public function can_add_tag() { if (! isset(vB::$vbulletin->userinfo['permissions']['cms'])) { vBCMS_Permissions::getUserPerms(); } //until we have better developed permissions, limit tagging //to item editors only. return vBCMS_Permissions::canEdit($this->fetch_content_info()->getNodeId()); }
/** * pre_delete function - extend if the contenttype needs to do anything * * @param array list of deleted attachment ids to delete * @param boolean verify permission to delete * * @return boolean */ public function pre_delete($list, $checkperms = true) { if (!isset($this->contentid) and !vB::$vbulletin->GPC_exists['values']) { vB::$vbulletin->input->clean_array_gpc('r', array( 'f' => vB_Input::TYPE_UINT )); } if (!isset(vB::$vbulletin->userinfo['permissions']['cms'])) { vBCMS_Permissions::getUserPerms(); } if (vB::$vbulletin->GPC_exists['values'] and isset(vB::$vbulletin->GPC['values']['f'])) { $this->contentid = vB::$vbulletin->GPC['values']['f']; return vBCMS_Permissions::canEdit($this->contentid); } if (count($list)) { $rst = vB::$vbulletin->db->query_read(" SELECT DISTINCT node.permissionsfrom FROM " . TABLE_PREFIX . "attachment AS attach INNER JOIN " . TABLE_PREFIX . "cms_node AS node ON (node.nodeid = attach.contentid AND node.contenttypeid = attach.contenttypeid) WHERE attachmentid IN (" . implode(',' , $list) . ") "); while ($record = vB::$vbulletin->db->fetch_array($rst)) { if (!in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canedit'])) { return false; } } return true; } }