Fix some group permission viewing/saving issues
This commit is contained in:
parent
5ef2caa70e
commit
ca959b0367
0
application/config/profiler.php
Executable file → Normal file
0
application/config/profiler.php
Executable file → Normal file
24
application/controllers/task.php
Executable file → Normal file
24
application/controllers/task.php
Executable file → Normal file
@ -175,9 +175,8 @@ class Task extends MY_Controller {
|
|||||||
*
|
*
|
||||||
* @param int $task_id
|
* @param int $task_id
|
||||||
*/
|
*/
|
||||||
public function edit($task_id)
|
public function edit(int $task_id)
|
||||||
{
|
{
|
||||||
$task_id = (int) $task_id;
|
|
||||||
$data = $this->task_model->get_task_by_id($task_id);
|
$data = $this->task_model->get_task_by_id($task_id);
|
||||||
|
|
||||||
$data['cat_list'] = $this->task_model->get_category_select($task_id);
|
$data['cat_list'] = $this->task_model->get_category_select($task_id);
|
||||||
@ -190,13 +189,9 @@ class Task extends MY_Controller {
|
|||||||
|
|
||||||
if ($this->input->post('edit_sub') == 'Update Task')
|
if ($this->input->post('edit_sub') == 'Update Task')
|
||||||
{
|
{
|
||||||
$val = $this->task_model->validate_task();
|
if($this->task_model->validate_task() === TRUE)
|
||||||
|
|
||||||
if($val === TRUE)
|
|
||||||
{
|
{
|
||||||
$done = $this->task_model->update_task();
|
if ($this->task_model->update_task() === TRUE)
|
||||||
|
|
||||||
if ($done === TRUE)
|
|
||||||
{
|
{
|
||||||
//Redirect to task list
|
//Redirect to task list
|
||||||
$this->session->set_flashdata([
|
$this->session->set_flashdata([
|
||||||
@ -205,17 +200,15 @@ class Task extends MY_Controller {
|
|||||||
]);
|
]);
|
||||||
|
|
||||||
$this->todo->redirect_303(site_url('task/list'));
|
$this->todo->redirect_303(site_url('task/list'));
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
else
|
|
||||||
{
|
$data['err'][] = "Database Error, Please try again later.";
|
||||||
$data['err'][] = "Database Error, Please try again later.";
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
$data['err'] = $val;
|
$data['err'] = $val;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->page->set_title("Edit Task");
|
$this->page->set_title("Edit Task");
|
||||||
@ -229,7 +222,7 @@ class Task extends MY_Controller {
|
|||||||
*
|
*
|
||||||
* @param int $task_id
|
* @param int $task_id
|
||||||
*/
|
*/
|
||||||
public function view($task_id = NULL)
|
public function view(int $task_id = NULL)
|
||||||
{
|
{
|
||||||
if( ! is_numeric($task_id))
|
if( ! is_numeric($task_id))
|
||||||
{
|
{
|
||||||
@ -246,7 +239,6 @@ class Task extends MY_Controller {
|
|||||||
$data['checklist'] = $this->task_model->get_checklist($task_id);
|
$data['checklist'] = $this->task_model->get_checklist($task_id);
|
||||||
$data['task'] = $task_id;
|
$data['task'] = $task_id;
|
||||||
|
|
||||||
|
|
||||||
$this->page->set_title("View Task");
|
$this->page->set_title("View Task");
|
||||||
$this->page->set_body_id("task_details");
|
$this->page->set_body_id("task_details");
|
||||||
$this->page->build('task/view', $data);
|
$this->page->build('task/view', $data);
|
||||||
@ -257,7 +249,7 @@ class Task extends MY_Controller {
|
|||||||
/**
|
/**
|
||||||
* Delete a task
|
* Delete a task
|
||||||
*/
|
*/
|
||||||
public function delete($task_id)
|
public function delete(int $task_id)
|
||||||
{
|
{
|
||||||
$this->task_model->delete_task((int) $task_id);
|
$this->task_model->delete_task((int) $task_id);
|
||||||
}
|
}
|
||||||
|
31
application/core/MY_Controller.php
Executable file → Normal file
31
application/core/MY_Controller.php
Executable file → Normal file
@ -4,42 +4,11 @@
|
|||||||
* Base controller extending CodeIgniter Controller
|
* Base controller extending CodeIgniter Controller
|
||||||
*/
|
*/
|
||||||
