API, write permissions
This commit is contained in:
parent
1bd75ac2ee
commit
5f6c43e73d
|
@ -10,7 +10,7 @@ class dbPages extends dbJSON
|
||||||
'description'=> array('inFile'=>false, 'value'=>''),
|
'description'=> array('inFile'=>false, 'value'=>''),
|
||||||
'username'=> array('inFile'=>false, 'value'=>''),
|
'username'=> array('inFile'=>false, 'value'=>''),
|
||||||
'tags'=> array('inFile'=>false, 'value'=>array()),
|
'tags'=> array('inFile'=>false, 'value'=>array()),
|
||||||
'status'=> array('inFile'=>false, 'value'=>'draft'), // published, draft, scheduled
|
'status'=> array('inFile'=>false, 'value'=>'published'), // published, draft, scheduled
|
||||||
'date'=> array('inFile'=>false, 'value'=>''),
|
'date'=> array('inFile'=>false, 'value'=>''),
|
||||||
'dateModified'=> array('inFile'=>false, 'value'=>''),
|
'dateModified'=> array('inFile'=>false, 'value'=>''),
|
||||||
'position'=> array('inFile'=>false, 'value'=>0),
|
'position'=> array('inFile'=>false, 'value'=>0),
|
||||||
|
@ -142,8 +142,8 @@ class dbPages extends dbJSON
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// Default value for the field
|
// By default is the current value
|
||||||
$value = $options['value'];
|
$value = $this->db[$args['key']][$field];
|
||||||
}
|
}
|
||||||
|
|
||||||
$args[$field] = $value;
|
$args[$field] = $value;
|
||||||
|
@ -158,9 +158,6 @@ class dbPages extends dbJSON
|
||||||
$args['date'] = $this->db[$args['key']]['date'];
|
$args['date'] = $this->db[$args['key']]['date'];
|
||||||
}
|
}
|
||||||
|
|
||||||
// Current UUID
|
|
||||||
$args['uuid'] = $this->db[$args['key']]['uuid'];
|
|
||||||
|
|
||||||
// Date
|
// Date
|
||||||
$currentDate = Date::current(DB_DATE_FORMAT);
|
$currentDate = Date::current(DB_DATE_FORMAT);
|
||||||
|
|
||||||
|
@ -192,9 +189,9 @@ class dbPages extends dbJSON
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if( $climode===false ) {
|
if ($climode===false) {
|
||||||
// Move the directory from old key to new key.
|
// Move the directory from old key to new key.
|
||||||
if($newKey!==$args['key']) {
|
if ($newKey!==$args['key']) {
|
||||||
if( Filesystem::mv(PATH_PAGES.$args['key'], PATH_PAGES.$newKey) === false ) {
|
if( Filesystem::mv(PATH_PAGES.$args['key'], PATH_PAGES.$newKey) === false ) {
|
||||||
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to move the directory to '.PATH_PAGES.$newKey);
|
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to move the directory to '.PATH_PAGES.$newKey);
|
||||||
return false;
|
return false;
|
||||||
|
@ -203,7 +200,7 @@ class dbPages extends dbJSON
|
||||||
|
|
||||||
// Make the index.txt and save the file.
|
// Make the index.txt and save the file.
|
||||||
$data = implode("\n", $dataForFile);
|
$data = implode("\n", $dataForFile);
|
||||||
if( file_put_contents(PATH_PAGES.$newKey.DS.FILENAME, $data) === false ) {
|
if (file_put_contents(PATH_PAGES.$newKey.DS.FILENAME, $data)===false) {
|
||||||
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to put the content in the file '.FILENAME);
|
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to put the content in the file '.FILENAME);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -105,13 +105,11 @@ class dbUsers extends dbJSON
|
||||||
$User = new User();
|
$User = new User();
|
||||||
$User->setField('username', $username);
|
$User->setField('username', $username);
|
||||||
|
|
||||||
foreach($this->db[$username] as $key=>$value) {
|
foreach ($this->db[$username] as $key=>$value) {
|
||||||
$User->setField($key, $value);
|
$User->setField($key, $value);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $User;
|
return $User;
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -152,8 +150,8 @@ class dbUsers extends dbJSON
|
||||||
// Return the username associated to an email, FALSE otherwise
|
// Return the username associated to an email, FALSE otherwise
|
||||||
public function getByEmail($email)
|
public function getByEmail($email)
|
||||||
{
|
{
|
||||||
foreach($this->db as $username=>$values) {
|
foreach ($this->db as $username=>$values) {
|
||||||
if($values['email']==$email) {
|
if ($values['email']==$email) {
|
||||||
return $username;
|
return $username;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -163,8 +161,8 @@ class dbUsers extends dbJSON
|
||||||
// Returns the username with the authentication token assigned, FALSE otherwise
|
// Returns the username with the authentication token assigned, FALSE otherwise
|
||||||
