Fix some group permission viewing/saving issues
This commit is contained in:
parent
5ef2caa70e
commit
ca959b0367
0
application/config/profiler.php
Executable file → Normal file
0
application/config/profiler.php
Executable file → Normal file
22
application/controllers/task.php
Executable file → Normal file
22
application/controllers/task.php
Executable file → Normal file
@ -175,9 +175,8 @@ class Task extends MY_Controller {
|
||||
*
|
||||
* @param int $task_id
|
||||
*/
|
||||
public function edit($task_id)
|
||||
public function edit(int $task_id)
|
||||
{
|
||||
$task_id = (int) $task_id;
|
||||
$data = $this->task_model->get_task_by_id($task_id);
|
||||
|
||||
$data['cat_list'] = $this->task_model->get_category_select($task_id);
|
||||
@ -190,13 +189,9 @@ class Task extends MY_Controller {
|
||||
|
||||
if ($this->input->post('edit_sub') == 'Update Task')
|
||||
{
|
||||
$val = $this->task_model->validate_task();
|
||||
|
||||
if($val === TRUE)
|
||||
if($this->task_model->validate_task() === TRUE)
|
||||
{
|
||||
$done = $this->task_model->update_task();
|
||||
|
||||
if ($done === TRUE)
|
||||
if ($this->task_model->update_task() === TRUE)
|
||||
{
|
||||
//Redirect to task list
|
||||
$this->session->set_flashdata([
|
||||
@ -205,17 +200,15 @@ class Task extends MY_Controller {
|
||||
]);
|
||||
|
||||
$this->todo->redirect_303(site_url('task/list'));
|
||||
return;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
$data['err'][] = "Database Error, Please try again later.";
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$data['err'] = $val;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
$this->page->set_title("Edit Task");
|
||||
@ -229,7 +222,7 @@ class Task extends MY_Controller {
|
||||
*
|
||||
* @param int $task_id
|
||||
*/
|
||||
public function view($task_id = NULL)
|
||||
public function view(int $task_id = NULL)
|
||||
{
|
||||
if( ! is_numeric($task_id))
|
||||
{
|
||||
@ -246,7 +239,6 @@ class Task extends MY_Controller {
|
||||
$data['checklist'] = $this->task_model->get_checklist($task_id);
|
||||
$data['task'] = $task_id;
|
||||
|
||||
|
||||
$this->page->set_title("View Task");
|
||||
$this->page->set_body_id("task_details");
|
||||
$this->page->build('task/view', $data);
|
||||
@ -257,7 +249,7 @@ class Task extends MY_Controller {
|
||||
/**
|
||||
* Delete a task
|
||||
*/
|
||||
public function delete($task_id)
|
||||
public function delete(int $task_id)
|
||||
{
|
||||
$this->task_model->delete_task((int) $task_id);
|
||||
}
|
||||
|
31
application/core/MY_Controller.php
Executable file → Normal file
31
application/core/MY_Controller.php
Executable file → Normal file
@ -4,42 +4,11 @@
|
||||
* Base controller extending CodeIgniter Controller
|
||||
*/
|
||||
class MY_Controller extends CI_Controller {
|
||||
|
||||
/**
|
||||
* @var MY_Session
|
||||
*/
|
||||
public $session;
|
||||
|
||||
/**
|
||||
* @var CI_DB_driver
|
||||
*/
|
||||
public $db;
|
||||
|
||||
/**
|
||||
* @var CI_Input
|
||||
*/
|
||||
public $input;
|
||||
|
||||
/**
|
||||
* @var CI_Uri
|
||||
*/
|
||||
public $uri;
|
||||
|
||||
/**
|
||||
* @var MY_Form_validation
|
||||
*/
|
||||
public $form_validation;
|
||||
|
||||
/**
|
||||
* @var Validation_Callbacks
|
||||
*/
|
||||
public $validation_callbacks;
|
||||
|
||||
/**
|
||||
* @var CI_Output
|
||||
*/
|
||||
public $output;
|
||||
|
||||
/**
|
||||
* @var Page
|
||||
*/
|
||||
|
@ -6,7 +6,7 @@
|
||||
*/
|
||||
class Task_model extends CI_Model {
|
||||
|
||||
private $title, $description, $category, $priority, $due,
|
||||
protected $title, $description, $category, $priority, $due,
|
||||
$status, $user_id, $task_id, $reminder, $reminder_time,
