diff --git a/controllers/QuestgroupsController.inc b/controllers/QuestgroupsController.inc index 6b53ac7c..eee160f7 100644 --- a/controllers/QuestgroupsController.inc +++ b/controllers/QuestgroupsController.inc @@ -89,7 +89,25 @@ // Check permission if(count(array_intersect(array('admin','moderator'), SeminaryController::$character['characterroles'])) == 0) { - // Only check permissions if Character has not entered Quest before + // Check permission of previous parent Questgroups + $parentQuestgroup = $questgroup; + print_r($parentQuestgroup); + while(!is_null($parentQuestgroup['hierarchy']['parent_questgroup_id'])) + { + $parentQuestgroup = $this->Questgroups->getQuestgroupById($parentQuestgroup['hierarchy']['parent_questgroup_id']); + $parentQuestgroup['hierarchy'] = $this->Questgroupshierarchy->getHierarchyForQuestgroup($parentQuestgroup['id']); + try { + $previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($seminary['id'], $parentQuestgroup['id']); + if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) { + throw new \nre\exceptions\AccessDeniedException(); + } + } + catch(\nre\exceptions\IdNotFoundException $e) { + } + } + + // Check permission of previous Questgroup + // (only if Character has not entered Questgroup before) if(!$this->Questgroups->hasCharacterEnteredQuestgroup($questgroup['id'], $character['id'])) { $previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($seminary['id'], $questgroup['id']); diff --git a/controllers/QuestsController.inc b/controllers/QuestsController.inc index 4fd01982..e07d3bc7 100644 --- a/controllers/QuestsController.inc +++ b/controllers/QuestsController.inc @@ -180,16 +180,31 @@ // Check permissions if(count(array_intersect(array('admin','moderator'), SeminaryController::$character['characterroles'])) == 0) { - $previousQuests = $this->Quests->getPreviousQuests($quest['id']); - if(count($previousQuests) == 0) + // Previous Questgroup + $previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($seminary['id'], $questgroup['id']); + if(!is_null($previousQuestgroup) && !$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) { + throw new \nre\exceptions\AccessDeniedException(); + } + // Previous parents of previous Questgroup + $parentQuestgroup = $previousQuestgroup; + $parentQuestgroup['hierarchy'] = $this->Questgroupshierarchy->getHierarchyForQuestgroup($parentQuestgroup['id']); + while(!is_null($parentQuestgroup['hierarchy']['parent_questgroup_id'])) { - // Previous Questgroup - $previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($seminary['id'], $questgroup['id']); - if(!is_null($previousQuestgroup) && !$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) { - throw new \nre\exceptions\AccessDeniedException(); + $parentQuestgroup = $this->Questgroups->getQuestgroupById($parentQuestgroup['hierarchy']['parent_questgroup_id']); + $parentQuestgroup['hierarchy'] = $this->Questgroupshierarchy->getHierarchyForQuestgroup($parentQuestgroup['id']); + try { + $previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($seminary['id'], $parentQuestgroup['id']); + if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) { + throw new \nre\exceptions\AccessDeniedException(); + } + } + catch(\nre\exceptions\IdNotFoundException $e) { } } - else + + // Previous Quests + $previousQuests = $this->Quests->getPreviousQuests($quest['id']); + if(count($previousQuests) > 0) { // Previous Quests // One previous Quest has to be solved and no other