Share » Forums » Extensions » ezcomments and $can_edit

ezcomments and $can_edit

ezcomments and $can_edit

Wednesday 15 December 2010 2:53:21 pm - 8 replies

Modified on Wednesday 15 December 2010 3:14:16 pm by Pascal France

Author Message

Pascal France

Thursday 16 December 2010 1:01:32 am

Hi,

When we are not allowed to edit a comment, an error message is displayed by the template

  • extension/ezcomments/design/standard/templates/comment/edit.tpl

once we have clicked the link «Edit» at the bottom of a comment.

This template does not display a "Back" button with the error message (as is the case with the template extension/ezcomments/design/standard/templates/comment/delete.tpl) and the user must return back to the previous page with the «Back» button of his browser.

I added a button with this code:

<form action={'/comment/edit'|ezurl} method="post" name="CommentEdit">
        <input type="hidden" name="CommentID" value="{$comment_id}" />
        <input type="hidden" name="RedirectURI" value={$redirect_uri|ezurl( , 'full' )} />
               <div class="message-error">
                  <p>
                     {'You don\'t have access to edit.'|i18n( 'ezcomments/comment/edit' )}
                  </p>
                <input type="submit" value="{'Back'|i18n( 'ezcomments/comment/action' )}" class="button" name="CancelButton" />
               </div>
            </form>

But the URL «{$redirect_uri|ezurl( , 'full' )}» refers to the root of the site and not to the previous page (which is the case with the template delete.tpl).

The problem I meet is that in the template edit.tpl no one of these variables is available:

  • $view_parameters
  • $ezhttp_hasvariable
  • $module_result.view_parameters
  • $module_result
  • $ezhttp_hasvariable
  • $node
  • $oject
  • $comment
  • $redirect_uri

So even if I pass the parameters in the URL I can not retrieve them.

Is there a way to have a button that returns to the previous page?

Ce qui embellit le désert c'est qu'il cache un puits... quelque part... (A. de Saint-Exupéry) - http://luxpopuli.fr/eZ-Publish

Daisy Radix

Thursday 16 December 2010 1:01:54 am

The tpl variable $canEdit is set in the extension/comments/module/comment/edit.php.(line 41)

$canEdit = false;
$canEditResult = ezcomPermission::hasAccessToFunction( 'edit', $contentObject, $languageCode, $comment, null, $contentNode );
$canEdit = $canEditResult['result'];
$tpl->setVariable( 'can_edit', $canEdit );

If you want this variable in comment_item.tpl you can override it and add a fetch permission at the top of the tpl file.

eZ Publish certified developper :http://auth.ez.no/certification/verify/378142

Pascal France

Thursday 16 December 2010 1:41:30 am

Hi Daisy,

And thanks for your help.

In comment_item.tpl there are already, by default, a «can_edit» and a «can_detele» fetch. But they always return «false» .

In comment_item.tpl the only variables that change according to the permissions of the user are "$can_self_edit" and "$can_self_delete".

The problem is that you can be a user logged in with permission can_self_edit and not have the right to edit the comment of another user.
It seems that this case can not be taken into account in comment_item.tpl

Ce qui embellit le désert c'est qu'il cache un puits... quelque part... (A. de Saint-Exupéry) - http://luxpopuli.fr/eZ-Publish

Daisy Radix

Thursday 16 December 2010 2:34:29 am

I don't really understand what you want to do if the user can't edit the comment there's no edit button and if he can there's one.

Have you an example to illustrate your situation?

eZ Publish certified developper :http://auth.ez.no/certification/verify/378142

Pascal France

Thursday 16 December 2010 2:59:08 am

Daisy, I sent you a private mail (from here this page http://share.ez.no/authorcontact/form/95875).

Ce qui embellit le désert c'est qu'il cache un puits... quelque part... (A. de Saint-Exupéry) - http://luxpopuli.fr/eZ-Publish

Pascal France

Friday 17 December 2010 2:48:31 am

I explain again the context:

By default, the extension ezcomments displays the links "Edit" and "Delete" at the bottom of all comments regardless of the specific rights of the user.

My original question (see my first post) was: how to display the links "Edit" and "Delete" only if the user has the right to edit and/or delete the comment ?

Daisy founded the solution:

We have to replace (in comment_item.tpl):

<div class="ezcom-comment-tool">
                    {if or( $can_edit, $can_self_edit )}
                        {if and( $can_self_edit, not( $can_edit ) )}
                            {def $displayAttribute=$user_display_limit_class}
                        {else}
                            {def $displayAttribute=''}
                        {/if}
                        <span{$displayAttribute}>
                            <a href={concat( '/comment/edit/', $comment.id )|ezurl}>{'Edit'|i18n('ezcomments/comment/view')}</a>
                        </span>
                        {undef $displayAttribute}
                    {/if}
                    {if or( $can_delete, $can_self_delete )}
                        {if and( $can_self_delete, not( $can_delete ) )}
                            {def $displayAttribute=$user_display_limit_class}
                        {else}
                            {def $displayAttribute=''}
                        {/if}
                        <span {$displayAttribute}>
                            <a href={concat( '/comment/delete/',$comment.id )|ezurl}>
                                {'Delete'|i18n('ezcomments/comment/view')}
                            </a>
                        </span>
                        {undef $displayAttribute}
                    {/if}
                </div>

by:

{if eq( $current_user.contentobject_id, $comment.user_id )}
                  <span {$displayAttribute}>
                     <a href={concat( '/comment/edit/', $comment.id )|ezurl}>{'Edit'|i18n('ezcomments/comment/view')}</a>  
                     <a href={concat( '/comment/delete/',$comment.id )|ezurl}>{'Delete'|i18n('ezcomments/comment/view')}</a>
                  </span>
                  {undef $displayAttribute}
               {/if}

Like that, the «Edit» and «Delete» buttons are only shown if the logged in user is the owner of the comment too.

More over, this solution avoids to solve the problem I described in my 2de post of this thread.

Ce qui embellit le désert c'est qu'il cache un puits... quelque part... (A. de Saint-Exupéry) - http://luxpopuli.fr/eZ-Publish

Chen Xiongjie

Friday 21 January 2011 2:11:18 am

Pascal, for the 1st issue, have you tried to configure it like this?

Go to administrator user interface, in the user role interface -> click 'add policy' -> select module 'comment' and function 'edit' -> click 'grant limited access' -> select 'Self' in CommentCreator.

Documentation: http://doc.ez.no/Extensions/eZ-Comments/Setup-and-user-guide-1.1/Using-eZ-Comments/Adminstrator-options/Setting-access-and-restriction-policies

(Sorry for the late reply)

eZ Comments: http://projects.ez.no/ezcomments
twitter: http://twitter.com/xiongjie

Chen Xiongjie

Friday 21 January 2011 2:35:14 am

Just one note for 2nd issue: since comment edit view is not like ezpublish object edit view, the parameters in object are not available. And there is no object/node parameter here at all. But you can retrive them manually via comment id, see modules/comment/edit.php where there is example.

(Of course if 1st is solved, you don't need to think about 2nd).

eZ Comments: http://projects.ez.no/ezcomments
twitter: http://twitter.com/xiongjie

You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu