r31k
/
bludit
2
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

API, write permissions

This commit is contained in:
Diego Najar 2017-09-23 13:10:05 +02:00
parent 1bd75ac2ee
commit 5f6c43e73d
5 changed files with 46 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
bl-kernel/dbpages.class.php
View File

@ -10,7 +10,7 @@ class dbPages extends dbJSON
'description'=> array('inFile'=>false, 'value'=>''), 'description'=> array('inFile'=>false, 'value'=>''),
'username'=> array('inFile'=>false, 'value'=>''), 'username'=> array('inFile'=>false, 'value'=>''),
'tags'=> array('inFile'=>false, 'value'=>array()), 'tags'=> array('inFile'=>false, 'value'=>array()),
'status'=> array('inFile'=>false, 'value'=>'draft'), // published, draft, scheduled 'status'=> array('inFile'=>false, 'value'=>'published'), // published, draft, scheduled
'date'=> array('inFile'=>false, 'value'=>''), 'date'=> array('inFile'=>false, 'value'=>''),
'dateModified'=> array('inFile'=>false, 'value'=>''), 'dateModified'=> array('inFile'=>false, 'value'=>''),
'position'=> array('inFile'=>false, 'value'=>0), 'position'=> array('inFile'=>false, 'value'=>0),
@ -142,8 +142,8 @@ class dbPages extends dbJSON
} }
} }
} else { } else {
// Default value for the field // By default is the current value
$value = $options['value']; $value = $this->db[$args['key']][$field];
} }
$args[$field] = $value; $args[$field] = $value;
@ -158,9 +158,6 @@ class dbPages extends dbJSON
$args['date'] = $this->db[$args['key']]['date']; $args['date'] = $this->db[$args['key']]['date'];
} }
// Current UUID
$args['uuid'] = $this->db[$args['key']]['uuid'];
// Date // Date
$currentDate = Date::current(DB_DATE_FORMAT); $currentDate = Date::current(DB_DATE_FORMAT);

2
bl-kernel/dbusers.class.php
View File

@ -108,10 +108,8 @@ class dbUsers extends dbJSON
foreach ($this->db[$username] as $key=>$value) { foreach ($this->db[$username] as $key=>$value) {
$User->setField($key, $value); $User->setField($key, $value);
} }
return $User; return $User;
} }
return false; return false;
} }

24
bl-kernel/functions.php
View File

@ -349,10 +349,15 @@ function editPage($args) {
global $dbPages; global $dbPages;
global $Syslog; global $Syslog;
// The user is always the one loggued // Check the key is not empty
$args['username'] = Session::get('username'); if (empty($args['key'])) {
if ( empty($args['username']) ) { Log::set('Function editPage()'.LOG_SEP.'Empty key.');
Log::set('Function editPage()'.LOG_SEP.'Empty username.'); return false;
}
// Check if the page key exist
if (!$dbPages->exists($args['key'])) {
Log::set('Function editPage()'.LOG_SEP.'Page key does not exist, '.$args['key']);
return false; return false;
} }
@ -362,6 +367,17 @@ function editPage($args) {
unset($args['externalCoverImage']); unset($args['externalCoverImage']);
} }
// Title and content need to be here because from inside the dbPages is not visible
if (empty($args['title']) || empty($args['content'])) {
$page = buildPage($args['key']);
if (empty($args['title'])) {
$args['title'] = $page->title();
}
if (empty($args['content'])) {
$args['content'] = $page->contentRaw();
}
}
$key = $dbPages->edit($args); $key = $dbPages->edit($args);
if ($key) { if ($key) {
// Call the plugins after page modified // Call the plugins after page modified

15
bl-plugins/api/plugin.php
View File

@ -91,13 +91,20 @@ class pluginAPI extends Plugin {
// ------------------------------------------------------------ // ------------------------------------------------------------
$writePermissions = false; $writePermissions = false;
if ( !empty($inputs['authentication']) ) { if ( !empty($inputs['authentication']) ) {
// Get the user with the authentication token
// Get the user with the authentication token, FALSE if doesn't exit
$username = $dbUsers->getByAuthToken($inputs['authentication']); $username = $dbUsers->getByAuthToken($inputs['authentication']);
if ($username!==false) { if ($username!==false) {
// Enable write permissions
$writePermissions = true; // Get the object user to check the role
$user = $dbUsers->getUser($username);
if ($user->role()=='admin') {
// Loggin the user to create the session // Loggin the user to create the session
$Login->setLogin($username, 'admin'); $Login->setLogin($username, 'admin');
// Enable write permissions
$writePermissions = true;
}
} }
} }
@ -270,7 +277,7 @@ class pluginAPI extends Plugin {
{ {
// This function is defined on functions.php // This function is defined on functions.php
$key = createPage($args); $key = createPage($args);
var_dump($key);exit;
if ($key===false) { if ($key===false) {
return array( return array(
'status'=>'1', 'status'=>'1',

3
install.php
View File

@ -367,6 +367,7 @@ function install($adminPassword, $email, $timezone)
// File users.php // File users.php
$salt = uniqid(); $salt = uniqid();
$passwordHash = sha1($adminPassword.$salt); $passwordHash = sha1($adminPassword.$salt);
$tokenAuth = md5( uniqid().time().DOMAIN );
$data = array( $data = array(
'admin'=>array( 'admin'=>array(
@ -379,7 +380,7 @@ function install($adminPassword, $email, $timezone)
'registered'=>$currentDate, 'registered'=>$currentDate,
'tokenEmail'=>'', 'tokenEmail'=>'',
'tokenEmailTTL'=>'2009-03-15 14:00', 'tokenEmailTTL'=>'2009-03-15 14:00',
'tokenAuth'=>'', 'tokenAuth'=>$tokenAuth,
'tokenAuthTTL'=>'2009-03-15 14:00', 'tokenAuthTTL'=>'2009-03-15 14:00',
'twitter'=>'', 'twitter'=>'',
'facebook'=>'', 'facebook'=>'',