DEV: Реорганизация
This commit is contained in:
parent
7b00a2852c
commit
6a3b82d374
20 changed files with 85 additions and 54 deletions
|
@ -27,10 +27,6 @@ class EditPostController extends Controller
|
|||
$post = PostModel::getPost($post_id, 'id', $this->user);
|
||||
self::error404($post);
|
||||
|
||||
if (Access::author('post', $post, config('trust-levels.edit_time_post')) == false) {
|
||||
is_return(__('msg.access_denied'), 'error');
|
||||
}
|
||||
|
||||
$post_related = [];
|
||||
if ($post['post_related']) {
|
||||
$post_related = PostModel::postRelated($post['post_related']);
|
||||
|
@ -38,6 +34,10 @@ class EditPostController extends Controller
|
|||
|
||||
$blog = FacetModel::getFacetsUser($this->user['id'], 'blog');
|
||||
|
||||
if (Access::postAuthorAndTeam($post, $blog[0]['facet_user_id']) == false) {
|
||||
is_return(__('msg.access_denied'), 'error');
|
||||
}
|
||||
|
||||
return $this->render(
|
||||
'/post/edit',
|
||||
[
|
||||
|
@ -66,8 +66,11 @@ class EditPostController extends Controller
|
|||
|
||||
// Access check
|
||||
$post = PostModel::getPost($post_id, 'id', $this->user);
|
||||
if (Access::author('post', $post, config('trust-levels.edit_time_post')) == false) {
|
||||
return false;
|
||||
|
||||
$blog = FacetModel::getFacetsUser($this->user['id'], 'blog');
|
||||
|
||||
if (Access::postAuthorAndTeam($post, $blog[0]['facet_user_id']) == false) {
|
||||
is_return(__('msg.access_denied'), 'error');
|
||||
}
|
||||
|
||||
$redirect = url('content.edit', ['type' => $post['post_type'], 'id' => $post_id]);
|
||||
|
|
|
@ -11,15 +11,6 @@ class Access
|
|||
{
|
||||
$type = Request::get('type');
|
||||
|
||||
if (UserData::checkAdmin()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (self::limitingMode() === false) {
|
||||
Msg::add(__('msg.silent_mode',), 'error');
|
||||
redirect('/');
|
||||
}
|
||||
|
||||
// TODO: Изменим поля в DB, чтобы использовать limitContent для messages и invitation:
|
||||
if (in_array($type, ['post', 'amswer', 'comment', 'item'])) {
|
||||
if (self::limitContent($type) === false) {
|
||||
|
@ -29,19 +20,6 @@ class Access
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Stop changing (adding) content if the user is frozen (silent mode)
|
||||
*
|
||||
* Остановим изменение (добавление) контента если пользователь заморожен (немой режим)
|
||||
*/
|
||||
public static function limitingMode(): bool
|
||||
{
|
||||
if (UserData::getLimitingMode() == 1) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* From what TL level is it possible to create content.
|
||||
*
|
||||
|
@ -138,14 +116,57 @@ class Access
|
|||
*
|
||||
* Доступ получает только автор.
|
||||
*/
|
||||
if ($info_type[$type_content . '_user_id'] != UserData::getUserId()) {
|
||||
return false;
|
||||
}
|
||||
if ($info_type[$type_content . '_user_id'] != UserData::getUserId()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Time limit.
|
||||
*
|
||||
* Лимит по времени.
|
||||
*/
|
||||
if (self::limiTime($info_type[$type_content . '_date'], $limit_time) === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
public static function postAuthorAndTeam(array $info_type, int $blog_user_id): bool
|
||||
{
|
||||
if (UserData::checkAdmin()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* If the author's Tl has been downgraded.
|
||||
*
|
||||
* Если Tl автора было изменено на понижение.
|
||||
*
|
||||
* In config: tl_add_post
|
||||
*/
|
||||
if (self::trustLevels(config('trust-levels.tl_add_post')) === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Allow the author or blog owner to edit the article.
|
||||
*
|
||||
* Разрешить редактировать статью автору или владельцу блога.
|
||||
*/
|
||||
if ($info_type['post_user_id'] != UserData::getUserId() && UserData::getUserId() != $blog_user_id) {
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Time limit.
|
||||
*
|
||||
* Лимит по времени.
