Commit 14907d60 authored by Darrin Hodges and Nathan Mares and Jiri Baum's avatar Darrin Hodges and Nathan Mares and Jiri Baum Committed by Hugh Davenport
Browse files

Date limits for groups (bug #1017354) - obey limits



Add date limits (from-until) to groups; members will only be able to make
changes in the group during the specified time period.

This commit restricts user access to within the date limits.

Change-Id: I4574ad724d87fbaeb72063d952741114f8ea8d85
Signed-off-by: default avatarJiri Baum <jiri@catalyst-au.net>
parent 5eef6992
......@@ -750,6 +750,9 @@ function pieform_element_filebrowser_upload(Pieform $form, $element, $data) {
}
$data->institution = $institution;
} else if ($group) {
if (!group_within_edit_window($group)) {
return array('error' => true, 'message' => get_string('cannoteditfolder', 'artefact.file'));
}
if (!$parentfolder) {
if (!pieform_element_filebrowser_edit_group_folder($group, 0)) {
return array('error' => true, 'message' => get_string('cannoteditfolder', 'artefact.file'));
......@@ -942,6 +945,9 @@ function pieform_element_filebrowser_createfolder(Pieform $form, $element, $data
if ($institution) {
$data->institution = $institution;
} else if ($group) {
if (!group_within_edit_window($group)) {
return array('error' => true, 'message' => get_string('cannoteditfolder', 'artefact.file'));
}
if (!$parentfolder) {
if (!pieform_element_filebrowser_edit_group_folder($group, 0)) {
return array('error' => true, 'message' => get_string('cannoteditfolder', 'artefact.file'));
......
......@@ -38,7 +38,7 @@ safe_require('artefact', 'file');
define('GROUP', param_integer('group'));
$group = group_current_group();
if (!$role = group_user_access($group->id)) {
if (!$role = group_user_access($group->id) || !group_within_edit_window($group)) {
throw new AccessDeniedException();
}
define('TITLE', $group->name . ' - ' . get_string('groupfiles', 'artefact.file'));
......
......@@ -523,6 +523,16 @@ abstract class ArtefactTypeFileBase extends ArtefactType {
$highlight = array($file); // todo convert to file1=1&file2=2 etc
}
// Check whether the user may upload files; either the group needs to
// be within its edit window (if one is set) or the user needs to be
// the group admin.
if (!empty($group)) {
$editfilesfolders = group_within_edit_window($group);
}
else {
$editfilesfolders = true;
}
$form = array(
'name' => 'files',
'jsform' => true,
......@@ -543,12 +553,12 @@ abstract class ArtefactTypeFileBase extends ArtefactType {
'edit' => $edit,
'page' => $page,
'config' => array(
'upload' => true,
'upload' => $editfilesfolders,
'uploadagreement' => get_config_plugin('artefact', 'file', 'uploadagreement'),
'resizeonuploaduseroption' => get_config_plugin('artefact', 'file', 'resizeonuploaduseroption'),
'resizeonuploaduserdefault' => $resizeonuploaduserdefault,
'createfolder' => true,
'edit' => true,
'createfolder' => $editfilesfolders,
'edit' => $editfilesfolders,
'select' => false,
),
),
......
......@@ -950,6 +950,9 @@ class User {
if ($role == 'admin') {
return true;
}
if (!group_within_edit_window($group)) {
return false;
}
if ($this->id == $a->get('author')) {
return true;
}
......
......@@ -66,7 +66,7 @@ if (!$post) {
$membership = user_can_access_forum((int)$post->forum);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
if (!$moderator) {
if (!$moderator || ($post->group && !group_within_edit_window($post->group))) {
throw new AccessDeniedException(get_string('cantdeletepost', 'interaction.forum'));
}
......
......@@ -72,7 +72,7 @@ $moderator = (bool)($membership & INTERACTION_FORUM_MOD);
$topic->ctime = relative_date(get_string('strftimerecentfullrelative', 'interaction.forum'), get_string('strftimerecentfull'), $topic->ctime);
if (!$moderator) {
if (!$moderator || ($topic->group && !group_within_edit_window($topic->group))) {
throw new AccessDeniedException(get_string('cantdeletetopic', 'interaction.forum'));
}
......
......@@ -90,6 +90,9 @@ $membership = user_can_access_forum((int)$parent->forum);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
if (!isset($postid)) { // post reply
if (!group_within_edit_window($parent->group)) {
throw new AccessDeniedException(get_string('cantaddposttoforum', 'interaction.forum'));
}
if (!$membership) {
throw new AccessDeniedException(get_string('cantaddposttoforum', 'interaction.forum'));
}
......@@ -100,6 +103,9 @@ if (!isset($postid)) { // post reply
define('TITLE', $parent->topicsubject . ' - ' . $action);
}
else { // edit post
if (!group_within_edit_window($parent->group)) {
throw new AccessDeniedException(get_string('canteditpost', 'interaction.forum'));
}
// no record for edits to own posts with 30 minutes
if (user_can_edit_post($post->poster, $post->ctime)) {
$post->editrecord = false;
......
