NEW Add permission "export website"
This commit is contained in:
parent
e5a94d9257
commit
6a8f4ac892
@ -154,6 +154,9 @@ $upload_dir = $conf->export->dir_temp.'/'.$user->id;
|
||||
//$usefilters=($conf->global->MAIN_FEATURES_LEVEL > 1);
|
||||
$usefilters = 1;
|
||||
|
||||
// Security check
|
||||
$result = restrictedArea($user, 'export');
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
|
||||
@ -27,11 +27,12 @@ require_once DOL_DOCUMENT_ROOT.'/exports/class/export.class.php';
|
||||
// Load translation files required by the page
|
||||
$langs->load("exports");
|
||||
|
||||
$export = new Export($db);
|
||||
$export->load_arrays($user);
|
||||
|
||||
// Security check
|
||||
$result = restrictedArea($user, 'export');
|
||||
|
||||
$export = new Export($db);
|
||||
$export->load_arrays($user);
|
||||
|
||||
/*
|
||||
* View
|
||||
|
||||
@ -477,7 +477,7 @@ if ($massaction == 'setcategory' && GETPOST('confirmmassaction', 'alpha') && $us
|
||||
}
|
||||
|
||||
// Replacement of string into pages
|
||||
if ($massaction == 'replace' && GETPOST('confirmmassaction', 'alpha')) {
|
||||
if ($massaction == 'replace' && GETPOST('confirmmassaction', 'alpha') && $usercanedit) {
|
||||
$replacestring = GETPOST('replacestring', 'none');
|
||||
|
||||
if (empty($user->rights->website->writephp)) {
|
||||
@ -567,7 +567,7 @@ if ($action == 'adddir' && $permtouploadfile)
|
||||
*/
|
||||
|
||||
// Add site
|
||||
if ($action == 'addsite') {
|
||||
if ($action == 'addsite' && $usercanedit) {
|
||||
$db->begin();
|
||||
|
||||
if (GETPOST('virtualhost', 'alpha') && !preg_match('/^http/', GETPOST('virtualhost', 'alpha'))) {
|
||||
@ -625,7 +625,7 @@ if ($action == 'addsite') {
|
||||
}
|
||||
|
||||
// Add page/container
|
||||
if ($action == 'addcontainer') {
|
||||
if ($action == 'addcontainer' && $usercanedit) {
|
||||
dol_mkdir($pathofwebsite);
|
||||
|
||||
$db->begin();
|
||||
@ -1148,7 +1148,7 @@ if ($action == 'addcontainer') {
|
||||
}
|
||||
|
||||
// Delete site
|
||||
if ($action == 'confirm_deletesite' && $confirm == 'yes') {
|
||||
if ($action == 'confirm_deletesite' && $confirm == 'yes' && $permissiontodelete) {
|
||||
$error = 0;
|
||||
|
||||
$db->begin();
|
||||
@ -1276,7 +1276,7 @@ if (!GETPOSTISSET('pageid')) {
|
||||
}
|
||||
|
||||
// Update css Update site properties
|
||||
if ($action == 'updatecss') {
|
||||
if ($action == 'updatecss' && $usercanedit) {
|
||||
// If we tried to reload another site/page, we stay on editcss mode.
