From 8e79f008c7b11276b35c0c1de86378ce49be2181 Mon Sep 17 00:00:00 2001 From: JT Smith Date: Sat, 29 May 2004 05:27:19 +0000 Subject: [PATCH] changed the privileges API --- docs/changelog/6.x.x.txt | 1 + docs/migration.txt | 8 + lib/WebGUI.pm | 5 +- lib/WebGUI/Forum.pm | 8 +- lib/WebGUI/Grouping.pm | 151 +++++++++++- lib/WebGUI/HTMLForm.pm | 8 +- lib/WebGUI/Macro/AdminBar.pm | 16 +- lib/WebGUI/Macro/AdminToggle.pm | 3 +- lib/WebGUI/Macro/CanEditText.pm | 4 +- lib/WebGUI/Macro/EditableToggle.pm | 5 +- lib/WebGUI/Macro/GroupAdd.pm | 4 +- lib/WebGUI/Macro/GroupDelete.pm | 4 +- lib/WebGUI/Macro/GroupText.pm | 4 +- lib/WebGUI/Navigation.pm | 17 +- lib/WebGUI/Operation/Admin.pm | 6 +- lib/WebGUI/Operation/Clipboard.pm | 22 +- lib/WebGUI/Operation/Collateral.pm | 39 +-- lib/WebGUI/Operation/DatabaseLink.pm | 13 +- lib/WebGUI/Operation/Group.pm | 30 +-- lib/WebGUI/Operation/Help.pm | 13 +- lib/WebGUI/Operation/International.pm | 20 +- lib/WebGUI/Operation/MessageLog.pm | 5 +- lib/WebGUI/Operation/Navigation.pm | 21 +- lib/WebGUI/Operation/Package.pm | 2 +- lib/WebGUI/Operation/Page.pm | 52 ++-- lib/WebGUI/Operation/Profile.pm | 3 +- lib/WebGUI/Operation/ProfileSettings.pm | 27 ++- lib/WebGUI/Operation/Replacements.pm | 10 +- lib/WebGUI/Operation/Root.pm | 3 +- lib/WebGUI/Operation/Settings.pm | 15 +- lib/WebGUI/Operation/Shared.pm | 5 +- lib/WebGUI/Operation/Statistics.pm | 13 +- lib/WebGUI/Operation/Style.pm | 4 +- lib/WebGUI/Operation/Template.pm | 13 +- lib/WebGUI/Operation/Theme.pm | 29 +-- lib/WebGUI/Operation/Trash.pm | 27 ++- lib/WebGUI/Operation/User.pm | 40 ++-- lib/WebGUI/Page.pm | 79 +++++- lib/WebGUI/Privilege.pm | 304 ------------------------ lib/WebGUI/Wobject.pm | 232 +++++++++++------- lib/WebGUI/Wobject/DataForm.pm | 36 +-- lib/WebGUI/Wobject/EventsCalendar.pm | 10 +- lib/WebGUI/Wobject/FileManager.pm | 23 +- lib/WebGUI/Wobject/MessageBoard.pm | 12 +- lib/WebGUI/Wobject/Poll.pm | 7 +- lib/WebGUI/Wobject/Product.pm | 62 ++--- lib/WebGUI/Wobject/Survey.pm | 55 ++--- lib/WebGUI/Wobject/USS.pm | 37 +-- 48 files changed, 758 insertions(+), 749 deletions(-) diff --git a/docs/changelog/6.x.x.txt b/docs/changelog/6.x.x.txt index 6506eb0ae..7f689c384 100644 --- a/docs/changelog/6.x.x.txt +++ b/docs/changelog/6.x.x.txt @@ -6,6 +6,7 @@ - All plugins are now dynamically loaded. This provides a performance gain of over 100% in CGI mode, 10% in mod_perl mode, and less memory usage in mod_perl mode. + - Changed the privileges API significantly. See docs/migration.txt for details. diff --git a/docs/migration.txt b/docs/migration.txt index a9954af7d..278ff93b4 100644 --- a/docs/migration.txt +++ b/docs/migration.txt @@ -111,5 +111,13 @@ something that uses a macro, wobject, or auth module outside of the usual mechanisms that call those plug-ins, then you'll need to write a piece of code to load the plug-in at use time. +5.5 Privilege API Change + +In 6.1 we move isInGroup from WebGUI::Privilege to WebGUI::Grouping, where it +belongs. We also moved canViewPage and canEditPage to WebGUI::Page and renamed them +to canView and canEdit. And finally, we moved canEditWobject and +canViewWobject to WebGUI::Wobject and renamed them canView and canEdit and +converted them from regular functions into methods. + diff --git a/lib/WebGUI.pm b/lib/WebGUI.pm index 91a0dc271..ae0a23c3c 100644 --- a/lib/WebGUI.pm +++ b/lib/WebGUI.pm @@ -16,6 +16,7 @@ use Tie::CPHash; use WebGUI::Affiliate; use WebGUI::Cache; use WebGUI::ErrorHandler; +use WebGUI::Grouping; use WebGUI::International; use WebGUI::Macro; use WebGUI::Operation; @@ -39,7 +40,7 @@ sub _generatePage { ".quote($session{page}{title}).", ".quote($session{form}{wid}).", ".quote($session{form}{func}).")"); } my $output = WebGUI::Macro::process(WebGUI::Style::process($content)); - if ($session{setting}{showDebug} || ($session{form}{debug}==1 && WebGUI::Privilege::isInGroup(3))) { + if ($session{setting}{showDebug} || ($session{form}{debug}==1 && WebGUI::Grouping::isInGroup(3))) { $output .= WebGUI::ErrorHandler::showDebug(); } return $output; @@ -92,7 +93,7 @@ sub _processFunctions { WebGUI::ErrorHandler::security("access wobject [".$session{form}{wid}."] on page '" .$session{page}{title}."' [".$session{page}{pageId}."]."); } else { - if (WebGUI::Privilege::canViewPage()) { + if (WebGUI::Page::canView()) { $cmd = "WebGUI::Wobject::".${$wobject}{namespace}; my $load = "use ".$cmd; # gotta load the wobject before you can use it eval($load); diff --git a/lib/WebGUI/Forum.pm b/lib/WebGUI/Forum.pm index 2a8eaf307..035028128 100644 --- a/lib/WebGUI/Forum.pm +++ b/lib/WebGUI/Forum.pm @@ -16,7 +16,7 @@ package WebGUI::Forum; use strict; use WebGUI::Forum::Thread; -use WebGUI::Privilege; +use WebGUI::Grouping; use WebGUI::Session; use WebGUI::SQL; use WebGUI::Utility; @@ -81,7 +81,7 @@ Defaults to $session{user}{userId}. Specify a user ID to check privileges for. sub canPost { my ($self, $userId) = @_; $userId = $session{user}{userId} unless ($userId); - return (WebGUI::Privilege::isInGroup($self->get("groupToPost"),$userId) || $self->isModerator); + return (WebGUI::Grouping::isInGroup($self->get("groupToPost"),$userId) || $self->isModerator); } #------------------------------------------------------------------- @@ -103,7 +103,7 @@ Defaults to $session{user}{userId}. Specify a user ID to check privileges for. sub canView { my ($self, $userId) = @_; $userId = $session{user}{userId} unless ($userId); - return (WebGUI::Privilege::isInGroup($self->get("groupToView"),$userId) || $self->canPost); + return (WebGUI::Grouping::isInGroup($self->get("groupToView"),$userId) || $self->canPost); } #------------------------------------------------------------------- @@ -242,7 +242,7 @@ Defaults to $session{user}{userId}. A user id to test for moderator privileges. sub isModerator { my ($self, $userId) = @_; $userId = $session{user}{userId} unless ($userId); - return WebGUI::Privilege::isInGroup($self->get("groupToModerate"), $userId); + return WebGUI::Grouping::isInGroup($self->get("groupToModerate"), $userId); } #------------------------------------------------------------------- diff --git a/lib/WebGUI/Grouping.pm b/lib/WebGUI/Grouping.pm index bd87697c1..614f58e0e 100755 --- a/lib/WebGUI/Grouping.pm +++ b/lib/WebGUI/Grouping.pm @@ -40,7 +40,8 @@ This package provides an interface for managing WebGUI user and group groupings. $arrayRef = WebGUI::Grouping::getGroupsForUser($userId); $arrayRef = WebGUI::Grouping::getGroupsInGroup($groupId); $arrayRef = WebGUI::Grouping::getUsersInGroup($groupId); - $yesNo = WebGUI::Grouping::userGroupAdmin($userId,$groupId); + $boolean = WebGUI::Grouping::isInGroup($groupId, $userId); + $boolean = WebGUI::Grouping::userGroupAdmin($userId,$groupId); $epoch = WebGUI::Grouping::userGroupExpireDate($userId,$groupId); =head1 METHODS @@ -227,11 +228,13 @@ If set to "1" then the listing will not include expired groupings. Defaults to " =cut sub getGroupsForUser { - my $clause = "and expireDate>".time() if ($_[1]); - if ($_[0] eq "") { + my $userId = shift; + my $withoutExpired = shift; + my $clause = "and expireDate>".time() if ($withoutExpired); + if ($userId eq "") { return []; } else { - return WebGUI::SQL->buildArrayRef("select groupId from groupings where userId=$_[0] $clause"); + return WebGUI::SQL->buildArrayRef("select groupId from groupings where userId=$userId $clause"); } } @@ -311,6 +314,146 @@ sub getUsersInGroup { } +#------------------------------------------------------------------- + +=head2 isInGroup ( [ groupId , userId ] ) + +Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins. + +=over + +=item groupId + +The group that you wish to verify against the user. Defaults to group with Id 3 (the Admin group). + +=item userId + +The user that you wish to verify against the group. Defaults to the currently logged in user. + +=back + +=cut + +sub isInGroup { + my ($gid, $uid, @data, %group, $groupId); + ($gid, $uid) = @_; + $gid = 3 unless (defined $gid); + $uid = $session{user}{userId} if ($uid eq ""); + ### The following several checks are to increase performance. If this section were removed, everything would continue to work as normal. + return 1 if ($gid == 7); # everyone is in the everyone group + return 1 if ($gid == 1 && $uid == 1); # visitors are in the visitors group + return 0 if ($gid != 1 && $uid == 1); # visitors can't be in any group execpt the visitors group + return 1 if ($gid==2 && $uid != 1); # if you're not a visitor, then you're a registered user + ### Look to see if we've already looked up this group. + if ($session{isInGroup}{$gid}{$uid} == 1) { + return 1; + } elsif ($session{isInGroup}{$gid}{$uid} eq "0") { + return 0; + } + ### Lookup the actual groupings. + my $groups = WebGUI::Grouping::getGroupsForUser($uid,1); + foreach (@{$groups}) { + $session{isInGroup}{$_}{$uid} = 1; + } + if ($session{isInGroup}{$gid}{$uid} == 1) { + return 1; + } + ### Get data for auxillary checks. + tie %group, 'Tie::CPHash'; + %group = WebGUI::SQL->quickHash("select karmaThreshold,ipFilter,scratchFilter,databaseLinkId,dbQuery,dbCacheTimeout from groups where groupId='$gid'"); + ### Check IP Address + if ($group{ipFilter} ne "") { + $group{ipFilter} =~ s/\t//g; + $group{ipFilter} =~ s/\r//g; + $group{ipFilter} =~ s/\n//g; + $group{ipFilter} =~ s/\s//g; + $group{ipFilter} =~ s/\./\\\./g; + my @ips = split(";",$group{ipFilter}); + foreach my $ip (@ips) { + if ($session{env}{REMOTE_ADDR} =~ /^$ip/) { + $session{isInGroup}{$gid}{$uid} = 1; + return 1; + } + } + } + ### Check Scratch Variables + if ($group{scratchFilter} ne "") { + $group{scratchFilter} =~ s/\t//g; + $group{scratchFilter} =~ s/\r//g; + $group{scratchFilter} =~ s/\n//g; + $group{scratchFilter} =~ s/\s//g; + my @vars = split(";",$group{scratchFilter}); + foreach my $var (@vars) { + my ($name, $value) = split(/\=/,$var); + if ($session{scratch}{$name} eq $value) { + $session{isInGroup}{$gid}{$uid} = 1; + return 1; + } + } + } + ### Check karma levels. + if ($session{setting}{useKarma}) { + my $karma; + if ($uid == $session{user}{userId}) { + $karma = $session{user}{karma}; + } else { + ($karma) = WebGUI::SQL->quickHash("select karma from users where userId='$uid'"); + } + if ($karma >= $group{karmaThreshold}) { + $session{isInGroup}{$gid}{$uid} = 1; + return 1; + } + } + ### Check external database + if ($group{dbQuery} ne "" && $group{databaseLinkId}) { + # skip if not logged in and query contains a User macro + unless ($group{dbQuery} =~ /\^User/i && $uid == 1) { + my $dbLink = WebGUI::DatabaseLink->new($group{databaseLinkId}); + my $dbh = $dbLink->dbh; + if (defined $dbh) { + if ($group{dbQuery} =~ /select 1/i) { + $group{dbQuery} = WebGUI::Macro::process($group{dbQuery}); + my $sth = WebGUI::SQL->unconditionalRead($group{dbQuery},$dbh); + unless ($sth->errorCode < 1) { + WebGUI::ErrorHandler::warn("There was a problem with the database query for group ID $gid."); + } else { + my ($result) = $sth->array; + if ($result == 1) { + $session{isInGroup}{$gid}{$uid} = 1; + if ($group{dbCacheTimeout} > 0) { + WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]); + WebGUI::Grouping::addUsersToGroups([$uid],[$gid],$group{dbCacheTimeout}); + } + } else { + $session{isInGroup}{$gid}{$uid} = 0; + WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]) if ($group{dbCacheTimeout} > 0); + } + } + $sth->finish; + } else { + WebGUI::ErrorHandler::warn("Database query for group ID $gid must use 'select 1'"); + } + $dbLink->disconnect; + return 1 if ($session{isInGroup}{$gid}{$uid}); + } + } + } + ### Check for groups of groups. + $groups = WebGUI::Grouping::getGroupsInGroup($gid,1); + foreach (@{$groups}) { + $session{isInGroup}{$_}{$uid} = isInGroup($_, $uid); + if ($session{isInGroup}{$_}{$uid}) { + $session{isInGroup}{$gid}{$uid} = 1; # cache current group also so we don't have to do the group in group check again + return 1; + } + } + $session{isInGroup}{$gid}{$uid} = 0; + return 0; +} + + + + #------------------------------------------------------------------- diff --git a/lib/WebGUI/HTMLForm.pm b/lib/WebGUI/HTMLForm.pm index 19dbd9b0b..8bfd0c520 100644 --- a/lib/WebGUI/HTMLForm.pm +++ b/lib/WebGUI/HTMLForm.pm @@ -20,7 +20,7 @@ use WebGUI::DateTime; use WebGUI::Form; use WebGUI::Icon; use WebGUI::International; -use WebGUI::Privilege; +use WebGUI::Grouping; use WebGUI::Session; use WebGUI::SQL; @@ -535,7 +535,7 @@ sub databaseLink { rearrange([qw(name value label afterEdit extras uiLevel)], @p); if (_uiLevelChecksOut($uiLevel)) { $label = $label || WebGUI::International::get(1075); - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { if ($afterEdit) { $subtext = editIcon("op=editDatabaseLink&lid=".$value."&afterEdit=".WebGUI::URL::escape($afterEdit)); } @@ -1079,7 +1079,7 @@ sub group { my ($name, $label, $value, $size, $multiple, $extras, $subtext, $uiLevel, $excludeGroups) = rearrange([qw(name label value size multiple extras subtext uiLevel excludeGroups)], @p); if (_uiLevelChecksOut($uiLevel)) { - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { $subtext = manageIcon("op=listGroups").$subtext; } $output = WebGUI::Form::group({ @@ -1956,7 +1956,7 @@ sub template { rearrange([qw(name value label namespace afterEdit extras uiLevel)], @p); if (_uiLevelChecksOut($uiLevel)) { $label = $label || WebGUI::International::get(356); - if (WebGUI::Privilege::isInGroup(8)) { + if (WebGUI::Grouping::isInGroup(8)) { if ($afterEdit) { $subtext = editIcon("op=editTemplate&tid=".$value."&namespace=".$namespace."&afterEdit=".WebGUI::URL::escape($afterEdit)); } diff --git a/lib/WebGUI/Macro/AdminBar.pm b/lib/WebGUI/Macro/AdminBar.pm index be8ff08e3..bedef9203 100644 --- a/lib/WebGUI/Macro/AdminBar.pm +++ b/lib/WebGUI/Macro/AdminBar.pm @@ -13,9 +13,9 @@ package WebGUI::Macro::AdminBar; use strict qw(refs vars); use Tie::CPHash; use Tie::IxHash; +use WebGUI::Grouping; use WebGUI::International; use WebGUI::Macro; -use WebGUI::Privilege; use WebGUI::Session; use WebGUI::SQL; use WebGUI::URL; @@ -137,7 +137,7 @@ sub process { $var{'clipboard_loop'} = \@clipboard; #--admin functions %hash = (); - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { %hash = ( WebGUI::URL::page('op=listGroups')=>WebGUI::International::get(5), WebGUI::URL::page('op=manageSettings')=>WebGUI::International::get(4), @@ -146,14 +146,14 @@ sub process { WebGUI::URL::page('op=listDatabaseLinks')=>WebGUI::International::get(981), WebGUI::URL::page('op=listNavigation')=>'Manage navigation.' ); - } elsif (WebGUI::Privilege::isInGroup(11)) { + } elsif (WebGUI::Grouping::isInGroup(11)) { %hash = ( WebGUI::URL::page('op=listGroupsSecondary')=>WebGUI::International::get(5), WebGUI::URL::page('op=addUserSecondary')=>WebGUI::International::get(169), %hash ); } - if (WebGUI::Privilege::isInGroup(4)) { + if (WebGUI::Grouping::isInGroup(4)) { %hash = ( WebGUI::URL::page('op=listRoots')=>WebGUI::International::get(410), 'http://validator.w3.org/check?uri='.WebGUI::URL::escape(WebGUI::URL::page())=>WebGUI::International::get(399), @@ -164,25 +164,25 @@ sub process { %hash ); } - if (WebGUI::Privilege::isInGroup(6)) { + if (WebGUI::Grouping::isInGroup(6)) { %hash = ( WebGUI::URL::gateway('packages')=>WebGUI::International::get(374), %hash ); } - if (WebGUI::Privilege::isInGroup(8)) { + if (WebGUI::Grouping::isInGroup(8)) { %hash = ( WebGUI::URL::page('op=listTemplates')=>WebGUI::International::get(508), %hash ); } - if (WebGUI::Privilege::isInGroup(9)) { + if (WebGUI::Grouping::isInGroup(9)) { %hash = ( WebGUI::URL::page('op=listThemes')=>WebGUI::International::get(900), %hash ); } - if (WebGUI::Privilege::isInGroup(10)) { + if (WebGUI::Grouping::isInGroup(10)) { %hash = ( WebGUI::URL::page('op=listLanguages')=>WebGUI::International::get(585), %hash diff --git a/lib/WebGUI/Macro/AdminToggle.pm b/lib/WebGUI/Macro/AdminToggle.pm index 6b6ffe6c2..ba64a0c72 100644 --- a/lib/WebGUI/Macro/AdminToggle.pm +++ b/lib/WebGUI/Macro/AdminToggle.pm @@ -11,6 +11,7 @@ package WebGUI::Macro::AdminToggle; #------------------------------------------------------------------- use strict; +use WebGUI::Grouping; use WebGUI::International; use WebGUI::Macro; use WebGUI::Session; @@ -19,7 +20,7 @@ use WebGUI::URL; #------------------------------------------------------------------- sub process { my ($temp, @param, $turnOn, $turnOff); - if (WebGUI::Privilege::isInGroup(12)) { + if (WebGUI::Grouping::isInGroup(12)) { @param = WebGUI::Macro::getParams($_[0]); if ($session{var}{adminOn}) { $turnOff = $param[1] || WebGUI::International::get(517); diff --git a/lib/WebGUI/Macro/CanEditText.pm b/lib/WebGUI/Macro/CanEditText.pm index 0fa9b7bfe..15b775873 100644 --- a/lib/WebGUI/Macro/CanEditText.pm +++ b/lib/WebGUI/Macro/CanEditText.pm @@ -12,13 +12,13 @@ package WebGUI::Macro::CanEditText; use strict; use WebGUI::Macro; +use WebGUI::Page; use WebGUI::Session; -use WebGUI::Privilege; #------------------------------------------------------------------- sub process { my @param = WebGUI::Macro::getParams($_[0]); - if (WebGUI::Privilege::canEditPage()) { + if (WebGUI::Page::canEdit()) { return $param[0]; } else { return ""; diff --git a/lib/WebGUI/Macro/EditableToggle.pm b/lib/WebGUI/Macro/EditableToggle.pm index 6afeb7d4a..35af0a25f 100644 --- a/lib/WebGUI/Macro/EditableToggle.pm +++ b/lib/WebGUI/Macro/EditableToggle.pm @@ -11,16 +11,17 @@ package WebGUI::Macro::EditableToggle; #------------------------------------------------------------------- use strict; +use WebGUI::Grouping; use WebGUI::International; use WebGUI::Macro; -use WebGUI::Privilege; +use WebGUI::Page; use WebGUI::Session; use WebGUI::URL; #------------------------------------------------------------------- sub process { my ($temp, @param, $turnOn, $turnOff); - if (WebGUI::Privilege::canEditPage() && WebGUI::Privilege::isInGroup(12)) { + if (WebGUI::Page::canEdit() && WebGUI::Grouping::isInGroup(12)) { @param = WebGUI::Macro::getParams($_[0]); if ($session{var}{adminOn}) { $turnOff = $param[1] || WebGUI::International::get(517); diff --git a/lib/WebGUI/Macro/GroupAdd.pm b/lib/WebGUI/Macro/GroupAdd.pm index 926318386..3653426ef 100644 --- a/lib/WebGUI/Macro/GroupAdd.pm +++ b/lib/WebGUI/Macro/GroupAdd.pm @@ -12,9 +12,9 @@ package WebGUI::Macro::GroupAdd; use strict; use WebGUI::Group; +use WebGUI::Grouping; use WebGUI::Macro; use WebGUI::Session; -use WebGUI::Privilege; use WebGUI::URL; #------------------------------------------------------------------- @@ -24,7 +24,7 @@ sub process { my $g = WebGUI::Group->find($param[0]); return "" if ($g->groupId eq ""); return "" unless ($g->autoAdd); - return "" if (WebGUI::Privilege::isInGroup($g->groupId)); + return "" if (WebGUI::Grouping::isInGroup($g->groupId)); return 'groupId).'">'.$param[1].''; } diff --git a/lib/WebGUI/Macro/GroupDelete.pm b/lib/WebGUI/Macro/GroupDelete.pm index 6a11967d6..56f3b1c67 100644 --- a/lib/WebGUI/Macro/GroupDelete.pm +++ b/lib/WebGUI/Macro/GroupDelete.pm @@ -12,9 +12,9 @@ package WebGUI::Macro::GroupDelete; use strict; use WebGUI::Group; +use WebGUI::Grouping; use WebGUI::Macro; use WebGUI::Session; -use WebGUI::Privilege; use WebGUI::URL; #------------------------------------------------------------------- @@ -24,7 +24,7 @@ sub process { my $g = WebGUI::Group->find($param[0]); return "" if ($g->groupId eq ""); return "" unless ($g->autoDelete); - return "" unless (WebGUI::Privilege::isInGroup($g->groupId)); + return "" unless (WebGUI::Grouping::isInGroup($g->groupId)); return 'groupId).'">'.$param[1].''; } diff --git a/lib/WebGUI/Macro/GroupText.pm b/lib/WebGUI/Macro/GroupText.pm index a4b86cfdb..6d1dac963 100644 --- a/lib/WebGUI/Macro/GroupText.pm +++ b/lib/WebGUI/Macro/GroupText.pm @@ -11,17 +11,17 @@ package WebGUI::Macro::GroupText; #------------------------------------------------------------------- use strict; +use WebGUI::Grouping; use WebGUI::Macro; use WebGUI::SQL; use WebGUI::Session; -use WebGUI::Privilege; #------------------------------------------------------------------- sub process { my @param = WebGUI::Macro::getParams($_[0]); my ($groupId) = WebGUI::SQL->quickArray("select groupId from groups where groupName=".quote($param[0])); $groupId = 3 if ($groupId eq ""); - if (WebGUI::Privilege::isInGroup($groupId)) { + if (WebGUI::Grouping::isInGroup($groupId)) { return $param[1]; } else { return $param[2]; diff --git a/lib/WebGUI/Navigation.pm b/lib/WebGUI/Navigation.pm index 8a38b3e44..6ada9f56b 100644 --- a/lib/WebGUI/Navigation.pm +++ b/lib/WebGUI/Navigation.pm @@ -18,16 +18,15 @@ package WebGUI::Navigation; use strict; use Tie::CPHash; use Tie::IxHash; -use WebGUI::Session; -use WebGUI::SQL; -use WebGUI::URL; -use WebGUI::Operation::Navigation; -use WebGUI::Page; -use WebGUI::Utility; -use WebGUI::Privilege; -use WebGUI::Template; use WebGUI::Icon; use WebGUI::International; +use WebGUI::Operation::Navigation; +use WebGUI::Page; +use WebGUI::Session; +use WebGUI::SQL; +use WebGUI::Template; +use WebGUI::URL; +use WebGUI::Utility; =head1 NAME @@ -269,7 +268,7 @@ sub build { $pageData->{"page.isHidden"} = $page->get('hideFromNavigation'); $pageData->{"page.isSystem"} = (($page->get('pageId') < 1000 && $page->get('pageId') > 1) || $page->get('pageId') == 0); - $pageData->{"page.isViewable"} = WebGUI::Privilege::canViewPage($page->get('pageId')); + $pageData->{"page.isViewable"} = WebGUI::Page::canView($page->get('pageId')); # indent my $indent = 0; diff --git a/lib/WebGUI/Operation/Admin.pm b/lib/WebGUI/Operation/Admin.pm index 2ad73d4f3..b009161a8 100644 --- a/lib/WebGUI/Operation/Admin.pm +++ b/lib/WebGUI/Operation/Admin.pm @@ -12,7 +12,7 @@ package WebGUI::Operation::Admin; use Exporter; use strict; -use WebGUI::Privilege; +use WebGUI::Grouping; use WebGUI::Session; use WebGUI::SQL; @@ -21,7 +21,7 @@ our @EXPORT = qw(&www_switchOffAdmin &www_switchOnAdmin); #------------------------------------------------------------------- sub www_switchOffAdmin { - return "" unless (WebGUI::Privilege::isInGroup(12)); + return "" unless (WebGUI::Grouping::isInGroup(12)); WebGUI::SQL->write("update userSession set adminOn=0 where sessionId='$session{var}{sessionId}'"); WebGUI::Session::refreshSessionVars($session{var}{sessionId}); return ""; @@ -29,7 +29,7 @@ sub www_switchOffAdmin { #------------------------------------------------------------------- sub www_switchOnAdmin { - return "" unless (WebGUI::Privilege::isInGroup(12)); + return "" unless (WebGUI::Grouping::isInGroup(12)); WebGUI::SQL->write("update userSession set adminOn=1 where sessionId='$session{var}{sessionId}'"); WebGUI::Session::refreshSessionVars($session{var}{sessionId}); return ""; diff --git a/lib/WebGUI/Operation/Clipboard.pm b/lib/WebGUI/Operation/Clipboard.pm index e0aecbafa..a804f71dc 100644 --- a/lib/WebGUI/Operation/Clipboard.pm +++ b/lib/WebGUI/Operation/Clipboard.pm @@ -39,7 +39,7 @@ sub _submenu { if ($session{form}{systemClipboard} ne "1") { $menu{WebGUI::URL::page('op=emptyClipboard')} = WebGUI::International::get(950); } - if ( ($session{setting}{sharedClipboard} ne "1") && (WebGUI::Privilege::isInGroup(3)) ) { + if ( ($session{setting}{sharedClipboard} ne "1") && (WebGUI::Grouping::isInGroup(3)) ) { $menu{WebGUI::URL::page('op=manageClipboard&systemClipboard=1')} = WebGUI::International::get(954); if ($session{form}{systemClipboard} eq "1") { $menu{WebGUI::URL::page('op=emptyClipboard&systemClipboard=1')} = WebGUI::International::get(959); @@ -51,7 +51,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_deleteClipboardItem { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); my ($output); if ($session{form}{wid} ne "") { $output .= helpIcon(14); @@ -74,9 +74,9 @@ sub www_deleteClipboardItem { #------------------------------------------------------------------- sub www_deleteClipboardItemConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); if ($session{form}{wid} ne "") { - if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Privilege::isInGroup(3)) ) { + if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) { WebGUI::SQL->write("update wobject set pageId=3, " ."bufferDate=".time().", " ."bufferUserId=".$session{user}{userId} .", " @@ -96,7 +96,7 @@ sub www_deleteClipboardItemConfirm { } WebGUI::ErrorHandler::audit("moved wobject ". $session{form}{wid} ." from clipboard to trash"); } elsif ($session{form}{pageId} ne "") { - if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Privilege::isInGroup(3)) ) { + if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) { WebGUI::SQL->write("update page set parentId=3, " ."bufferDate=".time().", " ."bufferUserId=".$session{user}{userId} .", " @@ -122,12 +122,12 @@ sub www_deleteClipboardItemConfirm { #------------------------------------------------------------------- sub www_emptyClipboard { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); my ($output); $output = helpIcon(67); $output .= '

