"
ondblclick="jQuery('input[name=news_remove_areas]').click()">
<? foreach ($area_structure as $area_key => $area_data) : ?>
<? if (count($area_options_selected[$area_key])) : ?>
<option disabled class="news_area_title"
style="background-image: url('<?php
echo Icon::create($area_data['icon'], 'info')->asImagePath();
?>
');">
<?php
echo htmlReady($area_data['title']);
?>
</option>
<? foreach ($area_options_selected[$area_key] as $area_option_key => $area_option_title) : ?>
<option <?php
echo (StudipNews::haveRangePermission('edit', $area_option_key) or $may_delete) ? 'value="' . $area_option_key . '"' : 'disabled';
?>
<?php
echo tooltip($area_option_title);
?>
>
<?php
echo htmlReady(mila($area_option_title));
?>
</option>
<? endforeach ?>
<? endif ?>
<? endforeach ?>
</select>
</label>
</div>
/**
* checks, if user has permission to perform given operation on news object
*
* @param string $operation delete, unassign, edit, copy, or view
* @param string $check_range_id specified range-id, used only for unassign-operation
* @param string $user_id optional; check permission for
* given user ID; otherwise for the
* global $user's ID
* @return boolean true or false
*/
function havePermission($operation, $check_range_id = '', $user_id = null)
{
if (!$user_id) {
$user_id = $GLOBALS['auth']->auth['uid'];
}
if (!in_array($operation, array('delete', 'unassign', 'edit', 'copy', 'view'))) {
return false;
}
// in order to unassign, there must be more than one range assigned; $check_range_id must be specified.
if ($operation == 'unassign' and count($this->getRanges()) < 2) {
return false;
}
// root, owner, and owner's deputy have full permission
if ($GLOBALS['perm']->have_perm('root', $user_id) or $user_id == $this->user_id and $GLOBALS['perm']->have_perm('autor') or isDeputyEditAboutActivated() and isDeputy($user_id, $this->user_id, true)) {
return true;
}
// check news' ranges for edit, copy or view permission
if ($operation == 'unassign' or $operation == 'delete') {
$range_operation = 'edit';
} else {
$range_operation = $operation;
}
foreach ($this->getRanges() as $range_id) {
if (StudipNews::haveRangePermission($range_operation, $range_id, $user_id)) {
// in order to view, edit, copy, or unassign, access to one of the ranges is sufficient
if ($operation == 'view' or $operation == 'edit' or $operation == 'copy') {
return true;
// in order to unassign, access to the specified range is needed
} elseif ($operation == 'unassign' and $range_id == $check_range_id) {
return true;
}
// in order to delete, access to all ranges is necessary
$permission_ranges++;
} elseif ($operation == 'delete') {
return false;
}
}
if ($operation == 'delete' and count($this->getRanges()) == $permission_ranges) {
return true;
}
return false;
}
private static function checkRangePermission($range_id, $user_id)
{
return \StudipNews::haveRangePermission('view', $range_id, $user_id);
}
function rss_config_action($range_id)
{
if (!get_config('NEWS_RSS_EXPORT_ENABLE') || !StudipNews::haveRangePermission('edit', $range_id)) {
throw new AccessDeniedException();
}
if (Request::isPost()) {
if (Request::submitted('rss_on')) {
StudipNews::SetRssId($range_id);
} else {
StudipNews::UnsetRssId($range_id);
}
}
$this->range_id = $range_id;
$this->rss_id = StudipNews::GetRssIdFromRangeId($range_id);
}
