</li>
{/if}
- {if $
__wcf->getSession()->getPermission('admin.content.article.canManageArticle')}<li><a href="{link controller='ArticleEdit' id=$article->articleID isACP=true}{/link}" class="button"><span class="icon icon16 fa-pencil"></span> <span>{lang}wcf.acp.article.edit{/lang}</span></a></li>{/if}
+ {if $
article->canEdit()}<li><a href="{link controller='ArticleEdit' id=$article->articleID isACP=true}{/link}" class="button"><span class="icon icon16 fa-pencil"></span> <span>{lang}wcf.acp.article.edit{/lang}</span></a></li>{/if}
{event name='contentHeaderNavigation'}
{/content}
</ul>
<usersonly>1</usersonly>
<options>module_article</options>
</option>
+ <option name="admin.content.article.canManageOwnArticles">
+ <categoryname>admin.content</categoryname>
+ <optiontype>boolean</optiontype>
+ <defaultvalue>0</defaultvalue>
+ <admindefaultvalue>1</admindefaultvalue>
+ <usersonly>1</usersonly>
+ <options>module_article</options>
+ </option>
<option name="admin.content.article.canManageCategory">
<categoryname>admin.content</categoryname>
<optiontype>boolean</optiontype>
</dd>
</dl>
- {if $__wcf->session->getPermission('admin.content.article.canManageArticle')}
+ {if $__wcf->session->getPermission('admin.content.article.canManageArticle') || $__wcf->session->getPermission('admin.content.article.canManageOwnArticles')}
<dl>
<dt><label for="categoryID">{lang}wcf.acp.article.publicationStatus{/lang}</label></dt>
<dd class="floated">
}
if (!empty($_POST['enableComments'])) $this->enableComments = 1;
- if (WCF::getSession()->getPermission('admin.content.article.canManageArticle')) {
+ if (WCF::getSession()->getPermission('admin.content.article.canManageArticle') || WCF::getSession()->getPermission('admin.content.article.canManageOwnArticles')) {
if (isset($_POST['publicationStatus'])) $this->publicationStatus = intval($_POST['publicationStatus']);
}
else {
}
if ($this->article->isMultilingual) $this->isMultilingual = 1;
- if (!WCF::getSession()->getPermission('admin.content.article.canManageArticle')) {
- if ($this->article->userID != WCF::getUser()->userID || $this->article->publicationStatus != Article::UNPUBLISHED) {
- throw new PermissionDeniedException();
- }
+ if (!$this->article->canEdit()) {
+ throw new PermissionDeniedException();
}
}
if (!WCF::getSession()->getPermission('admin.content.article.canManageArticle')) {
// only show own articles
$this->objectList->getConditionBuilder()->add('article.userID = ?', [WCF::getUser()->userID]);
- $this->objectList->getConditionBuilder()->add('article.publicationStatus = ?', [Article::UNPUBLISHED]);
+
+ if (!WCF::getSession()->getPermission('admin.content.article.canManageOwnArticles')) {
+ // only show unpublished articles
+ $this->objectList->getConditionBuilder()->add('article.publicationStatus = ?', [Article::UNPUBLISHED]);
+ }
}
$this->objectList->sqlSelects = "(SELECT title FROM wcf".WCF_N."_article_content WHERE articleID = article.articleID AND (languageID IS NULL OR languageID = ".WCF::getLanguage()->languageID.") LIMIT 1) AS title";
return true;
}
+ if (WCF::getSession()->getPermission('admin.content.article.canManageOwnArticles') && $this->userID == WCF::getUser()->userID) {
+ return true;
+ }
+
return false;
}
return WCF::getSession()->getPermission('user.article.canRead');
}
+ /**
+ * Returns true if the current user can edit these article.
+ *
+ * @return boolean
+ * @since 3.2
+ */
+ public function canEdit() {
+ if (WCF::getSession()->getPermission('admin.content.article.canManageArticle')) {
+ return true;
+ }
+
+ if (WCF::getSession()->getPermission('admin.content.article.canManageOwnArticles') && $this->userID == WCF::getUser()->userID) {
+ return true;
+ }
+
+ if ($this->publicationStatus != self::PUBLISHED) {
+ if (WCF::getSession()->getPermission('admin.content.article.canContributeArticle') && $this->userID == WCF::getUser()->userID) {
+ return false;
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Returns true if the current user can publish these article.
+ *
+ * @return boolean
+ * @since 3.2
+ */
+ public function canPublish() {
+ if (WCF::getSession()->getPermission('admin.content.article.canManageArticle')) {
+ return true;
+ }
+
+ if (WCF::getSession()->getPermission('admin.content.article.canManageOwnArticles') && $this->userID == WCF::getUser()->userID) {
+ return true;
+ }
+
+ return false;
+ }
+
/**
* @inheritDoc
*/
use wcf\data\AbstractDatabaseObjectAction;
use wcf\system\clipboard\ClipboardHandler;
use wcf\system\comment\CommentHandler;
+use wcf\system\exception\PermissionDeniedException;
use wcf\system\exception\UserInputException;
use wcf\system\language\LanguageFactory;
use wcf\system\like\LikeHandler;
* @throws UserInputException
*/
public function validateDelete() {
- WCF::getSession()->checkPermissions(['admin.content.article.canManageArticle']);
-
if (empty($this->objects)) {
$this->readObjects();
}
foreach ($this->getObjects() as $article) {
+ if (!$article->canDelete()) {
+ throw new PermissionDeniedException();
+ }
+
if (!$article->isDeleted) {
throw new UserInputException('objectIDs');
}
* @throws UserInputException
*/
public function validateTrash() {
- WCF::getSession()->checkPermissions(['admin.content.article.canManageArticle']);
-
if (empty($this->objects)) {
$this->readObjects();
}
foreach ($this->getObjects() as $article) {
+ if (!$article->canDelete()) {
+ throw new PermissionDeniedException();
+ }
+
if ($article->isDeleted) {
throw new UserInputException('objectIDs');
}
* @throws UserInputException
*/
public function validatePublish() {
- WCF::getSession()->checkPermissions(['admin.content.article.canManageArticle']);
-
if (empty($this->objects)) {
$this->readObjects();
}
foreach ($this->getObjects() as $article) {
+ if (!$article->canPublish()) {
+ throw new PermissionDeniedException();
+ }
+
if ($article->publicationStatus == Article::PUBLISHED) {
throw new UserInputException('objectIDs');
}
* @throws UserInputException
*/
public function validateUnpublish() {
- WCF::getSession()->checkPermissions(['admin.content.article.canManageArticle']);
-
if (empty($this->objects)) {
$this->readObjects();
}
foreach ($this->getObjects() as $article) {
+ if (!$article->canPublish()) {
+ throw new PermissionDeniedException();
+ }
+
if ($article->publicationStatus != Article::PUBLISHED) {
throw new UserInputException('objectIDs');
}
* @return integer[]
*/
public function validateDelete() {
- if (!WCF::getSession()->getPermission('admin.content.article.canManageArticle')) {
- return [];
- }
-
$objectIDs = [];
/** @var Article $article */
foreach ($this->objects as $article) {
- if ($article->isDeleted) {
+ if ($article->canDelete() && $article->isDeleted) {
$objectIDs[] = $article->articleID;
}
}
* @return integer[]
*/
public function validatePublish() {
- if (!WCF::getSession()->getPermission('admin.content.article.canManageArticle')) {
- return [];
- }
-
$objectIDs = [];
/** @var Article $article */
foreach ($this->objects as $article) {
- if ($article->publicationStatus == Article::UNPUBLISHED) {
+ if ($article->canPublish() && $article->publicationStatus == Article::UNPUBLISHED) {
$objectIDs[] = $article->articleID;
}
}
* @return integer[]
*/
public function validateTrash() {
- if (!WCF::getSession()->getPermission('admin.content.article.canManageArticle')) {
- return [];
- }
-
$objectIDs = [];
/** @var Article $article */
foreach ($this->objects as $article) {
- if (!$article->isDeleted) {
+ if ($article->canDelete() && !$article->isDeleted) {
$objectIDs[] = $article->articleID;
}
}
* @return integer[]
*/
public function validateUnpublish() {
- if (!WCF::getSession()->getPermission('admin.content.article.canManageArticle')) {
- return [];
- }
-
$objectIDs = [];
/** @var Article $article */
foreach ($this->objects as $article) {
- if ($article->publicationStatus == Article::PUBLISHED) {
+ if ($article->canPublish() && $article->publicationStatus == Article::PUBLISHED) {
$objectIDs[] = $article->articleID;
}
}
<item name="wcf.acp.group.option.user.tag.canViewTag"><![CDATA[Kann Tag sehen]]></item>
<item name="wcf.acp.group.option.category.user.cms"><![CDATA[CMS]]></item>
<item name="wcf.acp.group.option.admin.content.article.canManageArticle"><![CDATA[Kann Artikel verwalten]]></item>
+ <item name="wcf.acp.group.option.admin.content.article.canManageOwnArticles"><![CDATA[Kann eigene Artikel verwalten]]></item>
<item name="wcf.acp.group.option.admin.content.article.canContributeArticle"><![CDATA[Kann Artikel einreichen]]></item>
<item name="wcf.acp.group.option.admin.content.article.canManageCategory"><![CDATA[Kann Artikel-Kategorien verwalten]]></item>
<item name="wcf.acp.group.option.admin.content.cms.canManageBox"><![CDATA[Kann Boxen verwalten]]></item>
<item name="wcf.acp.group.option.user.tag.canViewTag"><![CDATA[Can view tags]]></item>
<item name="wcf.acp.group.option.category.user.cms"><![CDATA[CMS]]></item>
<item name="wcf.acp.group.option.admin.content.article.canManageArticle"><![CDATA[Can manage articles]]></item>
+ <item name="wcf.acp.group.option.admin.content.article.canManageOwnArticles"><![CDATA[Can manage own articles]]></item>
<item name="wcf.acp.group.option.admin.content.article.canContributeArticle"><![CDATA[Can contribute articles]]></item>
<item name="wcf.acp.group.option.admin.content.article.canManageCategory"><![CDATA[Can manage article categories]]></item>
<item name="wcf.acp.group.option.admin.content.cms.canManageBox"><![CDATA[Can manage boxes]]></item>
projects / GitHub / WoltLab / WCF.git / commitdiff