Example #1
0
 /**
  * Creates an account
  *
  * @param Application $app       The application
  * @param string      $id        The base for user login
  * @param string      $email     The email
  * @param array       $templates Some extra templates to apply with the ones of this creator
  *
  * @return User
  *
  * @throws RuntimeException         In case the AccountCreator is disabled
  * @throws InvalidArgumentException In case a user with the same email already exists
  */
 public function create(Application $app, $id, $email = null, array $templates = [])
 {
     if (!$this->enabled) {
         throw new RuntimeException('Account creator is disabled');
     }
     $login = $id;
     $n = 1;
     if (null !== $email && null !== $app['repo.users']->findByEmail($email)) {
         throw new InvalidArgumentException('Provided email already exist in account base.');
     }
     while (null !== $app['repo.users']->findByLogin($login)) {
         $login = $id . '#' . $n;
         $n++;
     }
     $user = $app['manipulator.user']->createUser($login, $this->random->generateString(128), $email);
     $base_ids = [];
     foreach ($this->appbox->get_databoxes() as $databox) {
         foreach ($databox->get_collections() as $collection) {
             $base_ids[] = $collection->get_base_id();
         }
     }
     foreach (array_merge($this->templates, $templates) as $template) {
         $app->getAclForUser($user)->apply_model($template, $base_ids);
     }
     return $user;
 }
 public function hasAccessSubDefinition(RecordInterface $record, $subDefinition)
 {
     if (false === $this->app->getAuthenticatedUser() instanceof User) {
         return false;
     }
     return $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_access_to_subdef($record, $subDefinition);
 }
Example #3
0
 private function createUser(Application $app)
 {
     $user = $app['manipulator.user']->createUser(uniqid('fixturejs'), uniqid('fixturejs'), uniqid('fixturejs') . '@js.js', true);
     $app->getAclForUser($user)->set_admin(true);
     $app['manipulator.acl']->resetAdminRights($user);
     return $user;
 }
Example #4
0
 private static function getUnvalidated(Application $app, $home = false)
 {
     $terms = [];
     foreach ($app->getDataboxes() as $databox) {
         try {
             $cgus = $databox->get_cgus();
             if (!isset($cgus[$app['locale']])) {
                 throw new Exception('No CGus for this locale');
             }
             $name = $databox->get_label($app['locale']);
             $update = $cgus[$app['locale']]['updated_on'];
             $value = $cgus[$app['locale']]['value'];
             $userValidation = true;
             if (!$home) {
                 if (!$app->getAclForUser($app->getAuthenticatedUser())->has_access_to_sbas($databox->get_sbas_id())) {
                     continue;
                 }
                 $userValidation = $app['settings']->getUserSetting($app->getAuthenticatedUser(), 'terms_of_use_' . $databox->get_sbas_id()) !== $update && trim($value) !== '';
             }
             if ($userValidation) {
                 $terms[$name] = ['sbas_id' => $databox->get_sbas_id(), 'terms' => $value, 'date' => $update];
             }
         } catch (\Exception $e) {
         }
     }
     return $terms;
 }
Example #5
0
 /**
  * Creates an aggregate from all the feeds available to a given user.
  *
  * @param Application $app
  * @param User        $user
  *
  * @param array       $restrictions
  * @return Aggregate
  */
 public static function createFromUser(Application $app, User $user, array $restrictions = [])
 {
     /** @var FeedRepository $feedRepository */
     $feedRepository = $app['repo.feeds'];
     $feeds = $feedRepository->filterUserAccessibleByIds($app->getAclForUser($user), $restrictions);
     $token = $app['repo.aggregate-tokens']->findOneBy(['user' => $user]);
     return new static($app['orm.em'], $feeds, $token);
 }
Example #6
0
 private function apply_template_time_limits(User $template_user, array $base_ids)
 {
     foreach ($base_ids as $base_id) {
         $limited = $this->app->getAclForUser($template_user)->get_limits($base_id);
         if (null !== $limited) {
             $this->set_limits($base_id, '1', $limited['dmin'], $limited['dmax']);
         } else {
             $this->set_limits($base_id, '0', $limited['dmin'], $limited['dmax']);
         }
     }
 }
Example #7
0
 public static function getSearchStatus(Application $app)
 {
     $structures = $stats = [];
     foreach ($app->getAclForUser($app->getAuthenticatedUser())->get_granted_sbas() as $databox) {