|
||||
*/
|
||||
if (self::limiTime($info_type['post_date'], config('trust-levels.edit_time_post')) === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
|
@ -3,17 +3,23 @@
|
|||
namespace App\Middleware\Before;
|
||||
|
||||
use Hleb\Scheme\App\Middleware\MainMiddleware;
|
||||
use Access;
|
||||
use Access, UserData, Msg;
|
||||
|
||||
class Restrictions extends MainMiddleware
|
||||
{
|
||||
/**
|
||||
* Check for limits and general freezing of the participant (silent mode)
|
||||
*
|
||||
* Проверим на лимиты и общую заморозку участника (немой режим)
|
||||
*/
|
||||
function index()
|
||||
{
|
||||
if (UserData::checkAdmin()) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Check for silent mode
|
||||
// Проверим на немой режим
|
||||
if (UserData::getLimitingMode() == UserData::MUTE_MODE_USER) {
|
||||
Msg::add(__('msg.silent_mode',), 'error');
|
||||
redirect('/');
|
||||
}
|
||||
|
||||
Access::limitForMiddleware();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -302,6 +302,7 @@ class PostModel extends \Hleb\Scheme\App\Models\MainModel
|
|||
facet_slug,
|
||||
facet_img,
|
||||
facet_type,
|
||||
facet_user_id,
|
||||
facet_short_description,
|
||||
relation_facet_id,
|
||||
relation_post_id,
|
||||
|
|
|
@ -21,26 +21,26 @@ class MainConnector implements Connector
|
|||
"App\Middleware\After\*" => "app/Middleware/After/",
|
||||
"Modules\*" => "modules/",
|
||||
"App\Commands\*" => "app/Commands/",
|
||||
"App\Exception\*" => "app/Libraries/",
|
||||
"App\Exception\*" => "app/Core/",
|
||||
|
||||
// ... or, if a specific class is added,
|
||||
// "Phphleb\Debugpan\DPanel" => "vendor/phphleb/debugpan/DPanel.php",
|
||||
|
||||
"DB" => "app/Libraries/DB.php",
|
||||
"Configuration" => "app/Libraries/Configuration.php",
|
||||
"Translate" => "app/Libraries/Translate.php",
|
||||
"Access" => "app/Libraries/Access.php",
|
||||
"Msg" => "app/Libraries/Msg.php",
|
||||
"Img" => "app/Libraries/Img.php",
|
||||
"Curl" => "app/Libraries/Curl.php",
|
||||
"Content" => "app/Libraries/Content.php",
|
||||
"UploadImage" => "app/Libraries/UploadImage.php",
|
||||
"Html" => "app/Libraries/Html.php",
|
||||
"Meta" => "app/Libraries/Meta.php",
|
||||
"UserData" => "app/Libraries/UserData.php",
|
||||
"DB" => "app/Core/DB.php",
|
||||
"Configuration" => "app/Core/Configuration.php",
|
||||
"Translate" => "app/Core/Translate.php",
|
||||
"Access" => "app/Core/Access.php",
|
||||
"Msg" => "app/Core/Msg.php",
|
||||
"Img" => "app/Core/Img.php",
|
||||
"Curl" => "app/Core/Curl.php",
|
||||
"Content" => "app/Core/Content.php",
|
||||
"UploadImage" => "app/Core/UploadImage.php",
|
||||
"Html" => "app/Core/Html.php",
|
||||
"Meta" => "app/Core/Meta.php",
|
||||
"UserData" => "app/Core/UserData.php",
|
||||
|
||||
"URLScraper" => "app/Libraries/URLScraper.php",
|
||||
"SendEmail" => "app/Libraries/SendEmail.php",
|
||||
"URLScraper" => "app/Core/URLScraper.php",
|
||||
"SendEmail" => "app/Core/SendEmail.php",
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -39,12 +39,12 @@
|
|||
<?php endif; ?>
|
||||
|
||||
<?php if (UserData::checkActiveUser()) : ?>
|
||||
|
||||
<?php if (Access::author('post', $post, config('trust-levels.edit_time_post')) == true) : ?>
|
||||
<?php if (Access::postAuthorAndTeam($post, $data['blog'][0]['facet_user_id'] ?? 0) == true) : ?>
|
||||
<a class="gray-600 lowercase" href="<?= url('content.edit', ['type' => 'post', 'id' => $post['post_id']]); ?>">
|
||||
<?= __('app.edit'); ?>
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
|
||||
<?php if (UserData::getUserLogin() == $post['login']) : ?>
|
||||
<?php if ($post['my_post'] == $post['post_id']) : ?>
|
||||
<span class="add-profile" data-post="<?= $post['post_id']; ?>">
|
||||
|
|
Loading…
Reference in a new issue