fix: corrected various issues in FAQ editor

thorsten · May 16, 2024 · 1fc0391 · 1fc0391
1 parent 669fd27
commit 1fc0391
Show file tree

Hide file tree

Showing 7 changed files with 21 additions and 18 deletions.
diff --git a/phpmyfaq/admin/category.add.php b/phpmyfaq/admin/category.add.php
@@ -69,7 +69,8 @@
         'ad_entry_grouppermission' => Translation::get('ad_entry_grouppermission'),
         'ad_entry_all_groups' => Translation::get('ad_entry_all_groups'),
         'ad_entry_restricted_groups' => Translation::get('ad_entry_restricted_groups'),
-        'restricted_groups' => $currentUser->perm->getAllGroupsOptions([], $user)
+        'restricted_groups' => ($faqConfig->get('security.permLevel') === 'medium') ?
+            $currentUser->perm->getAllGroupsOptions([], $user) : '',
     ];
 
     if ($parentId > 0) {

diff --git a/phpmyfaq/admin/dashboard.php b/phpmyfaq/admin/dashboard.php
@@ -67,7 +67,7 @@
     'hasUserTracking' => $faqConfig->get('main.enableUserTracking'),
     'adminDashboardHeaderInactiveFaqs' => Translation::get('ad_record_inactive'),
     'adminDashboardInactiveFaqs' => $faq->getInactiveFaqsData(),
-    'hasPermissionEditConfig' => $user->perm->hasPermission($user->getUserId(), PermissionType::CONFIGURATION_EDIT),
+    'hasPermissionEditConfig' => $user->perm->hasPermission($user->getUserId(), PermissionType::CONFIGURATION_EDIT->value),
     'showVersion' => $faqConfig->get('main.enableAutoUpdateHint'),
 ];
 
@@ -93,7 +93,7 @@
     ];
 }
 
-if ($user->perm->hasPermission($user->getUserId(), PermissionType::CONFIGURATION_EDIT)) {
+if ($user->perm->hasPermission($user->getUserId(), PermissionType::CONFIGURATION_EDIT->value)) {
     $api = new Api($faqConfig);
 
     $version = Filter::filterInput(INPUT_POST, 'param', FILTER_SANITIZE_SPECIAL_CHARS);

diff --git a/phpmyfaq/admin/faqs.editor.php b/phpmyfaq/admin/faqs.editor.php
@@ -311,7 +311,7 @@
     //
     // Revisions
     //
-    if ($user->perm->hasPermission($currentUserId, PermissionType::REVISION_UPDATE) && $action === 'editentry') {
+    if ($user->perm->hasPermission($currentUserId, PermissionType::REVISION_UPDATE->value) && $action === 'editentry') {
         $faqRevision = new Revision($faqConfig);
         $revisions = $faqRevision->get($faqData['id'], $faqData['lang'], $faqData['author']);
 
@@ -374,10 +374,10 @@
         'categoryOptions' => $categoryHelper->renderOptions($categories),
         'ad_entry_locale' => Translation::get('ad_entry_locale'),
         'languageOptions' => LanguageHelper::renderSelectLanguage($faqData['lang'], false, [], 'lang'),
-        'hasPermissionForAddAttachments' => $user->perm->hasPermission($currentUserId, PermissionType::ATTACHMENT_ADD),
+        'hasPermissionForAddAttachments' => $user->perm->hasPermission($currentUserId, PermissionType::ATTACHMENT_ADD->value),
         'hasPermissionForDeleteAttachments' => $user->perm->hasPermission(
             $currentUserId,
-            PermissionType::ATTACHMENT_DELETE
+            PermissionType::ATTACHMENT_DELETE->value
         ),
         'ad_menu_attachments' => Translation::get('ad_menu_attachments'),
         'csrfTokenDeleteAttachment' => Token::getInstance()->getTokenString('delete-attachment'),
@@ -392,7 +392,8 @@
         'allGroups' => $allGroups,
         'restrictedGroups' => $restrictedGroups,
         'ad_entry_restricted_groups' => Translation::get('ad_entry_restricted_groups'),
-        'groupPermissionOptions' => $user->perm->getAllGroupsOptions($groupPermission, $user),
+        'groupPermissionOptions' => ($faqConfig->get('security.permLevel') === 'medium') ?
+            $user->perm->getAllGroupsOptions($groupPermission, $user) : '',
         'ad_entry_userpermission' => Translation::get('ad_entry_userpermission'),
         'allUsers' => $allUsers,
         'ad_entry_all_users' => Translation::get('ad_entry_all_users'),
@@ -413,7 +414,7 @@
         'msgKeepFaqDate' => Translation::get('msgKeepFaqDate'),
         'msgEditFaqDat' => Translation::get('msgEditFaqDat'),
         'ad_entry_status' => Translation::get('ad_entry_status'),
-        'hasPermissionForApprove' => $user->perm->hasPermission($currentUserId, PermissionType::FAQ_APPROVE),
+        'hasPermissionForApprove' => $user->perm->hasPermission($currentUserId, PermissionType::FAQ_APPROVE->value),
         'isActive' => $isActive,
         'isInActive' => $isInActive,
         'ad_entry_visibility' => Translation::get('ad_entry_visibility'),

