DEV: Реорганизация

This commit is contained in:
Evg 2022-12-03 09:51:19 +03:00
parent 7b00a2852c
commit 6a3b82d374
20 changed files with 85 additions and 54 deletions

View file

@ -27,10 +27,6 @@ class EditPostController extends Controller
$post = PostModel::getPost($post_id, 'id', $this->user);
self::error404($post);
if (Access::author('post', $post, config('trust-levels.edit_time_post')) == false) {
is_return(__('msg.access_denied'), 'error');
}
$post_related = [];
if ($post['post_related']) {
$post_related = PostModel::postRelated($post['post_related']);
@ -38,6 +34,10 @@ class EditPostController extends Controller
$blog = FacetModel::getFacetsUser($this->user['id'], 'blog');
if (Access::postAuthorAndTeam($post, $blog[0]['facet_user_id']) == false) {
is_return(__('msg.access_denied'), 'error');
}
return $this->render(
'/post/edit',
[
@ -66,8 +66,11 @@ class EditPostController extends Controller
// Access check
$post = PostModel::getPost($post_id, 'id', $this->user);
if (Access::author('post', $post, config('trust-levels.edit_time_post')) == false) {
return false;
$blog = FacetModel::getFacetsUser($this->user['id'], 'blog');
if (Access::postAuthorAndTeam($post, $blog[0]['facet_user_id']) == false) {
is_return(__('msg.access_denied'), 'error');
}
$redirect = url('content.edit', ['type' => $post['post_type'], 'id' => $post_id]);

View file

@ -11,15 +11,6 @@ class Access
{
$type = Request::get('type');
if (UserData::checkAdmin()) {
return true;
}
if (self::limitingMode() === false) {
Msg::add(__('msg.silent_mode',), 'error');
redirect('/');
}
// TODO: Изменим поля в DB, чтобы использовать limitContent для messages и invitation:
if (in_array($type, ['post', 'amswer', 'comment', 'item'])) {
if (self::limitContent($type) === false) {
@ -29,19 +20,6 @@ class Access
}
}
/**
* Stop changing (adding) content if the user is frozen (silent mode)
*
* Остановим изменение (добавление) контента если пользователь заморожен (немой режим)
*/
public static function limitingMode(): bool
{
if (UserData::getLimitingMode() == 1) {
return false;
}
return true;
}
/**
* From what TL level is it possible to create content.
*
@ -138,14 +116,57 @@ class Access
*
* Доступ получает только автор.
*/
if ($info_type[$type_content . '_user_id'] != UserData::getUserId()) {
return false;
}
if ($info_type[$type_content . '_user_id'] != UserData::getUserId()) {
return false;
}
/**
* Time limit.
*
* Лимит по времени.
*/
if (self::limiTime($info_type[$type_content . '_date'], $limit_time) === false) {
return false;
}
return true;
}
public static function postAuthorAndTeam(array $info_type, int $blog_user_id): bool
{
if (UserData::checkAdmin()) {
return true;
}
/**
* If the author's Tl has been downgraded.
*
* Если Tl автора было изменено на понижение.
*
* In config: tl_add_post
*/
if (self::trustLevels(config('trust-levels.tl_add_post')) === false) {
return false;
}
/**
* Allow the author or blog owner to edit the article.
*
* Разрешить редактировать статью автору или владельцу блога.
*/
if ($info_type['post_user_id'] != UserData::getUserId() && UserData::getUserId() != $blog_user_id) {
return false;
}
/**
* Time limit.
*
* Лимит по времени.
*/
if (self::limiTime($info_type['post_date'], config('trust-levels.edit_time_post')) === false) {
return false;
}
return true;
}
}

View file

@ -3,17 +3,23 @@
namespace App\Middleware\Before;
use Hleb\Scheme\App\Middleware\MainMiddleware;
use Access;
use Access, UserData, Msg;
class Restrictions extends MainMiddleware
{
/**
* Check for limits and general freezing of the participant (silent mode)
*
* Проверим на лимиты и общую заморозку участника (немой режим)
*/
function index()
{
if (UserData::checkAdmin()) {
return;
}
// Check for silent mode
// Проверим на немой режим
if (UserData::getLimitingMode() == UserData::MUTE_MODE_USER) {
Msg::add(__('msg.silent_mode',), 'error');
redirect('/');
}
Access::limitForMiddleware();
}
}

View file

@ -302,6 +302,7 @@ class PostModel extends \Hleb\Scheme\App\Models\MainModel
facet_slug,
facet_img,
facet_type,
facet_user_id,
facet_short_description,
relation_facet_id,
relation_post_id,

View file

@ -21,26 +21,26 @@ class MainConnector implements Connector
"App\Middleware\After\*" => "app/Middleware/After/",
"Modules\*" => "modules/",
"App\Commands\*" => "app/Commands/",
"App\Exception\*" => "app/Libraries/",
"App\Exception\*" => "app/Core/",
// ... or, if a specific class is added,
// "Phphleb\Debugpan\DPanel" => "vendor/phphleb/debugpan/DPanel.php",
"DB" => "app/Libraries/DB.php",
"Configuration" => "app/Libraries/Configuration.php",
"Translate" => "app/Libraries/Translate.php",
"Access" => "app/Libraries/Access.php",
"Msg" => "app/Libraries/Msg.php",
"Img" => "app/Libraries/Img.php",
"Curl" => "app/Libraries/Curl.php",
"Content" => "app/Libraries/Content.php",
"UploadImage" => "app/Libraries/UploadImage.php",
"Html" => "app/Libraries/Html.php",
"Meta" => "app/Libraries/Meta.php",
"UserData" => "app/Libraries/UserData.php",
"DB" => "app/Core/DB.php",
"Configuration" => "app/Core/Configuration.php",
"Translate" => "app/Core/Translate.php",
"Access" => "app/Core/Access.php",
"Msg" => "app/Core/Msg.php",
"Img" => "app/Core/Img.php",
"Curl" => "app/Core/Curl.php",
"Content" => "app/Core/Content.php",
"UploadImage" => "app/Core/UploadImage.php",
"Html" => "app/Core/Html.php",
"Meta" => "app/Core/Meta.php",
"UserData" => "app/Core/UserData.php",
"URLScraper" => "app/Libraries/URLScraper.php",
"SendEmail" => "app/Libraries/SendEmail.php",
"URLScraper" => "app/Core/URLScraper.php",
"SendEmail" => "app/Core/SendEmail.php",
];
}
}

View file

@ -39,12 +39,12 @@
<?php endif; ?>
<?php if (UserData::checkActiveUser()) : ?>
<?php if (Access::author('post', $post, config('trust-levels.edit_time_post')) == true) : ?>
<?php if (Access::postAuthorAndTeam($post, $data['blog'][0]['facet_user_id'] ?? 0) == true) : ?>
<a class="gray-600 lowercase" href="<?= url('content.edit', ['type' => 'post', 'id' => $post['post_id']]); ?>">
<?= __('app.edit'); ?>
</a>
<?php endif; ?>
<?php if (UserData::getUserLogin() == $post['login']) : ?>
<?php if ($post['my_post'] == $post['post_id']) : ?>
<span class="add-profile" data-post="<?= $post['post_id']; ?>">