[pLog-svn] r4234 - in plog/trunk: class/plugin class/template/menu
locale templates/admin
oscar at devel.lifetype.net
oscar at devel.lifetype.net
Sat Nov 4 22:46:55 GMT 2006
Author: oscar
Date: 2006-11-04 22:46:54 +0000 (Sat, 04 Nov 2006)
New Revision: 4234
Modified:
plog/trunk/class/plugin/pluginbase.class.php
plog/trunk/class/template/menu/menurenderer.class.php
plog/trunk/locale/locale_en_UK.php
plog/trunk/templates/admin/menus.xml
Log:
now the MenuRenderer class will also take into account the current user's permissions as well as the permissions required by a certain node to choose whether the menu entry/node can be displayed or not. The menus.xml file has also been modifed two new attributes: orPerms and andPerms, which are a comma-separated string containing the names of the permissions required to access the node.
The PluginBase::addMenuEntry() class has also been modified to take these two new parameters as an array.
Modified: plog/trunk/class/plugin/pluginbase.class.php
===================================================================
--- plog/trunk/class/plugin/pluginbase.class.php 2006-11-04 12:15:52 UTC (rev 4233)
+++ plog/trunk/class/plugin/pluginbase.class.php 2006-11-04 22:46:54 UTC (rev 4234)
@@ -224,13 +224,25 @@
* @param id The identifier of the new option
* @param url The url where this new option is pointing to
* @param localeId
- * @param blogOwner Whether this new option can only be used by blog owners
+ * @param orPerms An array with permissions that will be ORed to determine whether this entry
+ * can be shown to users or not.
+ * @param andPerms An array with permission that will be ANDed to determine whether this entry
+ * can be show to users or not.
* @param siteAdmin Whether this new option can only be used by site admins
* @see Menu::addEntry
*/
- function addMenuEntry( $path, $id, $url, $localeId = null, $blogOwner = false, $siteAdmin = false )
+ function addMenuEntry( $path,
+ $id,
+ $url,
+ $localeId = null,
+ $orPerms = Array( "manage_plugins" ),
+ $andPerms = Array( "manage_plugins" ),
+ $siteAdmin = false )
{
lt_include( PLOG_CLASS_PATH."class/template/menu/menu.class.php" );
+
+ $orPermsString = implode( ",", $orPerms );
+ $andPermsString = implode( ",", $andPerms );
// get hold of the menu structure
$menu =& Menu::getMenu();
@@ -239,7 +251,8 @@
Array(
"url" => $url,
"localeId" => $localeId,
- "blogOwner" => (int)$blogOwner,
+ "orPerms" => $orPermsString,
+ "andPerms" => $andPermsString,
"siteAdmin" => (int)$siteAdmin ));
// add the entry and return the result
return $menu->addEntry( $path, $menuEntry );
Modified: plog/trunk/class/template/menu/menurenderer.class.php
===================================================================
--- plog/trunk/class/template/menu/menurenderer.class.php 2006-11-04 12:15:52 UTC (rev 4233)
+++ plog/trunk/class/template/menu/menurenderer.class.php 2006-11-04 22:46:54 UTC (rev 4234)
@@ -117,18 +117,47 @@
* @param userInfo
* @return true if the user can, false otherwise
*/
- function userCanSee( $node, $userInfo )
+ function userCanSee( $node )
{
// check if the node is for admins and if the user is an admin
$nodeIsAdminOnly = $node->getAttribute( "siteAdmin" );
- if( $nodeIsAdminOnly && !$userInfo->isSiteAdmin())
+ if( $nodeIsAdminOnly && !$this->_userInfo->isSiteAdmin())
return false;
-
- // check if the node is only for blog owners or site admins and if the user is a blog owner
- $nodeIsBlogOwnerOnly = $node->getAttribute( "blogOwner" );
