Menu
▾
▴
[Sciret-svn] SF.net SVN: sciret: [521] branches/release-candidates/sciret-1.2
|
From: <lu...@us...> - 2007-08-22 20:18:57
|
Revision: 521
http://sciret.svn.sourceforge.net/sciret/?rev=521&view=rev
Author: lugo04
Date: 2007-08-22 13:18:52 -0700 (Wed, 22 Aug 2007)
Log Message:
-----------
add SF patch 1778378 from Trond
Modified Paths:
--------------
branches/release-candidates/sciret-1.2/CHANGELOG
branches/release-candidates/sciret-1.2/actions/DeleteArticle.php
branches/release-candidates/sciret-1.2/actions/SaveArticle.php
branches/release-candidates/sciret-1.2/actions/SavePreferences.php
branches/release-candidates/sciret-1.2/languages/English.txt
branches/release-candidates/sciret-1.2/models/Article.php
branches/release-candidates/sciret-1.2/setup/final.sql
branches/release-candidates/sciret-1.2/setup/upgrade_1.2.0.sql
branches/release-candidates/sciret-1.2/templates/EditPreferences.tpl
branches/release-candidates/sciret-1.2/views/EditPreferences.php
branches/release-candidates/sciret-1.2/views/ViewArticle.php
Modified: branches/release-candidates/sciret-1.2/CHANGELOG
===================================================================
--- branches/release-candidates/sciret-1.2/CHANGELOG 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/CHANGELOG 2007-08-22 20:18:52 UTC (rev 521)
@@ -1,3 +1,13 @@
+2007-08-22 Lucie Goga <lg...@th...>
+ * Add SF patch 1778378 from Trond Viggo Håpnes. This patch
+ Restrict the possibility to modify and delete articles.
+
+2007-08-20 Lucie Goga <lg...@th...>
+ * Update the English and German lang file.
+
+2007-08-19 Lucie Goga <lg...@th...>
+ * Update the English and German lang file.
+
2007-08-16 Reiner Jung <rj...@th...>
* Update the English and German lang file. Files are sorted now and
duplicates are removed
Modified: branches/release-candidates/sciret-1.2/actions/DeleteArticle.php
===================================================================
--- branches/release-candidates/sciret-1.2/actions/DeleteArticle.php 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/actions/DeleteArticle.php 2007-08-22 20:18:52 UTC (rev 521)
@@ -17,6 +17,15 @@
function dispatch() {
$artId = isset($_GET['id'])? (int)$_GET['id'] : 0;
+ if ($this->configuration->getConfigValue('restrictEditDelete')) {
+ $article = new Article($artId);
+
+ if ($article->getUserId() != $this->user->getId() && ($this->user->getRole() & ROLE_ADMIN) != ROLE_ADMIN) {
+ $_SESSION['message'] = $this->user->lang('Sorry, only the author or an admin can delete this article.');
+ Library::redirect(Library::getLink(array('view' => 'ViewArticle', 'id' => $artId)));
+ }
+ }
+
$articleGateway = new ArticleGateway;
$articleGateway->delete($artId);
Modified: branches/release-candidates/sciret-1.2/actions/SaveArticle.php
===================================================================
--- branches/release-candidates/sciret-1.2/actions/SaveArticle.php 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/actions/SaveArticle.php 2007-08-22 20:18:52 UTC (rev 521)
@@ -17,6 +17,15 @@
function dispatch() {
$articleId = isset($_POST['articleId'])? (int)$_POST['articleId'] : 0;
+ if ($articleId > 0 && $this->configuration->getConfigValue('restrictEditDelete')) {
+ $article = new Article($articleId);
+
+ if ($article->getUserId() != $this->user->getId() && ($this->user->getRole() & ROLE_ADMIN) != ROLE_ADMIN) {
+ $_SESSION['message'] = $this->user->lang('Sorry, only the author or an admin can modify this article.');
+ Library::redirect(Library::getLink(array('view' => 'ViewArticle', 'id' => $articleId)));
+ }
+ }
+
// validation
if ($_POST['title'] == '') {
$_SESSION['message'] = $this->user->lang('Article can\'t be saved without a title.');
Modified: branches/release-candidates/sciret-1.2/actions/SavePreferences.php
===================================================================
--- branches/release-candidates/sciret-1.2/actions/SavePreferences.php 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/actions/SavePreferences.php 2007-08-22 20:18:52 UTC (rev 521)
@@ -40,6 +40,7 @@
$this->configuration->setConfigValue('publishQuestionsAuto', $_POST['publishQuestionsAuto'] == '1'? '1' : '0');
$this->configuration->setConfigValue('internalByDefault', $_POST['internalByDefault'] == '1'? '1' : '0');
$this->configuration->setConfigValue('allowCommentsRatings', $_POST['allowCommentsRatings'] == '1'? '1' : '0');
+ $this->configuration->setConfigValue('restrictEditDelete', $_POST['restrictEditDelete'] == '1'? '1' : '0');
$this->configuration->setConfigValue('passwordExpirationDays', $_POST['passwordExpirationDays']);
$this->configuration->setConfigValue('mailTransport', $_POST['mailTransport'] == 'smtp' ? 'smtp' : 'sendmail');
$this->configuration->setConfigValue('mailFromName', $_POST['mailFromName']);
Modified: branches/release-candidates/sciret-1.2/languages/English.txt
===================================================================
--- branches/release-candidates/sciret-1.2/languages/English.txt 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/languages/English.txt 2007-08-22 20:18:52 UTC (rev 521)
@@ -402,6 +402,8 @@
Occurrences
+Only admin and author can modify an article
+
Only Articles
Only Bookmarks
@@ -542,6 +544,10 @@
SMTP user
+Sorry, only the author or an admin can delete this article.
