[pLog-svn] r4234 - in plog/trunk: class/plugin class/template/menu locale templates/admin

oscar at devel.lifetype.net oscar at devel.lifetype.net
Sat Nov 4 22:46:55 GMT 2006 

Author: oscar
Date: 2006-11-04 22:46:54 +0000 (Sat, 04 Nov 2006)
New Revision: 4234

Modified:
   plog/trunk/class/plugin/pluginbase.class.php
   plog/trunk/class/template/menu/menurenderer.class.php
   plog/trunk/locale/locale_en_UK.php
   plog/trunk/templates/admin/menus.xml
Log:
now the MenuRenderer class will also take into account the current user's permissions as well as the permissions required by a certain node to choose whether the menu entry/node can be displayed or not. The menus.xml file has also been modifed two new attributes: orPerms and andPerms, which are a comma-separated string containing the names of the permissions required to access the node.

The PluginBase::addMenuEntry() class has also been modified to take these two new parameters as an array.


Modified: plog/trunk/class/plugin/pluginbase.class.php
===================================================================
--- plog/trunk/class/plugin/pluginbase.class.php	2006-11-04 12:15:52 UTC (rev 4233)
+++ plog/trunk/class/plugin/pluginbase.class.php	2006-11-04 22:46:54 UTC (rev 4234)
@@ -224,13 +224,25 @@
          * @param id The identifier of the new option
          * @param url The url where this new option is pointing to
          * @param localeId
-         * @param blogOwner Whether this new option can only be used by blog owners
+         * @param orPerms An array with permissions that will be ORed to determine whether this entry
+         * can be shown to users or not.
+         * @param andPerms An array with permission that will be ANDed to determine whether this entry
+         * can be show to users or not.
          * @param siteAdmin Whether this new option can only be used by site admins		 
 		 * @see Menu::addEntry
 		 */
-		function addMenuEntry( $path, $id, $url, $localeId = null, $blogOwner = false, $siteAdmin = false )
+		function addMenuEntry( $path, 
+			                   $id, 
+			                   $url, 
+			                   $localeId = null, 
+			                   $orPerms = Array( "manage_plugins" ), 
+			                   $andPerms = Array( "manage_plugins" ), 
+			                   $siteAdmin = false )
 		{
 	        lt_include( PLOG_CLASS_PATH."class/template/menu/menu.class.php" );
+	
+			$orPermsString = implode( ",", $orPerms );
+			$andPermsString = implode( ",", $andPerms );
 
 			// get hold of the menu structure
 			$menu =& Menu::getMenu();
@@ -239,7 +251,8 @@
 			                            Array( 
 										    "url" => $url, 
 											"localeId" => $localeId,
-											"blogOwner" => (int)$blogOwner,
+											"orPerms" => $orPermsString,
+											"andPerms" => $andPermsString,
 											"siteAdmin" => (int)$siteAdmin ));
 			// add the entry and return the result
 			return $menu->addEntry( $path, $menuEntry );

Modified: plog/trunk/class/template/menu/menurenderer.class.php
===================================================================
--- plog/trunk/class/template/menu/menurenderer.class.php	2006-11-04 12:15:52 UTC (rev 4233)
+++ plog/trunk/class/template/menu/menurenderer.class.php	2006-11-04 22:46:54 UTC (rev 4234)
@@ -117,18 +117,47 @@
 		 * @param userInfo
 		 * @return true if the user can, false otherwise
 		 */
-		function userCanSee( $node, $userInfo )
+		function userCanSee( $node )
 		{
 			// check if the node is for admins and if the user is an admin
 			$nodeIsAdminOnly = $node->getAttribute( "siteAdmin" );
-			if( $nodeIsAdminOnly && !$userInfo->isSiteAdmin())
+			if( $nodeIsAdminOnly && !$this->_userInfo->isSiteAdmin())
 				return false;
-
-			// check if the node is only for blog owners or site admins and if the user is a blog owner
-			$nodeIsBlogOwnerOnly = $node->getAttribute( "blogOwner" );
-			if( $nodeIsBlogOwnerOnly && (( $this->_blogInfo->getOwner() != $userInfo->getId()) && 
-			                               $userInfo->isSiteAdmin() == false ))
+				
+			// if the user is the blog owner, then he can see
+			if( $this->_userInfo->getId() == $this->_blogInfo->getOwnerId())
+				return true;
+				
+			// get the AND permissions for the node but if there are no permissions assigned, then we can see
+			$nodeAndPerms = $node->getAttribute("andPerms");
+			if( $nodeAndPerms != "" ) {
+				// we can specify more than one permissions separated with a comma
+				$perms = explode( ",", $nodeAndPerms );
+				// and check if the current user has such permission in this blog
+				foreach( $perms as $perm ) {
+					$perm = trim( $perm );
+					if( !$this->_userInfo->hasPermissionByName( $perm, $this->_blogInfo->getId())) {
+						return false;
+					}
+				}
+			}
+			else {
+				// get the OR permissions for the node but if there are no permissions assigned, then we can see
+				$nodeOrPerms = $node->getAttribute("orPerms");
+				if( $nodeOrPerms == "" )
+					return true;
+				
+				// we can specify more than one permissions separated with a comma
+				$perms = explode( ",", $nodeOrPerms );
+				// and check if the current user has such permission in this blog
+				foreach( $perms as $perm ) {
+					$perm = trim( $perm );		
+					if( $this->_userInfo->hasPermissionByName( $perm, $this->_blogInfo->getId()))
+						return true;
+				}
+				
 				return false;
+			}			
 
