oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

changed the privileges API

Browse source
This commit is contained in:
JT Smith 2004-05-29 05:27:19 +00:00
parent 1f052120ed
commit 8e79f008c7
48 changed files with 758 additions and 749 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/changelog/6.x.x.txt
View file

@ -6,6 +6,7 @@
- All plugins are now dynamically loaded. This provides a performance gain of - All plugins are now dynamically loaded. This provides a performance gain of
over 100% in CGI mode, 10% in mod_perl mode, and less memory usage in over 100% in CGI mode, 10% in mod_perl mode, and less memory usage in
mod_perl mode. mod_perl mode.
- Changed the privileges API significantly. See docs/migration.txt for details.

8
docs/migration.txt
View file

@ -111,5 +111,13 @@ something that uses a macro, wobject, or auth module outside of the usual
mechanisms that call those plug-ins, then you'll need to write a piece of code mechanisms that call those plug-ins, then you'll need to write a piece of code
to load the plug-in at use time. to load the plug-in at use time.
5.5 Privilege API Change
In 6.1 we move isInGroup from WebGUI::Privilege to WebGUI::Grouping, where it
belongs. We also moved canViewPage and canEditPage to WebGUI::Page and renamed them
to canView and canEdit. And finally, we moved canEditWobject and
canViewWobject to WebGUI::Wobject and renamed them canView and canEdit and
converted them from regular functions into methods.

5
lib/WebGUI.pm
View file

@ -16,6 +16,7 @@ use Tie::CPHash;
use WebGUI::Affiliate; use WebGUI::Affiliate;
use WebGUI::Cache; use WebGUI::Cache;
use WebGUI::ErrorHandler; use WebGUI::ErrorHandler;
use WebGUI::Grouping;
use WebGUI::International; use WebGUI::International;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Operation; use WebGUI::Operation;
@ -39,7 +40,7 @@ sub _generatePage {
".quote($session{page}{title}).", ".quote($session{form}{wid}).", ".quote($session{form}{func}).")"); ".quote($session{page}{title}).", ".quote($session{form}{wid}).", ".quote($session{form}{func}).")");
} }
my $output = WebGUI::Macro::process(WebGUI::Style::process($content)); my $output = WebGUI::Macro::process(WebGUI::Style::process($content));
if ($session{setting}{showDebug} || ($session{form}{debug}==1 && WebGUI::Privilege::isInGroup(3))) { if ($session{setting}{showDebug} || ($session{form}{debug}==1 && WebGUI::Grouping::isInGroup(3))) {
$output .= WebGUI::ErrorHandler::showDebug(); $output .= WebGUI::ErrorHandler::showDebug();
} }
return $output; return $output;
@ -92,7 +93,7 @@ sub _processFunctions {
WebGUI::ErrorHandler::security("access wobject [".$session{form}{wid}."] on page '" WebGUI::ErrorHandler::security("access wobject [".$session{form}{wid}."] on page '"
.$session{page}{title}."' [".$session{page}{pageId}."]."); .$session{page}{title}."' [".$session{page}{pageId}."].");
} else { } else {
if (WebGUI::Privilege::canViewPage()) { if (WebGUI::Page::canView()) {
$cmd = "WebGUI::Wobject::".${$wobject}{namespace}; $cmd = "WebGUI::Wobject::".${$wobject}{namespace};
my $load = "use ".$cmd; # gotta load the wobject before you can use it my $load = "use ".$cmd; # gotta load the wobject before you can use it
eval($load); eval($load);

8
lib/WebGUI/Forum.pm
View file

@ -16,7 +16,7 @@ package WebGUI::Forum;
use strict; use strict;
use WebGUI::Forum::Thread; use WebGUI::Forum::Thread;
use WebGUI::Privilege; use WebGUI::Grouping;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL; use WebGUI::SQL;
use WebGUI::Utility; use WebGUI::Utility;
@ -81,7 +81,7 @@ Defaults to $session{user}{userId}. Specify a user ID to check privileges for.
sub canPost { sub canPost {
my ($self, $userId) = @_; my ($self, $userId) = @_;
$userId = $session{user}{userId} unless ($userId); $userId = $session{user}{userId} unless ($userId);
return (WebGUI::Privilege::isInGroup($self->get("groupToPost"),$userId) || $self->isModerator); return (WebGUI::Grouping::isInGroup($self->get("groupToPost"),$userId) || $self->isModerator);
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
@ -103,7 +103,7 @@ Defaults to $session{user}{userId}. Specify a user ID to check privileges for.
sub canView { sub canView {
my ($self, $userId) = @_; my ($self, $userId) = @_;
$userId = $session{user}{userId} unless ($userId); $userId = $session{user}{userId} unless ($userId);
return (WebGUI::Privilege::isInGroup($self->get("groupToView"),$userId) || $self->canPost); return (WebGUI::Grouping::isInGroup($self->get("groupToView"),$userId) || $self->canPost);
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
@ -242,7 +242,7 @@ Defaults to $session{user}{userId}. A user id to test for moderator privileges.
sub isModerator { sub isModerator {
my ($self, $userId) = @_; my ($self, $userId) = @_;
$userId = $session{user}{userId} unless ($userId); $userId = $session{user}{userId} unless ($userId);
return WebGUI::Privilege::isInGroup($self->get("groupToModerate"), $userId); return WebGUI::Grouping::isInGroup($self->get("groupToModerate"), $userId);
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------

151
lib/WebGUI/Grouping.pm
View file

@ -40,7 +40,8 @@ This package provides an interface for managing WebGUI user and group groupings.
$arrayRef = WebGUI::Grouping::getGroupsForUser($userId); $arrayRef = WebGUI::Grouping::getGroupsForUser($userId);
$arrayRef = WebGUI::Grouping::getGroupsInGroup($groupId); $arrayRef = WebGUI::Grouping::getGroupsInGroup($groupId);
$arrayRef = WebGUI::Grouping::getUsersInGroup($groupId); $arrayRef = WebGUI::Grouping::getUsersInGroup($groupId);
$yesNo = WebGUI::Grouping::userGroupAdmin($userId,$groupId); $boolean = WebGUI::Grouping::isInGroup($groupId, $userId);
$boolean = WebGUI::Grouping::userGroupAdmin($userId,$groupId);
$epoch = WebGUI::Grouping::userGroupExpireDate($userId,$groupId); $epoch = WebGUI::Grouping::userGroupExpireDate($userId,$groupId);
=head1 METHODS =head1 METHODS
@ -227,11 +228,13 @@ If set to "1" then the listing will not include expired groupings. Defaults to "
=cut =cut
sub getGroupsForUser { sub getGroupsForUser {
my $clause = "and expireDate>".time() if ($_[1]); my $userId = shift;
if ($_[0] eq "") { my $withoutExpired = shift;
my $clause = "and expireDate>".time() if ($withoutExpired);
if ($userId eq "") {
return []; return [];
} else { } else {
return WebGUI::SQL->buildArrayRef("select groupId from groupings where userId=$_[0] $clause"); return WebGUI::SQL->buildArrayRef("select groupId from groupings where userId=$userId $clause");
} }
} }
@ -311,6 +314,146 @@ sub getUsersInGroup {
} }
#-------------------------------------------------------------------
=head2 isInGroup ( [ groupId , userId ] )
Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins.
=over
=item groupId
The group that you wish to verify against the user. Defaults to group with Id 3 (the Admin group).
=item userId
The user that you wish to verify against the group. Defaults to the currently logged in user.
=back
=cut
sub isInGroup {
my ($gid, $uid, @data, %group, $groupId);
($gid, $uid) = @_;
$gid = 3 unless (defined $gid);
$uid = $session{user}{userId} if ($uid eq "");
### The following several checks are to increase performance. If this section were removed, everything would continue to work as normal.
return 1 if ($gid == 7); # everyone is in the everyone group
return 1 if ($gid == 1 && $uid == 1); # visitors are in the visitors group
return 0 if ($gid != 1 && $uid == 1); # visitors can't be in any group execpt the visitors group
return 1 if ($gid==2 && $uid != 1); # if you're not a visitor, then you're a registered user
### Look to see if we've already looked up this group.
if ($session{isInGroup}{$gid}{$uid} == 1) {
return 1;
} elsif ($session{isInGroup}{$gid}{$uid} eq "0") {
return 0;
}
### Lookup the actual groupings.
my $groups = WebGUI::Grouping::getGroupsForUser($uid,1);
foreach (@{$groups}) {
$session{isInGroup}{$_}{$uid} = 1;
}
if ($session{isInGroup}{$gid}{$uid} == 1) {
return 1;
}
### Get data for auxillary checks.
tie %group, 'Tie::CPHash';
%group = WebGUI::SQL->quickHash("select karmaThreshold,ipFilter,scratchFilter,databaseLinkId,dbQuery,dbCacheTimeout from groups where groupId='$gid'");
### Check IP Address
if ($group{ipFilter} ne "") {
$group{ipFilter} =~ s/\t//g;
$group{ipFilter} =~ s/\r//g;
$group{ipFilter} =~ s/\n//g;
$group{ipFilter} =~ s/\s//g;
$group{ipFilter} =~ s/\./\\\./g;
my @ips = split(";",$group{ipFilter});
foreach my $ip (@ips) {
if ($session{env}{REMOTE_ADDR} =~ /^$ip/) {
$session{isInGroup}{$gid}{$uid} = 1;
return 1;
}
}
}
### Check Scratch Variables
if ($group{scratchFilter} ne "") {
$group{scratchFilter} =~ s/\t//g;
$group{scratchFilter} =~ s/\r//g;
$group{scratchFilter} =~ s/\n//g;
$group{scratchFilter} =~ s/\s//g;
my @vars = split(";",$group{scratchFilter});
foreach my $var (@vars) {
my ($name, $value) = split(/\=/,$var);
if ($session{scratch}{$name} eq $value) {
$session{isInGroup}{$gid}{$uid} = 1;
return 1;
}
}
}
### Check karma levels.
if ($session{setting}{useKarma}) {
my $karma;
if ($uid == $session{user}{userId}) {
$karma = $session{user}{karma};
} else {
($karma) = WebGUI::SQL->quickHash("select karma from users where userId='$uid'");
}
if ($karma >= $group{karmaThreshold}) {
$session{isInGroup}{$gid}{$uid} = 1;
return 1;
}
}
### Check external database
if ($group{dbQuery} ne "" && $group{databaseLinkId}) {
# skip if not logged in and query contains a User macro
unless ($group{dbQuery} =~ /\^User/i && $uid == 1) {
my $dbLink = WebGUI::DatabaseLink->new($group{databaseLinkId});
my $dbh = $dbLink->dbh;
if (defined $dbh) {
if ($group{dbQuery} =~ /select 1/i) {
$group{dbQuery} = WebGUI::Macro::process($group{dbQuery});
my $sth = WebGUI::SQL->unconditionalRead($group{dbQuery},$dbh);
unless ($sth->errorCode < 1) {
WebGUI::ErrorHandler::warn("There was a problem with the database query for group ID $gid.");
} else {
my ($result) = $sth->array;
if ($result == 1) {
$session{isInGroup}{$gid}{$uid} = 1;
if ($group{dbCacheTimeout} > 0) {
WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]);
WebGUI::Grouping::addUsersToGroups([$uid],[$gid],$group{dbCacheTimeout});
}
} else {
$session{isInGroup}{$gid}{$uid} = 0;
WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]) if ($group{dbCacheTimeout} > 0);
}
}
$sth->finish;
} else {
WebGUI::ErrorHandler::warn("Database query for group ID $gid must use 'select 1'");
}
$dbLink->disconnect;
return 1 if ($session{isInGroup}{$gid}{$uid});
}
}
}
### Check for groups of groups.
$groups = WebGUI::Grouping::getGroupsInGroup($gid,1);
foreach (@{$groups}) {
$session{isInGroup}{$_}{$uid} = isInGroup($_, $uid);
if ($session{isInGroup}{$_}{$uid}) {
$session{isInGroup}{$gid}{$uid} = 1; # cache current group also so we don't have to do the group in group check again
return 1;
}
}
$session{isInGroup}{$gid}{$uid} = 0;
return 0;
}
#------------------------------------------------------------------- #-------------------------------------------------------------------

8
lib/WebGUI/HTMLForm.pm
View file

@ -20,7 +20,7 @@ use WebGUI::DateTime;
use WebGUI::Form; use WebGUI::Form;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
use WebGUI::Privilege; use WebGUI::Grouping;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL; use WebGUI::SQL;
@ -535,7 +535,7 @@ sub databaseLink {
rearrange([qw(name value label afterEdit extras uiLevel)], @p); rearrange([qw(name value label afterEdit extras uiLevel)], @p);
if (_uiLevelChecksOut($uiLevel)) { if (_uiLevelChecksOut($uiLevel)) {
$label = $label || WebGUI::International::get(1075); $label = $label || WebGUI::International::get(1075);
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
if ($afterEdit) { if ($afterEdit) {
$subtext = editIcon("op=editDatabaseLink&amp;lid=".$value."&amp;afterEdit=".WebGUI::URL::escape($afterEdit)); $subtext = editIcon("op=editDatabaseLink&amp;lid=".$value."&amp;afterEdit=".WebGUI::URL::escape($afterEdit));
} }
@ -1079,7 +1079,7 @@ sub group {
my ($name, $label, $value, $size, $multiple, $extras, $subtext, $uiLevel, $excludeGroups) = my ($name, $label, $value, $size, $multiple, $extras, $subtext, $uiLevel, $excludeGroups) =
rearrange([qw(name label value size multiple extras subtext uiLevel excludeGroups)], @p); rearrange([qw(name label value size multiple extras subtext uiLevel excludeGroups)], @p);
if (_uiLevelChecksOut($uiLevel)) { if (_uiLevelChecksOut($uiLevel)) {
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
$subtext = manageIcon("op=listGroups").$subtext; $subtext = manageIcon("op=listGroups").$subtext;
} }
$output = WebGUI::Form::group({ $output = WebGUI::Form::group({
@ -1956,7 +1956,7 @@ sub template {
rearrange([qw(name value label namespace afterEdit extras uiLevel)], @p); rearrange([qw(name value label namespace afterEdit extras uiLevel)], @p);
if (_uiLevelChecksOut($uiLevel)) { if (_uiLevelChecksOut($uiLevel)) {
$label = $label || WebGUI::International::get(356); $label = $label || WebGUI::International::get(356);
if (WebGUI::Privilege::isInGroup(8)) { if (WebGUI::Grouping::isInGroup(8)) {
if ($afterEdit) { if ($afterEdit) {
$subtext = editIcon("op=editTemplate&tid=".$value."&namespace=".$namespace."&afterEdit=".WebGUI::URL::escape($afterEdit)); $subtext = editIcon("op=editTemplate&tid=".$value."&namespace=".$namespace."&afterEdit=".WebGUI::URL::escape($afterEdit));
} }

16
lib/WebGUI/Macro/AdminBar.pm
View file

@ -13,9 +13,9 @@ package WebGUI::Macro::AdminBar;
use strict qw(refs vars); use strict qw(refs vars);
use Tie::CPHash; use Tie::CPHash;
use Tie::IxHash; use Tie::IxHash;
use WebGUI::Grouping;
use WebGUI::International; use WebGUI::International;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Privilege;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL; use WebGUI::SQL;
use WebGUI::URL; use WebGUI::URL;
@ -137,7 +137,7 @@ sub process {
$var{'clipboard_loop'} = \@clipboard; $var{'clipboard_loop'} = \@clipboard;
#--admin functions #--admin functions
%hash = (); %hash = ();
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
%hash = ( %hash = (
WebGUI::URL::page('op=listGroups')=>WebGUI::International::get(5), WebGUI::URL::page('op=listGroups')=>WebGUI::International::get(5),
WebGUI::URL::page('op=manageSettings')=>WebGUI::International::get(4), WebGUI::URL::page('op=manageSettings')=>WebGUI::International::get(4),
@ -146,14 +146,14 @@ sub process {
WebGUI::URL::page('op=listDatabaseLinks')=>WebGUI::International::get(981), WebGUI::URL::page('op=listDatabaseLinks')=>WebGUI::International::get(981),
WebGUI::URL::page('op=listNavigation')=>'Manage navigation.' WebGUI::URL::page('op=listNavigation')=>'Manage navigation.'
); );
} elsif (WebGUI::Privilege::isInGroup(11)) { } elsif (WebGUI::Grouping::isInGroup(11)) {
%hash = ( %hash = (
WebGUI::URL::page('op=listGroupsSecondary')=>WebGUI::International::get(5), WebGUI::URL::page('op=listGroupsSecondary')=>WebGUI::International::get(5),
WebGUI::URL::page('op=addUserSecondary')=>WebGUI::International::get(169), WebGUI::URL::page('op=addUserSecondary')=>WebGUI::International::get(169),
%hash %hash
); );
} }
if (WebGUI::Privilege::isInGroup(4)) { if (WebGUI::Grouping::isInGroup(4)) {
%hash = ( %hash = (
WebGUI::URL::page('op=listRoots')=>WebGUI::International::get(410), WebGUI::URL::page('op=listRoots')=>WebGUI::International::get(410),
'http://validator.w3.org/check?uri='.WebGUI::URL::escape(WebGUI::URL::page())=>WebGUI::International::get(399), 'http://validator.w3.org/check?uri='.WebGUI::URL::escape(WebGUI::URL::page())=>WebGUI::International::get(399),
@ -164,25 +164,25 @@ sub process {
%hash %hash
); );
} }
if (WebGUI::Privilege::isInGroup(6)) { if (WebGUI::Grouping::isInGroup(6)) {
%hash = ( %hash = (
WebGUI::URL::gateway('packages')=>WebGUI::International::get(374), WebGUI::URL::gateway('packages')=>WebGUI::International::get(374),
%hash %hash
); );
} }
if (WebGUI::Privilege::isInGroup(8)) { if (WebGUI::Grouping::isInGroup(8)) {
%hash = ( %hash = (
WebGUI::URL::page('op=listTemplates')=>WebGUI::International::get(508), WebGUI::URL::page('op=listTemplates')=>WebGUI::International::get(508),
%hash %hash
); );
} }
if (WebGUI::Privilege::isInGroup(9)) { if (WebGUI::Grouping::isInGroup(9)) {
%hash = ( %hash = (
WebGUI::URL::page('op=listThemes')=>WebGUI::International::get(900), WebGUI::URL::page('op=listThemes')=>WebGUI::International::get(900),
%hash %hash
); );
} }
if (WebGUI::Privilege::isInGroup(10)) { if (WebGUI::Grouping::isInGroup(10)) {
%hash = ( %hash = (
WebGUI::URL::page('op=listLanguages')=>WebGUI::International::get(585), WebGUI::URL::page('op=listLanguages')=>WebGUI::International::get(585),
%hash %hash

3
lib/WebGUI/Macro/AdminToggle.pm
View file

@ -11,6 +11,7 @@ package WebGUI::Macro::AdminToggle;
#------------------------------------------------------------------- #-------------------------------------------------------------------
use strict; use strict;
use WebGUI::Grouping;
use WebGUI::International; use WebGUI::International;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Session; use WebGUI::Session;
@ -19,7 +20,7 @@ use WebGUI::URL;
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub process { sub process {
my ($temp, @param, $turnOn, $turnOff); my ($temp, @param, $turnOn, $turnOff);
if (WebGUI::Privilege::isInGroup(12)) { if (WebGUI::Grouping::isInGroup(12)) {
@param = WebGUI::Macro::getParams($_[0]); @param = WebGUI::Macro::getParams($_[0]);
if ($session{var}{adminOn}) { if ($session{var}{adminOn}) {
$turnOff = $param[1] || WebGUI::International::get(517); $turnOff = $param[1] || WebGUI::International::get(517);

4
lib/WebGUI/Macro/CanEditText.pm
View file

@ -12,13 +12,13 @@ package WebGUI::Macro::CanEditText;
use strict; use strict;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Page;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::Privilege;
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub process { sub process {
my @param = WebGUI::Macro::getParams($_[0]); my @param = WebGUI::Macro::getParams($_[0]);
if (WebGUI::Privilege::canEditPage()) { if (WebGUI::Page::canEdit()) {
return $param[0]; return $param[0];
} else { } else {
return ""; return "";

5
lib/WebGUI/Macro/EditableToggle.pm
View file

@ -11,16 +11,17 @@ package WebGUI::Macro::EditableToggle;
#------------------------------------------------------------------- #-------------------------------------------------------------------
use strict; use strict;
use WebGUI::Grouping;
use WebGUI::International; use WebGUI::International;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Privilege; use WebGUI::Page;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::URL; use WebGUI::URL;
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub process { sub process {
my ($temp, @param, $turnOn, $turnOff); my ($temp, @param, $turnOn, $turnOff);
if (WebGUI::Privilege::canEditPage() && WebGUI::Privilege::isInGroup(12)) { if (WebGUI::Page::canEdit() && WebGUI::Grouping::isInGroup(12)) {
@param = WebGUI::Macro::getParams($_[0]); @param = WebGUI::Macro::getParams($_[0]);
if ($session{var}{adminOn}) { if ($session{var}{adminOn}) {
$turnOff = $param[1] || WebGUI::International::get(517); $turnOff = $param[1] || WebGUI::International::get(517);

4
lib/WebGUI/Macro/GroupAdd.pm
View file

@ -12,9 +12,9 @@ package WebGUI::Macro::GroupAdd;
use strict; use strict;
use WebGUI::Group; use WebGUI::Group;
use WebGUI::Grouping;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::Privilege;
use WebGUI::URL; use WebGUI::URL;
#------------------------------------------------------------------- #-------------------------------------------------------------------
@ -24,7 +24,7 @@ sub process {
my $g = WebGUI::Group->find($param[0]); my $g = WebGUI::Group->find($param[0]);
return "" if ($g->groupId eq ""); return "" if ($g->groupId eq "");
return "" unless ($g->autoAdd); return "" unless ($g->autoAdd);
return "" if (WebGUI::Privilege::isInGroup($g->groupId)); return "" if (WebGUI::Grouping::isInGroup($g->groupId));
return '<a href="'.WebGUI::URL::page("op=autoAddToGroup&groupId=".$g->groupId).'">'.$param[1].'</a>'; return '<a href="'.WebGUI::URL::page("op=autoAddToGroup&groupId=".$g->groupId).'">'.$param[1].'</a>';
} }

4
lib/WebGUI/Macro/GroupDelete.pm
View file

@ -12,9 +12,9 @@ package WebGUI::Macro::GroupDelete;
use strict; use strict;
use WebGUI::Group; use WebGUI::Group;
use WebGUI::Grouping;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::Privilege;
use WebGUI::URL; use WebGUI::URL;
#------------------------------------------------------------------- #-------------------------------------------------------------------
@ -24,7 +24,7 @@ sub process {
my $g = WebGUI::Group->find($param[0]); my $g = WebGUI::Group->find($param[0]);
return "" if ($g->groupId eq ""); return "" if ($g->groupId eq "");
return "" unless ($g->autoDelete); return "" unless ($g->autoDelete);
return "" unless (WebGUI::Privilege::isInGroup($g->groupId)); return "" unless (WebGUI::Grouping::isInGroup($g->groupId));
return '<a href="'.WebGUI::URL::page("op=autoDeleteFromGroup&groupId=".$g->groupId).'">'.$param[1].'</a>'; return '<a href="'.WebGUI::URL::page("op=autoDeleteFromGroup&groupId=".$g->groupId).'">'.$param[1].'</a>';
} }

4
lib/WebGUI/Macro/GroupText.pm
View file

@ -11,17 +11,17 @@ package WebGUI::Macro::GroupText;
#------------------------------------------------------------------- #-------------------------------------------------------------------
use strict; use strict;
use WebGUI::Grouping;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::SQL; use WebGUI::SQL;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::Privilege;
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub process { sub process {
my @param = WebGUI::Macro::getParams($_[0]); my @param = WebGUI::Macro::getParams($_[0]);
my ($groupId) = WebGUI::SQL->quickArray("select groupId from groups where groupName=".quote($param[0])); my ($groupId) = WebGUI::SQL->quickArray("select groupId from groups where groupName=".quote($param[0]));
$groupId = 3 if ($groupId eq ""); $groupId = 3 if ($groupId eq "");
if (WebGUI::Privilege::isInGroup($groupId)) { if (WebGUI::Grouping::isInGroup($groupId)) {
return $param[1]; return $param[1];
} else { } else {
return $param[2]; return $param[2];

17
lib/WebGUI/Navigation.pm
View file

@ -18,16 +18,15 @@ package WebGUI::Navigation;
use strict; use strict;
use Tie::CPHash; use Tie::CPHash;
use Tie::IxHash; use Tie::IxHash;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::URL;
use WebGUI::Operation::Navigation;
use WebGUI::Page;
use WebGUI::Utility;
use WebGUI::Privilege;
use WebGUI::Template;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
use WebGUI::Operation::Navigation;
use WebGUI::Page;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::Template;
use WebGUI::URL;
use WebGUI::Utility;
=head1 NAME =head1 NAME
@ -269,7 +268,7 @@ sub build {
$pageData->{"page.isHidden"} = $page->get('hideFromNavigation'); $pageData->{"page.isHidden"} = $page->get('hideFromNavigation');
$pageData->{"page.isSystem"} = (($page->get('pageId') < 1000 && $page->get('pageId') > 1) || $pageData->{"page.isSystem"} = (($page->get('pageId') < 1000 && $page->get('pageId') > 1) ||
$page->get('pageId') == 0); $page->get('pageId') == 0);
$pageData->{"page.isViewable"} = WebGUI::Privilege::canViewPage($page->get('pageId')); $pageData->{"page.isViewable"} = WebGUI::Page::canView($page->get('pageId'));
# indent # indent
my $indent = 0; my $indent = 0;

6
lib/WebGUI/Operation/Admin.pm
View file

@ -12,7 +12,7 @@ package WebGUI::Operation::Admin;
use Exporter; use Exporter;
use strict; use strict;
use WebGUI::Privilege; use WebGUI::Grouping;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL; use WebGUI::SQL;
@ -21,7 +21,7 @@ our @EXPORT = qw(&www_switchOffAdmin &www_switchOnAdmin);
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_switchOffAdmin { sub www_switchOffAdmin {
return "" unless (WebGUI::Privilege::isInGroup(12)); return "" unless (WebGUI::Grouping::isInGroup(12));
WebGUI::SQL->write("update userSession set adminOn=0 where sessionId='$session{var}{sessionId}'"); WebGUI::SQL->write("update userSession set adminOn=0 where sessionId='$session{var}{sessionId}'");
WebGUI::Session::refreshSessionVars($session{var}{sessionId}); WebGUI::Session::refreshSessionVars($session{var}{sessionId});
return ""; return "";
@ -29,7 +29,7 @@ sub www_switchOffAdmin {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_switchOnAdmin { sub www_switchOnAdmin {
return "" unless (WebGUI::Privilege::isInGroup(12)); return "" unless (WebGUI::Grouping::isInGroup(12));
WebGUI::SQL->write("update userSession set adminOn=1 where sessionId='$session{var}{sessionId}'"); WebGUI::SQL->write("update userSession set adminOn=1 where sessionId='$session{var}{sessionId}'");
WebGUI::Session::refreshSessionVars($session{var}{sessionId}); WebGUI::Session::refreshSessionVars($session{var}{sessionId});
return ""; return "";

22
lib/WebGUI/Operation/Clipboard.pm
View file

@ -39,7 +39,7 @@ sub _submenu {
if ($session{form}{systemClipboard} ne "1") { if ($session{form}{systemClipboard} ne "1") {
$menu{WebGUI::URL::page('op=emptyClipboard')} = WebGUI::International::get(950); $menu{WebGUI::URL::page('op=emptyClipboard')} = WebGUI::International::get(950);
} }
if ( ($session{setting}{sharedClipboard} ne "1") && (WebGUI::Privilege::isInGroup(3)) ) { if ( ($session{setting}{sharedClipboard} ne "1") && (WebGUI::Grouping::isInGroup(3)) ) {
$menu{WebGUI::URL::page('op=manageClipboard&systemClipboard=1')} = WebGUI::International::get(954); $menu{WebGUI::URL::page('op=manageClipboard&systemClipboard=1')} = WebGUI::International::get(954);
if ($session{form}{systemClipboard} eq "1") { if ($session{form}{systemClipboard} eq "1") {
$menu{WebGUI::URL::page('op=emptyClipboard&systemClipboard=1')} = WebGUI::International::get(959); $menu{WebGUI::URL::page('op=emptyClipboard&systemClipboard=1')} = WebGUI::International::get(959);
@ -51,7 +51,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteClipboardItem { sub www_deleteClipboardItem {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
my ($output); my ($output);
if ($session{form}{wid} ne "") { if ($session{form}{wid} ne "") {
$output .= helpIcon(14); $output .= helpIcon(14);
@ -74,9 +74,9 @@ sub www_deleteClipboardItem {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteClipboardItemConfirm { sub www_deleteClipboardItemConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
if ($session{form}{wid} ne "") { if ($session{form}{wid} ne "") {
if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Privilege::isInGroup(3)) ) { if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) {
WebGUI::SQL->write("update wobject set pageId=3, " WebGUI::SQL->write("update wobject set pageId=3, "
."bufferDate=".time().", " ."bufferDate=".time().", "
."bufferUserId=".$session{user}{userId} .", " ."bufferUserId=".$session{user}{userId} .", "
@ -96,7 +96,7 @@ sub www_deleteClipboardItemConfirm {
} }
WebGUI::ErrorHandler::audit("moved wobject ". $session{form}{wid} ." from clipboard to trash"); WebGUI::ErrorHandler::audit("moved wobject ". $session{form}{wid} ." from clipboard to trash");
} elsif ($session{form}{pageId} ne "") { } elsif ($session{form}{pageId} ne "") {
if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Privilege::isInGroup(3)) ) { if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) {
WebGUI::SQL->write("update page set parentId=3, " WebGUI::SQL->write("update page set parentId=3, "
."bufferDate=".time().", " ."bufferDate=".time().", "
."bufferUserId=".$session{user}{userId} .", " ."bufferUserId=".$session{user}{userId} .", "
@ -122,12 +122,12 @@ sub www_deleteClipboardItemConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_emptyClipboard { sub www_emptyClipboard {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
my ($output); my ($output);
$output = helpIcon(67); $output = helpIcon(67);
$output .= '<h1>'.WebGUI::International::get(42).'</h1>'; $output .= '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(951).'<p>'; $output .= WebGUI::International::get(951).'<p>';
if ( ($session{setting}{sharedClipboard} ne "1") && (WebGUI::Privilege::isInGroup(3)) ) { if ( ($session{setting}{sharedClipboard} ne "1") && (WebGUI::Grouping::isInGroup(3)) ) {
$output .= '<div align="center"><a href="'.WebGUI::URL::page('op=emptyClipboardConfirm&systemClipboard=1') $output .= '<div align="center"><a href="'.WebGUI::URL::page('op=emptyClipboardConfirm&systemClipboard=1')
.'">'.WebGUI::International::get(44).'</a>'; .'">'.WebGUI::International::get(44).'</a>';
} else { } else {
@ -141,12 +141,12 @@ sub www_emptyClipboard {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_emptyClipboardConfirm { sub www_emptyClipboardConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
my ($allUsers); my ($allUsers);
if ($session{setting}{sharedClipboard} eq "1") { if ($session{setting}{sharedClipboard} eq "1") {
$allUsers = 1; $allUsers = 1;
} elsif ($session{form}{systemClipboard} eq "1") { } elsif ($session{form}{systemClipboard} eq "1") {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
$allUsers = 1; $allUsers = 1;
} else { } else {
$allUsers = 0; $allUsers = 0;
@ -184,7 +184,7 @@ sub www_emptyClipboardConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_manageClipboard { sub www_manageClipboard {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
my ($sth, @data, @row, @sorted_row, $i, $p, $allUsers); my ($sth, @data, @row, @sorted_row, $i, $p, $allUsers);
my $output = helpIcon(65); my $output = helpIcon(65);
@ -194,7 +194,7 @@ sub www_manageClipboard {
$allUsers = 1; $allUsers = 1;
$output .= '<h1>'. WebGUI::International::get(948) .'</h1>'; $output .= '<h1>'. WebGUI::International::get(948) .'</h1>';
} elsif ($session{form}{systemClipboard} eq "1") { } elsif ($session{form}{systemClipboard} eq "1") {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
$allUsers = 1; $allUsers = 1;
$output .= '<h1>'. WebGUI::International::get(955) .'</h1>'; $output .= '<h1>'. WebGUI::International::get(955) .'</h1>';
} else { } else {

39
lib/WebGUI/Operation/Collateral.pm
View file

@ -22,6 +22,7 @@ use strict;
use WebGUI::Collateral; use WebGUI::Collateral;
use WebGUI::CollateralFolder; use WebGUI::CollateralFolder;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
@ -55,7 +56,7 @@ sub _submenu {
$menu{WebGUI::URL::page('op=deleteCollateral&cid='.$session{form}{cid})} = WebGUI::International::get(765); $menu{WebGUI::URL::page('op=deleteCollateral&cid='.$session{form}{cid})} = WebGUI::International::get(765);
} }
$menu{WebGUI::URL::page('op=editCollateralFolder')} = WebGUI::International::get(759); $menu{WebGUI::URL::page('op=editCollateralFolder')} = WebGUI::International::get(759);
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
$menu{WebGUI::URL::page('op=emptyCollateralFolder')} = WebGUI::International::get(980); $menu{WebGUI::URL::page('op=emptyCollateralFolder')} = WebGUI::International::get(980);
$menu{WebGUI::URL::page('op=deleteCollateralFolder')} = WebGUI::International::get(760); $menu{WebGUI::URL::page('op=deleteCollateralFolder')} = WebGUI::International::get(760);
} }
@ -66,7 +67,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteCollateral { sub www_deleteCollateral {
my $collateral = WebGUI::Collateral->new($session{form}{cid}); my $collateral = WebGUI::Collateral->new($session{form}{cid});
return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Grouping::isInGroup(3));
my $output = '<h1>'.WebGUI::International::get(42).'</h1>'; my $output = '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(774).'<p/><div align="center">'; $output .= WebGUI::International::get(774).'<p/><div align="center">';
$output .= '<a href="'.WebGUI::URL::page('op=deleteCollateralConfirm&cid='.$session{form}{cid}).'">' $output .= '<a href="'.WebGUI::URL::page('op=deleteCollateralConfirm&cid='.$session{form}{cid}).'">'
@ -80,7 +81,7 @@ sub www_deleteCollateral {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteCollateralConfirm { sub www_deleteCollateralConfirm {
my $collateral = WebGUI::Collateral->new($session{form}{cid}); my $collateral = WebGUI::Collateral->new($session{form}{cid});
return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Grouping::isInGroup(3));
$collateral->delete; $collateral->delete;
WebGUI::Session::deleteScratch("collateralPageNumber"); WebGUI::Session::deleteScratch("collateralPageNumber");
return www_listCollateral(); return www_listCollateral();
@ -89,14 +90,14 @@ sub www_deleteCollateralConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteCollateralFile { sub www_deleteCollateralFile {
my $collateral = WebGUI::Collateral->new($session{form}{cid}); my $collateral = WebGUI::Collateral->new($session{form}{cid});
return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless ($collateral->get("userId") == $session{user}{userId} || WebGUI::Grouping::isInGroup(3));
$collateral->deleteFile; $collateral->deleteFile;
return www_editCollateral($collateral); return www_editCollateral($collateral);
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteCollateralFolder { sub www_deleteCollateralFolder {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3));
return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999); return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999);
my $output = '<h1>'.WebGUI::International::get(42).'</h1>'; my $output = '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(775).'<p/><div align="center">'; $output .= WebGUI::International::get(775).'<p/><div align="center">';
@ -110,7 +111,7 @@ sub www_deleteCollateralFolder {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteCollateralFolderConfirm { sub www_deleteCollateralFolderConfirm {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3));
return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999); return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999);
my $folders = WebGUI::CollateralFolder->getTree({-minimumFields => 1}); my $folders = WebGUI::CollateralFolder->getTree({-minimumFields => 1});
if (my $deadFolder = $folders->{$session{scratch}{collateralFolderId}}) { if (my $deadFolder = $folders->{$session{scratch}{collateralFolderId}}) {
@ -123,7 +124,7 @@ sub www_deleteCollateralFolderConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_emptyCollateralFolder { sub www_emptyCollateralFolder {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3));
return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999); return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999);
my $output = '<h1>'.WebGUI::International::get(42).'</h1>'; my $output = '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(979).'<p/><div align="center">'; $output .= WebGUI::International::get(979).'<p/><div align="center">';
@ -137,7 +138,7 @@ sub www_emptyCollateralFolder {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_emptyCollateralFolderConfirm { sub www_emptyCollateralFolderConfirm {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3));
return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999); return WebGUI::Privilege::vitalComponent() unless ($session{scratch}{collateralFolderId} > 999);
my @collateralIds = WebGUI::SQL->buildArray("select collateralId from collateral where collateralFolderId=".$session{scratch}{collateralFolderId}); my @collateralIds = WebGUI::SQL->buildArray("select collateralId from collateral where collateralFolderId=".$session{scratch}{collateralFolderId});
WebGUI::Collateral->multiDelete(@collateralIds); WebGUI::Collateral->multiDelete(@collateralIds);
@ -146,7 +147,7 @@ sub www_emptyCollateralFolderConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editCollateral { sub www_editCollateral {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4));
my ($canEdit, $file, $folderId, $output, $f, $collateral, $image, $error, $x, $y); my ($canEdit, $file, $folderId, $output, $f, $collateral, $image, $error, $x, $y);
if ($session{form}{cid} eq "new") { if ($session{form}{cid} eq "new") {
$collateral->{collateralType} = $session{form}{type}; $collateral->{collateralType} = $session{form}{type};
@ -159,7 +160,7 @@ sub www_editCollateral {
my $c = $_[1] || WebGUI::Collateral->new($session{form}{cid}); my $c = $_[1] || WebGUI::Collateral->new($session{form}{cid});
$collateral = $c->get; $collateral = $c->get;
} }
$canEdit = ($collateral->{userId} == $session{user}{userId} || WebGUI::Privilege::isInGroup(3)); $canEdit = ($collateral->{userId} == $session{user}{userId} || WebGUI::Grouping::isInGroup(3));
$folderId = $session{scratch}{collateralFolderId} || 0; $folderId = $session{scratch}{collateralFolderId} || 0;
$f = WebGUI::HTMLForm->new; $f = WebGUI::HTMLForm->new;
$f->hidden("op","editCollateralSave"); $f->hidden("op","editCollateralSave");
@ -295,7 +296,7 @@ sub www_editCollateral {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editCollateralSave { sub www_editCollateralSave {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4));
WebGUI::Session::setScratch("collateralFolderId",$session{form}{collateralFolderId}); WebGUI::Session::setScratch("collateralFolderId",$session{form}{collateralFolderId});
my ($test, $file, $addFile); my ($test, $file, $addFile);
my $collateral = WebGUI::Collateral->new($session{form}{cid}); my $collateral = WebGUI::Collateral->new($session{form}{cid});
@ -322,7 +323,7 @@ sub www_editCollateralSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editCollateralFolder { sub www_editCollateralFolder {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4));
my ($output, $f, $folder, $folderId, $constraint); my ($output, $f, $folder, $folderId, $constraint);
$output .= '<h1>'.WebGUI::International::get(776).'</h1>'; $output .= '<h1>'.WebGUI::International::get(776).'</h1>';
if ($session{form}{fid} eq "new") { if ($session{form}{fid} eq "new") {
@ -368,7 +369,7 @@ sub www_editCollateralFolder {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editCollateralFolderSave { sub www_editCollateralFolderSave {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4));
if ($session{form}{fid} eq "new") { if ($session{form}{fid} eq "new") {
$session{form}{fid} = getNextId("collateralFolderId"); $session{form}{fid} = getNextId("collateralFolderId");
WebGUI::Session::setScratch("collateralFolderId",$session{form}{fid}); WebGUI::Session::setScratch("collateralFolderId",$session{form}{fid});
@ -392,7 +393,7 @@ sub www_editCollateralFolderSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listCollateral { sub www_listCollateral {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(4));
my (%type, %user, $f, $row, $data, $sth, $url, $output, $parent, $p, $thumbnail, $file, $page, $constraints, $folderId); my (%type, %user, $f, $row, $data, $sth, $url, $output, $parent, $p, $thumbnail, $file, $page, $constraints, $folderId);
tie %type, 'Tie::IxHash'; tie %type, 'Tie::IxHash';
tie %user, 'Tie::IxHash'; tie %user, 'Tie::IxHash';
@ -519,7 +520,7 @@ sub _htmlAreaCreateTree {
sub www_htmlArealistCollateral { sub www_htmlArealistCollateral {
my (@parents, $sth, $data, $indent); my (@parents, $sth, $data, $indent);
$session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10;
return "<b>Only Content Managers are allowed to use WebGUI Collateral</b>" unless (WebGUI::Privilege::isInGroup(4)); return "<b>Only Content Managers are allowed to use WebGUI Collateral</b>" unless (WebGUI::Grouping::isInGroup(4));
my $output = '<table border="0" cellspacing="0" cellpadding="0" width="100%">'; my $output = '<table border="0" cellspacing="0" cellpadding="0" width="100%">';
my $folderId = $session{form}{fid} || 0; my $folderId = $session{form}{fid} || 0;
@ -574,7 +575,7 @@ sub www_htmlAreaviewCollateral {
my($output, $collateral, $file, $x, $y, $image, $error); my($output, $collateral, $file, $x, $y, $image, $error);
$session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10;
$output .= '<table align="center" border="0" cellspacing="0" cellpadding="2" width="100%" height="100%">'; $output .= '<table align="center" border="0" cellspacing="0" cellpadding="2" width="100%" height="100%">';
if($session{form}{cid} == 0 || ! WebGUI::Privilege::isInGroup(4)) { if($session{form}{cid} == 0 || ! WebGUI::Grouping::isInGroup(4)) {
$output .= '<tr><td align="center" valign="middle" width="100%" height="100%">'; $output .= '<tr><td align="center" valign="middle" width="100%" height="100%">';
$output .= '<p align="center"><br><img src="'.$session{config}{extrasURL}.'/htmlArea/images/icon.gif" $output .= '<p align="center"><br><img src="'.$session{config}{extrasURL}.'/htmlArea/images/icon.gif"
border="0"></p>'; border="0"></p>';
@ -610,7 +611,7 @@ sub www_htmlAreaviewCollateral {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_htmlAreaUpload { sub www_htmlAreaUpload {
$session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10;
return "<b>Only Content Managers are allowed to use WebGUI Collateral</b>" unless (WebGUI::Privilege::isInGroup(4)); return "<b>Only Content Managers are allowed to use WebGUI Collateral</b>" unless (WebGUI::Grouping::isInGroup(4));
return www_htmlArealistCollateral() if ($session{form}{image} eq ""); return www_htmlArealistCollateral() if ($session{form}{image} eq "");
my($test, $file); my($test, $file);
$session{form}{fid} = $session{form}{collateralFolderId} = $session{form}{path}; $session{form}{fid} = $session{form}{collateralFolderId} = $session{form}{path};
@ -635,7 +636,7 @@ sub www_htmlAreaUpload {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_htmlAreaDelete { sub www_htmlAreaDelete {
$session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10;
return "<b>Only Content Managers are allowed to use WebGUI Collateral</b>" unless (WebGUI::Privilege::isInGroup(4)); return "<b>Only Content Managers are allowed to use WebGUI Collateral</b>" unless (WebGUI::Grouping::isInGroup(4));
if($session{form}{cid}) { # Delete Image if($session{form}{cid}) { # Delete Image
my $collateral = WebGUI::Collateral->new($session{form}{cid}); my $collateral = WebGUI::Collateral->new($session{form}{cid});
$collateral->delete; $collateral->delete;
@ -652,7 +653,7 @@ sub www_htmlAreaDelete {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_htmlAreaCreateFolder { sub www_htmlAreaCreateFolder {
$session{page}{makePrintable}=1; $session{page}{printableStyleId}=10; $session{page}{makePrintable}=1; $session{page}{printableStyleId}=10;
return "<b>Only Content Managers are allowed to use WebGUI Collateral</b>" unless (WebGUI::Privilege::isInGroup(4)); return "<b>Only Content Managers are allowed to use WebGUI Collateral</b>" unless (WebGUI::Grouping::isInGroup(4));
$session{form}{fid} = getNextId("collateralFolderId"); $session{form}{fid} = getNextId("collateralFolderId");
WebGUI::Session::setScratch("collateralFolderId",$session{form}{fid}); WebGUI::Session::setScratch("collateralFolderId",$session{form}{fid});
WebGUI::SQL->write("insert into collateralFolder (collateralFolderId) values ($session{form}{fid})"); WebGUI::SQL->write("insert into collateralFolder (collateralFolderId) values ($session{form}{fid})");

13
lib/WebGUI/Operation/DatabaseLink.pm
View file

@ -14,6 +14,7 @@ use Exporter;
use strict; use strict;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::DatabaseLink; use WebGUI::DatabaseLink;
use WebGUI::Grouping;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
use WebGUI::Operation::Shared; use WebGUI::Operation::Shared;
@ -43,7 +44,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_copyDatabaseLink { sub www_copyDatabaseLink {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3));
my (%db); my (%db);
tie %db, 'Tie::CPHash'; tie %db, 'Tie::CPHash';
%db = WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=$session{form}{dlid}"); %db = WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=$session{form}{dlid}");
@ -54,7 +55,7 @@ sub www_copyDatabaseLink {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteDatabaseLink { sub www_deleteDatabaseLink {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3));
my ($output); my ($output);
$output .= helpIcon(70); $output .= helpIcon(70);
$output .= '<h1>'.WebGUI::International::get(987).'</h1>'; $output .= '<h1>'.WebGUI::International::get(987).'</h1>';
@ -77,14 +78,14 @@ sub www_deleteDatabaseLink {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteDatabaseLinkConfirm { sub www_deleteDatabaseLinkConfirm {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3));
WebGUI::SQL->write("delete from databaseLink where databaseLinkId=".$session{form}{dlid}); WebGUI::SQL->write("delete from databaseLink where databaseLinkId=".$session{form}{dlid});
return www_listDatabaseLinks(); return www_listDatabaseLinks();
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editDatabaseLink { sub www_editDatabaseLink {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3));
my ($output, %db, $f); my ($output, %db, $f);
tie %db, 'Tie::CPHash'; tie %db, 'Tie::CPHash';
if ($session{form}{dlid} eq "new") { if ($session{form}{dlid} eq "new") {
@ -109,7 +110,7 @@ sub www_editDatabaseLink {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editDatabaseLinkSave { sub www_editDatabaseLinkSave {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3));
if ($session{form}{dlid} eq "new") { if ($session{form}{dlid} eq "new") {
$session{form}{dlid} = getNextId("databaseLinkId"); $session{form}{dlid} = getNextId("databaseLinkId");
WebGUI::SQL->write("insert into databaseLink (databaseLinkId) values ($session{form}{dlid})"); WebGUI::SQL->write("insert into databaseLink (databaseLinkId) values ($session{form}{dlid})");
@ -121,7 +122,7 @@ sub www_editDatabaseLinkSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listDatabaseLinks { sub www_listDatabaseLinks {
return WebGUI::Privilege::adminOnly() unless(WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless(WebGUI::Grouping::isInGroup(3));
my ($output, $p, $sth, %data, @row, $i); my ($output, $p, $sth, %data, @row, $i);
$output = helpIcon(68); $output = helpIcon(68);
$output .= '<h1>'.WebGUI::International::get(996).'</h1>'; $output .= '<h1>'.WebGUI::International::get(996).'</h1>';

30
lib/WebGUI/Operation/Group.pm
View file

@ -40,7 +40,7 @@ our @EXPORT = qw(&www_manageUsersInGroup &www_deleteGroup &www_deleteGroupConfir
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub _hasSecondaryPrivilege { sub _hasSecondaryPrivilege {
return 0 unless (WebGUI::Privilege::isInGroup(11)); return 0 unless (WebGUI::Grouping::isInGroup(11));
return WebGUI::Grouping::userGroupAdmin($session{user}{userId},$_[0]); return WebGUI::Grouping::userGroupAdmin($session{user}{userId},$_[0]);
} }
@ -49,7 +49,7 @@ sub _hasSecondaryPrivilege {
sub _submenu { sub _submenu {
my ($output, %menu); my ($output, %menu);
tie %menu, 'Tie::IxHash'; tie %menu, 'Tie::IxHash';
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
$menu{WebGUI::URL::page('op=editGroup&gid=new')} = WebGUI::International::get(90); $menu{WebGUI::URL::page('op=editGroup&gid=new')} = WebGUI::International::get(90);
unless ($session{form}{op} eq "listGroups" unless ($session{form}{op} eq "listGroups"
|| $session{form}{gid} eq "new" || $session{form}{gid} eq "new"
@ -69,7 +69,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addGroupsToGroupSave { sub www_addGroupsToGroupSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my @groups = $session{cgi}->param('groups'); my @groups = $session{cgi}->param('groups');
WebGUI::Grouping::addGroupsToGroups(\@groups,[$session{form}{gid}]); WebGUI::Grouping::addGroupsToGroups(\@groups,[$session{form}{gid}]);
return www_manageGroupsInGroup(); return www_manageGroupsInGroup();
@ -77,7 +77,7 @@ sub www_addGroupsToGroupSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addUsersToGroupSave { sub www_addUsersToGroupSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my @users = $session{cgi}->param('users'); my @users = $session{cgi}->param('users');
WebGUI::Grouping::addUsersToGroups(\@users,[$session{form}{gid}]); WebGUI::Grouping::addUsersToGroups(\@users,[$session{form}{gid}]);
return www_manageUsersInGroup(); return www_manageUsersInGroup();
@ -113,7 +113,7 @@ sub www_autoDeleteFromGroup {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteGroup { sub www_deleteGroup {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output); my ($output);
return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26); return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26);
$output .= helpIcon(15); $output .= helpIcon(15);
@ -128,7 +128,7 @@ sub www_deleteGroup {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteGroupConfirm { sub www_deleteGroupConfirm {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26); return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26);
my $g = WebGUI::Group->new($session{form}{gid}); my $g = WebGUI::Group->new($session{form}{gid});
$g->delete; $g->delete;
@ -137,7 +137,7 @@ sub www_deleteGroupConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteGroupGrouping { sub www_deleteGroupGrouping {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
WebGUI::Grouping::deleteGroupsFromGroups([$session{form}{delete}],[$session{form}{gid}]); WebGUI::Grouping::deleteGroupsFromGroups([$session{form}{delete}],[$session{form}{gid}]);
return www_manageGroupsInGroup(); return www_manageGroupsInGroup();
} }
@ -154,7 +154,7 @@ sub www_deleteGroupingSecondary {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editGroup { sub www_editGroup {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f, $g); my ($output, $f, $g);
if ($session{form}{gid} eq "new") { if ($session{form}{gid} eq "new") {
$g = WebGUI::Group->new(""); $g = WebGUI::Group->new("");
@ -233,7 +233,7 @@ sub www_editGroup {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editGroupSave { sub www_editGroupSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my $g = WebGUI::Group->new($session{form}{gid}); my $g = WebGUI::Group->new($session{form}{gid});
$g->description($session{form}{description}); $g->description($session{form}{description});
$g->name($session{form}{groupName}); $g->name($session{form}{groupName});
@ -255,7 +255,7 @@ sub www_editGroupSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_emailGroup { sub www_emailGroup {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output,$f); my ($output,$f);
$output = '<h1>'.WebGUI::International::get(809).'</h1>'; $output = '<h1>'.WebGUI::International::get(809).'</h1>';
$f = WebGUI::HTMLForm->new; $f = WebGUI::HTMLForm->new;
@ -282,7 +282,7 @@ sub www_emailGroup {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_emailGroupSend { sub www_emailGroupSend {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($sth, $email); my ($sth, $email);
$sth = WebGUI::SQL->read("select b.fieldData from groupings a left join userProfileData b $sth = WebGUI::SQL->read("select b.fieldData from groupings a left join userProfileData b
on a.userId=b.userId and b.fieldName='email' where a.groupId=$session{form}{gid}"); on a.userId=b.userId and b.fieldName='email' where a.groupId=$session{form}{gid}");
@ -297,7 +297,7 @@ sub www_emailGroupSend {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listGroups { sub www_listGroups {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $p, $sth, @data, @row, $i, $userCount); my ($output, $p, $sth, @data, @row, $i, $userCount);
$output = helpIcon(10); $output = helpIcon(10);
$output .= '<h1>'.WebGUI::International::get(89).'</h1>'; $output .= '<h1>'.WebGUI::International::get(89).'</h1>';
@ -328,7 +328,7 @@ sub www_listGroups {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listGroupsSecondary { sub www_listGroupsSecondary {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(11)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(11));
my ($output, $p, $sth, @data, @row, $i, $userCount); my ($output, $p, $sth, @data, @row, $i, $userCount);
$output .= '<h1>'.WebGUI::International::get(89).'</h1>'; $output .= '<h1>'.WebGUI::International::get(89).'</h1>';
my @editableGroups = WebGUI::SQL->buildArray("select groupId from groupings where userId=$session{user}{userId} and groupAdmin=1"); my @editableGroups = WebGUI::SQL->buildArray("select groupId from groupings where userId=$session{user}{userId} and groupAdmin=1");
@ -360,7 +360,7 @@ sub www_listGroupsSecondary {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_manageGroupsInGroup { sub www_manageGroupsInGroup {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $p, $group, $groups, $f); my ($output, $p, $group, $groups, $f);
$output = '<h1>'.WebGUI::International::get(813).'</h1><div align="center">'; $output = '<h1>'.WebGUI::International::get(813).'</h1><div align="center">';
$f = WebGUI::HTMLForm->new; $f = WebGUI::HTMLForm->new;
@ -397,7 +397,7 @@ sub www_manageGroupsInGroup {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_manageUsersInGroup { sub www_manageUsersInGroup {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $sth, %hash); my ($output, $sth, %hash);
tie %hash, 'Tie::CPHash'; tie %hash, 'Tie::CPHash';
$output = '<h1>'.WebGUI::International::get(88).'</h1>'; $output = '<h1>'.WebGUI::International::get(88).'</h1>';

13
lib/WebGUI/Operation/Help.pm
View file

@ -15,6 +15,7 @@ use strict;
use Tie::IxHash; use Tie::IxHash;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
@ -70,7 +71,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteHelp { sub www_deleteHelp {
return "" unless (WebGUI::Privilege::isInGroup(3)); return "" unless (WebGUI::Grouping::isInGroup(3));
my $output = '<h1>Confirm</h1>Are you sure? Deleting help is never a good idea. <a href="' my $output = '<h1>Confirm</h1>Are you sure? Deleting help is never a good idea. <a href="'
.WebGUI::URL::page("op=deleteHelpConfirm&hid=".$session{form}{hid}."&namespace=".$session{form}{namespace}) .WebGUI::URL::page("op=deleteHelpConfirm&hid=".$session{form}{hid}."&namespace=".$session{form}{namespace})
.'">Yes</a> / <a href="'.WebGUI::URL::page("op=manageHelp").'">No</a><p>'; .'">Yes</a> / <a href="'.WebGUI::URL::page("op=manageHelp").'">No</a><p>';
@ -79,7 +80,7 @@ sub www_deleteHelp {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteHelpConfirm { sub www_deleteHelpConfirm {
return "" unless (WebGUI::Privilege::isInGroup(3)); return "" unless (WebGUI::Grouping::isInGroup(3));
my ($titleId, $bodyId) = WebGUI::SQL->quickArray("select titleId,bodyId from help where helpId=".$session{form}{hid}." my ($titleId, $bodyId) = WebGUI::SQL->quickArray("select titleId,bodyId from help where helpId=".$session{form}{hid}."
and namespace=".quote($session{form}{namespace})); and namespace=".quote($session{form}{namespace}));
WebGUI::SQL->write("delete from international where internationalId=$titleId WebGUI::SQL->write("delete from international where internationalId=$titleId
@ -93,7 +94,7 @@ sub www_deleteHelpConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editHelp { sub www_editHelp {
return "" unless (WebGUI::Privilege::isInGroup(3)); return "" unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f, %data, %help, @seeAlso); my ($output, $f, %data, %help, @seeAlso);
tie %data, 'Tie::IxHash'; tie %data, 'Tie::IxHash';
tie %help, 'Tie::CPHash'; tie %help, 'Tie::CPHash';
@ -141,7 +142,7 @@ sub www_editHelp {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editHelpSave { sub www_editHelpSave {
return "" unless (WebGUI::Privilege::isInGroup(3)); return "" unless (WebGUI::Grouping::isInGroup(3));
my (@seeAlso); my (@seeAlso);
if ($session{form}{hid} eq "new") { if ($session{form}{hid} eq "new") {
if ($session{form}{namespace_new} ne "") { if ($session{form}{namespace_new} ne "") {
@ -178,7 +179,7 @@ sub www_editHelpSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_exportHelp { sub www_exportHelp {
return "" unless (WebGUI::Privilege::isInGroup(3)); return "" unless (WebGUI::Grouping::isInGroup(3));
my ($export, $output, %help, $sth); my ($export, $output, %help, $sth);
$export = "#export of WebGUI ".$WebGUI::VERSION." help system.\n\n"; $export = "#export of WebGUI ".$WebGUI::VERSION." help system.\n\n";
$sth = WebGUI::SQL->read("select * from help"); $sth = WebGUI::SQL->read("select * from help");
@ -195,7 +196,7 @@ sub www_exportHelp {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_manageHelp { sub www_manageHelp {
my ($sth, @help, $output); my ($sth, @help, $output);
return "" unless (WebGUI::Privilege::isInGroup(3)); return "" unless (WebGUI::Grouping::isInGroup(3));
$output = '<h1>Manage Help</h1>'; $output = '<h1>Manage Help</h1>';
$output .= 'This interface is for WebGUI developers only. If you\'re not a developer, leave this alone. Also, $output .= 'This interface is for WebGUI developers only. If you\'re not a developer, leave this alone. Also,
this interface works <b>ONLY</b> under MySQL and is not supported by Plain Black under any this interface works <b>ONLY</b> under MySQL and is not supported by Plain Black under any

20
lib/WebGUI/Operation/International.pm
View file

@ -14,6 +14,7 @@ use Exporter;
use strict; use strict;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
@ -21,6 +22,7 @@ use WebGUI::Macro;
use WebGUI::Mail; use WebGUI::Mail;
use WebGUI::Operation::Shared; use WebGUI::Operation::Shared;
use WebGUI::Paginator; use WebGUI::Paginator;
use WebGUI::Privilege;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL; use WebGUI::SQL;
use WebGUI::URL; use WebGUI::URL;
@ -85,7 +87,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addInternationalMessage { sub www_addInternationalMessage {
my ($output,$f); my ($output,$f);
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10));
$output = '<h1>Add English Message</h1>'; $output = '<h1>Add English Message</h1>';
$f = WebGUI::HTMLForm->new(); $f = WebGUI::HTMLForm->new();
$f->hidden("lid",1); $f->hidden("lid",1);
@ -118,7 +120,7 @@ sub www_addInternationalMessageSave {
sub www_deleteLanguage { sub www_deleteLanguage {
my ($output); my ($output);
return WebGUI::Privilege::vitalComponent() if ($session{form}{lid} < 1000 && $session{form}{lid} > 0); return WebGUI::Privilege::vitalComponent() if ($session{form}{lid} < 1000 && $session{form}{lid} > 0);
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10));
$output .= '<h1>'.WebGUI::International::get(42).'</h1>'; $output .= '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(587).'<p>'; $output .= WebGUI::International::get(587).'<p>';
$output .= '<div align="center"><a href="'. $output .= '<div align="center"><a href="'.
@ -131,7 +133,7 @@ sub www_deleteLanguage {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteLanguageConfirm { sub www_deleteLanguageConfirm {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10));
return WebGUI::Privilege::vitalComponent() if ($session{form}{lid} < 1000 && $session{form}{lid} > 0); return WebGUI::Privilege::vitalComponent() if ($session{form}{lid} < 1000 && $session{form}{lid} > 0);
WebGUI::SQL->write("delete from language where languageId=".$session{form}{lid}); WebGUI::SQL->write("delete from language where languageId=".$session{form}{lid});
WebGUI::SQL->write("delete from international where languageId=".$session{form}{lid}); WebGUI::SQL->write("delete from international where languageId=".$session{form}{lid});
@ -143,7 +145,7 @@ sub www_deleteLanguageConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editInternationalMessage { sub www_editInternationalMessage {
my ($output, $message, $context, $f, $language); my ($output, $message, $context, $f, $language);
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10));
($language) = WebGUI::SQL->quickArray("select language from language where languageId=".$session{form}{lid}); ($language) = WebGUI::SQL->quickArray("select language from language where languageId=".$session{form}{lid});
$output = '<h1>'.WebGUI::International::get(597).'</h1>'; $output = '<h1>'.WebGUI::International::get(597).'</h1>';
$f = WebGUI::HTMLForm->new; $f = WebGUI::HTMLForm->new;
@ -171,7 +173,7 @@ sub www_editInternationalMessage {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editInternationalMessageSave { sub www_editInternationalMessageSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10));
if ($session{form}{status} eq "missing") { if ($session{form}{status} eq "missing") {
WebGUI::SQL->write("insert into international (message,namespace,languageId,internationalId,lastUpdated) WebGUI::SQL->write("insert into international (message,namespace,languageId,internationalId,lastUpdated)
values (".quote($session{form}{message}).",".quote($session{form}{namespace}) values (".quote($session{form}{message}).",".quote($session{form}{namespace})
@ -187,7 +189,7 @@ sub www_editInternationalMessageSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editLanguage { sub www_editLanguage {
my ($output, $dir, @files, $file, %data, $f, %options); my ($output, $dir, @files, $file, %data, $f, %options);
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10));
tie %data, 'Tie::CPHash'; tie %data, 'Tie::CPHash';
$dir = $session{config}{extrasPath}.$session{os}{slash}."toolbar"; $dir = $session{config}{extrasPath}.$session{os}{slash}."toolbar";
opendir (DIR,$dir) or WebGUI::ErrorHandler::warn("Can't open toolbar directory!"); opendir (DIR,$dir) or WebGUI::ErrorHandler::warn("Can't open toolbar directory!");
@ -219,7 +221,7 @@ sub www_editLanguage {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editLanguageSave { sub www_editLanguageSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10));
if ($session{form}{lid} eq "new") { if ($session{form}{lid} eq "new") {
$session{form}{lid} = getNextId("languageId"); $session{form}{lid} = getNextId("languageId");
WebGUI::SQL->write("insert into language (languageId) values ($session{form}{lid})"); WebGUI::SQL->write("insert into language (languageId) values ($session{form}{lid})");
@ -238,7 +240,7 @@ sub www_exportTranslation {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listInternationalMessages { sub www_listInternationalMessages {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10));
my ($output, $sth, $key, $p, $status,%data, %list, $deprecated, $i, $missing, @row, $f, $outOfDate, $ok); my ($output, $sth, $key, $p, $status,%data, %list, $deprecated, $i, $missing, @row, $f, $outOfDate, $ok);
tie %data, 'Tie::CPHash'; tie %data, 'Tie::CPHash';
%data = WebGUI::SQL->quickHash("select language from language where languageId=".$session{form}{lid}); %data = WebGUI::SQL->quickHash("select language from language where languageId=".$session{form}{lid});
@ -370,7 +372,7 @@ sub www_listInternationalMessages {
sub www_listLanguages { sub www_listLanguages {
my ($output, $sth, %data); my ($output, $sth, %data);
tie %data, 'Tie::CPHash'; tie %data, 'Tie::CPHash';
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(10)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(10));
$output = '<h1>'.WebGUI::International::get(586).'</h1>'; $output = '<h1>'.WebGUI::International::get(586).'</h1>';
$sth = WebGUI::SQL->read("select languageId,language from language where languageId<>1 order by language"); $sth = WebGUI::SQL->read("select languageId,language from language where languageId<>1 order by language");
while (%data = $sth->hash) { while (%data = $sth->hash) {

5
lib/WebGUI/Operation/MessageLog.pm
View file

@ -14,6 +14,7 @@ use Exporter;
use strict qw(vars subs); use strict qw(vars subs);
use URI; use URI;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Grouping;
use WebGUI::International; use WebGUI::International;
use WebGUI::Paginator; use WebGUI::Paginator;
use WebGUI::Privilege; use WebGUI::Privilege;
@ -36,7 +37,7 @@ sub _status {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewMessageLog { sub www_viewMessageLog {
my (@msg, $vars); my (@msg, $vars);
WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(2,$session{user}{userId})); WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(2,$session{user}{userId}));
$vars->{displayTitle} = '<h1>'.WebGUI::International::get(159).'</h1>'; $vars->{displayTitle} = '<h1>'.WebGUI::International::get(159).'</h1>';
my $p = WebGUI::Paginator->new(WebGUI::URL::page('op=viewMessageLog')); my $p = WebGUI::Paginator->new(WebGUI::URL::page('op=viewMessageLog'));
my $query = "select messageLogId,subject,url,dateOfEntry,status from messageLog where userId=$session{user}{userId} order by dateOfEntry desc"; my $query = "select messageLogId,subject,url,dateOfEntry,status from messageLog where userId=$session{user}{userId} order by dateOfEntry desc";
@ -73,7 +74,7 @@ sub www_viewMessageLog {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewMessageLogMessage { sub www_viewMessageLogMessage {
my ($data, $vars); my ($data, $vars);
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(2,$session{user}{userId})); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(2,$session{user}{userId}));
$vars->{displayTitle} = '<h1>'.WebGUI::International::get(159).'</h1>'; $vars->{displayTitle} = '<h1>'.WebGUI::International::get(159).'</h1>';
$data = WebGUI::SQL->quickHashRef("select * from messageLog where messageLogId=$session{form}{mlog} and userId=$session{user}{userId}"); $data = WebGUI::SQL->quickHashRef("select * from messageLog where messageLogId=$session{form}{mlog} and userId=$session{user}{userId}");

21
lib/WebGUI/Operation/Navigation.pm
View file

@ -15,19 +15,20 @@ use strict;
use Tie::IxHash; use Tie::IxHash;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::ErrorHandler;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Navigation;
use WebGUI::Operation::Shared; use WebGUI::Operation::Shared;
use WebGUI::Privilege;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL; use WebGUI::SQL;
use WebGUI::URL; use WebGUI::URL;
use WebGUI::Utility; use WebGUI::Utility;
use WebGUI::Navigation;
use WebGUI::TabForm; use WebGUI::TabForm;
use WebGUI::ErrorHandler;
use WebGUI::Privilege;
our @ISA = qw(Exporter); our @ISA = qw(Exporter);
our @EXPORT = qw(&www_listNavigation &www_editNavigation &www_editNavigationSave &www_copyNavigation our @EXPORT = qw(&www_listNavigation &www_editNavigation &www_editNavigationSave &www_copyNavigation
@ -52,7 +53,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_copyNavigation { sub www_copyNavigation {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3));
my %navigation = WebGUI::SQL->quickHash("select * from Navigation where identifier = ". my %navigation = WebGUI::SQL->quickHash("select * from Navigation where identifier = ".
quote($session{form}{identifier})); quote($session{form}{identifier}));
WebGUI::SQL->write("insert into Navigation (navigationId, identifier, depth, method, startAt, stopAtLevel, WebGUI::SQL->write("insert into Navigation (navigationId, identifier, depth, method, startAt, stopAtLevel,
@ -68,7 +69,7 @@ sub www_copyNavigation {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteNavigation { sub www_deleteNavigation {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3));
if ($session{form}{navigationId} < 1000 && $session{form}{navigationId} > 0) { if ($session{form}{navigationId} < 1000 && $session{form}{navigationId} > 0) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
} }
@ -84,7 +85,7 @@ sub www_deleteNavigation {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteNavigationConfirm { sub www_deleteNavigationConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3));
if ($session{form}{navigationId} < 1000 && $session{form}{navigationId} > 0) { if ($session{form}{navigationId} < 1000 && $session{form}{navigationId} > 0) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
} }
@ -94,7 +95,7 @@ sub www_deleteNavigationConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editNavigation { sub www_editNavigation {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3));
my $identifier = shift || $session{form}{identifier}; my $identifier = shift || $session{form}{identifier};
#return WebGUI::ErrorHandler::warn("editNavigation called without identifier") unless $identifier; #return WebGUI::ErrorHandler::warn("editNavigation called without identifier") unless $identifier;
@ -241,7 +242,7 @@ sub www_editNavigation {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editNavigationSave { sub www_editNavigationSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3));
# Check on duplicate identifier # Check on duplicate identifier
my ($existingNavigationId, $existingIdentifier) = WebGUI::SQL->quickArray("select navigationId, my ($existingNavigationId, $existingIdentifier) = WebGUI::SQL->quickArray("select navigationId,
@ -274,7 +275,7 @@ sub www_editNavigationSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listNavigation { sub www_listNavigation {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3));
my $output .= helpIcon(84).'<h1>'.WebGUI::International::get(34,'Navigation').'</h1>'; my $output .= helpIcon(84).'<h1>'.WebGUI::International::get(34,'Navigation').'</h1>';
my $sth = WebGUI::SQL->read("select navigationId, identifier from Navigation order by identifier"); my $sth = WebGUI::SQL->read("select navigationId, identifier from Navigation order by identifier");
my $i = 0; my $i = 0;
@ -303,7 +304,7 @@ sub www_previewNavigation {
#$session{page}{useEmptyStyle} = 1; #$session{page}{useEmptyStyle} = 1;
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
$session{var}{adminOn} = 0; $session{var}{adminOn} = 0;
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(3));
my $nav = WebGUI::Navigation->new( depth=>$session{form}{depth}, my $nav = WebGUI::Navigation->new( depth=>$session{form}{depth},
method=>$session{form}{method}, method=>$session{form}{method},
startAt=>$session{form}{startAt}, startAt=>$session{form}{startAt},

2
lib/WebGUI/Operation/Package.pm
View file

@ -117,7 +117,7 @@ sub _recursePageTree {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deployPackage { sub www_deployPackage {
if (WebGUI::Privilege::canEditPage()) { if (WebGUI::Page::canEdit()) {
_recursePageTree($session{form}{pid},$session{page}{pageId}); _recursePageTree($session{form}{pid},$session{page}{pageId});
return ""; return "";
} else { } else {

52
lib/WebGUI/Operation/Page.pm
View file

@ -40,13 +40,21 @@ This private function changes the privileges of all wobjects on page.
=cut =cut
sub _changeWobjectPrivileges { sub _changeWobjectPrivileges {
my($wobject,$sth); my($wobject,$sth);
$sth = WebGUI::SQL->read("select wobjectId from wobject where pageId=".quote($_[0])); $sth = WebGUI::SQL->read("select wobjectId,namespace from wobject where pageId=".quote($_[0]));
while ($wobject = $sth->hashRef) { while ($wobject = $sth->hashRef) {
if (WebGUI::Privilege::canEditWobject($wobject->{wobjectId})) { my $cmd = "WebGUI::Wobject::".$wobject->{namespace};
WebGUI::SQL->write("update wobject set startDate=".WebGUI::FormProcessor::dateTime("startDate").", my $load = "use ".$cmd;
endDate=".WebGUI::FormProcessor::dateTime("endDate").", eval($load);
ownerId=$session{form}{ownerId}, groupIdView=$session{form}{groupIdView}, WebGUI::ErrorHandler::warn("Wobject failed to compile: $cmd.".$@) if($@);
groupIdEdit=$session{form}{groupIdEdit} where wobjectId=".quote($wobject->{wobjectId})); my $w = $cmd->new($wobject);
if ($w->canEdit) {
$w->set({
startDate=>WebGUI::FormProcessor::dateTime("startDate"),
endDate=>WebGUI::FormProcessor::dateTime("endDate"),
ownerId=>$session{form}{ownerId},
groupIdView=>$session{form}{ownerId},
groupIdEdit=>$session{form}{groupIdEdit}
});
} }
} }
} }
@ -76,7 +84,7 @@ sub _recursivelyChangeProperties {
$page->walk_down({ $page->walk_down({
callback => sub { callback => sub {
$currentPage = shift; $currentPage = shift;
if (WebGUI::Privilege::canEditPage($currentPage->get('pageId'))) { if (WebGUI::Page::canEdit($currentPage->get('pageId'))) {
$currentPage->setWithoutRecache({ $currentPage->setWithoutRecache({
startDate => WebGUI::FormProcessor::dateTime("startDate"), startDate => WebGUI::FormProcessor::dateTime("startDate"),
endDate => WebGUI::FormProcessor::dateTime("endDate"), endDate => WebGUI::FormProcessor::dateTime("endDate"),
@ -234,7 +242,7 @@ sub www_cutPage {
if ($session{page}{pageId} < 26 && $session{page}{pageId} >= 0) { if ($session{page}{pageId} < 26 && $session{page}{pageId} >= 0) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
} elsif (WebGUI::Privilege::canEditPage()) { } elsif (WebGUI::Page::canEdit()) {
$page = WebGUI::Page->getPage($session{page}{pageId}); $page = WebGUI::Page->getPage($session{page}{pageId});
$page->cut; $page->cut;
return ""; return "";
@ -255,7 +263,7 @@ sub www_deletePage {
my ($output); my ($output);
if ($session{page}{pageId} < 1000 && $session{page}{pageId} > 0) { if ($session{page}{pageId} < 1000 && $session{page}{pageId} > 0) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
} elsif (WebGUI::Privilege::canEditPage()) { } elsif (WebGUI::Page::canEdit()) {
$output .= helpIcon(3); $output .= helpIcon(3);
$output .= '<h1>'.WebGUI::International::get(42).'</h1>'; $output .= '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(101).'<p>'; $output .= WebGUI::International::get(101).'<p>';
@ -280,7 +288,7 @@ Actually transfers the page to the trash.
sub www_deletePageConfirm { sub www_deletePageConfirm {
if ($session{page}{pageId} < 1000 && $session{page}{pageId} > 0) { if ($session{page}{pageId} < 1000 && $session{page}{pageId} > 0) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
} elsif (WebGUI::Privilege::canEditPage()) { } elsif (WebGUI::Page::canEdit()) {
my $page = WebGUI::Page->getPage($session{page}{pageId}); my $page = WebGUI::Page->getPage($session{page}{pageId});
$page->delete; $page->delete;
WebGUI::Session::refreshPageInfo($session{page}{parentId}); WebGUI::Session::refreshPageInfo($session{page}{parentId});
@ -304,7 +312,7 @@ sub www_editPage {
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
tie %hash, "Tie::IxHash"; tie %hash, "Tie::IxHash";
tie %page, "Tie::CPHash"; tie %page, "Tie::CPHash";
if (WebGUI::Privilege::canEditPage($session{form}{npp})) { if (WebGUI::Page::canEdit($session{form}{npp})) {
my %tabs; my %tabs;
tie %tabs, 'Tie::IxHash'; tie %tabs, 'Tie::IxHash';
%tabs = ( %tabs = (
@ -466,13 +474,13 @@ sub www_editPage {
-value=>$page{endDate}, -value=>$page{endDate},
-uiLevel=>6 -uiLevel=>6
); );
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
$subtext = manageIcon('op=listUsers'); $subtext = manageIcon('op=listUsers');
} else { } else {
$subtext = ""; $subtext = "";
} }
my $clause; my $clause;
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1); my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1);
push (@$contentManagers, $session{user}{userId}); push (@$contentManagers, $session{user}{userId});
$clause = "userId in (".join(",",@$contentManagers).")"; $clause = "userId in (".join(",",@$contentManagers).")";
@ -549,7 +557,7 @@ sub www_editPageSave {
$pageId = $session{form}{pageId}; $pageId = $session{form}{pageId};
} }
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage($pageId)); return WebGUI::Privilege::insufficient() unless (WebGUI::Page::canEdit($pageId));
if ($session{form}{pageId} eq "new") { if ($session{form}{pageId} eq "new") {
$currentPage = WebGUI::Page->getPage($pageId); $currentPage = WebGUI::Page->getPage($pageId);
@ -605,7 +613,7 @@ Moves page down in the context of it's sisters.
=cut =cut
sub www_movePageDown { sub www_movePageDown {
if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { if (WebGUI::Page::canEdit($session{page}{pageId})) {
WebGUI::Page->moveDown($session{page}{pageId}); WebGUI::Page->moveDown($session{page}{pageId});
return ""; return "";
} else { } else {
@ -622,7 +630,7 @@ Moves page up in the context of it's sisters.
=cut =cut
sub www_movePageUp { sub www_movePageUp {
if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { if (WebGUI::Page::canEdit($session{page}{pageId})) {
WebGUI::Page->moveUp($session{page}{pageId}); WebGUI::Page->moveUp($session{page}{pageId});
return ""; return "";
} else { } else {
@ -639,7 +647,7 @@ Same as www_movePageUp wit this difference that this module returns the www_view
=cut =cut
sub www_moveTreePageUp { sub www_moveTreePageUp {
if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { if (WebGUI::Page::canEdit($session{page}{pageId})) {
WebGUI::Page->moveUp($session{page}{pageId}); WebGUI::Page->moveUp($session{page}{pageId});
return www_viewPageTree(); return www_viewPageTree();
} else { } else {
@ -656,7 +664,7 @@ Same as www_movePageDown with this difference that this module returns the www_v
=cut =cut
sub www_moveTreePageDown { sub www_moveTreePageDown {
if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { if (WebGUI::Page::canEdit($session{page}{pageId})) {
WebGUI::Page->moveDown($session{page}{pageId}); WebGUI::Page->moveDown($session{page}{pageId});
return www_viewPageTree(); return www_viewPageTree();
} else { } else {
@ -674,7 +682,7 @@ Another way to look at is that the mother of the current page becomes the elder
=cut =cut
sub www_moveTreePageLeft { sub www_moveTreePageLeft {
if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { if (WebGUI::Page::canEdit($session{page}{pageId})) {
WebGUI::Page->moveLeft($session{page}{pageId}); WebGUI::Page->moveLeft($session{page}{pageId});
return www_viewPageTree(); return www_viewPageTree();
} else { } else {
@ -684,7 +692,7 @@ sub www_moveTreePageLeft {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveTreePageRight { sub www_moveTreePageRight {
if (WebGUI::Privilege::canEditPage($session{page}{pageId})) { if (WebGUI::Page::canEdit($session{page}{pageId})) {
WebGUI::Page->moveRight($session{page}{pageId}); WebGUI::Page->moveRight($session{page}{pageId});
return www_viewPageTree(); return www_viewPageTree();
} else { } else {
@ -695,7 +703,7 @@ sub www_moveTreePageRight {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_pastePage { sub www_pastePage {
my ($currentPage, $pageToPaste); my ($currentPage, $pageToPaste);
if (WebGUI::Privilege::canEditPage()) { if (WebGUI::Page::canEdit()) {
$currentPage = WebGUI::Page->getPage($session{page}{pageId}); $currentPage = WebGUI::Page->getPage($session{page}{pageId});
$pageToPaste = WebGUI::Page->getPage($session{form}{pageId}); $pageToPaste = WebGUI::Page->getPage($session{form}{pageId});
$pageToPaste->paste($currentPage); $pageToPaste->paste($currentPage);
@ -707,7 +715,7 @@ sub www_pastePage {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_rearrangeWobjects { sub www_rearrangeWobjects {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage($session{page}{pageId})); return WebGUI::Privilege::insufficient() unless (WebGUI::Page::canEdit($session{page}{pageId}));
$session{page}{styleId} = 2; $session{page}{styleId} = 2;
my @contentAreas = split(/\./,$session{form}{map}); my @contentAreas = split(/\./,$session{form}{map});
my $templatePosition = 1; my $templatePosition = 1;

3
lib/WebGUI/Operation/Profile.pm
View file

@ -17,6 +17,7 @@ use WebGUI::Operation::Auth;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::ErrorHandler; use WebGUI::ErrorHandler;
use WebGUI::FormProcessor; use WebGUI::FormProcessor;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::International; use WebGUI::International;
use WebGUI::Macro; use WebGUI::Macro;
@ -222,7 +223,7 @@ sub www_viewProfile {
$vars->{displayTitle} = '<h1>'.WebGUI::International::get(347).' '.$u->username.'</h1>'; $vars->{displayTitle} = '<h1>'.WebGUI::International::get(347).' '.$u->username.'</h1>';
return WebGUI::Privilege::notMember() if($u->username eq ""); return WebGUI::Privilege::notMember() if($u->username eq "");
return $vars->{displayTitle}.WebGUI::International::get(862) if($u->profileField("publicProfile") < 1); return $vars->{displayTitle}.WebGUI::International::get(862) if($u->profileField("publicProfile") < 1);
return WebGUI::Privilege::insufficient() if(!WebGUI::Privilege::isInGroup(2)); return WebGUI::Privilege::insufficient() if(!WebGUI::Grouping::isInGroup(2));
$a = WebGUI::SQL->read("select * from userProfileField,userProfileCategory where userProfileField.profileCategoryId=userProfileCategory.profileCategoryId $a = WebGUI::SQL->read("select * from userProfileField,userProfileCategory where userProfileField.profileCategoryId=userProfileCategory.profileCategoryId
and userProfileCategory.visible=1 and userProfileField.visible=1 order by userProfileCategory.sequenceNumber,userProfileField.sequenceNumber"); and userProfileCategory.visible=1 and userProfileField.visible=1 order by userProfileCategory.sequenceNumber,userProfileField.sequenceNumber");
while (%data = $a->hash) { while (%data = $a->hash) {

