diff options
| -rw-r--r-- | core/controllers/permissions.php | 31 | ||||
| -rw-r--r-- | core/helpers/core_menu.php | 2 | ||||
| -rw-r--r-- | core/views/permission_edit.html.php | 67 | ||||
| -rw-r--r-- | core/views/permission_form.html.php | 34 |
4 files changed, 86 insertions, 48 deletions
diff --git a/core/controllers/permissions.php b/core/controllers/permissions.php index 2e9dbda1..24ce7312 100644 --- a/core/controllers/permissions.php +++ b/core/controllers/permissions.php @@ -18,7 +18,7 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Permissions_Controller extends Controller { - function form_edit($id) { + function browse($id) { $item = ORM::factory("item", $id); access::required("edit", $item); @@ -28,25 +28,28 @@ class Permissions_Controller extends Controller { $view = new View("permission_edit.html"); $view->item = $item; - $view->groups = ORM::factory("group")->find_all(); - $view->permissions = ORM::factory("permission")->find_all(); + $view->parents = $item->parents(); + $view->form = $this->_get_form($item); + print $view; } - function edit($id) { - access::verify_csrf(); - + function form($id) { $item = ORM::factory("item", $id); access::required("edit", $item); - foreach (ORM::factory("group")->find_all() as $group) { - foreach (ORM::factory("permission")->find_all() as $permission) { - $perm_name = "{$permission->name}_$group->id"; - $value = $this->input->post($perm_name); - - // Set permissions here - } + if ($item->type != "album") { + access::forbidden(); } - url::redirect("form/edit/permissions/$item->id"); + + print $this->_get_form($item); + } + + function _get_form($item) { + $view = new View("permission_form.html"); + $view->item = $item; + $view->groups = ORM::factory("group")->find_all(); + $view->permissions = ORM::factory("permission")->find_all(); + return $view; } } diff --git a/core/helpers/core_menu.php b/core/helpers/core_menu.php index 5de2b0d7..9bf6de3f 100644 --- a/core/helpers/core_menu.php +++ b/core/helpers/core_menu.php @@ -59,7 +59,7 @@ class core_menu_Core { ->append(Menu::factory("dialog") ->id("edit_permissions") ->label(_("Edit permissions")) - ->url(url::site("form/edit/permissions/$item->id"))); + ->url(url::site("permissions/browse/$item->id"))); } } diff --git a/core/views/permission_edit.html.php b/core/views/permission_edit.html.php index 332d31ab..ee561091 100644 --- a/core/views/permission_edit.html.php +++ b/core/views/permission_edit.html.php @@ -1,37 +1,38 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> +<script src="<?= url::file("lib/jquery.js") ?>" type="text/javascript"></script> +<script type="text/javascript"> + show = function(id, form_url) { + $.ajax({ + url: form_url, + success: function(data) { + $("div.form").slideUp(); + var el = $("div#edit-" + id); + el.html(data).slideDown(); + } + }); + } +</script> <div id="gPermissions"> - <form method="post" action="<?= url::site("permissions/edit/$item->id") ?>"> - <?= access::csrf_form_field() ?> - - <table border=1> - <tr> - <th> </th> - <? foreach ($groups as $group): ?> - <th> <?= $group->name ?> </th> + <ul> + <? foreach ($parents as $parent): ?> + <li> + <a href="javascript:show(<?= $parent->id ?>,'<?= url::site("permissions/form/$parent->id") ?>')"> + <?= $parent->title ?> + </a> + <div class="form" id="edit-<?= $parent->id ?>"></div> + <ul> <? endforeach ?> - </tr> - - <? foreach ($permissions as $permission): ?> - <tr> - <td> <?= _($permission->display_name) ?> </td> - <? foreach ($groups as $group): ?> - <td> - <? $locked = access::locking_items($group, $permission->name, $item) ?> - <? $allowed = access::group_can($group, $permission->name, $item) ?> - <? if ($locked && $allowed): ?> - allowed <a href="#">locked</a> - <? elseif ($locked && !$allowed): ?> - denied <a href="#">locked</a> - <? elseif ($allowed): ?> - <a href="#">allowed</a> - <? elseif (!$allowed): ?> - <a href="#">denied</a> - <? endif ?> - </td> - <? endforeach ?> - </tr> - <? endforeach ?> - </table> - <input type="submit" value="<?= _("Save") ?>"/> - </form> + <li> + <a href="javascript:show(<?= $item->id ?>,'<?= url::site("permissions/form/$item->id") ?>')"> + <?= $item->title ?> + </a> + <div class="form" id="edit-<?= $item->id ?>"> + <?= $form ?> + </div> + </li> + <? foreach ($parents as $parent): ?> + </ul> + </li> + </ul> + <? endforeach ?> </div> diff --git a/core/views/permission_form.html.php b/core/views/permission_form.html.php new file mode 100644 index 00000000..4933d6f2 --- /dev/null +++ b/core/views/permission_form.html.php @@ -0,0 +1,34 @@ +<?php defined("SYSPATH") or die("No direct script access.") ?> +<form method="post" action="<?= url::site("permissions/edit/$item->id") ?>"> + <?= access::csrf_form_field() ?> + + <table border=1> + <tr> + <th> </th> + <? foreach ($groups as $group): ?> + <th> <?= $group->name ?> </th> + <? endforeach ?> + </tr> + + <? foreach ($permissions as $permission): ?> + <tr> + <td> <?= _($permission->display_name) ?> </td> + <? foreach ($groups as $group): ?> + <td> + <? $locked = access::locking_items($group, $permission->name, $item) ?> + <? $allowed = access::group_can($group, $permission->name, $item) ?> + <? if ($locked && $allowed): ?> + allowed <a href="#">locked</a> + <? elseif ($locked && !$allowed): ?> + denied <a href="#">locked</a> + <? elseif ($allowed): ?> + <a href="#">allowed</a> + <? elseif (!$allowed): ?> + <a href="#">denied</a> + <? endif ?> + </td> + <? endforeach ?> + </tr> + <? endforeach ?> + </table> +</form> |