public function init()
{
$this->setName("Edit concept");
$this->setMethod('Post');
$this->_isProposalOnly = !(OpenSKOS_Db_Table_Users::fromIdentity()->isAllowed('editor.concepts', 'full-create') || OpenSKOS_Db_Table_Users::fromIdentity()->isAllowed('editor.concepts', 'edit'));
$this->buildHeader()->buildTabsControl()->buildLanguageTabs()->buildSchemeTabs();
}
public function clearHistoryAction()
{
$user = OpenSKOS_Db_Table_Users::fromIdentity();
if (null !== $user) {
$user->clearUserHistory();
}
$this->getHelper('json')->sendJson(array('status' => 'ok'));
}
/**
* Sets the api key parameter for the api requests.
*
* @return OpenSKOS_Http_Client_Api
*/
protected function assignApiKey()
{
$user = OpenSKOS_Db_Table_Users::fromIdentity();
if (null === $user) {
throw new OpenSKOS_Http_Client_Api_Exception('User not found. Needed for request to the api.');
}
$this->setParameterGet('key', $user->apikey);
return $this;
}
public function removeAction()
{
$user = OpenSKOS_Db_Table_Users::fromIdentity();
if (null === $user) {
throw new Zend_Controller_Action_Exception('User not found', 404);
}
$user->removeConceptFromSelection($this->getRequest()->getPost('uuid'));
$selection = $user->getConceptsSelection();
$this->getHelper('json')->sendJson(array('status' => 'ok', 'result' => $this->_prepareSelectionData($selection)));
}
public function editAction()
{
$this->_requireAccess('editor.collections', 'manage');
$collection = $this->_getCollection();
if (!OpenSKOS_Db_Table_Users::fromIdentity()->isAllowed('editor.delete-all-concepts-in-collection', null)) {
$collection->getUploadForm()->removeElement('delete-before-import');
}
$this->view->assign('collection', $collection);
$this->view->assign('jobs', $collection->getJobs());
$this->view->assign('harvestjobs', $collection->getJobs(OpenSKOS_Db_Table_Row_Job::JOB_TASK_HARVEST));
$this->view->assign('max_upload_size', Zend_Controller_Front::getInstance()->getParam('bootstrap')->getOption('max_upload_size'));
}
/**
* @return Zend_Form
*/
public function getForm()
{
static $form;
if (null === $form) {
$form = new Zend_Form();
$form->addElement('hidden', 'id', array('required' => $this->id ? true : false))->addElement('text', 'tenant', array('label' => _('Tenant'), 'readonly' => true, 'disabled' => true))->addElement('text', 'name', array('label' => _('Name'), 'required' => true))->addElement('text', 'email', array('label' => _('E-mail'), 'required' => true))->addElement('password', 'pw1', array('label' => _('Password'), 'maxlength' => 100, 'size' => 15, 'validators' => array(array('StringLength', false, array(4, 30)), array('identical', false, array('token' => 'pw2')))))->addElement('password', 'pw2', array('label' => _('Password (check)'), 'maxlength' => 100, 'size' => 15, 'validators' => array(array('identical', false, array('token' => 'pw1')))))->addElement('select', 'role', array('label' => _('Role'), 'required' => true))->addElement('radio', 'type', array('label' => _('Usertype'), 'required' => true))->addElement('text', 'apikey', array('label' => _('API Key (required for API users)'), 'required' => false))->addElement('text', 'eppn', array('label' => _('eduPersonPrincipalName (for SAML authentication)'), 'required' => false))->addElement('multiselect', 'defaultSearchProfileIds', array('label' => _('Search Profile Id'), 'required' => false))->addElement('checkbox', 'disableSearchProfileChanging', array('label' => _('Disable changing search profile'), 'required' => false))->addElement('submit', 'submit', array('label' => _('Submit')))->addElement('reset', 'reset', array('label' => _('Reset')))->addElement('submit', 'cancel', array('label' => _('Cancel')))->addElement('submit', 'delete', array('label' => _('Delete'), 'onclick' => 'return confirm(\'' . _('Are you sure you want to delete this user?') . '\');'))->addDisplayGroup(array('submit', 'reset', 'cancel', 'delete'), 'buttons');
$form->getElement('type')->addMultiOptions(array_combine(OpenSKOS_Db_Table_Users::$types, OpenSKOS_Db_Table_Users::$types))->setSeparator(' ');
$form->getElement('role')->addMultiOptions(array_combine(OpenSKOS_Db_Table_Users::$roles, OpenSKOS_Db_Table_Users::$roles));
$searchProfilesModel = new OpenSKOS_Db_Table_SearchProfiles();
$select = $searchProfilesModel->select();
if (Zend_Auth::getInstance()->hasIdentity()) {
$select->where('tenant=?', Zend_Auth::getInstance()->getIdentity()->tenant);
}
$searchProfiles = $searchProfilesModel->fetchAll($select);
$searchProfilesOptions = array();
foreach ($searchProfiles as $profile) {
$searchProfilesOptions[$profile->id] = $profile->name;
}
$form->getElement('defaultSearchProfileIds')->addMultiOptions($searchProfilesOptions);
$validator = new Zend_Validate_Callback(array($this->getTable(), 'uniqueEmail'));
$validator->setMessage(_("there is already a user with e-mail address '%value%'"), Zend_Validate_Callback::INVALID_VALUE);
$form->getElement('email')->addValidator($validator)->addValidator(new Zend_Validate_EmailAddress());
$validator = new Zend_Validate_Callback(array($this->getTable(), 'uniqueEppn'));
$validator->setMessage(_("there is already a user with eduPersonPrincipalName '%value%'"), Zend_Validate_Callback::INVALID_VALUE);
$form->getElement('eppn')->addValidator($validator);
$validator = new Zend_Validate_Callback(array($this, 'needApiKey'));
$validator->setMessage(_("An API Key is required for users that have access to the API"), Zend_Validate_Callback::INVALID_VALUE);
$form->getElement('type')->addValidator($validator, true);
$validator = new Zend_Validate_Callback(array($this->getTable(), 'uniqueApiKey'));
$validator->setMessage(_("there is already a user with API key '%value%'"), Zend_Validate_Callback::INVALID_VALUE);
$form->getElement('apikey')->addValidator(new Zend_Validate_Alnum())->addValidator($validator)->addValidator(new Zend_Validate_StringLength(array('min' => 6)));
$userData = $this->toArray();
$userData['defaultSearchProfileIds'] = explode(', ', $userData['defaultSearchProfileIds']);
$form->setDefaults($userData);
if (!$this->id || Zend_Auth::getInstance()->hasIdentity() && Zend_Auth::getInstance()->getIdentity()->id == $this->id) {
$form->removeElement('delete');
if (!OpenSKOS_Db_Table_Users::fromIdentity()->isAllowed('editor.users', 'manage')) {
// Currently only password edit is allowed.
$form->removeElement('name');
$form->removeElement('email');
$form->removeElement('role');
$form->removeElement('type');
$form->removeElement('apikey');
$form->removeElement('eppn');
$form->removeElement('defaultSearchProfileIds');
$form->removeElement('disableSearchProfileChanging');
}
}
}
return $form;
}
/**
* Check does the user have access to the specified resource with the specified privilege.
*
* @param string $resource
* @param string $privilege, optional, Default: null
* @param string $responseType, optional, Default: RESPONSE_TYPE_HTML. One of RESPONSE_TYPE_HTML, RESPONSE_TYPE_PARTIAL_HTML or RESPONSE_TYPE_JSON.
*/
protected function _requireAccess($resource, $privilege = null, $responseType = self::RESPONSE_TYPE_HTML)
{
if (false === OpenSKOS_Db_Table_Users::fromIdentity()->isAllowed($resource, $privilege)) {
$message = _('Your access level does not allow you access to') . ' "' . $resource . '" - "' . $privilege . '".';
switch ($responseType) {
case self::RESPONSE_TYPE_JSON:
$this->getHelper('json')->sendJson(array('status' => 'accessDenied', 'message' => $message));
break;
case self::RESPONSE_TYPE_PARTIAL_HTML:
$this->getHelper('FlashMessenger')->setNamespace('error')->addMessage($message);
$redirectToUrl = $this->getHelper('url')->url(array('module' => 'editor'), null, true);
$redirectorJs = '<script type="text/javascript">window.location.href="' . $redirectToUrl . '";</script>';
$this->getResponse()->setBody($redirectorJs)->sendResponse();
exit;
break;
case self::RESPONSE_TYPE_HTML:
default:
$this->getHelper('FlashMessenger')->setNamespace('error')->addMessage($message);
$this->_helper->redirector('index', 'index', 'editor');
break;
}
}
}
public function viewAction()
{
try {
$this->_helper->_layout->setLayout('editor_central_content');
$user = OpenSKOS_Db_Table_Users::fromIdentity();
$apiClient = new Editor_Models_ApiClient();
$concept = $this->_getConcept();
$conceptSchemes = $apiClient->getConceptSchemeUriMap(null, $concept['tenant']);
$currentConceptSchemes = $concept->getConceptSchemes();
if (null !== $user) {
$user->updateUserHistory($concept['uuid']);
}
$this->view->assign('currentConcept', $concept);
$this->view->assign('conceptLanguages', $concept->getConceptLanguages());
$this->view->assign('conceptSchemes', $conceptSchemes);
$this->view->assign('footerData', $this->_generateFooter($concept));
if (isset($currentConceptSchemes['inScheme'])) {
$this->view->assign('schemeUris', $currentConceptSchemes['inScheme']);
}
} catch (Zend_Exception $e) {
$this->view->assign('errorMessage', $e->getMessage());
}
}
/**
* Saves new or existing concept scheme.
*
*/
public function saveAction()
{
$this->_helper->_layout->setLayout('editor_central_content');
$this->_requireAccess('editor.concept-schemes', 'create', self::RESPONSE_TYPE_PARTIAL_HTML);
$form = Editor_Forms_ConceptScheme::getInstance();
$formData = $this->getRequest()->getParams();
if (!$this->getRequest()->isPost()) {
$this->getHelper('FlashMessenger')->setNamespace('error')->addMessage(_('No POST data recieved'));
$this->_helper->redirector('edit');
}
if (!$form->isValid($formData)) {
return $this->_forward('create');
} else {
$form->populate($formData);
$conceptScheme = $this->_getConceptScheme();
if (null === $conceptScheme) {
$this->_requireAccess('editor.concept-schemes', 'create', self::RESPONSE_TYPE_PARTIAL_HTML);
$conceptScheme = new Editor_Models_ConceptScheme(new Api_Models_Concept());
} else {
$this->_requireAccess('editor.concept-schemes', 'edit', self::RESPONSE_TYPE_PARTIAL_HTML);
}
$oldData = $conceptScheme->getData();
$extraData = $conceptScheme->transformFormData($formData);
$conceptScheme->setConceptData($formData, $extraData);
try {
$user = OpenSKOS_Db_Table_Users::fromIdentity();
$extraData = array_merge($extraData, array('tenant' => $user->tenant, 'modified_by' => (int) $user->id, 'modified_timestamp' => date("Y-m-d\\TH:i:s\\Z")));
if (!isset($extraData['uuid']) || empty($extraData['uuid'])) {
$extraData['uuid'] = $conceptScheme['uuid'];
$extraData['created_by'] = $extraData['modified_by'];
$extraData['created_timestamp'] = $extraData['modified_timestamp'];
} else {
$extraData['created_by'] = $oldData['created_by'];
$extraData['created_timestamp'] = $oldData['created_timestamp'];
}
$conceptScheme->save($extraData);
// Clears the schemes cache after a new scheme is added.
OpenSKOS_Cache::getCache()->remove(Editor_Models_ApiClient::CONCEPT_SCHEMES_CACHE_KEY);
} catch (Zend_Exception $e) {
$this->getHelper('FlashMessenger')->setNamespace('error')->addMessage($e->getMessage());
return $this->_forward('edit');
}
}
}
public function saveAction()
{
if (!$this->getRequest()->isPost()) {
$this->getHelper('FlashMessenger')->setNamespace('error')->addMessage(_('No POST data recieved'));
$this->_helper->redirector('index');
}
$user = $this->_getUser();
$userFromIdentity = OpenSKOS_Db_Table_Users::fromIdentity();
// You can edit partially your own user.
