Make entryproperties plugin also restrict viewability depending on the author, and...

diff --git a/plugins/serendipity_event_entryproperties/serendipity_event_entryproperties.php b/plugins/serendipity_event_entryproperties/serendipity_event_entryproperties.php
index 257863e4dbcd5d45500c574d3a9e0d8467ea47ef..077870b1f3ba6cde5b3952084659981c4f4ac5b2 100644 (file)
--- a/plugins/serendipity_event_entryproperties/serendipity_event_entryproperties.php
+++ b/plugins/serendipity_event_entryproperties/serendipity_event_entryproperties.php
@@ -29,6 +29,8 @@ switch ($serendipity['lang']) {
         @define('PLUGIN_EVENT_ENTRYPROPERTIES_NO_FRONTPAGE', 'Nicht in Artikelübersicht zeigen');
         @define('PLUGIN_EVENT_ENTRYPROPERTIES_GROUPS', 'Leserechte auf Gruppen beschränken');
         @define('PLUGIN_EVENT_ENTRYPROPERTIES_GROUPS_DESC', 'Wenn aktiviert, können Leserechte abhängig von Gruppen vergeben werden. Dies wirkt sich auf die Performance der Artikelübersicht stark aus. Aktivieren Sie die Option daher nur, wenn Sie sie wirklich benötigen.');
+        @define('PLUGIN_EVENT_ENTRYPROPERTIES_USERS', 'Leserechte auf Benutzer beschränken');
+        @define('PLUGIN_EVENT_ENTRYPROPERTIES_USERS_DESC', 'Wenn aktiviert, können Leserechte abhängig von einzelnen Benutzern vergeben werden. Dies wirkt sich auf die Performance der Artikelübersicht stark aus. Aktivieren Sie die Option daher nur, wenn Sie sie wirklich benötigen.');
         break;
 
     case 'en':
@@ -55,6 +57,8 @@ switch ($serendipity['lang']) {
         @define('PLUGIN_EVENT_ENTRYPROPERTIES_NO_FRONTPAGE', 'Hide from article overview / frontpage');
         @define('PLUGIN_EVENT_ENTRYPROPERTIES_GROUPS', 'Use group-based restrictions');
         @define('PLUGIN_EVENT_ENTRYPROPERTIES_GROUPS_DESC', 'If enabled, you can define which users of a usergroup may be able to read entries. This option has a large impact on the performance of your article overview. Only enable this if you are really going to use this feature.');
+        @define('PLUGIN_EVENT_ENTRYPROPERTIES_GROUPS', 'Use user-based restrictions');
+        @define('PLUGIN_EVENT_ENTRYPROPERTIES_GROUPS_DESC', 'If enabled, you can define which specific users may be able to read entries. This option has a large impact on the performance of your article overview. Only enable this if you are really going to use this feature.');
         break;
 }
 
@@ -71,7 +75,7 @@ class serendipity_event_entryproperties extends serendipity_event
         $propbag->add('description',   PLUGIN_EVENT_ENTRYPROPERTIES_DESC);
         $propbag->add('stackable',     false);
         $propbag->add('author',        'Garvin Hicking');
-        $propbag->add('version',       '1.2');
+        $propbag->add('version',       '1.3');
         $propbag->add('requirements',  array(
             'serendipity' => '0.8',
             'smarty'      => '2.6.7',
@@ -94,7 +98,7 @@ class serendipity_event_entryproperties extends serendipity_event
             'frontend_entryproperties_query'                    => true
         ));
         $propbag->add('groups', array('BACKEND_EDITOR'));
-        $propbag->add('configuration', array('cache', 'use_groups', 'default_read'));
+        $propbag->add('configuration', array('cache', 'use_groups', 'use_users', 'default_read'));
     }
 
     function introspect_config_item($name, &$propbag)
@@ -120,6 +124,13 @@ class serendipity_event_entryproperties extends serendipity_event
                 $propbag->add('default',     'false');
                 break;
 
+            case 'use_users':
+                $propbag->add('type',        'boolean');
+                $propbag->add('name',        PLUGIN_EVENT_ENTRYPROPERTIES_USERS);
+                $propbag->add('description', PLUGIN_EVENT_ENTRYPROPERTIES_USERS_DESC);
+                $propbag->add('default',     'false');
+                break;
+
             case 'cache':
                 $propbag->add('type',        'boolean');
                 $propbag->add('name',        PLUGIN_EVENT_ENTRYPROPERTIES_CACHE);
@@ -167,7 +178,7 @@ class serendipity_event_entryproperties extends serendipity_event
     }
 
     function getSupportedProperties() {
-        static $supported_properties = array('is_sticky', 'access', 'access_groups', 'cache_body', 'cache_extended', 'no_nl2br', 'no_frontpage');
+        static $supported_properties = array('is_sticky', 'access', 'access_groups', 'access_users', 'cache_body', 'cache_extended', 'no_nl2br', 'no_frontpage');
 
         return $supported_properties;
     }
@@ -209,8 +220,9 @@ class serendipity_event_entryproperties extends serendipity_event
         global $serendipity;
 
