public function getAllowedFileExtensions()
{
$u = new User();
$extensions = array();
if ($u->isSuperUser()) {
$extensions = Loader::helper('concrete/file')->getAllowedFileExtensions();
return $extensions;
}
$pae = $this->getPermissionAccessObject();
if (!is_object($pae)) {
return array();
}
$accessEntities = $u->getUserAccessEntityObjects();
$accessEntities = $pae->validateAndFilterAccessEntities($accessEntities);
$list = $this->getAccessListItems(FileSetPermissionKey::ACCESS_TYPE_ALL, $accessEntities);
$list = PermissionDuration::filterByActive($list);
foreach ($list as $l) {
if ($l->getFileTypesAllowedPermission() == 'N') {
$extensions = array();
}
if ($l->getFileTypesAllowedPermission() == 'C') {
$extensions = array_unique(array_merge($extensions, $l->getFileTypesAllowedArray()));
}
if ($l->getFileTypesAllowedPermission() == 'A') {
$extensions = Loader::helper('concrete/file')->getAllowedFileExtensions();
}
}
return $extensions;
}
public function rescan_locale()
{
if ($this->token->validate('rescan_locale')) {
$u = new \User();
if ($u->isSuperUser()) {
\Core::make('cache/request')->disable();
$section = Section::getByID($_REQUEST['locale']);
$target = new MultilingualProcessorTarget($section);
$processor = new Processor($target);
if ($_POST['process']) {
foreach ($processor->receive() as $task) {
$processor->execute($task);
}
$obj = new \stdClass();
$obj->totalItems = $processor->getTotalTasks();
echo json_encode($obj);
exit;
} else {
$processor->process();
}
$totalItems = $processor->getTotalTasks();
\View::element('progress_bar', array('totalItems' => $totalItems, 'totalItemsSummary' => t2("%d task", "%d tasks", $totalItems)));
exit;
}
}
}
public function getSearchResultFromQuery(Query $query)
{
$result = parent::getSearchResultFromQuery($query);
$u = new \User();
if (!$u->isSuperUser()) {
$gIDs = array(-1);
$gs = new GroupList();
$groups = $gs->getResults();
foreach ($groups as $g) {
$gp = new \Permissions($g);
if ($gp->canSearchUsersInGroup()) {
$gIDs[] = $g->getGroupID();
}
}
$result->getItemListObject()->getQueryObject()->leftJoin("u", "UserGroups", "ugRequired", "ugRequired.uID = u.uID");
$groups = 'ugRequired.gID in (' . implode(',', $gIDs) . ')';
$gg = \Group::getByID(REGISTERED_GROUP_ID);
$ggp = new \Permissions($gg);
if ($ggp->canSearchUsersInGroup()) {
$null = 'ugRequired.gID is null';
}
$result->getItemListObject()->getQueryObject()->select('distinct (u.uID)');
$expr = $result->getItemListObject()->getQueryObject()->expr()->orX($groups, $null);
$result->getItemListObject()->getQueryObject()->andwhere($expr);
}
return $result;
}
public function validate()
{
$u = new User();
if ($u->isSuperUser()) {
return true;
}
$pae = $this->getPermissionAccessObject();
if (!is_object($pae)) {
return false;
}
$accessEntities = $u->getUserAccessEntityObjects();
$accessEntities = $pae->validateAndFilterAccessEntities($accessEntities);
$valid = false;
$list = $this->getAccessListItems(PermissionKey::ACCESS_TYPE_ALL, $accessEntities);
$list = PermissionDuration::filterByActive($list);
foreach ($list as $l) {
if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_INCLUDE) {
$valid = true;
}
if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_EXCLUDE) {
$valid = false;
}
}
return $valid;
}
public function uninstall($btID = 0, $token = '')
{
$valt = Loader::helper('validation/token');
if ($btID > 0) {
$bt = BlockType::getByID($btID);
}
$u = new User();
if (!$u->isSuperUser()) {
$this->error->add(t('Only the super user may remove block types.'));
} else {
if (isset($bt) && $bt instanceof BlockType) {
if (!$valt->validate('uninstall', $token)) {
$this->error->add($valt->getErrorMessage());
} else {
if ($bt->canUnInstall()) {
$bt->delete();
$this->redirect('/dashboard/blocks/types', 'block_type_deleted');
} else {
$this->error->add(t('This block type is internal. It cannot be uninstalled.'));
}
}
} else {
$this->error->add('Invalid block type.');
}
}
if ($this->error->has()) {
