first commit

administrator/components/com_content/controllers/article.php

@@ -0,0 +1,160 @@
+<?php
+/**
+ * @package     Joomla.Administrator
+ * @subpackage  com_content
+ *
+ * @copyright   Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
+ * @license     GNU General Public License version 2 or later; see LICENSE.txt
+ */
+
+defined('_JEXEC') or die;
+
+/**
+ * @package     Joomla.Administrator
+ * @subpackage  com_content
+ * @since       1.6
+ */
+class ContentControllerArticle extends JControllerForm
+{
+	/**
+	 * Class constructor.
+	 *
+	 * @param   array  $config  A named array of configuration variables.
+	 *
+	 * @since   1.6
+	 */
+	public function __construct($config = array())
+	{
+		parent::__construct($config);
+
+		// An article edit form can come from the articles or featured view.
+		// Adjust the redirect view on the value of 'return' in the request.
+		if ($this->input->get('return') == 'featured')
+		{
+			$this->view_list = 'featured';
+			$this->view_item = 'article&return=featured';
+		}
+	}
+
+	/**
+	 * Method override to check if you can add a new record.
+	 *
+	 * @param   array  $data  An array of input data.
+	 *
+	 * @return  boolean
+	 *
+	 * @since   1.6
+	 */
+	protected function allowAdd($data = array())
+	{
+		$user = JFactory::getUser();
+		$categoryId = JArrayHelper::getValue($data, 'catid', $this->input->getInt('filter_category_id'), 'int');
+		$allow = null;
+
+		if ($categoryId)
+		{
+			// If the category has been passed in the data or URL check it.
+			$allow = $user->authorise('core.create', 'com_content.category.' . $categoryId);
+		}
+
+		if ($allow === null)
+		{
+			// In the absense of better information, revert to the component permissions.
+			return parent::allowAdd();
+		}
+		else
+		{
+			return $allow;
+		}
+	}
+
+	/**
+	 * Method override to check if you can edit an existing record.
+	 *
+	 * @param   array   $data  An array of input data.
+	 * @param   string  $key   The name of the key for the primary key.
+	 *
+	 * @return  boolean
+	 *
+	 * @since   1.6
+	 */
+	protected function allowEdit($data = array(), $key = 'id')
+	{
+		$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
+		$user = JFactory::getUser();
+		$userId = $user->get('id');
+
+		// Check general edit permission first.
+		if ($user->authorise('core.edit', 'com_content.article.' . $recordId))
+		{
+			return true;
+		}
+
+		// Fallback on edit.own.
+		// First test if the permission is available.
+		if ($user->authorise('core.edit.own', 'com_content.article.' . $recordId))
+		{
+			// Now test the owner is the user.
+			$ownerId = (int) isset($data['created_by']) ? $data['created_by'] : 0;
+			if (empty($ownerId) && $recordId)
+			{
+				// Need to do a lookup from the model.
+				$record = $this->getModel()->getItem($recordId);
+
+				if (empty($record))
+				{
+					return false;
+				}
+
+				$ownerId = $record->created_by;
+			}
+
+			// If the owner matches 'me' then do the test.
+			if ($ownerId == $userId)
+			{
+				return true;
+			}
+		}
+
+		// Since there is no asset tracking, revert to the component permissions.
+		return parent::allowEdit($data, $key);
+	}
+
+	/**
+	 * Method to run batch operations.
+	 *
+	 * @param   object  $model  The model.
+	 *
+	 * @return  boolean   True if successful, false otherwise and internal error is set.
+	 *
+	 * @since   1.6
+	 */
+	public function batch($model = null)
+	{
+		JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));
+
+		// Set the model
+		$model = $this->getModel('Article', '', array());
+
+		// Preset the redirect
+		$this->setRedirect(JRoute::_('index.php?option=com_content&view=articles' . $this->getRedirectToListAppend(), false));
+
+		return parent::batch($model);
+	}
+
+	/**
+	 * Function that allows child controller access to model data after the data has been saved.
+	 *
+	 * @param   JModelLegacy  $model  The data model object.
+	 * @param   array         $validData   The validated data.
+	 *
+	 * @return	void
+	 *
+	 * @since	3.1
+	 */
+	protected function postSaveHook(JModelLegacy $model, $validData = array())
+	{
+
+		return;
+	}
+}

administrator/components/com_content/controllers/articles.php

@@ -0,0 +1,122 @@
+<?php
+/**
+ * @package     Joomla.Administrator
+ * @subpackage  com_content
+ *
+ * @copyright   Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
+ * @license     GNU General Public License version 2 or later; see LICENSE.txt
+ */
+
+defined('_JEXEC') or die;
+
+/**
+ * Articles list controller class.
+ *
+ * @package     Joomla.Administrator
+ * @subpackage  com_content
+ * @since       1.6
+ */
+class ContentControllerArticles extends JControllerAdmin
+{
+	/**
+	 * Constructor.
+	 *
+	 * @param   array  $config	An optional associative array of configuration settings.
+
+	 * @return  ContentControllerArticles
+	 * @see     JController
+	 * @since   1.6
+	 */
+	public function __construct($config = array())
+	{
+		parent::__construct($config);
+
+		// Articles default form can come from the articles or featured view.
+		// Adjust the redirect view on the value of 'view' in the request.
+		if ($this->input->get('view') == 'featured')
+		{
+			$this->view_list = 'featured';
+		}
+
+		$this->registerTask('unfeatured',	'featured');
+	}
+
+	/**
+	 * Method to toggle the featured setting of a list of articles.
+	 *
+	 * @return  void
+	 * @since   1.6
+	 */
+	public function featured()
+	{
+		// Check for request forgeries
+		JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));
+
+		$user   = JFactory::getUser();
+		$ids    = $this->input->get('cid', array(), 'array');
+		$values = array('featured' => 1, 'unfeatured' => 0);
+		$task   = $this->getTask();
+		$value  = JArrayHelper::getValue($values, $task, 0, 'int');
+
+		// Access checks.
+		foreach ($ids as $i => $id)
+		{
+			if (!$user->authorise('core.edit.state', 'com_content.article.'.(int) $id))
+			{
+				// Prune items that you can't change.
+				unset($ids[$i]);
+				JError::raiseNotice(403, JText::_('JLIB_APPLICATION_ERROR_EDITSTATE_NOT_PERMITTED'));
+			}
+		}
+
+		if (empty($ids))
+		{
+			JError::raiseWarning(500, JText::_('JERROR_NO_ITEMS_SELECTED'));
+		}
+		else
+		{
+			// Get the model.
+			$model = $this->getModel();
+
+			// Publish the items.
+			if (!$model->featured($ids, $value))
+			{
+				JError::raiseWarning(500, $model->getError());
+			}
+		}
+
+		$this->setRedirect('index.php?option=com_content&view=articles');
+	}
+
+	/**
+	 * Proxy for getModel.
+	 *
+	 * @param   string	$name	The name of the model.
+	 * @param   string	$prefix	The prefix for the PHP class name.
+	 *
+	 * @return  JModel
+	 * @since   1.6
+	 */
+	public function getModel($name = 'Article', $prefix = 'ContentModel', $config = array('ignore_request' => true))
+	{
+		$model = parent::getModel($name, $prefix, $config);
+
+		return $model;
+	}
+
+	/**
+	 * Function that allows child controller access to model data
+	 * after the item has been deleted.
+	 *
+	 * @param   JModelLegacy  $model  The data model object.
+	 * @param   integer       $ids    The array of ids for items being deleted.
+	 *
+	 * @return  void
+	 *
+	 * @since   12.2
+	 */
+	protected function postDeleteHook(JModelLegacy $model, $ids = null)
+	{
+	}
+
+}

administrator/components/com_content/controllers/featured.php

@@ -0,0 +1,90 @@
+<?php
+/**
+ * @package     Joomla.Administrator
+ * @subpackage  com_content
+ *
+ * @copyright   Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
+ * @license     GNU General Public License version 2 or later; see LICENSE.txt
+ */
+
+defined('_JEXEC') or die;
+
+require_once __DIR__ . '/articles.php';
+
+/**
+ * @package     Joomla.Administrator
+ * @subpackage  com_content
+ */
+class ContentControllerFeatured extends ContentControllerArticles
+{
+	/**
+	 * Removes an item
+	 */
+	public function delete()
+	{
+		// Check for request forgeries
+		JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));
+
+		$user = JFactory::getUser();
+		$ids  = $this->input->get('cid', array(), 'array');
+
+		// Access checks.
+		foreach ($ids as $i => $id)
+		{
+			if (!$user->authorise('core.delete', 'com_content.article.'.(int) $id))
+			{
+				// Prune items that you can't delete.
+				unset($ids[$i]);
+				JError::raiseNotice(403, JText::_('JERROR_CORE_DELETE_NOT_PERMITTED'));
+			}
+		}
+
+		if (empty($ids))
+		{
+			JError::raiseWarning(500, JText::_('JERROR_NO_ITEMS_SELECTED'));
+		}
+		else
+		{
+			// Get the model.
+			$model = $this->getModel();
+
+			// Remove the items.
+			if (!$model->featured($ids, 0))
+			{
+				JError::raiseWarning(500, $model->getError());
+			}
+		}
+
+		$this->setRedirect('index.php?option=com_content&view=featured');
+	}
+
+	/**
+	 * Method to publish a list of articles.
+	 *
+	 * @return  void
+	 * @since   1.0
+	 */
+	public function publish()
+	{
+		parent::publish();
+
+		$this->setRedirect('index.php?option=com_content&view=featured');
+	}
+
+	/**
+	 * Method to get a model object, loading it if required.
+	 *
+	 * @param   string  $name    The model name. Optional.
+	 * @param   string  $prefix  The class prefix. Optional.
+	 * @param   array   $config  Configuration array for model. Optional.
+	 *
+	 * @return  object  The model.
+	 *
+	 * @since   1.6
+	 */
+	public function getModel($name = 'Feature', $prefix = 'ContentModel', $config = array('ignore_request' => true))
+	{
+		$model = parent::getModel($name, $prefix, $config);
+		return $model;
+	}
+}

administrator/components/com_content/controllers/index.html

@@ -0,0 +1 @@
+<!DOCTYPE html><title></title>