joomla/weblinks
30
1
Fork 0
mirror of https://github.com/joomla-extensions/weblinks.git synced 2024-09-21 01:29:05 +00:00
Code Issues Releases Activity

Various code cleanup + permissions check improvement

Browse Source
This commit is contained in:
Tuan Pham Ngoc 2021-08-15 12:49:55 +07:00
parent 4274af68e3
commit 047cee28aa
8 changed files with 45 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/administrator/components/com_weblinks/src/View/Weblink/HtmlView.php
View File

@ -28,9 +28,9 @@ use Joomla\CMS\Toolbar\ToolbarHelper;
class HtmlView extends BaseHtmlView class HtmlView extends BaseHtmlView
{ {
/** /**
* The \JForm object * The Form object
* *
* @var \JForm * @var \Joomla\CMS\Form\Form
*/ */
protected $form; protected $form;
@ -44,7 +44,7 @@ class HtmlView extends BaseHtmlView
/** /**
* The model state * The model state
* *
* @var \JObject * @var \Joomla\CMS\Object\CMSObject
*/ */
protected $state; protected $state;

6
src/administrator/components/com_weblinks/src/View/Weblinks/HtmlView.php
View File

@ -36,21 +36,21 @@ class HtmlView extends BaseHtmlView
/** /**
* The pagination object * The pagination object
* *
* @var \JPagination * @var \Joomla\CMS\Pagination\Pagination
*/ */
protected $pagination; protected $pagination;
/** /**
* The model state * The model state
* *
* @var \JObject * @var \Joomla\CMS\Object\CMSObject
*/ */
protected $state; protected $state;
/** /**
* Form object for search filters * Form object for search filters
* *
* @var \JForm * @var \Joomla\CMS\Form\Form
*/ */
public $filterForm; public $filterForm;

26
src/components/com_weblinks/src/Controller/WeblinkController.php
View File

@ -79,7 +79,6 @@ class WeblinkController extends FormController
protected function allowAdd($data = array()) protected function allowAdd($data = array())
{ {
$categoryId = ArrayHelper::getValue($data, 'catid', $this->input->getInt('id'), 'int'); $categoryId = ArrayHelper::getValue($data, 'catid', $this->input->getInt('id'), 'int');
$allow = null;
if ($categoryId) if ($categoryId)
{ {
@ -104,17 +103,33 @@ class WeblinkController extends FormController
protected function allowEdit($data = array(), $key = 'id') protected function allowEdit($data = array(), $key = 'id')
{ {
$recordId = (int) isset($data[$key]) ? $data[$key] : 0; $recordId = (int) isset($data[$key]) ? $data[$key] : 0;
$categoryId = 0;
if ($recordId) if (!$recordId)
{ {
$categoryId = (int) $this->getModel()->getItem($recordId)->catid; return false;
} }
$record = $this->getModel()->getItem($recordId);
$categoryId = (int) $record->catid;
if ($categoryId) if ($categoryId)
{ {
// The category has been set. Check the category permissions. // The category has been set. Check the category permissions.
return $this->app->getIdentity()->authorise('core.edit', $this->option . '.category.' . $categoryId); $user = $this->app->getIdentity();
// First, check edit permission
if ($user->authorise('core.edit', $this->option . '.category.' . $categoryId))
{
return true;
}
// Fallback on edit.own
if ($user->authorise('core.edit.own', $this->option . '.category.' . $categoryId) && $record->created_by == $user->id)
{
return true;
}
return false;
} }
// Since there is no asset tracking, revert to the component permissions. // Since there is no asset tracking, revert to the component permissions.
@ -307,7 +322,6 @@ class WeblinkController extends FormController
} }
// Redirect to the URL // Redirect to the URL
// @todo: Probably should check for a valid http link
if ($link->url) if ($link->url)
{ {
$modelLink->hit($id); $modelLink->hit($id);

4
src/components/com_weblinks/src/Model/CategoryModel.php
View File

@ -103,9 +103,7 @@ class CategoryModel extends ListModel
{ {
if (!isset($this->_params)) if (!isset($this->_params))
{ {
$params = new Registry; $item->params = new Registry($item->params);
$params->loadString($item->params);
$item->params = $params;
} }
// Get the tags // Get the tags

