Permalink
Browse files

Merge branch 'feature/productgroup-access' into develop

  • Loading branch information...
2 parents 1efe02c + af27616 commit 6b047c1d7f63bf45a6c264ee006e67e2292e04d0 @aschempp aschempp committed Sep 12, 2012
@@ -50,7 +50,7 @@ class DC_ProductData extends DC_Table
* @var array
*/
protected $arrLanguages;
-
+
/**
* Array of language labels
* @var array
@@ -1522,6 +1522,19 @@ protected function treeView()
$this->loadLanguageFile($gtable);
$this->loadDataContainer($gtable);
+
+ // Call onload_callback (e.g. to check permissions)
+ if (is_array($GLOBALS['TL_DCA'][$gtable]['config']['onload_callback']))
+ {
+ foreach ($GLOBALS['TL_DCA'][$gtable]['config']['onload_callback'] as $callback)
+ {
+ if (is_array($callback))
+ {
+ $this->import($callback[0]);
+ $this->$callback[0]->$callback[1]($this);
+ }
+ }
+ }
}
// Return if a mandatory field (id, pid) is missing
@@ -1633,28 +1646,12 @@ protected function treeView()
$this->Session->set('PRODUCTDATA_OVERLOAD', true);
// Call a recursive function that builds the tree including groups
- $this->root = $this->Database->query("SELECT id FROM $gtable WHERE pid=0 ORDER BY sorting")->fetchEach('id');
+ $this->root = is_array($GLOBALS['TL_DCA'][$gtable]['list']['sorting']['root']) ? $this->eliminateNestedPages($GLOBALS['TL_DCA'][$gtable]['list']['sorting']['root'], $gtable, true) : $this->Database->query("SELECT id FROM $gtable WHERE pid=0 ORDER BY sorting")->fetchEach('id');
for ($i=0, $count=count($this->root); $i<$count; $i++)
{
$tree .= $this->generateProductTree($gtable, $this->root[$i], array('p'=>$this->root[($i-1)], 'n'=>$this->root[($i+1)]), -20, ($blnClipboard ? $arrClipboard : false));
}
- // Generate all products not in a group
- if ($GLOBALS['TL_CONFIG']['iso_deferProductLoading'])
- {
- $root = $this->Database->query("SELECT id FROM $table WHERE pid=0 AND gid=0")->fetchEach('id');
- $this->root = array_values(array_intersect($this->products, $root));
- }
- else
- {
- $this->root = $this->Database->query("SELECT id FROM $table WHERE pid=0 AND gid=0 AND id IN (" . implode(',', $this->products) . ") ORDER BY id=" . implode(' DESC, id=', $this->products) . " DESC")->fetchEach('id');
- }
-
- for ($i=0, $count=count($this->root); $i<$count; $i++)
- {
- $tree .= $this->generateProductTree($table, $this->root[$i], array('p'=>$this->root[($i-1)], 'n'=>$this->root[($i+1)]), -20, ($blnClipboard ? $arrClipboard : false));
- }
-
// Stop the overload detection, everything went smoothly
$this->Session->set('PRODUCTDATA_OVERLOAD', false);
@@ -532,5 +532,32 @@ public function getOrderMessages()
return implode("\n", $arrMessages);
}
+
+
+ /**
+ * Generate the GENERAL group if there is none
+ * @return boolean
+ */
+ public static function createGeneralGroup()
+ {
+ $objDatabase = Database::getInstance();
+
+ $objGroups = $objDatabase->executeUncached("SELECT COUNT(id) AS total FROM tl_iso_groups");
+
+ if ($objGroups->total == 0)
+ {
+ $intGroup = $objDatabase->executeUncached("INSERT INTO tl_iso_groups (pid,sorting,tstamp,name) VALUES (0, 0, " . time() . ", '### GENERAL ###')")->insertId;
+
+ // add all products to that new folder
+ $objDatabase->query("UPDATE tl_iso_products SET gid=$intGroup WHERE pid=0 AND language='' AND gid=0");
+
+ // toggle (open) the new group
+ Session::getInstance()->set('tl_iso_products_tl_iso_groups_tree', array($intGroup=>1));
+
+ return true;
+ }
+
+ return false;
+ }
}
@@ -0,0 +1,19 @@
+UPDATE FROM 1.3 to 1.4
+=======================
+
+### General
+
+ * A general info:
+
+ Lorem Ipsum
+
+ * Another one
+
+ Lorem Ipsum
+
+### Products
+
+ * Product group permissions
+
+ You can now limit the access to product groups. An outcome of this new feature is that you can't have any product assigned to no product group
+ at all anymore. The update will take care of that for you.
@@ -262,6 +262,8 @@
$GLOBALS['TL_PERMISSIONS'][] = 'iso_mailp';
$GLOBALS['TL_PERMISSIONS'][] = 'iso_configs';
$GLOBALS['TL_PERMISSIONS'][] = 'iso_configp';
+$GLOBALS['TL_PERMISSIONS'][] = 'iso_groups';
+$GLOBALS['TL_PERMISSIONS'][] = 'iso_groupp';
/**
@@ -839,6 +839,8 @@ CREATE TABLE `tl_user` (
`iso_mailp` blob NULL,
`iso_configs` blob NULL,
`iso_configp` blob NULL,
+ `iso_groups` blob NULL
+ `iso_groupp` blob NULL,
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
@@ -864,6 +866,8 @@ CREATE TABLE `tl_user_group` (
`iso_mailp` blob NULL,
`iso_configs` blob NULL,
`iso_configp` blob NULL,
+ `iso_groups` blob NULL
+ `iso_groupp` blob NULL,
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
@@ -66,6 +66,7 @@ public function run()
$this->exec('updateProductTypes');
$this->exec('updateRules');
$this->exec('generateCategoryGroups');
+ $this->exec('createGroupForAllNonAssignedProducts');
// Make sure file extension .imt (Isotope Mail Template) is allowed for up- and download
if (!in_array('imt', trimsplit(',', $GLOBALS['TL_CONFIG']['uploadTypes'])))
@@ -977,6 +978,30 @@ private function generateCategoryGroups()
}
}
}
+
+
+ /**
+ * In Isotope 1.4 every product has to be assigned to a product groups for access permissions
+ */
+ private function createGroupForAllNonAssignedProducts()
+ {
+ if (!$this->Database->tableExists('tl_iso_groups') || !$this->Database->tableExists('tl_iso_products'))
+ {
+ return;
+ }
+
+ $objNoGroupProducts = $this->Database->executeUncached("SELECT COUNT(id) AS total FROM tl_iso_products WHERE pid=0 AND language='' AND gid=0");
+
+ if ($objNoGroupProducts->total < 1)
+ {
+ return;
+ }
+
+ // generate a group, we can't take an existing one because we dont know which one to use
+ $intGroup = $this->Database->executeUncached("INSERT INTO tl_iso_groups (pid,sorting,tstamp,name) VALUES (0, 0, " . time() . ", '### GENERAL ###')")->insertId;
+
+ $this->Database->query("UPDATE tl_iso_products SET gid=$intGroup WHERE pid=0 AND language='' AND gid=0");
+ }
}
@@ -40,6 +40,10 @@
'dataContainer' => 'Table',
'label' => &$GLOBALS['TL_LANG']['tl_iso_groups']['label'],
'enableVersioning' => true,
+ 'onload_callback' => array
+ (
+ array('tl_iso_groups', 'checkPermission'),
+ ),
'ondelete_callback' => array
(
array('tl_iso_groups', 'deleteGroup'),
@@ -84,7 +88,8 @@
(
'label' => &$GLOBALS['TL_LANG']['tl_iso_groups']['copy'],
'href' => 'table=tl_iso_groups&amp;act=paste&amp;mode=copy',
- 'icon' => 'copy.gif'
+ 'icon' => 'copy.gif',
+ 'button_callback' => array('tl_iso_groups', 'copyButton'),
),
'cut' => array
(
@@ -98,7 +103,8 @@
'label' => &$GLOBALS['TL_LANG']['tl_iso_groups']['delete'],
'href' => 'table=tl_iso_groups&amp;act=delete',
'icon' => 'delete.gif',
- 'attributes' => 'onclick="if (!confirm(\'' . $GLOBALS['TL_LANG']['MSC']['deleteConfirm'] . '\')) return false; Backend.getScrollOffset();"'
+ 'attributes' => 'onclick="if (!confirm(\'' . $GLOBALS['TL_LANG']['MSC']['deleteConfirm'] . '\')) return false; Backend.getScrollOffset();"',
+ 'button_callback' => array('tl_iso_groups', 'deleteButton'),
),
'show' => array
(
@@ -136,6 +142,52 @@
class tl_iso_groups extends Backend
{
+ public function __construct()
+ {
+ parent::__construct();
+ $this->import('BackendUser', 'User');
+ }
+
+
+ /**
+ * Check access permissions
+ */
+ public function checkPermission($dc)
+ {
+ if ($this->User->isAdmin)
+ {
+ return;
+ }
+
+ // Load permissions in tl_iso_products
+ if ($dc->table == 'tl_iso_products')
+ {
+ $GLOBALS['TL_DCA']['tl_iso_groups']['list']['sorting']['root'] = (array) $this->User->iso_groups;
+ return;
+ }
+
+ if (!is_array($this->User->iso_groupp) || empty($this->User->iso_groupp) || !is_array($this->User->iso_groups) || empty($this->User->iso_groups))
+ {
+ $this->log('Unallowed access to product groups!', __METHOD__, TL_ERROR);
+ $this->redirect('contao/main.php?act=error');
+ }
+
+ $GLOBALS['TL_DCA']['tl_iso_groups']['list']['sorting']['root'] = $this->User->iso_groups;
+
+ if (!in_array('create', $this->User->iso_groupp))
+ {
+ $GLOBALS['TL_DCA']['tl_iso_groups']['config']['closed'] = true;
+ }
+
+ // Check permission to delete item
+ if ($this->Input->get('act') == 'delete' && !in_array('delete', $this->User->iso_groupp))
+ {
+ $this->log('User is not allowed to delete groups', __METHOD__, TL_ERROR);
+ $this->redirect('contao/main.php?act=error');
+ }
+ }
+
+
/**
* Add an image to each group in the tree
