Version 1.3.8: ACL Integration
This commit is contained in:
trendschau
parent
7d994c2230
commit
4f80e07810
44 changed files with 1033 additions and 576 deletions
|
|
@ -1,8 +1,13 @@
|
|||
meta:
|
||||
title: 'Content Elements'
|
||||
description: "There are a lot of other settings for your content area. For example: \nAdd an edit-button for github, gitlab or other plattforms.\nShow the author.\nShow the publish date.\nShow the chapter numbers in the navigation.\n"
|
||||
heroimage: null
|
||||
heroimagealt: null
|
||||
owner: testauthor
|
||||
author: trendschau
|
||||
manualdate: null
|
||||
modified: '2020-07-09'
|
||||
created: '2020-06-11'
|
||||
time: 21-05-02
|
||||
navtitle: 'content elements'
|
||||
modified: '2020-06-11'
|
||||
hide: false
|
||||
|
|
|
|||
Binary file not shown.
|
Before Width: | Height: | Size: 5.9 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 5.9 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 5.9 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 95 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 5.9 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 5.9 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 5.9 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 58 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 5.3 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 5.3 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 5.3 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 11 KiB |
|
|
@ -24,6 +24,12 @@ class ArticleApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user can publish his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'publish'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to publish content.']), 403);
|
||||
}
|
||||
|
||||
# validate input only if raw mode
|
||||
if($this->params['raw'])
|
||||
{
|
||||
|
|
@ -35,6 +41,16 @@ class ArticleApiController extends ContentController
|
|||
|
||||
# set item
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to update content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'publish'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to publish content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# set the status for published and drafted
|
||||
$this->setPublishStatus();
|
||||
|
|
@ -100,12 +116,28 @@ class ArticleApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user can unpublish his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'unpublish'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to unpublish content.']), 403);
|
||||
}
|
||||
|
||||
# set structure
|
||||
if(!$this->setStructure($draft = true)){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# set item
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to update content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'unpublish'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to unpublish content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# set the status for published and drafted
|
||||
$this->setPublishStatus();
|
||||
|
||||
|
|
@ -178,17 +210,32 @@ class ArticleApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to publish content.']), 403);
|
||||
}
|
||||
|
||||
# set structure
|
||||
if(!$this->setStructure($draft = true)){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# set item
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to update content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to update content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# remove the unpublished changes
|
||||
$delete = $this->deleteContentFiles(['txt']);
|
||||
|
||||
# set redirect url to edit page
|
||||
|
||||
$url = $this->uri->getBaseUrl() . '/tm/content/' . $this->settings['editor'];
|
||||
if(isset($this->item->urlRelWoF))
|
||||
{
|
||||
|
|
@ -217,6 +264,12 @@ class ArticleApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to delete his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'delete'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to delete content.']), 403);
|
||||
}
|
||||
|
||||
# set url to base path initially
|
||||
$url = $this->uri->getBaseUrl() . '/tm/content/' . $this->settings['editor'];
|
||||
|
||||
|
|
@ -225,6 +278,16 @@ class ArticleApiController extends ContentController
|
|||
|
||||
# set item
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to delete content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'delete'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to delete content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
if($this->item->elementType == 'file')
|
||||
{
|
||||
|
|
@ -275,16 +338,32 @@ class ArticleApiController extends ContentController
|
|||
# get params from call
|
||||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to update content.']), 403);
|
||||
}
|
||||
|
||||
# validate input
|
||||
if(!$this->validateEditorInput()){ return $response->withJson($this->errors,422); }
|
||||
|
||||
# set structure
|
||||
if(!$this->setStructure($draft = true)){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
|
||||
# set item
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to delete content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to update content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# set path for the file (or folder)
|
||||
$this->setItemPath('txt');
|
||||
|
||||
|
|
@ -319,6 +398,12 @@ class ArticleApiController extends ContentController
|
|||
# get params from call
|
||||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => 'You are not allowed to update content.'), 403);
|
||||
}
|
||||
|
||||
# url is only needed, if an active page is moved to another folder, so user has to be redirected to the new url
|
||||
$url = false;
|
||||
|
|
@ -339,6 +424,19 @@ class ArticleApiController extends ContentController
|
|||
|
||||
if(!$item){ return $response->withJson(array('data' => $this->structure, 'errors' => 'We could not find this page. Please refresh and try again.', 'url' => $url), 404); }
|
||||
|
||||
# needed for acl check
|
||||
$this->item = $item;
|
||||
|
||||
# if user has no right to update content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => $this->structure, 'errors' => 'You are not allowed to move that content.'), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# if an item is moved to the first level
|
||||
if($this->params['parent_id_to'] == 'navi')
|
||||
{
|
||||
|
|
@ -397,7 +495,7 @@ class ArticleApiController extends ContentController
|
|||
}
|
||||
$index++;
|
||||
}
|
||||
if($writeError){ return $response->withJson(array('data' => $this->structure, 'errors' => 'Something went wrong. Please refresh the page and check, if all folders and files are writable.', 'url' => $url), 404); }
|
||||
if($writeError){ return $response->withJson(array('data' => $this->structure, 'errors' => ['message' => 'Something went wrong. Please refresh the page and check, if all folders and files are writable.'], 'url' => $url), 404); }
|
||||
|
||||
# update the structure for editor
|
||||
$this->setStructure($draft = true, $cache = false);
|
||||
|
|
@ -427,6 +525,12 @@ class ArticleApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'create'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to create content.']), 403);
|
||||
}
|
||||
|
||||
# url is only needed, if an active page is moved
|
||||
$url = false;
|
||||
|
||||
|
|
@ -434,7 +538,7 @@ class ArticleApiController extends ContentController
|
|||
if(!$this->setStructure($draft = true)){ return $response->withJson(array('data' => false, 'errors' => $this->errors, 'url' => $url), 404); }
|
||||
|
||||
# validate input
|
||||
if(!$this->validateNaviItem()){ return $response->withJson(array('data' => $this->structure, 'errors' => 'Special Characters not allowed. Length between 1 and 60 chars.', 'url' => $url), 422); }
|
||||
if(!$this->validateNaviItem()){ return $response->withJson(array('data' => $this->structure, 'errors' => ['message' => 'Special Characters not allowed. Length between 1 and 60 chars.'], 'url' => $url), 422); }
|
||||
|
||||
# get the ids (key path) for item, old folder and new folder
|
||||
$folderKeyPath = explode('.', $this->params['folder_id']);
|
||||
|
|
@ -442,7 +546,7 @@ class ArticleApiController extends ContentController
|
|||
# get the item from structure
|
||||
$folder = Folder::getItemWithKeyPath($this->structure, $folderKeyPath);
|
||||
|
||||
if(!$folder){ return $response->withJson(array('data' => $this->structure, 'errors' => 'We could not find this page. Please refresh and try again.', 'url' => $url), 404); }
|
||||
if(!$folder){ return $response->withJson(array('data' => $this->structure, 'errors' => ['message' => 'We could not find this page. Please refresh and try again.'], 'url' => $url), 404); }
|
||||
|
||||
$name = $this->params['item_name'];
|
||||
$slug = URLify::filter(iconv(mb_detect_encoding($this->params['item_name'], mb_detect_order(), true), "UTF-8", $this->params['item_name']));
|
||||
|
|
@ -464,7 +568,6 @@ class ArticleApiController extends ContentController
|
|||
return $response->withJson(array('data' => $this->structure, 'errors' => 'We could not create the file. Please refresh the page and check, if all folders and files are writable.', 'url' => $url), 404);
|
||||
}
|
||||
|
||||
|
||||
# get extended structure
|
||||
$extended = $write->getYaml('cache', 'structure-extended.yaml');
|
||||
|
||||
|
|
@ -494,6 +597,12 @@ class ArticleApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'create'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to create content.']), 403);
|
||||
}
|
||||
|
||||
# url is only needed, if an active page is moved
|
||||
$url = false;
|
||||
|
||||
|
|
@ -608,6 +717,12 @@ class ArticleApiController extends ContentController
|
|||
# get params from call
|
||||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'create'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => 'You are not allowed to create content.'), 403);
|
||||
}
|
||||
|
||||
# url is only needed, if an active page is moved
|
||||
$url = false;
|
||||
|
|
@ -730,12 +845,28 @@ class ArticleApiController extends ContentController
|
|||
/* get params from call */
|
||||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
|
||||
# minimum permission is that user is allowed to update his own content. This will completely disable the block-editor
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => 'You are not allowed to edit content.'), 403);
|
||||
}
|
||||
|
||||
# set structure
|
||||
if(!$this->setStructure($draft = true)){ return $response->withJson(array('data' => false, 'errors' => $this->errors), 404); }
|
||||
|
||||
/* set item */
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to delete content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => 'You are not allowed to delete content.'), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# set the status for published and drafted
|
||||
$this->setPublishStatus();
|
||||
|
|
@ -778,12 +909,27 @@ class ArticleApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => 'You are not allowed to edit content.'), 403);
|
||||
}
|
||||
|
||||
# set structure
|
||||
if(!$this->setStructure($draft = true)){ return $response->withJson(array('data' => false, 'errors' => $this->errors), 404); }
|
||||
|
||||
/* set item */
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
|
||||
# if user has no right to delete content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => 'You are not allowed to delete content.'), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# set the status for published and drafted
|
||||
$this->setPublishStatus();
|
||||
|
||||
|
|
|
|||
|
|
@ -125,10 +125,15 @@ class AuthController extends Controller
|
|||
$yaml->updateYaml('settings/users', '.logins', $logins);
|
||||
}
|
||||
|
||||
$settings = $this->c->get('settings');
|
||||
$editor = (isset($settings['editor']) && $settings['editor'] == 'visual') ? 'visual' : 'raw';
|
||||
|
||||
return $response->withRedirect($this->c->router->pathFor('content.' . $editor));
|
||||
# if user is allowed to view content-area
|
||||
if($this->c->acl->isAllowed($userdata['userrole'], 'content', 'view'))
|
||||
{
|
||||
$settings = $this->c->get('settings');
|
||||
$editor = (isset($settings['editor']) && $settings['editor'] == 'visual') ? 'visual' : 'raw';
|
||||
|
||||
return $response->withRedirect($this->c->router->pathFor('content.' . $editor));
|
||||
}
|
||||
return $response->withRedirect($this->c->router->pathFor('user.account'));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -21,6 +21,12 @@ class BlockApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to publish content.']), 403);
|
||||
}
|
||||
|
||||
/* validate input */
|
||||
if(!$this->validateBlockInput()){ return $response->withJson($this->errors,422); }
|
||||
|
||||
|
|
@ -30,6 +36,16 @@ class BlockApiController extends ContentController
|
|||
/* set item */
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to delete content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to edit content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# set the status for published and drafted
|
||||
$this->setPublishStatus();
|
||||
|
||||
|
|
@ -77,7 +93,7 @@ class BlockApiController extends ContentController
|
|||
elseif(($this->params['block_id'] == 0) OR !isset($pageMarkdown[$this->params['block_id']]))
|
||||
{
|
||||
# if the block does not exists, return an error
|
||||
return $response->withJson(array('data' => false, 'errors' => 'The ID of the content-block is wrong.'), 404);
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'The ID of the content-block is wrong.']), 404);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -201,6 +217,12 @@ class BlockApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to publish content.']), 403);
|
||||
}
|
||||
|
||||
/* validate input */
|
||||
if(!$this->validateBlockInput()){ return $response->withJson($this->errors,422); }
|
||||
|
||||
|
|
@ -210,6 +232,16 @@ class BlockApiController extends ContentController
|
|||
/* set item */
