diff options
Diffstat (limited to 'core/views')
| -rw-r--r-- | core/views/permissions_browse.html.php | 12 | ||||
| -rw-r--r-- | core/views/permissions_form.html.php | 41 |
2 files changed, 34 insertions, 19 deletions
diff --git a/core/views/permissions_browse.html.php b/core/views/permissions_browse.html.php index 599ba520..56076b4d 100644 --- a/core/views/permissions_browse.html.php +++ b/core/views/permissions_browse.html.php @@ -1,9 +1,10 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> <script src="<?= url::file("lib/jquery.js") ?>" type="text/javascript"></script> <script type="text/javascript"> - show = function(id, form_url) { + var form_url = "<?= url::site("permissions/form/__ITEM__") ?>"; + show = function(id) { $.ajax({ - url: form_url, + url: form_url.replace("__ITEM__", id), success: function(data) { $("div.form").slideUp(); $("div#edit-" + id).html(data).slideDown(); @@ -11,8 +12,7 @@ }); } - var action_url = "<?= url::site("permissions/__CMD__/__GROUP__/__PERM__/__ITEM__?csrf=" . access::csrf_token()) ?>"; - var form_url = "<?= url::site("permissions/form/__ITEM__") ?>"; + var action_url = "<?= url::site("permissions/change/__CMD__/__GROUP__/__PERM__/__ITEM__?csrf=" . access::csrf_token()) ?>"; set = function(cmd, group_id, perm_id, item_id) { $.ajax({ url: action_url.replace("__CMD__", cmd).replace("__GROUP__", group_id). @@ -27,14 +27,14 @@ <ul> <? foreach ($parents as $parent): ?> <li> - <a href="javascript:show(<?= $parent->id ?>,'<?= url::site("permissions/form/$parent->id") ?>')"> + <a href="javascript:show(<?= $parent->id ?>)"> <?= $parent->title ?> </a> <div class="form" id="edit-<?= $parent->id ?>"></div> <ul> <? endforeach ?> <li> - <a href="javascript:show(<?= $item->id ?>,'<?= url::site("permissions/form/$item->id") ?>')"> + <a href="javascript:show(<?= $item->id ?>)"> <?= $item->title ?> </a> <div class="form" id="edit-<?= $item->id ?>"> diff --git a/core/views/permissions_form.html.php b/core/views/permissions_form.html.php index 80fbedf6..d0b605e2 100644 --- a/core/views/permissions_form.html.php +++ b/core/views/permissions_form.html.php @@ -15,20 +15,35 @@ <td> <?= _($permission->display_name) ?> </td> <? foreach ($groups as $group): ?> <td> - <? $locked = access::locking_items($group, $permission->name, $item) ?> + <? $intent = access::group_intent($group, $permission->name, $item) ?> <? $allowed = access::group_can($group, $permission->name, $item) ?> - <? if ($locked && $allowed): ?> - allowed <a href="#">locked</a> - <? elseif ($locked && !$allowed): ?> - denied <a href="#">locked</a> - <? elseif ($allowed): ?> - <a href="javascript:set('deny',<?= $group->id ?>,<?= $permission->id ?>,<?= $item->id ?>)"> - <?= _("allowed") ?> - </a> - <? elseif (!$allowed): ?> - <a href="javascript:set('allow',<?= $group->id ?>,<?= $permission->id ?>,<?= $item->id ?>)"> - <?= _("denied") ?> - </a> + <? $lock = access::locked_by($group, $permission->name, $item) ?> + + <? if ($lock): ?> + + <? if ($allowed): ?> + allowed + <? else: ?> + denied + <? endif ?> + + <a href="javascript:show(<?= $lock->id ?>)">(parental lock)</a> + <? else: ?> + + <? if ($allowed): ?> + <a href="javascript:set('deny',<?= $group->id ?>,<?= $permission->id ?>,<?= $item->id ?>)">allowed</a> + <? else: ?> + <a href="javascript:set('allow',<?= $group->id ?>,<?= $permission->id ?>,<?= $item->id ?>)">denied</a> + <? endif ?> + + <? if ($intent === null): ?> + (from parent) + <? else: ?> + <? if ($item->id != 1): ?> + <a href="javascript:set('reset',<?= $group->id ?>,<?= $permission->id ?>,<?= $item->id ?>)">(reset to parent)</a> + <? endif ?> + <? endif ?> + <? endif ?> </td> <? endforeach ?> |