pyrocms · sdbondi · Aug 10, 2012
diff --git a/system/cms/config/migration.php b/system/cms/config/migration.php
@@ -23,7 +23,7 @@
 |
 */
 
-$config['migration_version'] = 101;
+$config['migration_version'] = 102;
 
 /*
 |--------------------------------------------------------------------------
@@ -37,4 +37,4 @@
 */
 $config['migration_path'] = APPPATH . 'migrations/';
 
-/* End of file migration.php */
+/* End of file migration.php */
diff --git a/system/cms/core/Admin_Controller.php b/system/cms/core/Admin_Controller.php
@@ -24,6 +24,9 @@ public function __construct()
 	{
 		parent::__construct();
 
+		// Load resources
+		$this->load->model('groups/group_m');
+
 		// Load the Language files ready for output
 		$this->lang->load('admin');
 		$this->lang->load('buttons');
@@ -108,21 +111,22 @@ private function _check_access()
 			return TRUE;
 		}
 
-		// Well they at least better have permissions!
+		$group = $this->group_m->get_by('id', $this->current_user->group_id);
-		if ($this->current_user)
+
+		// If group control panel access is not given, deny access
+		if (!$group->has_cp_access) 
+		{
+			return FALSE;
+		}
+
+		// We are looking at the index page. Show it if their group has admin access and if they have ANY permissions at all
+		if ($current_page == 'admin/index' && $this->permissions)
 		{
-			// We are looking at the index page. Show it if they have ANY admin access at all
+			return TRUE;
-			if ($current_page == 'admin/index' && $this->permissions)
-			{
-				return TRUE;
-			}
-
-			// Check if the current user can view that page
-			return array_key_exists($this->module, $this->permissions);
 		}
 
-		// god knows what this is... erm...
+		// Check if the current user can view that page
-		return FALSE;
+		return  array_key_exists($this->module, $this->permissions);
 	}
 
 }
diff --git a/system/cms/migrations/102_Add_cp_access_flag_to_groups.php b/system/cms/migrations/102_Add_cp_access_flag_to_groups.php
@@ -0,0 +1,16 @@
+<?php defined('BASEPATH') OR exit('No direct script access allowed');
+
+class Migration_Add_cp_access_flag_to_groups extends CI_Migration
+{
+	public function up()
+	{
+		$this->dbforge->add_column('groups', array(
+			'has_cp_access' => array('type' => 'BOOLEAN', 'null' => false, 'default' => 1)
+		));
+	}
+
+	public function down()
+	{
+		$this->dbforge->drop_column('groups', 'has_cp_access');
+	}
+}
diff --git a/system/cms/modules/groups/language/english/group_lang.php b/system/cms/modules/groups/language/english/group_lang.php
@@ -1,23 +1,24 @@
 <?php defined('BASEPATH') OR exit('No direct script access allowed');
 
 // labels
-$lang['groups.title']					= 'Title';
+$lang['groups.title']               = 'Title';
-$lang['groups.name']				    = 'Name';
+$lang['groups.name']                = 'Name';
-$lang['groups.short_name']				= 'Short Name';
+$lang['groups.short_name']          = 'Short Name';
+$lang['groups.cp_access']           = 'Control Panel Access';
 
 // titles
-$lang['groups.index_title']             = 'List Groups';
+$lang['groups.index_title']         = 'List Groups';
-$lang['groups.add_title']               = 'Add Group';
+$lang['groups.add_title']           = 'Add Group';
-$lang['groups.edit_title']              = 'Editing Group "%s"';
+$lang['groups.edit_title']          = 'Editing Group "%s"';
 
