mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-05 06:07:32 +02:00
Code Issues Releases Wiki Activity

Hides empty admin-navigation menu categories when access has not been granted to these areas.

Browse Source
This commit is contained in:
Cameron
2015-06-06 02:33:23 -07:00
parent 34ac81c019
commit 143784974d
5 changed files with 93 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
e107_admin/auth.php
View File

@@ -35,18 +35,19 @@ if($core->get('admintheme') != 'bootstrap' && $core->get('admintheme') != 'boots
} }
// Check Admin-Perms for current language and redirect if necessary. // Check Admin-Perms for current language and redirect if necessary.
if(deftrue("MULTILANG_SUBDOMAIN") && !getperms('0') && !getperms(e_LANGUAGE)) if(!getperms('0') && vartrue($pref['multilanguage']) && !getperms(e_LANGUAGE))
{ {
$lng = e107::getLanguage(); $lng = e107::getLanguage();
$tmp = explode(".",ADMINPERMS); $tmp = explode(".",ADMINPERMS);
foreach($tmp as $ln) foreach($tmp as $ln)
{ {
if($lng->isValid($ln)) if($lng->isValid($ln))
{ {
$redirect = $lng->subdomainUrl($ln); $redirect = deftrue("MULTILANG_SUBDOMAIN") ? $lng->subdomainUrl($ln) : e_SELF."?elan=".$ln;
// echo "redirect to: ".$redirect; // echo "redirect to: ".$redirect;
e107::getRedirect()->redirect($redirect); e107::getRedirect()->go($redirect);
// break;
} }
} }
} }

14
e107_core/shortcodes/batch/admin_shortcodes.php
View File

@@ -1411,6 +1411,11 @@ Inverse 10 <span class="badge badge-inverse">10</span>
//CORE SUBLINKS //CORE SUBLINKS
foreach ($array_functions as $key => $subitem) foreach ($array_functions as $key => $subitem)
{ {
if(!empty($subitem[3]) && !getperms($subitem[3]))
{
continue;
}
$catid = $admin_cat['id'][$subitem[4]]; $catid = $admin_cat['id'][$subitem[4]];
$tmp = array(); $tmp = array();
$tmp['text'] = $subitem[1]; $tmp['text'] = $subitem[1];
@@ -1450,9 +1455,9 @@ Inverse 10 <span class="badge badge-inverse">10</span>
$plug = new e107plugin; $plug = new e107plugin;
$tmp = array(); $tmp = array();
if($sql->db_Select("plugin", "*", "plugin_installflag =1 ORDER BY plugin_path")) if($sql->select("plugin", "*", "plugin_installflag =1 ORDER BY plugin_path"))
{ {
while($row = $sql->db_Fetch()) while($row = $sql->fetch())
{ {
if($plug->parse_plugin($row['plugin_path'])) if($plug->parse_plugin($row['plugin_path']))
@@ -1480,6 +1485,11 @@ Inverse 10 <span class="badge badge-inverse">10</span>
$icon_src_lrg = varset($plug_vars['administration']['icon']) ? $plugpath.$plug_vars['administration']['iconSmall'] : ''; $icon_src_lrg = varset($plug_vars['administration']['icon']) ? $plugpath.$plug_vars['administration']['iconSmall'] : '';
$id = 'plugnav-'.$row['plugin_path']; $id = 'plugnav-'.$row['plugin_path'];
if(!getperms('P'.$row['plugin_id']))
{
continue;
}
$tmp[$id]['text'] = e107::getParser()->toHTML($plug_vars['@attributes']['name'], FALSE, "LINKTEXT"); $tmp[$id]['text'] = e107::getParser()->toHTML($plug_vars['@attributes']['name'], FALSE, "LINKTEXT");
$tmp[$id]['description'] = vartrue($plug_vars['description']['@value']); $tmp[$id]['description'] = vartrue($plug_vars['description']['@value']);
$tmp[$id]['link'] = e_PLUGIN_ABS.$row['plugin_path'].'/'.$plug_vars['administration']['configFile']; $tmp[$id]['link'] = e_PLUGIN_ABS.$row['plugin_path'].'/'.$plug_vars['administration']['configFile'];