 			// if none of the above is true, then the user does not have enough permissions!
 			return true;
@@ -145,7 +174,7 @@
             foreach( $node->children as $child ) {
                 if( $child->name != "" ) {
 					// check whether the user has the right permissions to see this
-					if( $this->userCanSee( $child, $this->_userInfo )) {
+					if( $this->userCanSee( $child )) {
 						$url = $child->getAttribute( "url" );
 						$localeId = $this->getLocaleId( $child );
 						$cssClass = "Level_".$depth;
@@ -175,7 +204,7 @@
             foreach( $node->children as $child ) {
                 if( $child->name != "" ) {
 					// check whether the user has the right permissions to see this
-					if( $this->userCanSee( $child, $this->_userInfo )) {
+					if( $this->userCanSee( $child )) {
 		            	if( $start == 0 ) {
 		            		$result .= "[";
 		            		$start = 1;

Modified: plog/trunk/locale/locale_en_UK.php
===================================================================
--- plog/trunk/locale/locale_en_UK.php	2006-11-04 12:15:52 UTC (rev 4233)
+++ plog/trunk/locale/locale_en_UK.php	2006-11-04 22:46:54 UTC (rev 4234)
@@ -1167,4 +1167,10 @@
 $messages['global_plugin_settings_saved_ok'] = 'Global plugin settings saved successfully';
 $messages['error_updating_global_plugin_settings'] = 'There was an error saving the the global plugin settings';
 $messages['error_incorrect_value'] = 'The value is not correct';
+$messages['parameter'] = 'Parameter';
+$messages['value'] = 'Value';
+$messages['override'] = 'Override';
+$messages['editCustomField'] = 'Edit Custom Field';
+$messages['view_blog_stats_desc'] = 'View the blog statistics';
+$messages['manage_plugins_desc'] = 'Manage blog plugins';
 ?>
\ No newline at end of file