$this->set('error', $this->error);
}
$this->inspect($btID);
}
public function delete($delGroupId, $token = ''){
$u=new User();
try {
if(!$u->isSuperUser()) {
throw new Exception(t('You do not have permission to perform this action.'));
}
$group = Group::getByID($delGroupId);
if(!($group instanceof Group)) {
throw new Exception(t('Invalid group ID.'));
}
$valt = Loader::helper('validation/token');
if (!$valt->validate('delete_group_' . $delGroupId, $token)) {
throw new Exception($valt->getErrorMessage());
}
$group->delete();
$resultMsg=t('Group deleted successfully.');
$_REQUEST=array();
$_GET=array();
$_POST=array();
$this->set('message', $resultMsg);
$this->view();
} catch(Exception $e) {
$this->set('error', $e);
}
}
public function validate() {
$u = new User();
if ($u->isSuperUser()) {
return true;
}
$accessEntities = $u->getUserAccessEntityObjects();
return $this->validateAccessEntities($accessEntities);
}
public function __construct(StickyRequest $req = null)
{
$u = new \User();
if ($u->isSuperUser()) {
$this->ignorePermissions();
}
parent::__construct($req);
}
function miserStartOptimise($miser)
{
$u = new User();
if ($u->isSuperUser()) {
//$miser->minify_html(2); // minifier contention - use old method
$miser->keys_ignore($miser->keys_ga());
$miser->cookie_override = TRUE;
}
}
public function rescan_locale()
{
if ($this->token->validate('rescan_locale')) {
$u = new \User();
if ($u->isSuperUser()) {
\Core::make('cache/request')->disable();
$section = Section::getByID($_REQUEST['locale']);
$target = new MultilingualProcessorTarget($section);
$processor = new Processor($target);
if ($_POST['process']) {
foreach ($processor->receive() as $task) {
$processor->execute($task);
}
$obj = new \stdClass();
$obj->totalItems = $processor->getTotalTasks();
print json_encode($obj);
exit;
} else {
$processor->process();
}
$totalItems = $processor->getTotalTasks();
\View::element('progress_bar', array('totalItems' => $totalItems, 'totalItemsSummary' => t2("%d task", "%d tasks", $totalItems)));
/*
$q = Queue::get('rescan_multilingual_section');
if ($_POST['process']) {
$obj = new \stdClass;
$messages = $q->receive(\Config::get('concrete.limits.copy_pages'));
foreach($messages as $key => $p) {
// delete the page here
$page = unserialize($p->body);
$oc = \Page::getByID($page['cID']);
$q->deleteMessage($p);
}
$obj->totalItems = $q->count();
print json_encode($obj);
if ($q->count() == 0) {
$q->deleteQueue('rescan_multilingual_section');
}
exit;
} else if ($q->count() == 0) {
$oc = Section::getByID($_REQUEST['locale']);
if (is_object($oc) && !$oc->isError()) {
$oc->queueForDeletionRequest($q, false);
}
}
$totalItems = $q->count();
\View::element('progress_bar', array('totalItems' => $totalItems, 'totalItemsSummary' => t2("%d page", "%d pages", $totalItems)));
*/
exit;
}
}
}
public function canViewAreaControls()
{
$u = new User();
if ($u->isSuperUser()) {
return true;
}
if ($this->canEditAreaContents() || $this->canEditAreaPermissions() || $this->canAddBlockToArea() || $this->canAddStackToArea() || $this->canAddLayoutToArea()) {
return true;
} else {
return false;
}
}
public function validate($bt = false)
{
$u = new User();
if ($u->isSuperUser()) {
return true;
}
$types = $this->getAllowedBlockTypeIDs();
if ($bt != false) {
return in_array($bt->getBlockTypeID(), $types);
} else {
return count($types) > 0;
}
}
public function validate($theme = false)
{
$u = new User();
if ($u->isSuperUser()) {
return true;
}
$themes = $this->getAllowedThemeIDs();
if ($theme != false) {
return in_array($theme->getThemeID(), $themes);
} else {
return count($themes) > 0;
}
}
function miserStartOptimise($miser)
{
$u = new User();
if ($u->isSuperUser()) {
//$miser->minify_html(2); // minifier contention - use old method
$miser->keys_ignore($miser->keys_ga());
$miser->cookie_override = TRUE;
if (version_compare(APP_VERSION, '5.7', '>=')) {
// Disabled in admin mode until they stop faffing as we need to identify ordering of JS.
