Index: branches/unlabeled/unlabeled-1.17.2/core/units/general/helpers/permissions_helper.php
===================================================================
diff -u -r5874 -r6026
--- branches/unlabeled/unlabeled-1.17.2/core/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 5874)
+++ branches/unlabeled/unlabeled-1.17.2/core/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 6026)
@@ -151,6 +151,9 @@
// item being created -> check by current (before editing started, saved in OnPreCreate event) category permissions
$category_id = $this->Application->RecallVar('m_cat_id');
}
+ elseif ($top_prefix == 'c') {
+ $category_id = $id;
+ }
else {
// item being edited -> check by it's primary category permissions
$sql = 'SELECT ci.CategoryId, main_table.CreatedById
@@ -163,15 +166,15 @@
}
$item_prefix = $this->Application->getUnitOption($top_prefix, 'PermItemPrefix');
-
+
if (substr($event->Name, 0, 9) == 'OnPreSave') {
if ($event_handler->isNewItemCreate($event)) {
- return $this->CheckPermission($item_prefix.'.ADD', 0, $category_id) ||
+ return $this->CheckPermission($item_prefix.'.ADD', 0, $category_id) ||
$this->CheckPermission($item_prefix.'.ADD.PENDING', 0, $category_id);
}
else {
- return $this->CheckPermission($item_prefix.'.ADD', 0, $category_id) ||
- $this->CheckPermission($item_prefix.'.ADD.PENDING', 0, $category_id) ||
+ return $this->CheckPermission($item_prefix.'.ADD', 0, $category_id) ||
+ $this->CheckPermission($item_prefix.'.ADD.PENDING', 0, $category_id) ||
$this->ModifyCheckPermission($owner_id, $category_id, $top_prefix);
}
}
@@ -231,14 +234,14 @@
$this->showDebug('Tag '.$tag_name.' permission(-s): '.$permission_groups.'', $params);
$permission_groups = explode('|', $permission_groups);
$group_has_permission = false;
-
+
$perm_category = $this->Application->GetVar('m_cat_id');
-
+
if ($perm_prefix) {
// use primary category of item with id from {perm_prefix}_id as base for permission checking
$perm_category = $this->getPrimaryCategory($perm_prefix);
}
-
+
foreach ($permission_groups as $permission_group) {
$permissions = explode(',', $permission_group);
$has_permission = true;
@@ -275,18 +278,20 @@
$id_field = $this->Application->getUnitOption($prefix, 'IDField');
$table_name = $this->Application->getUnitOption($prefix, 'TableName');
$id = $this->Application->GetVar($prefix.'_id');
-
+
+ if (!$id) return $this->Application->GetVar('m_cat_id');
+
$sql = 'SELECT ResourceId
FROM '.$table_name.'
WHERE '.$id_field.' = '.$id;
$resource_id = $this->Conn->GetOne($sql);
-
+
$sql = 'SELECT CategoryId
FROM '.$this->Application->getUnitOption('ci', 'TableName').'
WHERE ItemResourceId = '.$resource_id.' AND PrimaryCat = 1';
return $this->Conn->GetOne($sql);
}
-
+
/**
* Returns no permission template to redirect to
*
@@ -362,7 +367,7 @@
FROM '.TABLE_PREFIX.'PermissionConfig
WHERE PermissionName = '.$this->Conn->qstr($name);
$perm_id = $this->Conn->GetOne($sql);
-
+
$sql = 'SELECT PermId
FROM '.TABLE_PREFIX.'PermCache
WHERE (PermId = '.$perm_id.') AND (CategoryId = '.$cat_id.')';
@@ -409,7 +414,7 @@
$this->Application->setCache('permissions', $cache_key, $perm_value);
return $perm_value;
}
-
+
/**
* Allows to check MODIFY & OWNER.MODFY +/- PENDING permission combinations on item
*
@@ -421,15 +426,15 @@
function ModifyCheckPermission($owner_id, $category_id, $prefix)
{
$perm_prefix = $this->Application->getUnitOption($prefix, 'PermItemPrefix');
-
+
$live_modify = $this->CheckPermission($perm_prefix.'.MODIFY', ptCATEGORY, $category_id);
if ($live_modify) {
return 1;
}
else if ($this->CheckPermission($perm_prefix.'.MODIFY.PENDING', ptCATEGORY, $category_id)) {
return 2;
}
-
+
if ($owner_id == $this->Application->GetVar('u_id')) {
// user is item's OWNER -> check this permissions first
$live_modify = $this->CheckPermission($perm_prefix.'.OWNER.MODIFY', ptCATEGORY, $category_id);
@@ -440,7 +445,7 @@
return 2;
}
}
-
+
return 0;
}
}