diff --git a/Admin/Installer.php b/Admin/Installer.php
index 74e9654..d34e9c5 100644
--- a/Admin/Installer.php
+++ b/Admin/Installer.php
@@ -52,7 +52,8 @@ class Installer extends InstallerAbstract
`nav_from` varchar(255) DEFAULT NULL,
`nav_order` smallint(3) DEFAULT NULL,
`nav_parent` int(11) DEFAULT NULL,
- `nav_permission` int(11) DEFAULT NULL,
+ `nav_permission_type` int(11) DEFAULT NULL,
+ `nav_permission_element` int(11) DEFAULT NULL,
PRIMARY KEY (`nav_id`)
)ENGINE=InnoDB DEFAULT CHARSET=utf8;'
)->execute();
@@ -63,8 +64,8 @@ class Installer extends InstallerAbstract
/**
* Install data from providing modules.
*
- * @param DatabasePool $dbPool Database pool
- * @param array $data Module info
+ * @param DatabasePool $dbPool Database pool
+ * @param array $data Module info
*
* @return void
*
@@ -86,9 +87,8 @@ class Installer extends InstallerAbstract
/**
* Install navigation element.
*
- * @param DatabasePool $dbPool Database instance
- * @param array $data Link info
- * @param int $parent Parent element (default is 0 for none)
+ * @param DatabasePool $dbPool Database instance
+ * @param array $data Link info
*
* @return void
*
@@ -97,8 +97,8 @@ class Installer extends InstallerAbstract
private static function installLink($dbPool, $data)
{
$sth = $dbPool->get()->con->prepare(
- 'INSERT INTO `' . $dbPool->get()->prefix . 'nav` (`nav_id`, `nav_pid`, `nav_name`, `nav_type`, `nav_subtype`, `nav_icon`, `nav_uri`, `nav_target`, `nav_from`, `nav_order`, `nav_parent`, `nav_permission`) VALUES
- (:id, :pid, :name, :type, :subtype, :icon, :uri, :target, :from, :order, :parent, :perm);'
+ 'INSERT INTO `' . $dbPool->get()->prefix . 'nav` (`nav_id`, `nav_pid`, `nav_name`, `nav_type`, `nav_subtype`, `nav_icon`, `nav_uri`, `nav_target`, `nav_from`, `nav_order`, `nav_parent`, `nav_permission_type`, `nav_permission_element`) VALUES
+ (:id, :pid, :name, :type, :subtype, :icon, :uri, :target, :from, :order, :parent, :perm_type, :perm_element);'
);
$sth->bindValue(':id', $data['id'] ?? 0, \PDO::PARAM_INT);
@@ -109,10 +109,11 @@ class Installer extends InstallerAbstract
$sth->bindValue(':icon', $data['icon'] ?? null, \PDO::PARAM_STR);
$sth->bindValue(':uri', $data['uri'] ?? null, \PDO::PARAM_STR);
$sth->bindValue(':target', $data['target'] ?? "self", \PDO::PARAM_STR);
- $sth->bindValue(':from', $data['from'] ?? 0, \PDO::PARAM_INT);
+ $sth->bindValue(':from', $data['from'] ?? 0, \PDO::PARAM_STR);
$sth->bindValue(':order', $data['order'] ?? 1, \PDO::PARAM_INT);
$sth->bindValue(':parent', $data['parent'], \PDO::PARAM_INT);
- $sth->bindValue(':perm', $data['permission'] ?? 0, \PDO::PARAM_INT);
+ $sth->bindValue(':perm_type', $data['permission']['type'] ?? null, \PDO::PARAM_INT);
+ $sth->bindValue(':perm_element', $data['permission']['element'] ?? null, \PDO::PARAM_INT);
$sth->execute();
diff --git a/Controller.php b/Controller.php
index 3587d13..0f7c0f0 100644
--- a/Controller.php
+++ b/Controller.php
@@ -97,7 +97,7 @@ class Controller extends ModuleAbstract implements WebInterface
*/
public function createNavigationMid(int $pageId, RequestAbstract $request, ResponseAbstract $response)
{
- $nav = Navigation::getInstance($request, $this->app->dbPool);
+ $nav = Navigation::getInstance($request, $this->app->accountManager->get($request->getHeader()->getAccount()), $this->app->dbPool);
$navView = new NavigationView($this->app, $request, $response);
$navView->setTemplate('/Modules/Navigation/Theme/Backend/mid');
$navView->setNav($nav->getNav());
@@ -119,7 +119,7 @@ class Controller extends ModuleAbstract implements WebInterface
*/
public function getView(RequestAbstract $request, ResponseAbstract $response) : NavigationView
{
- $navObj = \Modules\Navigation\Models\Navigation::getInstance($request, $this->app->dbPool);
+ $navObj = \Modules\Navigation\Models\Navigation::getInstance($request, $this->app->accountManager->get($request->getHeader()->getAccount()), $this->app->dbPool);
$nav = new \Modules\Navigation\Views\NavigationView($this->app, $request, $response);
$nav->setNav($navObj->getNav());
$nav->setLanguage($request->getHeader()->getL11n()->getLanguage());
@@ -173,8 +173,9 @@ class Controller extends ModuleAbstract implements WebInterface
*/
public function createNavigationSplash(int $pageId, RequestAbstract $request, ResponseAbstract $response)
{
- $nav = Navigation::getInstance($request, $this->app->dbPool);
+ $nav = Navigation::getInstance($request, $this->app->accountManager->get($request->getHeader()->getAccount()), $this->app->dbPool);
$navView = new NavigationView($this->app, $request, $response);
+
$navView->setTemplate('/Modules/Navigation/Theme/Backend/splash');
$navView->setNav($nav->getNav());
$navView->setLanguage($request->getHeader()->getL11n()->getLanguage());
diff --git a/Models/Navigation.php b/Models/Navigation.php
index 2e9125d..d934756 100644
--- a/Models/Navigation.php
+++ b/Models/Navigation.php
@@ -16,6 +16,8 @@ namespace Modules\Navigation\Models;
use phpOMS\DataStorage\Database\DatabasePool;
use phpOMS\Message\RequestAbstract;
+use phpOMS\Account\Account;
+use phpOMS\Account\PermissionType;
/**
* Navigation class.