$miser->enable(FALSE);
}
}
}
public function validate($permission, $args = array())
{
$u = new User();
if ($u->isSuperUser()) {
return true;
}
$pk = $this->category->getPermissionKeyByHandle($permission);
if (!$pk) {
print t('Unable to get permission key for %s', $permission);
exit;
}
$pk->setPermissionObject($this->object);
return call_user_func_array(array($pk, 'validate'), $args);
}
protected function validateClearSiteContents($options)
{
if (\Core::make('app')->isRunThroughCommandLineInterface()) {
$result = true;
} else {
$result = false;
$u = new \User();
if ($u->isSuperUser()) {
// this can ONLY be used through the post. We will use the token to ensure that
$valt = \Core::make('helper/validation/token');
if ($valt->validate('install_options_selected', $options['ccm_token'])) {
$result = true;
}
}
}
return $result;
}
public function reset_languages()
{
if (Core::make('token')->validate('reset_languages')) {
$u = new \User();
$extractor = Core::make('multilingual/extractor');
if ($u->isSuperUser()) {
$list = Section::getList();
foreach ($list as $section) {
// now we load the translations that currently exist for each section
$extractor->deleteSectionTranslationFile($section);
}
$extractor->clearTranslationsFromDatabase();
$this->redirect('/dashboard/system/multilingual/translate_interface', 'reset_complete');
}
} else {
$this->error->add(t('Only the admin user may reset all strings.'));
}
}
public function validate($obj = false)
{
$u = new User();
if ($u->isSuperUser()) {
return true;
}
$types = $this->getAllowedAttributeKeyIDs();
if ($obj != false) {
if (is_object($obj)) {
$akID = $obj->getAttributeKeyID();
} else {
$akID = $obj;
}
return in_array($akID, $types);
} else {
return count($types) > 0;
}
}
public function validate($obj = false)
{
$u = new User();
if ($u->isSuperUser()) {
return true;
}
if (is_object($obj) && $obj instanceof UserInfo) {
$db = Loader::db();
$asl = $this->getMyAssignment();
if ($asl->getGroupsAllowedPermission() == 'A') {
return true;
} else {
if ($asl->getGroupsAllowedPermission() == 'C') {
if (in_array(REGISTERED_GROUP_ID, $asl->getGroupsAllowedArray())) {
$cnt = $db->GetOne('select count(u.uID) from Users u left join UserGroups ug on u.uID = ug.uID where u.uID = ? and u.uID > ' . USER_SUPER_ID . ' and (gID is null or gID in (' . implode(',', $asl->getGroupsAllowedArray()) . '))', array($obj->getUserID()));
} else {
$cnt = $db->GetOne('select count(u.uID) from Users u left join UserGroups ug on u.uID = ug.uID where u.uID = ? and u.uID > ' . USER_SUPER_ID . ' and gID in (' . implode(',', $asl->getGroupsAllowedArray()) . ')', array($obj->getUserID()));
}
return $cnt > 0;
} else {
return false;
}
}
}
$types = $this->getAllowedGroupIDs();
if ($obj != false) {
if (is_object($obj)) {
$gID = $obj->getGroupID();
} else {
$gID = $obj;
}
return in_array($gID, $types);
} else {
return count($types) > 0;
}
}
public function install(Package $p, $data)
{
$this->localization->pushActiveContext('system');
try {
ClassLoader::getInstance()->registerPackage($p);
if (method_exists($p, 'validate_install')) {
$response = $p->validate_install($data);
}
if (isset($response) && $response instanceof ErrorList && $response->has()) {
return $response;
}
$this->bootPackageEntityManager($p);
$p->install($data);
$u = new \User();
$swapper = new ContentSwapper();
if ($u->isSuperUser() && $swapper->allowsFullContentSwap($p) && $data['pkgDoFullContentSwap']) {
$swapper->swapContent($p, $data);
}
if (method_exists($p, 'on_after_swap_content')) {
$p->on_after_swap_content($data);
}
$this->localization->popActiveContext();
$pkg = $this->getByHandle($p->getPackageHandle());
return $p;
} catch (\Exception $e) {
$this->localization->popActiveContext();
$error = $this->application->make('error');
$error->add($e);
return $error;
}
}
protected function validateClearSiteContents($options)
{
$u = new User();
if ($u->isSuperUser()) {
// this can ONLY be used through the post. We will use the token to ensure that
$valt = Loader::helper('validation/token');
if ($valt->validate('install_options_selected', $options['ccm_token'])) {
return true;
}
}
return false;
}
foreach ($originalPages as $oc) {
$ocp = new Permissions($oc);
if (!$ocp->canRead()) {
$canReadSource = false;
}
if (!$ocp->canMoveOrCopyPage()) {
$canMoveCopyPages = false;
}
$ct = PageType::getByID($oc->getPageTypeID());
if (!$dcp->canAddSubpage($ct)) {
$canAddSubContent = false;
}
if (!$oc->canMoveCopyTo($dc)) {
$canMoveCopyTo = false;
}
if (!$u->isSuperUser() || $oc->getCollectionPointerID() > 0) {
$canCopyChildren = false;
}
}
if (is_object($dc) && !$dc->isError() && $dc->isAlias()) {
$canMoveCopyTo = false;
}
$valt = Loader::helper('validation/token');
$json = array();
$json['error'] = false;
$json['message'] = false;
if (!$canReadSource) {
$error = t("You cannot view the source page(s).");
} else {
if (!$canMoveCopyPages) {
$error = t("You cannot move or copy the source page(s).");
exit;
} else {
if ($q->count() == 0) {
if (isset($_REQUEST['origCID']) && strpos($_REQUEST['origCID'], ',') > -1) {
$ocs = explode(',', $_REQUEST['origCID']);
foreach ($ocs as $ocID) {
$oc = Page::getByID($ocID);
if (is_object($oc) && !$oc->isError()) {
$originalPages[] = $oc;
}
}
} else {
$oc = Page::getByID($_REQUEST['origCID']);
if (is_object($oc) && !$oc->isError()) {
$originalPages[] = $oc;
}
}
$dc = Page::getByID($_REQUEST['destCID']);
if (count($originalPages) > 0 && is_object($dc) && !$dc->isError()) {
$u = new User();
if ($u->isSuperUser() && $oc->canMoveCopyTo($dc)) {
foreach ($originalPages as $oc) {
$oc->queueForDuplication($dc, $includeParent);
$totalItems = $q->count();
}
}
}
}
}
$totalItems = $q->count();
Loader::element('progress_bar', array('totalItems' => $totalItems, 'totalItemsSummary' => t2("%d page", "%d pages", $totalItems)));
<? } ?>
</div>
<div class="ccm-pane-footer">
<a href="<?php
echo $this->url('/dashboard/blocks/types');
?>
" class="btn"><?php
echo t('Back to Block Types');
?>
</a>
<? print $ch->button(t("Refresh"), $this->url('/dashboard/blocks/types','refresh', $bt->getBlockTypeID()), "right"); ?>
<?