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to delete content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to edit content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# set the status for published and drafted
|
||||
$this->setPublishStatus();
|
||||
|
||||
|
|
@ -249,7 +281,7 @@ class BlockApiController extends ContentController
|
|||
if(!isset($pageMarkdown[$this->params['block_id']]))
|
||||
{
|
||||
# if the block does not exists, return an error
|
||||
return $response->withJson(array('data' => false, 'errors' => 'The ID of the content-block is wrong.'), 404);
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'The ID of the content-block is wrong.']), 404);
|
||||
}
|
||||
elseif($this->params['block_id'] == 0)
|
||||
{
|
||||
|
|
@ -340,6 +372,12 @@ class BlockApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to publish content.']), 403);
|
||||
}
|
||||
|
||||
# validate input
|
||||
# if(!$this->validateBlockInput()){ return $response->withJson($this->errors,422); }
|
||||
|
||||
|
|
@ -349,6 +387,16 @@ class BlockApiController extends ContentController
|
|||
# set item
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to delete content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to delete content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# set the status for published and drafted
|
||||
$this->setPublishStatus();
|
||||
|
||||
|
|
@ -382,7 +430,7 @@ class BlockApiController extends ContentController
|
|||
if(!isset($pageMarkdown[$oldIndex]))
|
||||
{
|
||||
# if the block does not exists, return an error
|
||||
return $response->withJson(array('data' => false, 'errors' => 'The ID of the content-block is wrong.'), 404);
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'The ID of the content-block is wrong.']), 404);
|
||||
}
|
||||
|
||||
$extract = array_splice($pageMarkdown, $oldIndex, 1);
|
||||
|
|
@ -432,6 +480,12 @@ class BlockApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
$errors = false;
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to publish content.']), 403);
|
||||
}
|
||||
|
||||
# set structure
|
||||
if(!$this->setStructure($draft = true)){ return $response->withJson(array('data' => false, 'errors' => $this->errors), 404); }
|
||||
|
|
@ -439,6 +493,16 @@ class BlockApiController extends ContentController
|
|||
# set item
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to delete content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to delete content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# set the status for published and drafted
|
||||
$this->setPublishStatus();
|
||||
|
||||
|
|
@ -616,7 +680,7 @@ class BlockApiController extends ContentController
|
|||
return $response->withJson(array('errors' => false));
|
||||
}
|
||||
|
||||
return $response->withJson(array('errors' => 'could not store image to temporary folder'));
|
||||
return $response->withJson(array('errors' => ['message' => 'could not store image to temporary folder']));
|
||||
}
|
||||
|
||||
public function createFile(Request $request, Response $response, $args)
|
||||
|
|
@ -632,7 +696,7 @@ class BlockApiController extends ContentController
|
|||
$allowedMimes = $this->getAllowedMtypes();
|
||||
if(!in_array($mtype, $allowedMimes))
|
||||
{
|
||||
return $response->withJson(array('errors' => 'File-type is not allowed'));
|
||||
return $response->withJson(array('errors' => ['message' => 'File-type is not allowed']));
|
||||
}
|
||||
|
||||
# sanitize file name
|
||||
|
|
@ -653,7 +717,7 @@ class BlockApiController extends ContentController
|
|||
return $response->withJson(array('errors' => false, 'name' => $name));
|
||||
}
|
||||
|
||||
return $response->withJson(array('errors' => 'could not store file to temporary folder'));
|
||||
return $response->withJson(array('errors' => ['message' => 'could not store file to temporary folder']));
|
||||
}
|
||||
|
||||
public function publishImage(Request $request, Response $response, $args)
|
||||
|
|
@ -681,7 +745,7 @@ class BlockApiController extends ContentController
|
|||
return $this->updateBlock($request, $response, $args);
|
||||
}
|
||||
|
||||
return $response->withJson(array('errors' => 'could not store image to media folder'));
|
||||
return $response->withJson(array('errors' => ['message' => 'could not store image to media folder']));
|
||||
}
|
||||
|
||||
public function deleteImage(Request $request, Response $response, $args)
|
||||
|
|
@ -692,7 +756,7 @@ class BlockApiController extends ContentController
|
|||
|
||||
if(!isset($this->params['name']))
|
||||
{
|
||||
return $response->withJson(array('errors' => 'image name is missing'));
|
||||
return $response->withJson(array('errors' => ['message' => 'image name is missing']));
|
||||
}
|
||||
|
||||
$imageProcessor = new ProcessImage($this->settings['images']);
|
||||
|
|
@ -714,7 +778,7 @@ class BlockApiController extends ContentController
|
|||
|
||||
if(!isset($this->params['name']))
|
||||
{
|
||||
return $response->withJson(array('errors' => 'file name is missing'));
|
||||
return $response->withJson(array('errors' => ['message' => 'file name is missing']));
|
||||
}
|
||||
|
||||
$fileProcessor = new ProcessFile();
|
||||
|
|
@ -725,7 +789,7 @@ class BlockApiController extends ContentController
|
|||
return $response->withJson(array('errors' => false));
|
||||
}
|
||||
|
||||
return $response->withJson(array('errors' => 'could not delete the file'));
|
||||
return $response->withJson(array('errors' => ['message' => 'could not delete the file']));
|
||||
}
|
||||
|
||||
public function saveVideoImage(Request $request, Response $response, $args)
|
||||
|
|
@ -803,7 +867,7 @@ class BlockApiController extends ContentController
|
|||
return $this->updateBlock($request, $response, $args);
|
||||
}
|
||||
|
||||
return $response->withJson(array('errors' => 'could not store the preview image'));
|
||||
return $response->withJson(array('errors' => ['message' => 'could not store the preview image']));
|
||||
}
|
||||
|
||||
private function getAllowedMtypes()
|
||||
|
|
@ -828,6 +892,7 @@ class BlockApiController extends ContentController
|
|||
'application/pdf',
|
||||
'image/png',
|
||||
'image/jpeg',
|
||||
'image/jpg',
|
||||
'image/gif',
|
||||
'image/svg+xml',
|
||||
'font/*',
|
||||
|
|
|
|||
|
|
@ -32,6 +32,9 @@ class ContentBackendController extends ContentController
|
|||
|
||||
# set item
|
||||
if(!$this->setItem()){ return $this->renderIntern404($response, array( 'navigation' => $this->structure, 'settings' => $this->settings, 'content' => $this->errors )); }
|
||||
|
||||
# we have to check ownership here to use it for permission-check in tempates
|
||||
$this->checkContentOwnership();
|
||||
|
||||
# get the breadcrumb (here we need it only to mark the actual item active in navigation)
|
||||
$breadcrumb = isset($this->item->keyPathArray) ? Folder::getBreadcrumb($this->structure, $this->item->keyPathArray) : false;
|
||||
|
|
@ -75,7 +78,16 @@ class ContentBackendController extends ContentController
|
|||
}
|
||||
}
|
||||
|
||||
return $this->render($response, 'editor/editor-raw.twig', array('navigation' => $this->structure, 'homepage' => $this->homepage, 'title' => $title, 'content' => $content, 'item' => $this->item, 'settings' => $this->settings ));
|
||||
return $this->render($response, 'editor/editor-raw.twig', array(
|
||||
'acl' => $this->c->acl,
|
||||
'mycontent' => $this->mycontent,
|
||||
'navigation' => $this->structure,
|
||||
'homepage' => $this->homepage,
|
||||
'title' => $title,
|
||||
'content' => $content,
|
||||
'item' => $this->item,
|
||||
'settings' => $this->settings
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -101,6 +113,9 @@ class ContentBackendController extends ContentController
|
|||
# set item
|
||||
if(!$this->setItem()){ return $this->renderIntern404($response, array( 'navigation' => $this->structure, 'settings' => $this->settings, 'content' => $this->errors )); }
|
||||
|
||||
# we have to check ownership here to use it for permission-check in tempates
|
||||
$this->checkContentOwnership();
|
||||
|
||||
# set the status for published and drafted
|
||||
$this->setPublishStatus();
|
||||
|
||||
|
|
@ -153,7 +168,16 @@ class ContentBackendController extends ContentController
|
|||
unset($content[0]);
|
||||
}
|
||||
|
||||
return $this->render($response, 'editor/editor-blox.twig', array('navigation' => $this->structure, 'homepage' => $this->homepage, 'title' => $title, 'content' => $content, 'item' => $this->item, 'settings' => $this->settings ));
|
||||
return $this->render($response, 'editor/editor-blox.twig', array(
|
||||
'acl' => $this->c->acl,
|
||||
'mycontent' => $this->mycontent,
|
||||
'navigation' => $this->structure,
|
||||
'homepage' => $this->homepage,
|
||||
'title' => $title,
|
||||
'content' => $content,
|
||||
'item' => $this->item,
|
||||
'settings' => $this->settings
|
||||
));
|
||||
}
|
||||
|
||||
public function showEmpty(Request $request, Response $response, $args)
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ use Typemill\Models\Folder;
|
|||
use Typemill\Models\Write;
|
||||
use Typemill\Models\WriteCache;
|
||||
use Typemill\Models\WriteYaml;
|
||||
use Typemill\Models\WriteMeta;
|
||||
|
||||
abstract class ContentController
|
||||
{
|
||||
|
|
@ -51,6 +52,9 @@ abstract class ContentController
|
|||
|
||||
# holds the content of the page
|
||||
protected $content;
|
||||
|
||||
# holds the ownership (my content or not my content)
|
||||
protected $mycontent = false;
|
||||
|
||||
public function __construct(ContainerInterface $c)
|
||||
{
|
||||
|
|
@ -432,4 +436,19 @@ abstract class ContentController
|
|||
$this->content = $content;
|
||||
return true;
|
||||
}
|
||||
|
||||
protected function checkContentOwnership()
|
||||
{
|
||||
# get page meta
|
||||
$writeMeta = new writeMeta();
|
||||
$pagemeta = $writeMeta->getPageMeta($this->settings, $this->item);
|
||||
|
||||
# owner assertion, not
|
||||
if(isset($pagemeta['meta']['owner']) && $pagemeta['meta']['owner'] == $_SESSION['user'])
|
||||
{
|
||||
$this->mycontent = true;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -207,6 +207,12 @@ class MediaApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to delete content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'delete'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => 'You are not allowed to delete images.'), 403);
|
||||
}
|
||||
|
||||
if(!isset($this->params['name']))
|
||||
{
|
||||
return $response->withJson(['errors' => 'image name is missing'],500);
|
||||
|
|
@ -232,6 +238,12 @@ class MediaApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to delete content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'delete'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => 'You are not allowed to delete files.'), 403);
|
||||
}
|
||||
|
||||
if(!isset($this->params['name']))
|
||||
{
|
||||
return $response->withJson(['errors' => 'file name is missing'],500);
|
||||
|
|
|
|||
|
|
@ -134,6 +134,12 @@ class MetaApiController extends ContentController
|
|||
$this->params = $request->getParams();
|
||||
$this->uri = $request->getUri()->withUserInfo('');
|
||||
|
||||
# minimum permission is that user is allowed to update his own content
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'mycontent', 'update'))
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to update content.']), 403);
|
||||
}
|
||||
|
||||
$tab = isset($this->params['tab']) ? $this->params['tab'] : false;
|
||||
$metaInput = isset($this->params['data']) ? $this->params['data'] : false ;
|
||||
$objectName = 'meta';
|
||||
|
|
@ -150,6 +156,16 @@ class MetaApiController extends ContentController
|
|||
# set item
|
||||
if(!$this->setItem()){ return $response->withJson($this->errors, 404); }
|
||||
|
||||
# if user has no right to delete content from others (eg admin or editor)
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'content', 'update'))
|
||||
{
|
||||
# check ownership. This code should nearly never run, because there is no button/interface to trigger it.
|
||||
if(!$this->checkContentOwnership())
|
||||
{
|
||||
return $response->withJson(array('data' => false, 'errors' => ['message' => 'You are not allowed to edit content.']), 403);
|
||||
}
|
||||
}
|
||||
|
||||
# if item is a folder
|
||||
if($this->item->elementType == "folder")
|
||||
{
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ use Typemill\Models\Validation;
|
|||
use Typemill\Models\User;
|
||||
use Typemill\Models\ProcessFile;
|
||||
use Typemill\Models\ProcessImage;
|
||||
use Typemill\Events\OnUserfieldsLoaded;
|
||||
use Typemill\Events\OnSystemnaviLoaded;
|
||||
|
||||
class SettingsController extends Controller
|
||||
{
|
||||
|
|
@ -26,26 +28,28 @@ class SettingsController extends Controller
|
|||
$locale = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? substr($_SERVER["HTTP_ACCEPT_LANGUAGE"],0,2) : 'en';
|
||||
$users = $user->getUsers();
|
||||
$route = $request->getAttribute('route');
|
||||
$navigation = $this->getNavigation();
|
||||
|
||||
return $this->render($response, 'settings/system.twig', array('settings' => $settings, 'copyright' => $copyright, 'languages' => $languages, 'locale' => $locale, 'formats' => $defaultSettings['formats'] ,'users' => $users, 'route' => $route->getName() ));
|
||||
# set navigation active
|
||||
$navigation['System']['active'] = true;
|
||||
|
||||
return $this->render($response, 'settings/system.twig', array(
|
||||
'settings' => $settings,
|
||||
'acl' => $this->c->acl,
|
||||
'navigation' => $navigation,
|
||||
'copyright' => $copyright,
|
||||
'languages' => $languages,
|
||||
'locale' => $locale,
|
||||
'formats' => $defaultSettings['formats'],
|
||||
'users' => $users,
|
||||
'route' => $route->getName()
|
||||
));
|
||||
}
|
||||
|
||||
public function saveSettings($request, $response, $args)
|
||||
{
|
||||
if($request->isPost())
|
||||
{
|
||||
$referer = $request->getHeader('HTTP_REFERER');
|
||||
$uri = $request->getUri()->withUserInfo('');
|
||||
$base_url = $uri->getBaseUrl();
|
||||
|
||||
/* security, users should not be able to fake post with settings from other typemill pages.
