EDUCATIC
/
h5p-php-library
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

OPPG-414: Specific permission for updating libraries 

Added a permission.
Added a new function to H5PFrameworkInterface for testing if allowed to update library
Added apropriate tests.
namespaces
Frank Ronny Larsen 2013-06-30 16:39:17 +02:00
parent a34d0ea3e7
commit 312bd0f8b5
1 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
h5p.classes.php
View File

@ -70,7 +70,7 @@ interface H5PFrameworkInterface {
public function getLibraryId($machineName, $majorVersion, $minorVersion); public function getLibraryId($machineName, $majorVersion, $minorVersion);
/** /**
* Is the library a patched version of an excisting library? * Is the library a patched version of an existing library?
* *
* @param object $library * @param object $library
* The library data for a library we are checking * The library data for a library we are checking
@ -80,6 +80,17 @@ interface H5PFrameworkInterface {
*/ */
public function isPatchedLibrary($library); public function isPatchedLibrary($library);
/**
* Is the current user allowed to update the library data?
*
* @param object $library
* The library data for a library we are checking
* @return boolean
* TRUE if the user us allowed to update with the given library data OR the library already exists with the current version levels.
* FALSE if the user is not allowed to update or create the library.
*/
public function isAllowedLibraryUpdate($library);
/** /**
* Store data about a library * Store data about a library
* *
@ -422,6 +433,12 @@ class H5PValidator {
return FALSE; return FALSE;
} }
// check if allowed to update this library
if (! $this->h5pF->isAllowedLibraryUpdate($h5pData)) {
$this->h5pF->setErrorMessage($this->h5pF->t('Not allowed to update library %name', array('%name' => $h5pData['machineName'])));
return FALSE;
}
// validate json if a semantics file is provided // validate json if a semantics file is provided
$semanticsPath = $filePath . DIRECTORY_SEPARATOR . 'semantics.json'; $semanticsPath = $filePath . DIRECTORY_SEPARATOR . 'semantics.json';
if (file_exists($semanticsPath)) { if (file_exists($semanticsPath)) {
@ -813,6 +830,12 @@ class H5PStorage {
$library['saveDependencies'] = FALSE; $library['saveDependencies'] = FALSE;
continue; continue;
} }
// If we're not allowed to save, we should not be here at all. But just
// in case, we check again.
if (! $this->h5pF->isAllowedLibraryUpdate($library)) {
continue;
}
$this->h5pF->saveLibraryData($library, $new); $this->h5pF->saveLibraryData($library, $new);
$current_path = $this->h5pF->getUploadedH5pFolderPath() . DIRECTORY_SEPARATOR . $key; $current_path = $this->h5pF->getUploadedH5pFolderPath() . DIRECTORY_SEPARATOR . $key;