diff options
author | Mario Vavti <mario@mariovavti.com> | 2016-08-10 16:17:09 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2016-08-10 16:17:09 +0200 |
commit | 82e867a9a8008c4fb3e7ed9e9408bd9e38bf7ff2 (patch) | |
tree | b492301bfecb46f6be20618f4e801387928ef0eb | |
parent | 7a557d31e026705fc3bd2d4f39c4c679449cef56 (diff) | |
download | volse-hubzilla-82e867a9a8008c4fb3e7ed9e9408bd9e38bf7ff2.tar.gz volse-hubzilla-82e867a9a8008c4fb3e7ed9e9408bd9e38bf7ff2.tar.bz2 volse-hubzilla-82e867a9a8008c4fb3e7ed9e9408bd9e38bf7ff2.zip |
implement acl for folder creation
-rw-r--r-- | Zotlabs/Module/File_upload.php | 23 | ||||
-rw-r--r-- | Zotlabs/Storage/Browser.php | 5 | ||||
-rw-r--r-- | include/attach.php | 16 | ||||
-rw-r--r-- | view/tpl/cloud_actionspanel.tpl | 26 |
4 files changed, 53 insertions, 17 deletions
diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php index 999b241f1..d5c0c7e05 100644 --- a/Zotlabs/Module/File_upload.php +++ b/Zotlabs/Module/File_upload.php @@ -21,18 +21,23 @@ class File_upload extends \Zotlabs\Web\Controller { $_REQUEST['source'] = 'file_upload'; - if($channel['channel_id'] != local_channel()) { - $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); - $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); - $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); - $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); - } + if($channel['channel_id'] != local_channel()) { + $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); + $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); + $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); + $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); + } - if($_REQUEST['directory_name']) + if($_REQUEST['filename']) { + $_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']); + $_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']); + $_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']); + $_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']); $r = attach_mkdir($channel,get_observer_hash(),$_REQUEST); - else + } + else { $r = attach_store($channel,get_observer_hash(), '', $_REQUEST); - + } goaway(z_root() . '/' . $_REQUEST['return_url']); } diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php index e72c4fb62..948f7c733 100644 --- a/Zotlabs/Storage/Browser.php +++ b/Zotlabs/Storage/Browser.php @@ -316,6 +316,8 @@ class Browser extends DAV\Browser\Plugin { $quota['desc'] = $quotaDesc; $quota['warning'] = ((($limit) && ((round($used / $limit, 1) * 100) >= 90)) ? t('WARNING:') : ''); // 10485760 bytes = 100MB + $path = trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/'); + $output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array( '$folder_header' => t('Create new folder'), '$folder_submit' => t('Create'), @@ -330,7 +332,8 @@ class Browser extends DAV\Browser\Plugin { '$deny_gid' => acl2json($channel_acl['deny_gid']), '$lockstate' => $lockstate, '$return_url' => \App::$cmd, - '$path' => trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/'), + '$path' => $path, + '$folder' => find_folder_hash_by_path($this->auth->owner_id, $path), '$dragdroptext' => t('Drop files here to immediately upload') )); } diff --git a/include/attach.php b/include/attach.php index e15f08bd4..172840b96 100644 --- a/include/attach.php +++ b/include/attach.php @@ -1438,6 +1438,22 @@ logger('attach_hash: ' . $attachHash); return $hash; } +function find_folder_hash_by_path($channel_id, $path) { + + $filename = end(explode('/', $path)); + + $r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' LIMIT 1", + intval($channel_id), + dbesc($filename) + ); + + $hash = ''; + if($r && $r[0]['hash']) { + $hash = $r[0]['hash']; + } + return $hash; +} + /** * @brief Returns the filename of an attachment in a given channel. * diff --git a/view/tpl/cloud_actionspanel.tpl b/view/tpl/cloud_actionspanel.tpl index d27b3f42d..b851e391e 100644 --- a/view/tpl/cloud_actionspanel.tpl +++ b/view/tpl/cloud_actionspanel.tpl @@ -1,15 +1,27 @@ <div id="files-mkdir-tools" class="section-content-tools-wrapper"> <label for="files-mkdir">{{$folder_header}}</label> - <form method="post" action=""> - <input type="hidden" name="sabreAction" value="mkcol"> - <input id="files-mkdir" type="text" name="name" class="form-control form-group"> - <button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button> + <form id="mkdir-form" method="post" action="file_upload" class="acl-form" data-form_id="mkdir-form" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'> + <!--input type="hidden" name="sabreAction" value="mkcol"--> + <input type="hidden" name="folder" value="{{$folder}}" /> + <input type="hidden" name="channick" value="{{$channick}}" /> + <input type="hidden" name="return_url" value="{{$return_url}}" /> + <input id="files-mkdir" type="text" name="filename" class="form-control form-group"> + <div class="pull-right btn-group"> + <div class="btn-group"> + {{if $lockstate}} + <button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button"> + <i class="jot-perms-icon fa fa-{{$lockstate}}"></i> + </button> + {{/if}} + <button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button> + </div> + </div> </form> <div class="clear"></div> </div> <div id="files-upload-tools" class="section-content-tools-wrapper"> {{if $quota.limit || $quota.used}}<div class="{{if $quota.warning}}section-content-danger-wrapper{{else}}section-content-info-wrapper{{/if}}">{{if $quota.warning}}<strong>{{$quota.warning}} </strong>{{/if}}{{$quota.desc}}</div>{{/if}} - <form id="ajax-upload-files" method="post" action="file_upload" enctype="multipart/form-data" class="acl-form" data-form_id="ajax-upload-files" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'> + <form id="ajax-upload-files" method="post" action="file_upload" enctype="multipart/form-data" class="acl-form" data-form_id="ajax-upload-files" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'> <input type="hidden" name="directory" value="{{$path}}" /> <input type="hidden" name="channick" value="{{$channick}}" /> <input type="hidden" name="return_url" value="{{$return_url}}" /> @@ -18,8 +30,8 @@ <div class="pull-right btn-group"> <div class="btn-group"> {{if $lockstate}} - <button id="dbtn-acl" class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" onclick="return false;"> - <i id="jot-perms-icon" class="fa fa-{{$lockstate}}"></i> + <button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button"> + <i class="jot-perms-icon fa fa-{{$lockstate}}"></i> </button> {{/if}} <button id="upload-submit" class="btn btn-primary btn-sm pull-right" type="submit" name="submit" value="{{$upload_submit}}">{{$upload_submit}}</button> |