Your IP : 216.73.217.112
<?php
/**
* @title Minitek FAQ Book
* @copyright Copyright (C) 2011-2020 Minitek, All rights reserved.
* @license GNU General Public License version 3 or later.
* @author url https://www.minitek.gr/
* @developers Minitek.gr
*/
defined('_JEXEC') or die;
class FAQBookProControllerSection extends JControllerForm
{
public function __construct($config = array())
{
parent::__construct($config);
}
protected function allowAdd($data = array())
{
$allow = null;
if ($allow === null)
{
// In the absense of better information, revert to the component permissions.
return parent::allowAdd();
}
else
{
return $allow;
}
}
protected function allowEdit($data = array(), $key = 'id')
{
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
$user = JFactory::getUser();
$userId = $user->get('id');
// Check general edit permission first.
if ($user->authorise('core.edit', 'com_faqbookpro.section.' . $recordId))
{
return true;
}
// Fallback on edit.own.
// First test if the permission is available.
if ($user->authorise('core.edit.own', 'com_faqbookpro.section.' . $recordId))
{
// Now test the owner is the user.
$ownerId = (int) isset($data['created_user_id']) ? $data['created_user_id'] : 0;
if (empty($ownerId) && $recordId)
{
// Need to do a lookup from the model.
$record = $this->getModel()->getItem($recordId);
if (empty($record))
{
return false;
}
$ownerId = $record->created_user_id;
}
// If the owner matches 'me' then do the test.
if ($ownerId == $userId)
{
return true;
}
}
// Since there is no asset tracking, revert to the component permissions.
return parent::allowEdit($data, $key);
}
}