 // messages
-$lang['groups.no_groups']               = 'No groups found.';
+$lang['groups.no_groups']           = 'No groups found.';
-$lang['groups.add_success']             = 'The group "%s" has been added.';
+$lang['groups.add_success']         = 'The group "%s" has been added.';
-$lang['groups.add_error']               = 'The group "%s" could not be added.';
+$lang['groups.add_error']           = 'The group "%s" could not be added.';
-$lang['groups.edit_success']            = 'The group "%s" has been saved.';
+$lang['groups.edit_success']        = 'The group "%s" has been saved.';
-$lang['groups.edit_error']              = 'The group "%s" could not be saved.';
+$lang['groups.edit_error']          = 'The group "%s" could not be saved.';
-$lang['groups.delete_success']          = 'The group was deleted successfully.';
+$lang['groups.delete_success']      = 'The group was deleted successfully.';
-$lang['groups.delete_error']            = 'There was an error deleting this group. You must delete all users associated with this group before deleting the group.';
+$lang['groups.delete_error']        = 'There was an error deleting this group. You must delete all users associated with this group before deleting the group.';
-$lang['groups.already_exist_error']     = 'A groups item with the name "%s" already exists.';
+$lang['groups.already_exist_error'] = 'A groups item with the name "%s" already exists.';
 
 /* End of file group_lang.php */
diff --git a/system/cms/modules/groups/models/group_m.php b/system/cms/modules/groups/models/group_m.php
@@ -80,7 +80,8 @@ public function insert($input = array())
 	{
 		return parent::insert(array(
 			'name'			=> $input['name'],
-			'description'	=> $input['description']
+			'description'	=> $input['description'],
+			'has_cp_access' => $input['has_cp_access']
 		));
 	}
 
@@ -96,7 +97,8 @@ public function update($id = 0, $input = array())
 	{
 		return parent::update($id, array(
 			'name'			=> $input['name'],
-			'description'	=> $input['description']
+			'description'	=> $input['description'],
+			'has_cp_access' => $input['has_cp_access']
 		));
 	}
 

diff --git a/system/cms/modules/groups/views/admin/form.php b/system/cms/modules/groups/views/admin/form.php
@@ -33,6 +33,23 @@
 
 			</div>
 		</li>
+
+		<li>
+			<label for="has_cp_access"><?php echo lang('groups.cp_access');?></label>
+
+			<div class="input type-radio">
+				<?php if ( ! in_array($group->name, array('user', 'admin'))): ?>
+				<label class="inline">
+					<?php echo form_radio('has_cp_access', '1', $group->has_cp_access);?><?php echo lang('global:enabled'); ?>
+				</label> 
+				<label class="inline">
+					<?php echo form_radio('has_cp_access', '0', !$group->has_cp_access);?><?php echo lang('global:disabled'); ?>
+				</label> 							
+				<?php else: ?>
+				<?php echo lang('global:enabled'); ?>
+				<?php endif; ?>
+			</div>
+		</li>
     </ul>
 
 </div>

diff --git a/system/cms/modules/groups/views/admin/index.php b/system/cms/modules/groups/views/admin/index.php
@@ -4,11 +4,12 @@
 
 <section class="item">
 	<?php if ($groups): ?>
-		<table class="table-list" cellspacing="0">
+		<table class="table-list">
 			<thead>
 				<tr>
 					<th width="40%"><?php echo lang('groups.name');?></th>
-					<th><?php echo lang('groups.short_name');?></th>
+					<th width="20%"><?php echo lang('groups.short_name');?></th>
+					<th width="16%"><?php echo lang('groups.cp_access');?></th>
 					<th width="300"></th>
 				</tr>
 			</thead>
@@ -24,6 +25,7 @@
 				<tr>
 					<td><?php echo $group->description; ?></td>
 					<td><?php echo $group->name; ?></td>
+					<td><?php echo $group->has_cp_access ? 'Yes' : 'No'; ?></td>
 					<td class="actions">
 					<?php echo anchor('admin/groups/edit/'.$group->id, lang('buttons.edit'), 'class="button edit"'); ?>
 					<?php if ( ! in_array($group->name, array('user', 'admin'))): ?>

diff --git a/system/cms/plugins/user.php b/system/cms/plugins/user.php
@@ -91,10 +91,13 @@ public function not_logged_in()
 	 */
 	public function has_cp_permissions()
 	{
+		$this->load->model('groups/group_m');
+
 		if ($this->current_user)
 		{
-			if (!(($this->current_user->group == 'admin') OR $this->permission_m->get_group($this->current_user->group_id)))
+			$group = $this->group_m->get_by('id', $this->current_user->group_id);
-			{
+			if (!($this->current_user->group == 'admin' OR ($group->has_cp_access AND $this->permission_m->get_group($this->current_user->group_id))))
+			{				
 				return '';
 			}