|
||||
if(!isset($referer[0]) OR $referer[0] !== $base_url . '/tm/settings' )
|
||||
{
|
||||
$this->c->flash->addMessage('error', 'illegal referer');
|
||||
return $response->withRedirect($this->c->router->pathFor('settings.show'));
|
||||
}
|
||||
*/
|
||||
|
||||
{
|
||||
$settings = \Typemill\Settings::getUserSettings();
|
||||
$defaultSettings = \Typemill\Settings::getDefaultSettings();
|
||||
$params = $request->getParams();
|
||||
|
|
@ -232,9 +236,19 @@ class SettingsController extends Controller
|
|||
}
|
||||
|
||||
/* add the users for navigation */
|
||||
$route = $request->getAttribute('route');
|
||||
$route = $request->getAttribute('route');
|
||||
$navigation = $this->getNavigation();
|
||||
|
||||
return $this->render($response, 'settings/themes.twig', array('settings' => $userSettings, 'themes' => $themedata, 'route' => $route->getName() ));
|
||||
# set navigation active
|
||||
$navigation['Themes']['active'] = true;
|
||||
|
||||
return $this->render($response, 'settings/themes.twig', array(
|
||||
'settings' => $userSettings,
|
||||
'acl' => $this->c->acl,
|
||||
'navigation' => $navigation,
|
||||
'themes' => $themedata,
|
||||
'route' => $route->getName()
|
||||
));
|
||||
}
|
||||
|
||||
public function showPlugins($request, $response, $args)
|
||||
|
|
@ -300,8 +314,18 @@ class SettingsController extends Controller
|
|||
}
|
||||
|
||||
$route = $request->getAttribute('route');
|
||||
$navigation = $this->getNavigation();
|
||||
|
||||
# set navigation active
|
||||
$navigation['Plugins']['active'] = true;
|
||||
|
||||
return $this->render($response, 'settings/plugins.twig', array('settings' => $userSettings, 'plugins' => $plugins, 'route' => $route->getName() ));
|
||||
return $this->render($response, 'settings/plugins.twig', array(
|
||||
'settings' => $userSettings,
|
||||
'acl' => $this->c->acl,
|
||||
'navigation' => $navigation,
|
||||
'plugins' => $plugins,
|
||||
'route' => $route->getName()
|
||||
));
|
||||
}
|
||||
|
||||
/*************************************
|
||||
|
|
@ -311,19 +335,7 @@ class SettingsController extends Controller
|
|||
public function saveThemes($request, $response, $args)
|
||||
{
|
||||
if($request->isPost())
|
||||
{
|
||||
$referer = $request->getHeader('HTTP_REFERER');
|
||||
$uri = $request->getUri()->withUserInfo('');
|
||||
$base_url = $uri->getBaseUrl();
|
||||
|
||||
/* users should not be able to fake post with settings from other typemill pages.
|
||||
if(!isset($referer[0]) OR $referer[0] !== $base_url . '/tm/themes' )
|
||||
{
|
||||
$this->c->flash->addMessage('error', 'illegal referer');
|
||||
return $response->withRedirect($this->c->router->pathFor('themes.show'));
|
||||
}
|
||||
*/
|
||||
|
||||
{
|
||||
$userSettings = \Typemill\Settings::getUserSettings();
|
||||
$params = $request->getParams();
|
||||
$themeName = isset($params['theme']) ? $params['theme'] : false;
|
||||
|
|
@ -410,18 +422,6 @@ class SettingsController extends Controller
|
|||
{
|
||||
if($request->isPost())
|
||||
{
|
||||
$referer = $request->getHeader('HTTP_REFERER');
|
||||
$uri = $request->getUri()->withUserInfo('');
|
||||
$base_url = $uri->getBaseUrl();
|
||||
|
||||
/* security, users should not be able to fake post with settings from other typemill pages.
|
||||
if(!isset($referer[0]) OR $referer[0] !== $base_url . '/tm/plugins' )
|
||||
{
|
||||
$this->c->flash->addMessage('error', 'illegal referer');
|
||||
return $response->withRedirect($this->c->router->pathFor('plugins.show'));
|
||||
}
|
||||
*/
|
||||
|
||||
$userSettings = \Typemill\Settings::getUserSettings();
|
||||
$pluginSettings = array();
|
||||
$userInput = $request->getParams();
|
||||
|
|
@ -481,6 +481,421 @@ class SettingsController extends Controller
|
|||
}
|
||||
}
|
||||
|
||||
/***********************
|
||||
** USER MANAGEMENT **
|
||||
***********************/
|
||||
|
||||
public function showAccount($request, $response, $args)
|
||||
{
|
||||
$username = $_SESSION['user'];
|
||||
|
||||
$validate = new Validation();
|
||||
|
||||
if($validate->username($username))
|
||||
{
|
||||
# get settings
|
||||
$settings = $this->c->get('settings');
|
||||
|
||||
# get user with userdata
|
||||
$user = new User();
|
||||
$userdata = $user->getSecureUser($username);
|
||||
|
||||
# instantiate field-builder
|
||||
$fieldsModel = new Fields();
|
||||
|
||||
# get the field-definitions
|
||||
$fieldDefinitions = $this->getUserFields($userdata['userrole']);
|
||||
|
||||
# prepare userdata for field-builder
|
||||
$userSettings['users']['user'] = $userdata;
|
||||
|
||||
# generate the input form
|
||||
$userform = $fieldsModel->getFields($userSettings, 'users', 'user', $fieldDefinitions);
|
||||
|
||||
$route = $request->getAttribute('route');
|
||||
$navigation = $this->getNavigation();
|
||||
|
||||
# set navigation active
|
||||
$navigation['Account']['active'] = true;
|
||||
|
||||
return $this->render($response, 'settings/user.twig', array(
|
||||
'settings' => $settings,
|
||||
'acl' => $this->c->acl,
|
||||
'navigation' => $navigation,
|
||||
'usersettings' => $userSettings, // needed for image url in form, will overwrite settings for field-template
|
||||
'userform' => $userform, // field model, needed to generate frontend-field
|
||||
'userdata' => $userdata, // needed to fill form with data
|
||||
# 'userrole' => false, // not needed ?
|
||||
# 'username' => $args['username'], // not needed ?
|
||||
'route' => $route->getName() // needed to set link active
|
||||
));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'User does not exists');
|
||||
return $response->withRedirect($this->c->router->pathFor('home'));
|
||||
}
|
||||
|
||||
public function showUser($request, $response, $args)
|
||||
{
|
||||
# if user has no rights to watch userlist, then redirect to
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'userlist', 'view') && $_SESSION['user'] !== $args['username'] )
|
||||
{
|
||||
return $response->withRedirect($this->c->router->pathFor('user.show', ['username' => $_SESSION['user']] ));
|
||||
}
|
||||
|
||||
$validate = new Validation();
|
||||
|
||||
if($validate->username($args['username']))
|
||||
{
|
||||
# get settings
|
||||
$settings = $this->c->get('settings');
|
||||
|
||||
# get user with userdata
|
||||
$user = new User();
|
||||
$userdata = $user->getSecureUser($args['username']);
|
||||
|
||||
$username = $userdata['username'];
|
||||
|
||||
# instantiate field-builder
|
||||
$fieldsModel = new Fields();
|
||||
|
||||
# get the field-definitions
|
||||
$fieldDefinitions = $this->getUserFields($userdata['userrole']);
|
||||
|
||||
# prepare userdata for field-builder
|
||||
$userSettings['users']['user'] = $userdata;
|
||||
|
||||
# generate the input form
|
||||
$userform = $fieldsModel->getFields($userSettings, 'users', 'user', $fieldDefinitions);
|
||||
|
||||
$route = $request->getAttribute('route');
|
||||
$navigation = $this->getNavigation();
|
||||
|
||||
# set navigation active
|
||||
$navigation['Users']['active'] = true;
|
||||
|
||||
return $this->render($response, 'settings/user.twig', array(
|
||||
'settings' => $settings,
|
||||
'acl' => $this->c->acl,
|
||||
'navigation' => $navigation,
|
||||
'usersettings' => $userSettings, // needed for image url in form, will overwrite settings for field-template
|
||||
'userform' => $userform, // field model, needed to generate frontend-field
|
||||
'userdata' => $userdata, // needed to fill form with data
|
||||
# 'userrole' => false, // not needed ?
|
||||
# 'username' => $args['username'], // not needed ?
|
||||
'route' => $route->getName() // needed to set link active
|
||||
));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'User does not exists');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.account'));
|
||||
}
|
||||
|
||||
public function listUser($request, $response)
|
||||
{
|
||||
$user = new User();
|
||||
$users = $user->getUsers();
|
||||
$userdata = array();
|
||||
$route = $request->getAttribute('route');
|
||||
$settings = $this->c->get('settings');
|
||||
$navigation = $this->getNavigation();
|
||||
|
||||
# set navigation active
|
||||
$navigation['Users']['active'] = true;
|
||||
|
||||
foreach($users as $username)
|
||||
{
|
||||
$userdata[] = $user->getUser($username);
|
||||
}
|
||||
|
||||
return $this->render($response, 'settings/userlist.twig', array(
|
||||
'settings' => $settings,
|
||||
'acl' => $this->c->acl,
|
||||
'navigation' => $navigation,
|
||||
'users' => $users,
|
||||
'userdata' => $userdata,
|
||||
'route' => $route->getName()
|
||||
));
|
||||
}
|
||||
|
||||
public function newUser($request, $response, $args)
|
||||
{
|
||||
$user = new User();
|
||||
$users = $user->getUsers();
|
||||
$userroles = $this->c->acl->getRoles();
|
||||
$route = $request->getAttribute('route');
|
||||
$settings = $this->c->get('settings');
|
||||
$navigation = $this->getNavigation();
|
||||
|
||||
# set navigation active
|
||||
$navigation['Users']['active'] = true;
|
||||
|
||||
return $this->render($response, 'settings/usernew.twig', array(
|
||||
'settings' => $settings,
|
||||
'acl' => $this->c->acl,
|
||||
'navigation' => $navigation,
|
||||
'users' => $users,
|
||||
'userrole' => $userroles,
|
||||
'route' => $route->getName()
|
||||
));
|
||||
}
|
||||
|
||||
public function createUser($request, $response, $args)
|
||||
{
|
||||
if($request->isPost())
|
||||
{
|
||||
$params = $request->getParams();
|
||||
$user = new User();
|
||||
$validate = new Validation();
|
||||
$userroles = $this->c->acl->getRoles();
|
||||
|
||||
if($validate->newUser($params, $userroles))
|
||||
{
|
||||
$userdata = array(
|
||||
'username' => $params['username'],
|
||||
'email' => $params['email'],
|
||||
'userrole' => $params['userrole'],
|
||||
'password' => $params['password']);
|
||||
|
||||
$user->createUser($userdata);
|
||||
|
||||
$this->c->flash->addMessage('info', 'Welcome, there is a new user!');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.list'));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'Please correct your input');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.new'));
|
||||
}
|
||||
}
|
||||
|
||||
public function updateUser($request, $response, $args)
|
||||
{
|
||||
|
||||
if($request->isPost())
|
||||
{
|
||||
$params = $request->getParams();
|
||||
$userdata = $params['user'];
|
||||
$user = new User();
|
||||
$validate = new Validation();
|
||||
$userroles = $this->c->acl->getRoles();
|
||||
|
||||
$redirectRoute = ($userdata['username'] == $_SESSION['user']) ? $this->c->router->pathFor('user.account') : $this->c->router->pathFor('user.show', ['username' => $userdata['username']]);
|
||||
|
||||
# check if user is allowed to view (edit) userlist and other users
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'userlist', 'write'))
|
||||
{
|
||||
# if an editor tries to update other userdata than its own */
|
||||
if($_SESSION['user'] !== $userdata['username'])
|
||||
{
|
||||
return $response->withRedirect($this->c->router->pathFor('user.account'));
|
||||
}
|
||||
|
||||
# non admins cannot change their userrole, so set it to session-value
|
||||
$userdata['userrole'] = $_SESSION['role'];
|
||||
}
|
||||
|
||||
# validate standard fields for users
|
||||
if($validate->existingUser($userdata, $userroles))
|
||||
{
|
||||
# validate custom input fields and return images
|
||||
$userfields = $this->getUserFields($userdata['userrole']);
|
||||
$imageFields = $this->validateInput('users', 'user', $userdata, $validate, $userfields);
|
||||
|
||||
if(!empty($imageFields))
|
||||
{
|
||||
$images = $request->getUploadedFiles();
|
||||
|
||||
if(isset($images['user']))
|
||||
{
|
||||
# set image size
|
||||
$settings = $this->c->get('settings');
|
||||
$settings->replace(['images' => ['live' => ['width' => 500, 'height' => 500]]]);
|
||||
$imageresult = $this->saveImages($imageFields, $userdata, $settings, $images['user']);
|
||||
|
||||
if(isset($_SESSION['slimFlash']['error']))
|
||||
{
|
||||
return $response->withRedirect($redirectRoute);
|
||||
}
|
||||
elseif(isset($imageresult['username']))
|
||||
{
|
||||
$userdata = $imageresult;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# check for errors and redirect to path, if errors found */
|
||||
if(isset($_SESSION['errors']))
|
||||
{
|
||||
$this->c->flash->addMessage('error', 'Please correct the errors');
|
||||
return $response->withRedirect($redirectRoute);
|
||||
}
|
||||
|
||||
if(empty($userdata['password']) AND empty($userdata['newpassword']))
|
||||
{
|
||||
# make sure no invalid passwords go into model
|
||||
unset($userdata['password']);
|
||||
unset($userdata['newpassword']);
|
||||
|
||||
$user->updateUser($userdata);
|
||||
$this->c->flash->addMessage('info', 'Saved all changes');
|
||||
return $response->withRedirect($redirectRoute);
|
||||
}
|
||||
elseif($validate->newPassword($userdata))
|
||||
{
|
||||
$userdata['password'] = $userdata['newpassword'];
|
||||
unset($userdata['newpassword']);
|
||||
|
||||
$user->updateUser($userdata);
|
||||
$this->c->flash->addMessage('info', 'Saved all changes');
|
||||
return $response->withRedirect($redirectRoute);
|
||||
}
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'Please correct your input');
|
||||
return $response->withRedirect($redirectRoute);
|
||||
}
|
||||
}
|
||||
|
||||
public function deleteUser($request, $response, $args)
|
||||
{
|
||||
if($request->isPost())
|
||||
{
|
||||
$params = $request->getParams();
|
||||
$validate = new Validation();
|
||||
$user = new User();
|
||||
|
||||
# check if user is allowed to view (edit) userlist and other users
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'userlist', 'write'))
|
||||
{
|
||||
# if an editor tries to delete other user than its own
|
||||
if($_SESSION['user'] !== $params['username'])
|
||||
{
|
||||
return $response->withRedirect($this->c->router->pathFor('user.account'));
|
||||
}
|
||||
}
|
||||
|
||||
if($validate->username($params['username']))
|
||||
{
|
||||
$user->deleteUser($params['username']);
|
||||
|
||||
# if user deleted his own account
|
||||
if($_SESSION['user'] == $params['username'])
|
||||
{
|
||||
session_destroy();
|
||||
return $response->withRedirect($this->c->router->pathFor('auth.show'));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('info', 'Say goodbye, the user is gone!');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.list'));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'Ups, we did not find that user');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.show', ['username' => $params['username']]));
|
||||
}
|
||||
}
|
||||
|
||||
private function getUserFields($role)
|
||||
{
|
||||
$fields = [];
|
||||
$fields['username'] = ['label' => 'Username (read only)', 'type' => 'text', 'readonly' => true];
|
||||
$fields['firstname'] = ['label' => 'First Name', 'type' => 'text'];
|
||||
$fields['lastname'] = ['label' => 'Last Name', 'type' => 'text'];
|
||||
$fields['email'] = ['label' => 'E-Mail', 'type' => 'text', 'required' => true];
|
||||
$fields['userrole'] = ['label' => 'Role', 'type' => 'text', 'readonly' => true];
|
||||
$fields['password'] = ['label' => 'Actual Password', 'type' => 'password'];
|
||||
$fields['newpassword'] = ['label' => 'New Password', 'type' => 'password'];
|
||||
|
||||
# dispatch fields;
|
||||
$fields = $this->c->dispatcher->dispatch('onUserfieldsLoaded', new OnUserfieldsLoaded($fields))->getData();
|
||||
|
||||
# only roles who can edit content need profile image and description
|
||||
if($this->c->acl->isAllowed($role, 'content', 'create'))
|
||||
{
|
||||
$newfield['image'] = ['label' => 'Profile-Image', 'type' => 'image'];
|
||||
$newfield['description'] = ['label' => 'Author-Description (Markdown)', 'type' => 'textarea'];
|
||||
array_splice($fields,1,0,$newfield);
|
||||
}
|
||||
|
||||
# Only admin can change userroles
|
||||
if($this->c->acl->isAllowed($_SESSION['role'], 'userlist', 'write'))
|
||||
{
|
||||
$userroles = $this->c->acl->getRoles();
|
||||
$options = [];
|
||||
|
||||
# we need associative array to make select-field with key/value work
|
||||
foreach($userroles as $userrole)
|
||||
{
|
||||
$options[$userrole] = $userrole;
|
||||
}
|
||||
|
||||
$fields['userrole'] = ['label' => 'Role', 'type' => 'select', 'options' => $options];
|
||||
}
|
||||
|
||||
$userform = [];
|
||||
$userform['forms']['fields'] = $fields;
|
||||
return $userform;
|
||||
}
|
||||
|
||||
private function getThemes()
|
||||
{
|
||||
$themeFolder = $this->c->get('settings')['rootPath'] . $this->c->get('settings')['themeFolder'];
|
||||
$themeFolderC = scandir($themeFolder);
|
||||
$themes = array();
|
||||
foreach ($themeFolderC as $key => $theme)
|
||||
{
|
||||
if (!in_array($theme, array(".","..")))
|
||||
{
|
||||
if (is_dir($themeFolder . DIRECTORY_SEPARATOR . $theme))
|
||||
{
|
||||
$themes[] = $theme;
|
||||
}
|
||||
}
|
||||
}
|
||||
return $themes;
|
||||
}
|
||||
|
||||
private function getCopyright()
|
||||
{
|
||||
return array(
|
||||
"©",
|
||||
"CC-BY",
|
||||
"CC-BY-NC",
|
||||
"CC-BY-NC-ND",
|
||||
"CC-BY-NC-SA",
|
||||
"CC-BY-ND",
|
||||
"CC-BY-SA",
|
||||
"None"
|
||||
);
|
||||
}
|
||||
|
||||
private function getLanguages()
|
||||
{
|
||||
return array(
|
||||
'en' => 'English',
|
||||
'ru' => 'Russian',
|
||||
'nl' => 'Dutch, Flemish',
|
||||
'de' => 'German',
|
||||
'it' => 'Italian',
|
||||
'fr' => 'French',
|
||||
);
|
||||
}
|
||||
|
||||
private function getNavigation()
|
||||
{
|
||||
$navigation = [
|
||||
'System' => ['routename' => 'settings.show', 'icon' => 'icon-wrench', 'aclresource' => 'system', 'aclprivilege' => 'view'],
|
||||
'Themes' => ['routename' => 'themes.show', 'icon' => 'icon-paint-brush', 'aclresource' => 'system', 'aclprivilege' => 'view'],
|
||||
'Plugins' => ['routename' => 'plugins.show', 'icon' => 'icon-plug', 'aclresource' => 'system', 'aclprivilege' => 'view'],
|
||||
'Account' => ['routename' => 'user.account', 'icon' => 'icon-user', 'aclresource' => 'user', 'aclprivilege' => 'view'],
|
||||
'Users' => ['routename' => 'user.list', 'icon' => 'icon-group', 'aclresource' => 'userlist', 'aclprivilege' => 'view']
|
||||
];
|
||||
|
||||
# dispatch fields;
|
||||
$navigation = $this->c->dispatcher->dispatch('onSystemnaviLoaded', new OnSystemnaviLoaded($navigation))->getData();
|
||||
|
||||
return $navigation;
|
||||
}
|
||||
|
||||
private function validateInput($objectType, $objectName, $userInput, $validate, $originalSettings = NULL)
|
||||
{
|
||||
if(!$originalSettings)
|
||||
|
|
@ -543,7 +958,7 @@ class SettingsController extends Controller
|
|||
$imageFieldDefinitions[$fieldName] = $fieldDefinition;
|
||||
}
|
||||
}
|
||||
if(!$fieldDefinition && $fieldName != 'active')
|
||||
if(!$fieldDefinition && $objectType != 'users' && $fieldName != 'active')
|
||||
{
|
||||
$_SESSION['errors'][$objectName][$fieldName] = array('This field is not defined!');
|
||||
}
|
||||
|
|
@ -588,391 +1003,5 @@ class SettingsController extends Controller
|
|||
}
|
||||
}
|
||||
return $userInput;
|
||||
}
|
||||
|
||||
/***********************
|
||||
** USER MANAGEMENT **
|
||||
***********************/
|
||||
|
||||
public function showAccount($request, $response, $args)
|
||||
{
|
||||
$username = $_SESSION['user'];
|
||||
|
||||
$validate = new Validation();
|
||||
|
||||
if($validate->username($username))
|
||||
{
|
||||
# get settings
|
||||
$settings = $this->c->get('settings');
|
||||
|
||||
# get user with userdata
|
||||
$user = new User();
|
||||
$userdata = $user->getSecureUser($username);
|
||||
|
||||
# instantiate field-builder
|
||||
$fieldsModel = new Fields();
|
||||
|
||||
# get the field-definitions
|
||||
$fieldDefinitions = $this->getUserFields($_SESSION['role']);
|
||||
|
||||
# prepare userdata for field-builder
|
||||
$userSettings['user'][$username] = $userdata;
|
||||
|
||||
# generate the input form
|
||||
$userform = $fieldsModel->getFields($userSettings, 'user', $username, $fieldDefinitions);
|
||||
|
||||
$route = $request->getAttribute('route');
|
||||
|
||||
return $this->render($response, 'settings/user.twig', array(
|
||||
'settings' => $settings,
|
||||
'usersettings' => $userSettings, // needed for image url in form, will overwrite settings for field-template
|
||||
'userform' => $userform, // field model, needed to generate frontend-field
|
||||
'userdata' => $userdata, // needed to fill form with data
|
||||
# 'userrole' => false, // not needed ?
|
||||
# 'username' => $args['username'], // not needed ?
|
||||
'route' => $route->getName() // needed to set link active
|
||||
));
|
||||
|
||||
return $this->render($response, 'settings/user.twig', array('settings' => $settings, 'usersettings' => $userSettings, 'userdata' => $userdata, 'userrole' => false, 'username' => $username, 'userform' => $userform, 'route' => $route->getName() ));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'User does not exists');
|
||||
return $response->withRedirect($this->c->router->pathFor('home'));
|
||||
}
|
||||
|
||||
public function showUser($request, $response, $args)
|
||||
{
|
||||
# if user has no rights to watch userlist, then only show his user-entry
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'userlist', 'view') && $_SESSION['user'] !== $args['username'] )
|
||||
{
|
||||
return $response->withRedirect($this->c->router->pathFor('user.show', ['username' => $_SESSION['user']] ));
|
||||
}
|
||||
|
||||
$validate = new Validation();
|
||||
|
||||
if($validate->username($args['username']))
|
||||
{
|
||||
# get settings
|
||||
$settings = $this->c->get('settings');
|
||||
|
||||
# get user with userdata
|
||||
$user = new User();
|
||||
$userdata = $user->getSecureUser($args['username']);
|
||||
|
||||
$username = $userdata['username'];
|
||||
|
||||
# instantiate field-builder
|
||||
$fieldsModel = new Fields();
|
||||
|
||||
# get the field-definitions
|
||||
$fieldDefinitions = $this->getUserFields($userdata['userrole']);
|
||||
|
||||
# prepare userdata for field-builder
|
||||
$userSettings['user'][$username] = $userdata;
|
||||
|
||||
# generate the input form
|
||||
$userform = $fieldsModel->getFields($userSettings, 'user', $username, $fieldDefinitions);
|
||||
|
||||
$route = $request->getAttribute('route');
|
||||
|
||||
return $this->render($response, 'settings/user.twig', array(
|
||||
'settings' => $settings,
|
||||
'usersettings' => $userSettings, // needed for image url in form, will overwrite settings for field-template
|
||||
'userform' => $userform, // field model, needed to generate frontend-field
|
||||
'userdata' => $userdata, // needed to fill form with data
|
||||
# 'userrole' => false, // not needed ?
|
||||
# 'username' => $args['username'], // not needed ?
|
||||
'route' => $route->getName() // needed to set link active
|
||||
));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'User does not exists');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.account'));
|
||||
}
|
||||
|
||||
private function getUserFields($role)
|
||||
{
|
||||
$fields = [];
|
||||
$fields['username'] = ['label' => 'Username (read only)', 'type' => 'text', 'readonly' => true];
|
||||
$fields['image'] = ['label' => 'Profile-Image', 'type' => 'image'];
|
||||
$fields['description'] = ['label' => 'Author-Description (Markdown)', 'type' => 'textarea'];
|
||||
$fields['firstname'] = ['label' => 'First Name', 'type' => 'text'];
|
||||
$fields['lastname'] = ['label' => 'Last Name', 'type' => 'text'];
|
||||
$fields['email'] = ['label' => 'E-Mail', 'type' => 'text', 'required' => true];
|
||||
$fields['userrole'] = ['label' => 'Role', 'type' => 'text', 'readonly' => true];
|
||||
$fields['password'] = ['label' => 'Actual Password', 'type' => 'password'];
|
||||
$fields['newpassword'] = ['label' => 'New Password', 'type' => 'password'];
|
||||
|
||||
# dispatch fields;
|
||||
|
||||
# change admin stuff
|
||||
if($_SESSION['role'] == 'administrator')
|
||||
{
|
||||
$userroles = $this->c->acl->getRoles();
|
||||
$options = [];
|
||||
|
||||
# we need associative array to make select-field with key/value work
|
||||
foreach($userroles as $userrole)
|
||||
{
|
||||
$options[$userrole] = $userrole;
|
||||
}
|
||||
|
||||
$fields['userrole'] = ['label' => 'Role', 'type' => 'select', 'options' => $options];
|
||||
}
|
||||
|
||||
$userform = [];
|
||||
$userform['forms']['fields'] = $fields;
|
||||
return $userform;
|
||||
}
|
||||
|
||||
public function listUser($request, $response)
|
||||
{
|
||||
$user = new User();
|
||||
$users = $user->getUsers();
|
||||
$userdata = array();
|
||||
$route = $request->getAttribute('route');
|
||||
$settings = $this->c->get('settings');
|
||||
|
||||
foreach($users as $username)
|
||||
{
|
||||
$userdata[] = $user->getUser($username);
|
||||
}
|
||||
|
||||
return $this->render($response, 'settings/userlist.twig', array('settings' => $settings, 'users' => $users, 'userdata' => $userdata, 'route' => $route->getName() ));
|
||||
}
|
||||
|
||||
public function newUser($request, $response, $args)
|
||||
{
|
||||
$user = new User();
|
||||
$users = $user->getUsers();
|
||||
$userrole = $user->getUserroles();
|
||||
$route = $request->getAttribute('route');
|
||||
$settings = $this->c->get('settings');
|
||||
|
||||
return $this->render($response, 'settings/usernew.twig', array('settings' => $settings, 'users' => $users, 'userrole' => $userrole, 'route' => $route->getName() ));
|
||||
}
|
||||
|
||||
public function createUser($request, $response, $args)
|
||||
{
|
||||
if($request->isPost())
|
||||
{
|
||||
$referer = $request->getHeader('HTTP_REFERER');
|
||||
$uri = $request->getUri()->withUserInfo('');
|
||||
$base_url = $uri->getBaseUrl();
|
||||
|
||||
/* security, users should not be able to fake post with settings from other typemill pages.
|
||||
if(!isset($referer[0]) OR $referer[0] !== $base_url . '/tm/user/new' )
|
||||
{
|
||||
$this->c->flash->addMessage('error', 'illegal referer');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.new'));
|
||||
}
|
||||
*/
|
||||
|
||||
$params = $request->getParams();
|
||||
$user = new User();
|
||||
$validate = new Validation();
|
||||
$userroles = $this->c->acl->getRoles();
|
||||
|
||||
if($validate->newUser($params, $userroles))
|
||||
{
|
||||
$userdata = array(
|
||||
'username' => $params['username'],
|
||||
'firstname' => $params['firstname'],
|
||||
'lastname' => $params['lastname'],
|
||||
'email' => $params['email'],
|
||||
'userrole' => $params['userrole'],
|
||||
'password' => $params['password']);
|
||||
|
||||
$user->createUser($userdata);
|
||||
|
||||
$this->c->flash->addMessage('info', 'Welcome, there is a new user!');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.list'));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'Please correct your input');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.new'));
|
||||
}
|
||||
}
|
||||
|
||||
public function updateUser($request, $response, $args)
|
||||
{
|
||||
|
||||
if($request->isPost())
|
||||
{
|
||||
$referer = $request->getHeader('HTTP_REFERER');
|
||||
$uri = $request->getUri()->withUserInfo('');
|
||||
$base_url = $uri->getBaseUrl();
|
||||
|
||||
/* security, users should not be able to fake post with settings from other typemill pages.
|
||||
if(!isset($referer[0]) OR strpos($referer[0], $base_url . '/tm/user/') === false )
|
||||
{
|
||||
$this->c->flash->addMessage('error', 'illegal referer');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.list'));
|
||||
}
|
||||
*/
|
||||
|
||||
$params = $request->getParams();
|
||||
$userdata = $params['user'];
|
||||
$user = new User();
|
||||
$validate = new Validation();
|
||||
$userroles = $this->c->acl->getRoles();
|
||||
|
||||
print_r($params);
|
||||
die();
|
||||
|
||||
# check if user is allowed to view (edit) userlist and other users
|
||||
if(!$this->c->acl->isAllowed($_SESSION['role'], 'userlist', 'view'))
|
||||
{
|
||||
# if an editor tries to update other userdata than its own */
|
||||
if($_SESSION['user'] !== $userdata['username'])
|
||||
{
|
||||
return $response->withRedirect($this->c->router->pathFor('user.account'));
|
||||
}
|
||||
|
||||
# non admins cannot change his userrole, so set it to session-value
|
||||
$userdata['userrole'] = $_SESSION['role'];
|
||||
}
|
||||
|
||||
# validate standard fields for users
|
||||
if($validate->existingUser($userdata, $userroles))
|
||||
{
|
||||
# validate custom input fields and return images
|
||||
$userfields = $this->getUserFields($userdata['userrole']);
|
||||
$imageFields = $this->validateInput('users', 'user', $userdata, $validate, $userfields);
|
||||
|
||||
if(!isset($_SESSION['errors']) && !empty($imageFields))
|
||||
{
|
||||
$images = $request->getUploadedFiles();
|
||||
|
||||
if(isset($images['user']))
|
||||
{
|
||||
# set image size
|
||||
$settings = $this->c->get('settings');
|
||||
$settings['images']['live'] = ['width' => 500, 'height' => 500];
|
||||
$userdata = $this->saveImages($imageFields, $userdata, $settings, $images['user']);
|
||||
}
|
||||
}
|
||||
|
||||
# check for errors and redirect to path, if errors found */
|
||||
if(isset($_SESSION['errors']))
|
||||
{
|
||||
$this->c->flash->addMessage('error', 'Please correct the errors');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.show', ['username' => $userdata['username']]));
|
||||
}
|
||||
|
||||
if(empty($userdata['password']) AND empty($userdata['newpassword']))
|
||||
{
|
||||
$user->updateUser($userdata);
|
||||
$this->c->flash->addMessage('info', 'Saved all changes');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.show', ['username' => $userdata['username']]));
|
||||
}
|
||||
elseif($validate->newPassword($userdata))
|
||||
{
|
||||
$userdata['password'] = $userdata['newpassword'];
|
||||
unset($userdata['newpassword']);
|
||||
|
||||
$user->updateUser($userdata);
|
||||
$this->c->flash->addMessage('info', 'Saved all changes');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.show', ['username' => $userdata['username']]));
|
||||
}
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'Please correct your input');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.show', ['username' => $userdata['username']]));
|
||||
}
|
||||
}
|
||||
|
||||
public function deleteUser($request, $response, $args)
|
||||
{
|
||||
if($request->isPost())
|
||||
{
|
||||
$referer = $request->getHeader('HTTP_REFERER');
|
||||
$uri = $request->getUri()->withUserInfo('');
|
||||
$base_url = $uri->getBaseUrl();
|
||||
|
||||
/* security, users should not be able to fake post with settings from other typemill pages.
|
||||
if(!isset($referer[0]) OR strpos($referer[0], $base_url . '/tm/user/') === false )
|
||||
{
|
||||
$this->c->flash->addMessage('error', 'illegal referer');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.list'));
|
||||
}
|
||||
*/
|
||||
|
||||
$params = $request->getParams();
|
||||
$validate = new Validation();
|
||||
$user = new User();
|
||||
|
||||
/* non admins have different update rights */
|
||||
if($_SESSION['role'] !== 'administrator')
|
||||
{
|
||||
/* if an editor tries to delete other user than its own */
|
||||
if($_SESSION['user'] !== $params['username'])
|
||||
{
|
||||
return $response->withRedirect($this->c->router->pathFor('user.show', ['username' => $_SESSION['user']] ));
|
||||
}
|
||||
}
|
||||
|
||||
if($validate->username($params['username']))
|
||||
{
|
||||
$user->deleteUser($params['username']);
|
||||
|
||||
# if user deleted his own account
|
||||
if($_SESSION['user'] == $params['username'])
|
||||
{
|
||||
session_destroy();
|
||||
return $response->withRedirect($this->c->router->pathFor('auth.show'));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('info', 'Say goodbye, the user is gone!');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.list'));
|
||||
}
|
||||
|
||||
$this->c->flash->addMessage('error', 'Ups, we did not find that user');
|
||||
return $response->withRedirect($this->c->router->pathFor('user.show', ['username' => $params['username']]));
|
||||
}
|
||||
}
|
||||
|
||||
private function getThemes()
|
||||
{
|
||||
$themeFolder = $this->c->get('settings')['rootPath'] . $this->c->get('settings')['themeFolder'];
|
||||
$themeFolderC = scandir($themeFolder);
|
||||
$themes = array();
|
||||
foreach ($themeFolderC as $key => $theme)
|
||||
{
|
||||
if (!in_array($theme, array(".","..")))
|
||||
{
|
||||
if (is_dir($themeFolder . DIRECTORY_SEPARATOR . $theme))
|
||||
{
|
||||
$themes[] = $theme;
|
||||
}
|
||||
}
|
||||
}
|
||||
return $themes;
|
||||
}
|
||||
|
||||
private function getCopyright()
|
||||
{
|
||||
return array(
|
||||
"©",
|
||||
"CC-BY",
|
||||
"CC-BY-NC",
|
||||
"CC-BY-NC-ND",
|
||||
"CC-BY-NC-SA",
|
||||
"CC-BY-ND",
|
||||
"CC-BY-SA",
|
||||
"None"
|
||||
);
|
||||
}
|
||||
|
||||
private function getLanguages()
|
||||
{
|
||||
return array(
|
||||
'en' => 'English',
|
||||
'ru' => 'Russian',
|
||||
'nl' => 'Dutch, Flemish',
|
||||
'de' => 'German',
|
||||
'it' => 'Italian',
|
||||
'fr' => 'French',
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,11 +66,11 @@ class SetupController extends Controller
|
|||
$validate = new Validation();
|
||||
$user = new User();
|
||||
|
||||
/* set user as admin */
|
||||
# set user as admin
|
||||
$params['userrole'] = 'administrator';
|
||||
|
||||
/* get userroles for validation */
|
||||
$userroles = $user->getUserroles();
|
||||
# get userroles for validation
|
||||
$userroles = $this->c->acl->getRoles();
|
||||
|
||||
/* validate user */
|
||||
if($validate->newUser($params, $userroles))
|
||||
|
|
|
|||
14
system/Events/OnSystemnaviLoaded.php
Normal file
14
system/Events/OnSystemnaviLoaded.php
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
<?php
|
||||
|
||||
namespace Typemill\Events;
|
||||
|
||||
use Symfony\Component\EventDispatcher\Event;
|
||||
|
||||
/**
|
||||
* Event for settings
|
||||
*/
|
||||
|
||||
class OnSystemnaviLoaded extends BaseEvent
|
||||
{
|
||||
|
||||
}
|
||||
14
system/Events/OnUserfieldsLoaded.php
Normal file
14
system/Events/OnUserfieldsLoaded.php
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
<?php
|
||||
|
||||
namespace Typemill\Events;
|
||||
|
||||
use Symfony\Component\EventDispatcher\Event;
|
||||
|
||||
/**
|
||||
* Event for the page tree.
