mirror of
https://github.com/joomla-extensions/weblinks.git
synced 2024-11-10 15:20:57 +00:00
Various code cleanup + permissions check improvement
This commit is contained in:
Tuan Pham Ngoc
parent
4274af68e3
commit
047cee28aa
@ -113,7 +113,7 @@ class WeblinkTable extends Table implements VersionableTableInterface, TaggableT
|
|||||||
// Verify that the alias is unique
|
// Verify that the alias is unique
|
||||||
$table = new WeblinkTable($this->getDbo());
|
$table = new WeblinkTable($this->getDbo());
|
||||||
|
|
||||||
if ($table->load(array('language' => $this->language, 'alias' => $this->alias, 'catid' => (int)$this->catid))
|
if ($table->load(array('language' => $this->language, 'alias' => $this->alias, 'catid' => (int) $this->catid))
|
||||||
&& ($table->id != $this->id || $this->id == 0))
|
&& ($table->id != $this->id || $this->id == 0))
|
||||||
{
|
{
|
||||||
$this->setError(Text::_('COM_WEBLINKS_ERROR_UNIQUE_ALIAS'));
|
$this->setError(Text::_('COM_WEBLINKS_ERROR_UNIQUE_ALIAS'));
|
||||||
|
|||||||
@ -28,9 +28,9 @@ use Joomla\CMS\Toolbar\ToolbarHelper;
|
|||||||
class HtmlView extends BaseHtmlView
|
class HtmlView extends BaseHtmlView
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* The \JForm object
|
* The Form object
|
||||||
*
|
*
|
||||||
* @var \JForm
|
* @var \Joomla\CMS\Form\Form
|
||||||
*/
|
*/
|
||||||
protected $form;
|
protected $form;
|
||||||
|
|
||||||
@ -44,7 +44,7 @@ class HtmlView extends BaseHtmlView
|
|||||||
/**
|
/**
|
||||||
* The model state
|
* The model state
|
||||||
*
|
*
|
||||||
* @var \JObject
|
* @var \Joomla\CMS\Object\CMSObject
|
||||||
*/
|
*/
|
||||||
protected $state;
|
protected $state;
|
||||||
|
|
||||||
|
|||||||
@ -36,21 +36,21 @@ class HtmlView extends BaseHtmlView
|
|||||||
/**
|
/**
|
||||||
* The pagination object
|
* The pagination object
|
||||||
*
|
*
|
||||||
* @var \JPagination
|
* @var \Joomla\CMS\Pagination\Pagination
|
||||||
*/
|
*/
|
||||||
protected $pagination;
|
protected $pagination;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The model state
|
* The model state
|
||||||
*
|
*
|
||||||
* @var \JObject
|
* @var \Joomla\CMS\Object\CMSObject
|
||||||
*/
|
*/
|
||||||
protected $state;
|
protected $state;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Form object for search filters
|
* Form object for search filters
|
||||||
*
|
*
|
||||||
* @var \JForm
|
* @var \Joomla\CMS\Form\Form
|
||||||
*/
|
*/
|
||||||
public $filterForm;
|
public $filterForm;
|
||||||
|
|
||||||
|
|||||||
@ -79,7 +79,6 @@ class WeblinkController extends FormController
|
|||||||
protected function allowAdd($data = array())
|
protected function allowAdd($data = array())
|
||||||
{
|
{
|
||||||
$categoryId = ArrayHelper::getValue($data, 'catid', $this->input->getInt('id'), 'int');
|
$categoryId = ArrayHelper::getValue($data, 'catid', $this->input->getInt('id'), 'int');
|
||||||
$allow = null;
|
|
||||||
|
|
||||||
if ($categoryId)
|
if ($categoryId)
|
||||||
{
|
{
|
||||||
@ -104,17 +103,33 @@ class WeblinkController extends FormController
|
|||||||
protected function allowEdit($data = array(), $key = 'id')
|
protected function allowEdit($data = array(), $key = 'id')
|
||||||
{
|
{
|
||||||
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
|
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
|
||||||
$categoryId = 0;
|
|
||||||
|
|
||||||
if ($recordId)
|
if (!$recordId)
|
||||||
{
|
{
|
||||||
$categoryId = (int) $this->getModel()->getItem($recordId)->catid;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$record = $this->getModel()->getItem($recordId);
|
||||||
|
$categoryId = (int) $record->catid;
|
||||||
|
|
||||||
if ($categoryId)
|
if ($categoryId)
|
||||||
{
|
{
|
||||||
// The category has been set. Check the category permissions.
|
// The category has been set. Check the category permissions.
|
||||||
return $this->app->getIdentity()->authorise('core.edit', $this->option . '.category.' . $categoryId);
|
$user = $this->app->getIdentity();
|
||||||
|
|
||||||
|
// First, check edit permission
|
||||||
|
if ($user->authorise('core.edit', $this->option . '.category.' . $categoryId))
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Fallback on edit.own
|
||||||
|
if ($user->authorise('core.edit.own', $this->option . '.category.' . $categoryId) && $record->created_by == $user->id)
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Since there is no asset tracking, revert to the component permissions.
|
// Since there is no asset tracking, revert to the component permissions.
