fix permissions

This commit is contained in:
Jean-Christian Denis 2022-11-30 21:54:56 +01:00
parent e0721fdecb
commit cf2001acfb
Signed by: JcDenis
GPG key ID: 1B5B8C5B90B6C951
4 changed files with 26 additions and 15 deletions

View file

@ -18,6 +18,10 @@ dcCore::app()->blog->settings->addNamespace('zoneclearFeedServer');
require_once __DIR__ . '/_widgets.php'; require_once __DIR__ . '/_widgets.php';
$perm = dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcAuth::PERMISSION_CONTENT_ADMIN,
]), dcCore::app()->blog->id);
if (dcCore::app()->blog->settings->zoneclearFeedServer->zoneclearFeedServer_active if (dcCore::app()->blog->settings->zoneclearFeedServer->zoneclearFeedServer_active
&& '' != dcCore::app()->blog->settings->zoneclearFeedServer->zoneclearFeedServer_user && '' != dcCore::app()->blog->settings->zoneclearFeedServer->zoneclearFeedServer_user
) { ) {
@ -29,10 +33,10 @@ if (dcCore::app()->blog->settings->zoneclearFeedServer->zoneclearFeedServer_acti
'/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.zoneclearFeedServer')) . '(&.*)?$/', '/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.zoneclearFeedServer')) . '(&.*)?$/',
$_SERVER['REQUEST_URI'] $_SERVER['REQUEST_URI']
), ),
dcCore::app()->auth->check(dcAuth::PERMISSION_CONTENT_ADMIN, dcCore::app()->blog->id) $perm
); );
if (dcCore::app()->auth->check(dcAuth::PERMISSION_CONTENT_ADMIN, dcCore::app()->blog->id)) { if ($perm) {
# Dashboard icon # Dashboard icon
dcCore::app()->addBehavior('adminDashboardFavoritesV2', ['zcfsAdminBehaviors', 'adminDashboardFavoritesV2']); dcCore::app()->addBehavior('adminDashboardFavoritesV2', ['zcfsAdminBehaviors', 'adminDashboardFavoritesV2']);
# User pref # User pref
@ -93,7 +97,10 @@ class zcfsAdminBehaviors
'url' => dcCore::app()->adminurl->get('admin.plugin.zoneclearFeedServer'), 'url' => dcCore::app()->adminurl->get('admin.plugin.zoneclearFeedServer'),
'small-icon' => dcPage::getPF('zoneclearFeedServer/icon.svg'), 'small-icon' => dcPage::getPF('zoneclearFeedServer/icon.svg'),
'large-icon' => dcPage::getPF('zoneclearFeedServer/icon.svg'), 'large-icon' => dcPage::getPF('zoneclearFeedServer/icon.svg'),
'permissions' => 'usage,contentadmin', 'permissions' => dcCore::app()->auth->makePermissions([
dcAuth::PERMISSION_USAGE,
dcAuth::PERMISSION_CONTENT_ADMIN,
]),
'dashboard_cb' => ['zcfsAdminBehaviors', 'adminDashboardFavoritesCallback'], 'dashboard_cb' => ['zcfsAdminBehaviors', 'adminDashboardFavoritesCallback'],
]); ]);
} }
@ -224,7 +231,7 @@ class zcfsAdminBehaviors
$sitename = $sitename->isEmpty() ? '' : $sitename->meta_id; $sitename = $sitename->isEmpty() ? '' : $sitename->meta_id;
$edit = ''; $edit = '';
if (dcCore::app()->auth->check(dcAuth::PERMISSION_CONTENT_ADMIN, dcCore::app()->blog->id)) { if (dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcAuth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)) {
$fid = dcCore::app()->meta->getMetadata([ $fid = dcCore::app()->meta->getMetadata([
'post_id' => $post->post_id, 'post_id' => $post->post_id,
'meta_type' => 'zoneclearfeed_id', 'meta_type' => 'zoneclearfeed_id',

View file

@ -21,7 +21,9 @@ $this->registerModule(
'2022.11.26', '2022.11.26',
[ [
'requires' => [['core', '2.24']], 'requires' => [['core', '2.24']],
'permissions' => dcAuth::PERMISSION_CONTENT_ADMIN, 'permissions' => dcCore::app()->auth->makePermissions([
dcAuth::PERMISSION_CONTENT_ADMIN,
]),
'type' => 'plugin', 'type' => 'plugin',
'support' => 'https://github.com/JcDenis/zoneclearFeedServer', 'support' => 'https://github.com/JcDenis/zoneclearFeedServer',
'details' => 'https://plugins.dotaddict.org/dc2/details/pacKman', 'details' => 'https://plugins.dotaddict.org/dc2/details/pacKman',

View file

@ -211,7 +211,7 @@ class zcfsEntriesList extends adminGenericList
private function postLine() private function postLine()
{ {
$cat_link = dcCore::app()->auth->check(dcAuth::PERMISSION_CATEGORIES, dcCore::app()->blog->id) ? $cat_link = dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcAuth::PERMISSION_CATEGORIES]), dcCore::app()->blog->id) ?
'<a href="category.php?id=%s" title="' . __('Edit category') . '">%s</a>' '<a href="category.php?id=%s" title="' . __('Edit category') . '">%s</a>'
: '%2$s'; : '%2$s';

View file

@ -19,7 +19,9 @@ if (dcCore::app()->getVersion('zoneclearFeedServer') != dcCore::app()->plugins->
return null; return null;
} }
dcPage::check(dcAuth::PERMISSION_CONTENT_ADMIN); dcPage::check(dcCore::app()->auth->makePermissions([
dcAuth::PERMISSION_CONTENT_ADMIN,
]));
$zcfs = new zoneclearFeedServer(); $zcfs = new zoneclearFeedServer();