84
e107_handlers/admin_ui.php
View File

@@ -1472,6 +1472,12 @@ class e_admin_dispatcher
$selected = false; $selected = false;
foreach($this->adminMenu as $key => $val) foreach($this->adminMenu as $key => $val)
{ {
if(!empty($val['perm']) && !getperms($val['perm']))
{
continue;
}
$tmp = explode('/', trim($key, '/'), 3); $tmp = explode('/', trim($key, '/'), 3);
// sync with mode/route access // sync with mode/route access
@@ -1545,6 +1551,7 @@ class e_admin_dispatcher
$var[$key]['perm'] = $val['perm']; */ $var[$key]['perm'] = $val['perm']; */
} }
if(empty($var)) return ''; if(empty($var)) return '';
$request = $this->getRequest(); $request = $this->getRequest();
@@ -2927,6 +2934,28 @@ class e_admin_controller_ui extends e_admin_controller
return $this; return $this;
} }
/**
* @param $val
*/
public function setBatchDelete($val)
{
$this->batchDelete = $val;
return $this;
}
/**
* @param $val
*/
public function setBatchCopy($val)
{
$this->batchCopy = $val;
return $this;
}
/** /**
* User defined config setter * User defined config setter
* @return e_admin_controller_ui * @return e_admin_controller_ui
@@ -5682,6 +5711,41 @@ class e_admin_form_ui extends e_form
$this->listTotal = $tree[$id]->getTotal(); $this->listTotal = $tree[$id]->getTotal();
$fields = $controller->getFields();
// checks dispatcher perms for edit/delete access in list mode.
$mode = $controller->getMode();
$deleteRoute = $mode."/delete";
$editRoute = $mode."/edit";
$createRoute = $mode."/create";
$perm = $controller->getDispatcher()->getPerm();
if(isset($perm[$createRoute]) && !getperms($perm[$createRoute])) // disable the batchCopy option.
{
$controller->setBatchCopy(false);
}
if(isset($perm[$deleteRoute]) && !getperms($perm[$deleteRoute])) // disable the delete button and batch delete.
{
$fields['options']['readParms']['deleteClass'] = e_UC_NOBODY;
$controller->setBatchDelete(false);
}
if(isset($perm[$editRoute]) && !getperms($perm[$editRoute]))
{
$fields['options']['readParms']['editClass'] = e_UC_NOBODY; // display the edit button.
foreach($options[$id]['fields'] as $k=>$v) // disable inline editing.
{
$fields[$k]['inline'] = false;
}
}
// ------------------------------------------
$options[$id] = array( $options[$id] = array(
'id' => $this->getElementId(), // unique string used for building element ids, REQUIRED 'id' => $this->getElementId(), // unique string used for building element ids, REQUIRED
'pid' => $controller->getPrimaryName(), // primary field name, REQUIRED 'pid' => $controller->getPrimaryName(), // primary field name, REQUIRED
@@ -5693,7 +5757,7 @@ class e_admin_form_ui extends e_form
'legend' => $controller->getPluginTitle(), // hidden by default 'legend' => $controller->getPluginTitle(), // hidden by default
'form_pre' => !$ajax ? $this->renderFilter($tp->post_toForm(array($controller->getQuery('searchquery'), $controller->getQuery('filter_options'))), $controller->getMode().'/'.$controller->getAction()) : '', // needs to be visible when a search returns nothing 'form_pre' => !$ajax ? $this->renderFilter($tp->post_toForm(array($controller->getQuery('searchquery'), $controller->getQuery('filter_options'))), $controller->getMode().'/'.$controller->getAction()) : '', // needs to be visible when a search returns nothing
'form_post' => '', // markup to be added after closing form element 'form_post' => '', // markup to be added after closing form element
'fields' => $controller->getFields(), // see e_admin_ui::$fields 'fields' => $fields, // see e_admin_ui::$fields
'fieldpref' => $controller->getFieldPref(), // see e_admin_ui::$fieldpref 'fieldpref' => $controller->getFieldPref(), // see e_admin_ui::$fieldpref
'table_pre' => '', // markup to be added before opening table element 'table_pre' => '', // markup to be added before opening table element
// 'table_post' => !$tree[$id]->isEmpty() ? $this->renderBatch($controller->getBatchDelete(),$controller->getBatchCopy(),$controller->getBatchLink(),$controller->getBatchFeaturebox()) : '', // 'table_post' => !$tree[$id]->isEmpty() ? $this->renderBatch($controller->getBatchDelete(),$controller->getBatchCopy(),$controller->getBatchLink(),$controller->getBatchFeaturebox()) : '',
@@ -5708,25 +5772,7 @@ class e_admin_form_ui extends e_form
); );
// checks dispatcher perms for edit/delete access in list mode.
$deleteRoute = $this->getController()->getMode()."/delete";
$editRoute = $this->getController()->getMode()."/edit";
$perm = $this->getController()->getDispatcher()->getPerm();
if(isset($perm[$deleteRoute]) && !getperms($perm[$deleteRoute])) // disable the delete button.
{
$options[$id]['fields']['options']['readParms']['deleteClass'] = e_UC_NOBODY;
}
if(isset($perm[$editRoute]) && !getperms($perm[$editRoute]))
{
$options[$id]['fields']['options']['readParms']['editClass'] = e_UC_NOBODY; // display the edit button.
foreach($options[$id]['fields'] as $k=>$v) // disable inline editing.
{
$options[$id]['fields'][$k]['inline'] = false;
}
}
return $this->renderListForm($options, $tree, $ajax); return $this->renderListForm($options, $tree, $ajax);
} }