- if( $nodeIsBlogOwnerOnly && (( $this->_blogInfo->getOwner() != $userInfo->getId()) &&
- $userInfo->isSiteAdmin() == false ))
+
+ // if the user is the blog owner, then he can see
+ if( $this->_userInfo->getId() == $this->_blogInfo->getOwnerId())
+ return true;
+
+ // get the AND permissions for the node but if there are no permissions assigned, then we can see
+ $nodeAndPerms = $node->getAttribute("andPerms");
+ if( $nodeAndPerms != "" ) {
+ // we can specify more than one permissions separated with a comma
+ $perms = explode( ",", $nodeAndPerms );
+ // and check if the current user has such permission in this blog
+ foreach( $perms as $perm ) {
+ $perm = trim( $perm );
+ if( !$this->_userInfo->hasPermissionByName( $perm, $this->_blogInfo->getId())) {
+ return false;
+ }
+ }
+ }
+ else {
+ // get the OR permissions for the node but if there are no permissions assigned, then we can see
+ $nodeOrPerms = $node->getAttribute("orPerms");
+ if( $nodeOrPerms == "" )
+ return true;
+
+ // we can specify more than one permissions separated with a comma
+ $perms = explode( ",", $nodeOrPerms );
+ // and check if the current user has such permission in this blog
+ foreach( $perms as $perm ) {
+ $perm = trim( $perm );
+ if( $this->_userInfo->hasPermissionByName( $perm, $this->_blogInfo->getId()))
+ return true;
+ }
+
return false;
+ }
// if none of the above is true, then the user does not have enough permissions!
return true;
@@ -145,7 +174,7 @@
foreach( $node->children as $child ) {
if( $child->name != "" ) {
// check whether the user has the right permissions to see this
- if( $this->userCanSee( $child, $this->_userInfo )) {
+ if( $this->userCanSee( $child )) {
$url = $child->getAttribute( "url" );
$localeId = $this->getLocaleId( $child );
$cssClass = "Level_".$depth;
@@ -175,7 +204,7 @@
foreach( $node->children as $child ) {
if( $child->name != "" ) {
// check whether the user has the right permissions to see this
- if( $this->userCanSee( $child, $this->_userInfo )) {
+ if( $this->userCanSee( $child )) {
if( $start == 0 ) {
$result .= "[";
$start = 1;
Modified: plog/trunk/locale/locale_en_UK.php
===================================================================
--- plog/trunk/locale/locale_en_UK.php 2006-11-04 12:15:52 UTC (rev 4233)
+++ plog/trunk/locale/locale_en_UK.php 2006-11-04 22:46:54 UTC (rev 4234)
@@ -1167,4 +1167,10 @@
$messages['global_plugin_settings_saved_ok'] = 'Global plugin settings saved successfully';
$messages['error_updating_global_plugin_settings'] = 'There was an error saving the the global plugin settings';
$messages['error_incorrect_value'] = 'The value is not correct';
+$messages['parameter'] = 'Parameter';
+$messages['value'] = 'Value';
+$messages['override'] = 'Override';
+$messages['editCustomField'] = 'Edit Custom Field';
+$messages['view_blog_stats_desc'] = 'View the blog statistics';
+$messages['manage_plugins_desc'] = 'Manage blog plugins';
?>
\ No newline at end of file
Modified: plog/trunk/templates/admin/menus.xml
===================================================================
--- plog/trunk/templates/admin/menus.xml 2006-11-04 12:15:52 UTC (rev 4233)
+++ plog/trunk/templates/admin/menus.xml 2006-11-04 22:46:54 UTC (rev 4234)
@@ -1,44 +1,44 @@
<menu url="?op=Dashboard" localeId="dashboard">
<Manage url="?op=Manage">
- <managePosts ignoreBreadCrumbs="1">
- <newPost url="?op=newPost" />
- <editPosts url="?op=editPosts"/>
- <editArticleCategories url="?op=editArticleCategories" />
- <newArticleCategory url="?op=newArticleCategory" />