         $see_all = false;
         foreach ($databox->get_collections() as $collection) {
             if ($app->getAclForUser($app->getAuthenticatedUser())->has_right_on_base($collection->get_base_id(), 'chgstatus')) {
                 $see_all = true;
                 break;
             }
         }
         $status = $databox->getStatusStructure()->toArray();
         if (!$see_all) {
             $status = array_filter($status, function ($statusbit) {
                 return (bool) $statusbit['searchable'];
             });
         }
         ksort($status);
         $structures[$databox->get_sbas_id()] = array('name' => $databox->get_label($app['locale']), 'status' => $status);
     }
     ksort($structures);
     return $structures;
 }
Example #8
0
 protected function get_feed(Application $app, appbox $appbox, User $user, $pub_restrict, $homelink)
 {
     $user_key = 'user_' . $user->getId();
     if ($homelink == '1') {
         $feed_key = 'feed_homelink';
     } elseif ($pub_restrict == '1') {
         $feed_key = 'feed_restricted';
     } else {
         $feed_key = 'feed_public';
     }
     if (!array_key_exists($user_key, self::$feeds) || !isset(self::$feeds[$user_key][$feed_key])) {
         if ($homelink == '1') {
             $title = $user->getDisplayName() . ' - ' . 'homelink Feed';
         } elseif ($pub_restrict == '1') {
             $title = $user->getDisplayName() . ' - ' . 'private Feed';
         } else {
             $title = $user->getDisplayName() . ' - ' . 'public Feed';
         }
         $feed = new Feed();
         $publisher = new FeedPublisher();
         $feed->setTitle('title');
         $feed->setSubtitle('');
         $feed->addPublisher($publisher);
         $publisher->setFeed($feed);
         $publisher->setIsOwner(true);
         $publisher->setUser($user);
         if ($homelink) {
             $feed->setIsPublic(true);
             $app['orm.em']->persist($feed);
             $app['orm.em']->persist($user);
             $app['orm.em']->flush();
         } elseif ($pub_restrict == 1) {
             $collections = $app->getAclForUser($user)->get_granted_base();
             $collection = array_shift($collections);
             if (!$collection instanceof collection) {
                 foreach ($appbox->get_databoxes() as $databox) {
                     foreach ($databox->get_collections() as $coll) {
                         $collection = $coll;
                         break;
                     }
                     if ($collection instanceof collection) {
                         break;
                     }
                 }
             }
             if (!$collection instanceof collection) {
                 return false;
             }
             $feed->setCollection($collection);
         }
         self::$feeds[$user_key][$feed_key] = $feed;
     } else {
         $feed = self::$feeds[$user_key][$feed_key];
     }
     return $feed;
 }
Example #9
0
 public static function updateClientInfos(Application $app, $appId)
 {
     if (!$app->getAuthenticator()->isAuthenticated()) {
         return;
     }
     $session = $app['repo.sessions']->find($app['session']->get('session_id'));
     if (!$session) {
         throw new SessionNotFound('No session found');
     }
     if (!$session->hasModuleId($appId)) {
         $module = new SessionModule();
         $module->setModuleId($appId);
         $module->setSession($session);
         $session->addModule($module);
         $app['orm.em']->persist($module);
         $app['orm.em']->persist($session);
         $app['orm.em']->flush();
     }
     $appName = ['1' => 'Prod', '2' => 'Client', '3' => 'Admin', '4' => 'Report', '5' => 'Thesaurus', '6' => 'Compare', '7' => 'Validate', '8' => 'Upload', '9' => 'API'];
     if (isset($appName[$appId])) {
         $sbas_ids = array_keys($app->getAclForUser($app->getAuthenticatedUser())->get_granted_sbas());
         foreach ($sbas_ids as $sbas_id) {
             try {
                 $logger = $app['phraseanet.logger']($app->findDataboxById($sbas_id));
                 $databox = $app->findDataboxById($sbas_id);
                 $connbas = $databox->get_connection();
                 $sql = 'SELECT appli FROM log WHERE id = :log_id';
                 $stmt = $connbas->prepare($sql);
                 $stmt->execute([':log_id' => $logger->get_id()]);
                 $row3 = $stmt->fetch(PDO::FETCH_ASSOC);
                 $stmt->closeCursor();
                 if (!$row3) {
                     throw new Exception('no log');
                 }
                 $applis = unserialize($row3['appli']);