'.WebGUI::International::get(42).'

'; $output .= WebGUI::International::get(951).'

'; - if ( ($session{setting}{sharedClipboard} ne "1") && (WebGUI::Privilege::isInGroup(3)) ) { + if ( ($session{setting}{sharedClipboard} ne "1") && (WebGUI::Grouping::isInGroup(3)) ) { $output .= '

'.WebGUI::International::get(44).''; } else { @@ -141,12 +141,12 @@ sub www_emptyClipboard { #------------------------------------------------------------------- sub www_emptyClipboardConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); my ($allUsers); if ($session{setting}{sharedClipboard} eq "1") { $allUsers = 1; } elsif ($session{form}{systemClipboard} eq "1") { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); $allUsers = 1; } else { $allUsers = 0; @@ -184,7 +184,7 @@ sub www_emptyClipboardConfirm { #------------------------------------------------------------------- sub www_manageClipboard { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); my ($sth, @data, @row, @sorted_row, $i, $p, $allUsers); my $output = helpIcon(65); @@ -194,7 +194,7 @@ sub www_manageClipboard { $allUsers = 1; $output .= '

'. WebGUI::International::get(948) .'

'; } elsif ($session{form}{systemClipboard} eq "1") { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); $allUsers = 1; $output .= '

'. WebGUI::International::get(955) .'

'; } else { diff --git a/lib/WebGUI/Operation/Collateral.pm b/lib/WebGUI/Operation/Collateral.pm index dac94931c..3f5925e27 100644 --- a/lib/WebGUI/Operation/Collateral.pm +++ b/lib/WebGUI/Operation/Collateral.pm @@ -22,6 +22,7 @@ use strict; use WebGUI::Collateral; use WebGUI::CollateralFolder; use WebGUI::DateTime; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; @@ -55,7 +56,7 @@ sub _submenu { $menu{WebGUI::URL::page('op=deleteCollateral&cid='.$session{form}{cid})} = WebGUI::International::get(765); } $menu{WebGUI::URL::page('op=editCollateralFolder')} = WebGUI::International::get(759); - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { $menu{WebGUI::URL::page('op=emptyCollateralFolder')} = WebGUI::International::get(980); $menu{WebGUI::URL::page('op=deleteCollateralFolder')} = WebGUI::International::get(760); } @@ -66,7 +67,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_deleteCollateral { my $collateral = WebGUI::Collateral->new($session{form}{cid}); - return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Grouping::isInGroup(3)); my $output = '

'.WebGUI::International::get(42).'

'; $output .= WebGUI::International::get(774).'

'; $output .= '' @@ -80,7 +81,7 @@ sub www_deleteCollateral { #------------------------------------------------------------------- sub www_deleteCollateralConfirm { my $collateral = WebGUI::Collateral->new($session{form}{cid}); - return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Grouping::isInGroup(3)); $collateral->delete; WebGUI::Session::deleteScratch("collateralPageNumber"); return www_listCollateral(); @@ -89,14 +90,14 @@ sub www_deleteCollateralConfirm { #------------------------------------------------------------------- sub www_deleteCollateralFile { my $collateral = WebGUI::Collateral->new($session{form}{cid}); - return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Grouping::isInGroup(3)); $collateral->deleteFile; return www_editCollateral($collateral); } #------------------------------------------------------------------- sub www_deleteCollateralFolder { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999); my $output = '

'.WebGUI::International::get(42).'

'; $output .= WebGUI::International::get(775).'

'; @@ -110,7 +111,7 @@ sub www_deleteCollateralFolder { #------------------------------------------------------------------- sub www_deleteCollateralFolderConfirm { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999); my $folders = WebGUI::CollateralFolder->getTree({-minimumFields => 1}); if (my $deadFolder = $folders->{$session{scratch}{collateralFolderId}}) { @@ -123,7 +124,7 @@ sub www_deleteCollateralFolderConfirm { #------------------------------------------------------------------- sub www_emptyCollateralFolder { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999); my $output = '

'.WebGUI::International::get(42).'

'; $output .= WebGUI::International::get(979).'

'; @@ -137,7 +138,7 @@ sub www_emptyCollateralFolder { #------------------------------------------------------------------- sub www_emptyCollateralFolderConfirm { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999); my @collateralIds = WebGUI::SQL->buildArray("select collateralId from collateral where collateralFolderId=".$session{scratch}{collateralFolderId}); WebGUI::Collateral->multiDelete(@collateralIds); @@ -146,7 +147,7 @@ sub www_emptyCollateralFolderConfirm { #------------------------------------------------------------------- sub www_editCollateral { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4)); my ($canEdit, $file, $folderId, $output, $f, $collateral, $image, $error, $x, $y); if ($session{form}{cid} eq "new") { $collateral->{collateralType} = $session{form}{type}; @@ -159,7 +160,7 @@ sub www_editCollateral { my $c = $_[1] || WebGUI::Collateral->new($session{form}{cid}); $collateral = $c->get; } - $canEdit = ($collateral->{userId} == $session{user}{userId} || WebGUI::Privilege::isInGroup(3)); + $canEdit = ($collateral->{userId} == $session{user}{userId} || WebGUI::Grouping::isInGroup(3)); $folderId = $session{scratch}{collateralFolderId} || 0; $f = WebGUI::HTMLForm->new; $f->hidden("op","editCollateralSave"); @@ -295,7 +296,7 @@ sub www_editCollateral { #------------------------------------------------------------------- sub www_editCollateralSave { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4)); WebGUI::Session::setScratch("collateralFolderId",$session{form}{collateralFolderId}); my ($test, $file, $addFile); my $collateral = WebGUI::Collateral->new($session{form}{cid}); @@ -322,7 +323,7 @@ sub www_editCollateralSave { #------------------------------------------------------------------- sub www_editCollateralFolder { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4)); my ($output, $f, $folder, $folderId, $constraint); $output .= '

'.WebGUI::International::get(776).'

'; if ($session{form}{fid} eq "new") { @@ -368,7 +369,7 @@ sub www_editCollateralFolder { #------------------------------------------------------------------- sub www_editCollateralFolderSave { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4)); if ($session{form}{fid} eq "new") { $session{form}{fid} = getNextId("collateralFolderId"); WebGUI::Session::setScratch("collateralFolderId",$session{form}{fid}); @@ -392,7 +393,7 @@ sub www_editCollateralFolderSave { #------------------------------------------------------------------- sub www_listCollateral { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4)); my (%type, %user, $f, $row, $data, $sth, $url, $output, $parent, $p, $thumbnail, $file, $page, $constraints, $folderId); tie %type, 'Tie::IxHash'; tie %user, 'Tie::IxHash'; @@ -519,7 +520,7 @@ sub _htmlAreaCreateTree { sub www_htmlArealistCollateral { my (@parents, $sth, $data, $indent); $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; - return "Only Content Managers are allowed to use WebGUI Collateral" unless (WebGUI::Privilege::isInGroup(4)); + return "Only Content Managers are allowed to use WebGUI Collateral" unless (WebGUI::Grouping::isInGroup(4)); my $output = ''; my $folderId = $session{form}{fid} || 0; @@ -574,7 +575,7 @@ sub www_htmlAreaviewCollateral { my($output, $collateral, $file, $x, $y, $image, $error); $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; $output .= '
'; - if($session{form}{cid} == 0 || ! WebGUI::Privilege::isInGroup(4)) { + if($session{form}{cid} == 0 || ! WebGUI::Grouping::isInGroup(4)) { $output .= '
'; $output .= '


'; @@ -610,7 +611,7 @@ sub www_htmlAreaviewCollateral { #------------------------------------------------------------------- sub www_htmlAreaUpload { $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; - return "Only Content Managers are allowed to use WebGUI Collateral" unless (WebGUI::Privilege::isInGroup(4)); + return "Only Content Managers are allowed to use WebGUI Collateral" unless (WebGUI::Grouping::isInGroup(4)); return www_htmlArealistCollateral() if ($session{form}{image} eq ""); my($test, $file); $session{form}{fid} = $session{form}{collateralFolderId} = $session{form}{path}; @@ -635,7 +636,7 @@ sub www_htmlAreaUpload { #------------------------------------------------------------------- sub www_htmlAreaDelete { $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; - return "Only Content Managers are allowed to use WebGUI Collateral" unless (WebGUI::Privilege::isInGroup(4)); + return "Only Content Managers are allowed to use WebGUI Collateral" unless (WebGUI::Grouping::isInGroup(4)); if($session{form}{cid}) { # Delete Image my $collateral = WebGUI::Collateral->new($session{form}{cid}); $collateral->delete; @@ -652,7 +653,7 @@ sub www_htmlAreaDelete { #------------------------------------------------------------------- sub www_htmlAreaCreateFolder { $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; - return "Only Content Managers are allowed to use WebGUI Collateral" unless (WebGUI::Privilege::isInGroup(4)); + return "Only Content Managers are allowed to use WebGUI Collateral" unless (WebGUI::Grouping::isInGroup(4)); $session{form}{fid} = getNextId("collateralFolderId"); WebGUI::Session::setScratch("collateralFolderId",$session{form}{fid}); WebGUI::SQL->write("insert into collateralFolder (collateralFolderId) values ($session{form}{fid})"); diff --git a/lib/WebGUI/Operation/DatabaseLink.pm b/lib/WebGUI/Operation/DatabaseLink.pm index c0d813990..92eca6853 100644 --- a/lib/WebGUI/Operation/DatabaseLink.pm +++ b/lib/WebGUI/Operation/DatabaseLink.pm @@ -14,6 +14,7 @@ use Exporter; use strict; use Tie::CPHash; use WebGUI::DatabaseLink; +use WebGUI::Grouping; use WebGUI::Icon; use WebGUI::International; use WebGUI::Operation::Shared; @@ -43,7 +44,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_copyDatabaseLink { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); my (%db); tie %db, 'Tie::CPHash'; %db = WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=$session{form}{dlid}"); @@ -54,7 +55,7 @@ sub www_copyDatabaseLink { #------------------------------------------------------------------- sub www_deleteDatabaseLink { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); my ($output); $output .= helpIcon(70); $output .= '

'.WebGUI::International::get(987).'

'; @@ -77,14 +78,14 @@ sub www_deleteDatabaseLink { #------------------------------------------------------------------- sub www_deleteDatabaseLinkConfirm { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); WebGUI::SQL->write("delete from databaseLink where databaseLinkId=".$session{form}{dlid}); return www_listDatabaseLinks(); } #------------------------------------------------------------------- sub www_editDatabaseLink { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); my ($output, %db, $f); tie %db, 'Tie::CPHash'; if ($session{form}{dlid} eq "new") { @@ -109,7 +110,7 @@ sub www_editDatabaseLink { #------------------------------------------------------------------- sub www_editDatabaseLinkSave { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); if ($session{form}{dlid} eq "new") { $session{form}{dlid} = getNextId("databaseLinkId"); WebGUI::SQL->write("insert into databaseLink (databaseLinkId) values ($session{form}{dlid})"); @@ -121,7 +122,7 @@ sub www_editDatabaseLinkSave { #------------------------------------------------------------------- sub www_listDatabaseLinks { - return WebGUI::Privilege::adminOnly() unless(WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless(WebGUI::Grouping::isInGroup(3)); my ($output, $p, $sth, %data, @row, $i); $output = helpIcon(68); $output .= '

'.WebGUI::International::get(996).'

'; diff --git a/lib/WebGUI/Operation/Group.pm b/lib/WebGUI/Operation/Group.pm index 9323486d9..11c498054 100644 --- a/lib/WebGUI/Operation/Group.pm +++ b/lib/WebGUI/Operation/Group.pm @@ -40,7 +40,7 @@ our @EXPORT = qw(&www_manageUsersInGroup &www_deleteGroup &www_deleteGroupConfir #------------------------------------------------------------------- sub _hasSecondaryPrivilege { - return 0 unless (WebGUI::Privilege::isInGroup(11)); + return 0 unless (WebGUI::Grouping::isInGroup(11)); return WebGUI::Grouping::userGroupAdmin($session{user}{userId},$_[0]); } @@ -49,7 +49,7 @@ sub _hasSecondaryPrivilege { sub _submenu { my ($output, %menu); tie %menu, 'Tie::IxHash'; - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { $menu{WebGUI::URL::page('op=editGroup&gid=new')} = WebGUI::International::get(90); unless ($session{form}{op} eq "listGroups" || $session{form}{gid} eq "new" @@ -69,7 +69,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_addGroupsToGroupSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my @groups = $session{cgi}->param('groups'); WebGUI::Grouping::addGroupsToGroups(\@groups,[$session{form}{gid}]); return www_manageGroupsInGroup(); @@ -77,7 +77,7 @@ sub www_addGroupsToGroupSave { #------------------------------------------------------------------- sub www_addUsersToGroupSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my @users = $session{cgi}->param('users'); WebGUI::Grouping::addUsersToGroups(\@users,[$session{form}{gid}]); return www_manageUsersInGroup(); @@ -113,7 +113,7 @@ sub www_autoDeleteFromGroup { #------------------------------------------------------------------- sub www_deleteGroup { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output); return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26); $output .= helpIcon(15); @@ -128,7 +128,7 @@ sub www_deleteGroup { #------------------------------------------------------------------- sub www_deleteGroupConfirm { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26); my $g = WebGUI::Group->new($session{form}{gid}); $g->delete; @@ -137,7 +137,7 @@ sub www_deleteGroupConfirm { #------------------------------------------------------------------- sub www_deleteGroupGrouping { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); WebGUI::Grouping::deleteGroupsFromGroups([$session{form}{delete}],[$session{form}{gid}]); return www_manageGroupsInGroup(); } @@ -154,7 +154,7 @@ sub www_deleteGroupingSecondary { #------------------------------------------------------------------- sub www_editGroup { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f, $g); if ($session{form}{gid} eq "new") { $g = WebGUI::Group->new(""); @@ -233,7 +233,7 @@ sub www_editGroup { #------------------------------------------------------------------- sub www_editGroupSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my $g = WebGUI::Group->new($session{form}{gid}); $g->description($session{form}{description}); $g->name($session{form}{groupName}); @@ -255,7 +255,7 @@ sub www_editGroupSave { #------------------------------------------------------------------- sub www_emailGroup { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output,$f); $output = '

'.WebGUI::International::get(809).'

