Index: branches/unlabeled/unlabeled-1.64.2/core/units/general/cat_event_handler.php =================================================================== diff -u -r5833 -r5858 --- branches/unlabeled/unlabeled-1.64.2/core/units/general/cat_event_handler.php (.../cat_event_handler.php) (revision 5833) +++ branches/unlabeled/unlabeled-1.64.2/core/units/general/cat_event_handler.php (.../cat_event_handler.php) (revision 5858) @@ -45,6 +45,41 @@ $this->Application->StoreVar('m_cat_id', $root_category); } + if ($event->Name == 'OnEdit' || $event->Name == 'OnSave') { + // check each id from selected individually and only if all are allowed proceed next + if ($event->Name == 'OnEdit') { + $selected_ids = implode(',', $this->StoreSelectedIDs($event)); + } + else { + $selected_ids = $this->Application->RecallVar($event->getPrefixSpecial().'_selected_ids'); + } + + $id_field = $this->Application->getUnitOption($event->Prefix, 'IDField'); + $table_name = $this->Application->getUnitOption($event->Prefix, 'TableName'); + $sql = 'SELECT '.$id_field.', CreatedById, ci.CategoryId + FROM '.$table_name.' item_table + LEFT JOIN '.$this->Application->getUnitOption('ci', 'TableName').' ci ON ci.ItemResourceId = item_table.ResourceId + WHERE '.$id_field.' IN ('.$selected_ids.') AND (ci.PrimaryCat = 1)'; + $items = $this->Conn->Query($sql, $id_field); + + $perm_value = true; + $perm_helper =& $this->Application->recallObject('PermissionsHelper'); + foreach ($items as $item_id => $item_data) { + + if ($perm_helper->ModifyCheckPermission($item_data['CreatedById'], $item_data['CategoryId'], $event->Prefix) == 0) { + // one of items selected has no permission + $perm_value = false; + break; + } + } + + if (!$perm_value) { + $event->status = erPERM_FAIL; + } + + return $perm_value; + } + return parent::CheckPermission($event); } @@ -1679,6 +1714,63 @@ $object->SetDBField($cached_field, $this->Conn->GetOne($sql)); } } + + /** + * Saves item beeing edited into temp table + * + * @param kEvent $event + */ + function OnPreSave(&$event) + { + parent::OnPreSave($event); + $use_pending_editing = $this->Application->getUnitOption($event->Prefix, 'UsePendingEditing'); + if ($event->status == erSUCCESS && $use_pending_editing) { + // decision: clone or not clone + + $object =& $event->getObject(); + if ($object->GetID() == 0 || $object->GetDBField('OrgId') > 0) { + // new items or cloned items shouldn't be cloned again + return true; + } + $perm_helper =& $this->Application->recallObject('PermissionsHelper'); + if ($perm_helper->ModifyCheckPermission($object->GetDBField('CreatedById'), $object->GetDBField('CategoryId'), $event->Prefix) == 2) { + + // 1. clone original item + $temp_handler =& $this->Application->recallObject($event->getPrefixSpecial().'_TempHandler', 'kTempTablesHandler'); + $cloned_ids = $temp_handler->CloneItems($event->Prefix, $event->Special, Array($object->GetID()), null, null, null, true); + + // 2. put cloned id to OrgId field of item being cloned + $sql = 'UPDATE '.$object->TableName.' + SET OrgId = '.$object->GetID().' + WHERE '.$object->IDField.' = '.$cloned_ids[0]; + $this->Conn->Query($sql); + + // 3. substitute id of item being cloned with clone id + $this->Application->SetVar($event->getPrefixSpecial().'_id', $cloned_ids[0]); + $selected_ids = explode(',', $this->Application->RecallVar($event->getPrefixSpecial().'_selected_ids')); + $selected_ids[ array_search($object->GetID(), $selected_ids) ] = $cloned_ids[0]; + $this->Application->StoreVar($event->getPrefixSpecial().'_selected_ids', implode(',', $selected_ids)); + + // 4. delete original item from temp table + $temp_handler->DeleteItems($event->Prefix, $event->Special, Array($object->GetID())); + } + } + } + + /** + * Sets default expiration based on module setting + * + * @param kEvent $event + */ + function OnPreCreate(&$event) + { + parent::OnPreCreate($event); + + if ($event->status == erSUCCESS) { + $object =& $event->getObject(); + $object->SetDBField('CreatedById', $this->Application->GetVar('u_id')); + } + } }