protected function checkAccess()
{
// If backend controller is being used then we should
// check for user permissions to use role assigned to current controller and action
$rolesCacheDir = ClassLoader::getRealPath('cache.roles');
if (!is_dir($rolesCacheDir)) {
if (!@mkdir($rolesCacheDir, 0777, true)) {
return false;
}
}
$refl = new ReflectionClass($this);
$controllerPath = $refl->getFileName();
$cachePath = $rolesCacheDir . DIRECTORY_SEPARATOR . md5($controllerPath) . '.php';
ClassLoader::import("framework.roles.RolesDirectoryParser");
ClassLoader::import("framework.roles.RolesParser");
$this->roles = new RolesParser($controllerPath, $cachePath);
if ($this->roles->wereExpired()) {
ClassLoader::import('application.model.role.Role');
Role::addNewRolesNames($this->roles->getRolesNames());
}
$role = $this->roles->getRole($this->request->getActionName());
if ($role) {
if (!$this->user->hasAccess($role)) {
if ($this->user->isAnonymous()) {
throw new UnauthorizedException($this);
} else {
throw new ForbiddenException($this);
}
}
}
}
/**
* Get LDAPResult object corresponding to a User object
*
* @param User $user
* @return LDAPResult
*/
function getLdapFromUser($user)
{
if ($user && !$user->isAnonymous()) {
return $this->getLdapFromLdapId($user->getLdapId());
} else {
return false;
}
}
public static function getNewInstance(Product $product, User $user)
{
$instance = parent::getNewInstance(__CLASS__);
$instance->product->set($product);
if ($user && $user->isAnonymous()) {
$user = null;
}
$instance->user->set($user);
return $instance;
}
/**
* Add an artefact in the tracker
*
* @param Tracker_IDisplayTrackerLayout $layout
* @param Codendi_Request $request
* @param User $user
*
* @return Tracker_Artifact the new artifact
*/
private function createArtifact(Tracker_IDisplayTrackerLayout $layout, $request, $user)
{
$email = null;
if ($user->isAnonymous()) {
$email = $request->get('email');
}
$fields_data = $request->get('artifact');
$this->tracker->augmentDataFromRequest($fields_data);
return $this->artifact_factory->createArtifact($this->tracker, $fields_data, $user, $email);
}
public static function getNewInstance(Product $product, ProductRatingType $type = null, User $user = null)
{
$instance = parent::getNewInstance(__CLASS__);
$instance->product->set($product);
if ($type && is_null($type->getID())) {
$type = null;
}
$instance->ratingType->set($type);
if ($user && $user->isAnonymous()) {
$user = null;
}
$instance->user->set($user);
return $instance;
}
/**
* Fetch content of the renderer
* @param array $matching_ids
* @param Request $request
* @return string
*/
public function fetch($matching_ids, $request, $report_can_be_modified, User $user)
{
$html = '';
$this->initiateSession();
$readonly = !$report_can_be_modified || $user->isAnonymous();
if (!$readonly && $this->chart_to_edit) {
$html .= '<script type="text/javascript" src="/plugins/graphontrackersv5/dependencies.js"></script>';
$url = '?' . http_build_query(array('report' => $this->report->id, 'renderer' => $this->id));
$html .= '<p><a href="' . $url . '">« ' . $GLOBALS['Language']->getText('plugin_graphontrackersv5_include_report', 'return_renderer') . '</a></p>';
$html .= '<form action="' . $url . '" name="edit_chart_form" method="post">';
$html .= '<input type="hidden" name="func" VALUE="renderer" />';
$html .= '<input type="hidden" name="renderer_plugin_graphontrackersv5[edit_chart]" VALUE="' . $this->chart_to_edit->getId() . '" />';
$html .= '<table>';
$html .= '<thead>
<tr class="boxtable">
<th class="boxtitle">' . $GLOBALS['Language']->getText('plugin_graphontrackersv5_boxtable', 'chart_properties') . '</th>
<th class="boxtitle">' . $GLOBALS['Language']->getText('plugin_graphontrackersv5_boxtable', 'preview') . '</th>
</tr>
</thead>';
$html .= '<tbody><tr valign="top"><td>';
//{{{ Chart Properties
foreach ($this->chart_to_edit->getProperties() as $prop) {
$html .= '<p>' . $prop->render() . "</p>\n";
}
$html .= '<p style="text-align:center;"><input type="submit" name="renderer_plugin_graphontrackersv5[update_chart]" value="' . $GLOBALS['Language']->getText('global', 'btn_submit') . '" /></p>';
//}}}
$html .= '</td><td style="text-align:center">';
//{{{ Chart Preview
$html .= $this->chart_to_edit->fetch();
//}}}
$html .= '</tr>';
if ($help = $this->chart_to_edit->getHelp()) {
$html .= '<tr><td colspan="2" class="inline_help">' . $help . '</td></tr>';
}
$html .= '</tbody></table>';
$html .= '</form>';
} else {
$in_dashboard = false;
$html .= $this->fetchCharts($this->report->getMatchingIds(), $user, $in_dashboard, $readonly);
}
return $html;
}
/**
* Update an artifact (means create a new changeset)
*
* @param array $fields_data Artifact fields values
* @param string $comment The comment (follow-up) associated with the artifact update
* @param User $submitter The user who is doing the update
* @param string $email The email of the person who updates the artifact if modification is done in anonymous mode
* @param boolean $send_notification true if a notification must be sent, false otherwise
* @param string $comment_format The comment (follow-up) type ("text" | "html")
*
* @return boolean True if update is done without error, false otherwise
*/
public function createNewChangeset($fields_data, $comment, $submitter, $email, $send_notification = true, $comment_format = Tracker_Artifact_Changeset_Comment::TEXT_COMMENT)
{
$is_valid = true;
$is_submission = false;
if (!$submitter->isAnonymous() || $email != null) {
if ($this->validateFields($fields_data, false)) {
$comment = trim($comment);
$last_changeset = $this->getLastChangeset();
if ($comment || $last_changeset->hasChanges($fields_data)) {
//There is a comment or some change in fields: create a changeset
$workflow = $this->getWorkflow();
if ($workflow) {
$workflow->before($fields_data, $submitter);
}
if ($changeset_id = $this->getChangesetDao()->create($this->getId(), $submitter->getId(), $email)) {
//Store the comment
$this->getChangesetCommentDao()->createNewVersion($changeset_id, $comment, $submitter->getId(), 0, $comment_format);
//extract references from the comment
$this->getReferenceManager()->extractCrossRef($comment, $this->getId(), self::REFERENCE_NATURE, $this->getTracker()->getGroupID(), $submitter->getId(), $this->getTracker()->getItemName());
//Store the value(s) of the fields
$used_fields = $this->getFormElementFactory()->getUsedFields($this->getTracker());
foreach ($used_fields as $field) {
if (isset($fields_data[$field->getId()]) && $field->userCanUpdate()) {
$field->saveNewChangeset($this, $last_changeset, $changeset_id, $fields_data[$field->getId()], $submitter, $is_submission);
} else {
if ($workflow && isset($fields_data[$field->getId()]) && !$field->userCanUpdate() && $workflow->bypassPermissions($field)) {
$bypass_perms = true;
$field->saveNewChangeset($this, $last_changeset, $changeset_id, $fields_data[$field->getId()], $submitter, $is_submission, $bypass_perms);
} else {
$field->saveNewChangeset($this, $last_changeset, $changeset_id, null, $submitter, $is_submission);
}
}
}
//Save the artifact
$this->getArtifactFactory()->save($this);
if ($send_notification) {
// Send notifications
$this->getChangeset($changeset_id)->notify();
}
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_artifact', 'unable_update'));
$is_valid = false;
//TODO To be removed
}
} else {
$art_link = '<a class="direct-link-to-artifact" href="' . TRACKER_BASE_URL . '/?aid=' . $this->getId() . '">' . $this->getXRef() . '</a>';
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_tracker_artifact', 'no_changes', array($art_link)), CODENDI_PURIFIER_LIGHT);
$is_valid = false;
}
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_artifact', 'fields_not_valid'));
$is_valid = false;
}
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_artifact', 'email_required'));
$is_valid = false;
}
return $is_valid;
}
/**
* Test is user can read the content of this repository and metadata
*
* @param User $user The user to test
* @param GitRepository $repository The repository to test
*
* @return Boolean
*/
public function userCanRead($user, $repository)
{
if ($repository->isPrivate() && $user->isMember($repository->getProjectId())) {
return true;
}
if ($repository->isPublic()) {
if ($user->isRestricted() && $user->isMember($repository->getProjectId())) {
return true;
}
if (!$user->isAnonymous()) {
return true;
}
}
return false;
}
/**
* @covers User::isAnonymous
* @covers User::setId
*/
public function testIsAnonymous()
{
$this->user->setId(0);
$actual = $this->user->isAnonymous();
$this->assertTrue($actual);
}
/**
* Update db entry of 'user' table with values in object
* @param User $user
*/
function updateDb($user)
{
if (!$user->isAnonymous()) {
$userRow = $user->toRow();
if ($user->getPassword() != '') {
if (md5($user->getPassword()) != $user->getUserPw()) {
// Update password
$userRow['password'] = $user->getPassword();
}
}
$result = $this->getDao()->updateByRow($userRow);
if ($result && ($user->isSuspended() || $user->isDeleted())) {
$this->getDao()->deleteAllUserSessions($user->getId());
}
return $result;
}
return false;
}
/**
* Add an artefact in the tracker
*
* @param Tracker_IDisplayTrackerLayout $layout
* @param Codendi_Request $request
* @param User $user
*
* @return Tracker_Artifact the new artifact
*/
public function createArtifact(Tracker_IDisplayTrackerLayout $layout, $request, $user)
{
$email = null;
if ($user->isAnonymous()) {
$email = $request->get('email');
}
$fields_data = $request->get('artifact');
$this->augmentDataFromRequest($fields_data);
return Tracker_ArtifactFactory::instance()->createArtifact($this, $fields_data, $user, $email);
}