'; $f = WebGUI::HTMLForm->new; @@ -282,7 +282,7 @@ sub www_emailGroup { #------------------------------------------------------------------- sub www_emailGroupSend { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($sth, $email); $sth = WebGUI::SQL->read("select b.fieldData from groupings a left join userProfileData b on a.userId=b.userId and b.fieldName='email' where a.groupId=$session{form}{gid}"); @@ -297,7 +297,7 @@ sub www_emailGroupSend { #------------------------------------------------------------------- sub www_listGroups { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $p, $sth, @data, @row, $i, $userCount); $output = helpIcon(10); $output .= '

'.WebGUI::International::get(89).'

'; @@ -328,7 +328,7 @@ sub www_listGroups { #------------------------------------------------------------------- sub www_listGroupsSecondary { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(11)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(11)); my ($output, $p, $sth, @data, @row, $i, $userCount); $output .= '

'.WebGUI::International::get(89).'

'; my @editableGroups = WebGUI::SQL->buildArray("select groupId from groupings where userId=$session{user}{userId} and groupAdmin=1"); @@ -360,7 +360,7 @@ sub www_listGroupsSecondary { #------------------------------------------------------------------- sub www_manageGroupsInGroup { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $p, $group, $groups, $f); $output = '

'.WebGUI::International::get(813).'

'; $f = WebGUI::HTMLForm->new; @@ -397,7 +397,7 @@ sub www_manageGroupsInGroup { #------------------------------------------------------------------- sub www_manageUsersInGroup { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $sth, %hash); tie %hash, 'Tie::CPHash'; $output = '

'.WebGUI::International::get(88).'

'; diff --git a/lib/WebGUI/Operation/Help.pm b/lib/WebGUI/Operation/Help.pm index cf02babba..29691cd29 100644 --- a/lib/WebGUI/Operation/Help.pm +++ b/lib/WebGUI/Operation/Help.pm @@ -15,6 +15,7 @@ use strict; use Tie::IxHash; use Tie::CPHash; use WebGUI::DateTime; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; @@ -70,7 +71,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_deleteHelp { - return "" unless (WebGUI::Privilege::isInGroup(3)); + return "" unless (WebGUI::Grouping::isInGroup(3)); my $output = '

Confirm

Are you sure? Deleting help is never a good idea. Yes / No

'; @@ -79,7 +80,7 @@ sub www_deleteHelp { #------------------------------------------------------------------- sub www_deleteHelpConfirm { - return "" unless (WebGUI::Privilege::isInGroup(3)); + return "" unless (WebGUI::Grouping::isInGroup(3)); my ($titleId, $bodyId) = WebGUI::SQL->quickArray("select titleId,bodyId from help where helpId=".$session{form}{hid}." and namespace=".quote($session{form}{namespace})); WebGUI::SQL->write("delete from international where internationalId=$titleId @@ -93,7 +94,7 @@ sub www_deleteHelpConfirm { #------------------------------------------------------------------- sub www_editHelp { - return "" unless (WebGUI::Privilege::isInGroup(3)); + return "" unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f, %data, %help, @seeAlso); tie %data, 'Tie::IxHash'; tie %help, 'Tie::CPHash'; @@ -141,7 +142,7 @@ sub www_editHelp { #------------------------------------------------------------------- sub www_editHelpSave { - return "" unless (WebGUI::Privilege::isInGroup(3)); + return "" unless (WebGUI::Grouping::isInGroup(3)); my (@seeAlso); if ($session{form}{hid} eq "new") { if ($session{form}{namespace_new} ne "") { @@ -178,7 +179,7 @@ sub www_editHelpSave { #------------------------------------------------------------------- sub www_exportHelp { - return "" unless (WebGUI::Privilege::isInGroup(3)); + return "" unless (WebGUI::Grouping::isInGroup(3)); my ($export, $output, %help, $sth); $export = "#export of WebGUI ".$WebGUI::VERSION." help system.\n\n"; $sth = WebGUI::SQL->read("select * from help"); @@ -195,7 +196,7 @@ sub www_exportHelp { #------------------------------------------------------------------- sub www_manageHelp { my ($sth, @help, $output); - return "" unless (WebGUI::Privilege::isInGroup(3)); + return "" unless (WebGUI::Grouping::isInGroup(3)); $output = '

Manage Help

'; $output .= 'This interface is for WebGUI developers only. If you\'re not a developer, leave this alone. Also, this interface works ONLY under MySQL and is not supported by Plain Black under any diff --git a/lib/WebGUI/Operation/International.pm b/lib/WebGUI/Operation/International.pm index 7577ae7a6..b33c792c9 100644 --- a/lib/WebGUI/Operation/International.pm +++ b/lib/WebGUI/Operation/International.pm @@ -14,6 +14,7 @@ use Exporter; use strict; use Tie::CPHash; use WebGUI::DateTime; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; @@ -21,6 +22,7 @@ use WebGUI::Macro; use WebGUI::Mail; use WebGUI::Operation::Shared; use WebGUI::Paginator; +use WebGUI::Privilege; use WebGUI::Session; use WebGUI::SQL; use WebGUI::URL; @@ -85,7 +87,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_addInternationalMessage { my ($output,$f); - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10)); $output = '

Add English Message

'; $f = WebGUI::HTMLForm->new(); $f->hidden("lid",1); @@ -118,7 +120,7 @@ sub www_addInternationalMessageSave { sub www_deleteLanguage { my ($output); return WebGUI::Privilege::vitalComponent() if ($session{form}{lid} < 1000 && $session{form}{lid} > 0); - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10)); $output .= '

'.WebGUI::International::get(42).'

'; $output .= WebGUI::International::get(587).'

'; $output .= '

write("insert into international (message,namespace,languageId,internationalId,lastUpdated) values (".quote($session{form}{message}).",".quote($session{form}{namespace}) @@ -187,7 +189,7 @@ sub www_editInternationalMessageSave { #------------------------------------------------------------------- sub www_editLanguage { my ($output, $dir, @files, $file, %data, $f, %options); - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10)); tie %data, 'Tie::CPHash'; $dir = $session{config}{extrasPath}.$session{os}{slash}."toolbar"; opendir (DIR,$dir) or WebGUI::ErrorHandler::warn("Can't open toolbar directory!"); @@ -219,7 +221,7 @@ sub www_editLanguage { #------------------------------------------------------------------- sub www_editLanguageSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10)); if ($session{form}{lid} eq "new") { $session{form}{lid} = getNextId("languageId"); WebGUI::SQL->write("insert into language (languageId) values ($session{form}{lid})"); @@ -238,7 +240,7 @@ sub www_exportTranslation { #------------------------------------------------------------------- sub www_listInternationalMessages { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10)); my ($output, $sth, $key, $p, $status,%data, %list, $deprecated, $i, $missing, @row, $f, $outOfDate, $ok); tie %data, 'Tie::CPHash'; %data = WebGUI::SQL->quickHash("select language from language where languageId=".$session{form}{lid}); @@ -370,7 +372,7 @@ sub www_listInternationalMessages { sub www_listLanguages { my ($output, $sth, %data); tie %data, 'Tie::CPHash'; - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10)); $output = '

'.WebGUI::International::get(586).'

'; $sth = WebGUI::SQL->read("select languageId,language from language where languageId<>1 order by language"); while (%data = $sth->hash) { diff --git a/lib/WebGUI/Operation/MessageLog.pm b/lib/WebGUI/Operation/MessageLog.pm index 3533c9c53..ba84a3464 100644 --- a/lib/WebGUI/Operation/MessageLog.pm +++ b/lib/WebGUI/Operation/MessageLog.pm @@ -14,6 +14,7 @@ use Exporter; use strict qw(vars subs); use URI; use WebGUI::DateTime; +use WebGUI::Grouping; use WebGUI::International; use WebGUI::Paginator; use WebGUI::Privilege; @@ -36,7 +37,7 @@ sub _status { #------------------------------------------------------------------- sub www_viewMessageLog { my (@msg, $vars); - WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(2,$session{user}{userId})); + WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(2,$session{user}{userId})); $vars->{displayTitle} = '

'.WebGUI::International::get(159).'

'; my $p = WebGUI::Paginator->new(WebGUI::URL::page('op=viewMessageLog')); my $query = "select messageLogId,subject,url,dateOfEntry,status from messageLog where userId=$session{user}{userId} order by dateOfEntry desc"; @@ -73,7 +74,7 @@ sub www_viewMessageLog { #------------------------------------------------------------------- sub www_viewMessageLogMessage { my ($data, $vars); - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(2,$session{user}{userId})); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(2,$session{user}{userId})); $vars->{displayTitle} = '

'.WebGUI::International::get(159).'

'; $data = WebGUI::SQL->quickHashRef("select * from messageLog where messageLogId=$session{form}{mlog} and userId=$session{user}{userId}"); diff --git a/lib/WebGUI/Operation/Navigation.pm b/lib/WebGUI/Operation/Navigation.pm index 821956827..dac70f0f8 100644 --- a/lib/WebGUI/Operation/Navigation.pm +++ b/lib/WebGUI/Operation/Navigation.pm @@ -15,19 +15,20 @@ use strict; use Tie::IxHash; use Tie::CPHash; use WebGUI::DateTime; +use WebGUI::ErrorHandler; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; use WebGUI::Macro; +use WebGUI::Navigation; use WebGUI::Operation::Shared; +use WebGUI::Privilege; use WebGUI::Session; use WebGUI::SQL; use WebGUI::URL; use WebGUI::Utility; -use WebGUI::Navigation; use WebGUI::TabForm; -use WebGUI::ErrorHandler; -use WebGUI::Privilege; our @ISA = qw(Exporter); our @EXPORT = qw(&www_listNavigation &www_editNavigation &www_editNavigationSave &www_copyNavigation @@ -52,7 +53,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_copyNavigation { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3)); my %navigation = WebGUI::SQL->quickHash("select * from Navigation where identifier = ". quote($session{form}{identifier})); WebGUI::SQL->write("insert into Navigation (navigationId, identifier, depth, method, startAt, stopAtLevel, @@ -68,7 +69,7 @@ sub www_copyNavigation { #------------------------------------------------------------------- sub www_deleteNavigation { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3)); if ($session{form}{navigationId} < 1000 && $session{form}{navigationId} > 0) { return WebGUI::Privilege::vitalComponent(); } @@ -84,7 +85,7 @@ sub www_deleteNavigation { #------------------------------------------------------------------- sub www_deleteNavigationConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3)); if ($session{form}{navigationId} < 1000 && $session{form}{navigationId} > 0) { return WebGUI::Privilege::vitalComponent(); } @@ -94,7 +95,7 @@ sub www_deleteNavigationConfirm { #------------------------------------------------------------------- sub www_editNavigation { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3)); my $identifier = shift || $session{form}{identifier}; #return WebGUI::ErrorHandler::warn("editNavigation called without identifier") unless $identifier; @@ -241,7 +242,7 @@ sub www_editNavigation { #------------------------------------------------------------------- sub www_editNavigationSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3)); # Check on duplicate identifier my ($existingNavigationId, $existingIdentifier) = WebGUI::SQL->quickArray("select navigationId, @@ -274,7 +275,7 @@ sub www_editNavigationSave { #------------------------------------------------------------------- sub www_listNavigation { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3)); my $output .= helpIcon(84).'

'.WebGUI::International::get(34,'Navigation').'

'; my $sth = WebGUI::SQL->read("select navigationId, identifier from Navigation order by identifier"); my $i = 0; @@ -303,7 +304,7 @@ sub www_previewNavigation { #$session{page}{useEmptyStyle} = 1; $session{page}{useAdminStyle} = 1; $session{var}{adminOn} = 0; - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3)); my $nav = WebGUI::Navigation->new( depth=>$session{form}{depth}, method=>$session{form}{method}, startAt=>$session{form}{startAt}, diff --git a/lib/WebGUI/Operation/Package.pm b/lib/WebGUI/Operation/Package.pm index aea14a994..9be81123c 100644 --- a/lib/WebGUI/Operation/Package.pm +++ b/lib/WebGUI/Operation/Package.pm @@ -117,7 +117,7 @@ sub _recursePageTree { #------------------------------------------------------------------- sub www_deployPackage { - if (WebGUI::Privilege::canEditPage()) { + if (WebGUI::Page::canEdit()) { _recursePageTree($session{form}{pid},$session{page}{pageId}); return ""; } else { diff --git a/lib/WebGUI/Operation/Page.pm b/lib/WebGUI/Operation/Page.pm index 536d3980f..48d8713c2 100644 --- a/lib/WebGUI/Operation/Page.pm +++ b/lib/WebGUI/Operation/Page.pm @@ -40,13 +40,21 @@ This private function changes the privileges of all wobjects on page. =cut sub _changeWobjectPrivileges { my($wobject,$sth); - $sth = WebGUI::SQL->read("select wobjectId from wobject where pageId=".quote($_[0])); + $sth = WebGUI::SQL->read("select wobjectId,namespace from wobject where pageId=".quote($_[0])); while ($wobject = $sth->hashRef) { - if (WebGUI::Privilege::canEditWobject($wobject->{wobjectId})) { - WebGUI::SQL->write("update wobject set startDate=".WebGUI::FormProcessor::dateTime("startDate").", - endDate=".WebGUI::FormProcessor::dateTime("endDate").", - ownerId=$session{form}{ownerId}, groupIdView=$session{form}{groupIdView}, - groupIdEdit=$session{form}{groupIdEdit} where wobjectId=".quote($wobject->{wobjectId})); + my $cmd = "WebGUI::Wobject::".$wobject->{namespace}; + my $load = "use ".$cmd; + eval($load); + WebGUI::ErrorHandler::warn("Wobject failed to compile: $cmd.".$@) if($@); + my $w = $cmd->new($wobject); + if ($w->canEdit) { + $w->set({ + startDate=>WebGUI::FormProcessor::dateTime("startDate"), + endDate=>WebGUI::FormProcessor::dateTime("endDate"), + ownerId=>$session{form}{ownerId}, + groupIdView=>$session{form}{ownerId}, + groupIdEdit=>$session{form}{groupIdEdit} + }); } } } @@ -76,7 +84,7 @@ sub _recursivelyChangeProperties { $page->walk_down({ callback => sub { $currentPage = shift; - if (WebGUI::Privilege::canEditPage($currentPage->get('pageId'))) { + if (WebGUI::Page::canEdit($currentPage->get('pageId'))) { $currentPage->setWithoutRecache({ startDate => WebGUI::FormProcessor::dateTime("startDate"), endDate => WebGUI::FormProcessor::dateTime("endDate"), @@ -234,7 +242,7 @@ sub www_cutPage { if ($session{page}{pageId} < 26 && $session{page}{pageId} >= 0) { return WebGUI::Privilege::vitalComponent(); - } elsif (WebGUI::Privilege::canEditPage()) { + } elsif (WebGUI::Page::canEdit()) { $page = WebGUI::Page->getPage($session{page}{pageId}); $page->cut; return ""; @@ -255,7 +263,7 @@ sub www_deletePage { my ($output); if ($session{page}{pageId} < 1000 && $session{page}{pageId} > 0) { return WebGUI::Privilege::vitalComponent(); - } elsif (WebGUI::Privilege::canEditPage()) { + } elsif (WebGUI::Page::canEdit()) { $output .= helpIcon(3); $output .= '

'.WebGUI::International::get(42).'

'; $output .= WebGUI::International::get(101).'

'; @@ -280,7 +288,7 @@ Actually transfers the page to the trash. sub www_deletePageConfirm { if ($session{page}{pageId} < 1000 && $session{page}{pageId} > 0) { return WebGUI::Privilege::vitalComponent(); - } elsif (WebGUI::Privilege::canEditPage()) { + } elsif (WebGUI::Page::canEdit()) { my $page = WebGUI::Page->getPage($session{page}{pageId}); $page->delete; WebGUI::Session::refreshPageInfo($session{page}{parentId}); @@ -304,7 +312,7 @@ sub www_editPage { $session{page}{useAdminStyle} = 1; tie %hash, "Tie::IxHash"; tie %page, "Tie::CPHash"; - if (WebGUI::Privilege::canEditPage($session{form}{npp})) { + if (WebGUI::Page::canEdit($session{form}{npp})) { my %tabs; tie %tabs, 'Tie::IxHash'; %tabs = ( @@ -466,13 +474,13 @@ sub www_editPage { -value=>$page{endDate}, -uiLevel=>6 ); - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { $subtext = manageIcon('op=listUsers'); } else { $subtext = ""; } my $clause; - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1); push (@$contentManagers, $session{user}{userId}); $clause = "userId in (".join(",",@$contentManagers).")"; @@ -549,7 +557,7 @@ sub www_editPageSave { $pageId = $session{form}{pageId}; } - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage($pageId)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Page::canEdit($pageId)); if ($session{form}{pageId} eq "new") { $currentPage = WebGUI::Page->getPage($pageId); @@ -605,7 +613,7 @@ Moves page down in the context of it's sisters. =cut sub www_movePageDown { - if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { + if (WebGUI::Page::canEdit($session{page}{pageId})) { WebGUI::Page->moveDown($session{page}{pageId}); return ""; } else { @@ -622,7 +630,7 @@ Moves page up in the context of it's sisters. =cut sub www_movePageUp { - if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { + if (WebGUI::Page::canEdit($session{page}{pageId})) { WebGUI::Page->moveUp($session{page}{pageId}); return ""; } else { @@ -639,7 +647,7 @@ Same as www_movePageUp wit this difference that this module returns the www_view =cut sub www_moveTreePageUp { - if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { + if (WebGUI::Page::canEdit($session{page}{pageId})) { WebGUI::Page->moveUp($session{page}{pageId}); return www_viewPageTree(); } else { @@ -656,7 +664,7 @@ Same as www_movePageDown with this difference that this module returns the www_v =cut sub www_moveTreePageDown { - if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { + if (WebGUI::Page::canEdit($session{page}{pageId})) { WebGUI::Page->moveDown($session{page}{pageId}); return www_viewPageTree(); } else { @@ -674,7 +682,7 @@ Another way to look at is that the mother of the current page becomes the elder =cut sub www_moveTreePageLeft { - if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { + if (WebGUI::Page::canEdit($session{page}{pageId})) { WebGUI::Page->moveLeft($session{page}{pageId}); return www_viewPageTree(); } else { @@ -684,7 +692,7 @@ sub www_moveTreePageLeft { #------------------------------------------------------------------- sub www_moveTreePageRight { - if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { + if (WebGUI::Page::canEdit($session{page}{pageId})) { WebGUI::Page->moveRight($session{page}{pageId}); return www_viewPageTree(); } else { @@ -695,7 +703,7 @@ sub www_moveTreePageRight { #------------------------------------------------------------------- sub www_pastePage { my ($currentPage, $pageToPaste); - if (WebGUI::Privilege::canEditPage()) { + if (WebGUI::Page::canEdit()) { $currentPage = WebGUI::Page->getPage($session{page}{pageId}); $pageToPaste = WebGUI::Page->getPage($session{form}{pageId}); $pageToPaste->paste($currentPage); @@ -707,7 +715,7 @@ sub www_pastePage { #------------------------------------------------------------------- sub www_rearrangeWobjects { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage($session{page}{pageId})); + return WebGUI::Privilege::insufficient() unless (WebGUI::Page::canEdit($session{page}{pageId})); $session{page}{styleId} = 2; my @contentAreas = split(/\./,$session{form}{map}); my $templatePosition = 1; diff --git a/lib/WebGUI/Operation/Profile.pm b/lib/WebGUI/Operation/Profile.pm index a5c9ac85a..2ff13385f 100644 --- a/lib/WebGUI/Operation/Profile.pm +++ b/lib/WebGUI/Operation/Profile.pm @@ -17,6 +17,7 @@ use WebGUI::Operation::Auth; use WebGUI::DateTime; use WebGUI::ErrorHandler; use WebGUI::FormProcessor; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::International; use WebGUI::Macro; @@ -222,7 +223,7 @@ sub www_viewProfile { $vars->{displayTitle} = '

'.WebGUI::International::get(347).' '.$u->username.'

