public function cbModifyPages($context = NULL)
 {
     if (!Administration::instance()->isLoggedIn()) {
         return;
     }
     $callback = Administration::instance()->getPageCallback();
     $doc = $context['page'];
     $role = Role::load(Administration::instance()->User->role_id);
     // Remove items from navigation that the user has no permission to access
     // Publish and Blueprints
     $items = $doc->xpath("//ul[@id='nav']//li[./a[contains(@href, '/blueprints/') or contains(@href, '/publish/')]]");
     foreach ($items as $element) {
         $href = $element->getElementsByTagName('a')->item(0)->getAttribute('href');
         if (!preg_match_all('/\\/(publish|blueprints)\\/([^\\/]+)\\//', $href, $match, PREG_SET_ORDER)) {
             continue;
         }
         $area = $match[0][1];
         $handle = $match[0][2];
         if ((!isset($role->permissions()->{"{$area}::{$handle}.create"}) || $role->permissions()->{"{$area}::{$handle}.create"} < 1) && (!isset($role->permissions()->{"{$area}::{$handle}.edit"}) || $role->permissions()->{"{$area}::{$handle}.edit"} < 1)) {
             $element->parentNode->removeChild($element);
         }
     }
     // System
     // Users
     if ((!isset($role->permissions()->{"system::users.create"}) || $role->permissions()->{"system::users.create"} < 1) && (!isset($role->permissions()->{"system::users.edit"}) || $role->permissions()->{"system::users.edit"} < 1)) {
         $users = $doc->xpath("//ul[@id='nav']//li[./a[contains(@href, '/system/users/')]]");
         foreach ($users as $element) {
             $element->parentNode->removeChild($element);
         }
     }
     // TODO: Add delegate for extensions to remove navigation items based on permissions
     // Remove empty navigation groups
     foreach ($doc->xpath("//ul[@id='nav']/li[not(./ul/li)]") as $element) {
         $element->parentNode->removeChild($element);
     }
     /*
     			// Users
     			if($callback['pageroot'] == '/system/users/'){
     
     				// Index
     				if(is_null($callback['context'])){
     
     					if(isset($role->permissions()->{"system::users.edit"}) && $role->permissions()->{"system::users.edit"} > 0){
     						if(isset($_POST['with-selected']) && isset($_POST['items']) && preg_match('/^aac-role::(\d+)/i', $_POST['with-selected'], $match)){
     							$checked = @array_keys($_POST['items']);
     							if(is_array($checked) && !empty($checked)){
     								Symphony::Database()->query(sprintf(
     									"UPDATE `tbl_users` SET `role_id` = %d WHERE `id` IN (%s)",
     									(int)$match[1],
     									implode(',', $checked)
     								));
     							}
     						}
     					}
     					
     					// Remove the 'Create New' button if user has no 'create' privileges
     					if(!isset($role->permissions()->{"system::users.create"}) || $role->permissions()->{"system::users.create"} < 1){
     						$this->removeCreateButton($doc);
     					}
     
     					// Remove the 'With Selected' and row checkboxes if user has no 'edit' privileges
     					if(!isset($role->permissions()->{"system::users.edit"}) || $role->permissions()->{"system::users.edit"} < 1){
     						$this->removeFormActions($doc);
     						$this->removeCheckboxesFromTableRows($doc);
     					}
     					
     					$this->modifyUsersPageIndex($context);
     				}
     				
     				// New
     				elseif(isset($callback['context'][0]) && $callback['context'][0] == 'new'){
     					$this->modifyUsersPageNew($context);
     				}
     
