Fixed bug in access control. Hide new wiki/page buttons if not channel owner.
This commit is contained in:
Andrew Manning
parent
a3dfdd9d38
commit
4b350b9090
@ -97,10 +97,8 @@ class Wiki extends \Zotlabs\Web\Controller {
|
|||||||
$wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page
|
$wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page
|
||||||
$p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename));
|
$p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename));
|
||||||
if(!$p['success']) {
|
if(!$p['success']) {
|
||||||
logger('wiki_get_page_content: ' . $p['message']);
|
|
||||||
$content = 'Error retrieving page content. Try again.';
|
$content = 'Error retrieving page content. Try again.';
|
||||||
}
|
}
|
||||||
logger('content: ' . $content);
|
|
||||||
$content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"');
|
$content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"');
|
||||||
$hide_editor = false;
|
$hide_editor = false;
|
||||||
$showPageControls = $wiki_owner;
|
$showPageControls = $wiki_owner;
|
||||||
|
|||||||
@ -8,11 +8,7 @@ use \Zotlabs\Storage\GitRepo as GitRepo;
|
|||||||
define ( 'WIKI_ITEM_RESOURCE_TYPE', 'wiki' );
|
define ( 'WIKI_ITEM_RESOURCE_TYPE', 'wiki' );
|
||||||
|
|
||||||
function wiki_list($channel, $observer_hash) {
|
function wiki_list($channel, $observer_hash) {
|
||||||
if (local_channel() || remote_channel()) {
|
|
||||||
$sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
|
$sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
|
||||||
} else {
|
|
||||||
$sql_extra = " AND item_private = 0 ";
|
|
||||||
}
|
|
||||||
$wikis = q("SELECT * FROM item WHERE resource_type = '%s' AND mid = parent_mid AND item_deleted = 0 $sql_extra",
|
$wikis = q("SELECT * FROM item WHERE resource_type = '%s' AND mid = parent_mid AND item_deleted = 0 $sql_extra",
|
||||||
dbesc(WIKI_ITEM_RESOURCE_TYPE)
|
dbesc(WIKI_ITEM_RESOURCE_TYPE)
|
||||||
);
|
);
|
||||||
|
|||||||
@ -14,8 +14,10 @@
|
|||||||
<div class="generic-content-wrapper">
|
<div class="generic-content-wrapper">
|
||||||
<div class="section-title-wrapper">
|
<div class="section-title-wrapper">
|
||||||
<div class="pull-right">
|
<div class="pull-right">
|
||||||
|
{{if $showPageControls}}
|
||||||
<button class="btn btn-primary btn-xs" onclick="$('#new-page-form-wrapper').hide(); openClose('new-wiki-form-wrapper');">New Wiki</button>
|
<button class="btn btn-primary btn-xs" onclick="$('#new-page-form-wrapper').hide(); openClose('new-wiki-form-wrapper');">New Wiki</button>
|
||||||
<button class="btn btn-success btn-xs" onclick="$('#new-wiki-form-wrapper').hide(); openClose('new-page-form-wrapper');">New Page</button>
|
<button class="btn btn-success btn-xs" onclick="$('#new-wiki-form-wrapper').hide(); openClose('new-page-form-wrapper');">New Page</button>
|
||||||
|
{{/if}}
|
||||||
<button id="fullscreen-btn" type="button" class="btn btn-default btn-xs" onclick="makeFullScreen();
|
<button id="fullscreen-btn" type="button" class="btn btn-default btn-xs" onclick="makeFullScreen();
|
||||||
adjustFullscreenTopBarHeight();"><i class="fa fa-expand"></i></button>
|
adjustFullscreenTopBarHeight();"><i class="fa fa-expand"></i></button>
|
||||||
<button id="inline-btn" type="button" class="btn btn-default btn-xs" onclick="makeFullScreen(false);
|
<button id="inline-btn" type="button" class="btn btn-default btn-xs" onclick="makeFullScreen(false);
|
||||||
|
|||||||
Reference in New Issue
Block a user