8
src/components/com_weblinks/src/Model/WeblinkModel.php
View File

@ -26,6 +26,14 @@ use Joomla\Registry\Registry;
*/ */
class WeblinkModel extends ItemModel class WeblinkModel extends ItemModel
{ {
/**
* Store loaded weblink items
*
* @var array
* @since 1.6
*/
protected $_item = null;
/** /**
* Model context string. * Model context string.
* *

1
src/components/com_weblinks/src/View/Category/HtmlView.php
View File

@ -72,7 +72,6 @@ class HtmlView extends CategoryView
protected function prepareDocument() protected function prepareDocument()
{ {
parent::prepareDocument(); parent::prepareDocument();
;
parent::addFeed(); parent::addFeed();

14
src/components/com_weblinks/tmpl/category/default_items.php
View File

@ -23,10 +23,10 @@ $params = &$this->category->params;
// Get the user object. // Get the user object.
$user = Factory::getApplication()->getIdentity(); $user = Factory::getApplication()->getIdentity();
// Check if user is allowed to add/edit based on weblinks permissinos. // Check if user is allowed to add/edit based on weblinks permission.
$canEdit = $user->authorise('core.edit', 'com_weblinks.category.' . $this->category->id); $canEdit = $user->authorise('core.edit', 'com_weblinks.category.' . $this->category->id);
$canCreate = $user->authorise('core.create', 'com_weblinks'); $canEditOwn = $user->authorise('core.edit.own', 'com_weblinks.category.' . $this->category->id);
$canEditState = $user->authorise('core.edit.state', 'com_weblinks'); $canCreate = $user->authorise('core.create', 'com_weblinks.category.' . $this->category->id);
$n = count($this->items); $n = count($this->items);
$listOrder = $this->escape($this->state->get('list.ordering')); $listOrder = $this->escape($this->state->get('list.ordering'));
@ -45,7 +45,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
name="filter-search" name="filter-search"
id="filter-search" id="filter-search"
value="<?php echo $this->escape($this->state->get('list.filter')); ?>" value="<?php echo $this->escape($this->state->get('list.filter')); ?>"
class="inputbox" onchange="document.adminForm.submit();" onchange="document.adminForm.submit();"
placeholder="<?php echo Text::_('COM_WEBLINKS_FILTER_SEARCH_DESC'); ?>" placeholder="<?php echo Text::_('COM_WEBLINKS_FILTER_SEARCH_DESC'); ?>"
> >
<button type="submit" name="filter_submit" class="btn btn-primary"><?php echo Text::_('JGLOBAL_FILTER_BUTTON'); ?></button> <button type="submit" name="filter_submit" class="btn btn-primary"><?php echo Text::_('JGLOBAL_FILTER_BUTTON'); ?></button>
@ -79,7 +79,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
<li class="list-group mt-3"> <li class="list-group mt-3">
<?php endif; ?> <?php endif; ?>
<?php if ($canEdit) : ?> <?php if ($canEdit || ($canEditOwn && $item->created_by == $userId)) : ?>
<div class="icons list-group-item"> <div class="icons list-group-item">
<?php echo HTMLHelper::_('weblinkicon.edit', $item, $this->params); ?> <?php echo HTMLHelper::_('weblinkicon.edit', $item, $this->params); ?>
</div> </div>
@ -193,9 +193,9 @@ $listDirn = $this->escape($this->state->get('list.direction'));
</ul> </ul>
<?php if ($this->params->get('show_pagination')) : ?> <?php if ($this->params->get('show_pagination')) : ?>
<div class="com-contact-category__counter w-100"> <div class="com-weblinks-category__counter w-100">
<?php if ($this->params->def('show_pagination_results', 1)) : ?> <?php if ($this->params->def('show_pagination_results', 1)) : ?>
<p class="com-contact-category__counter counter float-end pt-3 pe-2"> <p class="com-weblinks-category__counter counter float-end pt-3 pe-2">
<?php echo $this->pagination->getPagesCounter(); ?> <?php echo $this->pagination->getPagesCounter(); ?>
</p> </p>
<?php endif; ?> <?php endif; ?>