Add and enforce multiple access thresholds

Author: amyreese

Snippets/Snippets.API.php

@@ -23,8 +23,16 @@ function xmlhttprequest_plugin_snippets() {
 	$bug_id = gpc_get_int("bug_id", 0);
 
 	# load snippets available to the user
-	$user_id = auth_get_current_user_id();
-	$snippets = Snippet::clean(Snippet::load_by_type_user(0, $user_id), "form", $bug_id);
+	$user_id = -1;
+	$use_global = false;
+	if (access_has_global_level(plugin_config_get("use_global_threshold"))) {
+		$use_global = true;
+	}
+	if (access_has_global_level(plugin_config_get("edit_own_threshold"))) {
+		$user_id = auth_get_current_user_id();
+	}
+	$snippets = Snippet::load_by_type_user(0, $user_id, $use_global);
+	$snippets = Snippet::clean($snippets, "form", $bug_id);
 
 	$data = array(
 		"snippets" => plugin_lang_get("version"),

Snippets/Snippets.php

@@ -8,6 +8,7 @@ class SnippetsPlugin extends MantisPlugin {
 	public function register() {
 		$this->name = plugin_lang_get("name");
 		$this->description = plugin_lang_get("description");
+		$this->page = "config_page";
 
 		$this->version = plugin_lang_get("version");
 		$this->requires = array(
@@ -23,6 +24,8 @@ public function register() {
 	public function config() {
 		return array(
 			"edit_global_threshold" => ADMINISTRATOR,
+			"use_global_threshold" => REPORTER,
+			"edit_own_threshold" => REPORTER,
 		);
 	}
 
@@ -47,17 +50,21 @@ public function init() {
 	}
 
 	public function menu_account($event, $user_id) {
-		$page = plugin_page("snippet_list");
-		$label = plugin_lang_get("list_title");
+		if (access_has_global_level(plugin_config_get("edit_own_threshold"))) {
+			$page = plugin_page("snippet_list");
+			$label = plugin_lang_get("list_title");
 
-		return "<a href=\"{$page}\">{$label}</a>";
+			return "<a href=\"{$page}\">{$label}</a>";
+		}
 	}
 
 	public function menu_manage($event, $user_id) {
-		$page = plugin_page("snippet_list") . "&global=true";
-		$label = plugin_lang_get("list_global_title");
+		if (access_has_global_level(plugin_config_get("edit_global_threshold"))) {
+			$page = plugin_page("snippet_list") . "&global=true";
+			$label = plugin_lang_get("list_global_title");
 
-		return "<a href=\"{$page}\">{$label}</a>";
+			return "<a href=\"{$page}\">{$label}</a>";
+		}
 	}
 
 	public function resources($event) {

Snippets/lang/strings_english.txt

@@ -29,11 +29,18 @@ $s_plugin_Snippets_create_global_title = "Create Global Snippet";
 $s_plugin_Snippets_create_name = "Name";
 $s_plugin_Snippets_create_value = "Snippet";
 
+$s_plugin_Snippets_config = "Configuration";
+$s_plugin_Snippets_config_title = "Snippet Configuration";
+$s_plugin_Snippets_edit_global_threshold = "Edit Global Snippets";
+$s_plugin_Snippets_use_global_threshold = "Use Global Snippets";
+$s_plugin_Snippets_edit_own_threshold = "Edit Own Snippets";
+
 $s_plugin_Snippets_action_go = "Go";
 $s_plugin_Snippets_action_create = "create";
 $s_plugin_Snippets_action_edit = "Edit";
 $s_plugin_Snippets_action_delete = "Delete";
 $s_plugin_Snippets_action_delete_confirm = "Do you really want to delete the following snippets?";
+$s_plugin_Snippets_action_update = "Update";
 
 $s_plugin_Snippets_pattern_help = "
 	Snippets can contain placeholder patterns that will be replaced<br/>