$u = new User();
if ($u->isSuperUser()) {
$removeBTConfirm = t('This will remove all instances of the %s block type. This cannot be undone. Are you sure?', $bt->getBlockTypeHandle());
print $ch->button_js(t('Remove'), 'removeBlockType()', 'right', 'error');?>
<script type="text/javascript">
removeBlockType = function() {
if (confirm('<?php
echo $removeBTConfirm;
?>
')) {
location.href = "<?php
echo $this->url('/dashboard/blocks/types', 'uninstall', $bt->getBlockTypeID(), $valt->generate('uninstall'));
?>
";
?>
<form method="post" id="update-group-form" action="<?php
echo $this->url('/dashboard/users/groups/', 'update_group');
?>
">
<?php
echo $valt->output('add_or_update_group');
?>
<div class="ccm-pane-body">
<?
$form = Loader::helper('form');
$date = Loader::helper('form/date_time');
$u=new User();
$delConfirmJS = t('Are you sure you want to permanently remove this group?');
if($u->isSuperUser() == false){ ?>
<?php
echo t('You must be logged in as %s to remove groups.', USER_SUPER);
?>
<? }else{ ?>
<script type="text/javascript">
deleteGroup = function() {
if (confirm('<?php
echo $delConfirmJS;
?>
')) {
location.href = "<?php
echo $this->url('/dashboard/users/groups', 'delete', intval($_REQUEST['gID']), $valt->generate('delete_group_' . intval($_REQUEST['gID'])));
?>
/**
* Test is user can administrate FRS service of given project
*
* @param User $user User to test
* @param Integer $groupId Project
*
* @return Boolean
*/
public static function userCanAdmin($user, $groupId)
{
return $user->isSuperUser() || $user->isMember($groupId, 'R2') || $user->isMember($groupId, 'A');
}
protected function setupFilePermissions()
{
$u = new User();
if ($this->permissionLevel == false || $u->isSuperUser()) {
return false;
}
$vs = FileSetPermissions::getOverriddenSets($this->permissionLevel, FilePermissions::PTYPE_ALL);
$nvs = FileSetPermissions::getOverriddenSets($this->permissionLevel, FilePermissions::PTYPE_NONE);
$vsm = FileSetPermissions::getOverriddenSets($this->permissionLevel, FilePermissions::PTYPE_MINE);
// we remove all the items from nonviewableSets that appear in viewableSets because viewing trumps non-viewing
for ($i = 0; $i < count($nvs); $i++) {
if (in_array($nvs[$i], $vs)) {
unset($nvs[$i]);
}
}
// we have $nvs, which is an array of sets of files that we CANNOT see
// first, we add -1 so that we are always dealing with an array that at least has one value, just for
// query writing sanity sake
$nvs[] = -1;
$vs[] = -1;
$vsm[] = -1;
//$this->debug();
// this excludes all file that are found in sets that I can't find
$this->filter(false, '((select count(fID) from FileSetFiles where FileSetFiles.fID = f.fID and fsID in (' . implode(',', $nvs) . ')) = 0)');
$uID = $u->isRegistered() ? $u->getUserID() : 0;
// This excludes all files found in sets where I may only read mine, and I did not upload the file
$this->filter(false, '(f.uID = ' . $uID . ' or (select count(fID) from FileSetFiles where FileSetFiles.fID = f.fID and fsID in (' . implode(',', $vsm) . ')) = 0)');
$fp = FilePermissions::getGlobal();
if ($fp->getFileSearchLevel() == FilePermissions::PTYPE_MINE) {
// this means that we're only allowed to read files we've uploaded (unless, of course, those files are in previously covered sets)
$this->filter(false, '(f.uID = ' . $uID . ' or (select count(fID) from FileSetFiles where FileSetFiles.fID = f.fID and fsID in (' . implode(',', $vs) . ')) > 0)');
}
// now we filter out files we directly don't have access to
$groups = $u->getUserGroups();
$groupIDs = array();
foreach ($groups as $key => $value) {
$groupIDs[] = $key;
}
$uID = -1;
if ($u->isRegistered()) {