Modified: plog/trunk/templates/admin/menus.xml
===================================================================
--- plog/trunk/templates/admin/menus.xml	2006-11-04 12:15:52 UTC (rev 4233)
+++ plog/trunk/templates/admin/menus.xml	2006-11-04 22:46:54 UTC (rev 4234)
@@ -1,44 +1,44 @@
 <menu url="?op=Dashboard" localeId="dashboard"> 
 	<Manage url="?op=Manage">
-	    <managePosts ignoreBreadCrumbs="1">
-	       <newPost url="?op=newPost" />		
-	       <editPosts url="?op=editPosts"/>
-	       <editArticleCategories url="?op=editArticleCategories" />
-	       <newArticleCategory url="?op=newArticleCategory" />
-	       <editComments url="?op=editComments" />
-	       <editTrackbacks url="?op=editTrackbacks" />		   
+	    <managePosts ignoreBreadCrumbs="1" orPerms="add_post,view_posts,add_category,view_categories,view_comments,view_trackbacks">
+	       <newPost url="?op=newPost" andPerms="add_post" />	
+	       <editPosts url="?op=editPosts" andPerms="videw_posts" />
+	       <newArticleCategory url="?op=newArticleCategory" andPerms="add_category" />	
+	       <editArticleCategories url="?op=editArticleCategories" andPerms="view_categories" />
+	       <editComments url="?op=editComments" andPerms="view_comments" />
+	       <editTrackbacks url="?op=editTrackbacks" andPerms="view_trackbacks" />
  		</managePosts>
- 		<manageLinks ignoreBreadCrumbs="1">
-			 <newLink url="?op=newLink" /> 		
- 		     <editLinks url="?op=editLinks" /> 
-			 <newLinkCategory url="?op=newLinkCategory" /> 		     
-			 <editLinkCategories url="?op=editLinkCategories" />
+ 		<manageLinks ignoreBreadCrumbs="1" orPerms="add_link,view_links,add_link_category,view_link_categories">
+			 <newLink url="?op=newLink" andPerms="add_link" /> 		
+ 		     <editLinks url="?op=editLinks" andPerms="view_links" /> 
+			 <newLinkCategory url="?op=newLinkCategory" andPerms="add_link_category" /> 		     
+			 <editLinkCategories url="?op=editLinkCategories" andPerms="view_link_categories" />
         </manageLinks>
-		<manageCustomFields ignoreBreadCrumbs="1">
-  		  <newCustomField url="?op=newCustomField"  />		
-		  <blogCustomFields url="?op=blogCustomFields" />		
+		<manageCustomFields ignoreBreadCrumbs="1" orPerms="add_custom_field,view_custom_fields">
+  		  <newCustomField url="?op=newCustomField" andPerms="add_custom_field" />
+		  <blogCustomFields url="?op=blogCustomFields" andPerms="view_custom_fields" />
 		</manageCustomFields>
 	</Manage>
 	<ResourcesGroup url="?op=resourcesGroup" localeId="resourceCenter">
-	  <resourceCenter ignoreBreadCrumbs="1">
-	  	<newResource url="?op=newResource" />	
-	  	<newResourceAlbum url="?op=newResourceAlbum" />
-	  	<resources url="?op=resources" />
+	  <resourceCenter ignoreBreadCrumbs="1" orPerms="add_resource,add_album,view_resources">
+	  	<newResource url="?op=newResource" andPerms="add_resource" />	
+	  	<newResourceAlbum url="?op=newResourceAlbum" andPerms="add_album" />
+	  	<resources url="?op=resources" andPerms="view_resources" />
 	  </resourceCenter> 
 	</ResourcesGroup>  
 	<controlCenter url="?op=controlCenter">
 	    <manageSettings ignoreBreadCrumbs="1"> 
-  		  <blogSettings url="?op=blogSettings"  />	
-		  <userSettings url="?op=userSettings"  />
-		  <Stats url="?op=Stats"  />
+  		  <blogSettings url="?op=blogSettings" andPerms="update_blog" />	
+		  <userSettings url="?op=userSettings" />
+		  <Stats url="?op=Stats" andPerms="view_blog_statistics" />
 		</manageSettings> 
-		<manageBlogUsers ignoreBreadCrumbs="1" > 
-		  <newBlogUser url="?op=newBlogUser"  />
-		  <showBlogUsers url="?op=showBlogUsers"  />
+		<manageBlogUsers ignoreBreadCrumbs="1" orPerms="add_blog_user,view_blog_users"> 
+		  <newBlogUser url="?op=newBlogUser" andPerms="add_blog_user" />
+		  <showBlogUsers url="?op=showBlogUsers" andPerms="view_blog_users" />
 		 </manageBlogUsers>
-		 <manageBlogTemplates ignoreBreadCrumbs="1" > 
-		  <newBlogTemplate url="?op=newBlogTemplate"  />
-		  <blogTemplates url="?op=blogTemplates"  />
+		 <manageBlogTemplates ignoreBreadCrumbs="1" orPerms="add_blog_template,view_blog_template"> 
+		  <newBlogTemplate url="?op=newBlogTemplate" andPerms="add_blog_template" />
+		  <blogTemplates url="?op=blogTemplates" andPerms="view_blog_template" />
 		 </manageBlogTemplates> 
 	</controlCenter>
 	<adminSettings url="?op=adminSettings" siteAdmin="1">

More information about the pLog-svn mailing list