|
||||
*/
|
||||
|
||||
class OnUserfieldsLoaded extends BaseEvent
|
||||
{
|
||||
|
||||
}
|
||||
|
|
@ -8,6 +8,7 @@ class TwigUserExtension extends \Twig_Extension
|
|||
{
|
||||
return [
|
||||
new \Twig_SimpleFunction('is_role', array($this, 'isRole' )),
|
||||
new \Twig_SimpleFunction('get_role', array($this, 'getRole' )),
|
||||
new \Twig_SimpleFunction('get_username', array($this, 'getUsername' ))
|
||||
];
|
||||
}
|
||||
|
|
@ -21,6 +22,15 @@ class TwigUserExtension extends \Twig_Extension
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function getRole()
|
||||
{
|
||||
if(isset($_SESSION['role']))
|
||||
{
|
||||
return $_SESSION['role'];
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public function getUsername()
|
||||
{
|
||||
|
|
|
|||
|
|
@ -8,6 +8,8 @@ use Slim\Http\Response;
|
|||
|
||||
class RedirectIfNoAdmin
|
||||
{
|
||||
# NOT IN USE ANYMORE
|
||||
/*
|
||||
protected $router;
|
||||
|
||||
public function __construct(RouterInterface $router, $flash)
|
||||
|
|
@ -29,4 +31,5 @@ class RedirectIfNoAdmin
|
|||
|
||||
return $next($request, $response);
|
||||
}
|
||||
*/
|
||||
}
|
||||
|
|
@ -66,25 +66,37 @@ class User extends WriteYaml
|
|||
{
|
||||
$userdata = $this->getUser($params['username']);
|
||||
|
||||
# make sure passwords are not overwritten
|
||||
if(isset($params['newpassword'])){ unset($params['newpassword']); }
|
||||
if(isset($params['password']))
|
||||
{
|
||||
$params['password'] = $this->generatePassword($params['password']);
|
||||
if(empty($params['password']))
|
||||
{
|
||||
unset($params['password']);
|
||||
}
|
||||
else
|
||||
{
|
||||
$params['password'] = $this->generatePassword($params['password']);
|
||||
}
|
||||
}
|
||||
|
||||
$update = array_merge($userdata, $params);
|
||||
|
||||
$this->updateYaml('settings/users', $userdata['username'] . '.yaml', $update);
|
||||
|
||||
$_SESSION['user'] = $update['username'];
|
||||
$_SESSION['role'] = $update['userrole'];
|
||||
# if user updated his own profile, update session data
|
||||
if($_SESSION['user'] == $params['username'])
|
||||
{
|
||||
$_SESSION['role'] = $update['userrole'];
|
||||
|
||||
if(isset($update['firstname']))
|
||||
{
|
||||
$_SESSION['firstname'] = $update['firstname'];
|
||||
}
|
||||
if(isset($update['lastname']))
|
||||
{
|
||||
$_SESSION['lastname'] = $update['lastname'];
|
||||
if(isset($update['firstname']))
|
||||
{
|
||||
$_SESSION['firstname'] = $update['firstname'];
|
||||
}
|
||||
if(isset($update['lastname']))
|
||||
{
|
||||
$_SESSION['lastname'] = $update['lastname'];
|
||||
}
|
||||
}
|
||||
|
||||
return $userdata['username'];
|
||||
|
|
|
|||
|
|
@ -52,11 +52,18 @@ class WriteMeta extends WriteYaml
|
|||
|
||||
$description = $this->generateDescription($content, $parsedown, $item);
|
||||
|
||||
# owner holds the edit-rights
|
||||
$owner = '';
|
||||
if(isset($_SESSION['user']))
|
||||
{
|
||||
$owner = $_SESSION['user'];
|
||||
}
|
||||
|
||||
$author = $settings['author'];
|
||||
|
||||
if(isset($_SESSION))
|
||||
{
|
||||
if(isset($_SESSION['firstname']) && $_SESSION['firstname'] !='' && isset($_SESSION['lastname']) && $_SESSION['lastname'] != '')
|
||||
if(isset($_SESSION['firstname']) && $_SESSION['firstname'] != '' && isset($_SESSION['lastname']) && $_SESSION['lastname'] != '')
|
||||
{
|
||||
$author = $_SESSION['firstname'] . ' ' . $_SESSION['lastname'];
|
||||
}
|
||||
|
|
@ -71,6 +78,7 @@ class WriteMeta extends WriteYaml
|
|||
'meta' => [
|
||||
'title' => $title,
|
||||
'description' => $description,
|
||||
'owner' => $owner,
|
||||
'author' => $author,
|
||||
'created' => date("Y-m-d"),
|
||||
'time' => date("H-i-s"),
|
||||
|
|
@ -88,6 +96,13 @@ class WriteMeta extends WriteYaml
|
|||
# used by MetaApiController. Do not set title or description in defaults if page is not published yet
|
||||
public function getPageMetaBlank($content, $settings, $item)
|
||||
{
|
||||
# owner holds the edit-rights
|
||||
$owner = '';
|
||||
if(isset($_SESSION['user']))
|
||||
{
|
||||
$owner = $_SESSION['user'];
|
||||
}
|
||||
|
||||
$author = $settings['author'];
|
||||
|
||||
if(isset($_SESSION))
|
||||
|
|
@ -107,6 +122,7 @@ class WriteMeta extends WriteYaml
|
|||
'meta' => [
|
||||
'title' => '',
|
||||
'description' => '',
|
||||
'owner' => $owner,
|
||||
'author' => $author,
|
||||
'created' => date("Y-m-d"),
|
||||
'time' => date("H-i-s"),
|
||||
|
|
|
|||
|
|
@ -36,20 +36,22 @@ $app->get('/tm/login', AuthController::class . ':show')->setName('auth.show')->a
|
|||
$app->post('/tm/login', AuthController::class . ':login')->setName('auth.login')->add(new RedirectIfAuthenticated($container['router'], $container['settings']));
|
||||
$app->get('/tm/logout', AuthController::class . ':logout')->setName('auth.logout')->add(new RedirectIfUnauthenticated($container['router'], $container['flash']));
|
||||
|
||||
$app->get('/tm/settings', SettingsController::class . ':showSettings')->setName('settings.show')->add(new accessController($container['router'], $container['acl'], 'settings', 'view'));
|
||||
$app->post('/tm/settings', SettingsController::class . ':saveSettings')->setName('settings.save')->add(new accessController($container['router'], $container['acl'], 'settings', 'update'));
|
||||
$app->get('/tm/themes', SettingsController::class . ':showThemes')->setName('themes.show')->add(new accessController($container['router'], $container['acl'], 'themes', 'view'));
|
||||
$app->post('/tm/themes', SettingsController::class . ':saveThemes')->setName('themes.save')->add(new accessController($container['router'], $container['acl'], 'themes', 'update'));
|
||||
$app->get('/tm/settings', SettingsController::class . ':showSettings')->setName('settings.show')->add(new accessController($container['router'], $container['acl'], 'system', 'view'));
|
||||
$app->post('/tm/settings', SettingsController::class . ':saveSettings')->setName('settings.save')->add(new accessController($container['router'], $container['acl'], 'system', 'update'));
|
||||
|
||||
$app->get('/tm/plugins', SettingsController::class . ':showPlugins')->setName('plugins.show')->add(new accessController($container['router'], $container['acl'], 'plugins', 'view'));
|
||||
$app->post('/tm/plugins', SettingsController::class . ':savePlugins')->setName('plugins.save')->add(new accessController($container['router'], $container['acl'], 'plugins', 'update'));
|
||||
$app->get('/tm/user/new', SettingsController::class . ':newUser')->setName('user.new')->add(new accessController($container['router'], $container['acl'], 'users', 'create'));
|
||||
$app->get('/tm/themes', SettingsController::class . ':showThemes')->setName('themes.show')->add(new accessController($container['router'], $container['acl'], 'system', 'view'));
|
||||
$app->post('/tm/themes', SettingsController::class . ':saveThemes')->setName('themes.save')->add(new accessController($container['router'], $container['acl'], 'system', 'update'));
|
||||
|
||||
$app->get('/tm/plugins', SettingsController::class . ':showPlugins')->setName('plugins.show')->add(new accessController($container['router'], $container['acl'], 'system', 'view'));
|
||||
$app->post('/tm/plugins', SettingsController::class . ':savePlugins')->setName('plugins.save')->add(new accessController($container['router'], $container['acl'], 'system', 'update'));
|
||||
|
||||
$app->get('/tm/account', SettingsController::class . ':showAccount')->setName('user.account')->add(new accessController($container['router'], $container['acl'], 'user', 'view'));
|
||||
$app->get('/tm/user/new', SettingsController::class . ':newUser')->setName('user.new')->add(new accessController($container['router'], $container['acl'], 'user', 'create'));
|
||||
$app->post('/tm/user/create', SettingsController::class . ':createUser')->setName('user.create')->add(new accessController($container['router'], $container['acl'], 'user', 'create'));
|
||||
$app->post('/tm/user/update', SettingsController::class . ':updateUser')->setName('user.update')->add(new accessController($container['router'], $container['acl'], 'user', 'update'));
|
||||
$app->post('/tm/user/delete', SettingsController::class . ':deleteUser')->setName('user.delete')->add(new accessController($container['router'], $container['acl'], 'user', 'delete'));
|
||||
$app->get('/tm/user/account', SettingsController::class . ':showAccount')->setName('user.account')->add(new accessController($container['router'], $container['acl'], 'user', 'view'));
|
||||
$app->get('/tm/user/{username}', SettingsController::class . ':showUser')->setName('user.show')->add(new accessController($container['router'], $container['acl'], 'user', 'view'));
|
||||
$app->get('/tm/user', SettingsController::class . ':listUser')->setName('user.list')->add(new accessController($container['router'], $container['acl'], 'userlist', 'view'));
|
||||
$app->get('/tm/users', SettingsController::class . ':listUser')->setName('user.list')->add(new accessController($container['router'], $container['acl'], 'userlist', 'view'));
|
||||
|
||||
$app->get('/tm/content/raw[/{params:.*}]', ContentBackendController::class . ':showContent')->setName('content.raw')->add(new accessController($container['router'], $container['acl'], 'content', 'view'));
|
||||
$app->get('/tm/content/visual[/{params:.*}]', ContentBackendController::class . ':showBlox')->setName('content.visual')->add(new accessController($container['router'], $container['acl'], 'content', 'view'));
|
||||
|
|
|
|||
|
|
@ -190,32 +190,29 @@ class Settings
|
|||
public static function loadResources()
|
||||
{
|
||||
return ['content',
|
||||
'mycontent',
|
||||
'user',
|
||||
'userlist',
|
||||
'settings',
|
||||
'themes',
|
||||
'plugins'];
|
||||
'system'];
|
||||
}
|
||||
|
||||
public static function loadRolesAndPermissions()
|
||||
{
|
||||
$guest['name'] = 'guest';
|
||||
$guest['inherits'] = NULL;
|
||||
$guest['permissions'] = [];
|
||||
|
||||
$member['name'] = 'member';
|
||||
$member['inherits'] = 'guest';
|
||||
$member['inherits'] = NULL;
|
||||
$member['permissions'] = ['user' => ['view','update','delete']];
|
||||
|
||||
$author['name'] = 'author';
|
||||
$author['inherits'] = 'member';
|
||||
$author['permissions'] = ['content' => ['view','create', 'update', 'delete']];
|
||||
$author['permissions'] = ['mycontent' => ['view', 'create', 'update'],
|
||||
'content' => ['view']];
|
||||
|
||||
$editor['name'] = 'editor';
|
||||
$editor['inherits'] = 'author';
|
||||
$editor['permissions'] = ['content' => ['publish', 'depublish']];
|
||||
$editor['permissions'] = [ 'mycontent' => ['delete', 'publish', 'unpublish'],
|
||||
'content' => ['create', 'update', 'delete', 'publish', 'unpublish']];
|
||||
|
||||
return [$guest, $member, $author, $editor];
|
||||
return [$member, $author, $editor];
|
||||
}
|
||||
|
||||
public static function createAcl($roles, $resources)
|
||||
|
|
@ -235,7 +232,8 @@ class Settings
|
|||
foreach($roles as $role)
|
||||
{
|
||||
$acl->addRole(new Role($role['name']), $role['inherits']);
|
||||
foreach($role['permissions'] as $resource => $permissions)
|
||||
|
||||
foreach($role['permissions'] as $resource => $permissions)
|
||||
{
|
||||
$acl->allow($role['name'], $resource, $permissions);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ class Translations
|
|||
$yaml = new Models\WriteYaml();
|
||||
$settings = $yaml->getYaml('settings', 'settings.yaml');
|
||||
|
||||
if($settings === FALSE){
|
||||
if(!isset($settings['language'])){
|
||||
$language = \Typemill\Settings::whichLanguage();
|
||||
} else {
|
||||
$language = $settings['language'];
|
||||
|
|
|
|||
|
|
@ -720,6 +720,9 @@ li.row{