* @param array
@@ -166,6 +218,50 @@ public function deleteGroup($dc)
$arrGroups[] = $dc->id;
$this->Database->query("UPDATE tl_iso_products SET gid=0 WHERE gid IN (" . implode(',', $arrGroups) . ")");
+
+ IsotopeBackend::createGeneralGroup();
+ }
+
+
+ /**
+ * Disable copy button if user has no permission to create groups
+ * @param array
+ * @param string
+ * @param string
+ * @param string
+ * @param string
+ * @param string
+ * @return string
+ */
+ public function copyButton($row, $href, $label, $title, $icon, $attributes)
+ {
+ if (!$this->User->isAdmin && (!is_array($this->User->iso_groupp) || !in_array('create', $this->User->iso_groupp)))
+ {
+ return $this->generateImage(preg_replace('/\.gif$/i', '_.gif', $icon)) . ' ';
+ }
+
+ return '<a href="'.$this->addToUrl($href.'&amp;id='.$row['id']).'" title="'.specialchars($title).'"'.$attributes.'>'.$this->generateImage($icon, $label).'</a> ';
+ }
+
+
+ /**
+ * Disable delete button if user has no permission to delete groups
+ * @param array
+ * @param string
+ * @param string
+ * @param string
+ * @param string
+ * @param string
+ * @return string
+ */
+ public function deleteButton($row, $href, $label, $title, $icon, $attributes)
+ {
+ if (!$this->User->isAdmin && (!is_array($this->User->iso_groupp) || !in_array('delete', $this->User->iso_groupp)))
+ {
+ return $this->generateImage(preg_replace('/\.gif$/i', '_.gif', $icon)) . ' ';
+ }
+
+ return '<a href="'.$this->addToUrl($href.'&amp;id='.$row['id']).'" title="'.specialchars($title).'"'.$attributes.'>'.$this->generateImage($icon, $label).'</a> ';
}
}
@@ -185,6 +185,7 @@
'href' => 'table=tl_iso_groups',
'class' => 'header_iso_groups isotope-tools',
'attributes' => 'onclick="Backend.getScrollOffset();"',
+ 'button_callback' => array('tl_iso_products', 'groupsButton')
),
'import' => array
(
@@ -725,7 +726,7 @@ public function applyAdvancedFilters()
/**
- * Only list product types a user is allowed to see
+ * Check permissions for that entry
* @return void
*/
public function checkPermission()
@@ -749,7 +750,8 @@ public function checkPermission()
return;
}
- if (!is_array($this->User->iso_product_types) || empty($this->User->iso_product_types))
+ // Filter by product type and group permissions
+ if (!is_array($this->User->iso_product_types) || empty($this->User->iso_product_types) || !is_array($this->User->iso_groups) || empty($this->User->iso_groups))
{
$GLOBALS['TL_DCA']['tl_iso_products']['config']['closed'] = true;
unset($GLOBALS['TL_DCA']['tl_iso_products']['list']['global_operations']['new_product']);
@@ -758,8 +760,9 @@ public function checkPermission()
}
else
{
- $objProducts = $this->Database->execute("SELECT id FROM tl_iso_products WHERE type IN ('','" . implode("','", $this->User->iso_product_types) . "')");
+ $arrGroups = array_merge($this->User->iso_groups, $this->getChildRecords($this->User->iso_groups, 'tl_iso_groups'));
+ $objProducts = $this->Database->execute("SELECT id FROM tl_iso_products WHERE type IN ('','" . implode("','", $this->User->iso_product_types) . "') AND gid IN (" . implode(',', $arrGroups) . ") AND pid=0 AND language=''");
$arrProducts = $objProducts->numRows ? $objProducts->fetchEach('id') : array();
// Maybe another function has already set allowed product IDs
@@ -1685,6 +1688,27 @@ public function toggleGroups($href, $label, $title, $class, $attributes, $table,
return '<a href="' . $this->addToUrl('&amp;' . $href) . '" class="header_toggle isotope-tools" title="' . specialchars($title) . '"' . $attributes . '>' . specialchars($label) . '</a>';
}
+ /**
+ * Hide "product groups" button for non-admins
+ * @param string
+ * @param string
+ * @param string
+ * @param string
+ * @param string
+ * @param string
+ * @param array
+ * @return string
+ */
+ public function groupsButton($href, $label, $title, $class, $attributes, $table, $root)
+ {
+ if (!$this->User->isAdmin && (!is_array($this->User->iso_groupp) || empty($this->User->iso_groupp) || !is_array($this->User->iso_groups) || empty($this->User->iso_groups)))
+ {
+ return '';
+ }
+
+ return '<a href="' . $this->addToUrl('&amp;' . $href) . '" class="header_iso_groups isotope-tools" title="' . specialchars($title) . '"' . $attributes . '>' . specialchars($label) . '</a>';
+ }
+
/**
* Return the "toggle visibility" button
Oops, something went wrong.

0 comments on commit 6b047c1

Please sign in to comment.