Improve user role

2026-04-18 19:46:21 +05:30 · 2024-03-30 11:49:22 +07:00 · 2024-03-30 11:49:22 +07:00 · c8e8bee51b
commit c8e8bee51b
parent fd6e7540cf
15 changed files with 1350 additions and 912 deletions
--- a/system/admin/admin.php
+++ b/system/admin/admin.php
@ -1358,25 +1358,27 @@ EOF;
    $toolbar .= '<div id="toolbar"><ul>';
    $toolbar .= '<li class="tb-admin"><a href="' . $base . 'admin">' . i18n('Admin') . '</a></li>';
    $toolbar .= '<li class="tb-addcontent"><a href="' . $base . 'admin/content">' . i18n('Add_content') . '</a></li>';
-    if ($role === 'admin') {
+    if ($role === 'editor' || $role === 'admin') {
        $toolbar .= '<li class="tb-posts"><a href="' . $base . 'admin/posts">' . i18n('Posts') . '</a></li>';
        if (config('views.counter') == 'true') {
            $toolbar .= '<li class="tb-popular"><a href="' . $base . 'admin/popular">' . i18n('Popular') . '</a></li>';
        }
-    }
        $toolbar .= '<li class="tb-mine"><a href="' . $base . 'admin/pages">' . i18n('Pages') . '</a></li>';
+    }
    $toolbar .= '<li class="tb-draft"><a href="' . $base . 'admin/scheduled">' . i18n('Scheduled') . '</a></li>';
    $toolbar .= '<li class="tb-draft"><a href="' . $base . 'admin/draft">' . i18n('Draft') . '</a></li>';
-    if ($role === 'admin') {
+    if ($role === 'editor' || $role === 'admin') {
        $toolbar .= '<li class="tb-categories"><a href="' . $base . 'admin/categories">' . i18n('Categories') . '</a></li>';
-    }
        $toolbar .= '<li class="tb-import"><a href="' . $base . 'admin/menu">' . i18n('Menu') . '</a></li>';
+    }
    if ($role === 'admin') {
        $toolbar .= '<li class="tb-config"><a href="' . $base . 'admin/config">' . i18n('Config') . '</a></li>';
-    }
        $toolbar .= '<li class="tb-backup"><a href="' . $base . 'admin/backup">' . i18n('Backup') . '</a></li>';
        $toolbar .= '<li class="tb-update"><a href="' . $base . 'admin/update">' . i18n('Update') . '</a></li>';
+    }
+    if ($role === 'editor' || $role === 'admin') {
        $toolbar .= '<li class="tb-clearcache"><a href="' . $base . 'admin/clear-cache">' . i18n('Clear_cache') . '</a></li>';
+    }
    $toolbar .= '<li class="tb-editprofile"><a href="' . $base . 'edit/profile">' . i18n('Edit_profile') . '</a></li>';
    $toolbar .= '<li class="tb-logout"><a href="' . $base . 'logout">' . i18n('Logout') . '</a></li>';

