From 27f69b0a74728f48ebceb9b62b679b58742755de Mon Sep 17 00:00:00 2001 From: Aaron van Geffen Date: Sat, 11 Mar 2023 20:01:25 +0100 Subject: [PATCH] EditTag: disallow users to disown their own tags --- controllers/EditTag.php | 76 +++++++++++++++++++++++------------------ 1 file changed, 42 insertions(+), 34 deletions(-) diff --git a/controllers/EditTag.php b/controllers/EditTag.php index d752223..12de092 100644 --- a/controllers/EditTag.php +++ b/controllers/EditTag.php @@ -63,43 +63,51 @@ class EditTag extends HTMLController elseif (!$id_tag) $after_form = ''; + $fields = [ + 'kind' => [ + 'type' => 'select', + 'label' => 'Kind of tag', + 'options' => [ + 'Location' => 'Location', + 'Person' => 'Person', + ], + ], + 'id_user_owner' => [ + 'type' => 'select', + 'label' => 'Owner', + 'options' => [0 => '(nobody)'] + Member::getMemberMap(), + ], + 'tag' => [ + 'type' => 'text', + 'label' => 'Tag title', + 'size' => 50, + 'maxlength' => 255, + ], + 'slug' => [ + 'type' => 'text', + 'label' => 'URL slug', + 'size' => 50, + 'maxlength' => 255, + ], + 'description' => [ + 'type' => 'textbox', + 'label' => 'Description', + 'size' => 50, + 'maxlength' => 255, + 'is_optional' => true, + ], + ]; + + if (!$user->isAdmin()) + { + unset($fields['kind']); + unset($fields['id_user_owner']); + } + $form = new Form([ 'request_url' => BASEURL . '/edittag/?' . ($id_tag ? 'id=' . $id_tag : 'add'), 'content_below' => $after_form, - 'fields' => [ - 'kind' => [ - 'type' => 'select', - 'label' => 'Kind of tag', - 'options' => [ - 'Location' => 'Location', - 'Person' => 'Person', - ], - ], - 'id_user_owner' => [ - 'type' => 'select', - 'label' => 'Owner', - 'options' => [0 => '(nobody)'] + Member::getMemberMap(), - ], - 'tag' => [ - 'type' => 'text', - 'label' => 'Tag title', - 'size' => 50, - 'maxlength' => 255, - ], - 'slug' => [ - 'type' => 'text', - 'label' => 'URL slug', - 'size' => 50, - 'maxlength' => 255, - ], - 'description' => [ - 'type' => 'textbox', - 'label' => 'Description', - 'size' => 50, - 'maxlength' => 255, - 'is_optional' => true, - ], - ], + 'fields' => $fields, ]); // Create the form, add in default values.