From 7d5e4457891f5229210d81c67b2d9fae94158ecc Mon Sep 17 00:00:00 2001
From: Rasmus Fuhse <fuhse@data-quest.de>
Date: Thu, 30 Oct 2014 13:56:40 +0100
Subject: [PATCH] bugfixing adding new releases

---
 controllers/myplugins.php        | 10 ++++++++++
 plugin.manifest                  |  2 +-
 views/myplugins/edit_release.php |  1 +
 views/presenting/details.php     | 15 +++++++++++++--
 4 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/controllers/myplugins.php b/controllers/myplugins.php
index b3a5ecf..a935ece 100644
--- a/controllers/myplugins.php
+++ b/controllers/myplugins.php
@@ -45,6 +45,10 @@ class MypluginsController extends PluginController {
 
     public function edit_release_action($release_id) {
         $this->release = new MarketRelease($release_id);
+        $this->marketplugin = new MarketPlugin(Request::option("plugin_id") ?: null);
+        if (!$this->marketplugin->isNew() && !$this->marketplugin->isWritable()) {
+            throw new AccessDeniedException("Kein Zugriff");
+        }
         if (Request::isXhr()) {
             $this->response->add_header('X-Title', _("Release bearbeiten"));
             $this->set_layout(null);
@@ -139,6 +143,12 @@ class MypluginsController extends PluginController {
             throw new Exception("Method not allowed. Try a POST request.");
         }
         $this->release = new MarketRelease(Request::option("id"));
+        $this->release['plugin_id'] = Request::option("plugin_id");
+        $this->release['user_id'] = $GLOBALS['user']->id;
+        $this->marketplugin = new MarketPlugin(Request::option("plugin_id") ?: null);
+        if (!$this->marketplugin->isNew() && !$this->marketplugin->isWritable()) {
+            throw new AccessDeniedException("Kein Zugriff");
+        }
         $release_data = Request::getArray("release");
         $this->release->setData($release_data);
         if ($release_data['type'] === "zipfile") {
diff --git a/plugin.manifest b/plugin.manifest
index e86098c..d9e5f90 100644
--- a/plugin.manifest
+++ b/plugin.manifest
@@ -1,4 +1,4 @@
 pluginname=PluginMarktplatz
 pluginclassname=PluginMarket
 origin=studip
-version=1.0.3
\ No newline at end of file
+version=1.0.4
\ No newline at end of file
diff --git a/views/myplugins/edit_release.php b/views/myplugins/edit_release.php
index 5fcae4a..5122f3a 100644
--- a/views/myplugins/edit_release.php
+++ b/views/myplugins/edit_release.php
@@ -1,5 +1,6 @@
 <form action="<?= PluginEngine::getLink($plugin, array(), "myplugins/save_release") ?>" method="post" class="studip_form" enctype="multipart/form-data">
     <input type="hidden" name="id" value="<?= $release->getId() ?>">
+    <input type="hidden" name="plugin_id" value="<?= $marketplugin->getId() ?>">
     <?= $this->render_partial("myplugins/_edit_release.php", array('release' => $release)) ?>
 
     <div data-dialog-button>
diff --git a/views/presenting/details.php b/views/presenting/details.php
index c2fa0ac..eb1e614 100644
--- a/views/presenting/details.php
+++ b/views/presenting/details.php
@@ -110,7 +110,7 @@ if ($icon) {
             <td><?= htmlReady($release->getChecksum()) ?></td>
             <td><?= htmlReady($release['downloads']) ?></td>
             <td>
-                <? if ($marketplugin['user_id'] === $GLOBALS['user']->id) : ?>
+                <? if ($marketplugin->isWritable()) : ?>
                     <a href="<?= PluginEngine::getLink($plugin, array(), "myplugins/edit_release/".$release->getId()) ?>" data-dialog>
                         <?= Assets::img("icons/20/blue/edit", array('class' => "text-bottom")) ?>
                     </a>
@@ -124,6 +124,17 @@ if ($icon) {
         </tr>
     <? endforeach ?>
     </tbody>
+    <? if ($marketplugin->isWritable()) : ?>
+        <tfoot>
+        <tr>
+            <td colspan="6">
+                <a href="<?= PluginEngine::getLink($plugin, array('plugin_id' => $marketplugin->getId()), "myplugins/add_release/".$marketplugin->getId()) ?>" data-dialog>
+                    <?= Assets::img("icons/20/blue/add") ?>
+                </a>
+            </td>
+        </tr>
+        </tfoot>
+    <? endif ?>
 </table>
 
 
@@ -249,6 +260,6 @@ if ($icon) {
 <? if ($marketplugin->isWritable()) : ?>
 <div style="text-align: center">
     <?= \Studip\LinkButton::create(_("bearbeiten"), PluginEngine::getURL($plugin, array(), "myplugins/edit/".$marketplugin->getId()), array('data-dialog' => 1)) ?>
-    <?= \Studip\LinkButton::create(_("Release hinzuf�gen"), PluginEngine::getURL($plugin, array(), "myplugins/add_release/".$marketplugin->getId()), array('data-dialog' => 1)) ?>
+    <?= \Studip\LinkButton::create(_("Release hinzuf�gen"), PluginEngine::getURL($plugin, array('plugin_id' => $marketplugin->getId()), "myplugins/add_release/".$marketplugin->getId()), array('data-dialog' => 1)) ?>
 </div>
 <? endif ?>
\ No newline at end of file
-- 
GitLab