Browse Source

Fix some group permission viewing/saving issues

master
Timothy Warren 2 years ago
parent
commit
ca959b0367
5 changed files with 57 additions and 74 deletions
  1. +2
    -2
      application/config/profiler.php
  2. +8
    -16
      application/controllers/task.php
  3. +0
    -31
      application/core/MY_Controller.php
  4. +41
    -19
      application/models/task_model.php
  5. +6
    -6
      application/views/task/edit.php

+ 2
- 2
application/config/profiler.php View File

@@ -5,9 +5,9 @@
* An open source application development framework for PHP 5.1.6 or newer
*
* NOTICE OF LICENSE
*
*
* Licensed under the Academic Free License version 3.0
*
*
* This source file is subject to the Academic Free License (AFL 3.0) that is
* bundled with this package in the files license_afl.txt / license_afl.rst.
* It is also available through the world wide web at this URL:

+ 8
- 16
application/controllers/task.php View File

@@ -175,9 +175,8 @@ class Task extends MY_Controller {
*
* @param int $task_id
*/
public function edit($task_id)
public function edit(int $task_id)
{
$task_id = (int) $task_id;
$data = $this->task_model->get_task_by_id($task_id);

$data['cat_list'] = $this->task_model->get_category_select($task_id);
@@ -190,13 +189,9 @@ class Task extends MY_Controller {

if ($this->input->post('edit_sub') == 'Update Task')
{
$val = $this->task_model->validate_task();

if($val === TRUE)
if($this->task_model->validate_task() === TRUE)
{
$done = $this->task_model->update_task();

if ($done === TRUE)
if ($this->task_model->update_task() === TRUE)
{
//Redirect to task list
$this->session->set_flashdata([
@@ -205,17 +200,15 @@ class Task extends MY_Controller {
]);

$this->todo->redirect_303(site_url('task/list'));
return;
}
else
{
$data['err'][] = "Database Error, Please try again later.";
}

$data['err'][] = "Database Error, Please try again later.";
}
else
{
$data['err'] = $val;
}

}

$this->page->set_title("Edit Task");
@@ -229,7 +222,7 @@ class Task extends MY_Controller {
*
* @param int $task_id
*/
public function view($task_id = NULL)
public function view(int $task_id = NULL)
{
if( ! is_numeric($task_id))
{
@@ -246,7 +239,6 @@ class Task extends MY_Controller {
$data['checklist'] = $this->task_model->get_checklist($task_id);
$data['task'] = $task_id;


$this->page->set_title("View Task");
$this->page->set_body_id("task_details");
$this->page->build('task/view', $data);
@@ -257,7 +249,7 @@ class Task extends MY_Controller {
/**
* Delete a task
*/
public function delete($task_id)
public function delete(int $task_id)
{
$this->task_model->delete_task((int) $task_id);
}

+ 0
- 31
application/core/MY_Controller.php View File

@@ -4,42 +4,11 @@
* Base controller extending CodeIgniter Controller
*/
class MY_Controller extends CI_Controller {

/**
* @var MY_Session
*/
public $session;

/**
* @var CI_DB_driver
*/
public $db;

/**
* @var CI_Input
*/
public $input;

/**
* @var CI_Uri
*/
public $uri;

/**
* @var MY_Form_validation
*/
public $form_validation;

/**
* @var Validation_Callbacks
*/
public $validation_callbacks;

/**
* @var CI_Output
*/
public $output;

/**
* @var Page
*/

+ 41
- 19
application/models/task_model.php View File

@@ -6,7 +6,7 @@
*/
class Task_model extends CI_Model {

private $title, $description, $category, $priority, $due,
protected $title, $description, $category, $priority, $due,
$status, $user_id, $task_id, $reminder, $reminder_time,
$groups, $group_perms, $friends, $friend_perms, $share_type;

@@ -14,6 +14,13 @@ class Task_model extends CI_Model {

// --------------------------------------------------------------------------

public function __construct()
{
// $this->output->enable_profiler(TRUE);
}

// --------------------------------------------------------------------------

/**
* Get day task list
*
@@ -473,7 +480,7 @@ class Task_model extends CI_Model {
$share_type = FALSE;

//If the task is shared
if($this->input->post('share') !== FALSE)
if($this->input->post('share') != FALSE)
{
$groups = $this->input->post('group', TRUE);
$group_perms = $this->input->post('group_perms', TRUE);
@@ -504,14 +511,17 @@ class Task_model extends CI_Model {
$this->user_id = $this->session->userdata('uid');
$this->task_id = ($this->input->post('task_id') != FALSE)
? $this->input->post('task_id')
: $this->db->count_all('item') + 1;
: NULL; //$this->db->count_all('item') + 1;

/* ?><pre><?= print_r([
'class' => $this,
'input' => $this->input->post()
], TRUE); ?><?php die(); */

return TRUE;
}
else //otherwise, return the errors
{
return $err;
}

return $err;
}

// --------------------------------------------------------------------------
@@ -666,16 +676,17 @@ class Task_model extends CI_Model {

if ( ! empty($friend_list))
{
$this->db->where_in('user_id', $friend_list)
->where('task_id', $task_id)
->or_where('user_id', (int) $this->session->userdata('uid'))
$user_ids = array_merge(
[(int) $this->session->userdata('uid')],
$friend_list
);
$this->db->where_in('user_id', $user_ids)
->where('task_id', $task_id)
->delete('user_task_link');
}

