From 610494296b7cb52e52ebcc99246bb48da9252546 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 31 Dec 2008 09:02:40 +0000 Subject: Turn permission dialog into a browser where you can look at permissions back up the tree --- core/controllers/permissions.php | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) (limited to 'core/controllers') diff --git a/core/controllers/permissions.php b/core/controllers/permissions.php index 2e9dbda1..24ce7312 100644 --- a/core/controllers/permissions.php +++ b/core/controllers/permissions.php @@ -18,7 +18,7 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Permissions_Controller extends Controller { - function form_edit($id) { + function browse($id) { $item = ORM::factory("item", $id); access::required("edit", $item); @@ -28,25 +28,28 @@ class Permissions_Controller extends Controller { $view = new View("permission_edit.html"); $view->item = $item; - $view->groups = ORM::factory("group")->find_all(); - $view->permissions = ORM::factory("permission")->find_all(); + $view->parents = $item->parents(); + $view->form = $this->_get_form($item); + print $view; } - function edit($id) { - access::verify_csrf(); - + function form($id) { $item = ORM::factory("item", $id); access::required("edit", $item); - foreach (ORM::factory("group")->find_all() as $group) { - foreach (ORM::factory("permission")->find_all() as $permission) { - $perm_name = "{$permission->name}_$group->id"; - $value = $this->input->post($perm_name); - - // Set permissions here - } + if ($item->type != "album") { + access::forbidden(); } - url::redirect("form/edit/permissions/$item->id"); + + print $this->_get_form($item); + } + + function _get_form($item) { + $view = new View("permission_form.html"); + $view->item = $item; + $view->groups = ORM::factory("group")->find_all(); + $view->permissions = ORM::factory("permission")->find_all(); + return $view; } } -- cgit v1.2.3