[pLog-svn] r4399 - in plog/trunk: class/action/admin install locale templates/admin

oscar at devel.lifetype.net oscar at devel.lifetype.net
Mon Dec 18 23:06:03 GMT 2006


Author: oscar
Date: 2006-12-18 23:06:03 +0000 (Mon, 18 Dec 2006)
New Revision: 4399

Modified:
   plog/trunk/class/action/admin/admindeletereferreraction.class.php
   plog/trunk/install/corepermissions.properties.php
   plog/trunk/locale/locale_en_UK.php
   plog/trunk/templates/admin/statistics.template
Log:
the 'statistics' screen did not have any kind of permission checks


Modified: plog/trunk/class/action/admin/admindeletereferreraction.class.php
===================================================================
--- plog/trunk/class/action/admin/admindeletereferreraction.class.php	2006-12-18 22:55:57 UTC (rev 4398)
+++ plog/trunk/class/action/admin/admindeletereferreraction.class.php	2006-12-18 23:06:03 UTC (rev 4399)
@@ -38,6 +38,8 @@
 			$view = new AdminReferrersView( $this->_blogInfo );
 			$view->setErrorMessage( $this->_locale->tr("error_no_items_selected" ));
 			$this->setValidationErrorView( $view );
+			
+			$this->requirePermission( "update_blog_stats" );
         }
 		
 		function perform()

Modified: plog/trunk/install/corepermissions.properties.php
===================================================================
--- plog/trunk/install/corepermissions.properties.php	2006-12-18 22:55:57 UTC (rev 4398)
+++ plog/trunk/install/corepermissions.properties.php	2006-12-18 23:06:03 UTC (rev 4399)
@@ -48,6 +48,7 @@
 	Array( "update_blog_template", "update_blog_template_desc", true, false ),
 	Array( "view_blog_templates", "view_blog_templates_desc", true, false ),
 	Array( "view_blog_stats", "view_blog_stats_desc", true, false ),
+	Array( "update_blog_stats", "update_blog_stats_desc", true, false ),
 	Array( "view_all_user_articles", "view_all_user_articles_desc", true, false ),
 	Array( "update_all_user_articles", "update_all_user_articles_desc", true, false ),
 	Array( "manage_plugins", "manage_plugins_desc", true, false ),

Modified: plog/trunk/locale/locale_en_UK.php
===================================================================
--- plog/trunk/locale/locale_en_UK.php	2006-12-18 22:55:57 UTC (rev 4398)
+++ plog/trunk/locale/locale_en_UK.php	2006-12-18 23:06:03 UTC (rev 4399)
@@ -1170,6 +1170,7 @@
 $messages['view_site_blogs_desc'] = 'User can view the site blogs';
 $messages['view_templates_desc'] = 'User can view the templates';
 $messages['view_users_desc'] = 'User can view the users';
+$messages['update_blog_stats_desc'] = 'User can delete referrers';
 
 $messages['summary_welcome_msg'] = 'Welcome, %s!';
 $messages['summary_go_to_admin'] = 'Go to admin interface';

Modified: plog/trunk/templates/admin/statistics.template
===================================================================
--- plog/trunk/templates/admin/statistics.template	2006-12-18 22:55:57 UTC (rev 4398)
+++ plog/trunk/templates/admin/statistics.template	2006-12-18 23:06:03 UTC (rev 4399)
@@ -32,7 +32,9 @@
                         </td>                        
                         <td>
                             <div class="list_action_button">
+							 {check_perms perm=update_blog_stats}
                              <a href="?op=deleteReferrer&amp;referrerId={$referrer->getId()}"><img src="imgs/admin/icon_delete-16.png" alt="{$locale->tr("delete_trackback")}" /></a>
+							 {/check_perms}
                             </div>
                         </td>
                     </tr>
@@ -42,8 +44,10 @@
         </div>
         <div id="list_action_bar">
 			{adminpager style="list"}
+			{check_perms perm=update_blog_stats}
             <input type="submit" name="delete" value="{$locale->tr("delete")}" class="submit" />
             <input type="hidden" name="op" value="deleteReferrers" />
+            {/check_perms} 
         </div>		
 	</form>
 {include file="$admintemplatepath/footernavigation.template"}



More information about the pLog-svn mailing list