@ -1652,3 +1654,27 @@ function image_gallery($images, $page = 1, $perpage = 0)
    $tmp .= '</div>';
    return $tmp;
 }
+
+function authorized ($data = null)
+{
+    if (login()) {
+        if (is_null($data)) {
+            return false;
+        }
+        $user = $_SESSION[site_url()]['user'];
+        $role = user('role', $user);
+        if (isset($data->author)) {
+            if ($user === $data->author || $role === 'editor' || $role === 'admin') {
+                return true;
+            } else {
+                return false;            
+            }
+        } else {
+            if ($role === 'editor' || $role === 'admin') {
+                return true;
+            } else {
+                return false;
+            }
+        }
+    }
+}
--- a/system/admin/views/content-type.html.php
+++ b/system/admin/views/content-type.html.php
@ -1,6 +1,9 @@
 <?php if (!defined('HTMLY')) die('HTMLy'); ?>
 <h2><?php echo i18n('Add_content');?></h2>
-
+<?php
+$user = $_SESSION[site_url()]['user'];
+$role = user('role', $user);
+?>
 <div class="row">
 <div class="col-sm-6">
 <p><a href="<?php echo site_url();?>add/content?type=post"><?php echo i18n('Regular_post')?></a><br><?php echo i18n('Regular_post_comment')?>.</p>
@ -11,6 +14,8 @@
 <div class="col-sm-6">
 <p><a href="<?php echo site_url();?>add/content?type=link"><?php echo i18n('Link_post')?></a><br><?php echo i18n('Link_post_comment')?>.</p>
 <p><a href="<?php echo site_url();?>add/content?type=quote"><?php echo i18n('Quote_post')?></a><br><?php echo i18n('Quote_post_comment')?>.</p>
+<?php if ($role === 'editor' || $role === 'admin'):?>
 <p><a href="<?php echo site_url();?>add/page"><?php echo i18n('Static_page')?></a><br><?php echo i18n('Static_page_comment')?>.</p>
+<?php endif;?>
 </div>
 </div>
--- a/system/admin/views/layout.html.php
+++ b/system/admin/views/layout.html.php
@ -12,7 +12,10 @@
    <script src="<?php echo site_url() ?>system/resources/js/jquery.min.js"></script>
    <script src="<?php echo site_url() ?>system/resources/js/jquery-ui.min.js"></script>
 </head>
-<?php if (login()) { ?>
+<?php if (login()) { 
+$user = $_SESSION[site_url()]['user'];
+$role = user('role', $user);
+?>
 <body class="hold-transition sidebar-mini">
 <div class="wrapper">
 <style>.error-message ul {margin:0;padding:0;}</style>
@ -75,12 +78,21 @@
              </p>
            </a>
            <ul class="nav nav-treeview">
+              <?php if ($role === 'editor' || $role === 'admin'):?>
              <li class="nav-item">
                <a href="<?php echo site_url();?>admin/posts" class="nav-link">
                  <p>
                     <?php echo i18n('Posts_list'); ?>
                  </p>
                </a>
+              </li>
+			  <?php endif;?>
+              <li class="nav-item">
+                <a href="<?php echo site_url();?>admin/mine" class="nav-link">
+                  <p>
+                    <?php echo i18n('My_posts');?>
+                  </p>
+                </a>
              </li>
              <li class="nav-item">
                <a href="<?php echo site_url();?>admin/scheduled" class="nav-link">
@ -96,13 +108,16 @@
                  </p>
                </a>
              </li>
+              <?php if ($role === 'editor' || $role === 'admin'):?>
+              <?php if (config('views.counter') == 'true') : ?>
              <li class="nav-item">
-                <a href="<?php echo site_url();?>admin/pages" class="nav-link">
+                <a href="<?php echo site_url();?>admin/popular" class="nav-link">
                  <p>
-                     <?php echo i18n('Static_pages'); ?>
+                    <?php echo i18n('Popular_posts');?>
                  </p>
                </a>
              </li>
+              <?php endif; ?>
              <li class="nav-item">
                <a href="<?php echo site_url();?>admin/categories" class="nav-link">
                  <p>
@ -110,8 +125,17 @@
                  </p>
                </a>
              </li>
+              <li class="nav-item">
+                <a href="<?php echo site_url();?>admin/pages" class="nav-link">
+                  <p>
+                     <?php echo i18n('Static_pages'); ?>
+                  </p>
+                </a>
+              </li>
+              <?php endif;?>
            </ul>
          </li>
+          <?php if ($role === 'editor' || $role === 'admin'):?>
          <li class="nav-item has-treeview menu-open">
            <a href="#" class="nav-link">
              <i class="nav-icon fa fa-cogs"></i>
@ -121,6 +145,7 @@
              </p>
            </a>
            <ul class="nav nav-treeview">
+              <?php if ($role === 'admin'):?>
              <li class="nav-item">
                <a href="<?php echo site_url();?>admin/config" class="nav-link">
