API, write permissions
This commit is contained in:
parent
1bd75ac2ee
commit
5f6c43e73d
@ -10,7 +10,7 @@ class dbPages extends dbJSON
|
||||
'description'=> array('inFile'=>false, 'value'=>''),
|
||||
'username'=> array('inFile'=>false, 'value'=>''),
|
||||
'tags'=> array('inFile'=>false, 'value'=>array()),
|
||||
'status'=> array('inFile'=>false, 'value'=>'draft'), // published, draft, scheduled
|
||||
'status'=> array('inFile'=>false, 'value'=>'published'), // published, draft, scheduled
|
||||
'date'=> array('inFile'=>false, 'value'=>''),
|
||||
'dateModified'=> array('inFile'=>false, 'value'=>''),
|
||||
'position'=> array('inFile'=>false, 'value'=>0),
|
||||
@ -142,8 +142,8 @@ class dbPages extends dbJSON
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// Default value for the field
|
||||
$value = $options['value'];
|
||||
// By default is the current value
|
||||
$value = $this->db[$args['key']][$field];
|
||||
}
|
||||
|
||||
$args[$field] = $value;
|
||||
@ -158,9 +158,6 @@ class dbPages extends dbJSON
|
||||
$args['date'] = $this->db[$args['key']]['date'];
|
||||
}
|
||||
|
||||
// Current UUID
|
||||
$args['uuid'] = $this->db[$args['key']]['uuid'];
|
||||
|
||||
// Date
|
||||
$currentDate = Date::current(DB_DATE_FORMAT);
|
||||
|
||||
@ -192,9 +189,9 @@ class dbPages extends dbJSON
|
||||
}
|
||||
}
|
||||
|
||||
if( $climode===false ) {
|
||||
if ($climode===false) {
|
||||
// Move the directory from old key to new key.
|
||||
if($newKey!==$args['key']) {
|
||||
if ($newKey!==$args['key']) {
|
||||
if( Filesystem::mv(PATH_PAGES.$args['key'], PATH_PAGES.$newKey) === false ) {
|
||||
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to move the directory to '.PATH_PAGES.$newKey);
|
||||
return false;
|
||||
@ -203,7 +200,7 @@ class dbPages extends dbJSON
|
||||
|
||||
// Make the index.txt and save the file.
|
||||
$data = implode("\n", $dataForFile);
|
||||
if( file_put_contents(PATH_PAGES.$newKey.DS.FILENAME, $data) === false ) {
|
||||
if (file_put_contents(PATH_PAGES.$newKey.DS.FILENAME, $data)===false) {
|
||||
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to put the content in the file '.FILENAME);
|
||||
return false;
|
||||
}
|
||||
|
@ -105,13 +105,11 @@ class dbUsers extends dbJSON
|
||||
$User = new User();
|
||||
$User->setField('username', $username);
|
||||
|
||||
foreach($this->db[$username] as $key=>$value) {
|
||||
foreach ($this->db[$username] as $key=>$value) {
|
||||
$User->setField($key, $value);
|
||||
}
|
||||
|
||||
return $User;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -152,8 +150,8 @@ class dbUsers extends dbJSON
|
||||
// Return the username associated to an email, FALSE otherwise
|
||||
public function getByEmail($email)
|
||||
{
|
||||
foreach($this->db as $username=>$values) {
|
||||
if($values['email']==$email) {
|
||||
foreach ($this->db as $username=>$values) {
|
||||
if ($values['email']==$email) {
|
||||
return $username;
|
||||
}
|
||||
}
|
||||
@ -163,8 +161,8 @@ class dbUsers extends dbJSON
|
||||
// Returns the username with the authentication token assigned, FALSE otherwise
|
||||
public function getByAuthToken($token)
|
||||
{
|
||||
foreach($this->db as $username=>$fields) {
|
||||
if($fields['tokenAuth']==$token) {
|
||||
foreach ($this->db as $username=>$fields) {