         $hooks = &$bag->get('event_hooks');
-        $is_cache = serendipity_db_bool($this->get_config('cache', 'true'));
+        $is_cache   = serendipity_db_bool($this->get_config('cache', 'true'));
         $use_groups = serendipity_db_bool($this->get_config('use_groups'));
+        $use_users  = serendipity_db_bool($this->get_config('use_users'));
 
         if (isset($hooks[$event])) {
             switch($event) {
@@ -255,6 +267,14 @@ class serendipity_event_entryproperties extends serendipity_event
                     } else {
                         $access_groups = array();
                     }
+
+                    if (isset($eventData['properties']['ep_access_users'])) {
+                        $access_users = explode(';', $eventData['properties']['ep_access_users']);
+                    } elseif (isset($serendipity['POST']['properties']['access_users'])) {
+                        $access_users = $serendipity['POST']['properties']['access_users'];
+                    } else {
+                        $access_users = array();
+                    }
 ?>
                     <fieldset style="margin: 5px">
                         <legend><?php echo PLUGIN_EVENT_ENTRYPROPERTIES_TITLE; ?></legend>
@@ -287,6 +307,19 @@ class serendipity_event_entryproperties extends serendipity_event
                         foreach($my_groups AS $group) {
 ?>
                                 <option value="<?php echo $group['id']; ?>" <?php echo (in_array($group['id'], $access_groups) ? 'selected="selected"' : ''); ?>><?php echo htmlspecialchars($group['name']); ?></option>
+<?php
+                        }
+                        echo '</select>';
+                    }
+
+                    if ($use_users) {
+?>
+                        <br /><select onchange="document.getElementById('properties_access_member').checked = true;" style="margin-left: 5px" multiple="multiple" name="serendipity[properties][access_users][]" size="4">
+<?php
+                        $users = serendipity_fetchUsers();
+                        foreach($users AS $user) {
+?>
+                            <option value="<?php echo $user['authorid']; ?>" <?php echo (in_array($user['authorid'], $access_users) ? 'selected="selected"' : ''); ?>><?php echo htmlspecialchars($user['realname']); ?></option>
 <?php
                         }
                         echo '</select>';
@@ -437,6 +470,10 @@ class serendipity_event_entryproperties extends serendipity_event
                         unset($serendipity['POST']['properties']['access_groups']);
                     }
 
+                    if (is_array($serendipity['POST']['properties']['access_users']) && $serendipity['POST']['properties']['access'] != 'member') {
+                        unset($serendipity['POST']['properties']['access_users']);
+                    }
+
                     $this->addProperties($serendipity['POST']['properties'], $eventData);
 
                     return true;
@@ -486,9 +523,13 @@ class serendipity_event_entryproperties extends serendipity_event
                                 $groupcond[] .= "ep_access_groups.value LIKE '%;$mygroup;%'";
                             }
                             if (count($groupcond) > 1) {
-                                $conds[] = " (ep_access_groups.property IS NULL OR ep_access.value = 'member' AND (" . implode(' OR ', $groupcond) . "))";
+                                $conds[] = " (ep_access_groups.property IS NULL OR (ep_access.value = 'member' AND (" . implode(' OR ', $groupcond) . ")))";
                             }
                         }
+                        
+                        if ($use_users) {
+                            $conds[] = " (ep_access_users.property IS NULL OR (ep_access.value = 'member' AND ep_access_users.value LIKE '%;" . (int)$serendipity['authorid'] . ";%' ";
+                        }
                     } else {
                         $conds[] = " (ep_access.property IS NULL OR ep_access.value = 'public') ";
                     }
@@ -547,6 +588,11 @@ class serendipity_event_entryproperties extends serendipity_event
                                                  ON (e.id = ep_access_groups.entryid AND ep_access_groups.property = 'ep_access_groups')";
                     }
 
+                    if ($use_users) {
+                        $joins[] = "LEFT OUTER JOIN {$serendipity['dbPrefix']}entryproperties ep_access_users
+                                                 ON (e.id = ep_access_users.entryid AND ep_access_users.property = 'ep_access_users')";
+                    }
+
                     if (!isset($addData['noSticky']) || $addData['noSticky'] !== true) {
                         $joins[] = "LEFT JOIN {$serendipity['dbPrefix']}entryproperties ep_sticky
                                                  ON (e.id = ep_sticky.entryid AND ep_sticky.property = 'ep_is_sticky')";