From 732207c9a17483d1a660f9b7cec81f531a0838e5 Mon Sep 17 00:00:00 2001 From: brettp Date: Fri, 16 Apr 2010 17:20:53 +0000 Subject: ECML permissions frontend presents a whitelist instead of a black list. git-svn-id: http://code.elgg.org/elgg/trunk@5779 36083f99-b078-4883-b0ff-0f9b5a30f544 --- mod/ecml/actions/save_permissions.php | 23 +++++++++++++++++++- mod/ecml/languages/en.php | 1 + mod/ecml/views/default/ecml/admin/css.php | 3 +++ mod/ecml/views/default/ecml/admin/ecml_admin.php | 27 ++++++++++++++++-------- 4 files changed, 44 insertions(+), 10 deletions(-) diff --git a/mod/ecml/actions/save_permissions.php b/mod/ecml/actions/save_permissions.php index 490a8928b..3aecd9585 100644 --- a/mod/ecml/actions/save_permissions.php +++ b/mod/ecml/actions/save_permissions.php @@ -9,7 +9,28 @@ * @link http://elgg.org/ */ -$perms = get_input('perms', array()); +$whitelist = get_input('whitelist', array()); +$keywords = $CONFIG->ecml_keywords; +$views = $CONFIG->ecml_parse_views; + +// the front end uses a white list but the backend uses a +// blacklist for performance and extensibility. +// gotta convert. +$perms = array(); + +foreach ($views as $view => $view_info) { + foreach ($keywords as $keyword => $keyword_info) { + + // don't need to add perms for restricted keywords + // because those perms are checked separately + if (isset($keyword_info['restricted'])) { + continue; + } + if (!isset($whitelist[$view]) || !in_array($keyword, $whitelist[$view])) { + $perms[$view][] = $keyword; + } + } +} if (set_plugin_setting('ecml_permissions', serialize($perms), 'ecml')) { system_message(elgg_echo('ecml:admin:permissions_saved')); diff --git a/mod/ecml/languages/en.php b/mod/ecml/languages/en.php index 2b9b9118b..505dbcf63 100644 --- a/mod/ecml/languages/en.php +++ b/mod/ecml/languages/en.php @@ -71,6 +71,7 @@ grid below. 'ecml:admin:permissions_saved' => 'ECML permissions saved.', 'ecml:admin:cannot_save_permissions' => 'Cannot save ECML permissions!', + 'ecml:admin:restricted' => 'Restricted', ); diff --git a/mod/ecml/views/default/ecml/admin/css.php b/mod/ecml/views/default/ecml/admin/css.php index 960941a03..1431074f0 100644 --- a/mod/ecml/views/default/ecml/admin/css.php +++ b/mod/ecml/views/default/ecml/admin/css.php @@ -14,4 +14,7 @@ } .ecml_row_even { +} +.ecml_restricted { + color: #555; } \ No newline at end of file diff --git a/mod/ecml/views/default/ecml/admin/ecml_admin.php b/mod/ecml/views/default/ecml/admin/ecml_admin.php index 0bd7793c8..36ad11f93 100644 --- a/mod/ecml/views/default/ecml/admin/ecml_admin.php +++ b/mod/ecml/views/default/ecml/admin/ecml_admin.php @@ -35,21 +35,30 @@ $form_body .= ''; $odd = 'odd'; foreach ($keywords as $keyword => $keyword_info) { $keyword_desc = $keyword_info['description']; - $form_body .= " - - $keyword -"; + if (isset($keyword_info['restricted'])) { + $restricted = elgg_echo('ecml:admin:restricted'); + $form_body .= " + + $keyword ($restricted) + "; + } else { + $form_body .= " + + $keyword + "; + } foreach ($views as $view => $view_info) { // if this is restricted and we're not on the specified view don't allow changes // since we don't save this, no need to pass a name - if (isset($keyword_info['restricted']) && !in_array($view, $keyword_info['restricted'])) { - $form_body .= ""; + if (isset($keyword_info['restricted'])) { + $checked = (in_array($view, $keyword_info['restricted'])) ? 'checked="checked"' : ''; + $form_body .= ""; } else { - $checked = (in_array($keyword, $perms[$view])) ? 'checked="checked"' : ''; + $checked = (!in_array($keyword, $perms[$view])) ? 'checked="checked"' : ''; // ooook. input/checkboxes isn't overly useful. // do it ourself. - $form_body .= ""; + $form_body .= ""; } } $form_body .= ''; @@ -71,7 +80,7 @@ echo elgg_view('input/form', array( $(document).ready(function() { // append check all link - $('.ecml_check_all').before(''); + $('.ecml_check_all').before(''); $('input.check_all').click(function() { // yoinked from -- cgit v1.2.3