+
+Sorry, only the author or an admin can modify this article.
+
Sorry, there was a problem trying to send the e-mail. Please try again later.
Sorry, this article is for internal use only.
Modified: branches/release-candidates/sciret-1.2/models/Article.php
===================================================================
--- branches/release-candidates/sciret-1.2/models/Article.php 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/models/Article.php 2007-08-22 20:18:52 UTC (rev 521)
@@ -239,6 +239,10 @@
$this->userId = (int)$id;
}
+ function getUserId() {
+ return $this->userId;
+ }
+
function getUser() {
return $this->user;
}
Modified: branches/release-candidates/sciret-1.2/setup/final.sql
===================================================================
--- branches/release-candidates/sciret-1.2/setup/final.sql 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/setup/final.sql 2007-08-22 20:18:52 UTC (rev 521)
@@ -69,6 +69,7 @@
('publishCommentsAuto', '1'),
('publishQuestionsAuto', '0'),
('internalByDefault', '0'),
+('restrictEditDelete', '0'),
('passwordExpirationDays', '60'),
('mailTransport', 'sendmail'),
('mailFromName', 'Sciret Knowledgebase'),
Modified: branches/release-candidates/sciret-1.2/setup/upgrade_1.2.0.sql
===================================================================
--- branches/release-candidates/sciret-1.2/setup/upgrade_1.2.0.sql 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/setup/upgrade_1.2.0.sql 2007-08-22 20:18:52 UTC (rev 521)
@@ -1,4 +1,4 @@
-INSERT INTO `configuration` (`field`, `value`) VALUES ('publishKB', '1'), ('internalByDefault', '0'), ('passwordExpirationDays', '60'), ('mailTransport', 'sendmail'), ('mailFromName', 'Sciret Knowledgebase'), ('mailFromMail', 'root@localhost'), ('smtpServer', ''), ('smtpUser', ''), ('smtpPassword', ''), ('smtpPort', '25'), ('allowCommentsRatings', '1');
+INSERT INTO `configuration` (`field`, `value`) VALUES ('publishKB', '1'), ('internalByDefault', '0'), ('passwordExpirationDays', '60'), ('mailTransport', 'sendmail'), ('mailFromName', 'Sciret Knowledgebase'), ('mailFromMail', 'root@localhost'), ('smtpServer', ''), ('smtpUser', ''), ('smtpPassword', ''), ('smtpPort', '25'), ('allowCommentsRatings', '1'), ('restrictEditDelete', '0');
ALTER TABLE `articles` ADD `internal` tinyint(4) NOT NULL default '0';
Modified: branches/release-candidates/sciret-1.2/templates/EditPreferences.tpl
===================================================================
--- branches/release-candidates/sciret-1.2/templates/EditPreferences.tpl 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/templates/EditPreferences.tpl 2007-08-22 20:18:52 UTC (rev 521)
@@ -128,26 +128,34 @@
</select>
</td>
</tr>
-
<tr class="row_on">
+ <td style="text-align:right; font-weight:bold">[l]Only admin and author can modify an article[/l]:</td>
+ <td>
+ <select name="restrictEditDelete">
+ <option value="1" {restrictEditDelete_yes_selected}>[l]Yes[/l]</option>
+ <option value="0" {restrictEditDelete_no_selected}>[l]No[/l]</option>
+ </select>
+ </td>
+ </tr>
+ <tr class="row_off">
<td style="text-align:right; font-weight:bold">[l]Days before password expires[/l]:</td>
<td>
<input type="text" name="passwordExpirationDays" value="{passwordExpirationDays}" size="2" />
</td>
</tr>
- <tr class="row_off">
+ <tr class="row_on">
<td style="text-align:right; font-weight:bold">[l]Send mail from (name)[/l]:</td>