class MY_Controller extends CI_Controller {
|
class MY_Controller extends CI_Controller {
|
||||||
|
|
||||||
/**
|
|
||||||
* @var MY_Session
|
|
||||||
*/
|
|
||||||
public $session;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var CI_DB_driver
|
|
||||||
*/
|
|
||||||
public $db;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var CI_Input
|
|
||||||
*/
|
|
||||||
public $input;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var CI_Uri
|
|
||||||
*/
|
|
||||||
public $uri;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var MY_Form_validation
|
|
||||||
*/
|
|
||||||
public $form_validation;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var Validation_Callbacks
|
* @var Validation_Callbacks
|
||||||
*/
|
*/
|
||||||
public $validation_callbacks;
|
public $validation_callbacks;
|
||||||
|
|
||||||
/**
|
|
||||||
* @var CI_Output
|
|
||||||
*/
|
|
||||||
public $output;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var Page
|
* @var Page
|
||||||
*/
|
*/
|
||||||
|
@ -6,7 +6,7 @@
|
|||||||
*/
|
*/
|
||||||
class Task_model extends CI_Model {
|
class Task_model extends CI_Model {
|
||||||
|
|
||||||
private $title, $description, $category, $priority, $due,
|
protected $title, $description, $category, $priority, $due,
|
||||||
$status, $user_id, $task_id, $reminder, $reminder_time,
|
$status, $user_id, $task_id, $reminder, $reminder_time,
|
||||||
$groups, $group_perms, $friends, $friend_perms, $share_type;
|
$groups, $group_perms, $friends, $friend_perms, $share_type;
|
||||||
|
|
||||||
@ -14,6 +14,13 @@ class Task_model extends CI_Model {
|
|||||||
|
|
||||||
// --------------------------------------------------------------------------
|
// --------------------------------------------------------------------------
|
||||||
|
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
// $this->output->enable_profiler(TRUE);
|
||||||
|
}
|
||||||
|
|
||||||
|
// --------------------------------------------------------------------------
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get day task list
|
* Get day task list
|
||||||
*
|
*
|
||||||
@ -473,7 +480,7 @@ class Task_model extends CI_Model {
|
|||||||
$share_type = FALSE;
|
$share_type = FALSE;
|
||||||
|
|
||||||
//If the task is shared
|
//If the task is shared
|
||||||
if($this->input->post('share') !== FALSE)
|
if($this->input->post('share') != FALSE)
|
||||||
{
|
{
|
||||||
$groups = $this->input->post('group', TRUE);
|
$groups = $this->input->post('group', TRUE);
|
||||||
$group_perms = $this->input->post('group_perms', TRUE);
|
$group_perms = $this->input->post('group_perms', TRUE);
|
||||||
@ -504,14 +511,17 @@ class Task_model extends CI_Model {
|
|||||||
$this->user_id = $this->session->userdata('uid');
|
$this->user_id = $this->session->userdata('uid');
|
||||||
$this->task_id = ($this->input->post('task_id') != FALSE)
|
$this->task_id = ($this->input->post('task_id') != FALSE)
|
||||||
? $this->input->post('task_id')
|
? $this->input->post('task_id')
|
||||||
: $this->db->count_all('item') + 1;
|
: NULL; //$this->db->count_all('item') + 1;
|
||||||
|
|
||||||
|
/* ?><pre><?= print_r([
|
||||||
|
'class' => $this,
|
||||||
|
'input' => $this->input->post()
|
||||||
|
], TRUE); ?><?php die(); */
|
||||||
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
else //otherwise, return the errors
|
|
||||||
{
|
return $err;
|
||||||
return $err;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// --------------------------------------------------------------------------
|
// --------------------------------------------------------------------------
|
||||||
@ -666,16 +676,17 @@ class Task_model extends CI_Model {
|
|||||||
|
|
||||||
if ( ! empty($friend_list))
|
if ( ! empty($friend_list))
|
||||||
{
|
{
|
||||||
$this->db->where_in('user_id', $friend_list)