|
||||
$groups, $group_perms, $friends, $friend_perms, $share_type;
|
||||
|
||||
@ -14,6 +14,13 @@ class Task_model extends CI_Model {
|
||||
|
||||
// --------------------------------------------------------------------------
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
// $this->output->enable_profiler(TRUE);
|
||||
}
|
||||
|
||||
// --------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Get day task list
|
||||
*
|
||||
@ -473,7 +480,7 @@ class Task_model extends CI_Model {
|
||||
$share_type = FALSE;
|
||||
|
||||
//If the task is shared
|
||||
if($this->input->post('share') !== FALSE)
|
||||
if($this->input->post('share') != FALSE)
|
||||
{
|
||||
$groups = $this->input->post('group', TRUE);
|
||||
$group_perms = $this->input->post('group_perms', TRUE);
|
||||
@ -504,15 +511,18 @@ class Task_model extends CI_Model {
|
||||
$this->user_id = $this->session->userdata('uid');
|
||||
$this->task_id = ($this->input->post('task_id') != FALSE)
|
||||
? $this->input->post('task_id')
|
||||
: $this->db->count_all('item') + 1;
|
||||
: NULL; //$this->db->count_all('item') + 1;
|
||||
|
||||
/* ?><pre><?= print_r([
|
||||
'class' => $this,
|
||||
'input' => $this->input->post()
|
||||
], TRUE); ?><?php die(); */
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
else //otherwise, return the errors
|
||||
{
|
||||
|
||||
return $err;
|
||||
}
|
||||
}
|
||||
|
||||
// --------------------------------------------------------------------------
|
||||
|
||||
@ -666,16 +676,17 @@ class Task_model extends CI_Model {
|
||||
|
||||
if ( ! empty($friend_list))
|
||||
{
|
||||
$this->db->where_in('user_id', $friend_list)
|
||||
->where('task_id', $task_id)
|
||||
->or_where('user_id', (int) $this->session->userdata('uid'))
|
||||
$user_ids = array_merge(
|
||||
[(int) $this->session->userdata('uid')],
|
||||
$friend_list
|
||||
);
|
||||
$this->db->where_in('user_id', $user_ids)
|
||||
->where('task_id', $task_id)
|
||||
->delete('user_task_link');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
//Get groups
|
||||
if($this->share_type == 'group')
|
||||
{
|
||||
@ -705,7 +716,9 @@ class Task_model extends CI_Model {
|
||||
}
|
||||
|
||||
if ($this->db->affected_rows() < 1)
|
||||
{return false;}
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
//Set current user too
|
||||
$this->db->set('user_id', $this->session->userdata('uid'))
|
||||
@ -1382,7 +1395,7 @@ class Task_model extends CI_Model {
|
||||
* @param int $task_id
|
||||
* @return array
|
||||
*/
|
||||
private function _get_task_perms($task_id)
|
||||
private function _get_task_perms(int $task_id)
|
||||
{
|
||||
/**
|
||||
* Get the task shared permissions
|
||||
@ -1394,7 +1407,7 @@ class Task_model extends CI_Model {
|
||||
->join('group_users_link', 'group_users_link.user_id=user.id', 'inner')
|
||||
->join('group_task_link', 'group_task_link.group_id=group_users_link.group_id', 'inner')
|
||||
->join('item', 'item.id=group_task_link.task_id', 'inner')
|
||||
->where('todo_item.id', (int) $task_id)
|
||||
->where('todo_item.id', $task_id)
|
||||
->where('todo_group_task_link.permissions !=', PERM_NO_ACCESS)
|
||||
->where('todo_user.id', (int) $this->session->userdata('uid'))
|
||||
->limit(1)
|
||||
@ -1405,7 +1418,7 @@ class Task_model extends CI_Model {
|
||||
->from('item')
|
||||
->join('user_task_link', 'user_task_link.task_id=item.id')
|
||||
->where('todo_user_task_link.permissions !=', PERM_NO_ACCESS)
|
||||
->where('todo_user_task_link.task_id', (int) $task_id)
|
||||
->where('todo_user_task_link.task_id', $task_id)
|
||||
->where('todo_user_task_link.user_id', (int) $this->session->userdata('uid'))
