X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=plugins%2FTinyMCE%2FTinyMCEPlugin.php;h=a5e4a481b8b9fe9162690f7eb543973c9c1d16f4;hb=acb215d55033ff03736342b311ff6deb8f28ead0;hp=2ec4b71608e7f28dc681e14e7f06106807971772;hpb=b5cfcba4712809cb17eabba299ce5ff04f4d7d70;p=quix0rs-gnu-social.git

diff --git a/plugins/TinyMCE/TinyMCEPlugin.php b/plugins/TinyMCE/TinyMCEPlugin.php
index 2ec4b71608..a5e4a481b8 100644
--- a/plugins/TinyMCE/TinyMCEPlugin.php
+++ b/plugins/TinyMCE/TinyMCEPlugin.php
@@ -1,5 +1,4 @@
 <?php
-
 /**
  * StatusNet - the distributed open-source microblogging tool
  * Copyright (C) 2010, StatusNet, Inc.
@@ -39,6 +38,10 @@ if (!defined('STATUSNET')) {
  *
  * Converts the notice form in browser to a rich-text editor.
  *
+ * FIXME: this plugin DOES NOT load its static files from the configured
+ * plugin server if one exists. There are cross-server permissions errors
+ * if you try to do that (something about window.tinymce).
+ *
  * @category  WYSIWYG
  * @package   StatusNet
  * @author    Evan Prodromou <evan@status.net>
@@ -50,9 +53,14 @@ class TinyMCEPlugin extends Plugin
 {
     var $html;
 
+    // By default, TinyMCE editor will be available to all users.
+    // With restricted on, only users who have been granted the
+    // "richedit" role get it.
+    public $restricted = false;
+
     function onEndShowScripts($action)
     {
-        if (common_logged_in ()) {
+        if (common_logged_in() && $this->isAllowedRichEdit()) {
             $action->script(common_path('plugins/TinyMCE/js/jquery.tinymce.js'));
             $action->inlineScript($this->_inlineScript());
         }
@@ -62,7 +70,9 @@ class TinyMCEPlugin extends Plugin
 
     function onEndShowStyles($action)
     {
-        $action->style('span#notice_data-text_container, span#notice_data-text_parent { float: left }');
+        if ($this->isAllowedRichEdit()) {
+            $action->style('span#notice_data-text_container, span#notice_data-text_parent { float: left }');
+        }
         return true;
     }
 
@@ -73,6 +83,7 @@ class TinyMCEPlugin extends Plugin
             'author' => 'Evan Prodromou',
             'homepage' => 'http://status.net/wiki/Plugin:TinyMCE',
             'rawdescription' =>
+            // TRANS: Plugin description.
             _m('Use TinyMCE library to allow rich text editing in the browser.'));
         return true;
     }
@@ -116,7 +127,7 @@ class TinyMCEPlugin extends Plugin
      */
     function onStartSaveNewNoticeWeb($action, $user, &$content, &$options)
     {
-        if ($action->arg('richedit')) {
+        if ($action->arg('richedit') && $this->isAllowedRichEdit()) {
             $html = $this->sanitizeHtml($content);
             $options['rendered'] = $html;
             $content = $this->stripHtml($html);
@@ -135,7 +146,7 @@ class TinyMCEPlugin extends Plugin
      */
     function onStartSaveNewNoticeAppendAttachment($action, $media, &$content, &$options)
     {
-        if ($action->arg('richedit')) {
+        if ($action->arg('richedit') && $this->isAllowedRichEdit()) {
             // See if we've got a placeholder inline image; if so, fill it!
             $dom = new DOMDocument();
 
@@ -279,9 +290,14 @@ class TinyMCEPlugin extends Plugin
         // our AJAX form submission. Manually moving it to trigger
         // on our send button click.
         $scr = <<<END_OF_SCRIPT
-        $().ready(function() {
-            var noticeForm = $('#form_notice');
-            $('textarea#notice_data-text').tinymce({
+        (function() {
+        var origInit = SN.Init.NoticeFormSetup;
+        SN.Init.NoticeFormSetup = function(form) {
+            origInit(form);
+            var noticeForm = form;
+            var textarea = form.find('.notice_data-text');
+            if (textarea.length == 0) return;
+            textarea.tinymce({
                 script_url : '{$path}',
                 // General options
                 theme : "advanced",
@@ -295,7 +311,7 @@ class TinyMCEPlugin extends Plugin
                 setup: function(ed) {
                     noticeForm.append('<input type="hidden" name="richedit" value="1">');
 
-                    $('#notice_action-submit').click(function() {
+                    form.find('.submit:first').click(function() {
                         tinymce.triggerSave();
                     });
 
@@ -308,16 +324,36 @@ class TinyMCEPlugin extends Plugin
                         SN.U.Counter(noticeForm);
                     });
 
-                    $('#'+SN.C.S.NoticeDataAttach).change(function() {
+                    form.find('input[type=file]').change(function() {
                         var img = '<img src="{$placeholder}" class="placeholder" width="320" height="240">';
                         var html = tinyMCE.activeEditor.getContent();
                         ed.setContent(html + img);
                     });
                 }
             });
-        });
+        };
+        })();
 END_OF_SCRIPT;
 
         return $scr;
     }
+
+    /**
+     * Does the current user have permission to use the rich-text editor?
+     * Always true unless the plugin's "restricted" setting is on, in which
+     * case it's limited to users with the "richedit" role.
+     *
+     * @fixme make that more sanely configurable :)
+     *
+     * @return boolean
+     */
+    private function isAllowedRichEdit()
+    {
+        if ($this->restricted) {
+            $user = common_current_user();
+            return !empty($user) && $user->hasRole('richedit');
+        } else {
+            return true;
+        }
+    }
 }