<?php
/**
* @package Joomla.Administrator
* @subpackage com_content
*
* @copyright Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('_JEXEC') or die;
use Joomla\Utilities\ArrayHelper;
/**
* The article controller
*
* @since 1.6
*/
class ContentControllerArticle extends JControllerForm
{
/**
* Class constructor.
*
* @param array $config A named array of configuration variables.
*
* @since 1.6
*/
public function __construct($config = array())
{
parent::__construct($config);
// An article edit form can come from the articles or featured view.
// Adjust the redirect view on the value of 'return' in the request.
if ($this->input->get('return') == 'featured')
{
$this->view_list = 'featured';
$this->view_item = 'article&return=featured';
}
}
/**
* Method override to check if you can add a new record.
*
* @param array $data An array of input data.
*
* @return boolean
*
* @since 1.6
*/
protected function allowAdd($data = array())
{
$categoryId = ArrayHelper::getValue($data, 'catid', $this->input->getInt('filter_category_id'), 'int');
$allow = null;
if ($categoryId)
{
// If the category has been passed in the data or URL check it.
$allow = JFactory::getUser()->authorise('core.create', 'com_content.category.' . $categoryId);
}
if ($allow === null)
{
// In the absense of better information, revert to the component permissions.
return parent::allowAdd();
}
return $allow;
}
/**
* Method override to check if you can edit an existing record.
*
* @param array $data An array of input data.
* @param string $key The name of the key for the primary key.
*
* @return boolean
*
* @since 1.6
*/
protected function allowEdit($data = array(), $key = 'id')
{
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
$user = JFactory::getUser();
// Zero record (id:0), return component edit permission by calling parent controller method
if (!$recordId)
{
return parent::allowEdit($data, $key);
}
// Check edit on the record asset (explicit or inherited)
if ($user->authorise('core.edit', 'com_content.article.' . $recordId))
{
return true;
}
// Check edit own on the record asset (explicit or inherited)
if ($user->authorise('core.edit.own', 'com_content.article.' . $recordId))
{
// Existing record already has an owner, get it
$record = $this->getModel()->getItem($recordId);
if (empty($record))
{
return false;
}
// Grant if current user is owner of the record
return $user->id == $record->created_by;
}
return false;
}
/**
* Method to run batch operations.
*
* @param object $model The model.
*
* @return boolean True if successful, false otherwise and internal error is set.
*
* @since 1.6
*/
public function batch($model = null)
{
$this->checkToken();
// Set the model
/** @var ContentModelArticle $model */
$model = $this->getModel('Article', '', array());
// Preset the redirect
$this->setRedirect(JRoute::_('index.php?option=com_content&view=articles' . $this->getRedirectToListAppend(), false));
return parent::batch($model);
}
}