5
e107_handlers/language_class.php
View File

@@ -264,6 +264,11 @@ class language{
*/ */
function isValid($lang='') function isValid($lang='')
{ {
if(empty($lang))
{
return false;
}
global $pref; global $pref;
if(!$lang) if(!$lang)

2
e107_handlers/sitelinks_class.php
View File

@@ -805,7 +805,7 @@ i.e-cat_users-32{ background-position: -555px 0; width: 32px; height: 32px; }
14 => array(e_ADMIN_ABS.'ugflag.php', ADLAN_40, ADLAN_41, '9', 4, E_16_MAINTAIN, E_32_MAINTAIN), 14 => array(e_ADMIN_ABS.'ugflag.php', ADLAN_40, ADLAN_41, '9', 4, E_16_MAINTAIN, E_32_MAINTAIN),
15 => array(e_ADMIN_ABS.'menus.php', ADLAN_6, ADLAN_7, '2', 5, E_16_MENUS, E_32_MENUS), 15 => array(e_ADMIN_ABS.'menus.php', ADLAN_6, ADLAN_7, '2', 5, E_16_MENUS, E_32_MENUS),
16 => array(e_ADMIN_ABS.'meta.php', ADLAN_66, ADLAN_67, 'T', 1, E_16_META, E_32_META), 16 => array(e_ADMIN_ABS.'meta.php', ADLAN_66, ADLAN_67, 'T', 1, E_16_META, E_32_META),
17 => array(e_ADMIN_ABS.'newspost.php', ADLAN_0, ADLAN_1, 'H|N|7', 3, E_16_NEWS, E_32_NEWS), 17 => array(e_ADMIN_ABS.'newspost.php', ADLAN_0, ADLAN_1, 'H|N|7|H0|H1|H2|H3|H4|H5', 3, E_16_NEWS, E_32_NEWS),
18 => array(e_ADMIN_ABS.'phpinfo.php', ADLAN_68, ADLAN_69, '0', 20, E_16_PHP, E_32_PHP), 18 => array(e_ADMIN_ABS.'phpinfo.php', ADLAN_68, ADLAN_69, '0', 20, E_16_PHP, E_32_PHP),
19 => array(e_ADMIN_ABS.'prefs.php', LAN_PREFS, ADLAN_5, '1', 1, E_16_PREFS, E_32_PREFS), 19 => array(e_ADMIN_ABS.'prefs.php', LAN_PREFS, ADLAN_5, '1', 1, E_16_PREFS, E_32_PREFS),
20 => array(e_ADMIN_ABS.'search.php', LAN_SEARCH, ADLAN_143, 'X', 1, E_16_SEARCH, E_32_SEARCH), 20 => array(e_ADMIN_ABS.'search.php', LAN_SEARCH, ADLAN_143, 'X', 1, E_16_SEARCH, E_32_SEARCH),