/** * Render the module. * * @return string */ public function toString() { // Set CategoryID if we have one. if ($this->CategoryID === null) { $this->CategoryID = Gdn::controller()->data('Category.CategoryID', false); } // Allow plugins and themes to modify parameters. Gdn::controller()->EventArguments['NewDiscussionModule'] =& $this; Gdn::controller()->fireEvent('BeforeNewDiscussionButton'); // Make sure the user has the most basic of permissions first. $PermissionCategory = CategoryModel::permissionCategory($this->CategoryID); if ($this->CategoryID) { $Category = CategoryModel::categories($this->CategoryID); $HasPermission = Gdn::session()->checkPermission('Vanilla.Discussions.Add', true, 'Category', val('CategoryID', $PermissionCategory)); } else { $HasPermission = Gdn::session()->checkPermission('Vanilla.Discussions.Add', true, 'Category', 'any'); } // Determine if this is a guest & we're using "New Discussion" button as call to action. $PrivilegedGuest = $this->ShowGuests && !Gdn::session()->isValid(); // No module for you! if (!$HasPermission && !$PrivilegedGuest) { return ''; } // Grab the allowed discussion types. $DiscussionTypes = CategoryModel::allowedDiscussionTypes($PermissionCategory); foreach ($DiscussionTypes as $Key => $Type) { if (isset($Type['AddPermission']) && !Gdn::session()->checkPermission($Type['AddPermission'])) { unset($DiscussionTypes[$Key]); continue; } $Url = val('AddUrl', $Type); if (!$Url) { continue; } if (isset($Category)) { $Url .= '/' . rawurlencode(val('UrlCode', $Category)); } // Present a signin redirect for a $PrivilegedGuest. if (!$HasPermission) { $Url = $this->GuestUrl . '?Target=' . $Url; } $this->addButton(t(val('AddText', $Type)), $Url); } // Add QueryString to URL if one is defined. if ($this->QueryString && $HasPermission) { foreach ($this->Buttons as &$Row) { $Row['Url'] .= (strpos($Row['Url'], '?') !== false ? '&' : '?') . $this->QueryString; } } return parent::toString(); }
/** * Permission checks & property prep. */ public function __construct() { parent::__construct(); if (!class_exists('MediaModel')) { require __DIR__ . '/class.mediamodel.php'; } $this->_MediaCache = null; $this->CanUpload = checkPermission('Plugins.Attachments.Upload.Allow'); $this->CanDownload = checkPermission('Plugins.Attachments.Download.Allow'); if ($this->CanUpload) { $PermissionCategory = CategoryModel::permissionCategory(Gdn::controller()->data('Category')); if (!val('AllowFileUploads', $PermissionCategory, true)) { $this->CanUpload = false; } } }
/** * Setup some variables for instance. */ public function __construct() { parent::__construct(); $this->mediaCache = null; $this->mediaCacheExpire = 60 * 60 * 6; $this->AssetPath = Asset('/plugins/editor'); $this->pluginInfo = Gdn::pluginManager()->getPluginInfo('editor', Gdn_PluginManager::ACCESS_PLUGINNAME); $this->ForceWysiwyg = c('Plugins.editor.ForceWysiwyg', false); // Check upload permissions $this->canUpload = Gdn::session()->checkPermission('Plugins.Attachments.Upload.Allow', false); if ($this->canUpload) { $PermissionCategory = CategoryModel::permissionCategory(Gdn::controller()->data('Category')); if (!val('AllowFileUploads', $PermissionCategory, true)) { $this->canUpload = false; } } // Check against config, too if (!c('Garden.AllowFileUploads', false)) { $this->canUpload = false; } }
/** * Checks whether the canUpload property is set and if not, calculates it value. * The calculation is based on config, user permissions, and category permissions. * * @return bool Whether the session user is allowed to upload a file. */ protected function canUpload() { // If the property has been set, return it if (isset($this->canUpload)) { return $this->canUpload; } else { // Check config and user role upload permission if (c('Garden.AllowFileUploads', true) && Gdn::session()->checkPermission('Plugins.Attachments.Upload.Allow', false)) { // Check category-specific permission $PermissionCategory = CategoryModel::permissionCategory(Gdn::controller()->data('Category')); $this->canUpload = val('AllowFileUploads', $PermissionCategory, true); } else { $this->canUpload = false; } } return $this->canUpload; }