harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

implement acl for folder creation

Browse Source
This commit is contained in:
Mario Vavti 2016-08-10 16:17:09 +02:00
parent 7a557d31e0
commit 82e867a9a8
4 changed files with 53 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
Zotlabs/Module/File_upload.php
View File

@ -21,18 +21,23 @@ class File_upload extends \Zotlabs\Web\Controller {
$_REQUEST['source'] = 'file_upload'; $_REQUEST['source'] = 'file_upload';
if($channel['channel_id'] != local_channel()) { if($channel['channel_id'] != local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
} }
if($_REQUEST['directory_name']) if($_REQUEST['filename']) {
$_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
$_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
$_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']);
$_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']);
$r = attach_mkdir($channel,get_observer_hash(),$_REQUEST); $r = attach_mkdir($channel,get_observer_hash(),$_REQUEST);
else }
else {
$r = attach_store($channel,get_observer_hash(), '', $_REQUEST); $r = attach_store($channel,get_observer_hash(), '', $_REQUEST);
}
goaway(z_root() . '/' . $_REQUEST['return_url']); goaway(z_root() . '/' . $_REQUEST['return_url']);
} }

5
Zotlabs/Storage/Browser.php
View File

@ -316,6 +316,8 @@ class Browser extends DAV\Browser\Plugin {
$quota['desc'] = $quotaDesc; $quota['desc'] = $quotaDesc;
$quota['warning'] = ((($limit) && ((round($used / $limit, 1) * 100) >= 90)) ? t('WARNING:') : ''); // 10485760 bytes = 100MB $quota['warning'] = ((($limit) && ((round($used / $limit, 1) * 100) >= 90)) ? t('WARNING:') : ''); // 10485760 bytes = 100MB
$path = trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/');
$output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array( $output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array(
'$folder_header' => t('Create new folder'), '$folder_header' => t('Create new folder'),
'$folder_submit' => t('Create'), '$folder_submit' => t('Create'),
@ -330,7 +332,8 @@ class Browser extends DAV\Browser\Plugin {
'$deny_gid' => acl2json($channel_acl['deny_gid']), '$deny_gid' => acl2json($channel_acl['deny_gid']),
'$lockstate' => $lockstate, '$lockstate' => $lockstate,
'$return_url' => \App::$cmd, '$return_url' => \App::$cmd,
'$path' => trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/'), '$path' => $path,
'$folder' => find_folder_hash_by_path($this->auth->owner_id, $path),
'$dragdroptext' => t('Drop files here to immediately upload') '$dragdroptext' => t('Drop files here to immediately upload')
)); ));
} }

16
include/attach.php
View File

@ -1438,6 +1438,22 @@ logger('attach_hash: ' . $attachHash);
return $hash; return $hash;
} }
function find_folder_hash_by_path($channel_id, $path) {
$filename = end(explode('/', $path));
$r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' LIMIT 1",
intval($channel_id),
dbesc($filename)
);
$hash = '';
if($r && $r[0]['hash']) {
$hash = $r[0]['hash'];
}
return $hash;
}
/** /**
* @brief Returns the filename of an attachment in a given channel. * @brief Returns the filename of an attachment in a given channel.
* *

26
view/tpl/cloud_actionspanel.tpl
View File

@ -1,15 +1,27 @@
<div id="files-mkdir-tools" class="section-content-tools-wrapper"> <div id="files-mkdir-tools" class="section-content-tools-wrapper">
<label for="files-mkdir">{{$folder_header}}</label> <label for="files-mkdir">{{$folder_header}}</label>
<form method="post" action=""> <form id="mkdir-form" method="post" action="file_upload" class="acl-form" data-form_id="mkdir-form" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
<input type="hidden" name="sabreAction" value="mkcol"> <!--input type="hidden" name="sabreAction" value="mkcol"-->
<input id="files-mkdir" type="text" name="name" class="form-control form-group"> <input type="hidden" name="folder" value="{{$folder}}" />
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button> <input type="hidden" name="channick" value="{{$channick}}" />
<input type="hidden" name="return_url" value="{{$return_url}}" />
<input id="files-mkdir" type="text" name="filename" class="form-control form-group">
<div class="pull-right btn-group">
<div class="btn-group">
{{if $lockstate}}
<button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button">
<i class="jot-perms-icon fa fa-{{$lockstate}}"></i>
</button>
{{/if}}
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button>
</div>
</div>
</form> </form>
<div class="clear"></div> <div class="clear"></div>
</div> </div>
<div id="files-upload-tools" class="section-content-tools-wrapper"> <div id="files-upload-tools" class="section-content-tools-wrapper">
{{if $quota.limit || $quota.used}}<div class="{{if $quota.warning}}section-content-danger-wrapper{{else}}section-content-info-wrapper{{/if}}">{{if $quota.warning}}<strong>{{$quota.warning}} </strong>{{/if}}{{$quota.desc}}</div>{{/if}} {{if $quota.limit || $quota.used}}<div class="{{if $quota.warning}}section-content-danger-wrapper{{else}}section-content-info-wrapper{{/if}}">{{if $quota.warning}}<strong>{{$quota.warning}} </strong>{{/if}}{{$quota.desc}}</div>{{/if}}
<form id="ajax-upload-files" method="post" action="file_upload" enctype="multipart/form-data" class="acl-form" data-form_id="ajax-upload-files" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'> <form id="ajax-upload-files" method="post" action="file_upload" enctype="multipart/form-data" class="acl-form" data-form_id="ajax-upload-files" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
<input type="hidden" name="directory" value="{{$path}}" /> <input type="hidden" name="directory" value="{{$path}}" />
<input type="hidden" name="channick" value="{{$channick}}" /> <input type="hidden" name="channick" value="{{$channick}}" />
<input type="hidden" name="return_url" value="{{$return_url}}" /> <input type="hidden" name="return_url" value="{{$return_url}}" />
@ -18,8 +30,8 @@
<div class="pull-right btn-group"> <div class="pull-right btn-group">
<div class="btn-group"> <div class="btn-group">
{{if $lockstate}} {{if $lockstate}}
<button id="dbtn-acl" class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" onclick="return false;"> <button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button">
<i id="jot-perms-icon" class="fa fa-{{$lockstate}}"></i> <i class="jot-perms-icon fa fa-{{$lockstate}}"></i>
</button> </button>
{{/if}} {{/if}}
<button id="upload-submit" class="btn btn-primary btn-sm pull-right" type="submit" name="submit" value="{{$upload_submit}}">{{$upload_submit}}</button> <button id="upload-submit" class="btn btn-primary btn-sm pull-right" type="submit" name="submit" value="{{$upload_submit}}">{{$upload_submit}}</button>