|
|||
width: 100%;
|
||||
box-sizing: border-box;
|
||||
}
|
||||
li.row.header{
|
||||
display:none;
|
||||
}
|
||||
li.row ul{
|
||||
background: #f9f8f6;
|
||||
margin: 5px 0;
|
||||
|
|
@ -738,6 +741,15 @@ li.col.username, li.col.email, li.col.userrole, li.col.edit{
|
|||
li.col.username{
|
||||
border-top: 2px solid #70c1b3;
|
||||
}
|
||||
li.col:before{
|
||||
width: 25%;
|
||||
font-weight:900;
|
||||
display:inline-block;
|
||||
}
|
||||
li.col.username:before{content:"User: ";}
|
||||
li.col.userrole:before{content:"Role: ";}
|
||||
li.col.email:before{content:"Mail: ";}
|
||||
li.col.edit:before{content:"Link: ";}
|
||||
.col.username,.col.email,.col.userrole, .col.edit{
|
||||
width: 100%;
|
||||
}
|
||||
|
|
@ -2781,6 +2793,23 @@ footer a:focus, footer a:hover, footer a:active
|
|||
margin-top: 10px;
|
||||
margin-bottom: 40px;
|
||||
}
|
||||
li.row.header{
|
||||
display: block;
|
||||
}
|
||||
li.row.header ul{
|
||||
color: #fff;
|
||||
background: #70c1b3;
|
||||
}
|
||||
li.col.username, li.col.email, li.col.userrole, li.col.edit{
|
||||
border: 1px solid #fff;
|
||||
}
|
||||
li.col.username{
|
||||
border-top: 2px solid #70c1b3;
|
||||
}
|
||||
li.col:before{
|
||||
width: 0%;
|
||||
display:none;
|
||||
}
|
||||
li.row ul{
|
||||
margin: 0px;
|
||||
}
|
||||
|
|
@ -2789,10 +2818,10 @@ footer a:focus, footer a:hover, footer a:active
|
|||
}
|
||||
.col.edit{
|
||||
width: 10%;
|
||||
}
|
||||
}
|
||||
li.col.username{
|
||||
border-top: 0px;
|
||||
border-left: 2px solid #70c1b3;
|
||||
border-left: 0px solid #70c1b3;
|
||||
}
|
||||
.buttonset{
|
||||
width: 76%;
|
||||
|
|
|
|||
|
|
@ -5,6 +5,8 @@
|
|||
|
||||
<div class="formWrapper">
|
||||
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'update')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'update')) ) %}
|
||||
|
||||
<div id="metanav" class="metanav" v-cloak>
|
||||
|
||||
<button
|
||||
|
|
@ -26,6 +28,8 @@
|
|||
|
||||
</div>
|
||||
|
||||
{% endif %}
|
||||
|
||||
<section id="blox" :class="showBlox">
|
||||
|
||||
<div class="blox-body">
|
||||
|
|
@ -60,17 +64,21 @@
|
|||
</content-block>
|
||||
</draggable>
|
||||
</div>
|
||||
|
||||
<div class="format-bar">
|
||||
|
||||
<content-block :body="false">
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'edit')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'update')) ) %}
|
||||
|
||||
<button v-for="button in formats" class="format-item" @click.prevent="setData( $event, button.component )" data-id="99999" id="blox-99999" :title="button.title|translate" v-html="button.label"></button>
|
||||
|
||||
</content-block>
|
||||
<div class="format-bar">
|
||||
|
||||
<content-block :body="false">
|
||||
|
||||
<button v-for="button in formats" class="format-item" @click.prevent="setData( $event, button.component )" data-id="99999" id="blox-99999" :title="button.title|translate" v-html="button.label"></button>
|
||||
|
||||
</content-block>
|
||||
|
||||
</div>
|
||||
|
||||
{% endif %}
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
</section>
|
||||
|
|
|
|||
|
|
@ -5,6 +5,8 @@
|
|||
|
||||
<div class="formWrapper">
|
||||
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'update')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'update')) ) %}
|
||||
|
||||
<div id="metanav" class="metanav" v-cloak>
|
||||
|
||||
<button
|
||||
|
|
@ -26,6 +28,8 @@
|
|||
|
||||
</div>
|
||||
|
||||
{% endif %}
|
||||
|
||||
<div id="editor" class="editor">
|
||||
<form action="#" v-cloak>
|
||||
|
||||
|
|
|
|||
|
|
@ -2,30 +2,47 @@
|
|||
|
||||
<div class="editor buttonset" id="publishController" data-published="{{ item.published }}" data-drafted="{{ item.drafted }}" v-cloak>
|
||||
<div v-if="errors.message" class="message error">${ errors.message }</div>
|
||||
<button v-if="raw" @click.prevent="saveDraft" id="draft" :class="draftResult" :disabled="draftDisabled"><span class="desktop">{{ __('Save') }} </span>{{ __('Draft') }}</button><button @click.prevent="publishDraft" id="publish" :class="publishResult" :disabled="publishDisabled">{{ __('Publish') }}</button>
|
||||
<button @click.prevent="showModal('discard')" v-if="visual && !publishStatus" id="discard" :class="discardResult" :disabled="publishDisabled">{{ __('Discard') }}</button>
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'update')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'update')) ) %}
|
||||
<button v-if="raw" @click.prevent="saveDraft" id="draft" :class="draftResult" :disabled="draftDisabled"><span class="desktop">{{ __('Save') }} </span>{{ __('Draft') }}</button>
|
||||
{% endif %}
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'publish')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'publish')) ) %}
|
||||
<button @click.prevent="publishDraft" id="publish" :class="publishResult" :disabled="publishDisabled">{{ __('Publish') }}</button>
|
||||
{% endif %}
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'update')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'update')) ) %}
|
||||
<button @click.prevent="showModal('discard')" v-if="visual && !publishStatus" id="discard" :class="discardResult" :disabled="publishDisabled">{{ __('Discard') }}</button>
|
||||
{% endif %}
|
||||
<div class="secondary">
|
||||
<button @click.prevent="depublishArticle" class="button--secondary" :disabled="publishStatus"><span class="desktop">${publishLabel}</span><span class="mobile">${publishLabelMobile}</span></button>
|
||||
<button @click.prevent="showModal('delete')" class="button--secondary danger"><span class="desktop">{{ __('delete') }}</span><span class="mobile">X</span></button>
|
||||
<a v-if="visual" href="{{ base_url }}/tm/content/raw{{ itemurl }}" class="button--secondary"><span class="desktop">{{ __('raw mode') }}</span><span class="mobile">{{ __('raw') }}</span></a>
|
||||
<a v-if="raw" href="{{ base_url }}/tm/content/visual{{ itemurl }}" class="button--secondary"><span class="desktop">{{ __('visual mode') }}</span><span class="mobile">{{ __('visual') }}</span></a>
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'unpublish')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'unpublish')) ) %}
|
||||
<button @click.prevent="depublishArticle" class="button--secondary" :disabled="publishStatus"><span class="desktop">${publishLabel}</span><span class="mobile">${publishLabelMobile}</span></button>
|
||||
{% endif %}
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'delete')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'delete')) ) %}
|
||||
<button @click.prevent="showModal('delete')" class="button--secondary danger"><span class="desktop">{{ __('delete') }}</span><span class="mobile">X</span></button>
|
||||
{% endif %}
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'update')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'update')) ) %}
|
||||
<a v-if="visual" href="{{ base_url }}/tm/content/raw{{ itemurl }}" class="button--secondary"><span class="desktop">{{ __('raw mode') }}</span><span class="mobile">{{ __('raw') }}</span></a>
|
||||
<a v-if="raw" href="{{ base_url }}/tm/content/visual{{ itemurl }}" class="button--secondary"><span class="desktop">{{ __('visual mode') }}</span><span class="mobile">{{ __('visual') }}</span></a>
|
||||
{% endif %}
|
||||
<a target="_blank" class="button--secondary" href="{{ item.urlAbs }}"><svg class="icon baseline icon-external-link"><use xlink:href="#icon-external-link"></use></svg></a>
|
||||
</div>
|
||||
<transition name="fade">
|
||||
<div v-if="modalWindow" id="modalWindow" class="modalWindow">
|
||||
<div class="modalInner">
|
||||
<div @click="hideModal" id="closeModal" class="closeModal">X</div>
|
||||
<div v-if="modalType == 'delete'">
|
||||
<h2>{{ __('Delete page') }}</h2>
|
||||
<p>{{ __('Do you really want to delete this page') }} {{ __('Please confirm') }}</p>
|
||||
<button @click.prevent="deleteArticle" class="large alert" :class="deleteResult" :disabled="deleteDisabled">{{ __('Delete Page') }}</button>
|
||||
</div>
|
||||
<div v-if="modalType == 'discard'">
|
||||
<h2>{{ __('Discard Changes') }}</h2>
|
||||
<p>{{ __('Do you want to discard your changes and set the content back to the live version') }}</p>
|
||||
<button @click.prevent="discardDraft" class="large fullwidth" :class="discardResult" :disabled="publishDisabled">{{ __('Discard Changes') }}</button>
|
||||
<transition name="fade">
|
||||
<div v-if="modalWindow" id="modalWindow" class="modalWindow">
|
||||
<div class="modalInner">
|
||||
<div @click="hideModal" id="closeModal" class="closeModal">X</div>
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'delete')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'delete')) ) %}
|
||||
<div v-if="modalType == 'delete'">
|
||||
<h2>{{ __('Delete page') }}</h2>
|
||||
<p>{{ __('Do you really want to delete this page') }} {{ __('Please confirm') }}</p>
|
||||
<button @click.prevent="deleteArticle" class="large alert" :class="deleteResult" :disabled="deleteDisabled">{{ __('Delete Page') }}</button>
|
||||
</div>
|
||||
{% endif %}
|
||||
{% if (acl.isAllowed(get_role(), 'content', 'update')) or ( (mycontent) and (acl.isAllowed(get_role(), 'mycontent', 'update')) ) %}
|
||||
<div v-if="modalType == 'discard'">
|
||||
<h2>{{ __('Discard Changes') }}</h2>
|
||||
<p>{{ __('Do you want to discard your changes and set the content back to the live version') }}</p>
|
||||
<button @click.prevent="discardDraft" class="large fullwidth" :class="discardResult" :disabled="publishDisabled">{{ __('Discard Changes') }}</button>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</transition>
|
||||
</transition>
|
||||
</div>
|
||||
|
|
@ -401,6 +401,7 @@ const contentComponent = Vue.component('content-block', {
|
|||
if(httpStatus == 400)
|
||||
{
|
||||
self.activatePage();
|
||||
publishController.errors.message = "Looks like you are logged out. Please login and try again.";
|
||||
}
|
||||
if(response)
|
||||
{
|
||||
|
|
@ -410,7 +411,7 @@ const contentComponent = Vue.component('content-block', {
|
|||
|
||||
if(result.errors)
|
||||
{
|
||||
publishController.errors.message = result.errors;
|
||||
publishController.errors.message = result.errors.message;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -1587,6 +1588,7 @@ const imageComponent = Vue.component('image-component', {
|
|||
if(httpStatus == 400)
|
||||
{
|
||||
self.activatePage();
|
||||
publishController.errors.message = "Looks like you are logged out. Please login and try again.";
|
||||
}
|
||||
if(response)
|
||||
{
|
||||
|
|
@ -1777,6 +1779,7 @@ const fileComponent = Vue.component('file-component', {
|
|||
if(httpStatus == 400)
|
||||
{
|
||||
self.activatePage();
|
||||
publishController.errors.message = "Looks like you are logged out. Please login and try again.";
|
||||
}
|
||||
if(response)
|
||||
{
|
||||
|
|
@ -2316,6 +2319,7 @@ let editor = new Vue({
|
|||
el: '#blox',
|
||||
/* components: componentList, */
|
||||
data: {
|
||||
errors: [],
|
||||
root: document.getElementById("main").dataset.url,
|
||||
html: false,
|
||||
title: false,
|
||||
|
|
|
|||
|
|
@ -516,6 +516,10 @@ let meta = new Vue({
|
|||
{
|
||||
self.formErrors = error.response.data.errors;
|
||||
}
|
||||
if(error.response.data.errors.message)
|
||||
{
|
||||
publishController.errors.message = error.response.data.errors.message;
|
||||
}
|
||||
});
|
||||
},
|
||||
}
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ let publishController = new Vue({
|
|||
self.publishDisabled = false;
|
||||
self.publishResult = "fail";
|
||||
self.errors.message = "Something went wrong, please refresh the page and try again."