'; return WebGUI::Privilege::notMember() if($u->username eq ""); return $vars->{displayTitle}.WebGUI::International::get(862) if($u->profileField("publicProfile") < 1); - return WebGUI::Privilege::insufficient() if(!WebGUI::Privilege::isInGroup(2)); + return WebGUI::Privilege::insufficient() if(!WebGUI::Grouping::isInGroup(2)); $a = WebGUI::SQL->read("select * from userProfileField,userProfileCategory where userProfileField.profileCategoryId=userProfileCategory.profileCategoryId and userProfileCategory.visible=1 and userProfileField.visible=1 order by userProfileCategory.sequenceNumber,userProfileField.sequenceNumber"); while (%data = $a->hash) { diff --git a/lib/WebGUI/Operation/ProfileSettings.pm b/lib/WebGUI/Operation/ProfileSettings.pm index 3c7a3f2ff..c8a72ca5a 100644 --- a/lib/WebGUI/Operation/ProfileSettings.pm +++ b/lib/WebGUI/Operation/ProfileSettings.pm @@ -14,6 +14,7 @@ use Exporter; use strict; use Tie::CPHash; use Tie::IxHash; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; @@ -68,7 +69,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_deleteProfileCategory { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output); return WebGUI::Privilege::vitalComponent() if ($session{form}{cid} < 1000); $output = '

'.WebGUI::International::get(42).'

'; @@ -82,7 +83,7 @@ sub www_deleteProfileCategory { #------------------------------------------------------------------- sub www_deleteProfileCategoryConfirm { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); return WebGUI::Privilege::vitalComponent() if ($session{form}{cid} < 1000); WebGUI::SQL->write("delete from userProfileCategory where profileCategoryId=$session{form}{cid}"); WebGUI::SQL->write("update userProfileField set profileCategoryId=1 where profileCategoryId=$session{form}{cid}"); @@ -91,7 +92,7 @@ sub www_deleteProfileCategoryConfirm { #------------------------------------------------------------------- sub www_deleteProfileField { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output,$protected); ($protected) = WebGUI::SQL->quickArray("select protected from userProfileField where fieldname=".quote($session{form}{fid})); return WebGUI::Privilege::vitalComponent() if ($protected); @@ -106,7 +107,7 @@ sub www_deleteProfileField { #------------------------------------------------------------------- sub www_deleteProfileFieldConfirm { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($protected); ($protected) = WebGUI::SQL->quickArray("select protected from userProfileField where fieldname=".quote($session{form}{fid})); return WebGUI::Privilege::vitalComponent() if ($protected); @@ -117,7 +118,7 @@ sub www_deleteProfileFieldConfirm { #------------------------------------------------------------------- sub www_editProfileCategory { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f, %data); tie %data, 'Tie::CPHash'; $output = '

'.WebGUI::International::get(468,"WebGUI/Profile").'

'; @@ -148,7 +149,7 @@ sub www_editProfileCategory { #------------------------------------------------------------------- sub www_editProfileCategorySave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($sequenceNumber, $test); $session{form}{categoryName} = 'Unamed' if ($session{form}{categoryName} eq "" || $session{form}{categoryName} eq "''"); $test = eval($session{form}{categoryName}); @@ -167,7 +168,7 @@ sub www_editProfileCategorySave { #------------------------------------------------------------------- sub www_editProfileField { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f, %data, %hash, $key); tie %data, 'Tie::CPHash'; $output = '

'.WebGUI::International::get(471,"WebGUI/Profile").'

'; @@ -222,7 +223,7 @@ sub www_editProfileField { #------------------------------------------------------------------- sub www_editProfileFieldSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($sequenceNumber, $fieldName, $test); $session{form}{fieldLabel} = 'Unamed' if ($session{form}{fieldLabel} eq "" || $session{form}{fieldLabel} eq "''"); $test = eval($session{form}{fieldLabel}); @@ -261,7 +262,7 @@ sub www_editProfileFieldSave { #------------------------------------------------------------------- sub www_editProfileSettings { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $a, %category, %field, $b); tie %category, 'Tie::CPHash'; tie %field, 'Tie::CPHash'; @@ -296,7 +297,7 @@ sub www_editProfileSettings { #------------------------------------------------------------------- sub www_moveProfileCategoryDown { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($id, $thisSeq); ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from userProfileCategory where profileCategoryId=$session{form}{cid}"); ($id) = WebGUI::SQL->quickArray("select profileCategoryId from userProfileCategory where sequenceNumber=$thisSeq+1"); @@ -310,7 +311,7 @@ sub www_moveProfileCategoryDown { #------------------------------------------------------------------- sub www_moveProfileCategoryUp { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($id, $thisSeq); ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from userProfileCategory where profileCategoryId=$session{form}{cid}"); ($id) = WebGUI::SQL->quickArray("select profileCategoryId from userProfileCategory where sequenceNumber=$thisSeq-1"); @@ -324,7 +325,7 @@ sub www_moveProfileCategoryUp { #------------------------------------------------------------------- sub www_moveProfileFieldDown { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($id, $thisSeq, $profileCategoryId); ($thisSeq,$profileCategoryId) = WebGUI::SQL->quickArray("select sequenceNumber,profileCategoryId from userProfileField where fieldName=".quote($session{form}{fid})); ($id) = WebGUI::SQL->quickArray("select fieldName from userProfileField where profileCategoryId=$profileCategoryId and sequenceNumber=$thisSeq+1"); @@ -338,7 +339,7 @@ sub www_moveProfileFieldDown { #------------------------------------------------------------------- sub www_moveProfileFieldUp { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($id, $thisSeq, $profileCategoryId); ($thisSeq,$profileCategoryId) = WebGUI::SQL->quickArray("select sequenceNumber,profileCategoryId from userProfileField where fieldName=".quote($session{form}{fid})); ($id) = WebGUI::SQL->quickArray("select fieldName from userProfileField where profileCategoryId=$profileCategoryId and sequenceNumber=$thisSeq-1"); diff --git a/lib/WebGUI/Operation/Replacements.pm b/lib/WebGUI/Operation/Replacements.pm index faee8ea31..31ae1fe93 100644 --- a/lib/WebGUI/Operation/Replacements.pm +++ b/lib/WebGUI/Operation/Replacements.pm @@ -12,10 +12,12 @@ package WebGUI::Operation::Replacements; use Exporter; use strict; +use WebGUI::Grouping; use WebGUI::Icon; use WebGUI::HTMLForm; use WebGUI::International; use WebGUI::Operation::Shared; +use WebGUI::Privilege; use WebGUI::Session; use WebGUI::SQL; @@ -35,14 +37,14 @@ sub _submenu { #------------------------------------------------------------------- sub www_deleteReplacement { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); WebGUI::SQL->write("delete from replacements where replacementId=$session{form}{replacementId}"); return www_listReplacements(); } #------------------------------------------------------------------- sub www_editReplacement { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my $data = WebGUI::SQL->getRow("replacements","replacementId",$session{form}{replacementId}); my $f = WebGUI::HTMLForm->new; $f->hidden( @@ -73,7 +75,7 @@ sub www_editReplacement { #------------------------------------------------------------------- sub www_editReplacementSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); WebGUI::SQL->setRow("replacements","replacementId",{ replacementId=>$session{form}{replacementId}, searchFor=>$session{form}{searchFor}, @@ -84,7 +86,7 @@ sub www_editReplacementSave { #------------------------------------------------------------------- sub www_listReplacements { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my $output = "

".WebGUI::International::get(1053)."

"; $output .= ''; my $sth = WebGUI::SQL->read("select replacementId,searchFor from replacements order by searchFor"); diff --git a/lib/WebGUI/Operation/Root.pm b/lib/WebGUI/Operation/Root.pm index e025b2346..7e77d2d07 100644 --- a/lib/WebGUI/Operation/Root.pm +++ b/lib/WebGUI/Operation/Root.pm @@ -13,6 +13,7 @@ package WebGUI::Operation::Root; use Exporter; use strict; use Tie::CPHash; +use WebGUI::Grouping; use WebGUI::Icon; use WebGUI::International; use WebGUI::Operation::Shared; @@ -35,7 +36,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_listRoots { - return WebGUI::Privilege::adminOnly() unless(WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless(WebGUI::Grouping::isInGroup(3)); my ($output, $p, $sth, %data, @row, $i); $output = helpIcon(28); $output .= '

'.WebGUI::International::get(408).'

'; diff --git a/lib/WebGUI/Operation/Settings.pm b/lib/WebGUI/Operation/Settings.pm index e0095bab6..fa77dbb7f 100644 --- a/lib/WebGUI/Operation/Settings.pm +++ b/lib/WebGUI/Operation/Settings.pm @@ -13,6 +13,7 @@ package WebGUI::Operation::Settings; use Exporter; use strict qw(vars subs); use WebGUI::DateTime; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; @@ -37,7 +38,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_editCompanyInformation { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f); $output .= helpIcon(6); $output .= '

'.WebGUI::International::get(124).'

'; @@ -53,7 +54,7 @@ sub www_editCompanyInformation { #------------------------------------------------------------------- sub www_editContentSettings { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, %htmlFilter, $f, $pages); $pages = WebGUI::SQL->buildHashRef("select pageId,menuTitle from page order by menuTitle"); %htmlFilter = ('none'=>WebGUI::International::get(420), 'most'=>WebGUI::International::get(421), @@ -89,7 +90,7 @@ sub www_editContentSettings { #------------------------------------------------------------------- sub www_editMessagingSettings { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f); $output .= helpIcon(13); $output .= '

'.WebGUI::International::get(133).'

'; @@ -106,7 +107,7 @@ sub www_editMessagingSettings { #------------------------------------------------------------------- sub www_editMiscSettings { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f); $output .= helpIcon(24); $output .= '

'.WebGUI::International::get(140).'

'; @@ -145,7 +146,7 @@ sub www_editMiscSettings { #------------------------------------------------------------------- sub www_editUserSettings { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f, $cmd, $html); $output .= helpIcon(2); $output .= '

'.WebGUI::International::get(117).'

'; @@ -189,7 +190,7 @@ sub www_editUserSettings { #------------------------------------------------------------------- sub www_manageSettings { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output); $output .= helpIcon(12); $output .= '

'.WebGUI::International::get(143).'

'; @@ -207,7 +208,7 @@ sub www_manageSettings { #------------------------------------------------------------------- sub www_saveSettings { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($key, $value); foreach $key (keys %{$session{form}}) { $value = $session{form}{$key}; diff --git a/lib/WebGUI/Operation/Shared.pm b/lib/WebGUI/Operation/Shared.pm index f541a48c0..77b39988b 100644 --- a/lib/WebGUI/Operation/Shared.pm +++ b/lib/WebGUI/Operation/Shared.pm @@ -13,6 +13,7 @@ package WebGUI::Operation::Shared; use Exporter; use strict; +use WebGUI::Grouping; use WebGUI::International; use WebGUI::Session; use WebGUI::SQL; @@ -23,7 +24,7 @@ our @EXPORT = qw(&menuWrapper); #------------------------------------------------------------------- sub accountOptions { my @array; - if (WebGUI::Privilege::isInGroup(12)) { + if (WebGUI::Grouping::isInGroup(12)) { my %hash; if ($session{var}{adminOn}) { $hash{'options.display'} .= ''.WebGUI::International::get(12).''; @@ -55,7 +56,7 @@ our @EXPORT = qw(&menuWrapper); my %logout; $logout{'options.display'} = ''.WebGUI::International::get(64).''; push(@array,\%logout); - if ($session{setting}{selfDeactivation} && !WebGUI::Privilege::isInGroup(3)){ + if ($session{setting}{selfDeactivation} && !WebGUI::Grouping::isInGroup(3)){ my %hash; $hash{'options.display'} = ''.WebGUI::International::get(65).''; push(@array,\%hash); diff --git a/lib/WebGUI/Operation/Statistics.pm b/lib/WebGUI/Operation/Statistics.pm index 049a77898..6f2e09dd9 100644 --- a/lib/WebGUI/Operation/Statistics.pm +++ b/lib/WebGUI/Operation/Statistics.pm @@ -14,6 +14,7 @@ use Exporter; use strict; use WebGUI::Cache; use WebGUI::DateTime; +use WebGUI::Grouping; use WebGUI::Icon; use WebGUI::International; use WebGUI::Operation::Shared; @@ -40,14 +41,14 @@ sub _submenu { #------------------------------------------------------------------- sub www_killSession { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); WebGUI::Session::end($session{form}{sid}); return www_viewActiveSessions(); } #------------------------------------------------------------------- sub www_viewActiveSessions { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $p, @row, $i, $sth, %data); tie %data, 'Tie::CPHash'; $output = '

'.WebGUI::International::get(425).'

'; @@ -81,7 +82,7 @@ sub www_viewActiveSessions { #------------------------------------------------------------------- sub www_viewLoginHistory { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $p, @row, $i, $sth, %data); tie %data, 'Tie::CPHash'; $output = '

'.WebGUI::International::get(426).'

'; @@ -112,7 +113,7 @@ sub www_viewLoginHistory { #------------------------------------------------------------------- sub www_viewPageReport { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $count, $user, $data, $sth, %page, $pageId); tie %page, "Tie::IxHash"; $output = '

Page Statistics

'; @@ -155,7 +156,7 @@ sub www_viewPageReport { #------------------------------------------------------------------- sub www_viewStatistics { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $data); my $url = "http://www.plainblack.com/downloads/latest-version.txt"; my $cache = WebGUI::Cache->new($url,"URL"); @@ -200,7 +201,7 @@ sub www_viewStatistics { #------------------------------------------------------------------- sub www_viewTrafficReport { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $data); $output = '

Pages

'; ($data) = WebGUI::SQL->quickArray("select count(*) from pageStatistics where dateStamp>=".(time()-2592000)); diff --git a/lib/WebGUI/Operation/Style.pm b/lib/WebGUI/Operation/Style.pm index fad47a752..9f6392aa4 100644 --- a/lib/WebGUI/Operation/Style.pm +++ b/lib/WebGUI/Operation/Style.pm @@ -12,7 +12,9 @@ package WebGUI::Operation::Style; use Exporter; use strict; +use WebGUI::Grouping; use WebGUI::Paginator; +use WebGUI::Privilege; use WebGUI::Session; use WebGUI::URL; @@ -42,7 +44,7 @@ sub www_unsetPersonalStyle { #------------------------------------------------------------------- sub www_listRoots { - return WebGUI::Privilege::adminOnly() unless(WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless(WebGUI::Grouping::isInGroup(3)); my ($output, $p, $sth, %data, @row, $i); $output = helpIcon(28); $output .= '

'.WebGUI::International::get(408).'

'; diff --git a/lib/WebGUI/Operation/Template.pm b/lib/WebGUI/Operation/Template.pm index 41111b14d..4bb559fa2 100644 --- a/lib/WebGUI/Operation/Template.pm +++ b/lib/WebGUI/Operation/Template.pm @@ -13,6 +13,7 @@ package WebGUI::Operation::Template; use Exporter; use strict; use Tie::CPHash; +use WebGUI::Grouping; use WebGUI::HTML; use WebGUI::HTMLForm; use WebGUI::Icon; @@ -53,7 +54,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_copyTemplate { my (%template); - if (WebGUI::Privilege::isInGroup(8)) { + if (WebGUI::Grouping::isInGroup(8)) { %template = WebGUI::SQL->quickHash("select * from template where templateId=$session{form}{tid} and namespace=".quote($session{form}{namespace})); WebGUI::SQL->write("insert into template (templateId,name,template,namespace) values ("._getNextTemplateId($session{form}{namespace}).", @@ -70,7 +71,7 @@ sub www_deleteTemplate { my ($output); if ($session{form}{tid} < 1000 && $session{form}{tid} > 0) { return WebGUI::Privilege::vitalComponent(); - } elsif (WebGUI::Privilege::isInGroup(8)) { + } elsif (WebGUI::Grouping::isInGroup(8)) { $output .= helpIcon(35); $output .= '

'.WebGUI::International::get(42).'

'; $output .= WebGUI::International::get(502).'

'; @@ -91,7 +92,7 @@ sub www_deleteTemplateConfirm { my ($a, $pageId); if ($session{form}{tid} < 1000 && $session{form}{tid} > 1000) { return WebGUI::Privilege::vitalComponent(); - } elsif (WebGUI::Privilege::isInGroup(8)) { + } elsif (WebGUI::Grouping::isInGroup(8)) { if ($session{form}{namespace} eq "Page") { $a = WebGUI::SQL->read("select * from page where templateId=".$session{form}{tid}); while (($pageId) = $a->array) { @@ -112,7 +113,7 @@ sub www_deleteTemplateConfirm { sub www_editTemplate { my ($output, $namespaces, %template, $f); tie %template, 'Tie::CPHash'; - if (WebGUI::Privilege::isInGroup(8)) { + if (WebGUI::Grouping::isInGroup(8)) { if ($session{form}{tid} eq "new" || $session{form}{tid} eq "") { if ($session{form}{namespace} eq "Page") { $template{template} = "

\n \n
\n\n\n\n". @@ -155,7 +156,7 @@ sub www_editTemplate { #------------------------------------------------------------------- sub www_editTemplateSave { - if (WebGUI::Privilege::isInGroup(8)) { + if (WebGUI::Grouping::isInGroup(8)) { if ($session{form}{tid} eq "new") { $session{form}{tid} = _getNextTemplateId($session{form}{namespace}); WebGUI::SQL->write("insert into template (templateId,namespace) values @@ -180,7 +181,7 @@ sub www_editTemplateSave { #------------------------------------------------------------------- sub www_listTemplates { my ($output, $sth, @data, @row, $i, $p, $where); - if (WebGUI::Privilege::isInGroup(8)) { + if (WebGUI::Grouping::isInGroup(8)) { $where = "and namespace=".quote($session{form}{namespace}) if ($session{form}{namespace}); $output = helpIcon(33); $output .= '

'.WebGUI::International::get(506).'

'; diff --git a/lib/WebGUI/Operation/Theme.pm b/lib/WebGUI/Operation/Theme.pm index f883104db..0e1a30528 100644 --- a/lib/WebGUI/Operation/Theme.pm +++ b/lib/WebGUI/Operation/Theme.pm @@ -16,6 +16,7 @@ use Tie::IxHash; use Tie::CPHash; use WebGUI::Attachment; use WebGUI::Collateral; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; @@ -62,7 +63,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_addThemeComponent { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); my (@q, $output, $defaultList, $component, $f); my $types = _getComponentTypes(); push(@q,{query=>"select collateralType,collateralId,name from collateral where collateralType='file' order by name",type=>"file"}); @@ -103,7 +104,7 @@ sub www_addThemeComponent { #------------------------------------------------------------------- sub www_addThemeComponentSave { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); my @ids = WebGUI::FormProcessor::selectList("id"); foreach my $id (@ids) { $id =~ /^(.*?)\_(.*)/; @@ -118,7 +119,7 @@ sub www_addThemeComponentSave { #------------------------------------------------------------------- sub www_deleteTheme { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0); my $output = helpIcon(64); $output .= '

'.WebGUI::International::get(42).'

'; @@ -133,7 +134,7 @@ sub www_deleteTheme { #------------------------------------------------------------------- sub www_deleteThemeConfirm { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0); my $theme = WebGUI::SQL->quickHashRef("select * from theme where themeId=".$session{form}{themeId}); unless ($theme->{original}) { @@ -158,7 +159,7 @@ sub www_deleteThemeConfirm { #------------------------------------------------------------------- sub www_deleteThemeComponent { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0); my $output = helpIcon(4); $output .= '

'.WebGUI::International::get(42).'

'; @@ -173,7 +174,7 @@ sub www_deleteThemeComponent { #------------------------------------------------------------------- sub www_deleteThemeComponentConfirm { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0); WebGUI::SQL->write("delete from themeComponent where themeComponentId=".$session{form}{themeComponentId}); return www_editTheme(); @@ -181,7 +182,7 @@ sub www_deleteThemeComponentConfirm { #------------------------------------------------------------------- sub www_editTheme { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); my ($output, $theme, $f); unless($session{form}{themeId} eq "new") { $theme = WebGUI::SQL->quickHashRef("select * from theme where themeId=$session{form}{themeId}"); @@ -242,7 +243,7 @@ sub www_editTheme { #------------------------------------------------------------------- sub www_editThemeSave { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); if ($session{form}{themeId} eq "new") { $session{form}{themeId} = getNextId("themeId"); WebGUI::SQL->write("insert into theme (themeId,webguiVersion,original,versionNumber) @@ -260,7 +261,7 @@ sub www_editThemeSave { #------------------------------------------------------------------- sub www_exportTheme { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); my $tempId = "theme".$session{form}{themeId}; my $propertyFile = WebGUI::Attachment->new("_theme.properties","temp",$tempId); WebGUI::SQL->write("update theme set versionNumber=versionNumber+1, webguiVersion=".quote($WebGUI::VERSION) @@ -307,7 +308,7 @@ sub www_exportTheme { #------------------------------------------------------------------- sub www_importTheme { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); my $output = helpIcon(63); $output .= '

'.WebGUI::International::get(927).'

'; my $f = WebGUI::HTMLForm->new; @@ -326,7 +327,7 @@ sub www_importTheme { #------------------------------------------------------------------- sub www_importThemeValidate { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); my $output = helpIcon(63); $output .= '

'.WebGUI::International::get(927).'

'; my $a = WebGUI::Attachment->new("","temp"); @@ -381,7 +382,7 @@ sub www_importThemeValidate { #------------------------------------------------------------------- sub www_importThemeSave { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); my $propertiesFile = WebGUI::Attachment->new("_theme.properties","temp",$session{form}{extractionPoint}); my $theme = $propertiesFile->getHashref; my $themeId = getNextId("themeId"); @@ -421,7 +422,7 @@ sub www_importThemeSave { #------------------------------------------------------------------- sub www_listThemes { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); my (@data, @row, $i, $p); my $output = helpIcon(61); $output .= '

'.WebGUI::International::get(899).'

'; @@ -449,7 +450,7 @@ sub www_listThemes { #------------------------------------------------------------------- sub www_viewTheme { - return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); + return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9)); my ($output, $theme, $f); $theme = WebGUI::SQL->quickHashRef("select * from theme where themeId=$session{form}{themeId}"); $output .= '

'.WebGUI::International::get(930).'

'; diff --git a/lib/WebGUI/Operation/Trash.pm b/lib/WebGUI/Operation/Trash.pm index cf8952666..6f62edd56 100644 --- a/lib/WebGUI/Operation/Trash.pm +++ b/lib/WebGUI/Operation/Trash.pm @@ -14,6 +14,7 @@ use Exporter; use strict qw(vars subs); use Tie::CPHash; use WebGUI::DateTime; +use WebGUI::Grouping; use WebGUI::Icon; use WebGUI::Operation::Shared; use WebGUI::Paginator; @@ -121,7 +122,7 @@ sub _submenu { if ($session{form}{systemTrash} ne "1") { $menu{WebGUI::URL::page('op=emptyTrash')} = WebGUI::International::get(11); } - if ( ($session{setting}{sharedTrash} ne "1") && (WebGUI::Privilege::isInGroup(3)) ) { + if ( ($session{setting}{sharedTrash} ne "1") && (WebGUI::Grouping::isInGroup(3)) ) { $menu{WebGUI::URL::page('op=manageTrash&systemTrash=1')} = WebGUI::International::get(964); if ($session{form}{systemTrash} eq "1") { $menu{WebGUI::URL::page('op=emptyTrash&systemTrash=1')} = WebGUI::International::get(967); @@ -133,9 +134,9 @@ sub _submenu { #------------------------------------------------------------------- sub www_cutTrashItem { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); if ($session{form}{wid} ne "") { - if ( ($session{setting}{sharedTrash} ne "1") && (!(WebGUI::Privilege::isInGroup(3)) ) ) { + if ( ($session{setting}{sharedTrash} ne "1") && (!(WebGUI::Grouping::isInGroup(3)) ) ) { my ($bufferUserId) = WebGUI::SQL->quickArray("select bufferUserId from wobject " ."where wobjectId=" .$session{form}{wid}); return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId}); @@ -149,7 +150,7 @@ sub www_cutTrashItem { } elsif ($session{form}{pageId} ne "") { my $page = WebGUI::Page->getPage($session{form}{pageId}); - if ( ($session{setting}{sharedTrash} ne "1") && (!(WebGUI::Privilege::isInGroup(3)) ) ) { + if ( ($session{setting}{sharedTrash} ne "1") && (!(WebGUI::Grouping::isInGroup(3)) ) ) { my ($bufferUserId) = $page->get("bufferUserId"); return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId}); } @@ -165,7 +166,7 @@ sub www_cutTrashItem { #------------------------------------------------------------------- sub www_deleteTrashItem { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); my ($output); if ($session{form}{wid} ne "") { $output .= helpIcon(14); @@ -188,9 +189,9 @@ sub www_deleteTrashItem { #------------------------------------------------------------------- sub www_deleteTrashItemConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); if ($session{form}{wid} ne "") { - if ( ($session{setting}{sharedTrash} eq "1") || (WebGUI::Privilege::isInGroup(3)) ) { + if ( ($session{setting}{sharedTrash} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) { _purgeWobject($session{form}{wid}); } else { my ($bufferUserId) = WebGUI::SQL->quickArray("select bufferUserId from wobject " @@ -202,7 +203,7 @@ sub www_deleteTrashItemConfirm { } elsif ($session{form}{pageId} ne "") { my $page = WebGUI::Page->getPage($session{form}{pageId}); - unless ( ($session{setting}{sharedTrash} eq "1") || (WebGUI::Privilege::isInGroup(3)) ) { + unless ( ($session{setting}{sharedTrash} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) { my ($bufferUserId) = $page->get("bufferUserId"); return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId}); } @@ -221,7 +222,7 @@ sub www_deleteTrashItemConfirm { #------------------------------------------------------------------- sub www_emptyTrash { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); my ($output); $output = helpIcon(46); $output .= '

'.WebGUI::International::get(42).'

'; @@ -241,12 +242,12 @@ sub www_emptyTrash { #------------------------------------------------------------------- sub www_emptyTrashConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); my ($allUsers, $page, $currentPage, $currentWobjectPage); if ($session{setting}{sharedTrash} eq "1") { $allUsers = 1; } elsif ($session{form}{systemTrash} eq "1") { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); $allUsers = 1; } else { $allUsers = 0; @@ -271,7 +272,7 @@ sub www_emptyTrashConfirm { #------------------------------------------------------------------- sub www_manageTrash { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4)); my ($sth, @data, @row, @sorted_row, $i, $p, $allUsers); my $output = helpIcon(66); @@ -281,7 +282,7 @@ sub www_manageTrash { $allUsers = 1; $output .= '

'. WebGUI::International::get(962) .'

'; } elsif ($session{form}{systemTrash} eq "1") { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); $allUsers = 1; $output .= '

'. WebGUI::International::get(965) .'

'; } else { diff --git a/lib/WebGUI/Operation/User.pm b/lib/WebGUI/Operation/User.pm index 1446a570b..592f140b5 100644 --- a/lib/WebGUI/Operation/User.pm +++ b/lib/WebGUI/Operation/User.pm @@ -38,7 +38,7 @@ our @EXPORT = qw(&www_editUserKarma &www_editUserKarmaSave &www_editUserGroup &w sub _submenu { my ($output, %menu); tie %menu, 'Tie::IxHash'; - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { $menu{WebGUI::URL::page("op=addUser")} = WebGUI::International::get(169); unless ($session{form}{op} eq "listUsers" || $session{form}{op} eq "addUser" @@ -63,7 +63,7 @@ sub _submenu { #------------------------------------------------------------------- sub www_addUser { my ($output, $f, $cmd, $html, %status); - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3) || WebGUI::Privilege::isInGroup(11)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3) || WebGUI::Grouping::isInGroup(11)); $output .= helpIcon(5); $output .= '

'.WebGUI::International::get(163).'

'; $output .= WebGUI::Form::_javascriptFile("swapLayers.js"); @@ -79,7 +79,7 @@ sub www_addUser { $f->text("username",WebGUI::International::get(50),$session{form}{username}); $f->email("email",WebGUI::International::get(56)); - if(WebGUI::Privilege::isInGroup(3)){ + if(WebGUI::Grouping::isInGroup(3)){ tie %status, 'Tie::IxHash'; %status = ( Active =>WebGUI::International::get(817), @@ -123,7 +123,7 @@ sub www_addUser { #------------------------------------------------------------------- sub www_addUserSave { my (@groups, $uid, $u); - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3) || WebGUI::Privilege::isInGroup(11)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3) || WebGUI::Grouping::isInGroup(11)); ($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username})); return www_addUser if ($uid); @@ -139,13 +139,13 @@ sub www_addUserSave { @groups = $session{cgi}->param('groups'); $u->addToGroups(\@groups); $u->profileField("email",$session{form}{email}); - return _submenu(WebGUI::International::get(978)) if(!WebGUI::Privilege::isInGroup(3)); + return _submenu(WebGUI::International::get(978)) if(!WebGUI::Grouping::isInGroup(3)); return www_editUser(); } #------------------------------------------------------------------- sub www_addUserToGroupSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my (@groups, $u); @groups = $session{cgi}->param('groups'); $u = WebGUI::User->new($session{form}{uid}); @@ -155,7 +155,7 @@ sub www_addUserToGroupSave { #------------------------------------------------------------------- sub www_becomeUser { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); WebGUI::Session::end($session{var}{sessionId}); WebGUI::Session::start($session{form}{uid}); return ""; @@ -163,7 +163,7 @@ sub www_becomeUser { #------------------------------------------------------------------- sub www_deleteGrouping { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); if (($session{user}{userId} == $session{form}{uid} || $session{form}{uid} == 3) && $session{form}{gid} == 3) { return WebGUI::Privilege::vitalComponent(); } @@ -178,7 +178,7 @@ sub www_deleteGrouping { #------------------------------------------------------------------- sub www_deleteUser { my ($output); - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); if ($session{form}{uid} < 26) { return WebGUI::Privilege::vitalComponent(); } else { @@ -195,7 +195,7 @@ sub www_deleteUser { #------------------------------------------------------------------- sub www_deleteUserConfirm { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($u); if ($session{form}{uid} < 26) { return WebGUI::Privilege::vitalComponent(); @@ -208,7 +208,7 @@ sub www_deleteUserConfirm { #------------------------------------------------------------------- sub www_editGrouping { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my $output .= '

'.WebGUI::International::get(370).'

'; my $f = WebGUI::HTMLForm->new; $f->hidden("op","editGroupingSave"); @@ -231,7 +231,7 @@ sub www_editGrouping { #------------------------------------------------------------------- sub www_editGroupingSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); WebGUI::Grouping::userGroupExpireDate($session{form}{uid},$session{form}{gid},setToEpoch($session{form}{expireDate})); WebGUI::Grouping::userGroupAdmin($session{form}{uid},$session{form}{gid},$session{form}{groupAdmin}); return www_editUserGroup(); @@ -239,7 +239,7 @@ sub www_editGroupingSave { #------------------------------------------------------------------- sub www_editUser { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f, $u, $cmd, $html, %status); $u = WebGUI::User->new($session{form}{uid}); $output .= WebGUI::Form::_javascriptFile("swapLayers.js"); @@ -293,7 +293,7 @@ sub www_editUser { #------------------------------------------------------------------- sub www_editUserSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($error, $uid, $u); ($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username})); @@ -314,7 +314,7 @@ sub www_editUserSave { #------------------------------------------------------------------- sub www_editUserGroup { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f, $groups, $sth, %hash); tie %hash, 'Tie::CPHash'; $output .= '

'.WebGUI::International::get(372).'

'; @@ -355,7 +355,7 @@ sub www_editUserGroup { #------------------------------------------------------------------- sub www_editUserKarma { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f, $a, %user, %data, $method, $values, $category, $label, $default, $previousCategory); $output = helpIcon(36); $output .= '

'.WebGUI::International::get(558).'

'; @@ -371,7 +371,7 @@ sub www_editUserKarma { #------------------------------------------------------------------- sub www_editUserKarmaSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($u); $u = WebGUI::User->new($session{form}{uid}); $u->karma($session{form}{amount},$session{user}{username}." (".$session{user}{userId}.")",$session{form}{description}); @@ -380,7 +380,7 @@ sub www_editUserKarmaSave { #------------------------------------------------------------------- sub www_editUserProfile { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($output, $f, $a, %user, %data, $method, $values, $category, $label, $default, $previousCategory); tie %data, 'Tie::CPHash'; $output = helpIcon(32); @@ -448,7 +448,7 @@ sub www_editUserProfile { #------------------------------------------------------------------- sub www_editUserProfileSave { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); my ($a, %field, $u); tie %field, 'Tie::CPHash'; $u = WebGUI::User->new($session{form}{uid}); @@ -465,7 +465,7 @@ sub www_editUserProfileSave { #------------------------------------------------------------------- sub www_listUsers { - return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); + return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3)); WebGUI::Session::setScratch("userSearchKeyword",$session{form}{keyword}); WebGUI::Session::setScratch("userSearchStatus",$session{form}{status}); my ($output, $data, $f, $rows, $p, $search, %status, $selectedStatus); diff --git a/lib/WebGUI/Page.pm b/lib/WebGUI/Page.pm index 4c1a1bcbb..357d20093 100644 --- a/lib/WebGUI/Page.pm +++ b/lib/WebGUI/Page.pm @@ -19,6 +19,7 @@ use HTML::Template; use strict; use Tie::IxHash; use WebGUI::ErrorHandler; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::Persistent::Tree; @@ -47,6 +48,8 @@ The methods that do affect this hiearchy should be called in a object oriented c Non OO functions use WebGUI::Page; + $boolean = WebGUI::Page::canEdit(); + $boolean = WebGUI::Page::canView(); $integer = WebGUI::Page::countTemplatePositions($templateId); $html = WebGUI::Page::drawTemplate($templateId); $html = WebGUI::Page::generate(); @@ -162,6 +165,74 @@ sub add { return $page; } +#------------------------------------------------------------------- + +=head2 canEdit ( [ pageId ] ) + +Returns a boolean (0|1) value signifying that the user has the required privileges. + +=over + +=item pageId + +The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id. + +=back + +=cut + +sub canEdit { + my $pageId = shift || $session{page}{pageId}; + my (%page); + tie %page, 'Tie::CPHash'; + if ($pageId ne $session{page}{pageId}) { + %page = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from page where pageId=$pageId"); + } else { + %page = %{$session{page}}; + } + if ($session{user}{userId} == $page{ownerId}) { + return 1; + } else { + return WebGUI::Grouping::isInGroup($page{groupIdEdit}); + } +} + + +#------------------------------------------------------------------- + +=head2 canView ( [ pageId ] ) + +Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns users that have the rights to edit this page. + +=over + +=item pageId + +The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id. + +=back + +=cut + +sub canView { + my $pageId = shift || $session{page}{pageId}; + my %page; + tie %page, 'Tie::CPHash'; + if ($pageId eq $session{page}{pageId}) { + %page = %{$session{page}}; + } else { + %page = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from page where pageId=$pageId"); + } + if ($session{user}{userId} == $page{ownerId}) { + return 1; + } elsif ($page{startDate} < WebGUI::DateTime::time() && $page{endDate} > WebGUI::DateTime::time() && WebGUI::Grouping::isInGroup($page{groupIdView})) { + return 1; + } else { + return canEditPage($pageId); + } +} + + #------------------------------------------------------------------- =head2 countTemplatePositions ( templateId ) @@ -314,9 +385,9 @@ Generates the content of the page. =cut sub generate { - return WebGUI::Privilege::noAccess() unless (WebGUI::Privilege::canViewPage()); + return WebGUI::Privilege::noAccess() unless (canView()); my %var; - $var{'page.canEdit'} = WebGUI::Privilege::canEditPage(); + $var{'page.canEdit'} = canEdit(); $var{'page.controls'} = pageIcon() .deleteIcon('op=deletePage') .editIcon('op=editPage') @@ -369,8 +440,8 @@ sub generate { my $w = eval{$cmd->new($wobject)}; WebGUI::ErrorHandler::fatalError("Couldn't instanciate wobject: ${$wobject}{namespace}. Root cause: ".$@) if($@); push(@{$var{'position'.$wobject->{templatePosition}.'_loop'}},{ - 'wobject.canView'=>WebGUI::Privilege::canViewWobject($wobject->{wobjectId}), - 'wobject.canEdit'=>WebGUI::Privilege::canEditWobject($wobject->{wobjectId}), + 'wobject.canView'=>$w->canView, + 'wobject.canEdit'=>$w->canEdit, 'wobject.controls'=>$wobjectToolbar, 'wobject.controls.drag'=>dragIcon(), 'wobject.namespace'=>$wobject->{namespace}, diff --git a/lib/WebGUI/Privilege.pm b/lib/WebGUI/Privilege.pm index fea524d50..3b2c067ca 100644 --- a/lib/WebGUI/Privilege.pm +++ b/lib/WebGUI/Privilege.pm @@ -15,16 +15,8 @@ package WebGUI::Privilege; =cut use strict; -use Tie::CPHash; -use WebGUI::DatabaseLink; -use WebGUI::DateTime; -use WebGUI::Group; -use WebGUI::Grouping; use WebGUI::International; -use WebGUI::Macro; use WebGUI::Session; -use WebGUI::SQL; -use WebGUI::URL; =head1 NAME @@ -38,10 +30,7 @@ This package provides access to the WebGUI security system and security messages use WebGUI::Privilege; $html = WebGUI::Privilege::adminOnly(); - $boolean = WebGUI::Privilege::canEditPage(); - $boolean = WebGUI::Privilege::canViewPage(); $html = WebGUI::Privilege::insufficient(); - $boolean = WebGUI::Privilege::isInGroup($groupId); $html = WebGUI::Privilege::noAccess(); $html = WebGUI::Privilege::notMember(); $html = WebGUI::Privilege::vitalComponent(); @@ -76,142 +65,6 @@ sub adminOnly { return $output; } -#------------------------------------------------------------------- - -=head2 canEditPage ( [ pageId ] ) - -Returns a boolean (0|1) value signifying that the user has the required privileges. - -=over - -=item pageId - -The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id. - -=back - -=cut - -sub canEditPage { - my (%page); - tie %page, 'Tie::CPHash'; - if ($_[0] ne "") { - %page = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from page where pageId=$_[0]"); - } else { - %page = %{$session{page}}; - } - if ($session{user}{userId} == $page{ownerId}) { - return 1; - } elsif (isInGroup($page{groupIdEdit})) { - return 1; - } else { - return 0; - } -} - -#------------------------------------------------------------------- - -=head2 canEditWobject ( wobjectId ) - -Returns a boolean (0|1) value signifying that the user has the required privileges. - -=over - -=item wobjectId - -The unique identifier for the wobject that you wish to check the privileges on. - -=back - -=cut - -sub canEditWobject { - my (%wobject); - tie %wobject, 'Tie::CPHash'; - return canEditPage() if ($session{page}{wobjectPrivileges} != 1 || $_[0] eq "new"); - %wobject = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from wobject where wobjectId=".quote($_[0])); - if ($session{user}{userId} == $wobject{ownerId}) { - return 1; - } elsif (isInGroup($wobject{groupIdEdit})) { - return 1; - } else { - return 0; - } -} - -#------------------------------------------------------------------- - -=head2 canViewPage ( [ pageId ] ) - -Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins and users that have the rights to edit this page. - -=over - -=item pageId - -The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id. - -=back - -=cut - -sub canViewPage { - my (%page, $inDateRange); - tie %page, 'Tie::CPHash'; - if ($_[0] eq "") { - %page = %{$session{page}}; - } else { - %page = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from page where pageId=$_[0]"); - } - if ($page{startDate} < time() && $page{endDate} > time()) { - $inDateRange = 1; - } - if ($session{user}{userId} == $page{ownerId}) { - return 1; - } elsif (isInGroup($page{groupIdView}) && $inDateRange) { - return 1; - } elsif (canEditPage($_[0])) { - return 1; - } else { - return 0; - } -} - -#------------------------------------------------------------------- - -=head2 canViewWobject ( wobjectId ) - -Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins and users that have the rights to edit this wobject. - -=over - -=item wobjectId - -The unique identifier for the wobject that you wish to check the privileges on. - -=back - -=cut - -sub canViewWobject { - my (%wobject); - tie %wobject, 'Tie::CPHash'; - return canViewPage() unless ($session{page}{wobjectPrivileges} == 1); - %wobject = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from wobject where wobjectId=".quote($_[0])); - if ($wobject{startDate} < time() && $wobject{endDate} > time()) { - if ($session{user}{userId} == $wobject{ownerId}) { - return 1; - } elsif (isInGroup($wobject{groupIdView})) { - return 1; - } elsif (canEditWobject($_[0])) { - return 1; - } else { - return 0; - } - }else{ - return 0; - } -} #------------------------------------------------------------------- @@ -238,163 +91,6 @@ sub insufficient { return $output; } -#------------------------------------------------------------------- - -=head2 isInGroup ( [ groupId [ , userId ] ] ) - -Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins. - -=over - -=item groupId - -The group that you wish to verify against the user. Defaults to group with Id 3 (the Admin group). - -=item userId - -The user that you wish to verify against the group. Defaults to the currently logged in user. - -=back - -=cut - -sub isInGroup { - my ($gid, $uid, @data, %group, $groupId); - ($gid, $uid) = @_; - $uid = $session{user}{userId} if ($uid eq ""); - - unless (defined $gid) { - $gid = 3; - } - - ### The following several checks are to increase performance. If this section were removed, everything would continue to work as normal. - if ($gid == 7) { - return 1; - } - if ($gid == 1) { - if ($uid == 1) { - return 1; - } else { - return 0; - } - } - if ($gid==2 && $uid != 1) { - return 1; - } - - - - ### Use session to cache multiple lookups of the same group. - if ($session{isInGroup}{$gid}{$uid} == 1) { - return 1; - } elsif ($session{isInGroup}{$gid}{$uid} eq "0") { - return 0; - } - ### Lookup the actual groupings. - my $groups = WebGUI::Grouping::getGroupsForUser($uid,1); - foreach (@{$groups}) { - $session{isInGroup}{$_}{$uid} = 1; - } - if ($session{isInGroup}{$gid}{$uid} == 1) { - return 1; - } - - ### Get data for auxillary checks. - tie %group, 'Tie::CPHash'; - %group = WebGUI::SQL->quickHash("select karmaThreshold,ipFilter,scratchFilter,databaseLinkId,dbQuery,dbCacheTimeout from groups where groupId='$gid'"); - ### Check IP Address - if ($group{ipFilter} ne "") { - $group{ipFilter} =~ s/\t//g; - $group{ipFilter} =~ s/\r//g; - $group{ipFilter} =~ s/\n//g; - $group{ipFilter} =~ s/\s//g; - $group{ipFilter} =~ s/\./\\\./g; - my @ips = split(";",$group{ipFilter}); - foreach my $ip (@ips) { - if ($session{env}{REMOTE_ADDR} =~ /^$ip/) { - $session{isInGroup}{$gid}{$uid} = 1; - return 1; - } - } - } - - ### Check Scratch Variables - if ($group{scratchFilter} ne "") { - $group{scratchFilter} =~ s/\t//g; - $group{scratchFilter} =~ s/\r//g; - $group{scratchFilter} =~ s/\n//g; - $group{scratchFilter} =~ s/\s//g; - my @vars = split(";",$group{scratchFilter}); - foreach my $var (@vars) { - my ($name, $value) = split(/\=/,$var); - if ($session{scratch}{$name} eq $value) { - $session{isInGroup}{$gid}{$uid} = 1; - return 1; - } - } - } - - ### Check karma levels. - if ($session{setting}{useKarma}) { - my $karma; - if ($uid == $session{user}{userId}) { - $karma = $session{user}{karma}; - } else { - ($karma) = WebGUI::SQL->quickHash("select karma from users where userId='$uid'"); - } - if ($karma >= $group{karmaThreshold}) { - $session{isInGroup}{$gid}{$uid} = 1; - return 1; - } - } - - ### Check external database - if ($group{dbQuery} ne "" && $group{databaseLinkId}) { - # skip if not logged in and query contains a User macro - unless ($group{dbQuery} =~ /\^User/i && $uid == 1) { - my $dbLink = WebGUI::DatabaseLink->new($group{databaseLinkId}); - my $dbh = $dbLink->dbh; - if (defined $dbh) { - if ($group{dbQuery} =~ /select 1/i) { - $group{dbQuery} = WebGUI::Macro::process($group{dbQuery}); - my $sth = WebGUI::SQL->unconditionalRead($group{dbQuery},$dbh); - unless ($sth->errorCode < 1) { - WebGUI::ErrorHandler::warn("There was a problem with the database query for group ID $gid."); - } else { - my ($result) = $sth->array; - if ($result == 1) { - $session{isInGroup}{$gid}{$uid} = 1; - if ($group{dbCacheTimeout} > 0) { - WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]); - WebGUI::Grouping::addUsersToGroups([$uid],[$gid],$group{dbCacheTimeout}); - } - } else { - $session{isInGroup}{$gid}{$uid} = 0; - WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]) if ($group{dbCacheTimeout} > 0); - } - } - $sth->finish; - } else { - WebGUI::ErrorHandler::warn("Database query for group ID $gid must use 'select 1'"); - } - $dbLink->disconnect; - return 1 if ($session{isInGroup}{$gid}{$uid}); - } - } - } - - ### Check for groups of groups. - $groups = WebGUI::Grouping::getGroupsInGroup($gid,1); - foreach (@{$groups}) { - $session{isInGroup}{$_}{$uid} = isInGroup($_, $uid); - if ($session{isInGroup}{$_}{$uid}) { - $session{isInGroup}{$gid}{$uid} = 1; # cache current group also so we don't have to do the group in group check again - return 1; - } - } - $session{isInGroup}{$gid}{$uid} = 0; - return 0; -} #------------------------------------------------------------------- diff --git a/lib/WebGUI/Wobject.pm b/lib/WebGUI/Wobject.pm index f3a2bdcd2..a5f2e8a69 100644 --- a/lib/WebGUI/Wobject.pm +++ b/lib/WebGUI/Wobject.pm @@ -20,6 +20,7 @@ use strict qw(subs vars); use Tie::IxHash; use WebGUI::DateTime; use WebGUI::FormProcessor; +use WebGUI::Grouping; use WebGUI::HTML; use WebGUI::HTMLForm; use WebGUI::Icon; @@ -27,6 +28,7 @@ use WebGUI::International; use WebGUI::Macro; use WebGUI::Node; use WebGUI::Page; +use WebGUI::Privilege; use WebGUI::Session; use WebGUI::SQL; use WebGUI::TabForm; @@ -74,6 +76,45 @@ sub _getNextSequenceNumber { return ($sequenceNumber+1); } +#------------------------------------------------------------------- + +=head2 canEdit ( ) + +Returns a boolean (0|1) value signifying that the user has the required privileges. + +=cut + +sub canEdit { + my $self = shift; + return WebGUI::Page::canEdit() if ($session{page}{wobjectPrivileges} != 1 || $self->get("wobjectId") eq "new"); + if ($session{user}{userId} == $self->get("ownerId")) { + return 1; + } else { + return WebGUI::Grouping::isInGroup($self->get("groupIdEdit")); + } +} + +#------------------------------------------------------------------- + +=head2 canView ( ) + +Returns a boolean (0|1) value signifying that the user has the required privileges. Returns true for users that have the rights to edit this wobject. + +=cut + +sub canView { + my $self = shift; + return WebGUI::Page::canView() unless ($session{page}{wobjectPrivileges} == 1); + if ($session{user}{userId} == $self->get("ownerId")) { + return 1; + } elsif ($self->get("startDate") < WebGUI::DateTime::time() && $self->get("endDate") > WebGUI::DateTime::time() && WebGUI::Grouping::isInGroup($self->get("groupIdView"))) { + return 1; + } else { + return $self->canEdit; + } +} + + #------------------------------------------------------------------- =head2 confirm ( message, yesURL, [ , noURL, vitalComparison ] ) @@ -1024,8 +1065,9 @@ NOTE: Should never need to be overridden or extended. =cut sub www_copy { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); - $_[0]->duplicate; + my $self = shift; + return WebGUI::Privilege::insufficient() unless ($self->canEdit); + $self->duplicate; return ""; } @@ -1040,16 +1082,17 @@ NOTE: Should never need to be overridden or extended. =cut sub www_createShortcut { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + my $self = shift; + return WebGUI::Privilege::insufficient() unless ($self->canEdit); my $w = WebGUI::Wobject::WobjectProxy->new({wobjectId=>"new",namespace=>"WobjectProxy"}); $w->set({ pageId=>2, templatePosition=>1, - title=>$_[0]->getValue("title"), - proxiedNamespace=>$_[0]->get("namespace"), - proxiedWobjectId=>$_[0]->get("wobjectId"), + title=>$self->getValue("title"), + proxiedNamespace=>$self->get("namespace"), + proxiedWobjectId=>$self->get("wobjectId"), bufferUserId=>$session{user}{userId}, - bufferDate=>time(), + bufferDate=>WebGUI::DateTime::time(), bufferPrevId=>$session{page}{pageId} }); return ""; @@ -1064,12 +1107,13 @@ Moves this instance to the clipboard. =cut sub www_cut { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); - $_[0]->set({ + my $self = shift; + return WebGUI::Privilege::insufficient() unless ($self->canEdit); + $self->set({ pageId=>2, templatePosition=>1, bufferUserId=>$session{user}{userId}, - bufferDate=>time(), + bufferDate=>WebGUI::DateTime::time(), bufferPrevId=>$session{page}{pageId} }); _reorderWobjects($session{page}{pageId}); @@ -1085,14 +1129,15 @@ Prompts a user to confirm whether they wish to delete this instance. =cut sub www_delete { + my $self = shift; my ($output); - if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { + if ($self->canEdit) { $output = helpIcon(14); $output .= '

'.WebGUI::International::get(42).'

'; $output .= WebGUI::International::get(43); $output .= '

'; $output .= '

'; + $self->get("wobjectId")).'">'; $output .= WebGUI::International::get(44); $output .= ''; $output .= '    '; @@ -1113,13 +1158,14 @@ Moves this instance to the trash. =cut sub www_deleteConfirm { - if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { - $_[0]->set({pageId=>3, templatePosition=>1, + my $self = shift; + if ($self->canEdit) { + $self->set({pageId=>3, templatePosition=>1, bufferUserId=>$session{user}{userId}, - bufferDate=>time(), + bufferDate=>WebGUI::DateTime::time(), bufferPrevId=>$session{page}{pageId}}); - WebGUI::ErrorHandler::audit("moved Wobject ".$_[0]->{_property}{wobjectId}." to the trash."); - _reorderWobjects($_[0]->get("pageId")); + WebGUI::ErrorHandler::audit("moved Wobject ".$self->{_property}{wobjectId}." to the trash."); + _reorderWobjects($self->get("pageId")); return ""; } else { return WebGUI::Privilege::insufficient(); @@ -1135,10 +1181,11 @@ Displays a confirmation message relating to the deletion of a file. =cut sub www_deleteFile { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); - return $_[0]->confirm(WebGUI::International::get(728), - WebGUI::URL::page('func=deleteFileConfirm&wid='.$_[0]->get("wobjectId").'&file='.$session{form}{file}), - WebGUI::URL::page('func=edit&wid='.$_[0]->get("wobjectId")) + my $self = shift; + return WebGUI::Privilege::insufficient() unless ($self->canEdit); + return $self->confirm(WebGUI::International::get(728), + WebGUI::URL::page('func=deleteFileConfirm&wid='.$self->get("wobjectId").'&file='.$session{form}{file}), + WebGUI::URL::page('func=edit&wid='.$self->get("wobjectId")) ); } @@ -1151,9 +1198,10 @@ Deletes a file from this instance. =cut sub www_deleteFileConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); - $_[0]->set({$session{form}{file}=>''}); - return $_[0]->www_edit(); + my $self = shift; + return WebGUI::Privilege::insufficient() unless ($self->canEdit); + $self->set({$session{form}{file}=>''}); + return $self->www_edit(); } #------------------------------------------------------------------- @@ -1185,21 +1233,22 @@ An id this namespace of the WebGUI international system. This message will be re =cut sub www_edit { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + my $self = shift; + return WebGUI::Privilege::insufficient() unless ($self->canEdit); $session{page}{useAdminStyle} = 1; my ($self, @p) = @_; my ($properties, $layout, $privileges, $heading, $helpId, $headingId) = rearrange([qw(properties layout privileges heading helpId headingId)], @p); my ($f, $startDate, $displayTitle, $templatePosition, $endDate); - if ($_[0]->get("wobjectId") eq "new") { + if ($self->get("wobjectId") eq "new") { $displayTitle = 1; } else { - $displayTitle = $_[0]->get("displayTitle"); + $displayTitle = $self->get("displayTitle"); } - my $title = $_[0]->get("title") || $_[0]->name; - $templatePosition = $_[0]->get("templatePosition") || 1; - $startDate = $_[0]->get("startDate") || $session{page}{startDate}; - $endDate = $_[0]->get("endDate") || $session{page}{endDate}; + my $title = $self->get("title") || $self->name; + $templatePosition = $self->get("templatePosition") || 1; + $startDate = $self->get("startDate") || $session{page}{startDate}; + $endDate = $self->get("endDate") || $session{page}{endDate}; my %tabs; tie %tabs, 'Tie::IxHash'; %tabs = ( @@ -1215,18 +1264,18 @@ sub www_edit { uiLevel=>6 } ); - if ($_[0]->{_useDiscussion}) { + if ($self->{_useDiscussion}) { $tabs{discussion} = { label=>WebGUI::International::get(892), uiLevel=>5 }; } $f = WebGUI::TabForm->new(\%tabs); - $f->hidden({name=>"wid",value=>$_[0]->get("wobjectId")}); - $f->hidden({name=>"namespace",value=>$_[0]->get("namespace")}) if ($_[0]->get("wobjectId") eq "new"); + $f->hidden({name=>"wid",value=>$self->get("wobjectId")}); + $f->hidden({name=>"namespace",value=>$self->get("namespace")}) if ($self->get("wobjectId") eq "new"); $f->hidden({name=>"func",value=>"editSave"}); $f->getTab("properties")->readOnly( - -value=>$_[0]->get("wobjectId"), + -value=>$self->get("wobjectId"), -label=>WebGUI::International::get(499), -uiLevel=>3 ); @@ -1237,11 +1286,11 @@ sub www_edit { -value=>$displayTitle, -uiLevel=>5 ); - if ($_[0]->{_useTemplate}) { + if ($self->{_useTemplate}) { $f->getTab("layout")->template( - -value=>$_[0]->getValue("templateId"), - -namespace=>$_[0]->get("namespace"), - -afterEdit=>'func=edit&wid='.$_[0]->get("wobjectId")."&namespace=".$_[0]->get("namespace") + -value=>$self->getValue("templateId"), + -namespace=>$self->get("namespace"), + -afterEdit=>'func=edit&wid='.$self->get("wobjectId")."&namespace=".$self->get("namespace") ); } $f->getTab("layout")->selectList( @@ -1265,30 +1314,30 @@ sub www_edit { -uiLevel=>6 ); my $subtext; - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { $subtext = '   '.WebGUI::International::get(7).''; } else { $subtext = ""; } if ($session{page}{wobjectPrivileges}) { my $clause; - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1); push (@$contentManagers, $session{user}{userId}); $clause = "userId in (".join(",",@$contentManagers).")"; } else { - $clause = "userId=".$_[0]->getValue("ownerId"); + $clause = "userId=".$self->getValue("ownerId"); } my $users = WebGUI::SQL->buildHashRef("select userId,username from users where $clause order by username"); $f->getTab("privileges")->selectList( -name=>"ownerId", -options=>$users, -label=>WebGUI::International::get(108), - -value=>[$_[0]->getValue("ownerId")], + -value=>[$self->getValue("ownerId")], -subtext=>$subtext, -uiLevel=>6 ); - if (WebGUI::Privilege::isInGroup(3)) { + if (WebGUI::Grouping::isInGroup(3)) { $subtext = '   '.WebGUI::International::get(5).''; } else { $subtext = ""; @@ -1296,43 +1345,43 @@ sub www_edit { $f->getTab("privileges")->group( -name=>"groupIdView", -label=>WebGUI::International::get(872), - -value=>[$_[0]->getValue("groupIdView")], + -value=>[$self->getValue("groupIdView")], -subtext=>$subtext, -uiLevel=>6 ); $f->getTab("privileges")->group( -name=>"groupIdEdit", -label=>WebGUI::International::get(871), - -value=>[$_[0]->getValue("groupIdEdit")], + -value=>[$self->getValue("groupIdEdit")], -subtext=>$subtext, -excludeGroups=>[1,7], -uiLevel=>6 ); } else { - $f->hidden({name=>"ownerId",value=>$_[0]->getValue("ownerId")}); - $f->hidden({name=>"groupIdView",value=>$_[0]->getValue("groupIdView")}); - $f->hidden({name=>"groupIdEdit",value=>$_[0]->getValue("groupIdEdit")}); + $f->hidden({name=>"ownerId",value=>$self->getValue("ownerId")}); + $f->hidden({name=>"groupIdView",value=>$self->getValue("groupIdView")}); + $f->hidden({name=>"groupIdEdit",value=>$self->getValue("groupIdEdit")}); } $f->getTab("properties")->HTMLArea( -name=>"description", -label=>WebGUI::International::get(85), - -value=>$_[0]->get("description") + -value=>$self->get("description") ); $f->getTab("properties")->raw($properties); $f->getTab("layout")->raw($layout); $f->getTab("privileges")->raw($privileges); - if ($_[0]->{_useDiscussion}) { + if ($self->{_useDiscussion}) { $f->getTab("discussion")->yesNo( -name=>"allowDiscussion", -label=>WebGUI::International::get(894), - -value=>$_[0]->get("allowDiscussion"), + -value=>$self->get("allowDiscussion"), -uiLevel=>5 ); - $f->getTab("discussion")->raw(WebGUI::Forum::UI::forumProperties($_[0]->get("forumId"))); + $f->getTab("discussion")->raw(WebGUI::Forum::UI::forumProperties($self->get("forumId"))); } my $output; - $output = helpIcon($helpId,$_[0]->get("namespace")) if ($helpId); - $heading = WebGUI::International::get($headingId,$_[0]->get("namespace")) if ($headingId); + $output = helpIcon($helpId,$self->get("namespace")) if ($helpId); + $heading = WebGUI::International::get($headingId,$self->get("namespace")) if ($headingId); $output .= '

'.$heading.'

' if ($heading); return $output.$f->print; } @@ -1356,28 +1405,30 @@ A hash reference of extra properties to set. =cut sub www_editSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + my $self = shift; + my $extras = shift; + return WebGUI::Privilege::insufficient() unless ($self->canEdit); my %set; - foreach my $key (keys %{$_[0]->{_wobjectProperties}}) { + foreach my $key (keys %{$self->{_wobjectProperties}}) { my $temp = WebGUI::FormProcessor::process( $key, - $_[0]->{_wobjectProperties}{$key}{fieldType}, - $_[0]->{_wobjectProperties}{$key}{defaultValue} + $self->{_wobjectProperties}{$key}{fieldType}, + $self->{_wobjectProperties}{$key}{defaultValue} ); $set{$key} = $temp if (defined $temp); } - $set{title} = $session{form}{title} || $_[0]->name; - foreach my $key (keys %{$_[0]->{_extendedProperties}}) { + $set{title} = $session{form}{title} || $self->name; + foreach my $key (keys %{$self->{_extendedProperties}}) { my $temp = WebGUI::FormProcessor::process( $key, - $_[0]->{_extendedProperties}{$key}{fieldType}, - $_[0]->{_extendedProperties}{$key}{defaultValue} + $self->{_extendedProperties}{$key}{fieldType}, + $self->{_extendedProperties}{$key}{defaultValue} ); $set{$key} = $temp if (defined $temp); } - %set = (%set, %{$_[1]}); - $set{forumId} = WebGUI::Forum::UI::forumPropertiesSave() if ($_[0]->{_useDiscussion}); - $_[0]->set(\%set); + %set = (%set, %{$extras}); + $set{forumId} = WebGUI::Forum::UI::forumPropertiesSave() if ($self->{_useDiscussion}); + $self->set(\%set); return ""; } @@ -1390,9 +1441,10 @@ Moves this instance to the bottom of the page. =cut sub www_moveBottom { - if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { - $_[0]->set({sequenceNumber=>99999}); - _reorderWobjects($_[0]->get("pageId")); + my $self = shift; + if ($self->canEdit) { + $self->set({sequenceNumber=>99999}); + _reorderWobjects($self->get("pageId")); return ""; } else { return WebGUI::Privilege::insufficient(); @@ -1409,14 +1461,15 @@ Moves this instance down one spot on the page. sub www_moveDown { my ($wid, $thisSeq); - if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { - ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$_[0]->get("wobjectId")); - ($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$_[0]->get("pageId") + my $self = shift; + if ($self->canEdit) { + ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$self->get("wobjectId")); + ($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$self->get("pageId") ." and sequenceNumber=".($thisSeq+1)); if ($wid ne "") { - WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=".$_[0]->get("wobjectId")); + WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=".$self->get("wobjectId")); WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=$wid"); - _reorderWobjects($_[0]->get("pageId")); + _reorderWobjects($self->get("pageId")); } return ""; } else { @@ -1433,9 +1486,10 @@ Moves this instance to the top of the page. =cut sub www_moveTop { - if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { - $_[0]->set({sequenceNumber=>0}); - _reorderWobjects($_[0]->get("pageId")); + my $self = shift; + if ($self->canEdit) { + $self->set({sequenceNumber=>0}); + _reorderWobjects($self->get("pageId")); return ""; } else { return WebGUI::Privilege::insufficient(); @@ -1451,15 +1505,16 @@ Moves this instance up one spot on the page. =cut sub www_moveUp { + my $self = shift; my ($wid, $thisSeq); - if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { - ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$_[0]->get("wobjectId")); - ($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$_[0]->get("pageId") + if ($self->canEdit) { + ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$self->get("wobjectId")); + ($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$self->get("pageId") ." and sequenceNumber=".($thisSeq-1)); if ($wid ne "") { - WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=".$_[0]->get("wobjectId")); + WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=".$self->get("wobjectId")); WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=$wid"); - _reorderWobjects($_[0]->get("pageId")); + _reorderWobjects($self->get("pageId")); } return ""; } else { @@ -1476,8 +1531,9 @@ Moves this instance from the clipboard to the current page. =cut sub www_paste { + my $self = shift; my ($output, $nextSeq); - if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { + if ($self->canEdit) { ($nextSeq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from wobject where pageId=$session{page}{pageId}"); $nextSeq += 1; WebGUI::SQL->write("UPDATE wobject SET " @@ -1485,7 +1541,7 @@ sub www_paste { ."templatePosition=1, " ."sequenceNumber=". $nextSeq .", " ."bufferUserId=NULL, bufferDate=NULL, bufferPrevId=NULL " - ."WHERE wobjectId=".$_[0]->get("wobjectId")); + ."WHERE wobjectId=".$self->get("wobjectId")); return ""; } else { return WebGUI::Privilege::insufficient(); @@ -1501,10 +1557,10 @@ The default display mechanism for any wobject. This web method MUST be overridde =cut sub www_view { - my ($output); - $output = $_[0]->displayTitle; - $output .= $_[0]->description; - return $output; + my $self = shift; + return WebGUI::Privilege::insufficient unless ($self->canView); + return $self->displayTitle.$self->description; } 1; + diff --git a/lib/WebGUI/Wobject/DataForm.pm b/lib/WebGUI/Wobject/DataForm.pm index a3f38fd6d..55b8921e2 100644 --- a/lib/WebGUI/Wobject/DataForm.pm +++ b/lib/WebGUI/Wobject/DataForm.pm @@ -240,7 +240,7 @@ sub getRecordTemplateVars { my $self = shift; my $var = shift; $var->{error_loop} = [] unless (exists $var->{error_loop}); - $var->{canEdit} = (WebGUI::Privilege::canEditWobject($self->get("wobjectId"))); + $var->{canEdit} = ($self->canEdit); $var->{"entryList.url"} = WebGUI::URL::page('func=view&entryId=list&wid='.$self->get("wobjectId")); $var->{"entryList.label"} = WebGUI::International::get(86,$self->get("namespace")); $var->{"export.tab.url"} = WebGUI::URL::page('func=exportTab&wid='.$self->get("wobjectId")); @@ -450,7 +450,7 @@ sub uiLevel { #------------------------------------------------------------------- sub www_deleteEntry { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my $entryId = $session{form}{entryId}; WebGUI::SQL->write("delete from DataForm_entry where DataForm_entryId=".quote($entryId)); $session{form}{entryId} = 'list'; @@ -459,14 +459,14 @@ sub www_deleteEntry { #------------------------------------------------------------------- sub www_deleteField { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm(WebGUI::International::get(19,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteFieldConfirm&wid='.$_[0]->get("wobjectId").'&fid='.$session{form}{fid})); } #------------------------------------------------------------------- sub www_deleteFieldConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->deleteCollateral("DataForm_field","DataForm_fieldId",$session{form}{fid}); $_[0]->reorderCollateral("DataForm_field","DataForm_fieldId"); return ""; @@ -474,14 +474,14 @@ sub www_deleteFieldConfirm { #------------------------------------------------------------------- sub www_deleteTab { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm(WebGUI::International::get(100,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteTabConfirm&wid='.$_[0]->get("wobjectId").'&tid='.$session{form}{tid})); } #------------------------------------------------------------------- sub www_deleteTabConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->deleteCollateral("DataForm_tab","DataForm_tabId",$session{form}{tid}); $_[0]->deleteCollateral("DataForm_field","DataForm_tabId",$session{form}{tid}); $_[0]->reorderCollateral("DataForm_tab","DataForm_tabId"); @@ -542,7 +542,7 @@ sub www_edit { #------------------------------------------------------------------- sub www_editSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->SUPER::www_editSave(); if ($session{form}{wid} eq "new") { $_[0]->setCollateral("DataForm_field","DataForm_fieldId",{ @@ -601,7 +601,7 @@ sub www_editSave { #------------------------------------------------------------------- sub www_editField { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($output, %field, $f, %fieldStatus,$tab); tie %field, 'Tie::CPHash'; @@ -695,7 +695,7 @@ sub www_editField { #------------------------------------------------------------------- sub www_editFieldSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{form}{name} = $session{form}{label} if ($session{form}{name} eq ""); $session{form}{tid} = "0" if ($session{form}{tid} eq ""); $session{form}{name} = WebGUI::URL::urlize($session{form}{name}); @@ -724,7 +724,7 @@ sub www_editFieldSave { #------------------------------------------------------------------- sub www_editTab { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($output, %tab, $f); tie %tab, 'Tie::CPHash'; @@ -767,7 +767,7 @@ sub www_editTab { #------------------------------------------------------------------- sub www_editTabSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{form}{name} = $session{form}{label} if ($session{form}{name} eq ""); $session{form}{name} = WebGUI::URL::urlize($session{form}{name}); $session{form}{name} =~ s/\-//g; @@ -786,7 +786,7 @@ sub www_editTabSave { #------------------------------------------------------------------- sub www_exportTab { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{header}{filename} = WebGUI::URL::urlize($_[0]->get("title")).".tab"; $session{header}{mimetype} = "text/plain"; my %fields = WebGUI::SQL->buildHash("select DataForm_fieldId,name from DataForm_field where wobjectId=".$_[0]->get("wobjectId")." order by sequenceNumber"); @@ -809,28 +809,28 @@ sub www_exportTab { #------------------------------------------------------------------- sub www_moveFieldDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("DataForm_field","DataForm_fieldId",$session{form}{fid},"DataForm_tabId",$session{form}{tid}); return ""; } #------------------------------------------------------------------- sub www_moveFieldUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("DataForm_field","DataForm_fieldId",$session{form}{fid},"DataForm_tabId",$session{form}{tid}); return ""; } #------------------------------------------------------------------- sub www_moveTabRight { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("DataForm_tab","DataForm_tabId",$session{form}{tid}); return ""; } #------------------------------------------------------------------- sub www_moveTabLeft { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("DataForm_tab","DataForm_tabId",$session{form}{tid}); return ""; } @@ -892,8 +892,8 @@ sub www_process { #------------------------------------------------------------------- sub www_view { my $var; - $var->{entryId} = $session{form}{entryId} if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); - if ($var->{entryId} eq "list" && WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { + $var->{entryId} = $session{form}{entryId} if ($_[0]->canEdit); + if ($var->{entryId} eq "list" && $_[0]->canEdit) { return $_[0]->processTemplate($_[0]->get("listTemplateId"),$_[0]->getListTemplateVars,"DataForm/List"); } # add Tab StyleSheet and JavaScript diff --git a/lib/WebGUI/Wobject/EventsCalendar.pm b/lib/WebGUI/Wobject/EventsCalendar.pm index 24dadfeaa..6038c6287 100644 --- a/lib/WebGUI/Wobject/EventsCalendar.pm +++ b/lib/WebGUI/Wobject/EventsCalendar.pm @@ -126,7 +126,7 @@ sub purge { #------------------------------------------------------------------- sub www_deleteEvent { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my ($output); $output = '

'.WebGUI::International::get(42).'

'; $output .= WebGUI::International::get(75,$_[0]->get("namespace")).'

'; @@ -143,7 +143,7 @@ sub www_deleteEvent { #------------------------------------------------------------------- sub www_deleteEventConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); if ($session{form}{rid} > 0) { $_[0]->deleteCollateral("EventsCalendar_event","EventsCalendar_recurringId",$session{form}{rid}); } else { @@ -241,7 +241,7 @@ sub www_editSave { #------------------------------------------------------------------- sub www_editEvent { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my (%recursEvery, $special, $output, $f, %event); tie %event, 'Tie::CPHash'; @@ -306,7 +306,7 @@ sub www_editEvent { #------------------------------------------------------------------- sub www_editEventSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my (@startDate, @endDate, $until, @eventId, $i, $recurringEventId); $startDate[0] = WebGUI::FormProcessor::dateTime("startDate"); $startDate[0] = time() unless ($startDate[0] > 0); @@ -547,7 +547,7 @@ sub www_viewEvent { $var{"end.label"} = WebGUI::International::get(15,$_[0]->get("namespace")); $var{"end.date"} = epochToHuman($event{endDate},"%z"); $var{"end.time"} = epochToHuman($event{endDate},"%Z"); - $var{canEdit} = WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")); + $var{canEdit} = $_[0]->canEdit; $var{"edit.url"} = WebGUI::URL::page('func=editEvent&eid='.$session{form}{eid}.'&wid='.$session{form}{wid}); $var{"edit.label"} = WebGUI::International::get(575); $var{"delete.url"} = WebGUI::URL::page('func=deleteEvent&eid='.$session{form}{eid}.'&wid=' diff --git a/lib/WebGUI/Wobject/FileManager.pm b/lib/WebGUI/Wobject/FileManager.pm index 93c74786b..6a79c0f1f 100644 --- a/lib/WebGUI/Wobject/FileManager.pm +++ b/lib/WebGUI/Wobject/FileManager.pm @@ -13,6 +13,7 @@ package WebGUI::Wobject::FileManager; use strict; use Tie::CPHash; use WebGUI::DateTime; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; @@ -131,7 +132,7 @@ sub uiLevel { #------------------------------------------------------------------- sub www_deleteFile { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->setCollateral("FileManager_file","FileManager_fileId", {$session{form}{file}=>'',FileManager_fileId=>$session{form}{did}},0,0); return $_[0]->www_editDownload(); @@ -139,14 +140,14 @@ sub www_deleteFile { #------------------------------------------------------------------- sub www_deleteDownload { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm(WebGUI::International::get(12,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteDownloadConfirm&wid='.$session{form}{wid}.'&did='.$session{form}{did})); } #------------------------------------------------------------------- sub www_deleteDownloadConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my ($output, $file); $file = WebGUI::Attachment->new("",$session{form}{wid},$session{form}{did}); $file->deleteNode; @@ -160,7 +161,7 @@ sub www_download { my (%download, $file); tie %download,'Tie::CPHash'; %download = WebGUI::SQL->quickHash("select * from FileManager_file where FileManager_fileId=$session{form}{did}"); - if (WebGUI::Privilege::isInGroup($download{groupToView})) { + if (WebGUI::Grouping::isInGroup($download{groupToView})) { if ($session{form}{alternateVersion} == 1) { $file = WebGUI::Attachment->new($download{alternateVersion1}, $session{form}{wid}, @@ -209,7 +210,7 @@ sub www_edit { #------------------------------------------------------------------- sub www_editSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->SUPER::www_editSave(); if ($session{form}{proceed} eq "addFile") { $session{form}{did} = "new"; @@ -221,7 +222,7 @@ sub www_editSave { #------------------------------------------------------------------- sub www_editDownload { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($output, $file, $f); $file = $_[0]->getCollateral("FileManager_file","FileManager_fileId",$session{form}{did}); @@ -271,7 +272,7 @@ sub www_editDownload { #------------------------------------------------------------------- sub www_editDownloadSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my ($file, %files); $files{FileManager_fileId} = $_[0]->setCollateral("FileManager_file", "FileManager_fileId", { FileManager_fileId => $session{form}{did}, @@ -308,7 +309,7 @@ sub www_editDownloadSave { #------------------------------------------------------------------- sub www_moveDownloadDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sortDirection","-delete-"); WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sort","-delete-"); $_[0]->moveCollateralUp("FileManager_file","FileManager_fileId",$session{form}{did}); @@ -317,7 +318,7 @@ sub www_moveDownloadDown { #------------------------------------------------------------------- sub www_moveDownloadUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sortDirection","-delete-"); WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sort","-delete-"); $_[0]->moveCollateralDown("FileManager_file","FileManager_fileId",$session{form}{did}); @@ -357,13 +358,13 @@ sub www_view { $p = WebGUI::Paginator->new($url,$numResults); $p->setDataByQuery($sql); $files = $p->getPageData; - my $canEditWobject = (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")) || WebGUI::Privilege::canEditPage()); + my $canEditWobject = ($_[0]->canEdit); foreach $file (@$files) { $file1 = WebGUI::Attachment->new($file->{downloadFile},$_[0]->get("wobjectId"),$file->{FileManager_fileId}); $file2 = WebGUI::Attachment->new($file->{alternateVersion1},$_[0]->get("wobjectId"),$file->{FileManager_fileId}); $file3 = WebGUI::Attachment->new($file->{alternateVersion2},$_[0]->get("wobjectId"),$file->{FileManager_fileId}); push (@fileloop,{ - "file.canView"=>(WebGUI::Privilege::isInGroup($file->{groupToView}) || $canEditWobject), + "file.canView"=>(WebGUI::Grouping::isInGroup($file->{groupToView}) || $canEditWobject), "file.controls"=>deleteIcon('func=deleteDownload&wid='.$_[0]->get("wobjectId") .'&did='.$file->{FileManager_fileId}).editIcon('func=editDownload&wid='.$_[0]->get("wobjectId") .'&did='.$file->{FileManager_fileId}).moveUpIcon('func=moveDownloadUp&wid=' diff --git a/lib/WebGUI/Wobject/MessageBoard.pm b/lib/WebGUI/Wobject/MessageBoard.pm index 953778683..b22b93f87 100644 --- a/lib/WebGUI/Wobject/MessageBoard.pm +++ b/lib/WebGUI/Wobject/MessageBoard.pm @@ -137,14 +137,14 @@ sub purge { #------------------------------------------------------------------- sub www_deleteForum { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm(WebGUI::International::get(76,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteForumConfirm&wid='.$_[0]->get("wobjectId").'&forumId='.$session{form}{forumId})); } #------------------------------------------------------------------- sub www_deleteForumConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from MessageBoard_forums where forumId=".$session{form}{forumId}); unless ($inUseElsewhere > 1) { my $forum = WebGUI::Forum->new($session{form}{forumId}); @@ -166,7 +166,7 @@ sub www_edit { #------------------------------------------------------------------- sub www_editForum { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my $forumMeta; if ($session{form}{forumId} ne "new") { @@ -199,7 +199,7 @@ sub www_editForum { #------------------------------------------------------------------- sub www_editForumSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my $forumId = WebGUI::Forum::UI::forumPropertiesSave(); if ($session{form}{forumId} eq "new") { my ($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from MessageBoard_forums where wobjectId=".$_[0]->get("wobjectId")); @@ -216,14 +216,14 @@ sub www_editForumSave { #------------------------------------------------------------------- sub www_moveForumDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("MessageBoard_forums","forumId",$session{form}{forumId}); return ""; } #------------------------------------------------------------------- sub www_moveForumUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("MessageBoard_forums","forumId",$session{form}{forumId}); return ""; } diff --git a/lib/WebGUI/Wobject/Poll.pm b/lib/WebGUI/Wobject/Poll.pm index d7ff6de74..0096c67b8 100644 --- a/lib/WebGUI/Wobject/Poll.pm +++ b/lib/WebGUI/Wobject/Poll.pm @@ -14,6 +14,7 @@ package WebGUI::Wobject::Poll; use strict; use Tie::CPHash; use WebGUI::Form; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; @@ -223,7 +224,7 @@ sub www_editSave { #------------------------------------------------------------------- sub www_resetVotes { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->deleteCollateral("Poll_answer","wobjectId",$_[0]->get("wobjectId")); return ""; } @@ -234,7 +235,7 @@ sub www_view { $var{question} = $_[0]->get("question"); if ($_[0]->get("active") eq "0") { $showPoll = 0; - } elsif (WebGUI::Privilege::isInGroup($_[0]->get("voteGroup"),$session{user}{userId})) { + } elsif (WebGUI::Grouping::isInGroup($_[0]->get("voteGroup"),$session{user}{userId})) { if ($_[0]->_hasVoted()) { $showPoll = 0; } else { @@ -277,7 +278,7 @@ sub www_view { #------------------------------------------------------------------- sub www_vote { my $u; - if ($session{form}{answer} ne "" && WebGUI::Privilege::isInGroup($_[0]->get("voteGroup"),$session{user}{userId}) && !($_[0]->_hasVoted())) { + if ($session{form}{answer} ne "" && WebGUI::Grouping::isInGroup($_[0]->get("voteGroup"),$session{user}{userId}) && !($_[0]->_hasVoted())) { WebGUI::SQL->write("insert into Poll_answer values (".$_[0]->get("wobjectId").", ".quote($session{form}{answer}).", $session{user}{userId}, '$session{env}{REMOTE_ADDR}')"); if ($session{setting}{useKarma}) { diff --git a/lib/WebGUI/Wobject/Product.pm b/lib/WebGUI/Wobject/Product.pm index 16ee632f9..2672d78c1 100644 --- a/lib/WebGUI/Wobject/Product.pm +++ b/lib/WebGUI/Wobject/Product.pm @@ -163,7 +163,7 @@ sub purge { #------------------------------------------------------------------- sub www_addAccessory { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($output, $f, $accessory, @usedAccessories); $output = helpIcon(4,$_[0]->get("namespace")); @@ -185,7 +185,7 @@ sub www_addAccessory { #------------------------------------------------------------------- sub www_addAccessorySave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($seq); ($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_accessory @@ -201,7 +201,7 @@ sub www_addAccessorySave { #------------------------------------------------------------------- sub www_addRelated { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my ($output, $f, $related, @usedRelated); $output = helpIcon(5,$_[0]->get("namespace")); $output .= '

'.WebGUI::International::get(19,$_[0]->get("namespace")).'

