public function testForErrors() {
if ($this->object->isMasterCollection()) {
$canEditMaster = TaskPermission::getByHandle('access_page_defaults')->can();
if (!($canEditMaster && $_SESSION['mcEditID'] == $this->object->getCollectionID())) {
return COLLECTION_FORBIDDEN;
}
} else {
if ((!$this->canViewPage()) && (!$this->object->getCollectionPointerExternalLink() != '')) {
return COLLECTION_FORBIDDEN;
}
}
}
<style type="text/css">
.ccm-module form{ width:auto; height:auto; padding:0px; padding-bottom:10px; display:block; }
.ccm-module form div.ccm-dashboard-inner{ margin-bottom:0px !important; }
</style>
<?php
if ($this->controller->getTask() == 'access_task_permissions' || $this->controller->getTask() == 'save_task_permissions') {
?>
<div style="width: 760px">
<?php
$tp1 = TaskPermission::getByHandle('access_task_permissions');
if ($tp1->can()) {
$ih = Loader::helper('concrete/interface');
$tps = array(TaskPermission::getByHandle('access_task_permissions'), TaskPermission::getByHandle('access_user_search'), TaskPermission::getByHandle('access_group_search'), TaskPermission::getByHandle('access_page_defaults'), TaskPermission::getByHandle('install_packages'), TaskPermission::getByHandle('uninstall_packages'), TaskPermission::getByHandle('backup'), TaskPermission::getByHandle('sudo'));
$tpl = new TaskPermissionList();
foreach ($tps as $tp) {
$tpl->add($tp);
}
?>
<h1><span><?php
echo t('Task Permissions');
?>
</span></h1>
<div class="ccm-dashboard-inner">
<form method="post" id="ccm-task-permissions" action="<?php
echo $this->url('/dashboard/settings', 'save_task_permissions');
?>
">
protected function installTaskPermissions()
{
$g3 = Group::getByID(ADMIN_GROUP_ID);
$tpo = TaskPermission::getByHandle('access_task_permissions');
if (!is_object($tpo)) {
$tp0 = TaskPermission::addTask('access_task_permissions', t('Change Task Permissions'), false);
$tp1 = TaskPermission::addTask('access_sitemap', t('Access Sitemap and Page Search'), false);
$tp2 = TaskPermission::addTask('access_user_search', t('Access User Search'), false);
$tp3 = TaskPermission::addTask('access_group_search', t('Access Group Search'), false);
$tp4 = TaskPermission::addTask('access_page_defaults', t('Change Content on Page Type Default Pages'), false);
$tp5 = TaskPermission::addTask('backup', t('Perform Full Database Backups'), false);
$tp6 = TaskPermission::addTask('sudo', t('Sign in as User'), false);
$tp7 = TaskPermission::addTask('uninstall_packages', t('Uninstall Packages'), false);
$tp1->addAccess($g3);
$tp2->addAccess($g3);
$tp3->addAccess($g3);
$tp5->addAccess($g3);
}
}
function CollectionPermissions(&$cObj)
{
$u = new User();
$this->originalObj =& $cObj;
$this->oUID = $cObj->uID;
$adm = $u->isSuperUser();
if ($cObj->getError() == COLLECTION_INIT) {
// The collection object in question represents the first page of a site not yet created
// basically this is only important because it means the admin user cannot add any pages
// to this collection. He/she may only edit the existing first page - can't add pages to
// a collection that doesn't really exist
if ($adm) {
//$this->permissionSet = 'r:wa:ab:av:cp';
$this->permissionSet = 'r:rv:wa:ab:av:adm';
// cp is redundant - we just check to see if is superuser
} else {
$this->permError = COLLECTION_FORBIDDEN;
}
} else {
if ($adm) {
/*
$cv = $cObj->getVersionObject();
if (is_object($cv)) {
$this->permissionSet = ($cv->isMostRecent()) ? 'r:rv:wa:av:cp:dc:adm:db' : 'r:rv';
} else {
$this->permissionSet = 'r:rv:wa:av:cp:dc:db:adm';
}
*/
$this->permissionSet = 'r:rv:wa:av:cp:dc:db:adm';
$this->populateAllPageTypes();
$this->populateAllBlockTypes();
} else {
// a bunch of database group permission stuff
$this->permissionSet = $this->setGroupAccess($cObj, $u);
if (!$this->canRead() && !$cObj->getCollectionPointerExternalLink() != '') {
$this->permError = COLLECTION_FORBIDDEN;
}
}
}
if ($cObj->isMasterCollection()) {
$canEditMaster = TaskPermission::getByHandle('access_page_defaults')->can();
if ($canEditMaster && $_SESSION['mcEditID'] == $cObj->getCollectionID()) {
$this->permissionSet = 'r:rv:wa:av:cp:dc:db:adm';
$this->permError = false;
} else {
$this->permError = COLLECTION_FORBIDDEN;
}
}
return $this;
}
<?
$tp1 = TaskPermission::getByHandle('access_task_permissions');
if ($tp1->can()) {
print $h->getDashboardPaneHeaderWrapper(t('Site Permissions'), false, false, false);
$ih = Loader::helper('concrete/interface');
$tps = array(
TaskPermission::getByHandle('access_task_permissions'),
TaskPermission::getByHandle('access_sitemap'),
TaskPermission::getByHandle('access_user_search'),
TaskPermission::getByHandle('access_group_search'),
TaskPermission::getByHandle('access_page_defaults'),
TaskPermission::getByHandle('install_packages'),
TaskPermission::getByHandle('uninstall_packages'),
TaskPermission::getByHandle('backup'),
TaskPermission::getByHandle('sudo'),
TaskPermission::getByHandle('delete_user')
);
$tpl = new TaskPermissionList();
foreach($tps as $tp) {
$tpl->add($tp);
}
?>
<form method="post" id="ccm-task-permissions" action="<?php
echo $this->url('/dashboard/system/permissions/tasks', 'save_task_permissions');
?>
">
<?php
echo $this->controller->token->output('update_permissions');
?>
<? print Loader::helper('concrete/dashboard/task_permissions')->getForm($tpl, t('Set administrative access details.')); ?>
<div style="width: 760px">
<?
$tp1 = TaskPermission::getByHandle('access_task_permissions');
if ($tp1->can()) {
$ih = Loader::helper('concrete/interface');
$tps = array(
TaskPermission::getByHandle('access_task_permissions'),
TaskPermission::getByHandle('access_user_search'),
TaskPermission::getByHandle('access_group_search'),
TaskPermission::getByHandle('access_page_defaults'),
TaskPermission::getByHandle('install_packages'),
TaskPermission::getByHandle('uninstall_packages'),
TaskPermission::getByHandle('backup'),
TaskPermission::getByHandle('sudo')
);
$tpl = new TaskPermissionList();
foreach($tps as $tp) {
$tpl->add($tp);
}
?>
<h1><span><?=t('Task Permissions')?></span></h1>
<div class="ccm-dashboard-inner">
<form method="post" id="ccm-task-permissions" action="<?=$this->url('/dashboard/settings', 'save_task_permissions')?>">
<?=$this->controller->token->output('update_permissions');?>
<? print Loader::helper('concrete/dashboard/task_permissions')->getForm($tpl, t('Set permissions for common concrete5 tasks.')); ?>
<div class="ccm-spacer"> </div>
public function __call($nm, $a)
{
if (substr($nm, 0, 3) == 'can') {
$txt = Loader::helper('text');
$permission = $txt->uncamelcase(substr($nm, 3));
$tp = TaskPermission::getByHandle($permission);
if (is_object($tp)) {
return $tp->can();
} else {
throw new Exception(t('Invalid task permission.'));
}
}
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
?>
<div style="width: 760px">
<?php
$tp1 = new TaskPermission();
if ($tp1->canAccessTaskPermissions()) {
$ih = Loader::helper('concrete/interface');
$tp = TaskPermission::getByHandle('access_sitemap');
?>
<h1><span><?php
echo t('Sitemap Permissions');
?>
</span></h1>
<div class="ccm-dashboard-inner">
<form method="post" id="sitemap-permissions" action="<?php
echo $this->url('/dashboard/sitemap/access', 'save_permissions');
?>
">
<?php
echo $validation_token->output('sitemap_permissions');
?>
<?php
print $h->getForm($tp, t('Add users or groups to determine access to the file manager. <strong>Note:</strong> If you want users to have access to the dashboard sitemap, they must be entered here and in the dashboard sitemap page permissions area.'));
?>
<div class="ccm-spacer"> </div>