|
||||
}
|
||||
}
|
||||
}, method, url, this.form );
|
||||
},
|
||||
discardDraft: function(e) {
|
||||
|
|
@ -118,7 +118,6 @@ let publishController = new Vue({
|
|||
{
|
||||
self.publishDisabled = false;
|
||||
self.discardResult = "fail";
|
||||
|
||||
if(result.errors.title){ editor.errors.title = result.errors.title[0] }
|
||||
if(result.errors.content){ editor.errors.content = result.errors.content[0] }
|
||||
if(result.errors.message){ self.errors.message = result.errors.message }
|
||||
|
|
@ -212,12 +211,6 @@ let publishController = new Vue({
|
|||
self.publishResult = "fail";
|
||||
self.errors.message = "You are probably logged out. Please backup your changes, login and then try again."
|
||||
}
|
||||
else if(httpStatus != 200)
|
||||
{
|
||||
self.publishDisabled = false;
|
||||
self.publishResult = "fail";
|
||||
self.errors.message = "Something went wrong, please refresh the page and try again."
|
||||
}
|
||||
else if(response)
|
||||
{
|
||||
var result = JSON.parse(response);
|
||||
|
|
@ -236,6 +229,12 @@ let publishController = new Vue({
|
|||
navi.getNavi();
|
||||
}
|
||||
}
|
||||
else if(httpStatus != 200)
|
||||
{
|
||||
self.publishDisabled = false;
|
||||
self.publishResult = "fail";
|
||||
self.errors.message = "Something went wrong, please refresh the page and try again.";
|
||||
}
|
||||
}, method, url, this.form );
|
||||
},
|
||||
deleteArticle: function(e){
|
||||
|
|
|
|||
|
|
@ -18,11 +18,16 @@ meta:
|
|||
heroimagealt:
|
||||
type: text
|
||||
label: Alternative Text for the hero image
|
||||
owner:
|
||||
type: text
|
||||
label: owner (username)
|
||||
class: medium
|
||||
description: Has edit rights for this article.
|
||||
author:
|
||||
type: text
|
||||
label: author
|
||||
class: large
|
||||
description: Taken from your user account if set.
|
||||
class: medium
|
||||
description: Can be used for author line in frontend.
|
||||
manualdate:
|
||||
type: date
|
||||
label: Manual date
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
<nav id="sidebar-menu" class="sidebar-menu">
|
||||
{% if is_role('administrator') %}
|
||||
<div id="mobile-menu" class="menu-action">{{ __('Menu') }} <span class="button-arrow"></span></div>
|
||||
<ul class="list pa0 ma0">
|
||||
<li class="pb1"><a class="link dark-gray hover-bg-white bl bw2 b--near-white hover-b--tm-green pa2 dib w-100{{ (route == 'settings.show') ? ' active' : '' }}" href="{{ path_for('settings.show') }}"><svg class="icon icon-wrench mr2"><use xlink:href="#icon-wrench"></use></svg> {{ __('System') }}</a></li>
|
||||
<li class="pb1"><a class="link dark-gray hover-bg-white bl bw2 b--near-white hover-b--tm-green pa2 dib w-100{{ (route == 'themes.show') ? ' active' : '' }}" href="{{ path_for('themes.show') }}"><svg class="icon icon-paint-brush mr2"><use xlink:href="#icon-paint-brush"></use></svg> {{ __('Themes') }}</a></li>
|
||||
<li class="pb1"><a class="link dark-gray hover-bg-white bl bw2 b--near-white hover-b--tm-green pa2 dib w-100{{ (route == 'plugins.show') ? ' active' : '' }}" href="{{ path_for('plugins.show') }}"><svg class="icon icon-plug mr2"><use xlink:href="#icon-plug"></use></svg> {{ __('Plugins') }}</a></li>
|
||||
<li class="pb1"><a class="link dark-gray hover-bg-white bl bw2 b--near-white hover-b--tm-green pa2 dib w-100{{ (route == 'user.account') ? ' active' : '' }}" href="{{ path_for('user.account') }}"><svg class="icon icon-user mr2"><use xlink:href="#icon-user"></use></svg> {{ __('Account') }}</a></li>
|
||||
<li class="pb1"><a class="link dark-gray hover-bg-white bl bw2 b--near-white hover-b--tm-green pa2 dib w-100{{ (route == 'user.list') ? ' active' : '' }}" href="{{ path_for('user.list') }}"><svg class="icon icon-group mr2"><use xlink:href="#icon-group"></use></svg> {{ __('Users') }}</a></li>
|
||||
</ul>
|
||||
{% endif %}
|
||||
<div id="mobile-menu" class="menu-action">{{ __('Menu') }} <span class="button-arrow"></span></div>
|
||||
<ul class="list pa0 ma0">
|
||||
|
||||
{% for name,navitem in navigation %}
|
||||
{% if acl.isAllowed(get_role(), navitem.aclresource, navitem.aclprivilege) %}
|
||||
<li class="pb1"><a class="link dark-gray hover-bg-white bl bw2 b--near-white hover-b--tm-green pa2 dib w-100{{ navitem.active ? ' active' : '' }}" href="{{ path_for(navitem.routename) }}"><svg class="icon baseline {{ navitem.icon }} mr2"><use xlink:href="#{{ navitem.icon }}"></use></svg> {{ __(name) }}</a></li>
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
</ul>
|
||||
</nav>
|
||||
|
|
@ -1,13 +1,18 @@
|
|||
{% set content = (current_url matches '/content.*/') ? true : false %}
|
||||
|
||||
<nav class="header-navi">
|
||||
<div class="logo">
|
||||
<a href="{{ base_url }}/tm/content/{{ settings.editor }}">Typemill</a>
|
||||
</div>
|
||||
<ul class="navi-items">
|
||||
<li><a href="{{ base_url }}/tm/content/{{ settings.editor }}"{{ navigation ? ' class="active"' : '' }}><svg class="icon baseline icon-file-text-o"><use xlink:href="#icon-file-text-o"></use></svg><span class="nav-label"> {{ __('Content') }}</span></a></li><li>
|
||||
{% if is_role('administrator') %}
|
||||
<a href="{{ path_for('settings.show') }}"{{ users ? ' class="active"' : '' }}><svg class="icon baseline icon-cog"><use xlink:href="#icon-cog"></use></svg><span class="nav-label"> {{ __('Settings') }}</span></a></li><li>
|
||||
<li>
|
||||
{% if acl.isAllowed(get_role(), 'content', 'view') %}
|
||||
<a href="{{ base_url }}/tm/content/{{ settings.editor }}"{{ content ? ' class="active"' : '' }}><svg class="icon baseline icon-file-text-o"><use xlink:href="#icon-file-text-o"></use></svg><span class="nav-label"> {{ __('Content') }}</span></a></li><li>
|
||||
{% endif %}
|
||||
{% if acl.isAllowed(get_role(), 'system', 'view') %}
|
||||
<a href="{{ path_for('settings.show') }}"{{ content ? '' : 'class="active"' }}><svg class="icon baseline icon-cog"><use xlink:href="#icon-cog"></use></svg><span class="nav-label"> {{ __('Settings') }}</span></a></li><li>
|
||||
{% else %}
|
||||
<a href="{{ path_for('user.show', {'username' : get_username() }) }}"{{ users ? ' class="active"' : '' }}><svg class="icon icon-cog baseline"><use xlink:href="#icon-cog, gear"></use></svg><span class="nav-label"> {{ __('Account') }}</span></a></li><li>
|
||||
<a href="{{ path_for('user.account') }}"{{ content ? '' : 'class="active"' }}><svg class="icon icon-cog baseline"><use xlink:href="#icon-cog"></use></svg><span class="nav-label"> {{ __('Settings') }}</span></a></li><li>
|
||||
{% endif %}
|
||||
<a href="{{ base_url }}"><svg class="icon baseline icon-external-link"><use xlink:href="#icon-external-link"></use></svg><span class="nav-label"> {{ __('View Site') }}</span></a></li><li>
|
||||
<a href="{{ path_for('auth.logout') }}"><svg class="icon baseline icon-power-off"><use xlink:href="#icon-power-off"></use></svg><span class="nav-label"> {{ __('Logout') }}</span></a></li>
|
||||
|
|
|
|||
|
|
@ -22,13 +22,13 @@
|
|||
<fieldset class="subfield">
|
||||
<legend>{{ field.legend }}</legend>
|
||||
{% for field in field.fields %}
|
||||
{% include '/partials/fields.twig' with { 'settings': usersettings, 'object' : 'user', 'itemName' : userdata.username, 'class' : 'large' } %}
|
||||
{% include '/partials/fields.twig' with { 'settings': usersettings, 'object' : 'users', 'itemName' : 'user', 'class' : 'large' } %}
|
||||
{% endfor %}
|
||||
</fieldset>
|
||||
|
||||
{% else %}
|
||||
|
||||
{% include '/partials/fields.twig' with { 'settings': usersettings, 'object' : 'user', 'itemName' : userdata.username, 'class' : 'large' } %}
|
||||
{% include '/partials/fields.twig' with { 'settings': usersettings, 'object' : 'users', 'itemName' : 'user', 'class' : 'large' } %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -12,6 +12,14 @@
|
|||
</header>
|
||||
|
||||
<ul class="userlist">
|
||||
<li class="row header">
|
||||
<ul>
|
||||
<li class="col username">Username
|
||||
</li><li class="col userrole">Role
|
||||
</li><li class="col email">E-Mail
|
||||
</li><li class="col edit">Edit</li>
|
||||
</ul>
|
||||
</li>
|
||||
{% for user in userdata %}
|
||||
|
||||
<li class="row">
|
||||
|
|
|
|||
|
|
@ -23,30 +23,6 @@
|
|||
{% endif %}
|
||||
</div>
|
||||
|
||||
<div class="large{{ errors.firstname ? ' errors' : '' }}">
|
||||
<label for="firstname">{{ __('First Name') }}</label>
|
||||
<input type="text" name="firstname" value="{{ old.firstname ? old.firstname : userdata.firstname }}">
|
||||
{% if errors.firstname %}
|
||||
<span class="error">{{ errors.firstname | first }}</span>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
<div class="large{{ errors.lastname ? ' errors' : '' }}">
|
||||
<label for="lastname">{{ __('Last Name') }}</label>
|
||||
<input type="text" name="lastname" value="{{ old.lastname ? old.lastname : userdata.lastname }}">
|
||||
{% if errors.lastname %}
|
||||
<span class="error">{{ errors.lastname | first }}</span>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
<div class="large{{ errors.email ? ' errors' : '' }}">
|
||||
<label for="email">{{ __('E-Mail') }} <abbr title="{{ __('required') }}">*</abbr></label>
|
||||
<input type="text" name="email" value="{{ old.email ? old.email : '' }}" required>
|
||||
{% if errors.email %}
|
||||
<span class="error">{{ errors.email | first }}</span>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
<div class="large{{ errors.userrole ? ' errors' : '' }}">
|
||||
<label for="userrole">{{ __('Role') }} <abbr title="{{ __('required') }}">*</abbr></label>
|
||||
<select name="userrole" required>
|
||||
|
|
@ -57,7 +33,15 @@
|
|||
{% if errors.userrole %}
|
||||
<span class="error">{{ errors.userrole | first }}</span>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="large{{ errors.email ? ' errors' : '' }}">
|
||||
<label for="email">{{ __('E-Mail') }} <abbr title="{{ __('required') }}">*</abbr></label>
|
||||
<input type="text" name="email" value="{{ old.email ? old.email : '' }}" required>
|
||||
{% if errors.email %}
|
||||
<span class="error">{{ errors.email | first }}</span>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
<div class="large{{ errors.password ? ' errors' : '' }}">
|
||||
<label for="password">{{ __('Password') }} <abbr title="{{ __('required') }}">*</abbr></label>
|
||||
|
|
@ -76,4 +60,4 @@
|
|||
</form>
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
||||
{% endblock %}
|
||||
Loading…
Add table
Reference in a new issue