|
||||||
@ -307,7 +322,6 @@ class WeblinkController extends FormController
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Redirect to the URL
|
// Redirect to the URL
|
||||||
// @todo: Probably should check for a valid http link
|
|
||||||
if ($link->url)
|
if ($link->url)
|
||||||
{
|
{
|
||||||
$modelLink->hit($id);
|
$modelLink->hit($id);
|
||||||
|
|||||||
@ -103,9 +103,7 @@ class CategoryModel extends ListModel
|
|||||||
{
|
{
|
||||||
if (!isset($this->_params))
|
if (!isset($this->_params))
|
||||||
{
|
{
|
||||||
$params = new Registry;
|
$item->params = new Registry($item->params);
|
||||||
$params->loadString($item->params);
|
|
||||||
$item->params = $params;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get the tags
|
// Get the tags
|
||||||
|
|||||||
@ -26,6 +26,14 @@ use Joomla\Registry\Registry;
|
|||||||
*/
|
*/
|
||||||
class WeblinkModel extends ItemModel
|
class WeblinkModel extends ItemModel
|
||||||
{
|
{
|
||||||
|
/**
|
||||||
|
* Store loaded weblink items
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
* @since 1.6
|
||||||
|
*/
|
||||||
|
protected $_item = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Model context string.
|
* Model context string.
|
||||||
*
|
*
|
||||||
|
|||||||
@ -72,7 +72,6 @@ class HtmlView extends CategoryView
|
|||||||
protected function prepareDocument()
|
protected function prepareDocument()
|
||||||
{
|
{
|
||||||
parent::prepareDocument();
|
parent::prepareDocument();
|
||||||
;
|
|
||||||
|
|
||||||
parent::addFeed();
|
parent::addFeed();
|
||||||
|
|
||||||
|
|||||||
@ -23,10 +23,10 @@ $params = &$this->category->params;
|
|||||||
// Get the user object.
|
// Get the user object.
|
||||||
$user = Factory::getApplication()->getIdentity();
|
$user = Factory::getApplication()->getIdentity();
|
||||||
|
|
||||||
// Check if user is allowed to add/edit based on weblinks permissinos.
|
// Check if user is allowed to add/edit based on weblinks permission.
|
||||||
$canEdit = $user->authorise('core.edit', 'com_weblinks.category.' . $this->category->id);
|
$canEdit = $user->authorise('core.edit', 'com_weblinks.category.' . $this->category->id);
|
||||||
$canCreate = $user->authorise('core.create', 'com_weblinks');
|
$canEditOwn = $user->authorise('core.edit.own', 'com_weblinks.category.' . $this->category->id);
|
||||||
$canEditState = $user->authorise('core.edit.state', 'com_weblinks');
|
$canCreate = $user->authorise('core.create', 'com_weblinks.category.' . $this->category->id);
|
||||||
|
|
||||||
$n = count($this->items);
|
$n = count($this->items);
|
||||||
$listOrder = $this->escape($this->state->get('list.ordering'));
|
$listOrder = $this->escape($this->state->get('list.ordering'));
|
||||||
@ -45,7 +45,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
|
|||||||
name="filter-search"
|
name="filter-search"
|
||||||
id="filter-search"
|
id="filter-search"
|
||||||
value="<?php echo $this->escape($this->state->get('list.filter')); ?>"
|
value="<?php echo $this->escape($this->state->get('list.filter')); ?>"
|
||||||
class="inputbox" onchange="document.adminForm.submit();"
|
onchange="document.adminForm.submit();"
|
||||||
placeholder="<?php echo Text::_('COM_WEBLINKS_FILTER_SEARCH_DESC'); ?>"
|
placeholder="<?php echo Text::_('COM_WEBLINKS_FILTER_SEARCH_DESC'); ?>"
|
||||||
>
|
>
|
||||||
<button type="submit" name="filter_submit" class="btn btn-primary"><?php echo Text::_('JGLOBAL_FILTER_BUTTON'); ?></button>
|
<button type="submit" name="filter_submit" class="btn btn-primary"><?php echo Text::_('JGLOBAL_FILTER_BUTTON'); ?></button>
|
||||||
@ -79,7 +79,7 @@ $listDirn = $this->escape($this->state->get('list.direction'));
|
|||||||
<li class="list-group mt-3">
|
<li class="list-group mt-3">
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
|
||||||
<?php if ($canEdit) : ?>
|
<?php if ($canEdit || ($canEditOwn && $item->created_by == $userId)) : ?>
|
||||||
<div class="icons list-group-item">
|
<div class="icons list-group-item">
|
||||||
<?php echo HTMLHelper::_('weblinkicon.edit', $item, $this->params); ?>
|
<?php echo HTMLHelper::_('weblinkicon.edit', $item, $this->params); ?>
|
||||||
</div>
|
</div>
|
||||||
@ -193,9 +193,9 @@ $listDirn = $this->escape($this->state->get('list.direction'));
|
|||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<?php if ($this->params->get('show_pagination')) : ?>
|
<?php if ($this->params->get('show_pagination')) : ?>
|
||||||
<div class="com-contact-category__counter w-100">
|
<div class="com-weblinks-category__counter w-100">
|
||||||
<?php if ($this->params->def('show_pagination_results', 1)) : ?>
|
<?php if ($this->params->def('show_pagination_results', 1)) : ?>
|
||||||
<p class="com-contact-category__counter counter float-end pt-3 pe-2">
|
<p class="com-weblinks-category__counter counter float-end pt-3 pe-2">
|
||||||
<?php echo $this->pagination->getPagesCounter(); ?>
|
<?php echo $this->pagination->getPagesCounter(); ?>
|
||||||
</p>
|
</p>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user