/**
* Authorize current user
*
* @param mixed $idx Index value
* @return array
*/
private function _authorize()
{
// NOT logged in
if (User::isGuest()) {
// If the resource is published and public
if ($this->published() && ($this->resource->access == 0 || $this->resource->access == 3)) {
// Allow view access
$this->params->set('access-view-resource', true);
if ($this->resource->access == 0) {
$this->params->set('access-view-all-resource', true);
}
}
$this->_authorized = true;
return;
}
if ($this->isTool()) {
$tconfig = Component::params('com_tools');
if ($admingroup = trim($tconfig->get('admingroup', ''))) {
// Check if they're a member of admin group
$ugs = \Hubzero\User\Helper::getGroups(User::get('id'));
if ($ugs && count($ugs) > 0) {
$admingroup = strtolower($admingroup);
foreach ($ugs as $ug) {
if (strtolower($ug->cn) == $admingroup) {
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
$this->params->set('access-admin-resource', true);
$this->params->set('access-manage-resource', true);
$this->params->set('access-create-resource', true);
$this->params->set('access-delete-resource', true);
$this->params->set('access-edit-resource', true);
$this->params->set('access-edit-state-resource', true);
$this->params->set('access-edit-own-resource', true);
break;
}
}
}
}
if (!$this->params->get('access-admin-resource') && !$this->params->get('access-manage-resource')) {
// If logged in and resource is published and public or registered
if ($this->published() && ($this->resource->access == 0 || $this->resource->access == 1)) {
// Allow view access
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
}
if ($this->resource->group_owner) {
// For protected resources, make sure users can see abstract
if ($this->resource->access < 3) {
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
} else {
if ($this->resource->access == 3) {
$this->params->set('access-view-resource', true);
}
}
// Get the groups the user has access to
$xgroups = \Hubzero\User\Helper::getGroups(User::get('id'), 'all');
$usersgroups = array();
if (!empty($xgroups)) {
foreach ($xgroups as $group) {
if ($group->regconfirmed) {
$usersgroups[] = $group->cn;
}
}
}
// Get the groups that can access this resource
$allowedgroups = $this->resource->getGroups();
// Find what groups the user has in common with the resource, if any
$common = array_intersect($usersgroups, $allowedgroups);
// Check if the user is apart of the group that owns the resource
// or if they have any groups in common
if (in_array($this->resource->group_owner, $usersgroups) || count($common) > 0) {
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
}
}
$obj = new \Components\Tools\Tables\Tool($this->_db);
$obj->loadFromName($this->resource->alias);
// check if user in tool dev team
if ($developers = $obj->getToolDevelopers($obj->id)) {
foreach ($developers as $dv) {
if ($dv->uidNumber == User::get('id')) {
$this->params->set('access-create-resource', true);
$this->params->set('access-delete-resource', true);
$this->params->set('access-edit-resource', true);
$this->params->set('access-edit-state-resource', true);
$this->params->set('access-edit-own-resource', true);
}
}
}
}
$this->_authorized = true;
return;
} else {
// Check if they're a site admin (from Joomla)
$this->params->set('access-admin-resource', User::authorise('core.admin', null));
$this->params->set('access-manage-resource', User::authorise('core.manage', null));
if ($this->params->get('access-admin-resource') || $this->params->get('access-manage-resource')) {
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
$this->params->set('access-create-resource', true);
$this->params->set('access-delete-resource', true);
$this->params->set('access-edit-resource', true);
$this->params->set('access-edit-state-resource', true);
$this->params->set('access-edit-own-resource', true);
$this->_authorized = true;
return;
}
// If they're not an admin
// If logged in and resource is published and public or registered