27
lib/WebGUI/Operation/ProfileSettings.pm
View file

@ -14,6 +14,7 @@ use Exporter;
use strict; use strict;
use Tie::CPHash; use Tie::CPHash;
use Tie::IxHash; use Tie::IxHash;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
@ -68,7 +69,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteProfileCategory { sub www_deleteProfileCategory {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output); my ($output);
return WebGUI::Privilege::vitalComponent() if ($session{form}{cid} < 1000); return WebGUI::Privilege::vitalComponent() if ($session{form}{cid} < 1000);
$output = '<h1>'.WebGUI::International::get(42).'</h1>'; $output = '<h1>'.WebGUI::International::get(42).'</h1>';
@ -82,7 +83,7 @@ sub www_deleteProfileCategory {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteProfileCategoryConfirm { sub www_deleteProfileCategoryConfirm {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return WebGUI::Privilege::vitalComponent() if ($session{form}{cid} < 1000); return WebGUI::Privilege::vitalComponent() if ($session{form}{cid} < 1000);
WebGUI::SQL->write("delete from userProfileCategory where profileCategoryId=$session{form}{cid}"); WebGUI::SQL->write("delete from userProfileCategory where profileCategoryId=$session{form}{cid}");
WebGUI::SQL->write("update userProfileField set profileCategoryId=1 where profileCategoryId=$session{form}{cid}"); WebGUI::SQL->write("update userProfileField set profileCategoryId=1 where profileCategoryId=$session{form}{cid}");
@ -91,7 +92,7 @@ sub www_deleteProfileCategoryConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteProfileField { sub www_deleteProfileField {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output,$protected); my ($output,$protected);
($protected) = WebGUI::SQL->quickArray("select protected from userProfileField where fieldname=".quote($session{form}{fid})); ($protected) = WebGUI::SQL->quickArray("select protected from userProfileField where fieldname=".quote($session{form}{fid}));
return WebGUI::Privilege::vitalComponent() if ($protected); return WebGUI::Privilege::vitalComponent() if ($protected);
@ -106,7 +107,7 @@ sub www_deleteProfileField {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteProfileFieldConfirm { sub www_deleteProfileFieldConfirm {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($protected); my ($protected);
($protected) = WebGUI::SQL->quickArray("select protected from userProfileField where fieldname=".quote($session{form}{fid})); ($protected) = WebGUI::SQL->quickArray("select protected from userProfileField where fieldname=".quote($session{form}{fid}));
return WebGUI::Privilege::vitalComponent() if ($protected); return WebGUI::Privilege::vitalComponent() if ($protected);
@ -117,7 +118,7 @@ sub www_deleteProfileFieldConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editProfileCategory { sub www_editProfileCategory {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f, %data); my ($output, $f, %data);
tie %data, 'Tie::CPHash'; tie %data, 'Tie::CPHash';
$output = '<h1>'.WebGUI::International::get(468,"WebGUI/Profile").'</h1>'; $output = '<h1>'.WebGUI::International::get(468,"WebGUI/Profile").'</h1>';
@ -148,7 +149,7 @@ sub www_editProfileCategory {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editProfileCategorySave { sub www_editProfileCategorySave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($sequenceNumber, $test); my ($sequenceNumber, $test);
$session{form}{categoryName} = 'Unamed' if ($session{form}{categoryName} eq "" || $session{form}{categoryName} eq "''"); $session{form}{categoryName} = 'Unamed' if ($session{form}{categoryName} eq "" || $session{form}{categoryName} eq "''");
$test = eval($session{form}{categoryName}); $test = eval($session{form}{categoryName});
@ -167,7 +168,7 @@ sub www_editProfileCategorySave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editProfileField { sub www_editProfileField {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f, %data, %hash, $key); my ($output, $f, %data, %hash, $key);
tie %data, 'Tie::CPHash'; tie %data, 'Tie::CPHash';
$output = '<h1>'.WebGUI::International::get(471,"WebGUI/Profile").'</h1>'; $output = '<h1>'.WebGUI::International::get(471,"WebGUI/Profile").'</h1>';
@ -222,7 +223,7 @@ sub www_editProfileField {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editProfileFieldSave { sub www_editProfileFieldSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($sequenceNumber, $fieldName, $test); my ($sequenceNumber, $fieldName, $test);
$session{form}{fieldLabel} = 'Unamed' if ($session{form}{fieldLabel} eq "" || $session{form}{fieldLabel} eq "''"); $session{form}{fieldLabel} = 'Unamed' if ($session{form}{fieldLabel} eq "" || $session{form}{fieldLabel} eq "''");
$test = eval($session{form}{fieldLabel}); $test = eval($session{form}{fieldLabel});
@ -261,7 +262,7 @@ sub www_editProfileFieldSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editProfileSettings { sub www_editProfileSettings {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $a, %category, %field, $b); my ($output, $a, %category, %field, $b);
tie %category, 'Tie::CPHash'; tie %category, 'Tie::CPHash';
tie %field, 'Tie::CPHash'; tie %field, 'Tie::CPHash';
@ -296,7 +297,7 @@ sub www_editProfileSettings {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveProfileCategoryDown { sub www_moveProfileCategoryDown {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($id, $thisSeq); my ($id, $thisSeq);
($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from userProfileCategory where profileCategoryId=$session{form}{cid}"); ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from userProfileCategory where profileCategoryId=$session{form}{cid}");
($id) = WebGUI::SQL->quickArray("select profileCategoryId from userProfileCategory where sequenceNumber=$thisSeq+1"); ($id) = WebGUI::SQL->quickArray("select profileCategoryId from userProfileCategory where sequenceNumber=$thisSeq+1");
@ -310,7 +311,7 @@ sub www_moveProfileCategoryDown {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveProfileCategoryUp { sub www_moveProfileCategoryUp {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($id, $thisSeq); my ($id, $thisSeq);
($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from userProfileCategory where profileCategoryId=$session{form}{cid}"); ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from userProfileCategory where profileCategoryId=$session{form}{cid}");
($id) = WebGUI::SQL->quickArray("select profileCategoryId from userProfileCategory where sequenceNumber=$thisSeq-1"); ($id) = WebGUI::SQL->quickArray("select profileCategoryId from userProfileCategory where sequenceNumber=$thisSeq-1");
@ -324,7 +325,7 @@ sub www_moveProfileCategoryUp {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveProfileFieldDown { sub www_moveProfileFieldDown {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($id, $thisSeq, $profileCategoryId); my ($id, $thisSeq, $profileCategoryId);
($thisSeq,$profileCategoryId) = WebGUI::SQL->quickArray("select sequenceNumber,profileCategoryId from userProfileField where fieldName=".quote($session{form}{fid})); ($thisSeq,$profileCategoryId) = WebGUI::SQL->quickArray("select sequenceNumber,profileCategoryId from userProfileField where fieldName=".quote($session{form}{fid}));
($id) = WebGUI::SQL->quickArray("select fieldName from userProfileField where profileCategoryId=$profileCategoryId and sequenceNumber=$thisSeq+1"); ($id) = WebGUI::SQL->quickArray("select fieldName from userProfileField where profileCategoryId=$profileCategoryId and sequenceNumber=$thisSeq+1");
@ -338,7 +339,7 @@ sub www_moveProfileFieldDown {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveProfileFieldUp { sub www_moveProfileFieldUp {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($id, $thisSeq, $profileCategoryId); my ($id, $thisSeq, $profileCategoryId);
($thisSeq,$profileCategoryId) = WebGUI::SQL->quickArray("select sequenceNumber,profileCategoryId from userProfileField where fieldName=".quote($session{form}{fid})); ($thisSeq,$profileCategoryId) = WebGUI::SQL->quickArray("select sequenceNumber,profileCategoryId from userProfileField where fieldName=".quote($session{form}{fid}));
($id) = WebGUI::SQL->quickArray("select fieldName from userProfileField where profileCategoryId=$profileCategoryId and sequenceNumber=$thisSeq-1"); ($id) = WebGUI::SQL->quickArray("select fieldName from userProfileField where profileCategoryId=$profileCategoryId and sequenceNumber=$thisSeq-1");

10
lib/WebGUI/Operation/Replacements.pm
View file

@ -12,10 +12,12 @@ package WebGUI::Operation::Replacements;
use Exporter; use Exporter;
use strict; use strict;
use WebGUI::Grouping;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::International; use WebGUI::International;
use WebGUI::Operation::Shared; use WebGUI::Operation::Shared;
use WebGUI::Privilege;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL; use WebGUI::SQL;
@ -35,14 +37,14 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteReplacement { sub www_deleteReplacement {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
WebGUI::SQL->write("delete from replacements where replacementId=$session{form}{replacementId}"); WebGUI::SQL->write("delete from replacements where replacementId=$session{form}{replacementId}");
return www_listReplacements(); return www_listReplacements();
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editReplacement { sub www_editReplacement {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my $data = WebGUI::SQL->getRow("replacements","replacementId",$session{form}{replacementId}); my $data = WebGUI::SQL->getRow("replacements","replacementId",$session{form}{replacementId});
my $f = WebGUI::HTMLForm->new; my $f = WebGUI::HTMLForm->new;
$f->hidden( $f->hidden(
@ -73,7 +75,7 @@ sub www_editReplacement {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editReplacementSave { sub www_editReplacementSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
WebGUI::SQL->setRow("replacements","replacementId",{ WebGUI::SQL->setRow("replacements","replacementId",{
replacementId=>$session{form}{replacementId}, replacementId=>$session{form}{replacementId},
searchFor=>$session{form}{searchFor}, searchFor=>$session{form}{searchFor},
@ -84,7 +86,7 @@ sub www_editReplacementSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listReplacements { sub www_listReplacements {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my $output = "<h1>".WebGUI::International::get(1053)."</h1>"; my $output = "<h1>".WebGUI::International::get(1053)."</h1>";
$output .= '<table>'; $output .= '<table>';
my $sth = WebGUI::SQL->read("select replacementId,searchFor from replacements order by searchFor"); my $sth = WebGUI::SQL->read("select replacementId,searchFor from replacements order by searchFor");

3
lib/WebGUI/Operation/Root.pm
View file

@ -13,6 +13,7 @@ package WebGUI::Operation::Root;
use Exporter; use Exporter;
use strict; use strict;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::Grouping;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
use WebGUI::Operation::Shared; use WebGUI::Operation::Shared;
@ -35,7 +36,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listRoots { sub www_listRoots {
return WebGUI::Privilege::adminOnly() unless(WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless(WebGUI::Grouping::isInGroup(3));
my ($output, $p, $sth, %data, @row, $i); my ($output, $p, $sth, %data, @row, $i);
$output = helpIcon(28); $output = helpIcon(28);
$output .= '<h1>'.WebGUI::International::get(408).'</h1>'; $output .= '<h1>'.WebGUI::International::get(408).'</h1>';

15
lib/WebGUI/Operation/Settings.pm
View file

@ -13,6 +13,7 @@ package WebGUI::Operation::Settings;
use Exporter; use Exporter;
use strict qw(vars subs); use strict qw(vars subs);
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
@ -37,7 +38,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editCompanyInformation { sub www_editCompanyInformation {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f); my ($output, $f);
$output .= helpIcon(6); $output .= helpIcon(6);
$output .= '<h1>'.WebGUI::International::get(124).'</h1>'; $output .= '<h1>'.WebGUI::International::get(124).'</h1>';
@ -53,7 +54,7 @@ sub www_editCompanyInformation {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editContentSettings { sub www_editContentSettings {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, %htmlFilter, $f, $pages); my ($output, %htmlFilter, $f, $pages);
$pages = WebGUI::SQL->buildHashRef("select pageId,menuTitle from page order by menuTitle"); $pages = WebGUI::SQL->buildHashRef("select pageId,menuTitle from page order by menuTitle");
%htmlFilter = ('none'=>WebGUI::International::get(420), 'most'=>WebGUI::International::get(421), %htmlFilter = ('none'=>WebGUI::International::get(420), 'most'=>WebGUI::International::get(421),
@ -89,7 +90,7 @@ sub www_editContentSettings {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editMessagingSettings { sub www_editMessagingSettings {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f); my ($output, $f);
$output .= helpIcon(13); $output .= helpIcon(13);
$output .= '<h1>'.WebGUI::International::get(133).'</h1>'; $output .= '<h1>'.WebGUI::International::get(133).'</h1>';
@ -106,7 +107,7 @@ sub www_editMessagingSettings {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editMiscSettings { sub www_editMiscSettings {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f); my ($output, $f);
$output .= helpIcon(24); $output .= helpIcon(24);
$output .= '<h1>'.WebGUI::International::get(140).'</h1>'; $output .= '<h1>'.WebGUI::International::get(140).'</h1>';
@ -145,7 +146,7 @@ sub www_editMiscSettings {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editUserSettings { sub www_editUserSettings {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f, $cmd, $html); my ($output, $f, $cmd, $html);
$output .= helpIcon(2); $output .= helpIcon(2);
$output .= '<h1>'.WebGUI::International::get(117).'</h1>'; $output .= '<h1>'.WebGUI::International::get(117).'</h1>';
@ -189,7 +190,7 @@ sub www_editUserSettings {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_manageSettings { sub www_manageSettings {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output); my ($output);
$output .= helpIcon(12); $output .= helpIcon(12);
$output .= '<h1>'.WebGUI::International::get(143).'</h1>'; $output .= '<h1>'.WebGUI::International::get(143).'</h1>';
@ -207,7 +208,7 @@ sub www_manageSettings {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_saveSettings { sub www_saveSettings {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($key, $value); my ($key, $value);
foreach $key (keys %{$session{form}}) { foreach $key (keys %{$session{form}}) {
$value = $session{form}{$key}; $value = $session{form}{$key};

5
lib/WebGUI/Operation/Shared.pm
View file

@ -13,6 +13,7 @@ package WebGUI::Operation::Shared;
use Exporter; use Exporter;
use strict; use strict;
use WebGUI::Grouping;
use WebGUI::International; use WebGUI::International;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL; use WebGUI::SQL;
@ -23,7 +24,7 @@ our @EXPORT = qw(&menuWrapper);
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub accountOptions { sub accountOptions {
my @array; my @array;
if (WebGUI::Privilege::isInGroup(12)) { if (WebGUI::Grouping::isInGroup(12)) {
my %hash; my %hash;
if ($session{var}{adminOn}) { if ($session{var}{adminOn}) {
$hash{'options.display'} .= '<a href="'.WebGUI::URL::page('op=switchOffAdmin').'">'.WebGUI::International::get(12).'</a>'; $hash{'options.display'} .= '<a href="'.WebGUI::URL::page('op=switchOffAdmin').'">'.WebGUI::International::get(12).'</a>';
@ -55,7 +56,7 @@ our @EXPORT = qw(&menuWrapper);
my %logout; my %logout;
$logout{'options.display'} = '<a href="'.WebGUI::URL::page('op=logout').'">'.WebGUI::International::get(64).'</a>'; $logout{'options.display'} = '<a href="'.WebGUI::URL::page('op=logout').'">'.WebGUI::International::get(64).'</a>';
push(@array,\%logout); push(@array,\%logout);
if ($session{setting}{selfDeactivation} && !WebGUI::Privilege::isInGroup(3)){ if ($session{setting}{selfDeactivation} && !WebGUI::Grouping::isInGroup(3)){
my %hash; my %hash;
$hash{'options.display'} = '<a href="'.WebGUI::URL::page('op=deactivateAccount').'">'.WebGUI::International::get(65).'</a>'; $hash{'options.display'} = '<a href="'.WebGUI::URL::page('op=deactivateAccount').'">'.WebGUI::International::get(65).'</a>';
push(@array,\%hash); push(@array,\%hash);

13
lib/WebGUI/Operation/Statistics.pm
View file

@ -14,6 +14,7 @@ use Exporter;
use strict; use strict;
use WebGUI::Cache; use WebGUI::Cache;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Grouping;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
use WebGUI::Operation::Shared; use WebGUI::Operation::Shared;
@ -40,14 +41,14 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_killSession { sub www_killSession {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
WebGUI::Session::end($session{form}{sid}); WebGUI::Session::end($session{form}{sid});
return www_viewActiveSessions(); return www_viewActiveSessions();
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewActiveSessions { sub www_viewActiveSessions {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $p, @row, $i, $sth, %data); my ($output, $p, @row, $i, $sth, %data);
tie %data, 'Tie::CPHash'; tie %data, 'Tie::CPHash';
$output = '<h1>'.WebGUI::International::get(425).'</h1>'; $output = '<h1>'.WebGUI::International::get(425).'</h1>';
@ -81,7 +82,7 @@ sub www_viewActiveSessions {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewLoginHistory { sub www_viewLoginHistory {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $p, @row, $i, $sth, %data); my ($output, $p, @row, $i, $sth, %data);
tie %data, 'Tie::CPHash'; tie %data, 'Tie::CPHash';
$output = '<h1>'.WebGUI::International::get(426).'</h1>'; $output = '<h1>'.WebGUI::International::get(426).'</h1>';
@ -112,7 +113,7 @@ sub www_viewLoginHistory {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewPageReport { sub www_viewPageReport {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $count, $user, $data, $sth, %page, $pageId); my ($output, $count, $user, $data, $sth, %page, $pageId);
tie %page, "Tie::IxHash"; tie %page, "Tie::IxHash";
$output = '<h1>Page Statistics</h1>'; $output = '<h1>Page Statistics</h1>';
@ -155,7 +156,7 @@ sub www_viewPageReport {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewStatistics { sub www_viewStatistics {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $data); my ($output, $data);
my $url = "http://www.plainblack.com/downloads/latest-version.txt"; my $url = "http://www.plainblack.com/downloads/latest-version.txt";
my $cache = WebGUI::Cache->new($url,"URL"); my $cache = WebGUI::Cache->new($url,"URL");
@ -200,7 +201,7 @@ sub www_viewStatistics {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewTrafficReport { sub www_viewTrafficReport {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $data); my ($output, $data);
$output = '<h1>Pages</h1>'; $output = '<h1>Pages</h1>';
($data) = WebGUI::SQL->quickArray("select count(*) from pageStatistics where dateStamp>=".(time()-2592000)); ($data) = WebGUI::SQL->quickArray("select count(*) from pageStatistics where dateStamp>=".(time()-2592000));

4
lib/WebGUI/Operation/Style.pm
View file

@ -12,7 +12,9 @@ package WebGUI::Operation::Style;
use Exporter; use Exporter;
use strict; use strict;
use WebGUI::Grouping;
use WebGUI::Paginator; use WebGUI::Paginator;
use WebGUI::Privilege;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::URL; use WebGUI::URL;
@ -42,7 +44,7 @@ sub www_unsetPersonalStyle {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listRoots { sub www_listRoots {
return WebGUI::Privilege::adminOnly() unless(WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless(WebGUI::Grouping::isInGroup(3));
my ($output, $p, $sth, %data, @row, $i); my ($output, $p, $sth, %data, @row, $i);
$output = helpIcon(28); $output = helpIcon(28);
$output .= '<h1>'.WebGUI::International::get(408).'</h1>'; $output .= '<h1>'.WebGUI::International::get(408).'</h1>';

13
lib/WebGUI/Operation/Template.pm
View file

@ -13,6 +13,7 @@ package WebGUI::Operation::Template;
use Exporter; use Exporter;
use strict; use strict;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::Grouping;
use WebGUI::HTML; use WebGUI::HTML;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
@ -53,7 +54,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_copyTemplate { sub www_copyTemplate {
my (%template); my (%template);
if (WebGUI::Privilege::isInGroup(8)) { if (WebGUI::Grouping::isInGroup(8)) {
%template = WebGUI::SQL->quickHash("select * from template where templateId=$session{form}{tid} and namespace=".quote($session{form}{namespace})); %template = WebGUI::SQL->quickHash("select * from template where templateId=$session{form}{tid} and namespace=".quote($session{form}{namespace}));
WebGUI::SQL->write("insert into template (templateId,name,template,namespace) WebGUI::SQL->write("insert into template (templateId,name,template,namespace)
values ("._getNextTemplateId($session{form}{namespace}).", values ("._getNextTemplateId($session{form}{namespace}).",
@ -70,7 +71,7 @@ sub www_deleteTemplate {
my ($output); my ($output);
if ($session{form}{tid} < 1000 && $session{form}{tid} > 0) { if ($session{form}{tid} < 1000 && $session{form}{tid} > 0) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
} elsif (WebGUI::Privilege::isInGroup(8)) { } elsif (WebGUI::Grouping::isInGroup(8)) {
$output .= helpIcon(35); $output .= helpIcon(35);
$output .= '<h1>'.WebGUI::International::get(42).'</h1>'; $output .= '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(502).'<p>'; $output .= WebGUI::International::get(502).'<p>';
@ -91,7 +92,7 @@ sub www_deleteTemplateConfirm {
my ($a, $pageId); my ($a, $pageId);
if ($session{form}{tid} < 1000 && $session{form}{tid} > 1000) { if ($session{form}{tid} < 1000 && $session{form}{tid} > 1000) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
} elsif (WebGUI::Privilege::isInGroup(8)) { } elsif (WebGUI::Grouping::isInGroup(8)) {
if ($session{form}{namespace} eq "Page") { if ($session{form}{namespace} eq "Page") {
$a = WebGUI::SQL->read("select * from page where templateId=".$session{form}{tid}); $a = WebGUI::SQL->read("select * from page where templateId=".$session{form}{tid});
while (($pageId) = $a->array) { while (($pageId) = $a->array) {
@ -112,7 +113,7 @@ sub www_deleteTemplateConfirm {
sub www_editTemplate { sub www_editTemplate {
my ($output, $namespaces, %template, $f); my ($output, $namespaces, %template, $f);
tie %template, 'Tie::CPHash'; tie %template, 'Tie::CPHash';
if (WebGUI::Privilege::isInGroup(8)) { if (WebGUI::Grouping::isInGroup(8)) {
if ($session{form}{tid} eq "new" || $session{form}{tid} eq "") { if ($session{form}{tid} eq "new" || $session{form}{tid} eq "") {
if ($session{form}{namespace} eq "Page") { if ($session{form}{namespace} eq "Page") {
$template{template} = "<table>\n <tr>\n <td>\n\n<tmpl_var page.position1>\n\n". $template{template} = "<table>\n <tr>\n <td>\n\n<tmpl_var page.position1>\n\n".
@ -155,7 +156,7 @@ sub www_editTemplate {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editTemplateSave { sub www_editTemplateSave {
if (WebGUI::Privilege::isInGroup(8)) { if (WebGUI::Grouping::isInGroup(8)) {
if ($session{form}{tid} eq "new") { if ($session{form}{tid} eq "new") {
$session{form}{tid} = _getNextTemplateId($session{form}{namespace}); $session{form}{tid} = _getNextTemplateId($session{form}{namespace});
WebGUI::SQL->write("insert into template (templateId,namespace) values WebGUI::SQL->write("insert into template (templateId,namespace) values
@ -180,7 +181,7 @@ sub www_editTemplateSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listTemplates { sub www_listTemplates {
my ($output, $sth, @data, @row, $i, $p, $where); my ($output, $sth, @data, @row, $i, $p, $where);
if (WebGUI::Privilege::isInGroup(8)) { if (WebGUI::Grouping::isInGroup(8)) {
$where = "and namespace=".quote($session{form}{namespace}) if ($session{form}{namespace}); $where = "and namespace=".quote($session{form}{namespace}) if ($session{form}{namespace});
$output = helpIcon(33); $output = helpIcon(33);
$output .= '<h1>'.WebGUI::International::get(506).'</h1>'; $output .= '<h1>'.WebGUI::International::get(506).'</h1>';

29
lib/WebGUI/Operation/Theme.pm
View file

@ -16,6 +16,7 @@ use Tie::IxHash;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::Attachment; use WebGUI::Attachment;
use WebGUI::Collateral; use WebGUI::Collateral;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
@ -62,7 +63,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addThemeComponent { sub www_addThemeComponent {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
my (@q, $output, $defaultList, $component, $f); my (@q, $output, $defaultList, $component, $f);
my $types = _getComponentTypes(); my $types = _getComponentTypes();
push(@q,{query=>"select collateralType,collateralId,name from collateral where collateralType='file' order by name",type=>"file"}); push(@q,{query=>"select collateralType,collateralId,name from collateral where collateralType='file' order by name",type=>"file"});
@ -103,7 +104,7 @@ sub www_addThemeComponent {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addThemeComponentSave { sub www_addThemeComponentSave {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
my @ids = WebGUI::FormProcessor::selectList("id"); my @ids = WebGUI::FormProcessor::selectList("id");
foreach my $id (@ids) { foreach my $id (@ids) {
$id =~ /^(.*?)\_(.*)/; $id =~ /^(.*?)\_(.*)/;
@ -118,7 +119,7 @@ sub www_addThemeComponentSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteTheme { sub www_deleteTheme {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0); return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0);
my $output = helpIcon(64); my $output = helpIcon(64);
$output .= '<h1>'.WebGUI::International::get(42).'</h1>'; $output .= '<h1>'.WebGUI::International::get(42).'</h1>';
@ -133,7 +134,7 @@ sub www_deleteTheme {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteThemeConfirm { sub www_deleteThemeConfirm {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0); return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0);
my $theme = WebGUI::SQL->quickHashRef("select * from theme where themeId=".$session{form}{themeId}); my $theme = WebGUI::SQL->quickHashRef("select * from theme where themeId=".$session{form}{themeId});
unless ($theme->{original}) { unless ($theme->{original}) {
@ -158,7 +159,7 @@ sub www_deleteThemeConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteThemeComponent { sub www_deleteThemeComponent {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0); return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0);
my $output = helpIcon(4); my $output = helpIcon(4);
$output .= '<h1>'.WebGUI::International::get(42).'</h1>'; $output .= '<h1>'.WebGUI::International::get(42).'</h1>';
@ -173,7 +174,7 @@ sub www_deleteThemeComponent {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteThemeComponentConfirm { sub www_deleteThemeComponentConfirm {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0); return WebGUI::Privilege::vitalComponent() if ($session{form}{themeId} < 1000 && $session{form}{themeId} > 0);
WebGUI::SQL->write("delete from themeComponent where themeComponentId=".$session{form}{themeComponentId}); WebGUI::SQL->write("delete from themeComponent where themeComponentId=".$session{form}{themeComponentId});
return www_editTheme(); return www_editTheme();
@ -181,7 +182,7 @@ sub www_deleteThemeComponentConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editTheme { sub www_editTheme {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
my ($output, $theme, $f); my ($output, $theme, $f);
unless($session{form}{themeId} eq "new") { unless($session{form}{themeId} eq "new") {
$theme = WebGUI::SQL->quickHashRef("select * from theme where themeId=$session{form}{themeId}"); $theme = WebGUI::SQL->quickHashRef("select * from theme where themeId=$session{form}{themeId}");
@ -242,7 +243,7 @@ sub www_editTheme {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editThemeSave { sub www_editThemeSave {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
if ($session{form}{themeId} eq "new") { if ($session{form}{themeId} eq "new") {
$session{form}{themeId} = getNextId("themeId"); $session{form}{themeId} = getNextId("themeId");
WebGUI::SQL->write("insert into theme (themeId,webguiVersion,original,versionNumber) WebGUI::SQL->write("insert into theme (themeId,webguiVersion,original,versionNumber)
@ -260,7 +261,7 @@ sub www_editThemeSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_exportTheme { sub www_exportTheme {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
my $tempId = "theme".$session{form}{themeId}; my $tempId = "theme".$session{form}{themeId};
my $propertyFile = WebGUI::Attachment->new("_theme.properties","temp",$tempId); my $propertyFile = WebGUI::Attachment->new("_theme.properties","temp",$tempId);
WebGUI::SQL->write("update theme set versionNumber=versionNumber+1, webguiVersion=".quote($WebGUI::VERSION) WebGUI::SQL->write("update theme set versionNumber=versionNumber+1, webguiVersion=".quote($WebGUI::VERSION)
@ -307,7 +308,7 @@ sub www_exportTheme {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_importTheme { sub www_importTheme {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
my $output = helpIcon(63); my $output = helpIcon(63);
$output .= '<h1>'.WebGUI::International::get(927).'</h1>'; $output .= '<h1>'.WebGUI::International::get(927).'</h1>';
my $f = WebGUI::HTMLForm->new; my $f = WebGUI::HTMLForm->new;
@ -326,7 +327,7 @@ sub www_importTheme {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_importThemeValidate { sub www_importThemeValidate {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
my $output = helpIcon(63); my $output = helpIcon(63);
$output .= '<h1>'.WebGUI::International::get(927).'</h1>'; $output .= '<h1>'.WebGUI::International::get(927).'</h1>';
my $a = WebGUI::Attachment->new("","temp"); my $a = WebGUI::Attachment->new("","temp");
@ -381,7 +382,7 @@ sub www_importThemeValidate {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_importThemeSave { sub www_importThemeSave {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
my $propertiesFile = WebGUI::Attachment->new("_theme.properties","temp",$session{form}{extractionPoint}); my $propertiesFile = WebGUI::Attachment->new("_theme.properties","temp",$session{form}{extractionPoint});
my $theme = $propertiesFile->getHashref; my $theme = $propertiesFile->getHashref;
my $themeId = getNextId("themeId"); my $themeId = getNextId("themeId");
@ -421,7 +422,7 @@ sub www_importThemeSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listThemes { sub www_listThemes {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
my (@data, @row, $i, $p); my (@data, @row, $i, $p);
my $output = helpIcon(61); my $output = helpIcon(61);
$output .= '<h1>'.WebGUI::International::get(899).'</h1>'; $output .= '<h1>'.WebGUI::International::get(899).'</h1>';
@ -449,7 +450,7 @@ sub www_listThemes {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewTheme { sub www_viewTheme {
return WebGUI::Privilege::insufficient unless (WebGUI::Privilege::isInGroup(9)); return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(9));
my ($output, $theme, $f); my ($output, $theme, $f);
$theme = WebGUI::SQL->quickHashRef("select * from theme where themeId=$session{form}{themeId}"); $theme = WebGUI::SQL->quickHashRef("select * from theme where themeId=$session{form}{themeId}");
$output .= '<h1>'.WebGUI::International::get(930).'</h1>'; $output .= '<h1>'.WebGUI::International::get(930).'</h1>';

27
lib/WebGUI/Operation/Trash.pm
View file

@ -14,6 +14,7 @@ use Exporter;
use strict qw(vars subs); use strict qw(vars subs);
use Tie::CPHash; use Tie::CPHash;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Grouping;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::Operation::Shared; use WebGUI::Operation::Shared;
use WebGUI::Paginator; use WebGUI::Paginator;
@ -121,7 +122,7 @@ sub _submenu {
if ($session{form}{systemTrash} ne "1") { if ($session{form}{systemTrash} ne "1") {
$menu{WebGUI::URL::page('op=emptyTrash')} = WebGUI::International::get(11); $menu{WebGUI::URL::page('op=emptyTrash')} = WebGUI::International::get(11);
} }
if ( ($session{setting}{sharedTrash} ne "1") && (WebGUI::Privilege::isInGroup(3)) ) { if ( ($session{setting}{sharedTrash} ne "1") && (WebGUI::Grouping::isInGroup(3)) ) {
$menu{WebGUI::URL::page('op=manageTrash&systemTrash=1')} = WebGUI::International::get(964); $menu{WebGUI::URL::page('op=manageTrash&systemTrash=1')} = WebGUI::International::get(964);
if ($session{form}{systemTrash} eq "1") { if ($session{form}{systemTrash} eq "1") {
$menu{WebGUI::URL::page('op=emptyTrash&systemTrash=1')} = WebGUI::International::get(967); $menu{WebGUI::URL::page('op=emptyTrash&systemTrash=1')} = WebGUI::International::get(967);
@ -133,9 +134,9 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_cutTrashItem { sub www_cutTrashItem {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
if ($session{form}{wid} ne "") { if ($session{form}{wid} ne "") {
if ( ($session{setting}{sharedTrash} ne "1") && (!(WebGUI::Privilege::isInGroup(3)) ) ) { if ( ($session{setting}{sharedTrash} ne "1") && (!(WebGUI::Grouping::isInGroup(3)) ) ) {
my ($bufferUserId) = WebGUI::SQL->quickArray("select bufferUserId from wobject " my ($bufferUserId) = WebGUI::SQL->quickArray("select bufferUserId from wobject "
."where wobjectId=" .$session{form}{wid}); ."where wobjectId=" .$session{form}{wid});
return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId}); return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId});
@ -149,7 +150,7 @@ sub www_cutTrashItem {
} elsif ($session{form}{pageId} ne "") { } elsif ($session{form}{pageId} ne "") {
my $page = WebGUI::Page->getPage($session{form}{pageId}); my $page = WebGUI::Page->getPage($session{form}{pageId});
if ( ($session{setting}{sharedTrash} ne "1") && (!(WebGUI::Privilege::isInGroup(3)) ) ) { if ( ($session{setting}{sharedTrash} ne "1") && (!(WebGUI::Grouping::isInGroup(3)) ) ) {
my ($bufferUserId) = $page->get("bufferUserId"); my ($bufferUserId) = $page->get("bufferUserId");
return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId}); return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId});
} }
@ -165,7 +166,7 @@ sub www_cutTrashItem {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteTrashItem { sub www_deleteTrashItem {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
my ($output); my ($output);
if ($session{form}{wid} ne "") { if ($session{form}{wid} ne "") {
$output .= helpIcon(14); $output .= helpIcon(14);
@ -188,9 +189,9 @@ sub www_deleteTrashItem {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteTrashItemConfirm { sub www_deleteTrashItemConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
if ($session{form}{wid} ne "") { if ($session{form}{wid} ne "") {
if ( ($session{setting}{sharedTrash} eq "1") || (WebGUI::Privilege::isInGroup(3)) ) { if ( ($session{setting}{sharedTrash} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) {
_purgeWobject($session{form}{wid}); _purgeWobject($session{form}{wid});
} else { } else {
my ($bufferUserId) = WebGUI::SQL->quickArray("select bufferUserId from wobject " my ($bufferUserId) = WebGUI::SQL->quickArray("select bufferUserId from wobject "
@ -202,7 +203,7 @@ sub www_deleteTrashItemConfirm {
} elsif ($session{form}{pageId} ne "") { } elsif ($session{form}{pageId} ne "") {
my $page = WebGUI::Page->getPage($session{form}{pageId}); my $page = WebGUI::Page->getPage($session{form}{pageId});
unless ( ($session{setting}{sharedTrash} eq "1") || (WebGUI::Privilege::isInGroup(3)) ) { unless ( ($session{setting}{sharedTrash} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) {
my ($bufferUserId) = $page->get("bufferUserId"); my ($bufferUserId) = $page->get("bufferUserId");
return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId}); return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId});
} }
@ -221,7 +222,7 @@ sub www_deleteTrashItemConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_emptyTrash { sub www_emptyTrash {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
my ($output); my ($output);
$output = helpIcon(46); $output = helpIcon(46);
$output .= '<h1>'.WebGUI::International::get(42).'</h1>'; $output .= '<h1>'.WebGUI::International::get(42).'</h1>';
@ -241,12 +242,12 @@ sub www_emptyTrash {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_emptyTrashConfirm { sub www_emptyTrashConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
my ($allUsers, $page, $currentPage, $currentWobjectPage); my ($allUsers, $page, $currentPage, $currentWobjectPage);
if ($session{setting}{sharedTrash} eq "1") { if ($session{setting}{sharedTrash} eq "1") {
$allUsers = 1; $allUsers = 1;
} elsif ($session{form}{systemTrash} eq "1") { } elsif ($session{form}{systemTrash} eq "1") {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
$allUsers = 1; $allUsers = 1;
} else { } else {
$allUsers = 0; $allUsers = 0;
@ -271,7 +272,7 @@ sub www_emptyTrashConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_manageTrash { sub www_manageTrash {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup(4)); return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup(4));
my ($sth, @data, @row, @sorted_row, $i, $p, $allUsers); my ($sth, @data, @row, @sorted_row, $i, $p, $allUsers);
my $output = helpIcon(66); my $output = helpIcon(66);
@ -281,7 +282,7 @@ sub www_manageTrash {
$allUsers = 1; $allUsers = 1;
$output .= '<h1>'. WebGUI::International::get(962) .'</h1>'; $output .= '<h1>'. WebGUI::International::get(962) .'</h1>';
} elsif ($session{form}{systemTrash} eq "1") { } elsif ($session{form}{systemTrash} eq "1") {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
$allUsers = 1; $allUsers = 1;
$output .= '<h1>'. WebGUI::International::get(965) .'</h1>'; $output .= '<h1>'. WebGUI::International::get(965) .'</h1>';
} else { } else {

40
lib/WebGUI/Operation/User.pm
View file

@ -38,7 +38,7 @@ our @EXPORT = qw(&www_editUserKarma &www_editUserKarmaSave &www_editUserGroup &w
sub _submenu { sub _submenu {
my ($output, %menu); my ($output, %menu);
tie %menu, 'Tie::IxHash'; tie %menu, 'Tie::IxHash';
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
$menu{WebGUI::URL::page("op=addUser")} = WebGUI::International::get(169); $menu{WebGUI::URL::page("op=addUser")} = WebGUI::International::get(169);
unless ($session{form}{op} eq "listUsers" unless ($session{form}{op} eq "listUsers"
|| $session{form}{op} eq "addUser" || $session{form}{op} eq "addUser"
@ -63,7 +63,7 @@ sub _submenu {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addUser { sub www_addUser {
my ($output, $f, $cmd, $html, %status); my ($output, $f, $cmd, $html, %status);
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3) || WebGUI::Privilege::isInGroup(11)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3) || WebGUI::Grouping::isInGroup(11));
$output .= helpIcon(5); $output .= helpIcon(5);
$output .= '<h1>'.WebGUI::International::get(163).'</h1>'; $output .= '<h1>'.WebGUI::International::get(163).'</h1>';
$output .= WebGUI::Form::_javascriptFile("swapLayers.js"); $output .= WebGUI::Form::_javascriptFile("swapLayers.js");
@ -79,7 +79,7 @@ sub www_addUser {
$f->text("username",WebGUI::International::get(50),$session{form}{username}); $f->text("username",WebGUI::International::get(50),$session{form}{username});
$f->email("email",WebGUI::International::get(56)); $f->email("email",WebGUI::International::get(56));
if(WebGUI::Privilege::isInGroup(3)){ if(WebGUI::Grouping::isInGroup(3)){
tie %status, 'Tie::IxHash'; tie %status, 'Tie::IxHash';
%status = ( %status = (
Active =>WebGUI::International::get(817), Active =>WebGUI::International::get(817),
@ -123,7 +123,7 @@ sub www_addUser {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addUserSave { sub www_addUserSave {
my (@groups, $uid, $u); my (@groups, $uid, $u);
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3) || WebGUI::Privilege::isInGroup(11)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3) || WebGUI::Grouping::isInGroup(11));
($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username})); ($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username}));
return www_addUser if ($uid); return www_addUser if ($uid);
@ -139,13 +139,13 @@ sub www_addUserSave {
@groups = $session{cgi}->param('groups'); @groups = $session{cgi}->param('groups');
$u->addToGroups(\@groups); $u->addToGroups(\@groups);
$u->profileField("email",$session{form}{email}); $u->profileField("email",$session{form}{email});
return _submenu(WebGUI::International::get(978)) if(!WebGUI::Privilege::isInGroup(3)); return _submenu(WebGUI::International::get(978)) if(!WebGUI::Grouping::isInGroup(3));
return www_editUser(); return www_editUser();
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addUserToGroupSave { sub www_addUserToGroupSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my (@groups, $u); my (@groups, $u);
@groups = $session{cgi}->param('groups'); @groups = $session{cgi}->param('groups');
$u = WebGUI::User->new($session{form}{uid}); $u = WebGUI::User->new($session{form}{uid});
@ -155,7 +155,7 @@ sub www_addUserToGroupSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_becomeUser { sub www_becomeUser {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
WebGUI::Session::end($session{var}{sessionId}); WebGUI::Session::end($session{var}{sessionId});
WebGUI::Session::start($session{form}{uid}); WebGUI::Session::start($session{form}{uid});
return ""; return "";
@ -163,7 +163,7 @@ sub www_becomeUser {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteGrouping { sub www_deleteGrouping {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
if (($session{user}{userId} == $session{form}{uid} || $session{form}{uid} == 3) && $session{form}{gid} == 3) { if (($session{user}{userId} == $session{form}{uid} || $session{form}{uid} == 3) && $session{form}{gid} == 3) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
} }
@ -178,7 +178,7 @@ sub www_deleteGrouping {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteUser { sub www_deleteUser {
my ($output); my ($output);
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
if ($session{form}{uid} < 26) { if ($session{form}{uid} < 26) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
} else { } else {
@ -195,7 +195,7 @@ sub www_deleteUser {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteUserConfirm { sub www_deleteUserConfirm {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($u); my ($u);
if ($session{form}{uid} < 26) { if ($session{form}{uid} < 26) {
return WebGUI::Privilege::vitalComponent(); return WebGUI::Privilege::vitalComponent();
@ -208,7 +208,7 @@ sub www_deleteUserConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editGrouping { sub www_editGrouping {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my $output .= '<h1>'.WebGUI::International::get(370).'</h1>'; my $output .= '<h1>'.WebGUI::International::get(370).'</h1>';
my $f = WebGUI::HTMLForm->new; my $f = WebGUI::HTMLForm->new;
$f->hidden("op","editGroupingSave"); $f->hidden("op","editGroupingSave");
@ -231,7 +231,7 @@ sub www_editGrouping {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editGroupingSave { sub www_editGroupingSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
WebGUI::Grouping::userGroupExpireDate($session{form}{uid},$session{form}{gid},setToEpoch($session{form}{expireDate})); WebGUI::Grouping::userGroupExpireDate($session{form}{uid},$session{form}{gid},setToEpoch($session{form}{expireDate}));
WebGUI::Grouping::userGroupAdmin($session{form}{uid},$session{form}{gid},$session{form}{groupAdmin}); WebGUI::Grouping::userGroupAdmin($session{form}{uid},$session{form}{gid},$session{form}{groupAdmin});
return www_editUserGroup(); return www_editUserGroup();
@ -239,7 +239,7 @@ sub www_editGroupingSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editUser { sub www_editUser {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f, $u, $cmd, $html, %status); my ($output, $f, $u, $cmd, $html, %status);
$u = WebGUI::User->new($session{form}{uid}); $u = WebGUI::User->new($session{form}{uid});
$output .= WebGUI::Form::_javascriptFile("swapLayers.js"); $output .= WebGUI::Form::_javascriptFile("swapLayers.js");
@ -293,7 +293,7 @@ sub www_editUser {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editUserSave { sub www_editUserSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($error, $uid, $u); my ($error, $uid, $u);
($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username})); ($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username}));
@ -314,7 +314,7 @@ sub www_editUserSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editUserGroup { sub www_editUserGroup {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f, $groups, $sth, %hash); my ($output, $f, $groups, $sth, %hash);
tie %hash, 'Tie::CPHash'; tie %hash, 'Tie::CPHash';
$output .= '<h1>'.WebGUI::International::get(372).'</h1>'; $output .= '<h1>'.WebGUI::International::get(372).'</h1>';
@ -355,7 +355,7 @@ sub www_editUserGroup {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editUserKarma { sub www_editUserKarma {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f, $a, %user, %data, $method, $values, $category, $label, $default, $previousCategory); my ($output, $f, $a, %user, %data, $method, $values, $category, $label, $default, $previousCategory);
$output = helpIcon(36); $output = helpIcon(36);
$output .= '<h1>'.WebGUI::International::get(558).'</h1>'; $output .= '<h1>'.WebGUI::International::get(558).'</h1>';
@ -371,7 +371,7 @@ sub www_editUserKarma {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editUserKarmaSave { sub www_editUserKarmaSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($u); my ($u);
$u = WebGUI::User->new($session{form}{uid}); $u = WebGUI::User->new($session{form}{uid});
$u->karma($session{form}{amount},$session{user}{username}." (".$session{user}{userId}.")",$session{form}{description}); $u->karma($session{form}{amount},$session{user}{username}." (".$session{user}{userId}.")",$session{form}{description});
@ -380,7 +380,7 @@ sub www_editUserKarmaSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editUserProfile { sub www_editUserProfile {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output, $f, $a, %user, %data, $method, $values, $category, $label, $default, $previousCategory); my ($output, $f, $a, %user, %data, $method, $values, $category, $label, $default, $previousCategory);
tie %data, 'Tie::CPHash'; tie %data, 'Tie::CPHash';
$output = helpIcon(32); $output = helpIcon(32);
@ -448,7 +448,7 @@ sub www_editUserProfile {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editUserProfileSave { sub www_editUserProfileSave {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($a, %field, $u); my ($a, %field, $u);
tie %field, 'Tie::CPHash'; tie %field, 'Tie::CPHash';
$u = WebGUI::User->new($session{form}{uid}); $u = WebGUI::User->new($session{form}{uid});
@ -465,7 +465,7 @@ sub www_editUserProfileSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_listUsers { sub www_listUsers {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3)); return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
WebGUI::Session::setScratch("userSearchKeyword",$session{form}{keyword}); WebGUI::Session::setScratch("userSearchKeyword",$session{form}{keyword});
WebGUI::Session::setScratch("userSearchStatus",$session{form}{status}); WebGUI::Session::setScratch("userSearchStatus",$session{form}{status});
my ($output, $data, $f, $rows, $p, $search, %status, $selectedStatus); my ($output, $data, $f, $rows, $p, $search, %status, $selectedStatus);

79
lib/WebGUI/Page.pm
View file

@ -19,6 +19,7 @@ use HTML::Template;
use strict; use strict;
use Tie::IxHash; use Tie::IxHash;
use WebGUI::ErrorHandler; use WebGUI::ErrorHandler;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::Persistent::Tree; use WebGUI::Persistent::Tree;
@ -47,6 +48,8 @@ The methods that do affect this hiearchy should be called in a object oriented c
Non OO functions Non OO functions
use WebGUI::Page; use WebGUI::Page;
$boolean = WebGUI::Page::canEdit();
$boolean = WebGUI::Page::canView();
$integer = WebGUI::Page::countTemplatePositions($templateId); $integer = WebGUI::Page::countTemplatePositions($templateId);
$html = WebGUI::Page::drawTemplate($templateId); $html = WebGUI::Page::drawTemplate($templateId);
$html = WebGUI::Page::generate(); $html = WebGUI::Page::generate();
@ -162,6 +165,74 @@ sub add {
return $page; return $page;
} }
#-------------------------------------------------------------------
=head2 canEdit ( [ pageId ] )
Returns a boolean (0|1) value signifying that the user has the required privileges.
=over
=item pageId
The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id.
=back
=cut
sub canEdit {
my $pageId = shift || $session{page}{pageId};
my (%page);
tie %page, 'Tie::CPHash';
if ($pageId ne $session{page}{pageId}) {
%page = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from page where pageId=$pageId");
} else {
%page = %{$session{page}};
}
if ($session{user}{userId} == $page{ownerId}) {
return 1;
} else {
return WebGUI::Grouping::isInGroup($page{groupIdEdit});
}
}
#-------------------------------------------------------------------
=head2 canView ( [ pageId ] )
Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns users that have the rights to edit this page.
=over
=item pageId
The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id.
=back
=cut
sub canView {
my $pageId = shift || $session{page}{pageId};
my %page;
tie %page, 'Tie::CPHash';
if ($pageId eq $session{page}{pageId}) {
%page = %{$session{page}};
} else {
%page = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from page where pageId=$pageId");
}
if ($session{user}{userId} == $page{ownerId}) {
return 1;
} elsif ($page{startDate} < WebGUI::DateTime::time() && $page{endDate} > WebGUI::DateTime::time() && WebGUI::Grouping::isInGroup($page{groupIdView})) {
return 1;
} else {
return canEditPage($pageId);
}
}
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 countTemplatePositions ( templateId ) =head2 countTemplatePositions ( templateId )
@ -314,9 +385,9 @@ Generates the content of the page.
=cut =cut
sub generate { sub generate {
return WebGUI::Privilege::noAccess() unless (WebGUI::Privilege::canViewPage()); return WebGUI::Privilege::noAccess() unless (canView());
my %var; my %var;
$var{'page.canEdit'} = WebGUI::Privilege::canEditPage(); $var{'page.canEdit'} = canEdit();
$var{'page.controls'} = pageIcon() $var{'page.controls'} = pageIcon()
.deleteIcon('op=deletePage') .deleteIcon('op=deletePage')
.editIcon('op=editPage') .editIcon('op=editPage')
@ -369,8 +440,8 @@ sub generate {
my $w = eval{$cmd->new($wobject)}; my $w = eval{$cmd->new($wobject)};
WebGUI::ErrorHandler::fatalError("Couldn't instanciate wobject: ${$wobject}{namespace}. Root cause: ".$@) if($@); WebGUI::ErrorHandler::fatalError("Couldn't instanciate wobject: ${$wobject}{namespace}. Root cause: ".$@) if($@);
push(@{$var{'position'.$wobject->{templatePosition}.'_loop'}},{ push(@{$var{'position'.$wobject->{templatePosition}.'_loop'}},{
'wobject.canView'=>WebGUI::Privilege::canViewWobject($wobject->{wobjectId}), 'wobject.canView'=>$w->canView,
'wobject.canEdit'=>WebGUI::Privilege::canEditWobject($wobject->{wobjectId}), 'wobject.canEdit'=>$w->canEdit,
'wobject.controls'=>$wobjectToolbar, 'wobject.controls'=>$wobjectToolbar,
'wobject.controls.drag'=>dragIcon(), 'wobject.controls.drag'=>dragIcon(),
'wobject.namespace'=>$wobject->{namespace}, 'wobject.namespace'=>$wobject->{namespace},

304
lib/WebGUI/Privilege.pm
View file

@ -15,16 +15,8 @@ package WebGUI::Privilege;
=cut =cut
use strict; use strict;
use Tie::CPHash;
use WebGUI::DatabaseLink;
use WebGUI::DateTime;
use WebGUI::Group;
use WebGUI::Grouping;
use WebGUI::International; use WebGUI::International;
use WebGUI::Macro;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::URL;
=head1 NAME =head1 NAME
@ -38,10 +30,7 @@ This package provides access to the WebGUI security system and security messages
use WebGUI::Privilege; use WebGUI::Privilege;
$html = WebGUI::Privilege::adminOnly(); $html = WebGUI::Privilege::adminOnly();
$boolean = WebGUI::Privilege::canEditPage();
$boolean = WebGUI::Privilege::canViewPage();
$html = WebGUI::Privilege::insufficient(); $html = WebGUI::Privilege::insufficient();
$boolean = WebGUI::Privilege::isInGroup($groupId);
$html = WebGUI::Privilege::noAccess(); $html = WebGUI::Privilege::noAccess();
$html = WebGUI::Privilege::notMember(); $html = WebGUI::Privilege::notMember();
$html = WebGUI::Privilege::vitalComponent(); $html = WebGUI::Privilege::vitalComponent();
@ -76,142 +65,6 @@ sub adminOnly {
return $output; return $output;
} }
#-------------------------------------------------------------------
=head2 canEditPage ( [ pageId ] )
Returns a boolean (0|1) value signifying that the user has the required privileges.
=over
=item pageId
The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id.
=back
=cut
sub canEditPage {
my (%page);
tie %page, 'Tie::CPHash';
if ($_[0] ne "") {
%page = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from page where pageId=$_[0]");
} else {
%page = %{$session{page}};
}
if ($session{user}{userId} == $page{ownerId}) {
return 1;
} elsif (isInGroup($page{groupIdEdit})) {
return 1;
} else {
return 0;
}
}
#-------------------------------------------------------------------
=head2 canEditWobject ( wobjectId )
Returns a boolean (0|1) value signifying that the user has the required privileges.
=over
=item wobjectId
The unique identifier for the wobject that you wish to check the privileges on.
=back
=cut
sub canEditWobject {
my (%wobject);
tie %wobject, 'Tie::CPHash';
return canEditPage() if ($session{page}{wobjectPrivileges} != 1 || $_[0] eq "new");
%wobject = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from wobject where wobjectId=".quote($_[0]));
if ($session{user}{userId} == $wobject{ownerId}) {
return 1;
} elsif (isInGroup($wobject{groupIdEdit})) {
return 1;
} else {
return 0;
}
}
#-------------------------------------------------------------------
=head2 canViewPage ( [ pageId ] )
Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins and users that have the rights to edit this page.
=over
=item pageId
The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id.
=back
=cut
sub canViewPage {
my (%page, $inDateRange);
tie %page, 'Tie::CPHash';
if ($_[0] eq "") {
%page = %{$session{page}};
} else {
%page = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from page where pageId=$_[0]");
}
if ($page{startDate} < time() && $page{endDate} > time()) {
$inDateRange = 1;
}
if ($session{user}{userId} == $page{ownerId}) {
return 1;
} elsif (isInGroup($page{groupIdView}) && $inDateRange) {
return 1;
} elsif (canEditPage($_[0])) {
return 1;
} else {
return 0;
}
}
#-------------------------------------------------------------------
=head2 canViewWobject ( wobjectId )
Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins and users that have the rights to edit this wobject.
=over
=item wobjectId
The unique identifier for the wobject that you wish to check the privileges on.
=back
=cut
sub canViewWobject {
my (%wobject);
tie %wobject, 'Tie::CPHash';
return canViewPage() unless ($session{page}{wobjectPrivileges} == 1);
%wobject = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from wobject where wobjectId=".quote($_[0]));
if ($wobject{startDate} < time() && $wobject{endDate} > time()) {
if ($session{user}{userId} == $wobject{ownerId}) {
return 1;
} elsif (isInGroup($wobject{groupIdView})) {
return 1;
} elsif (canEditWobject($_[0])) {
return 1;
} else {
return 0;
}
}else{
return 0;
}
}
#------------------------------------------------------------------- #-------------------------------------------------------------------
@ -238,163 +91,6 @@ sub insufficient {
return $output; return $output;
} }
#-------------------------------------------------------------------
=head2 isInGroup ( [ groupId [ , userId ] ] )
Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins.
=over
=item groupId
The group that you wish to verify against the user. Defaults to group with Id 3 (the Admin group).
=item userId
The user that you wish to verify against the group. Defaults to the currently logged in user.
=back
=cut
sub isInGroup {
my ($gid, $uid, @data, %group, $groupId);
($gid, $uid) = @_;
$uid = $session{user}{userId} if ($uid eq "");
unless (defined $gid) {
$gid = 3;
}
### The following several checks are to increase performance. If this section were removed, everything would continue to work as normal.
if ($gid == 7) {
return 1;
}
if ($gid == 1) {
if ($uid == 1) {
return 1;
} else {
return 0;
}
}
if ($gid==2 && $uid != 1) {
return 1;
}
### Use session to cache multiple lookups of the same group.
if ($session{isInGroup}{$gid}{$uid} == 1) {
return 1;
} elsif ($session{isInGroup}{$gid}{$uid} eq "0") {
return 0;
}
### Lookup the actual groupings.
my $groups = WebGUI::Grouping::getGroupsForUser($uid,1);
foreach (@{$groups}) {
$session{isInGroup}{$_}{$uid} = 1;
}
if ($session{isInGroup}{$gid}{$uid} == 1) {
return 1;
}
### Get data for auxillary checks.
tie %group, 'Tie::CPHash';
%group = WebGUI::SQL->quickHash("select karmaThreshold,ipFilter,scratchFilter,databaseLinkId,dbQuery,dbCacheTimeout from groups where groupId='$gid'");
### Check IP Address
if ($group{ipFilter} ne "") {
$group{ipFilter} =~ s/\t//g;
$group{ipFilter} =~ s/\r//g;
$group{ipFilter} =~ s/\n//g;
$group{ipFilter} =~ s/\s//g;
$group{ipFilter} =~ s/\./\\\./g;
my @ips = split(";",$group{ipFilter});
foreach my $ip (@ips) {
if ($session{env}{REMOTE_ADDR} =~ /^$ip/) {
$session{isInGroup}{$gid}{$uid} = 1;
return 1;
}
}
}
### Check Scratch Variables
if ($group{scratchFilter} ne "") {
$group{scratchFilter} =~ s/\t//g;
$group{scratchFilter} =~ s/\r//g;
$group{scratchFilter} =~ s/\n//g;
$group{scratchFilter} =~ s/\s//g;
my @vars = split(";",$group{scratchFilter});
foreach my $var (@vars) {
my ($name, $value) = split(/\=/,$var);
if ($session{scratch}{$name} eq $value) {
$session{isInGroup}{$gid}{$uid} = 1;
return 1;
}
}
}
### Check karma levels.
if ($session{setting}{useKarma}) {
my $karma;
if ($uid == $session{user}{userId}) {
$karma = $session{user}{karma};
} else {
($karma) = WebGUI::SQL->quickHash("select karma from users where userId='$uid'");
}
if ($karma >= $group{karmaThreshold}) {
$session{isInGroup}{$gid}{$uid} = 1;
return 1;
}
}
### Check external database
if ($group{dbQuery} ne "" && $group{databaseLinkId}) {
# skip if not logged in and query contains a User macro
unless ($group{dbQuery} =~ /\^User/i && $uid == 1) {
my $dbLink = WebGUI::DatabaseLink->new($group{databaseLinkId});
my $dbh = $dbLink->dbh;
if (defined $dbh) {
if ($group{dbQuery} =~ /select 1/i) {
$group{dbQuery} = WebGUI::Macro::process($group{dbQuery});
my $sth = WebGUI::SQL->unconditionalRead($group{dbQuery},$dbh);
unless ($sth->errorCode < 1) {
WebGUI::ErrorHandler::warn("There was a problem with the database query for group ID $gid.");
} else {
my ($result) = $sth->array;
if ($result == 1) {
$session{isInGroup}{$gid}{$uid} = 1;
if ($group{dbCacheTimeout} > 0) {
WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]);
WebGUI::Grouping::addUsersToGroups([$uid],[$gid],$group{dbCacheTimeout});
}
} else {
$session{isInGroup}{$gid}{$uid} = 0;
WebGUI::Grouping::deleteUsersFromGroups([$uid],[$gid]) if ($group{dbCacheTimeout} > 0);
}
}
$sth->finish;
} else {
WebGUI::ErrorHandler::warn("Database query for group ID $gid must use 'select 1'");
}
$dbLink->disconnect;
return 1 if ($session{isInGroup}{$gid}{$uid});
}
}
}
### Check for groups of groups.
$groups = WebGUI::Grouping::getGroupsInGroup($gid,1);
foreach (@{$groups}) {
$session{isInGroup}{$_}{$uid} = isInGroup($_, $uid);
if ($session{isInGroup}{$_}{$uid}) {
$session{isInGroup}{$gid}{$uid} = 1; # cache current group also so we don't have to do the group in group check again
return 1;
}
}
$session{isInGroup}{$gid}{$uid} = 0;
return 0;
}
#------------------------------------------------------------------- #-------------------------------------------------------------------

232
lib/WebGUI/Wobject.pm
View file

@ -20,6 +20,7 @@ use strict qw(subs vars);
use Tie::IxHash; use Tie::IxHash;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::FormProcessor; use WebGUI::FormProcessor;
use WebGUI::Grouping;
use WebGUI::HTML; use WebGUI::HTML;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
@ -27,6 +28,7 @@ use WebGUI::International;
use WebGUI::Macro; use WebGUI::Macro;
use WebGUI::Node; use WebGUI::Node;
use WebGUI::Page; use WebGUI::Page;
use WebGUI::Privilege;
use WebGUI::Session; use WebGUI::Session;
use WebGUI::SQL; use WebGUI::SQL;
use WebGUI::TabForm; use WebGUI::TabForm;
@ -74,6 +76,45 @@ sub _getNextSequenceNumber {
return ($sequenceNumber+1); return ($sequenceNumber+1);
} }
#-------------------------------------------------------------------
=head2 canEdit ( )
Returns a boolean (0|1) value signifying that the user has the required privileges.
=cut
sub canEdit {
my $self = shift;
return WebGUI::Page::canEdit() if ($session{page}{wobjectPrivileges} != 1 || $self->get("wobjectId") eq "new");
if ($session{user}{userId} == $self->get("ownerId")) {
return 1;
} else {
return WebGUI::Grouping::isInGroup($self->get("groupIdEdit"));
}
}
#-------------------------------------------------------------------
=head2 canView ( )
Returns a boolean (0|1) value signifying that the user has the required privileges. Returns true for users that have the rights to edit this wobject.
=cut
sub canView {
my $self = shift;
return WebGUI::Page::canView() unless ($session{page}{wobjectPrivileges} == 1);
if ($session{user}{userId} == $self->get("ownerId")) {
return 1;
} elsif ($self->get("startDate") < WebGUI::DateTime::time() && $self->get("endDate") > WebGUI::DateTime::time() && WebGUI::Grouping::isInGroup($self->get("groupIdView"))) {
return 1;
} else {
return $self->canEdit;
}
}
#------------------------------------------------------------------- #-------------------------------------------------------------------
=head2 confirm ( message, yesURL, [ , noURL, vitalComparison ] ) =head2 confirm ( message, yesURL, [ , noURL, vitalComparison ] )
@ -1024,8 +1065,9 @@ NOTE: Should never need to be overridden or extended.
=cut =cut
sub www_copy { sub www_copy {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); my $self = shift;
$_[0]->duplicate; return WebGUI::Privilege::insufficient() unless ($self->canEdit);
$self->duplicate;
return ""; return "";
} }
@ -1040,16 +1082,17 @@ NOTE: Should never need to be overridden or extended.
=cut =cut
sub www_createShortcut { sub www_createShortcut {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); my $self = shift;
return WebGUI::Privilege::insufficient() unless ($self->canEdit);
my $w = WebGUI::Wobject::WobjectProxy->new({wobjectId=>"new",namespace=>"WobjectProxy"}); my $w = WebGUI::Wobject::WobjectProxy->new({wobjectId=>"new",namespace=>"WobjectProxy"});
$w->set({ $w->set({
pageId=>2, pageId=>2,
templatePosition=>1, templatePosition=>1,
title=>$_[0]->getValue("title"), title=>$self->getValue("title"),
proxiedNamespace=>$_[0]->get("namespace"), proxiedNamespace=>$self->get("namespace"),
proxiedWobjectId=>$_[0]->get("wobjectId"), proxiedWobjectId=>$self->get("wobjectId"),
bufferUserId=>$session{user}{userId}, bufferUserId=>$session{user}{userId},
bufferDate=>time(), bufferDate=>WebGUI::DateTime::time(),
bufferPrevId=>$session{page}{pageId} bufferPrevId=>$session{page}{pageId}
}); });
return ""; return "";
@ -1064,12 +1107,13 @@ Moves this instance to the clipboard.
=cut =cut
sub www_cut { sub www_cut {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); my $self = shift;
$_[0]->set({ return WebGUI::Privilege::insufficient() unless ($self->canEdit);
$self->set({
pageId=>2, pageId=>2,
templatePosition=>1, templatePosition=>1,
bufferUserId=>$session{user}{userId}, bufferUserId=>$session{user}{userId},
bufferDate=>time(), bufferDate=>WebGUI::DateTime::time(),
bufferPrevId=>$session{page}{pageId} bufferPrevId=>$session{page}{pageId}
}); });
_reorderWobjects($session{page}{pageId}); _reorderWobjects($session{page}{pageId});
@ -1085,14 +1129,15 @@ Prompts a user to confirm whether they wish to delete this instance.
=cut =cut
sub www_delete { sub www_delete {
my $self = shift;
my ($output); my ($output);
if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { if ($self->canEdit) {
$output = helpIcon(14); $output = helpIcon(14);
$output .= '<h1>'.WebGUI::International::get(42).'</h1>'; $output .= '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(43); $output .= WebGUI::International::get(43);
$output .= '<p>'; $output .= '<p>';
$output .= '<div align="center"><a href="'.WebGUI::URL::page('func=deleteConfirm&wid='. $output .= '<div align="center"><a href="'.WebGUI::URL::page('func=deleteConfirm&wid='.
$_[0]->get("wobjectId")).'">'; $self->get("wobjectId")).'">';
$output .= WebGUI::International::get(44); $output .= WebGUI::International::get(44);
$output .= '</a>'; $output .= '</a>';
$output .= '&nbsp;&nbsp;&nbsp;&nbsp;<a href="'.WebGUI::URL::page().'">'; $output .= '&nbsp;&nbsp;&nbsp;&nbsp;<a href="'.WebGUI::URL::page().'">';
@ -1113,13 +1158,14 @@ Moves this instance to the trash.
=cut =cut
sub www_deleteConfirm { sub www_deleteConfirm {
if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { my $self = shift;
$_[0]->set({pageId=>3, templatePosition=>1, if ($self->canEdit) {
$self->set({pageId=>3, templatePosition=>1,
bufferUserId=>$session{user}{userId}, bufferUserId=>$session{user}{userId},
bufferDate=>time(), bufferDate=>WebGUI::DateTime::time(),
bufferPrevId=>$session{page}{pageId}}); bufferPrevId=>$session{page}{pageId}});
WebGUI::ErrorHandler::audit("moved Wobject ".$_[0]->{_property}{wobjectId}." to the trash."); WebGUI::ErrorHandler::audit("moved Wobject ".$self->{_property}{wobjectId}." to the trash.");
_reorderWobjects($_[0]->get("pageId")); _reorderWobjects($self->get("pageId"));
return ""; return "";
} else { } else {
return WebGUI::Privilege::insufficient(); return WebGUI::Privilege::insufficient();
@ -1135,10 +1181,11 @@ Displays a confirmation message relating to the deletion of a file.
=cut =cut
sub www_deleteFile { sub www_deleteFile {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); my $self = shift;
return $_[0]->confirm(WebGUI::International::get(728), return WebGUI::Privilege::insufficient() unless ($self->canEdit);
WebGUI::URL::page('func=deleteFileConfirm&wid='.$_[0]->get("wobjectId").'&file='.$session{form}{file}), return $self->confirm(WebGUI::International::get(728),
WebGUI::URL::page('func=edit&wid='.$_[0]->get("wobjectId")) WebGUI::URL::page('func=deleteFileConfirm&wid='.$self->get("wobjectId").'&file='.$session{form}{file}),
WebGUI::URL::page('func=edit&wid='.$self->get("wobjectId"))
); );
} }
@ -1151,9 +1198,10 @@ Deletes a file from this instance.
=cut =cut
sub www_deleteFileConfirm { sub www_deleteFileConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); my $self = shift;
$_[0]->set({$session{form}{file}=>''}); return WebGUI::Privilege::insufficient() unless ($self->canEdit);
return $_[0]->www_edit(); $self->set({$session{form}{file}=>''});
return $self->www_edit();
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
@ -1185,21 +1233,22 @@ An id this namespace of the WebGUI international system. This message will be re
=cut =cut
sub www_edit { sub www_edit {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); my $self = shift;
return WebGUI::Privilege::insufficient() unless ($self->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($self, @p) = @_; my ($self, @p) = @_;
my ($properties, $layout, $privileges, $heading, $helpId, $headingId) = my ($properties, $layout, $privileges, $heading, $helpId, $headingId) =
rearrange([qw(properties layout privileges heading helpId headingId)], @p); rearrange([qw(properties layout privileges heading helpId headingId)], @p);
my ($f, $startDate, $displayTitle, $templatePosition, $endDate); my ($f, $startDate, $displayTitle, $templatePosition, $endDate);
if ($_[0]->get("wobjectId") eq "new") { if ($self->get("wobjectId") eq "new") {
$displayTitle = 1; $displayTitle = 1;
} else { } else {
$displayTitle = $_[0]->get("displayTitle"); $displayTitle = $self->get("displayTitle");
} }
my $title = $_[0]->get("title") || $_[0]->name; my $title = $self->get("title") || $self->name;
$templatePosition = $_[0]->get("templatePosition") || 1; $templatePosition = $self->get("templatePosition") || 1;
$startDate = $_[0]->get("startDate") || $session{page}{startDate}; $startDate = $self->get("startDate") || $session{page}{startDate};
$endDate = $_[0]->get("endDate") || $session{page}{endDate}; $endDate = $self->get("endDate") || $session{page}{endDate};
my %tabs; my %tabs;
tie %tabs, 'Tie::IxHash'; tie %tabs, 'Tie::IxHash';
%tabs = ( %tabs = (
@ -1215,18 +1264,18 @@ sub www_edit {
uiLevel=>6 uiLevel=>6
} }
); );
if ($_[0]->{_useDiscussion}) { if ($self->{_useDiscussion}) {
$tabs{discussion} = { $tabs{discussion} = {
label=>WebGUI::International::get(892), label=>WebGUI::International::get(892),
uiLevel=>5 uiLevel=>5
}; };
} }
$f = WebGUI::TabForm->new(\%tabs); $f = WebGUI::TabForm->new(\%tabs);
$f->hidden({name=>"wid",value=>$_[0]->get("wobjectId")}); $f->hidden({name=>"wid",value=>$self->get("wobjectId")});
$f->hidden({name=>"namespace",value=>$_[0]->get("namespace")}) if ($_[0]->get("wobjectId") eq "new"); $f->hidden({name=>"namespace",value=>$self->get("namespace")}) if ($self->get("wobjectId") eq "new");
$f->hidden({name=>"func",value=>"editSave"}); $f->hidden({name=>"func",value=>"editSave"});
$f->getTab("properties")->readOnly( $f->getTab("properties")->readOnly(
-value=>$_[0]->get("wobjectId"), -value=>$self->get("wobjectId"),
-label=>WebGUI::International::get(499), -label=>WebGUI::International::get(499),
-uiLevel=>3 -uiLevel=>3
); );
@ -1237,11 +1286,11 @@ sub www_edit {
-value=>$displayTitle, -value=>$displayTitle,
-uiLevel=>5 -uiLevel=>5
); );
if ($_[0]->{_useTemplate}) { if ($self->{_useTemplate}) {
$f->getTab("layout")->template( $f->getTab("layout")->template(
-value=>$_[0]->getValue("templateId"), -value=>$self->getValue("templateId"),
-namespace=>$_[0]->get("namespace"), -namespace=>$self->get("namespace"),
-afterEdit=>'func=edit&amp;wid='.$_[0]->get("wobjectId")."&amp;namespace=".$_[0]->get("namespace") -afterEdit=>'func=edit&amp;wid='.$self->get("wobjectId")."&amp;namespace=".$self->get("namespace")
); );
} }
$f->getTab("layout")->selectList( $f->getTab("layout")->selectList(
@ -1265,30 +1314,30 @@ sub www_edit {
-uiLevel=>6 -uiLevel=>6
); );
my $subtext; my $subtext;
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
$subtext = ' &nbsp; <a href="'.WebGUI::URL::page('op=listUsers').'">'.WebGUI::International::get(7).'</a>'; $subtext = ' &nbsp; <a href="'.WebGUI::URL::page('op=listUsers').'">'.WebGUI::International::get(7).'</a>';
} else { } else {
$subtext = ""; $subtext = "";
} }
if ($session{page}{wobjectPrivileges}) { if ($session{page}{wobjectPrivileges}) {
my $clause; my $clause;
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1); my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1);
push (@$contentManagers, $session{user}{userId}); push (@$contentManagers, $session{user}{userId});
$clause = "userId in (".join(",",@$contentManagers).")"; $clause = "userId in (".join(",",@$contentManagers).")";
} else { } else {
$clause = "userId=".$_[0]->getValue("ownerId"); $clause = "userId=".$self->getValue("ownerId");
} }
my $users = WebGUI::SQL->buildHashRef("select userId,username from users where $clause order by username"); my $users = WebGUI::SQL->buildHashRef("select userId,username from users where $clause order by username");
$f->getTab("privileges")->selectList( $f->getTab("privileges")->selectList(
-name=>"ownerId", -name=>"ownerId",
-options=>$users, -options=>$users,
-label=>WebGUI::International::get(108), -label=>WebGUI::International::get(108),
-value=>[$_[0]->getValue("ownerId")], -value=>[$self->getValue("ownerId")],
-subtext=>$subtext, -subtext=>$subtext,
-uiLevel=>6 -uiLevel=>6
); );
if (WebGUI::Privilege::isInGroup(3)) { if (WebGUI::Grouping::isInGroup(3)) {
$subtext = ' &nbsp; <a href="'.WebGUI::URL::page('op=listGroups').'">'.WebGUI::International::get(5).'</a>'; $subtext = ' &nbsp; <a href="'.WebGUI::URL::page('op=listGroups').'">'.WebGUI::International::get(5).'</a>';
} else { } else {
$subtext = ""; $subtext = "";
@ -1296,43 +1345,43 @@ sub www_edit {
$f->getTab("privileges")->group( $f->getTab("privileges")->group(
-name=>"groupIdView", -name=>"groupIdView",
-label=>WebGUI::International::get(872), -label=>WebGUI::International::get(872),
-value=>[$_[0]->getValue("groupIdView")], -value=>[$self->getValue("groupIdView")],
-subtext=>$subtext, -subtext=>$subtext,
-uiLevel=>6 -uiLevel=>6
); );
$f->getTab("privileges")->group( $f->getTab("privileges")->group(
-name=>"groupIdEdit", -name=>"groupIdEdit",
-label=>WebGUI::International::get(871), -label=>WebGUI::International::get(871),
-value=>[$_[0]->getValue("groupIdEdit")], -value=>[$self->getValue("groupIdEdit")],
-subtext=>$subtext, -subtext=>$subtext,
-excludeGroups=>[1,7], -excludeGroups=>[1,7],
-uiLevel=>6 -uiLevel=>6
); );
} else { } else {
$f->hidden({name=>"ownerId",value=>$_[0]->getValue("ownerId")}); $f->hidden({name=>"ownerId",value=>$self->getValue("ownerId")});
$f->hidden({name=>"groupIdView",value=>$_[0]->getValue("groupIdView")}); $f->hidden({name=>"groupIdView",value=>$self->getValue("groupIdView")});
$f->hidden({name=>"groupIdEdit",value=>$_[0]->getValue("groupIdEdit")}); $f->hidden({name=>"groupIdEdit",value=>$self->getValue("groupIdEdit")});
} }
$f->getTab("properties")->HTMLArea( $f->getTab("properties")->HTMLArea(
-name=>"description", -name=>"description",
-label=>WebGUI::International::get(85), -label=>WebGUI::International::get(85),
-value=>$_[0]->get("description") -value=>$self->get("description")
); );
$f->getTab("properties")->raw($properties); $f->getTab("properties")->raw($properties);
$f->getTab("layout")->raw($layout); $f->getTab("layout")->raw($layout);
$f->getTab("privileges")->raw($privileges); $f->getTab("privileges")->raw($privileges);
if ($_[0]->{_useDiscussion}) { if ($self->{_useDiscussion}) {
$f->getTab("discussion")->yesNo( $f->getTab("discussion")->yesNo(
-name=>"allowDiscussion", -name=>"allowDiscussion",
-label=>WebGUI::International::get(894), -label=>WebGUI::International::get(894),
-value=>$_[0]->get("allowDiscussion"), -value=>$self->get("allowDiscussion"),
-uiLevel=>5 -uiLevel=>5
); );
$f->getTab("discussion")->raw(WebGUI::Forum::UI::forumProperties($_[0]->get("forumId"))); $f->getTab("discussion")->raw(WebGUI::Forum::UI::forumProperties($self->get("forumId")));
} }
my $output; my $output;
$output = helpIcon($helpId,$_[0]->get("namespace")) if ($helpId); $output = helpIcon($helpId,$self->get("namespace")) if ($helpId);
$heading = WebGUI::International::get($headingId,$_[0]->get("namespace")) if ($headingId); $heading = WebGUI::International::get($headingId,$self->get("namespace")) if ($headingId);
$output .= '<h1>'.$heading.'</h1>' if ($heading); $output .= '<h1>'.$heading.'</h1>' if ($heading);
return $output.$f->print; return $output.$f->print;
} }
@ -1356,28 +1405,30 @@ A hash reference of extra properties to set.
=cut =cut
sub www_editSave { sub www_editSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); my $self = shift;
my $extras = shift;
return WebGUI::Privilege::insufficient() unless ($self->canEdit);
my %set; my %set;
foreach my $key (keys %{$_[0]->{_wobjectProperties}}) { foreach my $key (keys %{$self->{_wobjectProperties}}) {
my $temp = WebGUI::FormProcessor::process( my $temp = WebGUI::FormProcessor::process(
$key, $key,
$_[0]->{_wobjectProperties}{$key}{fieldType}, $self->{_wobjectProperties}{$key}{fieldType},
$_[0]->{_wobjectProperties}{$key}{defaultValue} $self->{_wobjectProperties}{$key}{defaultValue}
); );
$set{$key} = $temp if (defined $temp); $set{$key} = $temp if (defined $temp);
} }
$set{title} = $session{form}{title} || $_[0]->name; $set{title} = $session{form}{title} || $self->name;
foreach my $key (keys %{$_[0]->{_extendedProperties}}) { foreach my $key (keys %{$self->{_extendedProperties}}) {
my $temp = WebGUI::FormProcessor::process( my $temp = WebGUI::FormProcessor::process(
$key, $key,
$_[0]->{_extendedProperties}{$key}{fieldType}, $self->{_extendedProperties}{$key}{fieldType},
$_[0]->{_extendedProperties}{$key}{defaultValue} $self->{_extendedProperties}{$key}{defaultValue}
); );
$set{$key} = $temp if (defined $temp); $set{$key} = $temp if (defined $temp);
} }
%set = (%set, %{$_[1]}); %set = (%set, %{$extras});
$set{forumId} = WebGUI::Forum::UI::forumPropertiesSave() if ($_[0]->{_useDiscussion}); $set{forumId} = WebGUI::Forum::UI::forumPropertiesSave() if ($self->{_useDiscussion});
$_[0]->set(\%set); $self->set(\%set);
return ""; return "";
} }
@ -1390,9 +1441,10 @@ Moves this instance to the bottom of the page.
=cut =cut
sub www_moveBottom { sub www_moveBottom {
if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { my $self = shift;
$_[0]->set({sequenceNumber=>99999}); if ($self->canEdit) {
_reorderWobjects($_[0]->get("pageId")); $self->set({sequenceNumber=>99999});
_reorderWobjects($self->get("pageId"));
return ""; return "";
} else { } else {
return WebGUI::Privilege::insufficient(); return WebGUI::Privilege::insufficient();
@ -1409,14 +1461,15 @@ Moves this instance down one spot on the page.
sub www_moveDown { sub www_moveDown {
my ($wid, $thisSeq); my ($wid, $thisSeq);
if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { my $self = shift;
($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$_[0]->get("wobjectId")); if ($self->canEdit) {
($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$_[0]->get("pageId") ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$self->get("wobjectId"));
($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$self->get("pageId")
." and sequenceNumber=".($thisSeq+1)); ." and sequenceNumber=".($thisSeq+1));
if ($wid ne "") { if ($wid ne "") {
WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=".$_[0]->get("wobjectId")); WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=".$self->get("wobjectId"));
WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=$wid"); WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=$wid");
_reorderWobjects($_[0]->get("pageId")); _reorderWobjects($self->get("pageId"));
} }
return ""; return "";
} else { } else {
@ -1433,9 +1486,10 @@ Moves this instance to the top of the page.
=cut =cut
sub www_moveTop { sub www_moveTop {
if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { my $self = shift;
$_[0]->set({sequenceNumber=>0}); if ($self->canEdit) {
_reorderWobjects($_[0]->get("pageId")); $self->set({sequenceNumber=>0});
_reorderWobjects($self->get("pageId"));
return ""; return "";
} else { } else {
return WebGUI::Privilege::insufficient(); return WebGUI::Privilege::insufficient();
@ -1451,15 +1505,16 @@ Moves this instance up one spot on the page.
=cut =cut
sub www_moveUp { sub www_moveUp {
my $self = shift;
my ($wid, $thisSeq); my ($wid, $thisSeq);
if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { if ($self->canEdit) {
($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$_[0]->get("wobjectId")); ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$self->get("wobjectId"));
($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$_[0]->get("pageId") ($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$self->get("pageId")
." and sequenceNumber=".($thisSeq-1)); ." and sequenceNumber=".($thisSeq-1));
if ($wid ne "") { if ($wid ne "") {
WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=".$_[0]->get("wobjectId")); WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=".$self->get("wobjectId"));
WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=$wid"); WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=$wid");
_reorderWobjects($_[0]->get("pageId")); _reorderWobjects($self->get("pageId"));
} }
return ""; return "";
} else { } else {
@ -1476,8 +1531,9 @@ Moves this instance from the clipboard to the current page.
=cut =cut
sub www_paste { sub www_paste {
my $self = shift;
my ($output, $nextSeq); my ($output, $nextSeq);
if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { if ($self->canEdit) {
($nextSeq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from wobject where pageId=$session{page}{pageId}"); ($nextSeq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from wobject where pageId=$session{page}{pageId}");
$nextSeq += 1; $nextSeq += 1;
WebGUI::SQL->write("UPDATE wobject SET " WebGUI::SQL->write("UPDATE wobject SET "
@ -1485,7 +1541,7 @@ sub www_paste {
."templatePosition=1, " ."templatePosition=1, "
."sequenceNumber=". $nextSeq .", " ."sequenceNumber=". $nextSeq .", "
."bufferUserId=NULL, bufferDate=NULL, bufferPrevId=NULL " ."bufferUserId=NULL, bufferDate=NULL, bufferPrevId=NULL "
."WHERE wobjectId=".$_[0]->get("wobjectId")); ."WHERE wobjectId=".$self->get("wobjectId"));
return ""; return "";
} else { } else {
return WebGUI::Privilege::insufficient(); return WebGUI::Privilege::insufficient();
@ -1501,10 +1557,10 @@ The default display mechanism for any wobject. This web method MUST be overridde
=cut =cut
sub www_view { sub www_view {
my ($output); my $self = shift;
$output = $_[0]->displayTitle; return WebGUI::Privilege::insufficient unless ($self->canView);
$output .= $_[0]->description; return $self->displayTitle.$self->description;
return $output;
} }
1; 1;

36
lib/WebGUI/Wobject/DataForm.pm
View file

@ -240,7 +240,7 @@ sub getRecordTemplateVars {
my $self = shift; my $self = shift;
my $var = shift; my $var = shift;
$var->{error_loop} = [] unless (exists $var->{error_loop}); $var->{error_loop} = [] unless (exists $var->{error_loop});
$var->{canEdit} = (WebGUI::Privilege::canEditWobject($self->get("wobjectId"))); $var->{canEdit} = ($self->canEdit);
$var->{"entryList.url"} = WebGUI::URL::page('func=view&entryId=list&wid='.$self->get("wobjectId")); $var->{"entryList.url"} = WebGUI::URL::page('func=view&entryId=list&wid='.$self->get("wobjectId"));
$var->{"entryList.label"} = WebGUI::International::get(86,$self->get("namespace")); $var->{"entryList.label"} = WebGUI::International::get(86,$self->get("namespace"));
$var->{"export.tab.url"} = WebGUI::URL::page('func=exportTab&wid='.$self->get("wobjectId")); $var->{"export.tab.url"} = WebGUI::URL::page('func=exportTab&wid='.$self->get("wobjectId"));
@ -450,7 +450,7 @@ sub uiLevel {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteEntry { sub www_deleteEntry {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my $entryId = $session{form}{entryId}; my $entryId = $session{form}{entryId};
WebGUI::SQL->write("delete from DataForm_entry where DataForm_entryId=".quote($entryId)); WebGUI::SQL->write("delete from DataForm_entry where DataForm_entryId=".quote($entryId));
$session{form}{entryId} = 'list'; $session{form}{entryId} = 'list';
@ -459,14 +459,14 @@ sub www_deleteEntry {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteField { sub www_deleteField {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm(WebGUI::International::get(19,$_[0]->get("namespace")), return $_[0]->confirm(WebGUI::International::get(19,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteFieldConfirm&wid='.$_[0]->get("wobjectId").'&fid='.$session{form}{fid})); WebGUI::URL::page('func=deleteFieldConfirm&wid='.$_[0]->get("wobjectId").'&fid='.$session{form}{fid}));
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteFieldConfirm { sub www_deleteFieldConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->deleteCollateral("DataForm_field","DataForm_fieldId",$session{form}{fid}); $_[0]->deleteCollateral("DataForm_field","DataForm_fieldId",$session{form}{fid});
$_[0]->reorderCollateral("DataForm_field","DataForm_fieldId"); $_[0]->reorderCollateral("DataForm_field","DataForm_fieldId");
return ""; return "";
@ -474,14 +474,14 @@ sub www_deleteFieldConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteTab { sub www_deleteTab {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm(WebGUI::International::get(100,$_[0]->get("namespace")), return $_[0]->confirm(WebGUI::International::get(100,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteTabConfirm&wid='.$_[0]->get("wobjectId").'&tid='.$session{form}{tid})); WebGUI::URL::page('func=deleteTabConfirm&wid='.$_[0]->get("wobjectId").'&tid='.$session{form}{tid}));
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteTabConfirm { sub www_deleteTabConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->deleteCollateral("DataForm_tab","DataForm_tabId",$session{form}{tid}); $_[0]->deleteCollateral("DataForm_tab","DataForm_tabId",$session{form}{tid});
$_[0]->deleteCollateral("DataForm_field","DataForm_tabId",$session{form}{tid}); $_[0]->deleteCollateral("DataForm_field","DataForm_tabId",$session{form}{tid});
$_[0]->reorderCollateral("DataForm_tab","DataForm_tabId"); $_[0]->reorderCollateral("DataForm_tab","DataForm_tabId");
@ -542,7 +542,7 @@ sub www_edit {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editSave { sub www_editSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->SUPER::www_editSave(); $_[0]->SUPER::www_editSave();
if ($session{form}{wid} eq "new") { if ($session{form}{wid} eq "new") {
$_[0]->setCollateral("DataForm_field","DataForm_fieldId",{ $_[0]->setCollateral("DataForm_field","DataForm_fieldId",{
@ -601,7 +601,7 @@ sub www_editSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editField { sub www_editField {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($output, %field, $f, %fieldStatus,$tab); my ($output, %field, $f, %fieldStatus,$tab);
tie %field, 'Tie::CPHash'; tie %field, 'Tie::CPHash';
@ -695,7 +695,7 @@ sub www_editField {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editFieldSave { sub www_editFieldSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{form}{name} = $session{form}{label} if ($session{form}{name} eq ""); $session{form}{name} = $session{form}{label} if ($session{form}{name} eq "");
$session{form}{tid} = "0" if ($session{form}{tid} eq ""); $session{form}{tid} = "0" if ($session{form}{tid} eq "");
$session{form}{name} = WebGUI::URL::urlize($session{form}{name}); $session{form}{name} = WebGUI::URL::urlize($session{form}{name});
@ -724,7 +724,7 @@ sub www_editFieldSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editTab { sub www_editTab {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($output, %tab, $f); my ($output, %tab, $f);
tie %tab, 'Tie::CPHash'; tie %tab, 'Tie::CPHash';
@ -767,7 +767,7 @@ sub www_editTab {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editTabSave { sub www_editTabSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{form}{name} = $session{form}{label} if ($session{form}{name} eq ""); $session{form}{name} = $session{form}{label} if ($session{form}{name} eq "");
$session{form}{name} = WebGUI::URL::urlize($session{form}{name}); $session{form}{name} = WebGUI::URL::urlize($session{form}{name});
$session{form}{name} =~ s/\-//g; $session{form}{name} =~ s/\-//g;
@ -786,7 +786,7 @@ sub www_editTabSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_exportTab { sub www_exportTab {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{header}{filename} = WebGUI::URL::urlize($_[0]->get("title")).".tab"; $session{header}{filename} = WebGUI::URL::urlize($_[0]->get("title")).".tab";
$session{header}{mimetype} = "text/plain"; $session{header}{mimetype} = "text/plain";
my %fields = WebGUI::SQL->buildHash("select DataForm_fieldId,name from DataForm_field where wobjectId=".$_[0]->get("wobjectId")." order by sequenceNumber"); my %fields = WebGUI::SQL->buildHash("select DataForm_fieldId,name from DataForm_field where wobjectId=".$_[0]->get("wobjectId")." order by sequenceNumber");
@ -809,28 +809,28 @@ sub www_exportTab {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveFieldDown { sub www_moveFieldDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("DataForm_field","DataForm_fieldId",$session{form}{fid},"DataForm_tabId",$session{form}{tid}); $_[0]->moveCollateralDown("DataForm_field","DataForm_fieldId",$session{form}{fid},"DataForm_tabId",$session{form}{tid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveFieldUp { sub www_moveFieldUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("DataForm_field","DataForm_fieldId",$session{form}{fid},"DataForm_tabId",$session{form}{tid}); $_[0]->moveCollateralUp("DataForm_field","DataForm_fieldId",$session{form}{fid},"DataForm_tabId",$session{form}{tid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveTabRight { sub www_moveTabRight {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("DataForm_tab","DataForm_tabId",$session{form}{tid}); $_[0]->moveCollateralDown("DataForm_tab","DataForm_tabId",$session{form}{tid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveTabLeft { sub www_moveTabLeft {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("DataForm_tab","DataForm_tabId",$session{form}{tid}); $_[0]->moveCollateralUp("DataForm_tab","DataForm_tabId",$session{form}{tid});
return ""; return "";
} }
@ -892,8 +892,8 @@ sub www_process {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_view { sub www_view {
my $var; my $var;
$var->{entryId} = $session{form}{entryId} if (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); $var->{entryId} = $session{form}{entryId} if ($_[0]->canEdit);
if ($var->{entryId} eq "list" && WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) { if ($var->{entryId} eq "list" && $_[0]->canEdit) {
return $_[0]->processTemplate($_[0]->get("listTemplateId"),$_[0]->getListTemplateVars,"DataForm/List"); return $_[0]->processTemplate($_[0]->get("listTemplateId"),$_[0]->getListTemplateVars,"DataForm/List");
} }
# add Tab StyleSheet and JavaScript # add Tab StyleSheet and JavaScript

10
lib/WebGUI/Wobject/EventsCalendar.pm
View file

@ -126,7 +126,7 @@ sub purge {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteEvent { sub www_deleteEvent {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my ($output); my ($output);
$output = '<h1>'.WebGUI::International::get(42).'</h1>'; $output = '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(75,$_[0]->get("namespace")).'<p><blockquote>'; $output .= WebGUI::International::get(75,$_[0]->get("namespace")).'<p><blockquote>';
@ -143,7 +143,7 @@ sub www_deleteEvent {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteEventConfirm { sub www_deleteEventConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
if ($session{form}{rid} > 0) { if ($session{form}{rid} > 0) {
$_[0]->deleteCollateral("EventsCalendar_event","EventsCalendar_recurringId",$session{form}{rid}); $_[0]->deleteCollateral("EventsCalendar_event","EventsCalendar_recurringId",$session{form}{rid});
} else { } else {
@ -241,7 +241,7 @@ sub www_editSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editEvent { sub www_editEvent {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my (%recursEvery, $special, $output, $f, %event); my (%recursEvery, $special, $output, $f, %event);
tie %event, 'Tie::CPHash'; tie %event, 'Tie::CPHash';
@ -306,7 +306,7 @@ sub www_editEvent {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editEventSave { sub www_editEventSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my (@startDate, @endDate, $until, @eventId, $i, $recurringEventId); my (@startDate, @endDate, $until, @eventId, $i, $recurringEventId);
$startDate[0] = WebGUI::FormProcessor::dateTime("startDate"); $startDate[0] = WebGUI::FormProcessor::dateTime("startDate");
$startDate[0] = time() unless ($startDate[0] > 0); $startDate[0] = time() unless ($startDate[0] > 0);
@ -547,7 +547,7 @@ sub www_viewEvent {
$var{"end.label"} = WebGUI::International::get(15,$_[0]->get("namespace")); $var{"end.label"} = WebGUI::International::get(15,$_[0]->get("namespace"));
$var{"end.date"} = epochToHuman($event{endDate},"%z"); $var{"end.date"} = epochToHuman($event{endDate},"%z");
$var{"end.time"} = epochToHuman($event{endDate},"%Z"); $var{"end.time"} = epochToHuman($event{endDate},"%Z");
$var{canEdit} = WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")); $var{canEdit} = $_[0]->canEdit;
$var{"edit.url"} = WebGUI::URL::page('func=editEvent&eid='.$session{form}{eid}.'&wid='.$session{form}{wid}); $var{"edit.url"} = WebGUI::URL::page('func=editEvent&eid='.$session{form}{eid}.'&wid='.$session{form}{wid});
$var{"edit.label"} = WebGUI::International::get(575); $var{"edit.label"} = WebGUI::International::get(575);
$var{"delete.url"} = WebGUI::URL::page('func=deleteEvent&eid='.$session{form}{eid}.'&wid=' $var{"delete.url"} = WebGUI::URL::page('func=deleteEvent&eid='.$session{form}{eid}.'&wid='

23
lib/WebGUI/Wobject/FileManager.pm
View file

@ -13,6 +13,7 @@ package WebGUI::Wobject::FileManager;
use strict; use strict;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
@ -131,7 +132,7 @@ sub uiLevel {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteFile { sub www_deleteFile {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->setCollateral("FileManager_file","FileManager_fileId", $_[0]->setCollateral("FileManager_file","FileManager_fileId",
{$session{form}{file}=>'',FileManager_fileId=>$session{form}{did}},0,0); {$session{form}{file}=>'',FileManager_fileId=>$session{form}{did}},0,0);
return $_[0]->www_editDownload(); return $_[0]->www_editDownload();
@ -139,14 +140,14 @@ sub www_deleteFile {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteDownload { sub www_deleteDownload {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm(WebGUI::International::get(12,$_[0]->get("namespace")), return $_[0]->confirm(WebGUI::International::get(12,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteDownloadConfirm&wid='.$session{form}{wid}.'&did='.$session{form}{did})); WebGUI::URL::page('func=deleteDownloadConfirm&wid='.$session{form}{wid}.'&did='.$session{form}{did}));
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteDownloadConfirm { sub www_deleteDownloadConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my ($output, $file); my ($output, $file);
$file = WebGUI::Attachment->new("",$session{form}{wid},$session{form}{did}); $file = WebGUI::Attachment->new("",$session{form}{wid},$session{form}{did});
$file->deleteNode; $file->deleteNode;
@ -160,7 +161,7 @@ sub www_download {
my (%download, $file); my (%download, $file);
tie %download,'Tie::CPHash'; tie %download,'Tie::CPHash';
%download = WebGUI::SQL->quickHash("select * from FileManager_file where FileManager_fileId=$session{form}{did}"); %download = WebGUI::SQL->quickHash("select * from FileManager_file where FileManager_fileId=$session{form}{did}");
if (WebGUI::Privilege::isInGroup($download{groupToView})) { if (WebGUI::Grouping::isInGroup($download{groupToView})) {
if ($session{form}{alternateVersion} == 1) { if ($session{form}{alternateVersion} == 1) {
$file = WebGUI::Attachment->new($download{alternateVersion1}, $file = WebGUI::Attachment->new($download{alternateVersion1},
$session{form}{wid}, $session{form}{wid},
@ -209,7 +210,7 @@ sub www_edit {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editSave { sub www_editSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->SUPER::www_editSave(); $_[0]->SUPER::www_editSave();
if ($session{form}{proceed} eq "addFile") { if ($session{form}{proceed} eq "addFile") {
$session{form}{did} = "new"; $session{form}{did} = "new";
@ -221,7 +222,7 @@ sub www_editSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editDownload { sub www_editDownload {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($output, $file, $f); my ($output, $file, $f);
$file = $_[0]->getCollateral("FileManager_file","FileManager_fileId",$session{form}{did}); $file = $_[0]->getCollateral("FileManager_file","FileManager_fileId",$session{form}{did});
@ -271,7 +272,7 @@ sub www_editDownload {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editDownloadSave { sub www_editDownloadSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my ($file, %files); my ($file, %files);
$files{FileManager_fileId} = $_[0]->setCollateral("FileManager_file", "FileManager_fileId", { $files{FileManager_fileId} = $_[0]->setCollateral("FileManager_file", "FileManager_fileId", {
FileManager_fileId => $session{form}{did}, FileManager_fileId => $session{form}{did},
@ -308,7 +309,7 @@ sub www_editDownloadSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveDownloadDown { sub www_moveDownloadDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sortDirection","-delete-"); WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sortDirection","-delete-");
WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sort","-delete-"); WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sort","-delete-");
$_[0]->moveCollateralUp("FileManager_file","FileManager_fileId",$session{form}{did}); $_[0]->moveCollateralUp("FileManager_file","FileManager_fileId",$session{form}{did});
@ -317,7 +318,7 @@ sub www_moveDownloadDown {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveDownloadUp { sub www_moveDownloadUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sortDirection","-delete-"); WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sortDirection","-delete-");
WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sort","-delete-"); WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sort","-delete-");
$_[0]->moveCollateralDown("FileManager_file","FileManager_fileId",$session{form}{did}); $_[0]->moveCollateralDown("FileManager_file","FileManager_fileId",$session{form}{did});
@ -357,13 +358,13 @@ sub www_view {
$p = WebGUI::Paginator->new($url,$numResults); $p = WebGUI::Paginator->new($url,$numResults);
$p->setDataByQuery($sql); $p->setDataByQuery($sql);
$files = $p->getPageData; $files = $p->getPageData;
my $canEditWobject = (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")) || WebGUI::Privilege::canEditPage()); my $canEditWobject = ($_[0]->canEdit);
foreach $file (@$files) { foreach $file (@$files) {
$file1 = WebGUI::Attachment->new($file->{downloadFile},$_[0]->get("wobjectId"),$file->{FileManager_fileId}); $file1 = WebGUI::Attachment->new($file->{downloadFile},$_[0]->get("wobjectId"),$file->{FileManager_fileId});
$file2 = WebGUI::Attachment->new($file->{alternateVersion1},$_[0]->get("wobjectId"),$file->{FileManager_fileId}); $file2 = WebGUI::Attachment->new($file->{alternateVersion1},$_[0]->get("wobjectId"),$file->{FileManager_fileId});
$file3 = WebGUI::Attachment->new($file->{alternateVersion2},$_[0]->get("wobjectId"),$file->{FileManager_fileId}); $file3 = WebGUI::Attachment->new($file->{alternateVersion2},$_[0]->get("wobjectId"),$file->{FileManager_fileId});
push (@fileloop,{ push (@fileloop,{
"file.canView"=>(WebGUI::Privilege::isInGroup($file->{groupToView}) || $canEditWobject), "file.canView"=>(WebGUI::Grouping::isInGroup($file->{groupToView}) || $canEditWobject),
"file.controls"=>deleteIcon('func=deleteDownload&wid='.$_[0]->get("wobjectId") "file.controls"=>deleteIcon('func=deleteDownload&wid='.$_[0]->get("wobjectId")
.'&did='.$file->{FileManager_fileId}).editIcon('func=editDownload&wid='.$_[0]->get("wobjectId") .'&did='.$file->{FileManager_fileId}).editIcon('func=editDownload&wid='.$_[0]->get("wobjectId")
.'&did='.$file->{FileManager_fileId}).moveUpIcon('func=moveDownloadUp&wid=' .'&did='.$file->{FileManager_fileId}).moveUpIcon('func=moveDownloadUp&wid='

12
lib/WebGUI/Wobject/MessageBoard.pm
View file

@ -137,14 +137,14 @@ sub purge {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteForum { sub www_deleteForum {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm(WebGUI::International::get(76,$_[0]->get("namespace")), return $_[0]->confirm(WebGUI::International::get(76,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteForumConfirm&wid='.$_[0]->get("wobjectId").'&forumId='.$session{form}{forumId})); WebGUI::URL::page('func=deleteForumConfirm&wid='.$_[0]->get("wobjectId").'&forumId='.$session{form}{forumId}));
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteForumConfirm { sub www_deleteForumConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from MessageBoard_forums where forumId=".$session{form}{forumId}); my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from MessageBoard_forums where forumId=".$session{form}{forumId});
unless ($inUseElsewhere > 1) { unless ($inUseElsewhere > 1) {
my $forum = WebGUI::Forum->new($session{form}{forumId}); my $forum = WebGUI::Forum->new($session{form}{forumId});
@ -166,7 +166,7 @@ sub www_edit {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editForum { sub www_editForum {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my $forumMeta; my $forumMeta;
if ($session{form}{forumId} ne "new") { if ($session{form}{forumId} ne "new") {
@ -199,7 +199,7 @@ sub www_editForum {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editForumSave { sub www_editForumSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my $forumId = WebGUI::Forum::UI::forumPropertiesSave(); my $forumId = WebGUI::Forum::UI::forumPropertiesSave();
if ($session{form}{forumId} eq "new") { if ($session{form}{forumId} eq "new") {
my ($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from MessageBoard_forums where wobjectId=".$_[0]->get("wobjectId")); my ($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from MessageBoard_forums where wobjectId=".$_[0]->get("wobjectId"));
@ -216,14 +216,14 @@ sub www_editForumSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveForumDown { sub www_moveForumDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("MessageBoard_forums","forumId",$session{form}{forumId}); $_[0]->moveCollateralDown("MessageBoard_forums","forumId",$session{form}{forumId});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveForumUp { sub www_moveForumUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("MessageBoard_forums","forumId",$session{form}{forumId}); $_[0]->moveCollateralUp("MessageBoard_forums","forumId",$session{form}{forumId});
return ""; return "";
} }

7
lib/WebGUI/Wobject/Poll.pm
View file

@ -14,6 +14,7 @@ package WebGUI::Wobject::Poll;
use strict; use strict;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::Form; use WebGUI::Form;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
@ -223,7 +224,7 @@ sub www_editSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_resetVotes { sub www_resetVotes {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->deleteCollateral("Poll_answer","wobjectId",$_[0]->get("wobjectId")); $_[0]->deleteCollateral("Poll_answer","wobjectId",$_[0]->get("wobjectId"));
return ""; return "";
} }
@ -234,7 +235,7 @@ sub www_view {
$var{question} = $_[0]->get("question"); $var{question} = $_[0]->get("question");
if ($_[0]->get("active") eq "0") { if ($_[0]->get("active") eq "0") {
$showPoll = 0; $showPoll = 0;
} elsif (WebGUI::Privilege::isInGroup($_[0]->get("voteGroup"),$session{user}{userId})) { } elsif (WebGUI::Grouping::isInGroup($_[0]->get("voteGroup"),$session{user}{userId})) {
if ($_[0]->_hasVoted()) { if ($_[0]->_hasVoted()) {
$showPoll = 0; $showPoll = 0;
} else { } else {
@ -277,7 +278,7 @@ sub www_view {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_vote { sub www_vote {
my $u; my $u;
if ($session{form}{answer} ne "" && WebGUI::Privilege::isInGroup($_[0]->get("voteGroup"),$session{user}{userId}) && !($_[0]->_hasVoted())) { if ($session{form}{answer} ne "" && WebGUI::Grouping::isInGroup($_[0]->get("voteGroup"),$session{user}{userId}) && !($_[0]->_hasVoted())) {
WebGUI::SQL->write("insert into Poll_answer values (".$_[0]->get("wobjectId").", WebGUI::SQL->write("insert into Poll_answer values (".$_[0]->get("wobjectId").",
".quote($session{form}{answer}).", $session{user}{userId}, '$session{env}{REMOTE_ADDR}')"); ".quote($session{form}{answer}).", $session{user}{userId}, '$session{env}{REMOTE_ADDR}')");
if ($session{setting}{useKarma}) { if ($session{setting}{useKarma}) {

62
lib/WebGUI/Wobject/Product.pm
View file

@ -163,7 +163,7 @@ sub purge {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addAccessory { sub www_addAccessory {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($output, $f, $accessory, @usedAccessories); my ($output, $f, $accessory, @usedAccessories);
$output = helpIcon(4,$_[0]->get("namespace")); $output = helpIcon(4,$_[0]->get("namespace"));
@ -185,7 +185,7 @@ sub www_addAccessory {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addAccessorySave { sub www_addAccessorySave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($seq); my ($seq);
($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_accessory ($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_accessory
@ -201,7 +201,7 @@ sub www_addAccessorySave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addRelated { sub www_addRelated {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my ($output, $f, $related, @usedRelated); my ($output, $f, $related, @usedRelated);
$output = helpIcon(5,$_[0]->get("namespace")); $output = helpIcon(5,$_[0]->get("namespace"));
$output .= '<h1>'.WebGUI::International::get(19,$_[0]->get("namespace")).'</h1>'; $output .= '<h1>'.WebGUI::International::get(19,$_[0]->get("namespace")).'</h1>';
@ -222,7 +222,7 @@ sub www_addRelated {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_addRelatedSave { sub www_addRelatedSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my ($seq); my ($seq);
($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_related ($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_related
where wobjectId=".$_[0]->get("wobjectId")); where wobjectId=".$_[0]->get("wobjectId"));
@ -237,7 +237,7 @@ sub www_addRelatedSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteAccessory { sub www_deleteAccessory {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm( return $_[0]->confirm(
WebGUI::International::get(2,$_[0]->get("namespace")), WebGUI::International::get(2,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteAccessoryConfirm&wid='.$_[0]->get("wobjectId").'&aid='.$session{form}{aid}) WebGUI::URL::page('func=deleteAccessoryConfirm&wid='.$_[0]->get("wobjectId").'&aid='.$session{form}{aid})
@ -246,7 +246,7 @@ sub www_deleteAccessory {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteAccessoryConfirm { sub www_deleteAccessoryConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
WebGUI::SQL->write("delete from Product_accessory where wobjectId=".$_[0]->get("wobjectId")." and accessoryWobjectId=".quote($session{form}{aid})); WebGUI::SQL->write("delete from Product_accessory where wobjectId=".$_[0]->get("wobjectId")." and accessoryWobjectId=".quote($session{form}{aid}));
$_[0]->reorderCollateral("Product_accessory","accessoryWobjectId"); $_[0]->reorderCollateral("Product_accessory","accessoryWobjectId");
return ""; return "";
@ -254,7 +254,7 @@ sub www_deleteAccessoryConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteBenefit { sub www_deleteBenefit {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm( return $_[0]->confirm(
WebGUI::International::get(48,$_[0]->get("namespace")), WebGUI::International::get(48,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteBenefitConfirm&wid='.$_[0]->get("wobjectId").'&bid='.$session{form}{bid}) WebGUI::URL::page('func=deleteBenefitConfirm&wid='.$_[0]->get("wobjectId").'&bid='.$session{form}{bid})
@ -263,7 +263,7 @@ sub www_deleteBenefit {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteBenefitConfirm { sub www_deleteBenefitConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->deleteCollateral("Product_benefit","Product_benefitId",$session{form}{bid}); $_[0]->deleteCollateral("Product_benefit","Product_benefitId",$session{form}{bid});
$_[0]->reorderCollateral("Product_benefit","Product_benefitId"); $_[0]->reorderCollateral("Product_benefit","Product_benefitId");
return ""; return "";
@ -271,7 +271,7 @@ sub www_deleteBenefitConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteFeature { sub www_deleteFeature {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm( return $_[0]->confirm(
WebGUI::International::get(3,$_[0]->get("namespace")), WebGUI::International::get(3,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteFeatureConfirm&wid='.$_[0]->get("wobjectId").'&fid='.$session{form}{fid}) WebGUI::URL::page('func=deleteFeatureConfirm&wid='.$_[0]->get("wobjectId").'&fid='.$session{form}{fid})
@ -280,7 +280,7 @@ sub www_deleteFeature {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteFeatureConfirm { sub www_deleteFeatureConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->deleteCollateral("Product_feature","Product_featureId",$session{form}{fid}); $_[0]->deleteCollateral("Product_feature","Product_featureId",$session{form}{fid});
$_[0]->reorderCollateral("Product_feature","Product_featureId"); $_[0]->reorderCollateral("Product_feature","Product_featureId");
return ""; return "";
@ -288,7 +288,7 @@ sub www_deleteFeatureConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteRelated { sub www_deleteRelated {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm( return $_[0]->confirm(
WebGUI::International::get(4,$_[0]->get("namespace")), WebGUI::International::get(4,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteRelatedConfirm&wid='.$_[0]->get("wobjectId").'&rid='.$session{form}{rid}) WebGUI::URL::page('func=deleteRelatedConfirm&wid='.$_[0]->get("wobjectId").'&rid='.$session{form}{rid})
@ -297,7 +297,7 @@ sub www_deleteRelated {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteRelatedConfirm { sub www_deleteRelatedConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
WebGUI::SQL->write("delete from Product_related where wobjectId=".$_[0]->get("wobjectId")." and relatedWobjectId=".quote($session{form}{rid})); WebGUI::SQL->write("delete from Product_related where wobjectId=".$_[0]->get("wobjectId")." and relatedWobjectId=".quote($session{form}{rid}));
$_[0]->reorderCollateral("Product_related","relatedWobjectId"); $_[0]->reorderCollateral("Product_related","relatedWobjectId");
return ""; return "";
@ -305,7 +305,7 @@ sub www_deleteRelatedConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteSpecification { sub www_deleteSpecification {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm( return $_[0]->confirm(
WebGUI::International::get(5,$_[0]->get("namespace")), WebGUI::International::get(5,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteSpecificationConfirm&wid='.$_[0]->get("wobjectId").'&sid='.$session{form}{sid}) WebGUI::URL::page('func=deleteSpecificationConfirm&wid='.$_[0]->get("wobjectId").'&sid='.$session{form}{sid})
@ -314,7 +314,7 @@ sub www_deleteSpecification {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteSpecificationConfirm { sub www_deleteSpecificationConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->deleteCollateral("Product_specification","Product_specificationId",$session{form}{sid}); $_[0]->deleteCollateral("Product_specification","Product_specificationId",$session{form}{sid});
$_[0]->reorderCollateral("Product_specification","Product_specificationId"); $_[0]->reorderCollateral("Product_specification","Product_specificationId");
return ""; return "";
@ -348,7 +348,7 @@ sub www_edit {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editSave { sub www_editSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
my ($file, %property); my ($file, %property);
$_[0]->SUPER::www_editSave() if ($_[0]->get("wobjectId") eq "new"); $_[0]->SUPER::www_editSave() if ($_[0]->get("wobjectId") eq "new");
$file = WebGUI::Attachment->new("",$_[0]->get("wobjectId")); $file = WebGUI::Attachment->new("",$_[0]->get("wobjectId"));
@ -375,7 +375,7 @@ sub www_editSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editBenefit { sub www_editBenefit {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($output, $data, $f, $benefits); my ($output, $data, $f, $benefits);
$data = $_[0]->getCollateral("Product_benefit","Product_benefitId",$session{form}{bid}); $data = $_[0]->getCollateral("Product_benefit","Product_benefitId",$session{form}{bid});
@ -395,7 +395,7 @@ sub www_editBenefit {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editBenefitSave { sub www_editBenefitSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{form}{benefit} = $session{form}{benefit_new} if ($session{form}{benefit_new} ne ""); $session{form}{benefit} = $session{form}{benefit_new} if ($session{form}{benefit_new} ne "");
$_[0]->setCollateral("Product_benefit", "Product_benefitId", { $_[0]->setCollateral("Product_benefit", "Product_benefitId", {
Product_benefitId => $session{form}{bid}, Product_benefitId => $session{form}{bid},
@ -411,7 +411,7 @@ sub www_editBenefitSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editFeature { sub www_editFeature {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($output, $data, $f, $features); my ($output, $data, $f, $features);
$data = $_[0]->getCollateral("Product_feature","Product_featureId",$session{form}{fid}); $data = $_[0]->getCollateral("Product_feature","Product_featureId",$session{form}{fid});
@ -431,7 +431,7 @@ sub www_editFeature {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editFeatureSave { sub www_editFeatureSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{form}{feature} = $session{form}{feature_new} if ($session{form}{feature_new} ne ""); $session{form}{feature} = $session{form}{feature_new} if ($session{form}{feature_new} ne "");
$_[0]->setCollateral("Product_feature", "Product_featureId", { $_[0]->setCollateral("Product_feature", "Product_featureId", {
Product_featureId => $session{form}{fid}, Product_featureId => $session{form}{fid},
@ -447,7 +447,7 @@ sub www_editFeatureSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editSpecification { sub www_editSpecification {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($output, $data, $f, $hashRef); my ($output, $data, $f, $hashRef);
$data = $_[0]->getCollateral("Product_specification","Product_specificationId",$session{form}{sid}); $data = $_[0]->getCollateral("Product_specification","Product_specificationId",$session{form}{sid});
@ -470,7 +470,7 @@ sub www_editSpecification {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editSpecificationSave { sub www_editSpecificationSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{form}{name} = $session{form}{name_new} if ($session{form}{name_new} ne ""); $session{form}{name} = $session{form}{name_new} if ($session{form}{name_new} ne "");
$session{form}{units} = $session{form}{units_new} if ($session{form}{units_new} ne ""); $session{form}{units} = $session{form}{units_new} if ($session{form}{units_new} ne "");
$_[0]->setCollateral("Product_specification", "Product_specificationId", { $_[0]->setCollateral("Product_specification", "Product_specificationId", {
@ -489,70 +489,70 @@ sub www_editSpecificationSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveAccessoryDown { sub www_moveAccessoryDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("Product_related","accessoryWobjectId",$session{form}{aid}); $_[0]->moveCollateralDown("Product_related","accessoryWobjectId",$session{form}{aid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveAccessoryUp { sub www_moveAccessoryUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("Product_accessory","accessoryWobjectId",$session{form}{aid}); $_[0]->moveCollateralUp("Product_accessory","accessoryWobjectId",$session{form}{aid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveBenefitDown { sub www_moveBenefitDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("Product_benefit","Product_benefitId",$session{form}{bid}); $_[0]->moveCollateralDown("Product_benefit","Product_benefitId",$session{form}{bid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveBenefitUp { sub www_moveBenefitUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("Product_benefit","Product_benefitId",$session{form}{bid}); $_[0]->moveCollateralUp("Product_benefit","Product_benefitId",$session{form}{bid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveFeatureDown { sub www_moveFeatureDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("Product_feature","Product_featureId",$session{form}{fid}); $_[0]->moveCollateralDown("Product_feature","Product_featureId",$session{form}{fid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveFeatureUp { sub www_moveFeatureUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("Product_feature","Product_featureId",$session{form}{fid}); $_[0]->moveCollateralUp("Product_feature","Product_featureId",$session{form}{fid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveRelatedDown { sub www_moveRelatedDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("Product_related","relatedWobjectId",$session{form}{rid}); $_[0]->moveCollateralDown("Product_related","relatedWobjectId",$session{form}{rid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveRelatedUp { sub www_moveRelatedUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("Product_related","relatedWobjectId",$session{form}{rid}); $_[0]->moveCollateralUp("Product_related","relatedWobjectId",$session{form}{rid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveSpecificationDown { sub www_moveSpecificationDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("Product_specification","Product_specificationId",$session{form}{sid}); $_[0]->moveCollateralDown("Product_specification","Product_specificationId",$session{form}{sid});
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveSpecificationUp { sub www_moveSpecificationUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("Product_specification","Product_specificationId",$session{form}{sid}); $_[0]->moveCollateralUp("Product_specification","Product_specificationId",$session{form}{sid});
return ""; return "";
} }