Snippets/pages/config.php

@@ -0,0 +1,21 @@
+<?php
+
+# Copyright (c) 2010 John Reese
+# Licensed under the MIT license
+
+form_security_validate("plugin_Snippets_config");
+access_ensure_global_level(config_get("manage_plugin_threshold"));
+
+function maybe_set_option( $name, $value ) {
+	if ( $value != plugin_config_get( $name ) ) {
+		plugin_config_set( $name, $value );
+	}
+}
+
+maybe_set_option("edit_global_threshold", gpc_get_int("edit_global_threshold"));
+maybe_set_option("use_global_threshold", gpc_get_int("use_global_threshold"));
+maybe_set_option("edit_own_threshold", gpc_get_int("edit_own_threshold"));
+
+form_security_purge("plugin_Snippets_config");
+print_successful_redirect(plugin_page("config_page", true));
+

Snippets/pages/config_page.php

@@ -0,0 +1,45 @@
+<?php
+
+# Copyright (c) 2010 John Reese
+# Licensed under the MIT license
+
+access_ensure_global_level(config_get("manage_plugin_threshold"));
+
+html_page_top();
+print_manage_menu();
+?>
+
+<br/>
+<form action="<?php echo plugin_page("config") ?>" method="post">
+<?php echo form_security_field("plugin_Snippets_config") ?>
+<table class="width60" align="center">
+
+<tr>
+<td class="form-title" colspan="2"><?php echo plugin_lang_get("config_title") ?></td>
+</tr>
+
+<tr <?php echo helper_alternate_class() ?>>
+<td class="category"><?php echo plugin_lang_get( 'edit_global_threshold' ) ?></td>
+<td><select name="edit_global_threshold"><?php print_enum_string_option_list( 'access_levels', plugin_config_get( 'edit_global_threshold' ) ) ?></select></td>
+</tr>
+
+<tr <?php echo helper_alternate_class() ?>>
+<td class="category"><?php echo plugin_lang_get( 'use_global_threshold' ) ?></td>
+<td><select name="use_global_threshold"><?php print_enum_string_option_list( 'access_levels', plugin_config_get( 'use_global_threshold' ) ) ?></select></td>
+</tr>
+
+<tr <?php echo helper_alternate_class() ?>>
+<td class="category"><?php echo plugin_lang_get( 'edit_own_threshold' ) ?></td>
+<td><select name="edit_own_threshold"><?php print_enum_string_option_list( 'access_levels', plugin_config_get( 'edit_own_threshold' ) ) ?></select></td>
+</tr>
+
+<tr>
+<td class="center" colspan="2"><input type="submit" value="<?php echo plugin_lang_get("action_update") ?>"/></td>
+</tr>
+
+</table>
+</form>
+
+<?php
+html_page_bottom();
+

Snippets/pages/snippet_create.php

@@ -10,6 +10,7 @@
 	access_ensure_global_level(plugin_config_get("edit_global_threshold"));
 	$user_id = 0;
 } else {
+	access_ensure_global_level(plugin_config_get("edit_own_threshold"));
 	$user_id = auth_get_current_user_id();
 }
 

Snippets/pages/snippet_list.php

@@ -7,8 +7,10 @@
 
 if ($global) {
 	access_ensure_global_level(plugin_config_get("edit_global_threshold"));
+	$admin = access_has_global_level(config_get("manage_plugin_threshold"));
 	$user_id = 0;
 } else {
+	access_ensure_global_level(plugin_config_get("edit_own_threshold"));
 	$user_id = auth_get_current_user_id();
 }
 
@@ -27,7 +29,13 @@
 
 <tr>
 <td class="form-title" colspan="2"><?php echo plugin_lang_get($global ? "list_global_title" : "list_title") ?></td>
-<td class="right"><?php if (!$global) print_account_menu() ?></td>
+<td class="right"><?php
+if (!$global) {
+	print_account_menu();
+} elseif ($admin) {
+	print_bracket_link(plugin_page("config_page"), plugin_lang_get("config"));
+}
+?></td>
 </tr>
 
 <tr class="row-category">

Snippets/pages/snippet_list_action.php

@@ -11,6 +11,7 @@
 	access_ensure_global_level(plugin_config_get("edit_global_threshold"));
 	$user_id = 0;
 } else {
+	access_ensure_global_level(plugin_config_get("edit_own_threshold"));
 	$user_id = auth_get_current_user_id();
 }