|
$user_ids = array_merge(
|
||||||
->where('task_id', $task_id)
|
[(int) $this->session->userdata('uid')],
|
||||||
->or_where('user_id', (int) $this->session->userdata('uid'))
|
$friend_list
|
||||||
|
);
|
||||||
|
$this->db->where_in('user_id', $user_ids)
|
||||||
->where('task_id', $task_id)
|
->where('task_id', $task_id)
|
||||||
->delete('user_task_link');
|
->delete('user_task_link');
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
//Get groups
|
//Get groups
|
||||||
if($this->share_type == 'group')
|
if($this->share_type == 'group')
|
||||||
{
|
{
|
||||||
@ -705,7 +716,9 @@ class Task_model extends CI_Model {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ($this->db->affected_rows() < 1)
|
if ($this->db->affected_rows() < 1)
|
||||||
{return false;}
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
//Set current user too
|
//Set current user too
|
||||||
$this->db->set('user_id', $this->session->userdata('uid'))
|
$this->db->set('user_id', $this->session->userdata('uid'))
|
||||||
@ -1382,7 +1395,7 @@ class Task_model extends CI_Model {
|
|||||||
* @param int $task_id
|
* @param int $task_id
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
private function _get_task_perms($task_id)
|
private function _get_task_perms(int $task_id)
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* Get the task shared permissions
|
* Get the task shared permissions
|
||||||
@ -1394,7 +1407,7 @@ class Task_model extends CI_Model {
|
|||||||
->join('group_users_link', 'group_users_link.user_id=user.id', 'inner')
|
->join('group_users_link', 'group_users_link.user_id=user.id', 'inner')
|
||||||
->join('group_task_link', 'group_task_link.group_id=group_users_link.group_id', 'inner')
|
->join('group_task_link', 'group_task_link.group_id=group_users_link.group_id', 'inner')
|
||||||
->join('item', 'item.id=group_task_link.task_id', 'inner')
|
->join('item', 'item.id=group_task_link.task_id', 'inner')
|
||||||
->where('todo_item.id', (int) $task_id)
|
->where('todo_item.id', $task_id)
|
||||||
->where('todo_group_task_link.permissions !=', PERM_NO_ACCESS)
|
->where('todo_group_task_link.permissions !=', PERM_NO_ACCESS)
|
||||||
->where('todo_user.id', (int) $this->session->userdata('uid'))
|
->where('todo_user.id', (int) $this->session->userdata('uid'))
|
||||||
->limit(1)
|
->limit(1)
|
||||||
@ -1405,7 +1418,7 @@ class Task_model extends CI_Model {
|
|||||||
->from('item')
|
->from('item')
|
||||||
->join('user_task_link', 'user_task_link.task_id=item.id')
|
->join('user_task_link', 'user_task_link.task_id=item.id')
|
||||||
->where('todo_user_task_link.permissions !=', PERM_NO_ACCESS)
|
->where('todo_user_task_link.permissions !=', PERM_NO_ACCESS)
|
||||||
->where('todo_user_task_link.task_id', (int) $task_id)
|
->where('todo_user_task_link.task_id', $task_id)
|
||||||
->where('todo_user_task_link.user_id', (int) $this->session->userdata('uid'))
|
->where('todo_user_task_link.user_id', (int) $this->session->userdata('uid'))
|
||||||
->limit(1)
|
->limit(1)
|
||||||
->get();
|
->get();
|
||||||
@ -1456,7 +1469,7 @@ class Task_model extends CI_Model {
|
|||||||
->join('group_users_link', 'group_users_link.user_id=user.id', 'inner')
|
->join('group_users_link', 'group_users_link.user_id=user.id', 'inner')
|
||||||
->join('group_task_link', 'group_task_link.group_id=group_users_link.group_id', 'inner')
|
->join('group_task_link', 'group_task_link.group_id=group_users_link.group_id', 'inner')
|
||||||
->where('todo_group_users_link.user_id', (int) $this->session->userdata('uid'))
|
->where('todo_group_users_link.user_id', (int) $this->session->userdata('uid'))
|
||||||
->where('todo_group_task_link.task_id', (int) $task_id)
|
->where('todo_group_task_link.task_id', $task_id)
|
||||||
->get();
|
->get();
|
||||||
|