<td>
<input type="text" name="mailFromName" value="{mailFromName}"/>
</td>
</tr>
- <tr class="row_on">
+ <tr class="row_off">
<td style="text-align:right; font-weight:bold">[l]Send mail from (email)[/l]:</td>
<td>
<input type="text" name="mailFromMail" value="{mailFromMail}"/>
</td>
</tr>
- <tr class="row_off">
+ <tr class="row_on">
<td style="text-align:right; font-weight:bold">[l]Send mail using[/l]:</td>
<td>
<select name="mailTransport" onchange="javascript:toggleSMTPSettings(value);">
@@ -156,7 +164,7 @@
</select>
</td>
</tr>
- <tr class="row_on" id="smtp_options" {showSMTPOptions}>
+ <tr class="row_off" id="smtp_options" {showSMTPOptions}>
<td colspan="2">
<p style="text-align:center; font-weight:bold">[l]SMTP settings[/l]:</p>
<ul>
Modified: branches/release-candidates/sciret-1.2/views/EditPreferences.php
===================================================================
--- branches/release-candidates/sciret-1.2/views/EditPreferences.php 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/views/EditPreferences.php 2007-08-22 20:18:52 UTC (rev 521)
@@ -49,6 +49,8 @@
'internalByDefault_no_selected' => $this->configuration->getConfigValue('internalByDefault') == '0'? 'selected="true" ': '',
'allowCommentsRatings_yes_selected' => $this->configuration->getConfigValue('allowCommentsRatings') == '1'? 'selected="true" ': '',
'allowCommentsRatings_no_selected' => $this->configuration->getConfigValue('allowCommentsRatings') == '0'? 'selected="true" ': '',
+ 'restrictEditDelete_yes_selected' => $this->configuration->getConfigValue('restrictEditDelete') == '1'? 'selected="true" ': '',
+ 'restrictEditDelete_no_selected' => $this->configuration->getConfigValue('restrictEditDelete') == '0'? 'selected="true" ': '',
'passwordExpirationDays' => $this->configuration->getConfigValue('passwordExpirationDays'),
'mailFromName' => $this->configuration->getConfigValue('mailFromName'),
'mailFromMail' => $this->configuration->getConfigValue('mailFromMail'),
Modified: branches/release-candidates/sciret-1.2/views/ViewArticle.php
===================================================================
--- branches/release-candidates/sciret-1.2/views/ViewArticle.php 2007-08-20 22:50:39 UTC (rev 520)
+++ branches/release-candidates/sciret-1.2/views/ViewArticle.php 2007-08-22 20:18:52 UTC (rev 521)
@@ -49,10 +49,8 @@
$this->tpl->set_block('view_article', 'mailArticle_block', 'mailArticle');
// *** COMMENTS ****
- $config = $this->configuration;
- $allowCommentsRatings = $config->getConfigValue('allowCommentsRatings');
- if ($allowCommentsRatings) {
+ if ($this->configuration->getConfigValue('allowCommentsRatings')) {
$viewComments = new ViewComments($this->user, $this->configuration);
$viewComments->setArticle($article);
$viewComments->setTemplate($this->tpl);
@@ -190,7 +188,19 @@
$this->tpl->set_var('expDate', $this->user->formatDate($article->getExpDate()));
}
- if (!$this->user->isAnonymous()) {
+ $showEditDelete = false;
+
+ if ($this->configuration->getConfigValue('restrictEditDelete')) {
+ if ($article->getUserId() == $this->user->getId() || ($this->user->getRole() & ROLE_ADMIN) == ROLE_ADMIN) {
+ $showEditDelete = true;
+ }
+ } else {
+ if (!$this->user->isAnonymous()) {
+ $showEditDelete = true;
+ }
+ }
+
+ if ($showEditDelete) {
$this->tpl->parse('edit_del', 'edit_del_block');
if (!$article->isPublished()) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
