API, write permissions
This commit is contained in:
parent
1bd75ac2ee
commit
5f6c43e73d
|
@ -10,7 +10,7 @@ class dbPages extends dbJSON
|
|||
'description'=> array('inFile'=>false, 'value'=>''),
|
||||
'username'=> array('inFile'=>false, 'value'=>''),
|
||||
'tags'=> array('inFile'=>false, 'value'=>array()),
|
||||
'status'=> array('inFile'=>false, 'value'=>'draft'), // published, draft, scheduled
|
||||
'status'=> array('inFile'=>false, 'value'=>'published'), // published, draft, scheduled
|
||||
'date'=> array('inFile'=>false, 'value'=>''),
|
||||
'dateModified'=> array('inFile'=>false, 'value'=>''),
|
||||
'position'=> array('inFile'=>false, 'value'=>0),
|
||||
|
@ -142,8 +142,8 @@ class dbPages extends dbJSON
|
|||
}
|
||||
}
|
||||
} else {
|
||||
// Default value for the field
|
||||
$value = $options['value'];
|
||||
// By default is the current value
|
||||
$value = $this->db[$args['key']][$field];
|
||||
}
|
||||
|
||||
$args[$field] = $value;
|
||||
|
@ -158,9 +158,6 @@ class dbPages extends dbJSON
|
|||
$args['date'] = $this->db[$args['key']]['date'];
|
||||
}
|
||||
|
||||
// Current UUID
|
||||
$args['uuid'] = $this->db[$args['key']]['uuid'];
|
||||
|
||||
// Date
|
||||
$currentDate = Date::current(DB_DATE_FORMAT);
|
||||
|
||||
|
|
|
@ -108,10 +108,8 @@ class dbUsers extends dbJSON
|
|||
foreach ($this->db[$username] as $key=>$value) {
|
||||
$User->setField($key, $value);
|
||||
}
|
||||
|
||||
return $User;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
@ -349,10 +349,15 @@ function editPage($args) {
|
|||
global $dbPages;
|
||||
global $Syslog;
|
||||
|
||||
// The user is always the one loggued
|
||||
$args['username'] = Session::get('username');
|
||||
if ( empty($args['username']) ) {
|
||||
Log::set('Function editPage()'.LOG_SEP.'Empty username.');
|
||||
// Check the key is not empty
|
||||
if (empty($args['key'])) {
|
||||
Log::set('Function editPage()'.LOG_SEP.'Empty key.');
|
||||
return false;
|
||||
}
|
||||
|
||||
// Check if the page key exist
|
||||
if (!$dbPages->exists($args['key'])) {
|
||||
Log::set('Function editPage()'.LOG_SEP.'Page key does not exist, '.$args['key']);
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -362,6 +367,17 @@ function editPage($args) {
|
|||
unset($args['externalCoverImage']);
|
||||
}
|
||||
|
||||
// Title and content need to be here because from inside the dbPages is not visible
|
||||
if (empty($args['title']) || empty($args['content'])) {
|
||||
$page = buildPage($args['key']);
|
||||
if (empty($args['title'])) {
|
||||
$args['title'] = $page->title();
|
||||
}
|
||||
if (empty($args['content'])) {
|
||||
$args['content'] = $page->contentRaw();
|
||||
}
|
||||
}
|
||||
|
||||
$key = $dbPages->edit($args);
|
||||
if ($key) {
|
||||
// Call the plugins after page modified
|
||||
|
|
|
@ -91,13 +91,20 @@ class pluginAPI extends Plugin {
|
|||
// ------------------------------------------------------------
|
||||
$writePermissions = false;
|
||||
if ( !empty($inputs['authentication']) ) {
|
||||
// Get the user with the authentication token
|
||||
|
||||
// Get the user with the authentication token, FALSE if doesn't exit
|
||||
$username = $dbUsers->getByAuthToken($inputs['authentication']);
|
||||
if ($username!==false) {
|
||||
// Enable write permissions
|
||||
$writePermissions = true;
|
||||
|
||||
// Get the object user to check the role
|
||||
$user = $dbUsers->getUser($username);
|
||||
if ($user->role()=='admin') {
|
||||
|
||||
// Loggin the user to create the session
|
||||
$Login->setLogin($username, 'admin');
|
||||
// Enable write permissions
|
||||
$writePermissions = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -270,7 +277,7 @@ class pluginAPI extends Plugin {
|
|||
{
|
||||
// This function is defined on functions.php
|
||||
$key = createPage($args);
|
||||
var_dump($key);exit;
|
||||
|
||||
if ($key===false) {
|
||||
return array(
|
||||
'status'=>'1',
|
||||
|
|
|
@ -367,6 +367,7 @@ function install($adminPassword, $email, $timezone)
|
|||
// File users.php
|
||||
$salt = uniqid();
|
||||
$passwordHash = sha1($adminPassword.$salt);
|
||||
$tokenAuth = md5( uniqid().time().DOMAIN );
|
||||
|
||||
$data = array(
|
||||
'admin'=>array(
|
||||
|
@ -379,7 +380,7 @@ function install($adminPassword, $email, $timezone)
|
|||
'registered'=>$currentDate,
|
||||
'tokenEmail'=>'',
|
||||
'tokenEmailTTL'=>'2009-03-15 14:00',
|
||||
'tokenAuth'=>'',
|
||||
'tokenAuth'=>$tokenAuth,
|
||||
'tokenAuthTTL'=>'2009-03-15 14:00',
|
||||
'twitter'=>'',
|
||||
'facebook'=>'',
|
||||
|
|
Loading…
Reference in New Issue