aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Manning <tamanning@zoho.com>2016-05-29 21:23:56 -0400
committerAndrew Manning <tamanning@zoho.com>2016-05-29 21:23:56 -0400
commit4b350b909025ba2102d5ad2c5ee32b3c4eecaa48 (patch)
treedaf198beaba4a45e1256ae03015c6d94277cfb9b
parenta3dfdd9d3886451f5e97940387a56171c5810cf6 (diff)
downloadvolse-hubzilla-4b350b909025ba2102d5ad2c5ee32b3c4eecaa48.tar.gz
volse-hubzilla-4b350b909025ba2102d5ad2c5ee32b3c4eecaa48.tar.bz2
volse-hubzilla-4b350b909025ba2102d5ad2c5ee32b3c4eecaa48.zip
Fixed bug in access control. Hide new wiki/page buttons if not channel owner.
-rw-r--r--Zotlabs/Module/Wiki.php2
-rw-r--r--include/wiki.php6
-rw-r--r--view/tpl/wiki.tpl2
3 files changed, 3 insertions, 7 deletions
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php
index 946529424..030e34cf6 100644
--- a/Zotlabs/Module/Wiki.php
+++ b/Zotlabs/Module/Wiki.php
@@ -97,10 +97,8 @@ class Wiki extends \Zotlabs\Web\Controller {
$wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page
$p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename));
if(!$p['success']) {
- logger('wiki_get_page_content: ' . $p['message']);
$content = 'Error retrieving page content. Try again.';
}
- logger('content: ' . $content);
$content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"');
$hide_editor = false;
$showPageControls = $wiki_owner;
diff --git a/include/wiki.php b/include/wiki.php
index 54644dd18..70788eed2 100644
--- a/include/wiki.php
+++ b/include/wiki.php
@@ -8,11 +8,7 @@ use \Zotlabs\Storage\GitRepo as GitRepo;
define ( 'WIKI_ITEM_RESOURCE_TYPE', 'wiki' );
function wiki_list($channel, $observer_hash) {
- if (local_channel() || remote_channel()) {
- $sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
- } else {
- $sql_extra = " AND item_private = 0 ";
- }
+ $sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
$wikis = q("SELECT * FROM item WHERE resource_type = '%s' AND mid = parent_mid AND item_deleted = 0 $sql_extra",
dbesc(WIKI_ITEM_RESOURCE_TYPE)
);
diff --git a/view/tpl/wiki.tpl b/view/tpl/wiki.tpl
index a6f274bfb..e6e8c720b 100644
--- a/view/tpl/wiki.tpl
+++ b/view/tpl/wiki.tpl
@@ -14,8 +14,10 @@
<div class="generic-content-wrapper">
<div class="section-title-wrapper">
<div class="pull-right">
+ {{if $showPageControls}}
<button class="btn btn-primary btn-xs" onclick="$('#new-page-form-wrapper').hide(); openClose('new-wiki-form-wrapper');">New Wiki</button>
<button class="btn btn-success btn-xs" onclick="$('#new-wiki-form-wrapper').hide(); openClose('new-page-form-wrapper');">New Page</button>
+ {{/if}}
<button id="fullscreen-btn" type="button" class="btn btn-default btn-xs" onclick="makeFullScreen();
adjustFullscreenTopBarHeight();"><i class="fa fa-expand"></i></button>
<button id="inline-btn" type="button" class="btn btn-default btn-xs" onclick="makeFullScreen(false);