- <editComments url="?op=editComments" />
- <editTrackbacks url="?op=editTrackbacks" />
+ <managePosts ignoreBreadCrumbs="1" orPerms="add_post,view_posts,add_category,view_categories,view_comments,view_trackbacks">
+ <newPost url="?op=newPost" andPerms="add_post" />
+ <editPosts url="?op=editPosts" andPerms="videw_posts" />
+ <newArticleCategory url="?op=newArticleCategory" andPerms="add_category" />
+ <editArticleCategories url="?op=editArticleCategories" andPerms="view_categories" />
+ <editComments url="?op=editComments" andPerms="view_comments" />
+ <editTrackbacks url="?op=editTrackbacks" andPerms="view_trackbacks" />
</managePosts>
- <manageLinks ignoreBreadCrumbs="1">
- <newLink url="?op=newLink" />
- <editLinks url="?op=editLinks" />
- <newLinkCategory url="?op=newLinkCategory" />
- <editLinkCategories url="?op=editLinkCategories" />
+ <manageLinks ignoreBreadCrumbs="1" orPerms="add_link,view_links,add_link_category,view_link_categories">
+ <newLink url="?op=newLink" andPerms="add_link" />
+ <editLinks url="?op=editLinks" andPerms="view_links" />
+ <newLinkCategory url="?op=newLinkCategory" andPerms="add_link_category" />
+ <editLinkCategories url="?op=editLinkCategories" andPerms="view_link_categories" />
</manageLinks>
- <manageCustomFields ignoreBreadCrumbs="1">
- <newCustomField url="?op=newCustomField" />
- <blogCustomFields url="?op=blogCustomFields" />
+ <manageCustomFields ignoreBreadCrumbs="1" orPerms="add_custom_field,view_custom_fields">
+ <newCustomField url="?op=newCustomField" andPerms="add_custom_field" />
+ <blogCustomFields url="?op=blogCustomFields" andPerms="view_custom_fields" />
</manageCustomFields>
</Manage>
<ResourcesGroup url="?op=resourcesGroup" localeId="resourceCenter">
- <resourceCenter ignoreBreadCrumbs="1">
- <newResource url="?op=newResource" />
- <newResourceAlbum url="?op=newResourceAlbum" />
- <resources url="?op=resources" />
+ <resourceCenter ignoreBreadCrumbs="1" orPerms="add_resource,add_album,view_resources">
+ <newResource url="?op=newResource" andPerms="add_resource" />
+ <newResourceAlbum url="?op=newResourceAlbum" andPerms="add_album" />
+ <resources url="?op=resources" andPerms="view_resources" />
</resourceCenter>
</ResourcesGroup>
<controlCenter url="?op=controlCenter">
<manageSettings ignoreBreadCrumbs="1">
- <blogSettings url="?op=blogSettings" />
- <userSettings url="?op=userSettings" />
- <Stats url="?op=Stats" />
+ <blogSettings url="?op=blogSettings" andPerms="update_blog" />
+ <userSettings url="?op=userSettings" />
+ <Stats url="?op=Stats" andPerms="view_blog_statistics" />
</manageSettings>
- <manageBlogUsers ignoreBreadCrumbs="1" >
- <newBlogUser url="?op=newBlogUser" />
- <showBlogUsers url="?op=showBlogUsers" />
+ <manageBlogUsers ignoreBreadCrumbs="1" orPerms="add_blog_user,view_blog_users">
+ <newBlogUser url="?op=newBlogUser" andPerms="add_blog_user" />
+ <showBlogUsers url="?op=showBlogUsers" andPerms="view_blog_users" />
</manageBlogUsers>
- <manageBlogTemplates ignoreBreadCrumbs="1" >
- <newBlogTemplate url="?op=newBlogTemplate" />
- <blogTemplates url="?op=blogTemplates" />
+ <manageBlogTemplates ignoreBreadCrumbs="1" orPerms="add_blog_template,view_blog_template">
+ <newBlogTemplate url="?op=newBlogTemplate" andPerms="add_blog_template" />
+ <blogTemplates url="?op=blogTemplates" andPerms="view_blog_template" />
</manageBlogTemplates>
</controlCenter>
<adminSettings url="?op=adminSettings" siteAdmin="1">
More information about the pLog-svn
mailing list