                  <p>
@ -128,6 +153,8 @@
                  </p>
                </a>
              </li>
+              <?php endif;?>
+              <?php if ($role === 'editor' || $role === 'admin'):?>
              <li class="nav-item">
                <a href="<?php echo site_url();?>admin/menu" class="nav-link">
                  <p>
@ -135,8 +162,11 @@
                  </p>
                </a>
              </li>
+              <?php endif;?>
            </ul>
          </li>
+          <?php endif;?>
+          <?php if ($role === 'editor' || $role === 'admin'):?>
          <li class="nav-item has-treeview menu-open">
            <a href="#" class="nav-link">
              <i class="nav-icon fa fa-briefcase"></i>
@ -153,6 +183,7 @@
                  </p>
                </a>
              </li>
+              <?php if ($role === 'admin'):?>
              <li class="nav-item">
                <a href="<?php echo site_url();?>admin/update" class="nav-link">
                  <p>
@ -174,17 +205,10 @@
                  </p>
                </a>
              </li>
-              <?php if (config('views.counter') == 'true') { ?>
-              <li class="nav-item">
-                <a href="<?php echo site_url();?>admin/popular" class="nav-link">
-                  <p>
-                    <?php echo i18n('Popular_posts');?>
-                  </p>
-                </a>
-              </li>
-              <?php } ?>
+              <?php endif;?>
            </ul>
          </li>
+          <?php endif;?>
          <li class="nav-item has-treeview menu-open">
            <a href="#" class="nav-link">
              <i class="nav-icon fa fa-user"></i>
@ -194,13 +218,6 @@
              </p>
            </a>
            <ul class="nav nav-treeview">
-              <li class="nav-item">
-                <a href="<?php echo site_url();?>admin/mine" class="nav-link">
-                  <p>
-                    <?php echo i18n('My_posts');?>
-                  </p>
-                </a>
-              </li>
              <li class="nav-item">
                <a href="<?php echo site_url();?>edit/profile" class="nav-link">
                  <p>
--- a/system/htmly.php
+++ b/system/htmly.php
--- a/themes/blog/main.html.php
+++ b/themes/blog/main.html.php
@ -58,7 +58,7 @@
                        <?php } elseif (facebook()) { ?> 
                            - <i class="fa fa-comments"></i> <a href="<?php echo $p->url ?>#comments"><span><fb:comments-count href=<?php echo $p->url ?>></fb:comments-count> <?php echo i18n("Comments");?></span></a>
                        <?php } ?>
-                        <?php if (login()) { echo ' - <span><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
+                        <?php if (authorized($p)) { echo ' - <span><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
                    </p>
                </div>
                <div class="desc text-left post-<?php echo $p->date;?>" itemprop="articleBody">                                    
--- a/themes/clean/main.html.php
+++ b/themes/clean/main.html.php
@ -28,7 +28,7 @@
                <?php } elseif (facebook()) { ?> -
                    <a href="<?php echo $p->url ?>#comments"><span><fb:comments-count href=<?php echo $p->url ?>></fb:comments-count> <?php echo i18n("Comments");?></span></a>
                <?php } ?>
-                <?php if (login()) { echo ' - <span><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
+                <?php if (authorized($p)) { echo ' - <span><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
            </div>
            <?php if (!empty($p->image)) { ?>
                <div class="featured-image">
--- a/themes/doks/main.html.php
+++ b/themes/doks/main.html.php
@ -116,7 +116,7 @@
                            <svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-clock" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M3 12a9 9 0 1018 0A9 9 0 003 12"></path><path d="M12 7v5l3 3"></path></svg> 
                            <?php echo $post->readTime;?> min
                        </strong>
-                        <?php if (login()) { echo ' <span class="mx-2">—</span> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2"><path d="M17 3a2.828 2.828.0 114 4L7.5 20.5 2 22l1.5-5.5L17 3z"></path></svg> <span class="edit-post"><a href="'. $post->url .'/edit?destination=post">' . i18n('Edit') . '</a></span>'; } ?>
+                        <?php if (authorized($post)) { echo ' <span class="mx-2">—</span> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2"><path d="M17 3a2.828 2.828.0 114 4L7.5 20.5 2 22l1.5-5.5L17 3z"></path></svg> <span class="edit-post"><a href="'. $post->url .'/edit?destination=post">' . i18n('Edit') . '</a></span>'; } ?>
                    </small>
                </p>