|
||||
if (GETPOST('refreshsite') || GETPOST('refreshsite_x') || GETPOST('refreshsite.x') || GETPOST('refreshpage') || GETPOST('refreshpage_x') || GETPOST('refreshpage.x')) {
|
||||
$action = 'editcss';
|
||||
@ -1523,7 +1523,7 @@ if ($action == 'updatecss') {
|
||||
}
|
||||
|
||||
// Update page
|
||||
if ($action == 'setashome') {
|
||||
if ($action == 'setashome' && $usercanedit) {
|
||||
$db->begin();
|
||||
$object->fetch(0, $websitekey);
|
||||
$website = $object;
|
||||
@ -1556,7 +1556,7 @@ if ($action == 'setashome') {
|
||||
}
|
||||
|
||||
// Update page properties (meta)
|
||||
if ($action == 'updatemeta') {
|
||||
if ($action == 'updatemeta' && $usercanedit) {
|
||||
$db->begin();
|
||||
|
||||
$result = $object->fetch(0, $websitekey);
|
||||
@ -1778,8 +1778,8 @@ if ($action == 'updatemeta') {
|
||||
}
|
||||
|
||||
// Update page
|
||||
if (($action == 'updatesource' || $action == 'updatecontent' || $action == 'confirm_createfromclone' || $action == 'confirm_createpagefromclone')
|
||||
|| ($action == 'preview' && (GETPOST('refreshsite') || GETPOST('refreshpage') || GETPOST('preview')))) {
|
||||
if ($usercanedit && (($action == 'updatesource' || $action == 'updatecontent' || $action == 'confirm_createfromclone' || $action == 'confirm_createpagefromclone')
|
||||
|| ($action == 'preview' && (GETPOST('refreshsite') || GETPOST('refreshpage') || GETPOST('preview'))))) {
|
||||
$object->fetch(0, $websitekey);
|
||||
$website = $object;
|
||||
|
||||
@ -2041,7 +2041,7 @@ if (($action == 'updatesource' || $action == 'updatecontent' || $action == 'conf
|
||||
}
|
||||
|
||||
// Export site
|
||||
if ($action == 'exportsite') {
|
||||
if ($action == 'exportsite' && !empty($user->rights->website->export)) {
|
||||
$fileofzip = $object->exportWebSite();
|
||||
|
||||
if ($fileofzip) {
|
||||
@ -2060,7 +2060,7 @@ if ($action == 'exportsite') {
|
||||
}
|
||||
|
||||
// Regenerate site
|
||||
if ($action == 'regeneratesite') {
|
||||
if ($action == 'regeneratesite' && $usercanedit) {
|
||||
// Check symlink to medias and restore it if ko. Recreate also dir of website if not found.
|
||||
$pathtomedias = DOL_DATA_ROOT.'/medias';
|
||||
$pathtomediasinwebsite = $pathofwebsite.'/medias';
|
||||
@ -2085,7 +2085,7 @@ if ($action == 'regeneratesite') {
|
||||
}
|
||||
|
||||
// Import site
|
||||
if ($action == 'importsiteconfirm') {
|
||||
if ($action == 'importsiteconfirm' && $usercanedit) {
|
||||
if (empty($_FILES) && !GETPOSTISSET('templateuserfile')) {
|
||||
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("File")), null, 'errors');
|
||||
$action = 'importsite';
|
||||
@ -2162,7 +2162,7 @@ $domainname = '0.0.0.0:8080';
|
||||
$tempdir = $conf->website->dir_output.'/'.$websitekey.'/';
|
||||
|
||||
// Generate web site sitemaps
|
||||
if ($action == 'generatesitemaps') {
|
||||
if ($action == 'generatesitemaps' && $usercanedit) {
|
||||
$domtree = new DOMDocument('1.0', 'UTF-8');
|
||||
$root = $domtree->createElementNS('http://www.sitemaps.org/schemas/sitemap/0.9', 'urlset');
|
||||
$domtree->formatOutput = true;
|
||||
@ -2331,6 +2331,10 @@ if (!GETPOST('hide_websitemenu')) {
|
||||
if (empty($user->rights->website->write)) {
|
||||
$disabled = ' disabled="disabled"';
|
||||
}
|
||||
$disabledexport = '';
|
||||
if (empty($user->rights->website->export)) {
|
||||
$disabledexport = ' disabled="disabled"';
|
||||
}
|
||||
|
||||
if ($websitekey) {
|
||||
$virtualurl = '';
|
||||
@ -2446,7 +2450,7 @@ if (!GETPOST('hide_websitemenu')) {
|
||||
}
|
||||
|
||||
//print '<input type="submit" class="button"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditMenu")).'" name="editmenu">';
|
||||
print '<input type="submit" class="button bordertransp"'.$disabled.' value="'.dol_escape_htmltag($exportlabel).'" name="exportsite">';
|
||||
print '<input type="submit" class="button bordertransp"'.$disabledexport.' value="'.dol_escape_htmltag($exportlabel).'" name="exportsite">';
|
||||
|
||||
print '<input type="submit" class="button bordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("CloneSite")).'" name="createfromclone">';
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user