true'),true,'task')?>"><?=_('Show answer')?></a></li> <li><a href="<?=$linker->link('Epilog',5)?>"><?=_('Skip Quest')?></a></l>
<li><a href="<?=$linker->link('Epilog',5)?>"><?=_('Skip Quest')?></a></l>
<?php elseif(count($nextquests) == 0) : ?>
<li><a href="<?=$linker->link('Epilog',5)?>"><?=_('continue')?></a></l>
<?php endif ?>
</ul> </ul>
<?php endif ?>
<?php else : ?>
<?php if(count($nextquests) == 0) : ?>
<p><a href="<?=$linker->link('Epilog',5)?>"><?=_('continue')?></a></p>
<?php endif ?>
<?php endif ?>
</section> </section>
<?php endif ?> <?php endif ?>