--- a/themes/doks/post.html.php
+++ b/themes/doks/post.html.php
@ -22,7 +22,7 @@
                    <svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-clock" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M3 12a9 9 0 1018 0A9 9 0 003 12"></path><path d="M12 7v5l3 3"></path></svg> 
                    <?php echo $post->readTime;?> min
                </strong> 
-                <?php if (login()) { echo ' <span class="mx-2">—</span> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2"><path d="M17 3a2.828 2.828.0 114 4L7.5 20.5 2 22l1.5-5.5L17 3z"></path></svg> <span class="edit-post"><a href="'. $post->url .'/edit?destination=post">' . i18n('Edit') . '</a></span>'; } ?>
+                <?php if (authorized($post)) { echo ' <span class="mx-2">—</span> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2"><path d="M17 3a2.828 2.828.0 114 4L7.5 20.5 2 22l1.5-5.5L17 3z"></path></svg> <span class="edit-post"><a href="'. $post->url .'/edit?destination=post">' . i18n('Edit') . '</a></span>'; } ?>
            </small>
        </p>

--- a/themes/doks/profile.html.php
+++ b/themes/doks/profile.html.php
@ -63,7 +63,7 @@
                                    <svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-clock" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentcolor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M3 12a9 9 0 1018 0A9 9 0 003 12"></path><path d="M12 7v5l3 3"></path></svg> 
                                    <?php echo $post->readTime;?> min
                                </strong>
-                                <?php if (login()) { echo ' <span class="mx-2">—</span> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2"><path d="M17 3a2.828 2.828.0 114 4L7.5 20.5 2 22l1.5-5.5L17 3z"></path></svg> <span class="edit-post"><a href="'. $post->url .'/edit?destination=post">' . i18n('Edit') . '</a></span>'; } ?>
+                                <?php if (authorized($post)) { echo ' <span class="mx-2">—</span> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2"><path d="M17 3a2.828 2.828.0 114 4L7.5 20.5 2 22l1.5-5.5L17 3z"></path></svg> <span class="edit-post"><a href="'. $post->url .'/edit?destination=post">' . i18n('Edit') . '</a></span>'; } ?>
                            </small>
                        </p>

--- a/themes/doks/static.html.php
+++ b/themes/doks/static.html.php
@ -14,7 +14,7 @@
        </ol>
    </nav>

-    <?php if (login()):?>
+    <?php if (authorized($static)):?>
    <div class="edit-page"><a href="<?php echo $static->url;?>/edit?destination=post"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2"><path d="M17 3a2.828 2.828.0 114 4L7.5 20.5 2 22l1.5-5.5L17 3z"></path></svg><?php echo i18n('Edit');?></a></div>        
    <?php endif;?>

--- a/themes/logs/main.html.php
+++ b/themes/logs/main.html.php
@ -28,7 +28,7 @@
                <?php } elseif (facebook()) { ?> - 
                    <a href="<?php echo $p->url ?>#comments"><span><fb:comments-count href=<?php echo $p->url ?>></fb:comments-count> <?php echo i18n('Comments');?></span></a>
                <?php } ?>
-                <?php if (login()) { echo ' - <span><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
+                <?php if (authorized($p)) { echo ' - <span><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
            </div>
            <?php if (!empty($p->image)) { ?>
                <div class="featured-image">
--- a/themes/logs/post.html.php
+++ b/themes/logs/post.html.php
@ -41,7 +41,7 @@
        <div class="post-body post-<?php echo $p->date;?>" itemprop="articleBody">
            <?php echo $p->body; ?>
        </div>
-        <div class="tags"><strong><?php echo i18n('Tags');?></strong> <?php echo $p->tag;?></div>
+        <div class="tags"><strong><?php echo i18n('Tags');?>:</strong> <?php echo $p->tag;?></div>
    </div>
    <div class="separator">&rarr;</div>
    <div class="share-box">
--- a/themes/readable/main.html.php
+++ b/themes/readable/main.html.php
@ -28,7 +28,7 @@
                <?php } elseif (facebook()) { ?> -
                    <a href="<?php echo $p->url ?>#comments"><span><fb:comments-count href=<?php echo $p->url ?>></fb:comments-count> <?php echo i18n('Comments');?></span></a>
                <?php } ?>
-                <?php if (login()) { echo ' - <span><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
+                <?php if (authorized($p)) { echo ' - <span><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
            </div>
            <?php if (!empty($p->image)) { ?>
                <div class="featured-image">
--- a/themes/twentyfifteen/main.html.php
+++ b/themes/twentyfifteen/main.html.php
@ -86,7 +86,7 @@
        <?php } elseif (facebook()) { ?>
            <span class="comments-link"><a href="<?php echo $p->url ?>#comments"><span><fb:comments-count href=<?php echo $p->url ?>></fb:comments-count> <?php echo i18n('Comments');?></span></a></span>
        <?php } ?>
-		<?php if (login()) { echo '<span class="edit-link"><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
+		<?php if (authorized($p)) { echo '<span class="edit-link"><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
    </footer>
 </article>
 <?php endforeach; ?>
--- a/themes/twentysixteen/main.html.php
+++ b/themes/twentysixteen/main.html.php
@ -76,7 +76,7 @@
        <?php } elseif (facebook()) { ?>
            <span class="comments-link"><a href="<?php echo $p->url ?>#comments"><span><fb:comments-count href=<?php echo $p->url ?>></fb:comments-count> <?php echo i18n('Comments');?></span></a></span>
        <?php } ?>
-        <?php if (login()) { echo '<span class="edit-link"><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
+        <?php if (authorized($p)) { echo '<span class="edit-link"><a href="'. $p->url .'/edit?destination=post">Edit</a></span>'; } ?>
    </footer><!-- .entry-footer -->
 </article><!-- #post-## -->
 <?php endforeach;?>