@@ -58,33 +60,35 @@ class Navigation
* Constructor.
*
* @param RequestAbstract $request Request hashes
- * @param DatabasePool $dbPool Database pool
+ * @param Account $account Account
+ * @param DatabasePool $dbPool Database pool
*
* @since 1.0.0
*/
- private function __construct(RequestAbstract $request, DatabasePool $dbPool = null)
+ private function __construct(RequestAbstract $request, Account $account, DatabasePool $dbPool = null)
{
$this->dbPool = $dbPool;
- $this->load($request->getHash());
+ $this->load($request->getHash(), $account);
}
/**
* Load navigation based on request.
*
- * @param string[] $request Request hashes
+ * @param string[] $hashes Request hashes
+ * @param Account $account Account
*
* @return void
*
* @since 1.0.0
*/
- private function load($request)
+ private function load(array $hashes, Account $account)
{
if (empty($this->nav)) {
$this->nav = [];
$uriPdo = '';
$i = 1;
- foreach ($request as $hash) {
+ foreach ($hashes as $hash) {
$uriPdo .= ':pid' . $i . ',';
$i++;
}
@@ -93,25 +97,58 @@ class Navigation
$sth = $this->dbPool->get('select')->con->prepare('SELECT * FROM `' . $this->dbPool->get('select')->prefix . 'nav` WHERE `nav_pid` IN(' . $uriPdo . ') ORDER BY `nav_order` ASC');
$i = 1;
- foreach ($request as $hash) {
+ foreach ($hashes as $hash) {
$sth->bindValue(':pid' . $i, $hash, \PDO::PARAM_STR);
$i++;
}
$sth->execute();
- $tempNav = $sth->fetchAll();
+ $tempNav = $sth->fetchAll(\PDO::FETCH_GROUP);
- foreach ($tempNav as $link) {
- $this->nav[$link['nav_type']][$link['nav_subtype']][$link['nav_id']] = $link;
+ foreach ($tempNav as $id => $link) {
+ $isReadable = $account->hasPermission(
+ PermissionType::READ,
+ null,
+ null,
+ $link[0]['from'], $link[0]['permission']['type'],
+ $link[0]['permission']['type']['element']
+ );
+
+ if ($isReadable) {
+ $tempNav[$id][0]['readable'] = true;
+
+ $this->setReadable($tempNav, $tempNav[$id][0]['paremt']);
+ }
}
+
+ foreach ($tempNav as $id => $link) {
+ if (isset($link[0]['readable']) && $link[0]['readable']) {
+ $this->nav[$link[0]['nav_type']][$link[0]['nav_subtype']][$id] = $link[0];
+ }
+ }
+ }
+ }
+
+ private function setReadable(array &$nav, $parent)
+ {
+ if (isset($nav[$parent])) {
+ $nav[$parent][0]['readable'] = true;
+ }
+
+ if (isset($nav[$nav[$parent][0]['parent']])
+ && (!isset($nav[$nav[$parent][0]['parent']][0]['readable'])
+ || !$nav[$nav[$parent][0]['parent']][0]['readable'])
+ ) {
+ $this->setReadable($nav, $nav[$parent][0]['parent']);
}
}
/**
* Get instance.
*
- * @param RequestAbstract $request Request hashes
- * @param DatabasePool $dbPool Database pool
+ * @param RequestAbstract $hashes Request hashes
+ * @param Account $account Account
+ * @param DatabasePool $dbPool Database pool
*
* @return \Modules\Navigation\Models\Navigation
*
@@ -119,14 +156,14 @@ class Navigation
*
* @since 1.0.0
*/
- public static function getInstance(RequestAbstract $request = null, DatabasePool $dbPool = null)
+ public static function getInstance(RequestAbstract $hashes = null, Account $account, DatabasePool $dbPool = null)
{
if (!isset(self::$instance)) {
- if (!isset($request) || !isset($dbPool)) {
+ if (!isset($hashes) || !isset($dbPool)) {
throw new \Exception('Invalid parameters');
}
- self::$instance = new self($request, $dbPool);
+ self::$instance = new self($hashes, $account, $dbPool);
}
return self::$instance;
@@ -141,7 +178,14 @@ class Navigation
{
}
- public function getNav()
+ /**
+ * Get navigation based on account permissions
+ *
+ * @return array
+ *
+ * @since 1.0.0
+ */
+ public function getNav() : array
{
return $this->nav;
}
diff --git a/Theme/Backend/side.tpl.php b/Theme/Backend/side.tpl.php
index 3c7bcad..d8388e3 100644
--- a/Theme/Backend/side.tpl.php
+++ b/Theme/Backend/side.tpl.php
@@ -25,7 +25,7 @@ if (isset($this->nav[\Modules\Navigation\Models\NavigationType::SIDE])) : ?>
getHtml($parent['nav_name']) ?>
nav[\Modules\Navigation\Models\NavigationType::SIDE][\Modules\Navigation\Models\LinkType::LINK] as $key2 => $link) :
- if ($link['nav_parent'] === $parent['nav_id']) : ?>
+ if ($link['nav_parent'] === $key) : ?>
getHtml($link['nav_name']) ?>
nav[\Modules\Navigation\Models\NavigationType::SIDE])) : ?>