|
@@ -420,48 +420,48 @@ if ($action == 'renamefile') { // Must be after include DOL_DOCUMENT_ROOT.'/core
|
|
|
$action = 'file_manager';
|
|
|
}
|
|
|
|
|
|
-if ($action == 'setwebsiteonline') {
|
|
|
+if ($action == 'setwebsiteonline' && $usercanedit) {
|
|
|
$website->setStatut($website::STATUS_VALIDATED, null, '', 'WEBSITE_MODIFY', 'status');
|
|
|
|
|
|
header("Location: ".$_SERVER["PHP_SELF"].'?website='.GETPOST('website', 'alphanohtml').'&pageid='.GETPOST('websitepage', 'int'));
|
|
|
exit;
|
|
|
}
|
|
|
-if ($action == 'setwebsiteoffline') {
|
|
|
+if ($action == 'setwebsiteoffline' && $usercanedit) {
|
|
|
$result = $website->setStatut($website::STATUS_DRAFT, null, '', 'WEBSITE_MODIFY', 'status');
|
|
|
|
|
|
header("Location: ".$_SERVER["PHP_SELF"].'?website='.GETPOST('website', 'alphanohtml').'&pageid='.GETPOST('websitepage', 'int'));
|
|
|
exit;
|
|
|
}
|
|
|
-if ($action == 'seteditinline') {
|
|
|
+if ($action == 'seteditinline') { // No need of write permission
|
|
|
dolibarr_set_const($db, 'WEBSITE_EDITINLINE', 1);
|
|
|
setEventMessages($langs->trans("FeatureNotYetAvailable"), null, 'warnings');
|
|
|
//dolibarr_set_const($db, 'WEBSITE_SUBCONTAINERSINLINE', 0); // Force disable of 'Include dynamic content'
|
|
|
header("Location: ".$_SERVER["PHP_SELF"].'?website='.GETPOST('website', 'alphanohtml').'&pageid='.GETPOST('pageid', 'int'));
|
|
|
exit;
|
|
|
}
|
|
|
-if ($action == 'unseteditinline') {
|
|
|
+if ($action == 'unseteditinline') { // No need of write permission
|
|
|
dolibarr_del_const($db, 'WEBSITE_EDITINLINE');
|
|
|
header("Location: ".$_SERVER["PHP_SELF"].'?website='.GETPOST('website', 'alphanohtml').'&pageid='.GETPOST('pageid', 'int'));
|
|
|
exit;
|
|
|
}
|
|
|
-if ($action == 'setshowsubcontainers') {
|
|
|
+if ($action == 'setshowsubcontainers') { // No need of write permission
|
|
|
dolibarr_set_const($db, 'WEBSITE_SUBCONTAINERSINLINE', 1);
|
|
|
//dolibarr_set_const($db, 'WEBSITE_EDITINLINE', 0); // Force disable of edit inline
|
|
|
header("Location: ".$_SERVER["PHP_SELF"].'?website='.GETPOST('website', 'alphanohtml').'&pageid='.GETPOST('pageid', 'int'));
|
|
|
exit;
|
|
|
}
|
|
|
-if ($action == 'unsetshowsubcontainers') {
|
|
|
+if ($action == 'unsetshowsubcontainers') { // No need of write permission
|
|
|
dolibarr_del_const($db, 'WEBSITE_SUBCONTAINERSINLINE');
|
|
|
header("Location: ".$_SERVER["PHP_SELF"].'?website='.GETPOST('website', 'alphanohtml').'&pageid='.GETPOST('pageid', 'int'));
|
|
|
exit;
|
|
|
}
|
|
|
|
|
|
-if ($massaction == 'replace' && GETPOST('confirmmassaction', 'alpha') && !$searchkey) {
|
|
|
+if ($massaction == 'replace' && GETPOST('confirmmassaction', 'alpha') && !$searchkey && $usercanedit) {
|
|
|
$mode = 'replacesite';
|
|
|
$massaction = '';
|
|
|
}
|
|
|
|
|
|
-if ($action == 'deletetemplate') {
|
|
|
+if ($action == 'deletetemplate' && $usercanedit) {
|
|
|
$dirthemes = array('/doctemplates/websites');
|
|
|
if (!empty($conf->modules_parts['websitetemplates'])) { // Using this feature slow down application
|
|
|
foreach ($conf->modules_parts['websitetemplates'] as $reldir) {
|