     				// Edit
     				elseif(isset($callback['context'][0]) && $callback['context'][0] == 'edit'){
     					$this->modifyUsersPageEdit((int)$callback['context'][1], $context);
     				}
     			}
     */
     // Publish
     if (preg_match('/^\\/publish\\/([^\\/]+)\\/$/i', $callback['pageroot'], $match)) {
         $handle = $match[1];
         switch ($callback['context']['page']) {
             case 'index':
                 // Remove the 'Create New' button if user has no 'create' privileges
                 if (!isset($role->permissions()->{"publish::{$handle}.create"}) || $role->permissions()->{"publish::{$handle}.create"} < 1) {
                     $this->removeCreateButton($doc);
                 }
                 // Remove the 'With Selected' and row checkboxes if user has no 'edit' privileges
                 if (!isset($role->permissions()->{"publish::{$handle}.edit"}) || $role->permissions()->{"publish::{$handle}.edit"} < 1) {
                     $this->removeFormActions($doc);
                     $this->removeCheckboxesFromTableRows($doc);
                 }
                 break;
             case 'edit':
                 // User only has "edit own" permissions
                 if ($role->permissions()->{"publish::{$handle}.edit"} < 2) {
                     $entry = Entry::loadFromID($callback['context']['entry_id']);
                     if (Administration::instance()->User->id != $entry->meta()->user_id) {
                         $this->removeFormActions($doc);
                     }
                 }
                 break;
         }
     } elseif (preg_match('/^\\/blueprints\\/([^\\/]+)\\/$/i', $callback['pageroot'], $match)) {
         $handle = $match[1];
         switch ($callback['context'][0]) {
             case 'index':
             default:
                 // Remove the 'Create New' button if user has no 'create' privileges
                 if (!isset($role->permissions()->{"blueprints::{$handle}.create"}) || $role->permissions()->{"blueprints::{$handle}.create"} < 1) {
                     $this->removeCreateButton($doc);
                 }
                 // Remove the 'With Selected' and row checkboxes if user has no 'edit' privileges
                 if (!isset($role->permissions()->{"blueprints::{$handle}.edit"}) || $role->permissions()->{"blueprints::{$handle}.edit"} < 1) {
                     $this->removeWithSelected($doc);
                 }
                 break;
         }
     }
     // TODO: Delegate for extensions to modify pages based on their own permissions
 }
 public function __actionEdit()
 {
     $callback = Administration::instance()->getPageCallback();
     $entry_id = (int) $callback['context']['entry_id'];
     if (@array_key_exists('save', $_POST['action']) || @array_key_exists("done", $_POST['action'])) {
         $entry = Entry::loadFromID($entry_id);
         $post = General::getPostData();
         $fields = array();
         if (isset($post['fields']) and !empty($post['fields'])) {
             $fields = $post['fields'];
         }
         $entry->setFieldDataFromFormArray($fields);
         ###
         # Delegate: EntryPreEdit
         # Description: Just prior to editing of an Entry.
         Extension::notify('EntryPreEdit', '/publish/edit/', array('entry' => &$entry));
         $this->errors->flush();
         $status = Entry::save($entry, $this->errors);
         if ($status == Entry::STATUS_OK) {
             // Check if there is a field to prepopulate
             if (isset($_REQUEST['prepopulate']) && strlen(trim($_REQUEST['prepopulate'])) > 0) {
                 $field_handle = key($_REQUEST['prepopulate']);
                 $value = stripslashes(rawurldecode($_REQUEST['prepopulate'][$field_handle]));
                 $prepopulate_filter = "?prepopulate[{$field_handle}]=" . rawurlencode($value);
             } else {
                 $prepopulate_filter = null;
             }
             ###
             # Delegate: EntryPostEdit
             # Description: Editing an entry. Entry object is provided.
             Extension::notify('EntryPostEdit', '/publish/edit/', array('entry' => $entry));
             ## WOOT
             redirect(sprintf('%s/symphony/publish/%s/edit/%d/:saved/%s', URL, $entry->section, $entry->id, $prepopulate_filter));
         }
         // Oh dear
         $this->entry = $entry;
