Merge pull request #255 from andrepereiradasilva/acl-edit-own
[com_weblinks] Make ACL core.edit.own work (PR for 11466)
This commit is contained in:
Robert Deutz
GitHub
commit
64a377e570
|
|
@ -60,21 +60,29 @@ class WeblinksControllerWeblink extends JControllerForm
|
|||
protected function allowEdit($data = array(), $key = 'id')
|
||||
{
|
||||
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
|
||||
$categoryId = 0;
|
||||
|
||||
if ($recordId)
|
||||
// Since there is no asset tracking, fallback to the component permissions.
|
||||
if (!$recordId)
|
||||
{
|
||||
$categoryId = (int) $this->getModel()->getItem($recordId)->catid;
|
||||
return parent::allowEdit($data, $key);
|
||||
}
|
||||
|
||||
if ($categoryId)
|
||||
// Get the item.
|
||||
$item = $this->getModel()->getItem($recordId);
|
||||
|
||||
// Since there is no item, return false.
|
||||
if (empty($item))
|
||||
{
|
||||
// The category has been set. Check the category permissions.
|
||||
return JFactory::getUser()->authorise('core.edit', $this->option . '.category.' . $categoryId);
|
||||
return false;
|
||||
}
|
||||
|
||||
// Since there is no asset tracking, revert to the component permissions.
|
||||
return parent::allowEdit($data, $key);
|
||||
$user = JFactory::getUser();
|
||||
|
||||
// Check if can edit own core.edit.own.
|
||||
$canEditOwn = $user->authorise('core.edit.own', $this->option . '.category.' . (int) $item->catid) && $item->created_by == $user->id;
|
||||
|
||||
// Check the category core.edit permissions.
|
||||
return $canEditOwn || $user->authorise('core.edit', $this->option . '.category.' . (int) $item->catid);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -132,7 +132,7 @@ class WeblinksModelWeblinks extends JModelList
|
|||
$query->select(
|
||||
$this->getState(
|
||||
'list.select',
|
||||
'a.id, a.title, a.alias, a.checked_out, a.checked_out_time, a.catid,' .
|
||||
'a.id, a.title, a.alias, a.checked_out, a.checked_out_time, a.catid, a.created_by, ' .
|
||||
'a.hits, a.state, a.access, a.ordering, a.language, a.publish_up, a.publish_down'
|
||||
)
|
||||
);
|
||||
|
|
|
|||
|
|
@ -86,7 +86,8 @@ if ($saveOrder)
|
|||
<?php $item->cat_link = JRoute::_('index.php?option=com_categories&extension=com_weblinks&task=edit&type=other&cid[]=' . $item->catid); ?>
|
||||
<?php $canCreate = $user->authorise('core.create', 'com_weblinks.category.' . $item->catid); ?>
|
||||
<?php $canEdit = $user->authorise('core.edit', 'com_weblinks.category.' . $item->catid); ?>
|
||||
<?php $canCheckin = $user->authorise('core.manage', 'com_checkin') || $item->checked_out == $user->get('id') || $item->checked_out == 0; ?>
|
||||
<?php $canCheckin = $user->authorise('core.manage', 'com_checkin') || $item->checked_out == $user->id || $item->checked_out == 0; ?>
|
||||
<?php $canEditOwn = $user->authorise('core.edit.own', 'com_weblinks.category.' . $item->catid) && $item->created_by == $user->id; ?>
|
||||
<?php $canChange = $user->authorise('core.edit.state', 'com_weblinks.category.' . $item->catid) && $canCheckin; ?>
|
||||
<tr class="row<?php echo $i % 2; ?>" sortable-group-id="<?php echo $item->catid; ?>">
|
||||
<td class="order nowrap center hidden-phone">
|
||||
|
|
@ -121,7 +122,7 @@ if ($saveOrder)
|
|||
<?php if ($item->checked_out) : ?>
|
||||
<?php echo JHtml::_('jgrid.checkedout', $i, $item->editor, $item->checked_out_time, 'weblinks.', $canCheckin); ?>
|
||||
<?php endif; ?>
|
||||
<?php if ($canEdit) : ?>
|
||||
<?php if ($canEdit || $canEditOwn) : ?>
|
||||
<a href="<?php echo JRoute::_('index.php?option=com_weblinks&task=weblink.edit&id=' . (int) $item->id); ?>">
|
||||
<?php echo $this->escape($item->title); ?></a>
|
||||
<?php else : ?>
|
||||
|
|
|
|||
|
|
@ -76,7 +76,7 @@ class WeblinksViewWeblinks extends JViewLegacy
|
|||
JToolbarHelper::addNew('weblink.add');
|
||||
}
|
||||
|
||||
if ($canDo->get('core.edit'))
|
||||
if ($canDo->get('core.edit') || $canDo->get('core.edit.own'))
|
||||
{
|
||||
JToolbarHelper::editList('weblink.edit');
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue