diff options
author | Andrew Manning <tamanning@zoho.com> | 2016-05-29 21:23:56 -0400 |
---|---|---|
committer | Andrew Manning <tamanning@zoho.com> | 2016-05-29 21:23:56 -0400 |
commit | 4b350b909025ba2102d5ad2c5ee32b3c4eecaa48 (patch) | |
tree | daf198beaba4a45e1256ae03015c6d94277cfb9b | |
parent | a3dfdd9d3886451f5e97940387a56171c5810cf6 (diff) | |
download | volse-hubzilla-4b350b909025ba2102d5ad2c5ee32b3c4eecaa48.tar.gz volse-hubzilla-4b350b909025ba2102d5ad2c5ee32b3c4eecaa48.tar.bz2 volse-hubzilla-4b350b909025ba2102d5ad2c5ee32b3c4eecaa48.zip |
Fixed bug in access control. Hide new wiki/page buttons if not channel owner.
-rw-r--r-- | Zotlabs/Module/Wiki.php | 2 | ||||
-rw-r--r-- | include/wiki.php | 6 | ||||
-rw-r--r-- | view/tpl/wiki.tpl | 2 |
3 files changed, 3 insertions, 7 deletions
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 946529424..030e34cf6 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -97,10 +97,8 @@ class Wiki extends \Zotlabs\Web\Controller { $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename)); if(!$p['success']) { - logger('wiki_get_page_content: ' . $p['message']); $content = 'Error retrieving page content. Try again.'; } - logger('content: ' . $content); $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); $hide_editor = false; $showPageControls = $wiki_owner; diff --git a/include/wiki.php b/include/wiki.php index 54644dd18..70788eed2 100644 --- a/include/wiki.php +++ b/include/wiki.php @@ -8,11 +8,7 @@ use \Zotlabs\Storage\GitRepo as GitRepo; define ( 'WIKI_ITEM_RESOURCE_TYPE', 'wiki' ); function wiki_list($channel, $observer_hash) { - if (local_channel() || remote_channel()) { - $sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash); - } else { - $sql_extra = " AND item_private = 0 "; - } + $sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash); $wikis = q("SELECT * FROM item WHERE resource_type = '%s' AND mid = parent_mid AND item_deleted = 0 $sql_extra", dbesc(WIKI_ITEM_RESOURCE_TYPE) ); diff --git a/view/tpl/wiki.tpl b/view/tpl/wiki.tpl index a6f274bfb..e6e8c720b 100644 --- a/view/tpl/wiki.tpl +++ b/view/tpl/wiki.tpl @@ -14,8 +14,10 @@ <div class="generic-content-wrapper"> <div class="section-title-wrapper"> <div class="pull-right"> + {{if $showPageControls}} <button class="btn btn-primary btn-xs" onclick="$('#new-page-form-wrapper').hide(); openClose('new-wiki-form-wrapper');">New Wiki</button> <button class="btn btn-success btn-xs" onclick="$('#new-wiki-form-wrapper').hide(); openClose('new-page-form-wrapper');">New Page</button> + {{/if}} <button id="fullscreen-btn" type="button" class="btn btn-default btn-xs" onclick="makeFullScreen(); adjustFullscreenTopBarHeight();"><i class="fa fa-expand"></i></button> <button id="inline-btn" type="button" class="btn btn-default btn-xs" onclick="makeFullScreen(false); |