}


//Get groups
if($this->share_type == 'group')
{
@@ -705,7 +716,9 @@ class Task_model extends CI_Model {
}

if ($this->db->affected_rows() < 1)
{return false;}
{
return false;
}

//Set current user too
$this->db->set('user_id', $this->session->userdata('uid'))
@@ -1382,7 +1395,7 @@ class Task_model extends CI_Model {
* @param int $task_id
* @return array
*/
private function _get_task_perms($task_id)
private function _get_task_perms(int $task_id)
{
/**
* Get the task shared permissions
@@ -1394,7 +1407,7 @@ class Task_model extends CI_Model {
->join('group_users_link', 'group_users_link.user_id=user.id', 'inner')
->join('group_task_link', 'group_task_link.group_id=group_users_link.group_id', 'inner')
->join('item', 'item.id=group_task_link.task_id', 'inner')
->where('todo_item.id', (int) $task_id)
->where('todo_item.id', $task_id)
->where('todo_group_task_link.permissions !=', PERM_NO_ACCESS)
->where('todo_user.id', (int) $this->session->userdata('uid'))
->limit(1)
@@ -1405,7 +1418,7 @@ class Task_model extends CI_Model {
->from('item')
->join('user_task_link', 'user_task_link.task_id=item.id')
->where('todo_user_task_link.permissions !=', PERM_NO_ACCESS)
->where('todo_user_task_link.task_id', (int) $task_id)
->where('todo_user_task_link.task_id', $task_id)
->where('todo_user_task_link.user_id', (int) $this->session->userdata('uid'))
->limit(1)
->get();
@@ -1456,7 +1469,7 @@ class Task_model extends CI_Model {
->join('group_users_link', 'group_users_link.user_id=user.id', 'inner')
->join('group_task_link', 'group_task_link.group_id=group_users_link.group_id', 'inner')
->where('todo_group_users_link.user_id', (int) $this->session->userdata('uid'))
->where('todo_group_task_link.task_id', (int) $task_id)
->where('todo_group_task_link.task_id', $task_id)
->get();

//Check user permissions
@@ -1469,14 +1482,14 @@ class Task_model extends CI_Model {
//Check if task admin
$upA = $this->db->select('id')
->from('item')
->where('id', (int) $task_id)
->where('id', $task_id)
->where('user_id', (int) $this->session->userdata('uid'))
->get();

//Check for admin permissions
if($upA->num_rows() > 0)
{
$result_array['user_perms'] = 9;
$result_array['user_perms'] = PERM_ADMIN_ACCESS;
return $result_array;
}
else //User is not admin
@@ -1492,7 +1505,16 @@ class Task_model extends CI_Model {
if($upU->num_rows() > 0)
{
$up_row = $upU->row_array();
$result_array['user_perms'] = $up_row['permissions'];

// Only overwrite group permissions if there are higher
// user permissions than group permissions
if (
$result_array['user_perms'] == PERM_NO_ACCESS ||
$up_row['permissions'] > $result_array['user_perms']
)
{
$result_array['user_perms'] = $up_row['permissions'];
}
}

//Determine whether the current user can view and/or edit this task

+ 6
- 6
application/views/task/edit.php View File

@@ -117,12 +117,12 @@
<dt><label for="friend_perms">Permissions</label></dt>
<dd>
<select name="friend_perms" id="friend_perms">
<option value="-1" <?= ($friend_perms === PERM_NO_ACCESS) ? 'selected="selected"':''?>>No Access</option>
<option value="0" <?= ($friend_perms === PERM_READ_ACCESS) ? 'selected="selected"':''?>>Read-only Access</option>
<option value="1" <?= ($friend_perms === PERM_COMMENT_ACCESS) ? 'selected="selected"':''?>>Comment-only Access</option>
<option value="2" <?= ($friend_perms === PERM_CHECKLIST_ACCESS) ? 'selected="selected"':''?>>Comment and Checklist Access</option>
<option value="3" <?= ($friend_perms === PERM_WRITE_ACCESS) ? 'selected="selected"':''?>>Read and Write Access</option>
<option value="9" <?= ($friend_perms === PERM_ADMIN_ACCESS) ? 'selected="selected"':''?>>Task Admin (Read/Write/Delete)</option>
<option value="-1" <?= ($friend_perms === PERM_NO_ACCESS || !(is_numeric($friend_perms))) ? 'selected="selected"':''?>>No Access</option>
<option value="0" <?= ($friend_perms == PERM_READ_ACCESS) ? 'selected="selected"':''?>>Read-only Access</option>
<option value="1" <?= ($friend_perms == PERM_COMMENT_ACCESS) ? 'selected="selected"':''?>>Comment-only Access</option>
<option value="2" <?= ($friend_perms == PERM_CHECKLIST_ACCESS) ? 'selected="selected"':''?>>Comment and Checklist Access</option>
<option value="3" <?= ($friend_perms == PERM_WRITE_ACCESS) ? 'selected="selected"':''?>>Read and Write Access</option>
<option value="9" <?= ($friend_perms == PERM_ADMIN_ACCESS) ? 'selected="selected"':''?>>Task Admin (Read/Write/Delete)</option>
</select>
</dd>
</dl>

Loading…
Cancel
Save