|
||||||
//Check user permissions
|
//Check user permissions
|
||||||
@ -1469,14 +1482,14 @@ class Task_model extends CI_Model {
|
|||||||
//Check if task admin
|
//Check if task admin
|
||||||
$upA = $this->db->select('id')
|
$upA = $this->db->select('id')
|
||||||
->from('item')
|
->from('item')
|
||||||
->where('id', (int) $task_id)
|
->where('id', $task_id)
|
||||||
->where('user_id', (int) $this->session->userdata('uid'))
|
->where('user_id', (int) $this->session->userdata('uid'))
|
||||||
->get();
|
->get();
|
||||||
|
|
||||||
//Check for admin permissions
|
//Check for admin permissions
|
||||||
if($upA->num_rows() > 0)
|
if($upA->num_rows() > 0)
|
||||||
{
|
{
|
||||||
$result_array['user_perms'] = 9;
|
$result_array['user_perms'] = PERM_ADMIN_ACCESS;
|
||||||
return $result_array;
|
return $result_array;
|
||||||
}
|
}
|
||||||
else //User is not admin
|
else //User is not admin
|
||||||
@ -1492,7 +1505,16 @@ class Task_model extends CI_Model {
|
|||||||
if($upU->num_rows() > 0)
|
if($upU->num_rows() > 0)
|
||||||
{
|
{
|
||||||
$up_row = $upU->row_array();
|
$up_row = $upU->row_array();
|
||||||
$result_array['user_perms'] = $up_row['permissions'];
|
|
||||||
|
// Only overwrite group permissions if there are higher
|
||||||
|
// user permissions than group permissions
|
||||||
|
if (
|
||||||
|
$result_array['user_perms'] == PERM_NO_ACCESS ||
|
||||||
|
$up_row['permissions'] > $result_array['user_perms']
|
||||||
|
)
|
||||||
|
{
|
||||||
|
$result_array['user_perms'] = $up_row['permissions'];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//Determine whether the current user can view and/or edit this task
|
//Determine whether the current user can view and/or edit this task
|
||||||
|
12
application/views/task/edit.php
Executable file → Normal file
12
application/views/task/edit.php
Executable file → Normal file
@ -117,12 +117,12 @@
|
|||||||
<dt><label for="friend_perms">Permissions</label></dt>
|
<dt><label for="friend_perms">Permissions</label></dt>
|
||||||
<dd>
|
<dd>
|
||||||
<select name="friend_perms" id="friend_perms">
|
<select name="friend_perms" id="friend_perms">
|
||||||
<option value="-1" <?= ($friend_perms === PERM_NO_ACCESS) ? 'selected="selected"':''?>>No Access</option>
|
<option value="-1" <?= ($friend_perms === PERM_NO_ACCESS || !(is_numeric($friend_perms))) ? 'selected="selected"':''?>>No Access</option>
|
||||||
<option value="0" <?= ($friend_perms === PERM_READ_ACCESS) ? 'selected="selected"':''?>>Read-only Access</option>
|
<option value="0" <?= ($friend_perms == PERM_READ_ACCESS) ? 'selected="selected"':''?>>Read-only Access</option>
|
||||||
<option value="1" <?= ($friend_perms === PERM_COMMENT_ACCESS) ? 'selected="selected"':''?>>Comment-only Access</option>
|
<option value="1" <?= ($friend_perms == PERM_COMMENT_ACCESS) ? 'selected="selected"':''?>>Comment-only Access</option>
|
||||||
<option value="2" <?= ($friend_perms === PERM_CHECKLIST_ACCESS) ? 'selected="selected"':''?>>Comment and Checklist Access</option>
|
<option value="2" <?= ($friend_perms == PERM_CHECKLIST_ACCESS) ? 'selected="selected"':''?>>Comment and Checklist Access</option>
|
||||||
<option value="3" <?= ($friend_perms === PERM_WRITE_ACCESS) ? 'selected="selected"':''?>>Read and Write Access</option>
|
<option value="3" <?= ($friend_perms == PERM_WRITE_ACCESS) ? 'selected="selected"':''?>>Read and Write Access</option>
|
||||||
<option value="9" <?= ($friend_perms === PERM_ADMIN_ACCESS) ? 'selected="selected"':''?>>Task Admin (Read/Write/Delete)</option>
|
<option value="9" <?= ($friend_perms == PERM_ADMIN_ACCESS) ? 'selected="selected"':''?>>Task Admin (Read/Write/Delete)</option>
|
||||||
</select>
|
</select>
|
||||||
</dd>
|
</dd>
|
||||||
</dl>
|
</dl>
|
||||||
|
Loading…
Reference in New Issue
Block a user