if ($userFromIdentity->id != $user->id) {
$this->_requireAccess('editor.users', 'manage');
}
if (null !== $this->getRequest()->getParam('delete')) {
if (!$user->id) {
$this->getHelper('FlashMessenger')->setNamespace('error')->addMessage(_('You can not delete an empty user.'));
$this->_helper->redirector('index');
}
if ($user->id == $userFromIdentity->id) {
$this->getHelper('FlashMessenger')->setNamespace('error')->addMessage(_('You can not delete yourself.'));
$this->_helper->redirector('index');
}
$user->delete();
$this->getHelper('FlashMessenger')->addMessage(_('The user has been deleted.'));
$this->_helper->redirector('index');
}
$form = $user->getForm();
if (!$form->isValid($this->getRequest()->getParams())) {
return $this->_forward('edit');
} else {
if ($userFromIdentity->isAllowed('editor.users', 'manage')) {
$formData = $form->getValues();
if (isset($formData['defaultSearchProfileIds'])) {
if (!empty($formData['defaultSearchProfileIds'])) {
$formData['defaultSearchProfileIds'] = implode(', ', $formData['defaultSearchProfileIds']);
} else {
$formData['defaultSearchProfileIds'] = null;
}
}
$user->setFromArray($formData)->setFromArray(array('tenant' => $this->_tenant->code));
if ($pw = $form->getValue('pw1')) {
$user->setPassword($pw);
}
} else {
if ($userFromIdentity->id == $user->id) {
// If the user has no access to editor.users manage user can edit only his own password.
if ($pw = $form->getValue('pw1')) {
$user->setPassword($pw);
}
}
}
// make sure that the current user still has access to the editor:
if ($user->didIBlockMyselfFromTheEditor()) {
$this->getHelper('FlashMessenger')->setNamespace('error')->addMessage('The combination of role/usertype will block you from using the Editor.');
return $this->_helper->redirector('edit', null, null, array('user' => $user->id));
}
// For the unique tenant/eppn validator to work.
if ($user->eppn == '') {
$user->eppn = null;
}
try {
$user->save();
$user->applyDefaultSearchProfile();
} catch (Zend_Db_Statement_Exception $e) {
$this->getHelper('FlashMessenger')->setNamespace('error')->addMessage($e->getMessage());
return $this->_forward('edit');
}
$this->getHelper('FlashMessenger')->addMessage(_('Data saved'));
if ($userFromIdentity->isAllowed('editor.users', 'manage')) {
$this->_helper->redirector('index');
} else {
$this->_helper->redirector('index', 'index');
}
}
}
/**
* Delete a concept scheme from everywhere.
*
* @param bool $commit, optional, Default: true
* @param bool $deletedBy, optional
*/
public function delete($commit = true, $deletedBy = null)
{
if (null === $deletedBy) {
$actionUser = OpenSKOS_Db_Table_Users::fromIdentity();
if (null !== $actionUser) {
$deletedBy = $actionUser->id;
}
}
$affectedConceptsQuery = '(inScheme:"' . $this['uri'] . '" OR topConceptOf:"' . $this['uri'] . '") AND tenant:' . $this['tenant'];
// Update affected concepts by steps.
$rows = 1000;
do {
// Get concepts which has the scheme in topConceptOf or inScheme.
$concepts = Editor_Models_ApiClient::factory()->getConceptsByQuery($affectedConceptsQuery, array('rows' => $rows));
if (count($concepts['data']) > 0) {
// Remove the concept from topConceptOf or inScheme of each concept. Delete concept if it does not have other schemes in inScheme.
foreach ($concepts['data'] as $key => $concept) {
$concept = new Editor_Models_Concept($concept);
$data = $concept->getData();
$updateData = array();
$updateExtraData = array();
if (isset($data['inScheme'])) {
$updateData['inScheme'] = array_diff($data['inScheme'], array($this['uri']));
}
if (isset($data['topConceptOf'])) {
$updateData['topConceptOf'] = array_diff($data['topConceptOf'], array($this['uri']));
}
if (empty($updateData['inScheme'])) {
$updateExtraData['deleted'] = true;
$updateExtraData['deleted_by'] = $deletedBy;
}
$concept->update($updateData, $updateExtraData, false, true);
if ($key == count($concepts['data']) - 1 && $commit) {
$this->solr()->commit();
}
}
}
} while (count($concepts['data']) == $rows);
// Update the concept scheme
$updateExtraData['deleted'] = true;
$updateExtraData['deleted_by'] = $deletedBy;
$this->update(array(), $updateExtraData);
// Commit
if ($commit) {
$this->solr()->commit();
}
}