public function getByAuthToken($token)
|
public function getByAuthToken($token)
|
||||||
{
|
{
|
||||||
foreach($this->db as $username=>$fields) {
|
foreach ($this->db as $username=>$fields) {
|
||||||
if($fields['tokenAuth']==$token) {
|
if ($fields['tokenAuth']==$token) {
|
||||||
return $username;
|
return $username;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -349,10 +349,15 @@ function editPage($args) {
|
||||||
global $dbPages;
|
global $dbPages;
|
||||||
global $Syslog;
|
global $Syslog;
|
||||||
|
|
||||||
// The user is always the one loggued
|
// Check the key is not empty
|
||||||
$args['username'] = Session::get('username');
|
if (empty($args['key'])) {
|
||||||
if ( empty($args['username']) ) {
|
Log::set('Function editPage()'.LOG_SEP.'Empty key.');
|
||||||
Log::set('Function editPage()'.LOG_SEP.'Empty username.');
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if the page key exist
|
||||||
|
if (!$dbPages->exists($args['key'])) {
|
||||||
|
Log::set('Function editPage()'.LOG_SEP.'Page key does not exist, '.$args['key']);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -362,6 +367,17 @@ function editPage($args) {
|
||||||
unset($args['externalCoverImage']);
|
unset($args['externalCoverImage']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Title and content need to be here because from inside the dbPages is not visible
|
||||||
|
if (empty($args['title']) || empty($args['content'])) {
|
||||||
|
$page = buildPage($args['key']);
|
||||||
|
if (empty($args['title'])) {
|
||||||
|
$args['title'] = $page->title();
|
||||||
|
}
|
||||||
|
if (empty($args['content'])) {
|
||||||
|
$args['content'] = $page->contentRaw();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$key = $dbPages->edit($args);
|
$key = $dbPages->edit($args);
|
||||||
if ($key) {
|
if ($key) {
|
||||||
// Call the plugins after page modified
|
// Call the plugins after page modified
|
||||||
|
|
|
@ -91,13 +91,20 @@ class pluginAPI extends Plugin {
|
||||||
// ------------------------------------------------------------
|
// ------------------------------------------------------------
|
||||||
$writePermissions = false;
|
$writePermissions = false;
|
||||||
if ( !empty($inputs['authentication']) ) {
|
if ( !empty($inputs['authentication']) ) {
|
||||||
// Get the user with the authentication token
|
|
||||||
|
// Get the user with the authentication token, FALSE if doesn't exit
|
||||||
$username = $dbUsers->getByAuthToken($inputs['authentication']);
|
$username = $dbUsers->getByAuthToken($inputs['authentication']);
|
||||||
if ($username!==false) {
|
if ($username!==false) {
|
||||||
// Enable write permissions
|
|
||||||
$writePermissions = true;
|
// Get the object user to check the role
|
||||||
// Loggin the user to create the session
|
$user = $dbUsers->getUser($username);
|
||||||
$Login->setLogin($username, 'admin');
|
if ($user->role()=='admin') {
|
||||||
|
|
||||||
|
// Loggin the user to create the session
|
||||||
|
$Login->setLogin($username, 'admin');
|
||||||
|
// Enable write permissions
|
||||||
|
$writePermissions = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -270,7 +277,7 @@ class pluginAPI extends Plugin {
|
||||||
{
|
{
|
||||||
// This function is defined on functions.php
|
// This function is defined on functions.php
|
||||||
$key = createPage($args);
|
$key = createPage($args);
|
||||||
var_dump($key);exit;
|
|
||||||
if ($key===false) {
|
if ($key===false) {
|
||||||
return array(
|
return array(
|
||||||
'status'=>'1',
|
'status'=>'1',
|
||||||
|
|
|
@ -367,6 +367,7 @@ function install($adminPassword, $email, $timezone)
|
||||||
// File users.php
|
// File users.php
|
||||||
$salt = uniqid();
|
$salt = uniqid();
|
||||||
$passwordHash = sha1($adminPassword.$salt);
|
$passwordHash = sha1($adminPassword.$salt);
|
||||||
|
$tokenAuth = md5( uniqid().time().DOMAIN );
|
||||||
|
|
||||||
$data = array(
|
$data = array(
|
||||||
'admin'=>array(
|
'admin'=>array(
|
||||||
|
@ -379,7 +380,7 @@ function install($adminPassword, $email, $timezone)
|
||||||
'registered'=>$currentDate,
|
'registered'=>$currentDate,
|
||||||
'tokenEmail'=>'',
|
'tokenEmail'=>'',
|
||||||
'tokenEmailTTL'=>'2009-03-15 14:00',
|
'tokenEmailTTL'=>'2009-03-15 14:00',
|
||||||
'tokenAuth'=>'',
|
'tokenAuth'=>$tokenAuth,
|
||||||
'tokenAuthTTL'=>'2009-03-15 14:00',
|
'tokenAuthTTL'=>'2009-03-15 14:00',
|
||||||
'twitter'=>'',
|
'twitter'=>'',
|
||||||
'facebook'=>'',
|
'facebook'=>'',
|
||||||
|
|
Loading…
Reference in New Issue