         $this->alerts()->append(__('An error occurred while processing this form. <a href="#error">See below for details.</a> <a class="more">Show a list of errors.</a>'), AlertStack::ERROR);
         return;
     } elseif (@array_key_exists('delete', $_POST['action']) && is_numeric($entry_id)) {
         $callback = Administration::instance()->getPageCallback();
         ###
         # Delegate: Delete
         # Description: Prior to deleting an entry. Entry ID is provided, as an
         # array to remain compatible with other Delete delegate call
         Extension::notify('Delete', '/publish/', array('entry_id' => $entry_id));
         Entry::delete($entry_id);
         redirect(ADMIN_URL . '/publish/' . $callback['context']['section_handle'] . '/');
     }
 }
Beispiel #3
0
 public function trigger(Register $ParameterOutput, array $postdata)
 {
     $result = new XMLDocument();
     $result->appendChild($result->createElement($this->parameters()->{'root-element'}));
     $root = $result->documentElement;
     // Apply default values:
     foreach ($this->parameters()->{'defaults'} as $name => $value) {
         if (!isset($postdata['fields'][$name])) {
             $postdata['fields'][$name] = $value;
         } else {
             if (is_string($postdata['fields'][$name]) and $postdata['fields'][$name] == '') {
                 $postdata['fields'][$name] = $value;
             } else {
                 if (is_array($postdata['fields'][$name]) and empty($postdata['fields'][$name])) {
                     $postdata['fields'][$name] = array($value);
                 }
             }
         }
     }
     // Apply override values:
     foreach ($this->parameters()->{'overrides'} as $name => $value) {
         if (is_array($postdata['fields'][$name])) {
             $postdata['fields'][$name] = array($value);
         } else {
             $postdata['fields'][$name] = $value;
         }
     }
     if (isset($postdata['id'])) {
         $entry = Entry::loadFromID($postdata['id']);
         $type = 'edit';
     } else {
         $entry = new Entry();
         $entry->section = $this->parameters()->{'section'};
         if (isset(Frontend::instance()->User) && Frontend::instance()->User instanceof User) {
             $entry->user_id = Frontend::instance()->User->id;
         } else {
             $entry->user_id = (int) Symphony::Database()->query("SELECT `id` FROM `tbl_users` ORDER BY `id` ASC LIMIT 1")->current()->id;
         }
         $type = 'create';
     }
     if (isset($postdata['fields']) && is_array($postdata['fields']) && !empty($postdata['fields'])) {
         $entry->setFieldDataFromFormArray($postdata['fields']);
     }
     $root->setAttribute('type', $type);
     ###
     # Delegate: EntryPreCreate
     # Description: Just prior to creation of an Entry. Entry object provided
     Extension::notify('EntryPreCreate', '/frontend/', array('entry' => &$entry));
     $errors = new MessageStack();
     $status = Entry::save($entry, $errors);
     if ($status == Entry::STATUS_OK) {
         ###
         # Delegate: EntryPostCreate
         # Description: Creation of an Entry. New Entry object is provided.
         Extension::notify('EntryPostCreate', '/frontend/', array('entry' => $entry));
         if ($this->parameters()->{'output-id-on-save'} == true) {
             $ParameterOutput->{sprintf('event-%s-id', $this->parameters()->{'root-element'})} = $entry->id;
         }
         $root->setAttribute('result', 'success');
         $root->setAttribute('id', $entry->id);
         $root->appendChild($result->createElement('message', __("Entry %s successfully.", array($type == 'edit' ? __('edited') : __('created')))));
     } else {
         $root->setAttribute('result', 'error');
         $root->appendChild($result->createElement('message', __('Entry encountered errors when saving.')));
         if (!isset($postdata['fields']) || !is_array($postdata['fields'])) {
             $postdata['fields'] = array();
         }
         $element = $result->createElement('errors');
         $this->appendMessages($element, $errors);
         $root->appendChild($element);
     }
     $messages = new MessageStack();
     ###
     # Delegate: EventPostSaveFilter
     # Description: After saving entry from the front-end. This delegate will not force the Events to terminate if it populates the error
     #              array reference. Provided with the event, message stack, postdata and entry object.
