Congegni/sintonia
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

CC-6106: Permission problems with bulk and single edit in the Dashboard

Browse source
This commit is contained in:
drigato 2015-08-28 13:40:38 -04:00
parent f36ff944c2
commit 6811646aaa
3 changed files with 27 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
airtime_mvc/application/controllers/LibraryController.php
View file

@ -434,14 +434,17 @@ class LibraryController extends Zend_Controller_Action
$file_id = $this->_getParam('id', null);
$file = Application_Model_StoredFile::RecallById($file_id);
if (!$isAdminOrPM && $file->getFileOwnerId() != $user->getId()) {
return;
}
$form = new Application_Form_EditAudioMD();
$form->startForm($file_id);
$form->populate($file->getDbColMetadata());
$this->view->permissionDenied = false;
if (!$isAdminOrPM && $file->getFileOwnerId() != $user->getId()) {
$form->makeReadOnly();
$form->removeActionButtons();
$this->view->permissionDenied = true;
}
if ($request->isPost()) {
$js = $this->_getParam('data');
@ -460,7 +463,6 @@ class LibraryController extends Zend_Controller_Action
}
$this->view->form = $form;
Logging::info($this->view->form);
$this->view->id = $file_id;
$this->view->title = $file->getPropelOrm()->getDbTrackTitle();
$this->view->type = "md";