if ($this->published() && ($this->resource->access == 0 || $this->resource->access == 1)) {
// Allow view access
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
}
// Check if they're the resource creator
if ($this->resource->created_by == User::get('id')) {
// Give full access
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
$this->params->set('access-create-resource', true);
$this->params->set('access-delete-resource', true);
$this->params->set('access-edit-resource', true);
$this->params->set('access-edit-state-resource', true);
$this->params->set('access-edit-own-resource', true);
} else {
if (in_array(User::get('id'), $this->contributors('id'))) {
// Give full access
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
$this->params->set('access-create-resource', true);
$this->params->set('access-delete-resource', true);
$this->params->set('access-edit-resource', true);
$this->params->set('access-edit-state-resource', true);
$this->params->set('access-edit-own-resource', true);
} else {
if ($this->resource->group_owner) {
// For protected resources, make sure users can see abstract
if ($this->resource->access < 3) {
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
} else {
if ($this->resource->access == 3) {
$this->params->set('access-view-resource', true);
}
}
// Get the groups the user has access to
$xgroups = \Hubzero\User\Helper::getGroups(User::get('id'), 'all');
$usersgroups = array();
if (!empty($xgroups)) {
foreach ($xgroups as $group) {
if ($group->regconfirmed) {
$usersgroups[] = $group->cn;
}
}
}
// Get the groups that can access this resource
$allowedgroups = $this->resource->getGroups();
// Find what groups the user has in common with the resource, if any
$common = array_intersect($usersgroups, $allowedgroups);
// Check if the user is apart of the group that owns the resource
// or if they have any groups in common
if (in_array($this->resource->group_owner, $usersgroups) || count($common) > 0) {
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
// if (!empty($xgroups))
// {
// foreach ($xgroups as $group)
// {
// if ($this->resource->group_owner == $group->cn && $group->manager)
// {
// $this->params->set('access-delete-resource', true);
// $this->params->set('access-edit-resource', true);
// $this->params->set('access-edit-state-resource', true);
// $this->params->set('access-edit-own-resource', true);
// break;
// }
// }
// }
}
} else {
$this->params->set('access-view-resource', true);
$this->params->set('access-view-all-resource', true);
}
}
}
}
$this->_authorized = true;
}
/**
* Check if user has access
*
* @param integer $toolid Tool ID
* @param boolean $allowAuthors Allow tool authors?
* @return boolean True if user has access, False if not
*/
private function _checkAccess($toolid, $allowAuthors = false)
{
// Create a Tool object
$obj = new \Components\Tools\Tables\Tool($this->database);
// allow to view if admin
if ($this->config->get('access-manage-component')) {
return true;
}
// check if user in tool dev team
if ($developers = $obj->getToolDevelopers($toolid)) {
foreach ($developers as $dv) {
if ($dv->uidNumber == User::get('id')) {
return true;
}
}
}
// allow access to tool authors
if ($allowAuthors) {
// Nothing here?
}
return false;
}
/**
* Check if a user has access to a tool
*
* @param integer $toolid Tool ID
* @return boolean True if user has access, false if not
*/
private function _checkToolaccess($toolid)
{
// Check if they're a site admin
if (User::authorize($this->_option, 'manage')) {
return true;
}
// Create a Tool object
$obj = new \Components\Tools\Tables\Tool($this->database);
// check if user in tool dev team
$developers = $obj->getToolDevelopers($toolid);
if ($developers) {
foreach ($developers as $dv) {
if ($dv->uidNumber == User::get('id')) {
return true;
}
}
}
return false;
}
/**
* Display a list of authors
*
* @param integer $id Resource ID
* @return void
*/
