- hackpoint : gestion permission + readonly

css/theme.css

@@ -120,4 +120,19 @@ a {
 .dropdown-menu {
     background-color: #1d2124;
 
+}
+
+.dropdown-item {
+    color: #a4abb3;
+}
+.dropdown-item:focus, .dropdown-item:hover {
+    color: #9098a5;
+    text-decoration: none;
+    background-color: #30373c;
+}
+
+.debugFrame{
+    box-shadow: 0px 0px 10px rgba(0,0,0,0.5);
+    border-right: 2px solid #ff314f!important;
+    background: rgb(52, 58, 64)!important;
 }

plugin/hackpoint/Resource.class.php

@@ -19,6 +19,7 @@ class Resource extends Entity{
 	);
 
 	public $links = array(
+		'sketch' => 'Sketch'
 	);
 
 	public function type(){

plugin/hackpoint/action.php

@@ -7,7 +7,7 @@ switch($_['action']){
 	case 'hackpoint_sketch_search':
 		Action::write(function(&$response){
 			global $myUser,$_;
-			if(!$myUser->can('hackpoint','read')) throw new Exception("Permissions insuffisantes",403);
+			
 			require_once(__DIR__.SLASH.'Sketch.class.php');
 
 			
@@ -34,6 +34,9 @@ switch($_['action']){
 
 			
 			foreach($sketchs as $sketch){
+
+				if(!$sketch->state &&  $sketch->creator != $myUser->login) continue;
+
 				$row = $sketch->toArray();
 				$row['picture'] = $sketch->picture();
 				$row['created'] = relative_time($row['created']);
@@ -113,9 +116,12 @@ switch($_['action']){
 	case 'hackpoint_resource_search':
 		Action::write(function(&$response){
 			global $myUser,$_;
-			if(!$myUser->can('hackpoint','read')) throw new Exception("Permissions insuffisantes",403);
+			
+			require_once(__DIR__.SLASH.'Sketch.class.php');
 			require_once(__DIR__.SLASH.'Resource.class.php');
-
+			$sketch = Sketch::provide('sketch');
+			if(!$sketch->state &&  $sketch->creator != $myUser->login) throw new Exception("Sketch privé", 403);
+			
 			foreach(Resource::loadAll(array('sketch'=>$_['sketch']),array('sort')) as $resource){
 				$row = $resource->toArray();
 				$type = $resource->type();
@@ -128,10 +134,15 @@ switch($_['action']){
 	case 'hackpoint_resource_edit':
 		Action::write(function(&$response){
 			global $myUser,$_;
-			if(!$myUser->can('hackpoint','read')) throw new Exception("Permissions insuffisantes",403);
+			require_once(__DIR__.SLASH.'Sketch.class.php');
 			require_once(__DIR__.SLASH.'Resource.class.php');
-			$item = Resource::provide();
+			require_once(__DIR__.SLASH.'Resource.class.php');
+			$item = Resource::provide('id',1);
+			$sketch = $item->join('sketch');
+			if(!$sketch->state &&  $sketch->creator != $myUser->login) throw new Exception("Sketch privé", 403);
+
 			$response = $item->toHtml();
+			$response['resourceType'] = $item->type;
 		});
 	break;
 
@@ -139,9 +150,12 @@ switch($_['action']){
 	case 'hackpoint_resource_save_content':
 		Action::write(function(&$response){
 			global $myUser,$_;
-			if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
+			require_once(__DIR__.SLASH.'Sketch.class.php');
 			require_once(__DIR__.SLASH.'Resource.class.php');
-			$item = Resource::provide();
+			$item = Resource::provide('id',1);
+			$sketch = $item->join('sketch');
+		
+			if($sketch->creator != $myUser->login) throw new Exception("Permissions insuffisantes",403);
 			$item->content = $_['content'];
 			$item->save();
 		});
@@ -152,9 +166,13 @@ switch($_['action']){
 		Action::write(function(&$response){
 			global $myUser,$_;
 			if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
+			require_once(__DIR__.SLASH.'Sketch.class.php');
 			require_once(__DIR__.SLASH.'Resource.class.php');
 			require_once(__DIR__.SLASH.'ResourceType.class.php');
-			$item = Resource::provide();
+			$item = Resource::provide('id',1);
+
+			$sketch = $item->join('sketch');
+			if($sketch->creator != $myUser->login) throw new Exception("Permissions insuffisantes",403);
 