|
||||
if ($fields['tokenAuth']==$token) {
|
||||
return $username;
|
||||
}
|
||||
}
|
||||
|
@ -349,10 +349,15 @@ function editPage($args) {
|
||||
global $dbPages;
|
||||
global $Syslog;
|
||||
|
||||
// The user is always the one loggued
|
||||
$args['username'] = Session::get('username');
|
||||
if ( empty($args['username']) ) {
|
||||
Log::set('Function editPage()'.LOG_SEP.'Empty username.');
|
||||
// Check the key is not empty
|
||||
if (empty($args['key'])) {
|
||||
Log::set('Function editPage()'.LOG_SEP.'Empty key.');
|
||||
return false;
|
||||
}
|
||||
|
||||
// Check if the page key exist
|
||||
if (!$dbPages->exists($args['key'])) {
|
||||
Log::set('Function editPage()'.LOG_SEP.'Page key does not exist, '.$args['key']);
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -362,6 +367,17 @@ function editPage($args) {
|
||||
unset($args['externalCoverImage']);
|
||||
}
|
||||
|
||||
// Title and content need to be here because from inside the dbPages is not visible
|
||||
if (empty($args['title']) || empty($args['content'])) {
|
||||
$page = buildPage($args['key']);
|
||||
if (empty($args['title'])) {
|
||||
$args['title'] = $page->title();
|
||||
}
|
||||
if (empty($args['content'])) {
|
||||
$args['content'] = $page->contentRaw();
|
||||
}
|
||||
}
|
||||
|
||||
$key = $dbPages->edit($args);
|
||||
if ($key) {
|
||||
// Call the plugins after page modified
|
||||
|
@ -91,13 +91,20 @@ class pluginAPI extends Plugin {
|
||||
// ------------------------------------------------------------
|
||||
$writePermissions = false;
|
||||
if ( !empty($inputs['authentication']) ) {
|
||||
// Get the user with the authentication token
|
||||
|
||||
// Get the user with the authentication token, FALSE if doesn't exit
|
||||
$username = $dbUsers->getByAuthToken($inputs['authentication']);
|
||||
if ($username!==false) {
|
||||
// Enable write permissions
|
||||
$writePermissions = true;
|
||||
// Loggin the user to create the session
|
||||
$Login->setLogin($username, 'admin');
|
||||
|
||||
// Get the object user to check the role
|
||||
$user = $dbUsers->getUser($username);
|
||||
if ($user->role()=='admin') {
|
||||
|
||||
// Loggin the user to create the session
|
||||
$Login->setLogin($username, 'admin');
|
||||
// Enable write permissions
|
||||
$writePermissions = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -270,7 +277,7 @@ class pluginAPI extends Plugin {
|
||||
{
|
||||
// This function is defined on functions.php
|
||||
$key = createPage($args);
|
||||
var_dump($key);exit;
|
||||
|
||||
if ($key===false) {
|
||||
return array(
|
||||
'status'=>'1',
|
||||
|
@ -367,6 +367,7 @@ function install($adminPassword, $email, $timezone)
|
||||
// File users.php
|
||||
$salt = uniqid();
|
||||
$passwordHash = sha1($adminPassword.$salt);
|
||||
$tokenAuth = md5( uniqid().time().DOMAIN );
|
||||
|
||||
$data = array(
|
||||
'admin'=>array(
|
||||
@ -379,7 +380,7 @@ function install($adminPassword, $email, $timezone)
|
||||
'registered'=>$currentDate,
|
||||
'tokenEmail'=>'',
|
||||
'tokenEmailTTL'=>'2009-03-15 14:00',
|
||||
'tokenAuth'=>'',
|
||||
'tokenAuth'=>$tokenAuth,
|
||||
'tokenAuthTTL'=>'2009-03-15 14:00',
|
||||
'twitter'=>'',
|
||||
'facebook'=>'',
|
||||
|
Loading…
Reference in New Issue
Block a user