     Extension::notify('EventPostSaveFilter', '/frontend/', array('event' => $this, 'messages' => $messages, 'fields' => $postdata, 'entry' => $entry));
     if ($messages->valid()) {
         $filter = $result->createElement('filters');
         $this->appendMessages($filter, $messages);
         $root->appendChild($filter);
     }
     $element = $result->createElement('values');
     $this->appendValues($element, is_array($postdata['fields']) ? $postdata['fields'] : array());
     $root->appendChild($element);
     return $result;
 }
Beispiel #4
0
 public function prepareTableValue($data, DOMElement $link = NULL)
 {
     if (!is_array($data) || empty($data)) {
         return parent::prepareTableValue(NULL, $link);
     }
     $result = Administration::instance()->Page->createDocumentFragment();
     foreach ($data as $index => $d) {
         try {
             $entry = Entry::loadFromID($d->relation_id);
             foreach ($this->{'related-fields'} as $key => $value) {
                 list($section_handle, $field_handle) = $value;
                 if ($section_handle != $entry->meta()->section) {
                     continue;
                 }
                 $section = Section::loadFromHandle($section_handle);
                 $field = $section->fetchFieldByHandle($field_handle);
                 $value = $field->prepareTableValue($entry->data()->{$field_handle});
                 // TODO: handle passing links
                 if ($index > 0) {
                     $result->appendChild(new DOMText(', '));
                 }
                 $result->appendChild(Widget::anchor($value, sprintf('%s/publish/%s/edit/%d/', ADMIN_URL, $section_handle, $entry->meta()->id)));
                 break;
             }
         } catch (Exception $e) {
         }
     }
     if (!$result->hasChildNodes()) {
         return parent::prepareTableValue(NULL, $link);
     }
     return $result;
 }
Beispiel #5
0
 public function trigger(Register $ParameterOutput, array $postdata)
 {
     $result = new XMLDocument();
     $result->appendChild($result->createElement($this->parameters()->{'root-element'}));
     $root = $result->documentElement;
     if (isset($postdata['id'])) {
         $entry = Entry::loadFromID($postdata['id']);
         $type = 'edit';
     } else {
         $entry = new Entry();
         $entry->section = $this->parameters()->{'section'};
         if (isset(Frontend::instance()->User) && Frontend::instance()->User instanceof User) {
             $entry->user_id = Frontend::instance()->User->id;
         } else {
             $entry->user_id = (int) Symphony::Database()->query("SELECT `id` FROM `tbl_users` ORDER BY `id` ASC LIMIT 1")->current()->id;
         }
         $type = 'create';
     }
     if (isset($postdata['fields']) && is_array($postdata['fields']) && !empty($postdata['fields'])) {
         $entry->setFieldDataFromFormArray($postdata['fields']);
     }
     $root->setAttribute('type', $type);
     ###
     # Delegate: EntryPreCreate
     # Description: Just prior to creation of an Entry. Entry object provided
     Extension::notify('EntryPreCreate', '/frontend/', array('entry' => &$entry));
     $errors = new MessageStack();
     $status = Entry::save($entry, $errors);
     if ($status == Entry::STATUS_OK) {
         ###
         # Delegate: EntryPostCreate
         # Description: Creation of an Entry. New Entry object is provided.
         Extension::notify('EntryPostCreate', '/frontend/', array('entry' => $entry));
         if ($this->parameters()->{'output-id-on-save'} == true) {
             $ParameterOutput->{sprintf('event-%s-id', $this->parameters()->{'root-element'})} = $entry->id;
         }
         $root->setAttribute('result', 'success');
         $root->appendChild($result->createElement('message', __("Entry %s successfully.", array($type == 'edit' ? __('edited') : __('created')))));
     } else {
         $root->setAttribute('result', 'error');
         $root->appendChild($result->createElement('message', __('Entry encountered errors when saving.')));
         if (!isset($postdata['fields']) || !is_array($postdata['fields'])) {
             $postdata['fields'] = array();
         }
         $element = $result->createElement('values');
         $this->appendValues($element, $postdata['fields']);
         $root->appendChild($element);
         $element = $result->createElement('errors');
         $this->appendMessages($element, $errors);
         $root->appendChild($element);
     }
     return $result;
 }