From 732207c9a17483d1a660f9b7cec81f531a0838e5 Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Fri, 16 Apr 2010 17:20:53 +0000
Subject: ECML permissions frontend presents a whitelist instead of a black
 list.

git-svn-id: http://code.elgg.org/elgg/trunk@5779 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 mod/ecml/actions/save_permissions.php | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

(limited to 'mod/ecml/actions/save_permissions.php')

diff --git a/mod/ecml/actions/save_permissions.php b/mod/ecml/actions/save_permissions.php
index 490a8928b..3aecd9585 100644
--- a/mod/ecml/actions/save_permissions.php
+++ b/mod/ecml/actions/save_permissions.php
@@ -9,7 +9,28 @@
  * @link http://elgg.org/
  */
 
-$perms = get_input('perms', array());
+$whitelist = get_input('whitelist', array());
+$keywords = $CONFIG->ecml_keywords;
+$views = $CONFIG->ecml_parse_views;
+
+// the front end uses a white list but the backend uses a
+// blacklist for performance and extensibility.
+// gotta convert.
+$perms = array();
+
+foreach ($views as $view => $view_info) {
+	foreach ($keywords as $keyword => $keyword_info) {
+
+		// don't need to add perms for restricted keywords
+		// because those perms are checked separately
+		if (isset($keyword_info['restricted'])) {
+			continue;
+		}
+		if (!isset($whitelist[$view]) || !in_array($keyword, $whitelist[$view])) {
+			$perms[$view][] = $keyword;
+		}
+	}
+}
 
 if (set_plugin_setting('ecml_permissions', serialize($perms), 'ecml')) {
 	system_message(elgg_echo('ecml:admin:permissions_saved'));
-- 
cgit v1.2.3