implement acl for folder creation

2016-08-10 16:17:09 +02:00 · 2016-08-10 16:17:09 +02:00 · 82e867a9a8
commit 82e867a9a8
parent 7a557d31e0
4 changed files with 53 additions and 17 deletions
--- a/Zotlabs/Module/File_upload.php
+++ b/Zotlabs/Module/File_upload.php
@ -28,11 +28,16 @@ class File_upload extends \Zotlabs\Web\Controller {
 			$_REQUEST['group_deny']    = expand_acl($channel['channel_deny_gid']);
 		}
-		if($_REQUEST['directory_name'])
+		if($_REQUEST['filename']) {
 			$_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
 			$_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
 			$_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']);
 			$_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']);
 			$r = attach_mkdir($channel,get_observer_hash(),$_REQUEST);
-		else
+		}
 		else {
 			$r = attach_store($channel,get_observer_hash(), '', $_REQUEST);
-
+		}
 		goaway(z_root() . '/' . $_REQUEST['return_url']);
 	}
--- a/Zotlabs/Storage/Browser.php
+++ b/Zotlabs/Storage/Browser.php
@ -316,6 +316,8 @@ class Browser extends DAV\Browser\Plugin {
 		$quota['desc'] = $quotaDesc;
 		$quota['warning'] = ((($limit) && ((round($used / $limit, 1) * 100) >= 90)) ? t('WARNING:') : ''); // 10485760 bytes = 100MB
 		$path = trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/');
 		$output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array(
 				'$folder_header' => t('Create new folder'),
 				'$folder_submit' => t('Create'),
@ -330,7 +332,8 @@ class Browser extends DAV\Browser\Plugin {
 				'$deny_gid' => acl2json($channel_acl['deny_gid']),
 				'$lockstate' => $lockstate,
 				'$return_url' => \App::$cmd,
-				'$path' => trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/'),
+				'$path' => $path,
 				'$folder' => find_folder_hash_by_path($this->auth->owner_id, $path),
 				'$dragdroptext' => t('Drop files here to immediately upload')
 			));
 	}
--- a/include/attach.php
+++ b/include/attach.php
@ -1438,6 +1438,22 @@ logger('attach_hash: ' . $attachHash);
 	return $hash;
 }
 function find_folder_hash_by_path($channel_id, $path) {
 	$filename = end(explode('/', $path));
 	$r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' LIMIT 1",
 		intval($channel_id),
 		dbesc($filename)
 	);
 	$hash = '';
 	if($r && $r[0]['hash']) {
 		$hash = $r[0]['hash'];
 	}
 	return $hash;
 }
 /**
 * @brief Returns the filename of an attachment in a given channel.
 *
--- a/view/tpl/cloud_actionspanel.tpl
+++ b/view/tpl/cloud_actionspanel.tpl
@ -1,9 +1,21 @@
 <div id="files-mkdir-tools" class="section-content-tools-wrapper">
 	<label for="files-mkdir">{{$folder_header}}</label>
-	<form method="post" action="">
+	<form id="mkdir-form" method="post" action="file_upload" class="acl-form" data-form_id="mkdir-form" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
-		<input type="hidden" name="sabreAction" value="mkcol">
+		<!--input type="hidden" name="sabreAction" value="mkcol"-->
-		<input id="files-mkdir" type="text" name="name" class="form-control form-group">
+		<input type="hidden" name="folder" value="{{$folder}}" />
 		<input type="hidden" name="channick" value="{{$channick}}" />
 		<input type="hidden" name="return_url" value="{{$return_url}}" />
 		<input id="files-mkdir" type="text" name="filename" class="form-control form-group">
 		<div class="pull-right btn-group">
 			<div class="btn-group">
 				{{if $lockstate}}
 				<button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button">
 					<i class="jot-perms-icon fa fa-{{$lockstate}}"></i>
 				</button>
 				{{/if}}
 				<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button>
 			</div>
 		</div>
 	</form>
 	<div class="clear"></div>
 </div>
@ -18,8 +30,8 @@
 		<div class="pull-right btn-group">
 			<div class="btn-group">
 				{{if $lockstate}}
-				<button id="dbtn-acl" class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" onclick="return false;">
+				<button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button">
-					<i id="jot-perms-icon" class="fa fa-{{$lockstate}}"></i>
+					<i class="jot-perms-icon fa fa-{{$lockstate}}"></i>
 				</button>
 				{{/if}}
 				<button id="upload-submit" class="btn btn-primary btn-sm pull-right" type="submit" name="submit" value="{{$upload_submit}}">{{$upload_submit}}</button>