admin/38443-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ReleaseV10+EventsRights

Browse Source
This commit is contained in:
Flatlogic Bot 2026-02-20 19:47:42 +00:00
parent 0984d84431
commit d761c251bf
5 changed files with 87 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api_v1_events.php
View File

@ -41,7 +41,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$server_id = $channel['server_id'];
// Check permission
if (!Permissions::hasPermission($user_id, $server_id, Permissions::MANAGE_CHANNELS)) {
if (!Permissions::canDoInChannel($user_id, $channel_id, Permissions::CREATE_EVENT)) {
echo json_encode(['success' => false, 'error' => 'Permission refusée']);
exit;
}
@ -122,7 +122,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
exit;
}
if ($event['user_id'] != $user_id && !Permissions::hasPermission($user_id, $event['server_id'], Permissions::MANAGE_CHANNELS)) {
if ($event['user_id'] != $user_id && !Permissions::canDoInChannel($user_id, $event['channel_id'], Permissions::EDIT_EVENT)) {
echo json_encode(['success' => false, 'error' => 'Permission refusée']);
exit;
}
@ -198,8 +198,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
exit;
}
// Check permission (creator or manage_channels)
if ($event['user_id'] != $user_id && !Permissions::hasPermission($user_id, $event['server_id'], Permissions::MANAGE_CHANNELS)) {
// Check permission (creator or delete_event)
if ($event['user_id'] != $user_id && !Permissions::canDoInChannel($user_id, $event['channel_id'], Permissions::DELETE_EVENT)) {
echo json_encode(['success' => false, 'error' => 'Permission refusée']);
exit;
}

5
api_v1_roles.php
View File

@ -72,7 +72,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
['value' => 256, 'name' => 'Pin Threads'],
['value' => 512, 'name' => 'Lock Threads'],
['value' => 1024, 'name' => 'Send Messages in Threads'],
['value' => 2048, 'name' => 'Speak']
['value' => 2048, 'name' => 'Speak'],
['value' => 4096, 'name' => 'Créer un événement'],
['value' => 8192, 'name' => 'Modifier un événement'],
['value' => 16384, 'name' => 'Supprimer un événement']
]
]);
exit;

12
assets/js/main.js
View File

@ -1456,6 +1456,12 @@ document.addEventListener('DOMContentLoaded', () => {
} else {
statusContainer.style.display = 'none';
}
// Show/Hide event permissions
const eventPerms = document.querySelectorAll('.event-permission-only');
eventPerms.forEach(p => {
p.style.setProperty('display', channelType === 'event' ? 'block' : 'none', channelType === 'event' ? '' : 'important');
});
});
});
@ -1475,6 +1481,12 @@ document.addEventListener('DOMContentLoaded', () => {
rssTabNav.style.display = (type === 'announcement') ? 'block' : 'none';
statusContainer.style.display = (type === 'voice') ? 'block' : 'none';
// Show/Hide event permissions
const eventPerms = document.querySelectorAll('.event-permission-only');
eventPerms.forEach(p => {
p.style.setProperty('display', type === 'event' ? 'block' : 'none', type === 'event' ? '' : 'important');
});
// Rules specific visibility
const rulesRoleContainer = document.getElementById('edit-channel-rules-role-container');
if (rulesRoleContainer) {

3
includes/permissions.php
View File

@ -13,6 +13,9 @@ class Permissions {
const LOCK_THREADS = 512;
const SEND_MESSAGES_IN_THREADS = 1024;
const SPEAK = 2048;
const CREATE_EVENT = 4096;
const EDIT_EVENT = 8192;
const DELETE_EVENT = 16384;
public static function hasPermission($user_id, $server_id, $permission) {
$stmt = db()->prepare("SELECT is_admin FROM users WHERE id = ?");

67
index.php
View File

@ -234,6 +234,12 @@ if ($is_dm_view) {
Permissions::hasPermission($current_user_id, $active_server_id, Permissions::MANAGE_MESSAGES) ||
Permissions::hasPermission($current_user_id, $active_server_id, Permissions::ADMINISTRATOR) ||
$is_owner;
// Event permissions
$can_create_event = Permissions::canDoInChannel($current_user_id, $active_channel_id, Permissions::CREATE_EVENT);
$can_edit_event = Permissions::canDoInChannel($current_user_id, $active_channel_id, Permissions::EDIT_EVENT);
$can_delete_event = Permissions::canDoInChannel($current_user_id, $active_channel_id, Permissions::DELETE_EVENT);
break;
}
}
@ -887,7 +893,7 @@ $projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
<h2 class="mb-0"><i class="fa-solid fa-calendar-days me-2"></i>Événements</h2>
<p class="text-muted small mb-0">Découvrez et gérez les événements à venir.</p>
</div>
<?php if ($can_manage_channels): ?>
<?php if ($can_create_event): ?>
<button class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#addEventModal">
<i class="fa-solid fa-plus me-1"></i> Ajouter un événement
</button>
@ -901,7 +907,7 @@ $projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
<i class="fa-solid fa-calendar-xmark" style="font-size: 4rem;"></i>
</div>
<h4 class="text-muted">Aucun événement prévu pour le moment.</h4>
<?php if ($can_manage_channels): ?>
<?php if ($can_create_event): ?>
<p class="text-muted">Cliquez sur "Ajouter un événement" pour commencer.</p>
<?php endif; ?>
</div>
@ -982,7 +988,7 @@ $projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
<?php endif; ?>
</div>
<div class="card-footer bg-transparent border-secondary d-flex justify-content-end align-items-center gap-2">
<?php if ($can_manage_channels || $event['user_id'] == $current_user_id): ?>
<?php if ($can_edit_event || $event['user_id'] == $current_user_id): ?>
<button class="btn btn-sm btn-outline-info edit-event-btn"
data-id="<?php echo $event['id']; ?>"
data-title="<?php echo htmlspecialchars($event['title']); ?>"
@ -999,6 +1005,8 @@ $projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
>
<i class="fa-solid fa-pen-to-square"></i>
</button>
<?php endif; ?>
<?php if ($can_delete_event || $event['user_id'] == $current_user_id): ?>
<button class="btn btn-sm btn-outline-danger delete-event-btn" data-id="<?php echo $event['id']; ?>">
<i class="fa-solid fa-trash"></i>
</button>
@ -2887,6 +2895,59 @@ document.addEventListener('DOMContentLoaded', () => {
</div>
</div>
</div>
<!-- Event Permissions (Only for Event channels) -->
<div class="permission-item event-permission-only mb-3 p-2 rounded" style="background: var(--separator-soft); display: none;">
<div class="d-flex justify-content-between align-items-center">
<div class="pe-3">
<div class="fw-bold" style="color: #ffffff; font-size: 0.9em;">Créer un événement</div>
<div style="font-size: 0.75em; color: #b5bac1;">Permet aux membres de créer de nouveaux événements dans ce salon.</div>
</div>
<div class="btn-group btn-group-sm perm-tri-state" data-perm-bit="4096">
<input type="radio" class="btn-check" name="perm_4096" id="perm_4096_deny" value="deny">
<label class="btn btn-outline-danger border-0" for="perm_4096_deny" title="Refuser"><i class="fa-solid fa-xmark"></i></label>
<input type="radio" class="btn-check" name="perm_4096" id="perm_4096_neutral" value="neutral" checked>
<label class="btn btn-outline-secondary border-0" for="perm_4096_neutral" title="Neutre">/</label>
<input type="radio" class="btn-check" name="perm_4096" id="perm_4096_allow" value="allow">
<label class="btn btn-outline-success border-0" for="perm_4096_allow" title="Autoriser"><i class="fa-solid fa-check"></i></label>
</div>
</div>
</div>
<div class="permission-item event-permission-only mb-3 p-2 rounded" style="background: var(--separator-soft); display: none;">
<div class="d-flex justify-content-between align-items-center">
<div class="pe-3">
<div class="fw-bold" style="color: #ffffff; font-size: 0.9em;">Modifier un événement</div>
<div style="font-size: 0.75em; color: #b5bac1;">Permet aux membres de modifier les événements de ce salon.</div>
</div>
<div class="btn-group btn-group-sm perm-tri-state" data-perm-bit="8192">
<input type="radio" class="btn-check" name="perm_8192" id="perm_8192_deny" value="deny">
<label class="btn btn-outline-danger border-0" for="perm_8192_deny" title="Refuser"><i class="fa-solid fa-xmark"></i></label>
<input type="radio" class="btn-check" name="perm_8192" id="perm_8192_neutral" value="neutral" checked>
<label class="btn btn-outline-secondary border-0" for="perm_8192_neutral" title="Neutre">/</label>
<input type="radio" class="btn-check" name="perm_8192" id="perm_8192_allow" value="allow">
<label class="btn btn-outline-success border-0" for="perm_8192_allow" title="Autoriser"><i class="fa-solid fa-check"></i></label>
</div>
</div>
</div>
<div class="permission-item event-permission-only mb-3 p-2 rounded" style="background: var(--separator-soft); display: none;">
<div class="d-flex justify-content-between align-items-center">
<div class="pe-3">
<div class="fw-bold" style="color: #ffffff; font-size: 0.9em;">Supprimer un événement</div>
<div style="font-size: 0.75em; color: #b5bac1;">Permet aux membres de supprimer les événements de ce salon.</div>
</div>
<div class="btn-group btn-group-sm perm-tri-state" data-perm-bit="16384">
<input type="radio" class="btn-check" name="perm_16384" id="perm_16384_deny" value="deny">
<label class="btn btn-outline-danger border-0" for="perm_16384_deny" title="Refuser"><i class="fa-solid fa-xmark"></i></label>
<input type="radio" class="btn-check" name="perm_16384" id="perm_16384_neutral" value="neutral" checked>
<label class="btn btn-outline-secondary border-0" for="perm_16384_neutral" title="Neutre">/</label>
<input type="radio" class="btn-check" name="perm_16384" id="perm_16384_allow" value="allow">
<label class="btn btn-outline-success border-0" for="perm_16384_allow" title="Autoriser"><i class="fa-solid fa-check"></i></label>
</div>
</div>
</div>
<!-- More permissions can be added here -->
</div>
</div>