$uID = $u->getUserID();
}
if (PERMISSIONS_MODEL != 'simple') {
// There is a really stupid MySQL bug that, if the subquery returns null, the entire query is nullified
// So I have to do this query OUTSIDE of MySQL and give it to mysql
$db = Loader::db();
$fIDs = $db->GetCol("select Files.fID from Files inner join FilePermissions on FilePermissions.fID = Files.fID where fOverrideSetPermissions = 1 and (FilePermissions.gID in (" . implode(',', $groupIDs) . ") or FilePermissions.uID = {$uID}) having max(" . $this->permissionLevel . ") = 0");
if (count($fIDs) > 0) {
$this->filter(false, "(f.fID not in (" . implode(',', $fIDs) . "))");
}
}
}
public function canViewToolbar()
{
$u = new User();
if (!$u->isRegistered()) {
return false;
}
if ($u->isSuperUser()) {
return true;
}
$dh = Loader::helper('concrete/dashboard');
if ($dh->canRead() || $this->canViewPageVersions() || $this->canPreviewPageAsUser() || $this->canEditPageSpeedSettings() || $this->canEditPageProperties() || $this->canEditPageContents() || $this->canAddSubpage() || $this->canDeletePage() || $this->canApprovePageVersions() || $this->canEditPagePermissions() || $this->canMoveOrCopyPage()) {
return true;
} else {
return false;
}
}
/**
* Sets up a list to only return items the proper user can access
*/
public function setupPermissions()
{
$u = new User();
if ($u->isSuperUser() || $this->ignorePermissions) {
return;
// super user always sees everything. no need to limit
}
$groups = $u->getUserGroups();
$groupIDs = array();
foreach ($groups as $key => $value) {
$groupIDs[] = $key;
}
$uID = -1;
if ($u->isRegistered()) {
$uID = $u->getUserID();
}
$date = Loader::helper('date')->getLocalDateTime();
if ($this->includeAliases) {
$cInheritPermissionsFromCID = 'if(p2.cID is null, p1.cInheritPermissionsFromCID, p2.cInheritPermissionsFromCID)';
} else {
$cInheritPermissionsFromCID = 'p1.cInheritPermissionsFromCID';
}
if (PERMISSIONS_MODEL != 'simple') {
// support timed release
$this->filter(false, "((select count(cID) from PagePermissions pp1 where pp1.cID = {$cInheritPermissionsFromCID} and\n\t\t\t\t((pp1.cgPermissions like 'r%' and cv.cvIsApproved = 1) or (pp1.cgPermissions like '%rv%')) and (\n\t\t\t\t\t(pp1.gID in (" . implode(',', $groupIDs) . ") or pp1.uID = {$uID})\n\t\t\t\t\tand \n\t\t\t\t\t\t(pp1.cgStartDate is null or pp1.cgStartDate <= '{$date}')\n\t\t\t\t\tand \n\t\t\t\t\t\t(pp1.cgEndDate is null or pp1.cgEndDate >= '{$date}')\n\t\t\t\t)) > 0 or (p1.cPointerExternalLink !='' AND p1.cPointerExternalLink IS NOT NULL ))");
} else {
$this->filter(false, "(((select count(cID) from PagePermissions pp1 where pp1.cID = {$cInheritPermissionsFromCID} and pp1.cgPermissions like 'r%' and (pp1.gID in (" . implode(',', $groupIDs) . ") or pp1.uID = {$uID}))) > 0 or (p1.cPointerExternalLink !='' AND p1.cPointerExternalLink IS NOT NULL))");
}
}
$q->deleteMessage($p);
}
$obj->totalItems = $q->count();
if ($q->count() == 0) {
$q->deleteQueue('delete_page_request');
}
print $js->encode($obj);
exit;
} else {
if ($q->count() == 0) {
if (is_array($_POST['cID'])) {
foreach ($_POST['cID'] as $cID) {
$c = Page::getByID($cID);
$cp = new Permissions($c);
$children = $c->getNumChildren();
if (($u->isSuperUser() || $children == 0) && $cp->canDeletePage()) {
$c->queueForDeletionRequest();
}
}
}
}
}
$totalItems = $q->count();
Loader::element('progress_bar', array('totalItems' => $totalItems, 'totalItemsSummary' => t2("%d page", "%d pages", $totalItems)));
exit;
}
$form = Loader::helper('form');
$pages = array();
if (is_array($_REQUEST['item'])) {
foreach ($_REQUEST['item'] as $cID) {
$pages[] = Page::getByID($cID);
