Commit eeb615aa authored by Richard Mansfield's avatar Richard Mansfield Committed by Richard Mansfield
Browse files

Filebrowser: move group folder permission checks into separate function



Change-Id: I51b8c9017835c732565da1fd2b1f26c9acfda2aa
Signed-off-by: default avatarRichard Mansfield <richard.mansfield@catalyst.net.nz>
Reviewed-on: https://reviews.mahara.org/12

Reviewed-by: default avatarFrancois Marier <francois@catalyst.net.nz>
Tested-by: default avatarRichard Mansfield <richardm@mahara.org>
parent 3ed6f339
......@@ -666,21 +666,9 @@ function pieform_element_filebrowser_upload(Pieform $form, $element, $data) {
}
$data->institution = $institution;
} else if ($group) {
require_once(get_config('libroot') . 'group.php');
if (!$parentfolder) {
$role = group_user_access($group);
if (!$role) {
$result['error'] = true;
$result['message'] = get_string('usernotingroup', 'mahara');
return $result;
}
// Use default grouptype artefact permissions to check if the
// user can upload a file to the group's root directory
$permissions = group_get_default_artefact_permissions($group);
if (!$permissions[$role]->edit) {
$result['error'] = true;
$result['message'] = get_string('cannoteditfolder', 'artefact.file');
return $result;
if (!pieform_element_filebrowser_edit_group_folder($group, 0)) {
return array('error' => true, 'message' => get_string('cannoteditfolder', 'artefact.file'));
}
}
$data->group = $group;
......@@ -798,16 +786,8 @@ function pieform_element_filebrowser_createfolder(Pieform $form, $element, $data
if ($institution) {
$data->institution = $institution;
} else if ($group) {
require_once(get_config('libroot') . 'group.php');
if (!$parentfolder) {
$role = group_user_access($group);
if (!$role) {
return array('error' => true, 'message' => get_string('usernotingroup', 'mahara'));
}
// Use default grouptype artefact permissions to check if the
// user can create a folder in the group's root directory
$permissions = group_get_default_artefact_permissions($group);
if (!$permissions[$role]->edit) {
if (!pieform_element_filebrowser_edit_group_folder($group, 0)) {
return array('error' => true, 'message' => get_string('cannoteditfolder', 'artefact.file'));
}
}
......@@ -1008,11 +988,7 @@ function pieform_element_filebrowser_move(Pieform $form, $element, $data) {
}
$group = $artefact->get('group');
if ($group) {
// Use default grouptype artefact permissions to check if the
// user can move a file to the group's root directory
require_once(get_config('libroot') . 'group.php');
$permissions = group_get_default_artefact_permissions($group);
if (!$permissions[group_user_access($group)]->edit) {
if (!pieform_element_filebrowser_edit_group_folder($group, 0)) {
return array('error' => true, 'message' => get_string('movefailednotowner', 'artefact.file'));
}
}
......@@ -1037,6 +1013,24 @@ function pieform_element_filebrowser_move(Pieform $form, $element, $data) {
}
function pieform_element_filebrowser_edit_group_folder($group, $folder) {
global $USER;
if ($folder) {
if (!$folder instanceof ArtefactTypeFolder) {
$folder = new ArtefactTypeFolder($folder);
}
return $USER->can_edit_artefact($folder);
}
require_once(get_config('libroot') . 'group.php');
// Group root directory: use default grouptype artefact permissions
if (!$role = group_user_access($group)) {
return false;
}
$permissions = group_get_default_artefact_permissions($group);
return $permissions[$role]->edit;
}
function pieform_element_filebrowser_changeowner(Pieform $form, $element) {
$newtabdata = pieform_element_filebrowser_configure_tabs($element['tabs']);
$smarty = smarty_core();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment