Index: branches/RC/core/units/reviews/reviews_event_handler.php =================================================================== diff -u -N -r9475 -r10455 --- branches/RC/core/units/reviews/reviews_event_handler.php (.../reviews_event_handler.php) (revision 9475) +++ branches/RC/core/units/reviews/reviews_event_handler.php (.../reviews_event_handler.php) (revision 10455) @@ -43,17 +43,92 @@ return $res; } + $check_events = Array ( + 'OnItemBuild', 'OnUpdate', /*'OnMassApprove', 'OnMassDecline'*/ + ); + + $perm_category = $this->_getReviewCategory($event); + + if (in_array($event->Name, $check_events)) { + // check for PRODUCT.VIEW permission + + $perm_helper =& $this->Application->recallObject('PermissionsHelper'); + /* @var $perm_helper kPermissionsHelper */ + + $perm_prefix = $this->getPermPrefix($event); + + if ($perm_category === false) { + // no item id present -> allow + return true; + } + + switch ($event->Name) { + case 'OnItemBuild': + $res = $this->Application->CheckPermission($perm_prefix . '.VIEW', 0, $perm_category); + break; + + case 'OnUpdate': + case 'OnMassApprove': + case 'OnMassDecline': + $res = $this->Application->CheckPermission($perm_prefix . '.ADD', 0, $perm_category) || + $this->Application->CheckPermission($perm_prefix . '.MODIFY', 0, $perm_category); + break; + } + + if (!$res) { + $event->status = erPERM_FAIL; + } + + return $res; + + } + return parent::CheckPermission($event); } /** + * Returns primary category of review's main item + * + * @param kEvent $event + * @return int + */ + function _getReviewCategory(&$event) + { + $items_info = $this->Application->GetVar($event->getPrefixSpecial()); + list ($review_id, ) = each($items_info); + + if (!$review_id) { + return false; + } + + // 1. get main item resource id + $sql = 'SELECT ItemId + FROM ' . $this->Application->getUnitOption($event->Prefix, 'TableName') . ' + WHERE ' . $this->Application->getUnitOption($event->Prefix, 'IDField') . ' = ' . $review_id; + $resource_id = $this->Conn->GetOne($sql); + + // 2. set main item id (for permission checks) + $parent_prefix = $this->Application->getUnitOption($event->Prefix, 'ParentPrefix'); + $sql = 'SELECT ' . $this->Application->getUnitOption($parent_prefix, 'IDField') .' + FROM ' . $this->Application->getUnitOption($parent_prefix, 'TableName') .' + WHERE ResourceId = ' . $resource_id; + $this->Application->SetVar($parent_prefix . '_id', $this->Conn->GetOne($sql)); + + // 3. get main item category + $sql = 'SELECT CategoryId + FROM ' . $this->Application->getUnitOption('ci', 'TableName') .' + WHERE ItemResourceId = ' . $resource_id .' AND PrimaryCat = 1'; + return $this->Conn->GetOne($sql); + } + + /** * Returns prefix for permissions * * @param kEvent $event */ function getPermPrefix(&$event) { - $main_prefix = $this->Application->GetTopmostPrefix($event->Prefix); + $main_prefix = $this->Application->GetTopmostPrefix($event->Prefix, true); // this will return LINK for l, ARTICLE for n, TOPIC for bb, PRODUCT for p $item_prefix = $this->Application->getUnitOption($main_prefix, 'PermItemPrefix'); @@ -100,6 +175,12 @@ break;*/ } + if (preg_match('/(.*)-rev/', $event->Prefix, $regs)) { + // "Structure & Data" -> "Reviews" (section in K4) + $item_type = $this->Application->getUnitOption($regs[1], 'ItemType'); + $object->addFilter('itemtype_filter', '%1$s.ItemType = ' . $item_type); + } + if ($event->getEventParam('type') == 'current_user') { // $object->removeFilter('active'); $object->addFilter('current_user', '%1$s.CreatedById = '.$this->Application->RecallVar('user_id')); @@ -341,6 +422,53 @@ $parent_prefix = $this->Application->getUnitOption($event->Prefix, 'ParentPrefix'); $event->SetRedirectParam('pass', 'm,'.$parent_prefix); } + + /** + * Makes left join to item's table, when in separate grid + * + * @param kEvent $event + */ + function OnAfterConfigRead(&$event) + { + parent::OnAfterConfigRead($event); + + if (preg_match('/(.*)-rev/', $event->Prefix, $regs)) { + // "Structure & Data" -> "Reviews" (section in K4) + + // 1. add join to items table (for "Structure & Data" -> "Reviews" section) + $item_table = $this->Application->getUnitOption($regs[1], 'TableName'); + + $list_sqls = $this->Application->getUnitOption($event->Prefix, 'ListSQLs'); + $list_sqls[''] .= ' LEFT JOIN '.$item_table.' item_table ON item_table.ResourceId = %1$s.ItemId'; + $this->Application->setUnitOption($event->Prefix, 'ListSQLs', $list_sqls); + + // 2. add calculated field + $calculated_fields = $this->Application->getUnitOption($event->Prefix, 'CalculatedFields'); + $calculated_fields['']['CatalogItemName'] = 'item_table.' . $this->getTitleField($regs[1]); + $calculated_fields['']['CatalogItemId'] = 'item_table.' . $this->Application->getUnitOption($regs[1], 'IDField'); + $this->Application->setUnitOption($event->Prefix, 'CalculatedFields', $calculated_fields); + } + } + + /** + * Convert TitleField field of kMultiLanguage formatter used for it + * + * @param string $prefix + * @return string + */ + function getTitleField($prefix) + { + $lang_prefix = 'l'.$this->Application->GetVar('m_lang').'_'; + + $title_field = $this->Application->getUnitOption($prefix, 'TitleField'); + $field_options = $this->Application->getUnitOption($prefix.'.'.$title_field, 'Fields'); + + $formatter_class = isset($field_options['formatter']) ? $field_options['formatter'] : ''; + if ($formatter_class == 'kMultiLanguage' && !isset($field_options['master_field'])) { + $title_field = $lang_prefix.$title_field; + } + return $title_field; + } } ?> \ No newline at end of file