                 if (!in_array($appId, $applis)) {
                     $applis[] = $appId;
                 }
                 $sql = 'UPDATE log SET appli = :applis WHERE id = :log_id';
                 $params = [':applis' => serialize($applis), ':log_id' => $logger->get_id()];
                 $stmt = $connbas->prepare($sql);
                 $stmt->execute($params);
                 $stmt->closeCursor();
             } catch (\Exception $e) {
             }
         }
     }
     return;
 }
Example #10
0
 public function unmount_collection(Application $app)
 {
     $old_coll_id = $this->get_coll_id();
     $old_name = $this->get_name();
     $params = [':base_id' => $this->get_base_id()];
     $query = $app['phraseanet.user-query'];
     $total = $query->on_base_ids([$this->get_base_id()])->include_phantoms(false)->include_special_users(true)->include_invite(true)->include_templates(true)->get_total();
     $n = 0;
     while ($n < $total) {
         $results = $query->limit($n, 50)->execute()->get_results();
         foreach ($results as $user) {
             $app->getAclForUser($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS);
             $app->getAclForUser($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS);
         }
         $n += 50;
     }
     $sql = "DELETE FROM basusr WHERE base_id = :base_id";
     $stmt = $app->getApplicationBox()->get_connection()->prepare($sql);
     $stmt->execute($params);
     $stmt->closeCursor();
     $sql = "DELETE FROM bas WHERE base_id = :base_id";
     $stmt = $app->getApplicationBox()->get_connection()->prepare($sql);
     $stmt->execute($params);
     $stmt->closeCursor();
     $this->app['manipulator.registration']->deleteRegistrationsOnCollection($this);
     phrasea::reset_baseDatas($app['phraseanet.appbox']);
     $app['dispatcher']->dispatch(CollectionEvents::UNMOUNTED, new UnmountedEvent(null, array('coll_id' => $old_coll_id, 'coll_name' => $old_name)));
     return $this;
 }
Example #11
0
 /**
  *
  * @param  Application $app
  * @param  string      $lst
  * @param  integer     $sstid
  * @param  integer     $storyWZid
  * @return set_export
  */
 public function __construct(Application $app, $lst, $sstid, $storyWZid = null)
 {
     $this->app = $app;
     $download_list = [];
     $remain_hd = [];
     if ($storyWZid) {
         $repository = $app['repo.story-wz'];
         $storyWZ = $repository->findByUserAndId($this->app, $app->getAuthenticatedUser(), $storyWZid);
         $lst = $storyWZ->getRecord($this->app)->get_serialize_key();
     }
     if ($sstid != "") {
         $repository = $app['repo.baskets'];
         /* @var $repository Alchemy\Phrasea\Model\Repositories\BasketRepository */
         $Basket = $repository->findUserBasket($sstid, $app->getAuthenticatedUser(), false);
         $this->exportName = str_replace([' ', '\\', '/'], '_', $Basket->getName()) . "_" . date("Y-n-d");
         foreach ($Basket->getElements() as $basket_element) {
             $base_id = $basket_element->getRecord($this->app)->get_base_id();
             $record_id = $basket_element->getRecord($this->app)->get_record_id();
             if (!isset($remain_hd[$base_id])) {
                 if ($app->getAclForUser($app->getAuthenticatedUser())->is_restricted_download($base_id)) {
                     $remain_hd[$base_id] = $app->getAclForUser($app->getAuthenticatedUser())->remaining_download($base_id);
                 } else {
                     $remain_hd[$base_id] = false;
                 }
             }
             $current_element = $download_list[] = new record_exportElement($app, $basket_element->getRecord($this->app)->get_sbas_id(), $record_id, $Basket->getName(), $remain_hd[$base_id]);
             $remain_hd[$base_id] = $current_element->get_remain_hd();
         }
     } else {
         $this->exportName = "Export_" . date("Y-n-d") . '_' . mt_rand(100, 999);
         $tmp_lst = explode(';', $lst);
         $n = 1;
         foreach ($tmp_lst as $basrec) {
             $basrec = explode('_', $basrec);
             if (count($basrec) != 2) {
                 continue;
             }
             try {
                 $record = new record_adapter($this->app, $basrec[0], $basrec[1]);
             } catch (\Exception_Record_AdapterNotFound $e) {
                 continue;
             }
             if ($record->isStory()) {
                 foreach ($record->get_children() as $child_basrec) {
                     $base_id = $child_basrec->get_base_id();
                     $record_id = $child_basrec->get_record_id();
                     if (!isset($remain_hd[$base_id])) {
                         if ($app->getAclForUser($app->getAuthenticatedUser())->is_restricted_download($base_id)) {
                             $remain_hd[$base_id] = $app->getAclForUser($app->getAuthenticatedUser())->remaining_download($base_id);
                         } else {
                             $remain_hd[$base_id] = false;
                         }
                     }
                     $current_element = $download_list[] = new record_exportElement($app, $child_basrec->get_sbas_id(), $record_id, $record->get_title(null, null, true) . '_' . $n, $remain_hd[$base_id]);
                     $remain_hd[$base_id] = $current_element->get_remain_hd();
                 }
             } else {
                 $base_id = $record->get_base_id();
                 $record_id = $record->get_record_id();
                 if (!isset($remain_hd[$base_id])) {
                     if ($app->getAclForUser($app->getAuthenticatedUser())->is_restricted_download($base_id)) {
                         $remain_hd[$base_id] = $app->getAclForUser($app->getAuthenticatedUser())->remaining_download($base_id);
                     } else {
                         $remain_hd[$base_id] = false;
                     }
                 }
                 $current_element = $download_list[$basrec[0] . '_' . $basrec[1]] = new record_exportElement($app, $record->get_sbas_id(), $record_id, '', $remain_hd[$base_id]);
                 $remain_hd[$base_id] = $current_element->get_remain_hd();
             }
             $n++;
         }
     }
     $this->elements = $download_list;
     $display_download = [];
     $display_orderable = [];
     $this->total_download = 0;
     $this->total_order = 0;
     $this->total_ftp = 0;
     $this->businessFieldsAccess = false;
     foreach ($this->elements as $download_element) {
         if ($app->getAclForUser($app->getAuthenticatedUser())->has_right_on_base($download_element->get_base_id(), 'canmodifrecord')) {
             $this->businessFieldsAccess = true;
         }
         foreach ($download_element->get_downloadable() as $name => $properties) {
             if (!isset($display_download[$name])) {
                 $display_download[$name] = ['size' => 0, 'total' => 0, 'available' => 0, 'refused' => []];
             }
             $display_download[$name]['total']++;
             if ($properties !== false) {
                 $display_download[$name]['available']++;
                 $display_download[$name]['label'] = $properties['label'];
                 $display_download[$name]['class'] = $properties['class'];
                 $this->total_download++;
                 $display_download[$name]['size'] += $download_element->get_size($name);
             } else {
                 $display_download[$name]['refused'][] = $download_element->get_thumbnail();
             }
         }
         foreach ($download_element->get_orderable() as $name => $properties) {
             if (!isset($display_orderable[$name])) {
                 $display_orderable[$name] = ['total' => 0, 'available' => 0, 'refused' => []];
             }
             $display_orderable[$name]['total']++;
             if ($properties !== false) {
                 $display_orderable[$name]['available']++;
                 $this->total_order++;
             } else {
                 $display_orderable[$name]['refused'][] = $download_element->get_thumbnail();
             }
         }
     }
     foreach ($display_download as $name => $values) {
         $display_download[$name]['size'] = (int) $values['size'];
     }
     $display_ftp = [];
     $hasadminright = $app->getAclForUser($app->getAuthenticatedUser())->has_right('addrecord') || $app->getAclForUser($app->getAuthenticatedUser())->has_right('deleterecord') || $app->getAclForUser($app->getAuthenticatedUser())->has_right('modifyrecord') || $app->getAclForUser($app->getAuthenticatedUser())->has_right('coll_manage') || $app->getAclForUser($app->getAuthenticatedUser())->has_right('coll_modify_struct');
     $this->ftp_datas = [];
     if ($this->app['conf']->get(['registry', 'ftp', 'ftp-enabled']) && ($hasadminright || $this->app['conf']->get(['registry', 'ftp', 'ftp-user-access']))) {
         $display_ftp = $display_download;
         $this->total_ftp = $this->total_download;
         $lst_base_id = array_keys($app->getAclForUser($app->getAuthenticatedUser())->get_granted_base());
         if ($hasadminright) {