|
||||
->limit(1)
|
||||
->get();
|
||||
@ -1456,7 +1469,7 @@ class Task_model extends CI_Model {
|
||||
->join('group_users_link', 'group_users_link.user_id=user.id', 'inner')
|
||||
->join('group_task_link', 'group_task_link.group_id=group_users_link.group_id', 'inner')
|
||||
->where('todo_group_users_link.user_id', (int) $this->session->userdata('uid'))
|
||||
->where('todo_group_task_link.task_id', (int) $task_id)
|
||||
->where('todo_group_task_link.task_id', $task_id)
|
||||
->get();
|
||||
|
||||
//Check user permissions
|
||||
@ -1469,14 +1482,14 @@ class Task_model extends CI_Model {
|
||||
//Check if task admin
|
||||
$upA = $this->db->select('id')
|
||||
->from('item')
|
||||
->where('id', (int) $task_id)
|
||||
->where('id', $task_id)
|
||||
->where('user_id', (int) $this->session->userdata('uid'))
|
||||
->get();
|
||||
|
||||
//Check for admin permissions
|
||||
if($upA->num_rows() > 0)
|
||||
{
|
||||
$result_array['user_perms'] = 9;
|
||||
$result_array['user_perms'] = PERM_ADMIN_ACCESS;
|
||||
return $result_array;
|
||||
}
|
||||
else //User is not admin
|
||||
@ -1492,8 +1505,17 @@ class Task_model extends CI_Model {
|
||||
if($upU->num_rows() > 0)
|
||||
{
|
||||
$up_row = $upU->row_array();
|
||||
|
||||
// Only overwrite group permissions if there are higher
|
||||
// user permissions than group permissions
|
||||
if (
|
||||
$result_array['user_perms'] == PERM_NO_ACCESS ||
|
||||
$up_row['permissions'] > $result_array['user_perms']
|
||||
)
|
||||
{
|
||||
$result_array['user_perms'] = $up_row['permissions'];
|
||||
}
|
||||
}
|
||||
|
||||
//Determine whether the current user can view and/or edit this task
|
||||
if($result_array['user_perms'] == PERM_NO_ACCESS)
|
||||
|
12
application/views/task/edit.php
Executable file → Normal file
12
application/views/task/edit.php
Executable file → Normal file
@ -117,12 +117,12 @@
|
||||
<dt><label for="friend_perms">Permissions</label></dt>
|
||||
<dd>
|
||||
<select name="friend_perms" id="friend_perms">
|
||||
<option value="-1" <?= ($friend_perms === PERM_NO_ACCESS) ? 'selected="selected"':''?>>No Access</option>
|
||||
<option value="0" <?= ($friend_perms === PERM_READ_ACCESS) ? 'selected="selected"':''?>>Read-only Access</option>
|
||||
<option value="1" <?= ($friend_perms === PERM_COMMENT_ACCESS) ? 'selected="selected"':''?>>Comment-only Access</option>
|
||||
<option value="2" <?= ($friend_perms === PERM_CHECKLIST_ACCESS) ? 'selected="selected"':''?>>Comment and Checklist Access</option>
|
||||
<option value="3" <?= ($friend_perms === PERM_WRITE_ACCESS) ? 'selected="selected"':''?>>Read and Write Access</option>
|
||||
<option value="9" <?= ($friend_perms === PERM_ADMIN_ACCESS) ? 'selected="selected"':''?>>Task Admin (Read/Write/Delete)</option>
|
||||
<option value="-1" <?= ($friend_perms === PERM_NO_ACCESS || !(is_numeric($friend_perms))) ? 'selected="selected"':''?>>No Access</option>
|
||||
<option value="0" <?= ($friend_perms == PERM_READ_ACCESS) ? 'selected="selected"':''?>>Read-only Access</option>
|
||||
<option value="1" <?= ($friend_perms == PERM_COMMENT_ACCESS) ? 'selected="selected"':''?>>Comment-only Access</option>
|
||||
<option value="2" <?= ($friend_perms == PERM_CHECKLIST_ACCESS) ? 'selected="selected"':''?>>Comment and Checklist Access</option>
|
||||
<option value="3" <?= ($friend_perms == PERM_WRITE_ACCESS) ? 'selected="selected"':''?>>Read and Write Access</option>
|
||||
<option value="9" <?= ($friend_perms == PERM_ADMIN_ACCESS) ? 'selected="selected"':''?>>Task Admin (Read/Write/Delete)</option>
|
||||
</select>
|
||||
</dd>
|
||||
</dl>
|
||||
|
Loading…
Reference in New Issue
Block a user