contact.php
2.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<?php
/**
* @package Joomla.Administrator
* @subpackage com_contact
*
* @copyright Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('_JEXEC') or die;
use Joomla\Utilities\ArrayHelper;
/**
* Controller for a single contact
*
* @since 1.6
*/
class ContactControllerContact extends JControllerForm
{
/**
* Method override to check if you can add a new record.
*
* @param array $data An array of input data.
*
* @return boolean
*
* @since 1.6
*/
protected function allowAdd($data = array())
{
$categoryId = ArrayHelper::getValue($data, 'catid', $this->input->getInt('filter_category_id'), 'int');
$allow = null;
if ($categoryId)
{
// If the category has been passed in the URL check it.
$allow = JFactory::getUser()->authorise('core.create', $this->option . '.category.' . $categoryId);
}
if ($allow === null)
{
// In the absense of better information, revert to the component permissions.
return parent::allowAdd($data);
}
return $allow;
}
/**
* Method override to check if you can edit an existing record.
*
* @param array $data An array of input data.
* @param string $key The name of the key for the primary key.
*
* @return boolean
*
* @since 1.6
*/
protected function allowEdit($data = array(), $key = 'id')
{
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
// Since there is no asset tracking, fallback to the component permissions.
if (!$recordId)
{
return parent::allowEdit($data, $key);
}
// Get the item.
$item = $this->getModel()->getItem($recordId);
// Since there is no item, return false.
if (empty($item))
{
return false;
}
$user = JFactory::getUser();
// Check if can edit own core.edit.own.
$canEditOwn = $user->authorise('core.edit.own', $this->option . '.category.' . (int) $item->catid) && $item->created_by == $user->id;
// Check the category core.edit permissions.
return $canEditOwn || $user->authorise('core.edit', $this->option . '.category.' . (int) $item->catid);
}
/**
* Method to run batch operations.
*
* @param object $model The model.
*
* @return boolean True if successful, false otherwise and internal error is set.
*
* @since 2.5
*/
public function batch($model = null)
{
$this->checkToken();
// Set the model
/** @var ContactModelContact $model */
$model = $this->getModel('Contact', '', array());
// Preset the redirect
$this->setRedirect(JRoute::_('index.php?option=com_contact&view=contacts' . $this->getRedirectToListAppend(), false));
return parent::batch($model);
}
}