90 lines
2.0 KiB
C++
Executable File
90 lines
2.0 KiB
C++
Executable File
/*
|
|
* This file is a part of CMSLU -- Content Management System like Unix
|
|
* and is not publicly distributed
|
|
*
|
|
* Copyright (c) 2008-2009, Tomasz Sowa
|
|
* All rights reserved.
|
|
*
|
|
*/
|
|
|
|
#include "content.h"
|
|
#include "../core/request.h"
|
|
#include "../core/error.h"
|
|
#include "../core/db.h"
|
|
#include "../core/data.h"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void Content::PostFunPriv()
|
|
{
|
|
// !! narazie tylko dla plikow
|
|
if( !request.is_item )
|
|
return;
|
|
|
|
try
|
|
{
|
|
long user_id = data.users.GetUserId( request.PostVar("user") );
|
|
long group_id = data.groups.GetGroupId( request.PostVar("group") );
|
|
int privileges = strtol( request.PostVar("privileges").c_str() , 0, 8);
|
|
|
|
if( !request.CanChangeUser(request.item, user_id) )
|
|
throw Error(Error::cant_change_user);
|
|
|
|
if( !request.CanChangeGroup(request.item, group_id) )
|
|
throw Error(Error::cant_change_group);
|
|
|
|
if( !request.CanChangePrivileges(request.item, privileges) )
|
|
throw Error(Error::cant_change_privileges);
|
|
|
|
request.item.user_id = user_id;
|
|
request.item.group_id = group_id;
|
|
request.item.privileges = privileges;
|
|
|
|
request.session->done = Done::privileged_item;
|
|
request.session->done_status = db.EditPrivById(request.item, request.item.id);
|
|
}
|
|
catch(const Error & e)
|
|
{
|
|
log << log1 << "Content: FunChmod: Error: " << e << logend;
|
|
request.session->done_status = e;
|
|
}
|
|
|
|
if( request.session->done_status == Error::ok )
|
|
{
|
|
request.session->item = request.item;
|
|
request.session->done_timer = 2;
|
|
RedirectTo(request.item);
|
|
}
|
|
else
|
|
{
|
|
log << log1 << "Content: PostFunPrivileges: Error: " << static_cast<int>(request.session->done_status) << logend;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void Content::FunPriv()
|
|
{
|
|
if( !request.is_item )
|
|
{
|
|
// !! chwilowi tylko dla plikow
|
|
request.status == Error::item_required;
|
|
return;
|
|
}
|
|
|
|
// you must be an owner of the item (or a superuser)
|
|
// !! moze wykorzystac request.CanChangeUser() ?
|
|
if( !request.session->puser || (!request.session->puser->super_user && request.session->puser->id != request.item.user_id) )
|
|
{
|
|
request.status = Error::permision_denied;
|
|
return;
|
|
}
|
|
|
|
}
|