......@@ -86,6 +86,10 @@ if (!$membership || ($forumconfig['createtopicusers']->value == 'moderators' &&
throw new AccessDeniedException(get_string('cantaddtopic', 'interaction.forum'));
}
if (!group_within_edit_window($forum->groupid)) {
throw new AccessDeniedException(get_string('cantaddtopic', 'interaction.forum'));
}
if (!isset($topicid)) { // new topic
define('TITLE', $forum->title . ' - ' . get_string('addtopic','interaction.forum'));
}
......
......@@ -8,9 +8,9 @@
{include file="interaction:forum:simplepost.tpl" post=$post groupadmins=$groupadmins nosubject=true}
{/if}
<div class="postbtns">
{if $moderator || ($membership && !$closed)}<span class="btn"><a href="{$WWWROOT}interaction/forum/editpost.php?parent={$post->id}" class="icon btn-reply">{str tag="Reply" section=interaction.forum}</a></span>{/if}
{if ($moderator || ($membership && !$closed)) && $ineditwindow}<span class="btn"><a href="{$WWWROOT}interaction/forum/editpost.php?parent={$post->id}" class="icon btn-reply">{str tag="Reply" section=interaction.forum}</a></span>{/if}
{if $post->canedit}<span class="btn"><a href="{$WWWROOT}interaction/forum/editpost.php?id={$post->id}" class="icon btn-edit"> {str tag="edit"}</a></span>{/if}
{if $moderator && $post->parent} <span class="btn"><a href="{$WWWROOT}interaction/forum/deletepost.php?id={$post->id}" class="icon btn-del"> {str tag="delete"}</a></span>{/if}
</div>
</div>
{/if}
\ No newline at end of file
{/if}
......@@ -11,7 +11,7 @@
<div id="forumdescription">{$forum->description|clean_html|safe}</div>
<div id="viewforum" class="rel">
<h3>{str tag=Topics section="interaction.forum"}</h3>
{if $membership && ($moderator || $forum->newtopicusers != 'moderators') }
{if $membership && ($moderator || ($forum->newtopicusers != 'moderators') && $ineditwindow) }
<div class="rbuttons">
<a href="{$WWWROOT}interaction/forum/edittopic.php?forum={$forum->id}" class="btn newforumtopic">{str tag="newtopic" section="interaction.forum"}</a>
</div>
......
......@@ -59,11 +59,13 @@ if (!$topic) {
define('GROUP', $topic->groupid);
$publicgroup = get_field('group', 'public', 'id', $topic->groupid);
$group = get_record('group', 'id', $topic->groupid);
$publicgroup = $group->public;
$ineditwindow = group_within_edit_window($group);
$feedlink = get_config('wwwroot') . 'interaction/forum/atom.php?type=t&id=' . $topic->id;
$membership = user_can_access_forum((int)$topic->forumid);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
$moderator = $ineditwindow && (bool)($membership & INTERACTION_FORUM_MOD);
$forumconfig = get_records_assoc('interaction_forum_instance_config', 'forum', $topic->forumid, '', 'field,value');
$indentmode = isset($forumconfig['indentmode']) ? $forumconfig['indentmode']->value : 'full_indent';
......@@ -73,7 +75,7 @@ if (!$membership
&& !get_field('group', 'public', 'id', $topic->groupid)) {
throw new GroupAccessDeniedException(get_string('cantviewtopic', 'interaction.forum'));
}
$topic->canedit = $moderator || user_can_edit_post($topic->poster, $topic->ctime);
$topic->canedit = ($moderator || user_can_edit_post($topic->poster, $topic->ctime)) && $ineditwindow;
define('TITLE', $topic->forumtitle . ' - ' . $topic->subject);
......@@ -134,7 +136,7 @@ foreach ($posts as $post) {
// Get the number of posts
$post->postcount = get_postcount($post->poster);
$post->canedit = $post->parent && ($moderator || user_can_edit_post($post->poster, $post->ctime));
$post->canedit = $post->parent && ($moderator || user_can_edit_post($post->poster, $post->ctime)) && $ineditwindow;
$post->ctime = relative_date(get_string('strftimerecentfullrelative', 'interaction.forum'), get_string('strftimerecentfull'), $post->ctime);
// Get post edit records
$post->edit = get_postedits($post->id);
......@@ -223,7 +225,7 @@ function buildpostlist($posts, $mode, $max_depth) {
*/
function renderpost($post, $indent) {
global $moderator, $topic, $groupadmins, $membership;
global $moderator, $topic, $groupadmins, $membership, $ineditwindow;
$smarty = smarty_core();
$smarty->assign('post', $post);
......@@ -232,6 +234,7 @@ function renderpost($post, $indent) {
$smarty->assign('moderator', $moderator);
$smarty->assign('membership', $membership);
$smarty->assign('closed', $topic->closed);
$smarty->assign('ineditwindow', $ineditwindow);
return $smarty->fetch('interaction:forum:post.tpl');
}
......
......@@ -68,11 +68,17 @@ if (!$forum) {
$membership = user_can_access_forum((int)$forumid);
$admin = (bool)($membership & INTERACTION_FORUM_ADMIN);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
$publicgroup = get_field('group', 'public', 'id', $forum->groupid);
$group = get_record('group', 'id', $forum->groupid);
$publicgroup = $group->public;
if (!$membership && !$publicgroup) {
throw new GroupAccessDeniedException(get_string('cantviewforums', 'interaction.forum'));
}
$ineditwindow = group_within_edit_window($group);
if (!$ineditwindow) {
$moderator = false;
}
define('TITLE', $forum->groupname . ' - ' . $forum->title);
$feedlink = get_config('wwwroot') . 'interaction/forum/atom.php?type=f&id=' . $forum->id;
......@@ -257,6 +263,7 @@ $smarty->assign('heading', $forum->groupname);
$smarty->assign('subheading', $forum->title);
$smarty->assign('forum', $forum);
$smarty->assign('publicgroup', $publicgroup);
$smarty->assign('ineditwindow', $ineditwindow);
$smarty->assign('feedlink', $feedlink);
$smarty->assign('membership', $membership);
$smarty->assign('moderator', $moderator);
......
......@@ -176,12 +176,39 @@ function group_role_can_edit_views($group, $role) {
}
if ($role == 'member') {
return $editroles == 'all';
return ($editroles == 'all' && group_within_edit_window($group));
}
return $editroles != 'admin';
}
/**
* Determine if the current date/time is within the editable window of the
* group if one is set. By default, a group admin is considered to be within
* the window.
* @param object $group the group to check
* @param bool $admin_always whether the admin should be OK regardless of time
*/
function group_within_edit_window($group, $admin_always=true) {
if (is_numeric($group)) {
$group = get_record('group', 'id', $group);
}
if ($admin_always && group_user_access($group->id) == 'admin') {
return true;
}
$start = !empty($group->editwindowstart) ? strtotime($group->editwindowstart) : null;
$end = !empty($group->editwindowend) ? strtotime($group->editwindowend) : null;
$now = time();
return (empty($start) && empty($end)) ||
(!empty($start) && $now > $start && empty($end)) ||
(empty($start) && $now < $end && !empty($end)) ||
($start < $now && $now < $end);
}
function group_role_can_moderate_views($group, $role) {
static $moderatingroles = array();
......
......@@ -67,6 +67,10 @@ View::set_nav($group, $institution, true);
if (!$USER->can_edit_view($view)) {
throw new AccessDeniedException();
}
if ($group && !group_within_edit_window($group)) {
throw new AccessDeniedException();
}
$form = array(
'name' => 'editaccess',
......
......@@ -73,6 +73,10 @@ if ($view->is_submitted()) {
$group = $view->get('group');
$institution = $view->get('institution');
if ($group && !group_within_edit_window($group)) {
throw new AccessDeniedException();
}
// If a block was configured & submitted, build the form now so it can
// be processed without having to render the other blocks.
if ($blockid = param_integer('blockconfig', 0)) {
......
......@@ -43,7 +43,7 @@ if ($usetemplate = param_integer('usetemplate', null)) {
pieform(create_view_form($groupid, $institution, $usetemplate, param_integer('copycollection', null)));
}
if ($groupid && !group_user_can_edit_views($groupid) || $institution && !$USER->can_edit_institution($institution)) {
if ($groupid && (!group_user_can_edit_views($groupid) || !group_within_edit_window($groupid)) || $institution && !$USER->can_edit_institution($institution)) {
throw new AccessDeniedException();
}
......
......@@ -37,6 +37,10 @@ if (!$view || !$USER->can_edit_view($view)) {
throw new AccessDeniedException(get_string('cantdeleteview', 'view'));
}
$groupid = $view->get('group');
if (!group_within_edit_window($group)) {
throw new AccessDeniedException(get_string('cantdeleteview', 'view'));
}
$institution = $view->get('institution');
View::set_nav($groupid, $institution);
......
......@@ -58,6 +58,10 @@ $institution = $view->get('institution');
$view->set_edit_nav();
$view->set_user_theme();
if ($group && !group_within_edit_window($group)) {
throw new AccessDeniedException();
}
$new = param_boolean('new', 0);
if ($new) {
......
......@@ -46,7 +46,7 @@ $group = get_record_sql(
array($USER->get('id'), $groupid)
);
if (!$group) {
if (!$group || !group_within_edit_window($group)) {
throw new AccessDeniedException(get_string('cantsubmittogroup', 'view'));
}
......
......@@ -49,6 +49,9 @@ View::set_nav($group, $institution, true);
if (!$USER->can_edit_view($view)) {
throw new AccessDeniedException();
}
if ($group && !group_within_edit_window($group)) {
throw new AccessDeniedException();
}
$newform = array(
'name' => 'newurl',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment