/* * This file is a part of CMSLU -- Content Management System like Unix * and is not publicly distributed * * Copyright (c) 2008-2009, Tomasz Sowa * All rights reserved. * */ #include "content.h" #include "../core/request.h" #include "../core/error.h" #include "../core/db.h" #include "../core/data.h" void Content::PostFunPriv() { // !! narazie tylko dla plikow if( !request.is_item ) return; try { long user_id = data.users.GetUserId( request.PostVar("user") ); long group_id = data.groups.GetGroupId( request.PostVar("group") ); int privileges = strtol( request.PostVar("privileges").c_str() , 0, 8); if( !request.CanChangeUser(request.item, user_id) ) throw Error(Error::cant_change_user); if( !request.CanChangeGroup(request.item, group_id) ) throw Error(Error::cant_change_group); if( !request.CanChangePrivileges(request.item, privileges) ) throw Error(Error::cant_change_privileges); request.item.user_id = user_id; request.item.group_id = group_id; request.item.privileges = privileges; request.session->done = Done::privileged_item; request.session->done_status = db.EditPrivById(request.item, request.item.id); } catch(const Error & e) { log << log1 << "Content: FunChmod: Error: " << e << logend; request.session->done_status = e; } if( request.session->done_status == Error::ok ) { request.session->item = request.item; request.session->done_timer = 2; RedirectTo(request.item); } else { log << log1 << "Content: PostFunPrivileges: Error: " << static_cast(request.session->done_status) << logend; } } void Content::FunPriv() { if( !request.is_item ) { // !! chwilowi tylko dla plikow request.status == Error::item_required; return; } // you must be an owner of the item (or a superuser) // !! moze wykorzystac request.CanChangeUser() ? if( !request.session->puser || (!request.session->puser->super_user && request.session->puser->id != request.item.user_id) ) { request.status = Error::permision_denied; return; } }