diff --git a/phpmyfaq/assets/templates/admin/content/faq.editor.twig b/phpmyfaq/assets/templates/admin/content/faq.editor.twig
@@ -26,7 +26,7 @@
         <ul class="nav nav-tabs card-header-tabs" id="nav-tab" role="tablist">
           <li class="nav-item">
             <a class="nav-link active" data-bs-toggle="tab" href="#tab-question-answer" role="tab">
-              <i class="bi bi-pencil-square-o"></i> {{ ad_record_faq }}
+              <i class="bi bi-pencil"></i> {{ ad_record_faq }}
             </a>
           </li>
           <li class="nav-item">
@@ -36,12 +36,12 @@
           </li>
           <li class="nav-item">
             <a class="nav-link" data-bs-toggle="tab" href="#tab-permissions" role="tab">
-              <i class="bi bi-unlock-alt"></i> {{ ad_record_permissions }}
+              <i class="bi bi-unlock"></i> {{ ad_record_permissions }}
             </a>
           </li>
           <li class="nav-item">
             <a class="nav-link" data-bs-toggle="tab" href="#tab-notes-changelog" role="tab">
-              <i class="bi bi-sticky-note-o"></i>
+              <i class="bi bi-stickies"></i>
               {{ ad_admin_notes }} / {{ ad_entry_changelog }}
             </a>
           </li>
@@ -323,7 +323,7 @@
                 <ul>
                   {% for changelog in changelogs %}
                   <li class="small pt-0">
-                    <i class="bi bi-hand-o-right"></i> {{ ad_entry_revision }} 1.{{ changelog['revision_id'] }}
+                    <i class="bi bi-archive"></i> {{ ad_entry_revision }} 1.{{ changelog['revision_id'] }}
                     <i class="bi bi-calendar"></i> {{ changelog['date'] | date('Y-m-d H:i:s') }}
                     <i class="bi bi-person-fill"></i> {{ changelog['user'] | realName }}
                     <br>

diff --git a/phpmyfaq/assets/templates/admin/content/stickyfaqs.twig b/phpmyfaq/assets/templates/admin/content/stickyfaqs.twig
@@ -16,6 +16,7 @@
   </div>
 {% endif %}
 
+{% if orderingStickyFaqsActivated != false %}
 <div class="card shadow mt-5 ml-5" id="mainCardStickyFAQs">
   <div class="card-body">
     <ul class="list-group list-group-numbered {{ sortableDisabled }}" id="stickyFAQs" data-csrf="{{ csrfToken }}">
@@ -27,4 +28,4 @@
     </ul>
   </div>
 </div>
-
+{% endif %}
diff --git a/phpmyfaq/index.php b/phpmyfaq/index.php
@@ -656,7 +656,7 @@
 // Show login box or logged-in user information
 //
 if ($user->isLoggedIn() && $user->getUserId() > 0) {
-    if ($user->perm->hasPermission($user->getUserId(), PermissionType::VIEW_ADMIN_LINK) || $user->isSuperAdmin()) {
+    if ($user->perm->hasPermission($user->getUserId(), PermissionType::VIEW_ADMIN_LINK->value) || $user->isSuperAdmin()) {
         $adminSection = sprintf(
             '<a class="dropdown-item" href="./admin/index.php">%s</a>',
             Translation::get('adminSection')

diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/FaqController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/FaqController.php
@@ -98,7 +98,7 @@ public function create(Request $request): JsonResponse
         $recordLang = Filter::filterVar($data->lang, FILTER_SANITIZE_SPECIAL_CHARS);
         $tags = Filter::filterVar($data->tags, FILTER_SANITIZE_SPECIAL_CHARS);
         $active = Filter::filterVar($data->active, FILTER_SANITIZE_SPECIAL_CHARS);
-        $sticky = Filter::filterVar($data->sticky ?? false, FILTER_SANITIZE_SPECIAL_CHARS);
+        $sticky = Filter::filterVar($data->sticky ?? 'no', FILTER_SANITIZE_SPECIAL_CHARS);
         $content = Filter::filterVar($data->answer, FILTER_SANITIZE_SPECIAL_CHARS);
         $keywords = Filter::filterVar($data->keywords, FILTER_SANITIZE_SPECIAL_CHARS);
         $author = Filter::filterVar($data->author, FILTER_SANITIZE_SPECIAL_CHARS);
@@ -120,7 +120,7 @@ public function create(Request $request): JsonResponse
         $faqData
             ->setLanguage($recordLang)
             ->setActive($active === 'yes')
-            ->setSticky(!is_null($sticky))
+            ->setSticky(($sticky !== 'no') ? $sticky : false)
             ->setQuestion(
                 Filter::removeAttributes(html_entity_decode((string) $question, ENT_QUOTES | ENT_HTML5, 'UTF-8'))
             )
@@ -275,7 +275,7 @@ public function update(Request $request): JsonResponse
         $faqLang = Filter::filterVar($data->lang, FILTER_SANITIZE_SPECIAL_CHARS);
         $tags = Filter::filterVar($data->tags, FILTER_SANITIZE_SPECIAL_CHARS);
         $active = Filter::filterVar($data->active, FILTER_SANITIZE_SPECIAL_CHARS);
-        $sticky = Filter::filterVar($data->sticky ?? false, FILTER_SANITIZE_SPECIAL_CHARS);
+        $sticky = Filter::filterVar($data->sticky ?? 'no', FILTER_SANITIZE_SPECIAL_CHARS);
         $content = Filter::filterVar($data->answer, FILTER_SANITIZE_SPECIAL_CHARS);
         $keywords = Filter::filterVar($data->keywords, FILTER_SANITIZE_SPECIAL_CHARS);
         $author = Filter::filterVar($data->author, FILTER_SANITIZE_SPECIAL_CHARS);
@@ -310,7 +310,7 @@ public function update(Request $request): JsonResponse
             ->setRevisionId($revisionId)
             ->setSolutionId($solutionId)
             ->setActive($active === 'yes')
-            ->setSticky(!is_null($sticky))
+            ->setSticky(($sticky !== 'no') ? $sticky : false)
             ->setQuestion(
                 Filter::removeAttributes(html_entity_decode((string) $question, ENT_QUOTES | ENT_HTML5, 'UTF-8'))
             )