55
lib/WebGUI/Wobject/Survey.pm
View file

@ -13,6 +13,7 @@ package WebGUI::Wobject::Survey;
use strict; use strict;
use Tie::CPHash; use Tie::CPHash;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Grouping;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
use WebGUI::International; use WebGUI::International;
@ -158,7 +159,7 @@ sub getIp {
sub getMenuVars { sub getMenuVars {
my $self = shift; my $self = shift;
my %var; my %var;
$var{'user.canViewReports'} = (WebGUI::Privilege::isInGroup($self->get("groupToViewReports"))); $var{'user.canViewReports'} = (WebGUI::Grouping::isInGroup($self->get("groupToViewReports")));
$var{'delete.all.responses.url'} = WebGUI::URL::page('func=deleteAllResponses&wid='.$self->get("wobjectId")); $var{'delete.all.responses.url'} = WebGUI::URL::page('func=deleteAllResponses&wid='.$self->get("wobjectId"));
$var{'delete.all.responses.label'} = WebGUI::International::get(73,$self->get("namespace")); $var{'delete.all.responses.label'} = WebGUI::International::get(73,$self->get("namespace"));
$var{'export.answers.url'} = WebGUI::URL::page('func=exportAnswers&wid='.$self->get("wobjectId")); $var{'export.answers.url'} = WebGUI::URL::page('func=exportAnswers&wid='.$self->get("wobjectId"));
@ -427,7 +428,7 @@ sub uiLevel {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteAnswer { sub www_deleteAnswer {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm(WebGUI::International::get(45,$_[0]->get("namespace")), return $_[0]->confirm(WebGUI::International::get(45,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteAnswerConfirm&wid='.$_[0]->get("wobjectId").'&aid=' WebGUI::URL::page('func=deleteAnswerConfirm&wid='.$_[0]->get("wobjectId").'&aid='
.$session{form}{aid}.'&qid='.$session{form}{qid})); .$session{form}{aid}.'&qid='.$session{form}{qid}));
@ -435,7 +436,7 @@ sub www_deleteAnswer {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteAnswerConfirm { sub www_deleteAnswerConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
WebGUI::SQL->write("delete from Survey_questionResponse where Survey_answerId=".quote($session{form}{aid})); WebGUI::SQL->write("delete from Survey_questionResponse where Survey_answerId=".quote($session{form}{aid}));
$_[0]->deleteCollateral("Survey_answer","Survey_answerId",$session{form}{aid}); $_[0]->deleteCollateral("Survey_answer","Survey_answerId",$session{form}{aid});
$_[0]->reorderCollateral("Survey_answer","Survey_answerId","Survey_id"); $_[0]->reorderCollateral("Survey_answer","Survey_answerId","Survey_id");
@ -444,14 +445,14 @@ sub www_deleteAnswerConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteQuestion { sub www_deleteQuestion {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
return $_[0]->confirm(WebGUI::International::get(44,$_[0]->get("namespace")), return $_[0]->confirm(WebGUI::International::get(44,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteQuestionConfirm&wid='.$_[0]->get("wobjectId").'&qid='.$session{form}{qid})); WebGUI::URL::page('func=deleteQuestionConfirm&wid='.$_[0]->get("wobjectId").'&qid='.$session{form}{qid}));
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteQuestionConfirm { sub www_deleteQuestionConfirm {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
WebGUI::SQL->write("delete from Survey_answer where Survey_questionId=".quote($session{form}{qid})); WebGUI::SQL->write("delete from Survey_answer where Survey_questionId=".quote($session{form}{qid}));
WebGUI::SQL->write("delete from Survey_questionResponse where Survey_questionId=".quote($session{form}{qid})); WebGUI::SQL->write("delete from Survey_questionResponse where Survey_questionId=".quote($session{form}{qid}));
$_[0]->deleteCollateral("Survey_question","Survey_questionId",$session{form}{qid}); $_[0]->deleteCollateral("Survey_question","Survey_questionId",$session{form}{qid});
@ -461,14 +462,14 @@ sub www_deleteQuestionConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteResponse { sub www_deleteResponse {
return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return $_[0]->confirm(WebGUI::International::get(72,$_[0]->get("namespace")), return $_[0]->confirm(WebGUI::International::get(72,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteResponseConfirm&amp;wid='.$_[0]->get("wobjectId").'&responseId='.$session{form}{responseId})); WebGUI::URL::page('func=deleteResponseConfirm&amp;wid='.$_[0]->get("wobjectId").'&responseId='.$session{form}{responseId}));
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteResponseConfirm { sub www_deleteResponseConfirm {
return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
WebGUI::SQL->write("delete from Survey_response where Survey_responseId=".quote($session{form}{responseId})); WebGUI::SQL->write("delete from Survey_response where Survey_responseId=".quote($session{form}{responseId}));
WebGUI::SQL->write("delete from Survey_questionResponse where Survey_responseId=".quote($session{form}{responseId})); WebGUI::SQL->write("delete from Survey_questionResponse where Survey_responseId=".quote($session{form}{responseId}));
return $_[0]->www_viewGradebook; return $_[0]->www_viewGradebook;
@ -476,14 +477,14 @@ sub www_deleteResponseConfirm {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteAllResponses { sub www_deleteAllResponses {
return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
return $_[0]->confirm(WebGUI::International::get(74,$_[0]->get("namespace")), return $_[0]->confirm(WebGUI::International::get(74,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteAllResponsesConfirm&wid='.$_[0]->get("wobjectId"))); WebGUI::URL::page('func=deleteAllResponsesConfirm&wid='.$_[0]->get("wobjectId")));
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteAllResponsesConfirm { sub www_deleteAllResponsesConfirm {
return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
WebGUI::SQL->write("delete from Survey_response where Survey_id=".$_[0]->get("Survey_id")); WebGUI::SQL->write("delete from Survey_response where Survey_id=".$_[0]->get("Survey_id"));
WebGUI::SQL->write("delete from Survey_questionResponse where Survey_id=".$_[0]->get("Survey_id")); WebGUI::SQL->write("delete from Survey_questionResponse where Survey_id=".$_[0]->get("Survey_id"));
return ""; return "";
@ -567,7 +568,7 @@ sub www_edit {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editSave { sub www_editSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->SUPER::www_editSave(); $_[0]->SUPER::www_editSave();
if ($session{form}{proceed} eq "addQuestion") { if ($session{form}{proceed} eq "addQuestion") {
$session{form}{qid} = "new"; $session{form}{qid} = "new";
@ -578,7 +579,7 @@ sub www_editSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editAnswer { sub www_editAnswer {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($question, $output, $f, $answer); my ($question, $output, $f, $answer);
$answer = $_[0]->getCollateral("Survey_answer","Survey_answerId",$session{form}{aid}); $answer = $_[0]->getCollateral("Survey_answer","Survey_answerId",$session{form}{aid});
@ -634,7 +635,7 @@ sub www_editAnswer {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editAnswerSave { sub www_editAnswerSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->setCollateral("Survey_answer", "Survey_answerId", { $_[0]->setCollateral("Survey_answer", "Survey_answerId", {
Survey_answerId => $session{form}{aid}, Survey_answerId => $session{form}{aid},
Survey_questionId => $session{form}{qid}, Survey_questionId => $session{form}{qid},
@ -656,7 +657,7 @@ sub www_editAnswerSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editQuestion { sub www_editQuestion {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{page}{useAdminStyle} = 1; $session{page}{useAdminStyle} = 1;
my ($output, $f, $question, $answerFieldType, $sth, %data); my ($output, $f, $question, $answerFieldType, $sth, %data);
tie %data, 'Tie::CPHash'; tie %data, 'Tie::CPHash';
@ -736,7 +737,7 @@ sub www_editQuestion {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_editQuestionSave { sub www_editQuestionSave {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$session{form}{qid} = $_[0]->setCollateral("Survey_question", "Survey_questionId", { $session{form}{qid} = $_[0]->setCollateral("Survey_question", "Survey_questionId", {
question=>$session{form}{question}, question=>$session{form}{question},
Survey_questionId=>$session{form}{qid}, Survey_questionId=>$session{form}{qid},
@ -778,7 +779,7 @@ sub www_editQuestionSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_exportAnswers { sub www_exportAnswers {
return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
$session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_answers.tab"); $session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_answers.tab");
$session{header}{mimetype} = "text/tab"; $session{header}{mimetype} = "text/tab";
return WebGUI::SQL->quickTab("select * from Survey_answer where Survey_id=".$_[0]->get("Survey_id")); return WebGUI::SQL->quickTab("select * from Survey_answer where Survey_id=".$_[0]->get("Survey_id"));
@ -786,7 +787,7 @@ sub www_exportAnswers {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_exportComposite { sub www_exportComposite {
return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
$session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_composite.tab"); $session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_composite.tab");
$session{header}{mimetype} = "text/tab"; $session{header}{mimetype} = "text/tab";
return WebGUI::SQL->quickTab("select b.question, c.response, a.userId, a.username, a.ipAddress, c.comment, c.dateOfResponse from Survey_response a return WebGUI::SQL->quickTab("select b.question, c.response, a.userId, a.username, a.ipAddress, c.comment, c.dateOfResponse from Survey_response a
@ -797,7 +798,7 @@ sub www_exportComposite {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_exportQuestions { sub www_exportQuestions {
return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
$session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_questions.tab"); $session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_questions.tab");
$session{header}{mimetype} = "text/tab"; $session{header}{mimetype} = "text/tab";
return WebGUI::SQL->quickTab("select * from Survey_question where Survey_id=".$_[0]->get("Survey_id")); return WebGUI::SQL->quickTab("select * from Survey_question where Survey_id=".$_[0]->get("Survey_id"));
@ -805,7 +806,7 @@ sub www_exportQuestions {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_exportResponses { sub www_exportResponses {
return "" unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
$session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_responses.tab"); $session{header}{filename} = WebGUI::URL::escape($_[0]->get("title")."_responses.tab");
$session{header}{mimetype} = "text/tab"; $session{header}{mimetype} = "text/tab";
return WebGUI::SQL->quickTab("select * from Survey_response where Survey_id=".$_[0]->get("Survey_id")); return WebGUI::SQL->quickTab("select * from Survey_response where Survey_id=".$_[0]->get("Survey_id"));
@ -813,28 +814,28 @@ sub www_exportResponses {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveAnswerDown { sub www_moveAnswerDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("Survey_answer","Survey_answerId",$session{form}{aid},"Survey_id"); $_[0]->moveCollateralDown("Survey_answer","Survey_answerId",$session{form}{aid},"Survey_id");
return $_[0]->www_editQuestion; return $_[0]->www_editQuestion;
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveAnswerUp { sub www_moveAnswerUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("Survey_answer","Survey_answerId",$session{form}{aid},"Survey_id"); $_[0]->moveCollateralUp("Survey_answer","Survey_answerId",$session{form}{aid},"Survey_id");
return $_[0]->www_editQuestion; return $_[0]->www_editQuestion;
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveQuestionDown { sub www_moveQuestionDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("Survey_question","Survey_questionId",$session{form}{qid},"Survey_id"); $_[0]->moveCollateralDown("Survey_question","Survey_questionId",$session{form}{qid},"Survey_id");
return $_[0]->www_edit; return $_[0]->www_edit;
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveQuestionUp { sub www_moveQuestionUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("Survey_question","Survey_questionId",$session{form}{qid},"Survey_id"); $_[0]->moveCollateralUp("Survey_question","Survey_questionId",$session{form}{qid},"Survey_id");
return $_[0]->www_edit; return $_[0]->www_edit;
} }
@ -842,7 +843,7 @@ sub www_moveQuestionUp {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_respond { sub www_respond {
my $self = shift; my $self = shift;
return "" unless (WebGUI::Privilege::isInGroup($self->get("groupToTakeSurvey"))); return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToTakeSurvey")));
my $varname = $self->getResponseIdString; my $varname = $self->getResponseIdString;
return "" unless ($session{scratch}{$varname}); return "" unless ($session{scratch}{$varname});
my $userId = ($self->get("anonymous")) ? substr(md5_hex($session{user}{userId}),0,8) : $session{user}{userId}; my $userId = ($self->get("anonymous")) ? substr(md5_hex($session{user}{userId}),0,8) : $session{user}{userId};
@ -890,7 +891,7 @@ sub www_view {
$var->{'question.edit_loop'} = \@edit; $var->{'question.edit_loop'} = \@edit;
} }
$sth->finish; $sth->finish;
$var->{'user.canTakeSurvey'} = WebGUI::Privilege::isInGroup($self->get("groupToTakeSurvey")); $var->{'user.canTakeSurvey'} = WebGUI::Grouping::isInGroup($self->get("groupToTakeSurvey"));
if ($var->{'user.canTakeSurvey'}) { if ($var->{'user.canTakeSurvey'}) {
$var->{'response.Id'} = $self->getResponseId(); $var->{'response.Id'} = $self->getResponseId();
$var->{'response.Count'} = $self->getResponseCount; $var->{'response.Count'} = $self->getResponseCount;
@ -940,7 +941,7 @@ sub www_view {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewGradebook { sub www_viewGradebook {
my $self = shift; my $self = shift;
return "" unless (WebGUI::Privilege::isInGroup($self->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToViewReports")));
my $var = $self->getMenuVars; my $var = $self->getMenuVars;
$var->{title} = WebGUI::International::get(71,$self->get("namespace")); $var->{title} = WebGUI::International::get(71,$self->get("namespace"));
my $p = WebGUI::Paginator->new(WebGUI::URL::page('func=viewGradebook&wid='.$self->get("wobjectId"))); my $p = WebGUI::Paginator->new(WebGUI::URL::page('func=viewGradebook&wid='.$self->get("wobjectId")));
@ -976,7 +977,7 @@ sub www_viewGradebook {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewIndividualSurvey { sub www_viewIndividualSurvey {
my $self = shift; my $self = shift;
return "" unless (WebGUI::Privilege::isInGroup($self->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToViewReports")));
my $var = $self->getMenuVars; my $var = $self->getMenuVars;
$var->{'title'} = WebGUI::International::get(70,$self->get("namespace")); $var->{'title'} = WebGUI::International::get(70,$self->get("namespace"));
$var->{'delete.url'} = WebGUI::URL::page('func=deleteResponse&amp;wid='.$self->get("wobjectId").'&amp;responseId='.$session{form}{responseId}); $var->{'delete.url'} = WebGUI::URL::page('func=deleteResponse&amp;wid='.$self->get("wobjectId").'&amp;responseId='.$session{form}{responseId});
@ -1033,7 +1034,7 @@ sub www_viewIndividualSurvey {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_viewStatisticalOverview { sub www_viewStatisticalOverview {
my $self = shift; my $self = shift;
return "" unless (WebGUI::Privilege::isInGroup($self->get("groupToViewReports"))); return "" unless (WebGUI::Grouping::isInGroup($self->get("groupToViewReports")));
my $var = $self->getMenuVars; my $var = $self->getMenuVars;
$var->{title} = WebGUI::International::get(58,$self->get("namespace")); $var->{title} = WebGUI::International::get(58,$self->get("namespace"));
my $p = WebGUI::Paginator->new(WebGUI::URL::page('func=viewStatisticalOverview&wid='.$self->get("wobjectId"))); my $p = WebGUI::Paginator->new(WebGUI::URL::page('func=viewStatisticalOverview&wid='.$self->get("wobjectId")));

37
lib/WebGUI/Wobject/USS.pm
View file

@ -16,6 +16,7 @@ use WebGUI::Attachment;
use WebGUI::DateTime; use WebGUI::DateTime;
use WebGUI::Forum; use WebGUI::Forum;
use WebGUI::Forum::UI; use WebGUI::Forum::UI;
use WebGUI::Grouping;
use WebGUI::HTML; use WebGUI::HTML;
use WebGUI::HTMLForm; use WebGUI::HTMLForm;
use WebGUI::Icon; use WebGUI::Icon;
@ -236,7 +237,7 @@ sub status {
sub www_approveSubmission { sub www_approveSubmission {
my (%submission); my (%submission);
tie %submission, 'Tie::CPHash'; tie %submission, 'Tie::CPHash';
if (WebGUI::Privilege::isInGroup(4,$session{user}{userId}) || WebGUI::Privilege::isInGroup(3,$session{user}{userId})) { if (WebGUI::Grouping::isInGroup(4,$session{user}{userId}) || WebGUI::Grouping::isInGroup(3,$session{user}{userId})) {
%submission = WebGUI::SQL->quickHash("select * from USS_submission where USS_submissionId=$session{form}{sid}"); %submission = WebGUI::SQL->quickHash("select * from USS_submission where USS_submissionId=$session{form}{sid}");
WebGUI::SQL->write("update USS_submission set status='Approved' where USS_submissionId=".quote($session{form}{sid})); WebGUI::SQL->write("update USS_submission set status='Approved' where USS_submissionId=".quote($session{form}{sid}));
WebGUI::MessageLog::addInternationalizedEntry($submission{userId},'',WebGUI::URL::page('func=viewSubmission&wid='. WebGUI::MessageLog::addInternationalizedEntry($submission{userId},'',WebGUI::URL::page('func=viewSubmission&wid='.
@ -251,7 +252,7 @@ sub www_approveSubmission {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteFile { sub www_deleteFile {
my ($owner) = WebGUI::SQL->quickArray("select userId from USS_submission where USS_submissionId=$session{form}{sid}"); my ($owner) = WebGUI::SQL->quickArray("select userId from USS_submission where USS_submissionId=$session{form}{sid}");
if ($owner == $session{user}{userId} || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) { if ($owner == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) {
$_[0]->setCollateral("USS_submission","USS_submissionId",{ $_[0]->setCollateral("USS_submission","USS_submissionId",{
$session{form}{file}=>'', $session{form}{file}=>'',
USS_submissionId=>$session{form}{sid} USS_submissionId=>$session{form}{sid}
@ -265,7 +266,7 @@ sub www_deleteFile {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteSubmission { sub www_deleteSubmission {
my ($owner) = WebGUI::SQL->quickArray("select userId from USS_submission where USS_submissionId=$session{form}{sid}"); my ($owner) = WebGUI::SQL->quickArray("select userId from USS_submission where USS_submissionId=$session{form}{sid}");
if ($owner == $session{user}{userId} || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) { if ($owner == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) {
return $_[0]->confirm(WebGUI::International::get(17,$_[0]->get("namespace")), return $_[0]->confirm(WebGUI::International::get(17,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteSubmissionConfirm&wid='.$session{form}{wid}.'&sid='.$session{form}{sid})); WebGUI::URL::page('func=deleteSubmissionConfirm&wid='.$session{form}{wid}.'&sid='.$session{form}{sid}));
} else { } else {
@ -276,7 +277,7 @@ sub www_deleteSubmission {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_deleteSubmissionConfirm { sub www_deleteSubmissionConfirm {
my ($owner, $forumId) = WebGUI::SQL->quickArray("select userId,forumId from USS_submission where USS_submissionId=$session{form}{sid}"); my ($owner, $forumId) = WebGUI::SQL->quickArray("select userId,forumId from USS_submission where USS_submissionId=$session{form}{sid}");
if ($owner == $session{user}{userId} || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) { if ($owner == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) {
my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from USS_submission where forumId=".$forumId); my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from USS_submission where forumId=".$forumId);
unless ($inUseElsewhere > 1) { unless ($inUseElsewhere > 1) {
my $forum = WebGUI::Forum->new($forumId); my $forum = WebGUI::Forum->new($forumId);
@ -295,7 +296,7 @@ sub www_deleteSubmissionConfirm {
sub www_denySubmission { sub www_denySubmission {
my (%submission); my (%submission);
tie %submission, 'Tie::CPHash'; tie %submission, 'Tie::CPHash';
if (WebGUI::Privilege::isInGroup(4,$session{user}{userId}) || WebGUI::Privilege::isInGroup(3,$session{user}{userId})) { if (WebGUI::Grouping::isInGroup(4,$session{user}{userId}) || WebGUI::Grouping::isInGroup(3,$session{user}{userId})) {
%submission = WebGUI::SQL->quickHash("select * from USS_submission where USS_submissionId=$session{form}{sid}"); %submission = WebGUI::SQL->quickHash("select * from USS_submission where USS_submissionId=$session{form}{sid}");
WebGUI::SQL->write("update USS_submission set status='Denied' where USS_submissionId=".quote($session{form}{sid})); WebGUI::SQL->write("update USS_submission set status='Denied' where USS_submissionId=".quote($session{form}{sid}));
WebGUI::MessageLog::addInternationalizedEntry($submission{userId},'',WebGUI::URL::page('func=viewSubmission&wid='. WebGUI::MessageLog::addInternationalizedEntry($submission{userId},'',WebGUI::URL::page('func=viewSubmission&wid='.
@ -403,9 +404,9 @@ sub www_editSubmission {
$submission->{contentType} = "mixed"; $submission->{contentType} = "mixed";
$var{'submission.isNew'} = 1; $var{'submission.isNew'} = 1;
} }
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToContribute")) return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute"))
|| $submission->{userId} == $session{user}{userId} || $submission->{userId} == $session{user}{userId}
|| WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))); || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove")));
$var{'link.header.label'} = WebGUI::International::get(90,$_[0]->get("namespace")); $var{'link.header.label'} = WebGUI::International::get(90,$_[0]->get("namespace"));
$var{'question.header.label'} = WebGUI::International::get(84,$_[0]->get("namespace")); $var{'question.header.label'} = WebGUI::International::get(84,$_[0]->get("namespace"));
$var{'submission.header.label'} = WebGUI::International::get(19,$_[0]->get("namespace")); $var{'submission.header.label'} = WebGUI::International::get(19,$_[0]->get("namespace"));
@ -571,8 +572,8 @@ sub www_editSubmissionSave {
$submission = $_[0]->getCollateral("USS_submission","USS_submissionId",$session{form}{sid}); $submission = $_[0]->getCollateral("USS_submission","USS_submissionId",$session{form}{sid});
if ($submission->{userId} == $session{user}{userId} if ($submission->{userId} == $session{user}{userId}
|| ($submission->{USS_submissionId} eq "new" || ($submission->{USS_submissionId} eq "new"
&& WebGUI::Privilege::isInGroup($_[0]->get("groupToContribute"))) && WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute")))
|| WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) { || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) {
if ($session{form}{sid} eq "new") { if ($session{form}{sid} eq "new") {
my $forum = WebGUI::Forum->create({ my $forum = WebGUI::Forum->create({
masterForumId=>$_[0]->get("forumId"), masterForumId=>$_[0]->get("forumId"),
@ -609,7 +610,7 @@ sub www_editSubmissionSave {
$file->save("attachment"); $file->save("attachment");
$hash{attachment} = $file->getFilename if ($file->getFilename ne ""); $hash{attachment} = $file->getFilename if ($file->getFilename ne "");
unless ($_[0]->get("defaultStatus") eq "Approved") { unless ($_[0]->get("defaultStatus") eq "Approved") {
unless (WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove")) ) { unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove")) ) {
$hash{status} = $_[0]->get("defaultStatus"); $hash{status} = $_[0]->get("defaultStatus");
WebGUI::MessageLog::addInternationalizedEntry('',$_[0]->get("groupToApprove"), WebGUI::MessageLog::addInternationalizedEntry('',$_[0]->get("groupToApprove"),
WebGUI::URL::page('func=viewSubmission&wid='.$_[0]->get("wobjectId").'&sid='. WebGUI::URL::page('func=viewSubmission&wid='.$_[0]->get("wobjectId").'&sid='.
@ -627,14 +628,14 @@ sub www_editSubmissionSave {
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveSubmissionDown { sub www_moveSubmissionDown {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralDown("USS_submission","USS_submissionId",$session{form}{sid}, "USS_id", $_[0]->get("USS_id")); $_[0]->moveCollateralDown("USS_submission","USS_submissionId",$session{form}{sid}, "USS_id", $_[0]->get("USS_id"));
return ""; return "";
} }
#------------------------------------------------------------------- #-------------------------------------------------------------------
sub www_moveSubmissionUp { sub www_moveSubmissionUp {
return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))); return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
$_[0]->moveCollateralUp("USS_submission","USS_submissionId",$session{form}{sid}, "USS_id", $_[0]->get("USS_id")); $_[0]->moveCollateralUp("USS_submission","USS_submissionId",$session{form}{sid}, "USS_id", $_[0]->get("USS_id"));
return ""; return "";
} }
@ -646,7 +647,7 @@ sub www_view {
$numResults = $_[0]->get("submissionsPerPage"); $numResults = $_[0]->get("submissionsPerPage");
$var{"readmore.label"} = WebGUI::International::get(46,$_[0]->get("namespace")); $var{"readmore.label"} = WebGUI::International::get(46,$_[0]->get("namespace"));
$var{"responses.label"} = WebGUI::International::get(57,$_[0]->get("namespace")); $var{"responses.label"} = WebGUI::International::get(57,$_[0]->get("namespace"));
$var{canPost} = WebGUI::Privilege::isInGroup($_[0]->get("groupToContribute")); $var{canPost} = WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute"));
$var{"post.url"} = WebGUI::URL::page('func=editSubmission&sid=new&wid='.$_[0]->get("wobjectId")); $var{"post.url"} = WebGUI::URL::page('func=editSubmission&sid=new&wid='.$_[0]->get("wobjectId"));
$var{"post.label"} = WebGUI::International::get(20,$_[0]->get("namespace")); $var{"post.label"} = WebGUI::International::get(20,$_[0]->get("namespace"));
$var{"addquestion.label"} = WebGUI::International::get(83,$_[0]->get("namespace")); $var{"addquestion.label"} = WebGUI::International::get(83,$_[0]->get("namespace"));
@ -664,7 +665,7 @@ sub www_view {
} else { } else {
$constraints = "(status='Approved' or (userId=$session{user}{userId} and userId<>1))"; $constraints = "(status='Approved' or (userId=$session{user}{userId} and userId<>1))";
} }
$var{canModerate} = WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"),$session{user}{userId}); $var{canModerate} = WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"),$session{user}{userId});
$var{"title.label"} = WebGUI::International::get(99); $var{"title.label"} = WebGUI::International::get(99);
$var{"thumbnail.label"} = WebGUI::International::get(52,$_[0]->get("namespace")); $var{"thumbnail.label"} = WebGUI::International::get(52,$_[0]->get("namespace"));
$var{"date.label"} = WebGUI::International::get(13,$_[0]->get("namespace")); $var{"date.label"} = WebGUI::International::get(13,$_[0]->get("namespace"));
@ -806,7 +807,7 @@ sub www_viewSubmission {
return "" unless ($submission->{USS_submissionId}); return "" unless ($submission->{USS_submissionId});
return "" unless ($submission->{status} eq 'Approved' || return "" unless ($submission->{status} eq 'Approved' ||
($submission->{userId} == $session{user}{userId} && $session{user}{userId} != 1) || ($submission->{userId} == $session{user}{userId} && $session{user}{userId} != 1) ||
WebGUI::Privilege::isInGroup($_[0]->getValue("groupToApprove"))); WebGUI::Grouping::isInGroup($_[0]->getValue("groupToApprove")));
my $callback = WebGUI::URL::page("func=viewSubmission&amp;wid=".$_[0]->get("wobjectId")."&amp;sid=".$submission->{USS_submissionId}); my $callback = WebGUI::URL::page("func=viewSubmission&amp;wid=".$_[0]->get("wobjectId")."&amp;sid=".$submission->{USS_submissionId});
if ($session{form}{forumOp} ne "" && $session{form}{forumOp} ne "viewForum") { if ($session{form}{forumOp} ne "" && $session{form}{forumOp} ne "viewForum") {
return WebGUI::Forum::UI::forumOp({ return WebGUI::Forum::UI::forumOp({
@ -834,7 +835,7 @@ sub www_viewSubmission {
$var{"status.status"} = status($submission->{status}); $var{"status.status"} = status($submission->{status});
$var{"views.label"} = WebGUI::International::get(514); $var{"views.label"} = WebGUI::International::get(514);
$var{"views.count"} = $submission->{views}; $var{"views.count"} = $submission->{views};
$var{canPost} = WebGUI::Privilege::isInGroup($_[0]->get("groupToContribute")); $var{canPost} = WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute"));
$var{"post.url"} = WebGUI::URL::page('func=editSubmission&sid=new&wid='.$_[0]->get("wobjectId")); $var{"post.url"} = WebGUI::URL::page('func=editSubmission&sid=new&wid='.$_[0]->get("wobjectId"));
$var{"post.label"} = WebGUI::International::get(20,$_[0]->get("namespace")); $var{"post.label"} = WebGUI::International::get(20,$_[0]->get("namespace"));
@data = WebGUI::SQL->quickArray("select max(USS_submissionId) from USS_submission @data = WebGUI::SQL->quickArray("select max(USS_submissionId) from USS_submission
@ -849,12 +850,12 @@ sub www_viewSubmission {
$var{"next.more"} = ($data[0] ne ""); $var{"next.more"} = ($data[0] ne "");
$var{"next.url"} = WebGUI::URL::page('func=viewSubmission&sid='.$data[0].'&wid='.$session{form}{wid}); $var{"next.url"} = WebGUI::URL::page('func=viewSubmission&sid='.$data[0].'&wid='.$session{form}{wid});
$var{"next.label"} = WebGUI::International::get(59,$_[0]->get("namespace")); $var{"next.label"} = WebGUI::International::get(59,$_[0]->get("namespace"));
$var{canEdit} = (($submission->{userId} == $session{user}{userId} || WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"))) && $session{user}{userId} != 1); $var{canEdit} = (($submission->{userId} == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) && $session{user}{userId} != 1);
$var{"delete.url"} = WebGUI::URL::page('func=deleteSubmission&wid='.$session{form}{wid}.'&sid='.$session{form}{sid}); $var{"delete.url"} = WebGUI::URL::page('func=deleteSubmission&wid='.$session{form}{wid}.'&sid='.$session{form}{sid});
$var{"delete.label"} = WebGUI::International::get(37,$_[0]->get("namespace")); $var{"delete.label"} = WebGUI::International::get(37,$_[0]->get("namespace"));
$var{"edit.url"} = WebGUI::URL::page('func=editSubmission&wid='.$session{form}{wid}.'&sid='.$session{form}{sid}); $var{"edit.url"} = WebGUI::URL::page('func=editSubmission&wid='.$session{form}{wid}.'&sid='.$session{form}{sid});
$var{"edit.label"} = WebGUI::International::get(27,$_[0]->get("namespace")); $var{"edit.label"} = WebGUI::International::get(27,$_[0]->get("namespace"));
$var{canChangeStatus} = WebGUI::Privilege::isInGroup($_[0]->get("groupToApprove"),$session{user}{userId}); $var{canChangeStatus} = WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"),$session{user}{userId});
$var{"approve.url"} = WebGUI::URL::page('func=approveSubmission&wid='.$session{form}{wid}.'&sid='.$session{form}{sid}.'&mlog='.$session{form}{mlog}); $var{"approve.url"} = WebGUI::URL::page('func=approveSubmission&wid='.$session{form}{wid}.'&sid='.$session{form}{sid}.'&mlog='.$session{form}{mlog});
$var{"approve.label"} = WebGUI::International::get(572); $var{"approve.label"} = WebGUI::International::get(572);
$var{"leave.url"} = WebGUI::URL::page('op=viewMessageLog'); $var{"leave.url"} = WebGUI::URL::page('op=viewMessageLog');