             $sql = "SELECT Users.id AS usr_id ,Users.login AS usr_login ,Users.email AS usr_mail, FtpCredential.*\n                  FROM (\n                    FtpCredential INNER JOIN Users ON (\n                        FtpCredential.active = 1 AND FtpCredential.user_id = Users.id\n                    ) INNER JOIN basusr ON (\n                        Users.id=basusr.usr_id\n                        AND (basusr.base_id=\n                        '" . implode("' OR basusr.base_id='", $lst_base_id) . "'\n                            )\n                         )\n                      )\n                  GROUP BY Users.id  ";
             $params = [];
         } elseif ($this->app['conf']->get(['registry', 'ftp', 'ftp-user-access'])) {
             $sql = "SELECT Users.id AS usr_id ,Users.login AS usr_login ,Users.email AS usr_mail, FtpCredential.*\n                  FROM (\n                    FtpCredential INNER JOIN Users ON (\n                        FtpCredential.active = 1 AND FtpCredential.id = Users.id\n                    ) INNER JOIN basusr ON (\n                        Users.id=basusr.usr_id\n                        AND Users.id = :usr_id\n                        AND (basusr.base_id=\n                        '" . implode("' OR basusr.base_id='", $lst_base_id) . "'\n                          )\n                        )\n                      )\n                  GROUP BY Users.id  ";
             $params = [':usr_id' => $app->getAuthenticatedUser()->getId()];
         }
         $datas[] = ['name' => $app->trans('export::ftp: reglages manuels'), 'usr_id' => '0', 'address' => '', 'login' => '', 'password' => '', 'ssl' => false, 'dest_folder' => '', 'prefix_folder' => 'Export_' . date("Y-m-d_H.i.s"), 'passive' => false, 'max_retry' => 5, 'sendermail' => $app->getAuthenticatedUser()->getEmail()];
         $stmt = $app->getApplicationBox()->get_connection()->prepare($sql);
         $stmt->execute($params);
         $rs = $stmt->fetchAll(PDO::FETCH_ASSOC);
         $stmt->closeCursor();
         foreach ($rs as $row) {
             $datas[] = ['name' => $row["usr_login"], 'usr_id' => $row['usr_id'], 'address' => $row['address'], 'login' => $row['login'], 'password' => $row['password'], 'ssl' => !!$row['tls'], 'dest_folder' => $row['reception_folder'], 'prefix_folder' => strlen(trim($row['repository_prefix_name'])) > 0 ? trim($row['repository_prefix_name']) : 'Export_' . date("Y-m-d_H.i.s"), 'passive' => !!$row['passive'], 'max_retry' => $row['max_retry'], 'usr_mail' => $row['usr_mail'], 'sender_mail' => $app->getAuthenticatedUser()->getEmail()];
         }
         $this->ftp_datas = $datas;
     }
     $this->display_orderable = $display_orderable;
     $this->display_download = $display_download;
     $this->display_ftp = $display_ftp;
     return $this;
 }
 /**
  * Gives Bases Rights to User.
  *
  * @param User $user
  */
 public static function giveRightsToUser(Application $app, User $user, $base_ids = null, $force = false)
 {
     $app->getAclForUser($user)->delete_data_from_cache(\ACL::CACHE_GLOBAL_RIGHTS);
     $app->getAclForUser($user)->delete_data_from_cache(databox::CACHE_COLLECTIONS);
     $app->getAclForUser($user)->give_access_to_sbas(array_keys($app->getDataboxes()));
     foreach ($app->getDataboxes() as $databox) {
         $app->getAclForUser($user)->delete_data_from_cache(\ACL::CACHE_RIGHTS_SBAS);
         $rights = ['bas_manage' => '1', 'bas_modify_struct' => '1', 'bas_modif_th' => '1', 'bas_chupub' => '1'];
         $app->getAclForUser($user)->update_rights_to_sbas($databox->get_sbas_id(), $rights);
         foreach ($databox->get_collections() as $collection) {
             if (null !== $base_ids && !in_array($collection->get_base_id(), (array) $base_ids, true)) {
                 continue;
             }
             $base_id = $collection->get_base_id();
             if ($app->getAclForUser($user)->has_access_to_base($base_id) && false === $force) {
                 continue;
             }
             $app->getAclForUser($user)->delete_data_from_cache(\ACL::CACHE_RIGHTS_BAS);
             $app->getAclForUser($user)->give_access_to_base([$base_id]);
             $app->getAclForUser($user)->update_rights_to_base($base_id, ['order_master' => true]);
             $rights = ['canputinalbum' => '1', 'candwnldhd' => '1', 'candwnldsubdef' => '1', 'nowatermark' => '1', 'candwnldpreview' => '1', 'cancmd' => '1', 'canadmin' => '1', 'canreport' => '1', 'canpush' => '1', 'creationdate' => '1', 'canaddrecord' => '1', 'canmodifrecord' => '1', 'candeleterecord' => '1', 'chgstatus' => '1', 'imgtools' => '1', 'manage' => '1', 'modify_struct' => '1', 'bas_modify_struct' => '1'];
             $app->getAclForUser($user)->update_rights_to_base($collection->get_base_id(), $rights);
         }
     }
 }