From d9a6fa507ba5ffa2c738f699e19c8b0c8c7418eb Mon Sep 17 00:00:00 2001
From: Rasmus Fuhse <fuhse@data-quest.de>
Date: Thu, 1 Dec 2016 14:14:49 +0100
Subject: [PATCH] re #23

---
 PluginMarket.class.php               |  2 +-
 classes/MarketPlugin.class.php       | 16 ++++++++++++----
 classes/MarketPluginUsage.php        |  5 ++++-
 controllers/approving.php            |  2 +-
 migrations/06_add_moderator_role.php | 17 +++++++++++++++++
 5 files changed, 35 insertions(+), 7 deletions(-)
 create mode 100755 migrations/06_add_moderator_role.php

diff --git a/PluginMarket.class.php b/PluginMarket.class.php
index 8075546..c47badf 100755
--- a/PluginMarket.class.php
+++ b/PluginMarket.class.php
@@ -41,7 +41,7 @@ class PluginMarket extends StudIPPlugin implements SystemPlugin, HomepagePlugin
                 }
             }
         }
-        if ($GLOBALS['perm']->have_perm("root")) {
+        if (RolePersistence::isAssignedRole($GLOBALS['user']->id, "Pluginbeauftragter")) {
             $approving = new Navigation(_("Qualit�tssicherung"), PluginEngine::getURL($this, array(), "approving/overview"));
             $top->addSubNavigation("approving", $approving);
         }
diff --git a/classes/MarketPlugin.class.php b/classes/MarketPlugin.class.php
index 9a6960a..1f40f62 100755
--- a/classes/MarketPlugin.class.php
+++ b/classes/MarketPlugin.class.php
@@ -51,9 +51,16 @@ class MarketPlugin extends SimpleORMap {
     public function requestReview() {
         if ($this->content['publiclyvisible'] && !$this->content_db['publiclyvisible'] && !$this['approved']) {
             $messaging = new messaging();
-            foreach (User::findByPerms("root") as $rootuser) {
+            $statement = DBManager::get()->prepare("
+                SELECT roles_user.user_id
+                FROM roles
+                    INNER JOIN roles_user ON (roles.roleid = roles_user.roleid)
+                WHERE roles.rolename = 'Pluginbeauftragter'
+            ");
+            $statement->execute();
+            foreach ($statement->fetchAll(PDO::FETCH_COLUMN, 0) as $beauftragter) {
                 $messaging->sendSystemMessage(
-                    $rootuser['user_id'],
+                    $beauftragter,
                     sprintf(_("Plugin %s braucht ein Review"), $this['name']),
                     _("Auf dem Marktplatz wurde ein neues Plugin �ffentlich geschaltet. Es kann allerdings erst �ffentlich auf dem Marktplatz erscheinen, wenn Sie das Plugin einmal reviewt haben und freischalten. Gehen Sie auf den Pluginmarktplatz und den Reiter 'Qualit�tssicherung'.")
                 );
@@ -63,12 +70,13 @@ class MarketPlugin extends SimpleORMap {
 
     public function isWritable($user_id = null) {
         $user_id || $user_id = $GLOBALS['user']->id;
-        return ($this['user_id'] === $user_id) || $GLOBALS['perm']->have_perm("root", $user_id);
+        return ($this['user_id'] === $user_id) || $this->isRootable($user_id);
     }
 
     public function isRootable($user_id = null) {
         $user_id || $user_id = $GLOBALS['user']->id;
-        return $GLOBALS['perm']->have_perm("root", $user_id);
+        return $GLOBALS['perm']->have_perm("root", $user_id)
+                || RolePersistence::isAssignedRole($user_id, "Pluginbeauftragter");
     }
 
     public function getLogoURL($absolute_url = false)
diff --git a/classes/MarketPluginUsage.php b/classes/MarketPluginUsage.php
index 2a5530e..9bbf82b 100755
--- a/classes/MarketPluginUsage.php
+++ b/classes/MarketPluginUsage.php
@@ -32,7 +32,10 @@ class MarketPluginUsage extends SimpleORMap
     }
 
     public function isEditable() {
-        return $GLOBALS['perm']->have_perm('root') || $this->user_id == User::findCurrent() || $this->plugin->user_id == User::findCurrent()->id;
+        return $GLOBALS['perm']->have_perm('root')
+                || $this->user_id == User::findCurrent()
+                || $this->plugin->user_id == User::findCurrent()->id
+                || RolePersistence::isAssignedRole(User::findCurrent()->id, "Pluginbeauftragter");
     }
 
 }
diff --git a/controllers/approving.php b/controllers/approving.php
index d0cfa36..8573e31 100755
--- a/controllers/approving.php
+++ b/controllers/approving.php
@@ -7,7 +7,7 @@ class ApprovingController extends MarketController
     function before_filter(&$action, &$args)
     {
         parent::before_filter($action, $args);
-        if (!$GLOBALS['perm']->have_perm("root")) {
+        if (!RolePersistence::isAssignedRole($GLOBALS['user']->id, "Pluginbeauftragter")) {
             throw new AcessDeniedException("Kein Zutritt");
         }
 
diff --git a/migrations/06_add_moderator_role.php b/migrations/06_add_moderator_role.php
new file mode 100755
index 0000000..45f7ce9
--- /dev/null
+++ b/migrations/06_add_moderator_role.php
@@ -0,0 +1,17 @@
+<?php
+
+class AddModeratorRole extends Migration {
+
+    public function up() {
+
+        DBManager::get()->exec("
+            INSERT IGNORE INTO `roles` (`rolename`, `system`)
+            VALUES
+                ('Pluginbeauftragter', 'n');
+        ");
+    }
+
+    public function down() {
+    }
+
+}
-- 
GitLab