public function displayTask($id = null)
{
// Incoming
if (!$id) {
$id = Request::getInt('rid', 0);
}
// Ensure we have an ID to work with
if (!$id) {
App::abort(500, Lang::txt('COM_TOOLS_CONTRIBUTE_NO_ID'));
}
$this->view->version = Request::getVar('version', 'dev');
// Get all contributors of this resource
$helper = new \Components\Resources\Helpers\Helper($id, $this->database);
if ($this->view->version == 'dev') {
$helper->getCons();
} else {
$obj = new \Components\Tools\Tables\Tool($this->database);
$toolname = $obj->getToolnameFromResource($id);
$objV = new \Components\Tools\Tables\Version($this->database);
$revision = $objV->getCurrentVersionProperty($toolname, 'revision');
$helper->getToolAuthors($toolname, $revision);
}
// Get a list of all existing contributors
include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'tables' . DS . 'contributor' . DS . 'roletype.php';
$resource = new \Components\Resources\Tables\Resource($this->database);
$resource->load($id);
$rt = new \Components\Resources\Tables\Contributor\RoleType($this->database);
// Output HTML
$this->view->config = $this->config;
$this->view->contributors = $helper->_contributors;
$this->view->id = $id;
$this->view->roles = $rt->getRolesForType($resource->type);
$this->view->setErrors($this->getErrors())->setLayout('display')->display();
}
/**
* Finalize a tool
*
* @param string &$out Output messages container
* @return boolean True on success, False if errors
*/
protected function _finalizeTool(&$out = '')
{
Log::debug("finalizeTool(): checkpoint 1");
if (!$this->_toolid) {
return false;
}
// We need to make sure we don't prepend with PATH_APP if we already have a root-relative path
$tarball_path = $this->config->get('sourcecodePath', 'site/protected/source');
if (substr($tarball_path, 0, 1) != DS) {
$tarball_path = PATH_APP . DS . trim($this->config->get('sourcecodePath', 'site/protected/source'), DS);
}
Log::debug("finalizeTool(): checkpoint 2");
// Create a Tool object
$obj = new \Components\Tools\Tables\Tool($this->database);
$obj->getToolStatus($this->_toolid, $this->_option, $status, 'dev');
if (count($status) > 0) {
// Make sure the path exist
if (!is_dir('/tmp')) {
if (!Filesystem::makeDirectory('/tmp')) {
$out .= Lang::txt('COM_TOOLS_ERR_UNABLE_TO_CREATE_PATH') . ' /tmp';
return false;
}
}
$token = md5(uniqid());
$fname = '/tmp/license' . $this->_toolid . '-r' . $status['revision'] . '-' . $token . '.txt';
$handle = fopen($fname, "w");
fwrite($handle, $status['license']);
fclose($handle);
chmod($fname, 0664);
$command = '/usr/bin/sudo -u apps /usr/bin/finalizetool -hubdir ' . PATH_CORE . '/../ -title "' . $status['title'] . '" -version "' . $status['version'] . '" -license ' . $fname . ' ' . $status['toolname'];
Log::debug("finalizeTool(): checkpoint 3: {$command}");
if (!$this->_invokescript($command, Lang::txt('COM_TOOLS_NOTICE_VERSION_FINALIZED'))) {
$out .= " invoke script failure";
unlink($fname);
return false;
}
unlink($fname);
if ($this->getError()) {
$out .= " invoke script failure";
return false;
}
// get tarball
$tar = explode("source tarball: /tmp/", $this->getMessage());
$tar = $tar[1];
$file_path = $tarball_path . DS . $status['toolname'];
// Make sure the upload path exist
if (!is_dir($file_path)) {
if (!Filesystem::makeDirectory($file_path)) {
Log::debug("findalizeTool(): failed to create tarball path {$file_path}");
$out .= Lang::txt('COM_TOOLS_ERR_UNABLE_TO_CREATE_TAR_PATH');
return false;
}
}
Log::debug("finalizeTool(): checkpoint 4: " . DS . 'tmp' . DS . $tar . " to " . $file_path . '/' . $tar);
if (!@copy(DS . 'tmp' . DS . $tar, $file_path . '/' . $tar)) {
$out .= " failed to copy {$tar} to {$file_path}";
Log::debug("findalizeTool(): failed tarball copy");
return false;
} else {
Log::debug("findalizeTool(): deleting tmp files");
exec('sudo -u apps rm -f /tmp/' . $tar, $out, $result);
}
return true;
} else {
$out = Lang::txt('COM_TOOLS_ERR_CANNOT_RETRIEVE');
return false;
}
return true;
}