 			if(!isset($_['type']) && $item->id!=0) $_['type'] = $item->type;
 			$type = ResourceType::types($_['type']);
@@ -177,10 +195,15 @@ switch($_['action']){
 		Action::write(function(&$response){
 			global $myUser,$_;
 			if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
+			require_once(__DIR__.SLASH.'Sketch.class.php');
 			require_once(__DIR__.SLASH.'Resource.class.php');
 			require_once(__DIR__.SLASH.'ResourceType.class.php');
 			foreach($_['sort'] as $sort=>$id){
-				$resource =  Resource::getById($id);
+				$resource =  Resource::getById($id,1);
+
+				$sketch = $resource->join('sketch');
+				if($sketch->creator != $myUser->login) continue;
+
 				$resource->sort = $sort;
 				$resource->save();
 			}
@@ -191,8 +214,13 @@ switch($_['action']){
 	case 'hackpoint_resource_delete':
 		Action::write(function(&$response){
 			global $myUser,$_;
-			if(!$myUser->can('hackpoint','delete')) throw new Exception("Permissions insuffisantes",403);
+			require_once(__DIR__.SLASH.'Sketch.class.php');
 			require_once(__DIR__.SLASH.'Resource.class.php');
+
+	
+			$item = Resource::getById($_['id'],1);
+			$sketch = $item->join('sketch');
+			if($sketch->creator != $myUser->login) throw new Exception("Permissions insuffisantes",403);
 			Resource::deleteById($_['id']);
 			
 		});
@@ -261,11 +289,15 @@ switch($_['action']){
 	case 'hackpoint_part_search':
 		Action::write(function(&$response){
 			global $myUser,$_;
-			if(!$myUser->can('hackpoint','read')) throw new Exception("Permissions insuffisantes",403);
+			
+			require_once(__DIR__.SLASH.'Sketch.class.php');
 			require_once(__DIR__.SLASH.'Part.class.php');
 			require_once(__DIR__.SLASH.'Resource.class.php');
 			require_once(__DIR__.SLASH.'ResourcePart.class.php');
 
+			$item = Resource::provide('resource',1);
+			$sketch = $item->join('sketch');
+			if(!$sketch->state && $sketch->creator != $myUser->login) throw new Exception("Permissions insuffisantes",403);
 			
 			foreach(ResourcePart::loadAll(array('resource'=>$_['resource']),  null, null, array('*'),1) as $resourcepart){
 				$part = $resourcepart->join('part');
@@ -282,10 +314,16 @@ switch($_['action']){
 	case 'hackpoint_part_save':
 		Action::write(function(&$response){
 			global $myUser,$_;
-			if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
+
+			require_once(__DIR__.SLASH.'Sketch.class.php');
 			require_once(__DIR__.SLASH.'Part.class.php');
+			require_once(__DIR__.SLASH.'Resource.class.php');
 			require_once(__DIR__.SLASH.'ResourcePart.class.php');
 			
+			$item = Resource::provide('resource',1);
+			$sketch = $item->join('sketch');
+			if($sketch->creator != $myUser->login) throw new Exception("Permissions insuffisantes",403);
+
 
 			$part = Part::provide('part');
 			$part->label = $_['label'];
@@ -316,8 +354,15 @@ switch($_['action']){
 	case 'hackpoint_resource_part_delete':
 		Action::write(function(&$response){
 			global $myUser,$_;
-			if(!$myUser->can('hackpoint','delete')) throw new Exception("Permissions insuffisantes",403);
+			//if(!$myUser->can('hackpoint','delete')) throw new Exception("Permissions insuffisantes",403);
+			require_once(__DIR__.SLASH.'Sketch.class.php');
+			require_once(__DIR__.SLASH.'Resource.class.php');
 			require_once(__DIR__.SLASH.'ResourcePart.class.php');
+			require_once(__DIR__.SLASH.'Part.class.php');
+			$resourcePart = ResourcePart::getById($_['id'],2);
+			$resource = $resourcePart->join('resource');
+			$sketch = $resource->join('sketch');
+			if($sketch->creator!=$myUser->login) throw new Exception("Permissions insuffisantes",403);
 			ResourcePart::deleteById($_['id']);
 			
 		});
@@ -334,7 +379,7 @@ switch($_['action']){
 	break;
 
 
-	//Suppression d'élement part
+	//Download d'un fichier
 	case 'hackpoint_download_file':
 		Action::write(function(&$response){
 			global $myUser,$_;
@@ -392,16 +437,19 @@ switch($_['action']){
 	        		}
 	        	}
 	        });
-
 	    break;
 
 	    case 'get_part_by_id':
 	    Action::write(function(&$response){
 	        global $myUser,$_;
-        	if (!$myUser->connected()) throw new Exception("Vous devez être connecté!");
+        	
+        	require_once(__DIR__.SLASH.'Sketch.class.php');
+        	require_once(__DIR__.SLASH.'Resource.class.php');
         	require_once(__DIR__.SLASH.'Part.class.php');
-	   
-	        $part = Part::getById($_['id']);
+
+
+	        $part = Part::getById($_['id'],1);
+
 	        $part = !$part ? new Part() : Part::getById($_['id']);
 	        	
 	        $row = $part->toArray();

plugin/hackpoint/css/main.css

@@ -281,6 +281,27 @@ div.hackpoint-type-image[data-type="dropzone"] > ul > li > i.pointer{
 	border-radius: 100%;
 	transform: translateY(0px);
 }
+
+
+/* readonly mode */
+	.hackpoint.readonly #resources-toolbar .btn-add-resource,
+	.hackpoint.readonly .btn-delete-sketch,
+	.hackpoint.readonly #resources .delete-resource,
+	.hackpoint.readonly .resource-image .fas.fa-times,
+	.hackpoint.readonly .hackpoint-type-image > div,
+	.hackpoint.readonly .resource-part .btn-add-part,
+	.hackpoint.readonly .resource-part .btn-save-part,
+	.hackpoint.readonly .resource-part .btn-delete{
+		display:none;
+	}
+
+	.hackpoint.readonly  .editable-input{
+		outline: none;
+	}
+
+	
+/**/
+
 #parts{
 	margin:0;
 	padding:0;

plugin/hackpoint/js/main.js

@@ -1,15 +1,19 @@
 //CHARGEMENT DE LA PAGE
 function init_plugin_hackpoint(){
 	switch($.urlParam('page')){
+		case 'sheet.sketch':
+			if($('.hackpoint').hasClass('readonly')){
+				$('.editable-input').attr('readonly','readonly');
+				init_components();
+			}
+		break;
 		default:
 		break;
 	}
 	
-	
 	$('#parts').sortable_table({
 		onSort : hackpoint_part_search
 	});
-
 	
 	$('#sketchs').sortable_table({
 		onSort : hackpoint_sketch_search
@@ -259,6 +263,9 @@ function hackpoint_sketch_search(callback){
 
 //Ajout ou modification d'élément sketch
 function hackpoint_sketch_save(){
+
+	if($('.hackpoint').hasClass('readonly')) return;
+
 	$('.sketch-preloader').show();
 	var data = {
 		action : 'hackpoint_sketch_save',
@@ -300,7 +307,7 @@ function hackpoint_resource_search(callback,triggered){
 
 
 		//rend les menu sortables
-		$( "#resources" ).sortable({
+		$( ".hackpoint.editable #resources" ).sortable({
 			axis: "y",
 			update: function( event, ui ){
 				var sort = [];
@@ -350,7 +357,11 @@ function hackpoint_resource_edit(element){
 		action : 'hackpoint_resource_edit',
 		id : id
 	},function(r){
-		$('#sketch-editor').html(r.html).attr('data-id',id);
+		$('#sketch-editor')
+		.html(r.html)
+		.attr('data-id',id)
+		.attr('class','resource-'+r.resourceType);
+		
 
 		window.history.replaceState(null, null, "index.php?module=hackpoint&page=sheet.sketch&id="+$('#sketch-form').attr('data-id')+"&resource="+id);
 
@@ -374,6 +385,7 @@ function resource_add_document(files){
 			line.attr('data-path', file.relative);
 			line.find('a').attr('href', file.url);
 			line.find('i.pointer').attr('onclick', 'resource_delete_document(this)');
+			if($('.hackpoint').hasClass('readonly')) line.find('i.pointer').hide();
 			line.find('img').attr('src', file.url);
 
 			$('#sketch-editor [data-type="dropzone"] input:not(:visible)').val('');
@@ -384,6 +396,7 @@ function resource_add_document(files){
 }
 
 function resource_delete_document(element){
+	if($('.hackpoint').hasClass('readonly')) return;
 	if(!confirm("Êtes-vous sûr de vouloir supprimer ce fichier ?")) return;
 	var line = $(element).closest('li');
 	$.action({
@@ -426,8 +439,11 @@ function hackpoint_resource_title_edit(event,element){
 }
 
 function hackpoint_resource_mirrorify(element,data){
+
+	if($('.hackpoint').hasClass('readonly')) data.readOnly = true;
 	var editor = CodeMirror.fromTextArea($(element).get(0), data);
 	editor.on("blur", function(cm,obj){
+		if($('.hackpoint').hasClass('readonly')) return;
 		var data = {};
 		data.action = 'hackpoint_resource_save_content';
 		data.id = $('#sketch-editor').attr('data-id');

plugin/hackpoint/page.list.sketch.php

@@ -1,7 +1,7 @@
 <?php
 global $myUser;
-if(!$myUser->connected()) throw new Exception("Vous devez être connecté pour accéder à cette fonctionnalité",401);
-if(!$myUser->can('hackpoint','read')) throw new Exception("Vous n'avez pas la permission pour executer cette fonctionnalité",403);
+
+
 require_once(__DIR__.SLASH.'Sketch.class.php');
 ?>
 

plugin/hackpoint/page.sheet.sketch.php

@@ -1,14 +1,14 @@
 <?php 
-if(!$myUser->connected()) throw new Exception("Vous devez être connecté pour accéder à cette fonctionnalité",401);
-if(!$myUser->can('hackpoint','read')) throw new Exception("Vous n'avez pas la permission pour executer cette fonctionnalité",403);
+global $myUser;
 require_once(__DIR__.SLASH.'Sketch.class.php');
 require_once(__DIR__.SLASH.'ResourceType.class.php');
 $sketch = Sketch::provide();
 if(!$sketch) throw new Exception("Sketch supprimé ou inexistant");
+if(!$sketch->state &&  $sketch->creator != $myUser->login) throw new Exception("Sketch privé");
 
-
+$sketchClasses = $sketch->creator != $myUser->login ? "readonly":"editable";
 ?>
-<div class="hackpoint">
+<div class="hackpoint <?php echo $sketchClasses; ?>">
 	
 	<div id="sketch-form" class="sketch-form" data-action="hackpoint_sketch_save" data-id="<?php echo $sketch->id; ?>">
 
@@ -44,7 +44,7 @@ if(!$sketch) throw new Exception("Sketch supprimé ou inexistant");
 		<div  id="sketch-workspace">
 				<div class="row">
 					<div class="col-md-8">
-						<h3 class="m-0"><input id="label" name="label" class="form-control-plaintext d-inline-block w-50 pt-0" placeholder="Nom du sketch ici" onblur="hackpoint_sketch_save();" value="<?php echo $sketch->label; ?>" type="text"></h3>
+						<h3 class="m-0"><input id="label" name="label" class="form-control-plaintext d-inline-block w-50 pt-0 editable-input" placeholder="Nom du sketch ici" onblur="hackpoint_sketch_save();" value="<?php echo $sketch->label; ?>" type="text"></h3>
 					</div>
 					<div class="col-md-4">
 						<!-- toolbar -->
@@ -52,11 +52,11 @@ if(!$sketch) throw new Exception("Sketch supprimé ou inexistant");
 
 							<div class="btn-group mr-2" role="group" aria-label="First group">
 								<div class="btn text-muted"><span class="sketch-preloader"><i class="far fast-spin fas fa-circle-notch"></i> Sauvegarde...</span></div>
-								<div class="btn text-muted" title="Supprimer" onclick="hackpoint_sketch_delete(this);"><i class="far fa-trash-alt"></i></div>
+								<div class="btn text-muted btn-delete-sketch" title="Supprimer" onclick="hackpoint_sketch_delete(this);"><i class="far fa-trash-alt"></i></div>
 							</div>
 							<div class="btn-group mr-2" role="group" aria-label="Properties">
 								<label for="state" class="input-group-text pointer m-0">
-									<input id="state" name="state" class="form-control" onclick="hackpoint_sketch_save();" <?php echo $sketch->state?'checked="checked"':''; ?> type="checkbox" data-type="checkbox"> Public
+									<input id="state" name="state" class="form-control editable-input" onclick="hackpoint_sketch_save();" <?php echo $sketch->state?'checked="checked"':''; ?> type="checkbox" data-type="checkbox"> Public
 								</label>
 							</div>
 							<div class="btn-group" role="group" aria-label="Save">
@@ -65,7 +65,7 @@ if(!$sketch) throw new Exception("Sketch supprimé ou inexistant");
 						</div>
 					</div>
 				</div>
-				<input type="text" id="comment" name="comment" onblur="hackpoint_sketch_save();" class="form-control-plaintext text-muted m-0 input-sm" value="<?php echo $sketch->comment; ?>">
+				<input type="text" id="comment" name="comment" onblur="hackpoint_sketch_save();" class="form-control-plaintext text-muted m-0 input-sm editable-input" value="<?php echo $sketch->comment; ?>">
 
 				<div id="sketch-editor"></div>
 

plugin/hackpoint/types/JsType.class.php

@@ -24,7 +24,7 @@ class JsType extends ReadmeType{
 			'html'=>'<textarea id="content" onblur="hackpoint_resource_save_content()" class="arduino-text">'.$resource->content.'</textarea>',
 			'javascript' => "
 				hackpoint_resource_mirrorify('.arduino-text',{
-					mode : 'js',	
+					mode : 'javascript',	
 					lineNumbers : true,
 					theme : 'monokai',
 					readOnly : false

plugin/hackpoint/types/PartType.class.php

@@ -73,7 +73,7 @@ class PartType {
 				<div class="col-md-12">
 					
 
-					<div class="btn btn-dark" onclick="hackpoint_part_add()"><i class="far fa-plus-square pr-1"></i> Ajouter un composant</div>
+					<div class="btn btn-dark btn-add-part" onclick="hackpoint_part_add()"><i class="far fa-plus-square pr-1"></i> Ajouter un composant</div>
 
 					
 
@@ -96,7 +96,7 @@ class PartType {
 									</div>
 								</div>
 
-								<div class="brand w-100 mt-2 mb-2">
+								<div class="brand w-100 mt-2 mb-3">
 				                	<div class="input-group">
 				                	 <div class="input-group-prepend">
 									    <span class="input-group-text">Marque</span>
@@ -109,7 +109,8 @@ class PartType {
 				              
 				                 <a onclick="hackpoint_part_find(this)" title="Chercher sur le net" class="link"><i class="fas fa-globe-americas pointer"></i></a>
 				                 <div class="btn btn-delete" onclick="hackpoint_resource_part_delete(this);"><i class="far fa-trash-alt"></i></div>
-				                 <div class="btn btn-dark w-100 mb-3" onclick="hackpoint_part_save(this)"><i class="far fa-check-circle"></i>Valider</div>
+				                 <div class="clear"></div>
+				                 <div class="btn btn-dark w-100 mb-3 btn-save-part" onclick="hackpoint_part_save(this)"><i class="far fa-check-circle"></i>Valider</div>
 			                 </div>
 						</li>
 					</ul>