'; @@ -222,7 +222,7 @@ sub www_addRelated { #------------------------------------------------------------------- sub www_addRelatedSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my ($seq); ($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_related where wobjectId=".$_[0]->get("wobjectId")); @@ -237,7 +237,7 @@ sub www_addRelatedSave { #------------------------------------------------------------------- sub www_deleteAccessory { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm( WebGUI::International::get(2,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteAccessoryConfirm&wid='.$_[0]->get("wobjectId").'&aid='.$session{form}{aid}) @@ -246,7 +246,7 @@ sub www_deleteAccessory { #------------------------------------------------------------------- sub www_deleteAccessoryConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); WebGUI::SQL->write("delete from Product_accessory where wobjectId=".$_[0]->get("wobjectId")." and accessoryWobjectId=".quote($session{form}{aid})); $_[0]->reorderCollateral("Product_accessory","accessoryWobjectId"); return ""; @@ -254,7 +254,7 @@ sub www_deleteAccessoryConfirm { #------------------------------------------------------------------- sub www_deleteBenefit { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm( WebGUI::International::get(48,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteBenefitConfirm&wid='.$_[0]->get("wobjectId").'&bid='.$session{form}{bid}) @@ -263,7 +263,7 @@ sub www_deleteBenefit { #------------------------------------------------------------------- sub www_deleteBenefitConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->deleteCollateral("Product_benefit","Product_benefitId",$session{form}{bid}); $_[0]->reorderCollateral("Product_benefit","Product_benefitId"); return ""; @@ -271,7 +271,7 @@ sub www_deleteBenefitConfirm { #------------------------------------------------------------------- sub www_deleteFeature { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm( WebGUI::International::get(3,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteFeatureConfirm&wid='.$_[0]->get("wobjectId").'&fid='.$session{form}{fid}) @@ -280,7 +280,7 @@ sub www_deleteFeature { #------------------------------------------------------------------- sub www_deleteFeatureConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->deleteCollateral("Product_feature","Product_featureId",$session{form}{fid}); $_[0]->reorderCollateral("Product_feature","Product_featureId"); return ""; @@ -288,7 +288,7 @@ sub www_deleteFeatureConfirm { #------------------------------------------------------------------- sub www_deleteRelated { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm( WebGUI::International::get(4,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteRelatedConfirm&wid='.$_[0]->get("wobjectId").'&rid='.$session{form}{rid}) @@ -297,7 +297,7 @@ sub www_deleteRelated { #------------------------------------------------------------------- sub www_deleteRelatedConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); WebGUI::SQL->write("delete from Product_related where wobjectId=".$_[0]->get("wobjectId")." and relatedWobjectId=".quote($session{form}{rid})); $_[0]->reorderCollateral("Product_related","relatedWobjectId"); return ""; @@ -305,7 +305,7 @@ sub www_deleteRelatedConfirm { #------------------------------------------------------------------- sub www_deleteSpecification { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm( WebGUI::International::get(5,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteSpecificationConfirm&wid='.$_[0]->get("wobjectId").'&sid='.$session{form}{sid}) @@ -314,7 +314,7 @@ sub www_deleteSpecification { #------------------------------------------------------------------- sub www_deleteSpecificationConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->deleteCollateral("Product_specification","Product_specificationId",$session{form}{sid}); $_[0]->reorderCollateral("Product_specification","Product_specificationId"); return ""; @@ -348,7 +348,7 @@ sub www_edit { #------------------------------------------------------------------- sub www_editSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); my ($file, %property); $_[0]->SUPER::www_editSave() if ($_[0]->get("wobjectId") eq "new"); $file = WebGUI::Attachment->new("",$_[0]->get("wobjectId")); @@ -375,7 +375,7 @@ sub www_editSave { #------------------------------------------------------------------- sub www_editBenefit { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($output, $data, $f, $benefits); $data = $_[0]->getCollateral("Product_benefit","Product_benefitId",$session{form}{bid}); @@ -395,7 +395,7 @@ sub www_editBenefit { #------------------------------------------------------------------- sub www_editBenefitSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{form}{benefit} = $session{form}{benefit_new} if ($session{form}{benefit_new} ne ""); $_[0]->setCollateral("Product_benefit", "Product_benefitId", { Product_benefitId => $session{form}{bid}, @@ -411,7 +411,7 @@ sub www_editBenefitSave { #------------------------------------------------------------------- sub www_editFeature { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($output, $data, $f, $features); $data = $_[0]->getCollateral("Product_feature","Product_featureId",$session{form}{fid}); @@ -431,7 +431,7 @@ sub www_editFeature { #------------------------------------------------------------------- sub www_editFeatureSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{form}{feature} = $session{form}{feature_new} if ($session{form}{feature_new} ne ""); $_[0]->setCollateral("Product_feature", "Product_featureId", { Product_featureId => $session{form}{fid}, @@ -447,7 +447,7 @@ sub www_editFeatureSave { #------------------------------------------------------------------- sub www_editSpecification { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($output, $data, $f, $hashRef); $data = $_[0]->getCollateral("Product_specification","Product_specificationId",$session{form}{sid}); @@ -470,7 +470,7 @@ sub www_editSpecification { #------------------------------------------------------------------- sub www_editSpecificationSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{form}{name} = $session{form}{name_new} if ($session{form}{name_new} ne ""); $session{form}{units} = $session{form}{units_new} if ($session{form}{units_new} ne ""); $_[0]->setCollateral("Product_specification", "Product_specificationId", { @@ -489,70 +489,70 @@ sub www_editSpecificationSave { #------------------------------------------------------------------- sub www_moveAccessoryDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("Product_related","accessoryWobjectId",$session{form}{aid}); return ""; } #------------------------------------------------------------------- sub www_moveAccessoryUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("Product_accessory","accessoryWobjectId",$session{form}{aid}); return ""; } #------------------------------------------------------------------- sub www_moveBenefitDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("Product_benefit","Product_benefitId",$session{form}{bid}); return ""; } #------------------------------------------------------------------- sub www_moveBenefitUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("Product_benefit","Product_benefitId",$session{form}{bid}); return ""; } #------------------------------------------------------------------- sub www_moveFeatureDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("Product_feature","Product_featureId",$session{form}{fid}); return ""; } #------------------------------------------------------------------- sub www_moveFeatureUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("Product_feature","Product_featureId",$session{form}{fid}); return ""; } #------------------------------------------------------------------- sub www_moveRelatedDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("Product_related","relatedWobjectId",$session{form}{rid}); return ""; } #------------------------------------------------------------------- sub www_moveRelatedUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("Product_related","relatedWobjectId",$session{form}{rid}); return ""; } #------------------------------------------------------------------- sub www_moveSpecificationDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("Product_specification","Product_specificationId",$session{form}{sid}); return ""; } #------------------------------------------------------------------- sub www_moveSpecificationUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("Product_specification","Product_specificationId",$session{form}{sid}); return ""; } diff --git a/lib/WebGUI/Wobject/Survey.pm b/lib/WebGUI/Wobject/Survey.pm index c79b7157d..3f61f7037 100644 --- a/lib/WebGUI/Wobject/Survey.pm +++ b/lib/WebGUI/Wobject/Survey.pm @@ -13,6 +13,7 @@ package WebGUI::Wobject::Survey; use strict; use Tie::CPHash; use WebGUI::DateTime; +use WebGUI::Grouping; use WebGUI::HTMLForm; use WebGUI::Icon; use WebGUI::International; @@ -158,7 +159,7 @@ sub getIp { sub getMenuVars { my $self = shift; my %var; - $var{'user.canViewReports'} = (WebGUI::Privilege::isInGroup($self->get("groupToViewReports"))); + $var{'user.canViewReports'} = (WebGUI::Grouping::isInGroup($self->get("groupToViewReports"))); $var{'delete.all.responses.url'} = WebGUI::URL::page('func=deleteAllResponses&wid='.$self->get("wobjectId")); $var{'delete.all.responses.label'} = WebGUI::International::get(73,$self->get("namespace")); $var{'export.answers.url'} = WebGUI::URL::page('func=exportAnswers&wid='.$self->get("wobjectId")); @@ -427,7 +428,7 @@ sub uiLevel { #------------------------------------------------------------------- sub www_deleteAnswer { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm(WebGUI::International::get(45,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteAnswerConfirm&wid='.$_[0]->get("wobjectId").'&aid=' .$session{form}{aid}.'&qid='.$session{form}{qid})); @@ -435,7 +436,7 @@ sub www_deleteAnswer { #------------------------------------------------------------------- sub www_deleteAnswerConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); WebGUI::SQL->write("delete from Survey_questionResponse where Survey_answerId=".quote($session{form}{aid})); $_[0]->deleteCollateral("Survey_answer","Survey_answerId",$session{form}{aid}); $_[0]->reorderCollateral("Survey_answer","Survey_answerId","Survey_id"); @@ -444,14 +445,14 @@ sub www_deleteAnswerConfirm { #------------------------------------------------------------------- sub www_deleteQuestion { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); return $_[0]->confirm(WebGUI::International::get(44,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteQuestionConfirm&wid='.$_[0]->get("wobjectId").'&qid='.$session{form}{qid})); } #------------------------------------------------------------------- sub www_deleteQuestionConfirm { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); WebGUI::SQL->write("delete from Survey_answer where Survey_questionId=".quote($session{form}{qid})); WebGUI::SQL->write("delete from Survey_questionResponse where Survey_questionId=".quote($session{form}{qid})); $_[0]->deleteCollateral("Survey_question","Survey_questionId",$session{form}{qid}); @@ -461,14 +462,14 @@ sub www_deleteQuestionConfirm { #------------------------------------------------------------------- sub www_deleteResponse { - return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports"))); return $_[0]->confirm(WebGUI::International::get(72,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteResponseConfirm&wid='.$_[0]->get("wobjectId").'&responseId='.$session{form}{responseId})); } #------------------------------------------------------------------- sub www_deleteResponseConfirm { - return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports"))); WebGUI::SQL->write("delete from Survey_response where Survey_responseId=".quote($session{form}{responseId})); WebGUI::SQL->write("delete from Survey_questionResponse where Survey_responseId=".quote($session{form}{responseId})); return $_[0]->www_viewGradebook; @@ -476,14 +477,14 @@ sub www_deleteResponseConfirm { #------------------------------------------------------------------- sub www_deleteAllResponses { - return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports"))); return $_[0]->confirm(WebGUI::International::get(74,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteAllResponsesConfirm&wid='.$_[0]->get("wobjectId"))); } #------------------------------------------------------------------- sub www_deleteAllResponsesConfirm { - return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports"))); WebGUI::SQL->write("delete from Survey_response where Survey_id=".$_[0]->get("Survey_id")); WebGUI::SQL->write("delete from Survey_questionResponse where Survey_id=".$_[0]->get("Survey_id")); return ""; @@ -567,7 +568,7 @@ sub www_edit { #------------------------------------------------------------------- sub www_editSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->SUPER::www_editSave(); if ($session{form}{proceed} eq "addQuestion") { $session{form}{qid} = "new"; @@ -578,7 +579,7 @@ sub www_editSave { #------------------------------------------------------------------- sub www_editAnswer { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($question, $output, $f, $answer); $answer = $_[0]->getCollateral("Survey_answer","Survey_answerId",$session{form}{aid}); @@ -634,7 +635,7 @@ sub www_editAnswer { #------------------------------------------------------------------- sub www_editAnswerSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->setCollateral("Survey_answer", "Survey_answerId", { Survey_answerId => $session{form}{aid}, Survey_questionId => $session{form}{qid}, @@ -656,7 +657,7 @@ sub www_editAnswerSave { #------------------------------------------------------------------- sub www_editQuestion { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{page}{useAdminStyle} = 1; my ($output, $f, $question, $answerFieldType, $sth, %data); tie %data, 'Tie::CPHash'; @@ -736,7 +737,7 @@ sub www_editQuestion { #------------------------------------------------------------------- sub www_editQuestionSave { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $session{form}{qid} = $_[0]->setCollateral("Survey_question", "Survey_questionId", { question=>$session{form}{question}, Survey_questionId=>$session{form}{qid}, @@ -778,7 +779,7 @@ sub www_editQuestionSave { #------------------------------------------------------------------- sub www_exportAnswers { - return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports"))); $session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_answers.tab"); $session{header}{mimetype} = "text/tab"; return WebGUI::SQL->quickTab("select * from Survey_answer where Survey_id=".$_[0]->get("Survey_id")); @@ -786,7 +787,7 @@ sub www_exportAnswers { #------------------------------------------------------------------- sub www_exportComposite { - return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports"))); $session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_composite.tab"); $session{header}{mimetype} = "text/tab"; return WebGUI::SQL->quickTab("select b.question, c.response, a.userId, a.username, a.ipAddress, c.comment, c.dateOfResponse from Survey_response a @@ -797,7 +798,7 @@ sub www_exportComposite { #------------------------------------------------------------------- sub www_exportQuestions { - return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports"))); $session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_questions.tab"); $session{header}{mimetype} = "text/tab"; return WebGUI::SQL->quickTab("select * from Survey_question where Survey_id=".$_[0]->get("Survey_id")); @@ -805,7 +806,7 @@ sub www_exportQuestions { #------------------------------------------------------------------- sub www_exportResponses { - return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports"))); $session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_responses.tab"); $session{header}{mimetype} = "text/tab"; return WebGUI::SQL->quickTab("select * from Survey_response where Survey_id=".$_[0]->get("Survey_id")); @@ -813,28 +814,28 @@ sub www_exportResponses { #------------------------------------------------------------------- sub www_moveAnswerDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("Survey_answer","Survey_answerId",$session{form}{aid},"Survey_id"); return $_[0]->www_editQuestion; } #------------------------------------------------------------------- sub www_moveAnswerUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("Survey_answer","Survey_answerId",$session{form}{aid},"Survey_id"); return $_[0]->www_editQuestion; } #------------------------------------------------------------------- sub www_moveQuestionDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("Survey_question","Survey_questionId",$session{form}{qid},"Survey_id"); return $_[0]->www_edit; } #------------------------------------------------------------------- sub www_moveQuestionUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("Survey_question","Survey_questionId",$session{form}{qid},"Survey_id"); return $_[0]->www_edit; } @@ -842,7 +843,7 @@ sub www_moveQuestionUp { #------------------------------------------------------------------- sub www_respond { my $self = shift; - return "" unless (WebGUI::Privilege::isInGroup($self->get("groupToTakeSurvey"))); + return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToTakeSurvey"))); my $varname = $self->getResponseIdString; return "" unless ($session{scratch}{$varname}); my $userId = ($self->get("anonymous")) ? substr(md5_hex($session{user}{userId}),0,8) : $session{user}{userId}; @@ -890,7 +891,7 @@ sub www_view { $var->{'question.edit_loop'} = \@edit; } $sth->finish; - $var->{'user.canTakeSurvey'} = WebGUI::Privilege::isInGroup($self->get("groupToTakeSurvey")); + $var->{'user.canTakeSurvey'} = WebGUI::Grouping::isInGroup($self->get("groupToTakeSurvey")); if ($var->{'user.canTakeSurvey'}) { $var->{'response.Id'} = $self->getResponseId(); $var->{'response.Count'} = $self->getResponseCount; @@ -940,7 +941,7 @@ sub www_view { #------------------------------------------------------------------- sub www_viewGradebook { my $self = shift; - return "" unless (WebGUI::Privilege::isInGroup($self->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToViewReports"))); my $var = $self->getMenuVars; $var->{title} = WebGUI::International::get(71,$self->get("namespace")); my $p = WebGUI::Paginator->new(WebGUI::URL::page('func=viewGradebook&wid='.$self->get("wobjectId"))); @@ -976,7 +977,7 @@ sub www_viewGradebook { #------------------------------------------------------------------- sub www_viewIndividualSurvey { my $self = shift; - return "" unless (WebGUI::Privilege::isInGroup($self->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToViewReports"))); my $var = $self->getMenuVars; $var->{'title'} = WebGUI::International::get(70,$self->get("namespace")); $var->{'delete.url'} = WebGUI::URL::page('func=deleteResponse&wid='.$self->get("wobjectId").'&responseId='.$session{form}{responseId}); @@ -1033,7 +1034,7 @@ sub www_viewIndividualSurvey { #------------------------------------------------------------------- sub www_viewStatisticalOverview { my $self = shift; - return "" unless (WebGUI::Privilege::isInGroup($self->get("groupToViewReports"))); + return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToViewReports"))); my $var = $self->getMenuVars; $var->{title} = WebGUI::International::get(58,$self->get("namespace")); my $p = WebGUI::Paginator->new(WebGUI::URL::page('func=viewStatisticalOverview&wid='.$self->get("wobjectId"))); diff --git a/lib/WebGUI/Wobject/USS.pm b/lib/WebGUI/Wobject/USS.pm index a8c68c1e7..a73cdc9c2 100644 --- a/lib/WebGUI/Wobject/USS.pm +++ b/lib/WebGUI/Wobject/USS.pm @@ -16,6 +16,7 @@ use WebGUI::Attachment; use WebGUI::DateTime; use WebGUI::Forum; use WebGUI::Forum::UI; +use WebGUI::Grouping; use WebGUI::HTML; use WebGUI::HTMLForm; use WebGUI::Icon; @@ -236,7 +237,7 @@ sub status { sub www_approveSubmission { my (%submission); tie %submission, 'Tie::CPHash'; - if (WebGUI::Privilege::isInGroup(4,$session{user}{userId}) || WebGUI::Privilege::isInGroup(3,$session{user}{userId})) { + if (WebGUI::Grouping::isInGroup(4,$session{user}{userId}) || WebGUI::Grouping::isInGroup(3,$session{user}{userId})) { %submission = WebGUI::SQL->quickHash("select * from USS_submission where USS_submissionId=$session{form}{sid}"); WebGUI::SQL->write("update USS_submission set status='Approved' where USS_submissionId=".quote($session{form}{sid})); WebGUI::MessageLog::addInternationalizedEntry($submission{userId},'',WebGUI::URL::page('func=viewSubmission&wid='. @@ -251,7 +252,7 @@ sub www_approveSubmission { #------------------------------------------------------------------- sub www_deleteFile { my ($owner) = WebGUI::SQL->quickArray("select userId from USS_submission where USS_submissionId=$session{form}{sid}"); - if ($owner == $session{user}{userId} || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) { + if ($owner == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { $_[0]->setCollateral("USS_submission","USS_submissionId",{ $session{form}{file}=>'', USS_submissionId=>$session{form}{sid} @@ -265,7 +266,7 @@ sub www_deleteFile { #------------------------------------------------------------------- sub www_deleteSubmission { my ($owner) = WebGUI::SQL->quickArray("select userId from USS_submission where USS_submissionId=$session{form}{sid}"); - if ($owner == $session{user}{userId} || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) { + if ($owner == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { return $_[0]->confirm(WebGUI::International::get(17,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteSubmissionConfirm&wid='.$session{form}{wid}.'&sid='.$session{form}{sid})); } else { @@ -276,7 +277,7 @@ sub www_deleteSubmission { #------------------------------------------------------------------- sub www_deleteSubmissionConfirm { my ($owner, $forumId) = WebGUI::SQL->quickArray("select userId,forumId from USS_submission where USS_submissionId=$session{form}{sid}"); - if ($owner == $session{user}{userId} || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) { + if ($owner == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from USS_submission where forumId=".$forumId); unless ($inUseElsewhere > 1) { my $forum = WebGUI::Forum->new($forumId); @@ -295,7 +296,7 @@ sub www_deleteSubmissionConfirm { sub www_denySubmission { my (%submission); tie %submission, 'Tie::CPHash'; - if (WebGUI::Privilege::isInGroup(4,$session{user}{userId}) || WebGUI::Privilege::isInGroup(3,$session{user}{userId})) { + if (WebGUI::Grouping::isInGroup(4,$session{user}{userId}) || WebGUI::Grouping::isInGroup(3,$session{user}{userId})) { %submission = WebGUI::SQL->quickHash("select * from USS_submission where USS_submissionId=$session{form}{sid}"); WebGUI::SQL->write("update USS_submission set status='Denied' where USS_submissionId=".quote($session{form}{sid})); WebGUI::MessageLog::addInternationalizedEntry($submission{userId},'',WebGUI::URL::page('func=viewSubmission&wid='. @@ -403,9 +404,9 @@ sub www_editSubmission { $submission->{contentType} = "mixed"; $var{'submission.isNew'} = 1; } - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToContribute")) + return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute")) || $submission->{userId} == $session{user}{userId} - || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))); + || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))); $var{'link.header.label'} = WebGUI::International::get(90,$_[0]->get("namespace")); $var{'question.header.label'} = WebGUI::International::get(84,$_[0]->get("namespace")); $var{'submission.header.label'} = WebGUI::International::get(19,$_[0]->get("namespace")); @@ -571,8 +572,8 @@ sub www_editSubmissionSave { $submission = $_[0]->getCollateral("USS_submission","USS_submissionId",$session{form}{sid}); if ($submission->{userId} == $session{user}{userId} || ($submission->{USS_submissionId} eq "new" - && WebGUI::Privilege::isInGroup($_[0]->get("groupToContribute"))) - || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) { + && WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute"))) + || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { if ($session{form}{sid} eq "new") { my $forum = WebGUI::Forum->create({ masterForumId=>$_[0]->get("forumId"), @@ -609,7 +610,7 @@ sub www_editSubmissionSave { $file->save("attachment"); $hash{attachment} = $file->getFilename if ($file->getFilename ne ""); unless ($_[0]->get("defaultStatus") eq "Approved") { - unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove")) ) { + unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove")) ) { $hash{status} = $_[0]->get("defaultStatus"); WebGUI::MessageLog::addInternationalizedEntry('',$_[0]->get("groupToApprove"), WebGUI::URL::page('func=viewSubmission&wid='.$_[0]->get("wobjectId").'&sid='. @@ -627,14 +628,14 @@ sub www_editSubmissionSave { #------------------------------------------------------------------- sub www_moveSubmissionDown { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralDown("USS_submission","USS_submissionId",$session{form}{sid}, "USS_id", $_[0]->get("USS_id")); return ""; } #------------------------------------------------------------------- sub www_moveSubmissionUp { - return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); + return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit); $_[0]->moveCollateralUp("USS_submission","USS_submissionId",$session{form}{sid}, "USS_id", $_[0]->get("USS_id")); return ""; } @@ -646,7 +647,7 @@ sub www_view { $numResults = $_[0]->get("submissionsPerPage"); $var{"readmore.label"} = WebGUI::International::get(46,$_[0]->get("namespace")); $var{"responses.label"} = WebGUI::International::get(57,$_[0]->get("namespace")); - $var{canPost} = WebGUI::Privilege::isInGroup($_[0]->get("groupToContribute")); + $var{canPost} = WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute")); $var{"post.url"} = WebGUI::URL::page('func=editSubmission&sid=new&wid='.$_[0]->get("wobjectId")); $var{"post.label"} = WebGUI::International::get(20,$_[0]->get("namespace")); $var{"addquestion.label"} = WebGUI::International::get(83,$_[0]->get("namespace")); @@ -664,7 +665,7 @@ sub www_view { } else { $constraints = "(status='Approved' or (userId=$session{user}{userId} and userId<>1))"; } - $var{canModerate} = WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"),$session{user}{userId}); + $var{canModerate} = WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"),$session{user}{userId}); $var{"title.label"} = WebGUI::International::get(99); $var{"thumbnail.label"} = WebGUI::International::get(52,$_[0]->get("namespace")); $var{"date.label"} = WebGUI::International::get(13,$_[0]->get("namespace")); @@ -806,7 +807,7 @@ sub www_viewSubmission { return "" unless ($submission->{USS_submissionId}); return "" unless ($submission->{status} eq 'Approved' || ($submission->{userId} == $session{user}{userId} && $session{user}{userId} != 1) || - WebGUI::Privilege::isInGroup($_[0]->getValue("groupToApprove"))); + WebGUI::Grouping::isInGroup($_[0]->getValue("groupToApprove"))); my $callback = WebGUI::URL::page("func=viewSubmission&wid=".$_[0]->get("wobjectId")."&sid=".$submission->{USS_submissionId}); if ($session{form}{forumOp} ne "" && $session{form}{forumOp} ne "viewForum") { return WebGUI::Forum::UI::forumOp({ @@ -834,7 +835,7 @@ sub www_viewSubmission { $var{"status.status"} = status($submission->{status}); $var{"views.label"} = WebGUI::International::get(514); $var{"views.count"} = $submission->{views}; - $var{canPost} = WebGUI::Privilege::isInGroup($_[0]->get("groupToContribute")); + $var{canPost} = WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute")); $var{"post.url"} = WebGUI::URL::page('func=editSubmission&sid=new&wid='.$_[0]->get("wobjectId")); $var{"post.label"} = WebGUI::International::get(20,$_[0]->get("namespace")); @data = WebGUI::SQL->quickArray("select max(USS_submissionId) from USS_submission @@ -849,12 +850,12 @@ sub www_viewSubmission { $var{"next.more"} = ($data[0] ne ""); $var{"next.url"} = WebGUI::URL::page('func=viewSubmission&sid='.$data[0].'&wid='.$session{form}{wid}); $var{"next.label"} = WebGUI::International::get(59,$_[0]->get("namespace")); - $var{canEdit} = (($submission->{userId} == $session{user}{userId} || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) && $session{user}{userId} != 1); + $var{canEdit} = (($submission->{userId} == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) && $session{user}{userId} != 1); $var{"delete.url"} = WebGUI::URL::page('func=deleteSubmission&wid='.$session{form}{wid}.'&sid='.$session{form}{sid}); $var{"delete.label"} = WebGUI::International::get(37,$_[0]->get("namespace")); $var{"edit.url"} = WebGUI::URL::page('func=editSubmission&wid='.$session{form}{wid}.'&sid='.$session{form}{sid}); $var{"edit.label"} = WebGUI::International::get(27,$_[0]->get("namespace")); - $var{canChangeStatus} = WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"),$session{user}{userId}); + $var{canChangeStatus} = WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"),$session{user}{userId}); $var{"approve.url"} = WebGUI::URL::page('func=approveSubmission&wid='.$session{form}{wid}.'&sid='.$session{form}{sid}.'&mlog='.$session{form}{mlog}); $var{"approve.label"} = WebGUI::International::get(572); $var{"leave.url"} = WebGUI::URL::page('op=viewMessageLog');