/**
* Display a list of all categories
*
* @return void
*/
public function displayTask()
{
// Get filters
$this->view->filters = array('sort' => Request::getState($this->_option . '.' . $this->_controller . '.sort', 'filter_order', 'title'), 'sort_Dir' => Request::getState($this->_option . '.' . $this->_controller . '.sortdir', 'filter_order_Dir', 'ASC'), 'limit' => Request::getState($this->_option . '.' . $this->_controller . '.limit', 'limit', Config::get('list_limit'), 'int'), 'start' => Request::getState($this->_option . '.' . $this->_controller . '.limitstart', 'limitstart', 0, 'int'));
$obj = new Archive();
// Get record count
$this->view->total = $obj->products('count', $this->view->filters);
// Get records
$this->view->rows = $obj->products('list', $this->view->filters);
// For all records here get SKUs
$skus = new \stdClass();
$warehouse = new Warehouse();
foreach ($this->view->rows as $r) {
$key = $r->pId;
$allSkus = $warehouse->getProductSkus($r->pId, 'all', false);
// Count how many active and how many inactive SKUs there are
$skuCounter = new \stdClass();
$skuCounter->active = 0;
$skuCounter->inactive = 0;
foreach ($allSkus as $skuInfo) {
if ($skuInfo->sActive) {
$skuCounter->active++;
} else {
$skuCounter->inactive++;
}
}
$skus->{$key} = $skuCounter;
}
$this->view->skus = $skus;
// access groups
$accessGroups = array();
if ($this->config->get('productAccess')) {
$ag = \Hubzero\Access\Group::all()->rows();
$accessGroups[0] = 'None';
foreach ($ag as $obj) {
$accessGroups[$obj->get('id')] = $obj->get('title');
}
} else {
$ag = Access::assetgroups();
$accessGroups[0] = 'All';
foreach ($ag as $obj) {
$accessGroups[$obj->value] = $obj->text;
}
}
$this->view->ag = $accessGroups;
// Output the HTML
$this->view->set('config', $this->config)->display();
}
/**
* Debug permissions
*
* @return void
*/
public function debugTask()
{
include_once dirname(dirname(__DIR__)) . DS . 'helpers' . DS . 'debug.php';
// Get filters
$filters = array('search' => urldecode(Request::getState($this->_option . '.' . $this->_controller . '.search', 'search', '')), 'sort' => Request::getState($this->_option . '.' . $this->_controller . '.sort', 'filter_order', 'lft'), 'sort_Dir' => Request::getState($this->_option . '.' . $this->_controller . '.sortdir', 'filter_order_Dir', 'ASC'), 'level_start' => Request::getState($this->_option . '.' . $this->_controller . '.filter_level_start', 'filter_level_start', 0, 'int'), 'level_end' => Request::getState($this->_option . '.' . $this->_controller . '.filter_level_end', 'filter_level_end', 0, 'int'), 'component' => Request::getState($this->_option . '.' . $this->_controller . '.filter_component', 'filter_component', ''));
if ($filters['level_end'] > 0 && $filters['level_end'] < $filters['level_start']) {
$filters['level_end'] = $filters['level_start'];
}
$id = Request::getInt('id', 0);
// Load access group
$accessgroup = Accessgroup::oneOrFail($id);
// Select the required fields from the table.
$entries = \Hubzero\Access\Asset::all();
if ($filters['search']) {
$entries->whereLike('name', $filters['search'], 1)->orWhereLike('title', $filters['search'], 1)->resetDepth();
}
if ($filters['level_start'] > 0) {
$entries->where('level', '>=', $filters['level_start']);
}
if ($filters['level_end'] > 0) {
$entries->where('level', '<=', $filters['level_end']);
}
// Filter the items over the component if set.
if ($filters['component']) {
$entries->whereEquals('name', $filters['component'], 1)->orWhereLike('name', $filters['component'], 1)->resetDepth();
}
$assets = $entries->order($filters['sort'], $filters['sort_Dir'])->paginated()->rows();
$actions = \Components\Members\Helpers\Debug::getActions($filters['component']);
$data = $assets->raw();
$assets->clear();
foreach ($data as $key => $asset) {
$checks = array();
foreach ($actions as $action) {
$name = $action[0];
$level = $action[1];
// Check that we check this action for the level of the asset.
if ($action[1] === null || $action[1] >= $asset->get('level')) {
// We need to test this action.
$checks[$name] = \JAccess::checkGroup($id, $action[0], $asset->get('name'));
} else {
// We ignore this action.
$checks[$name] = 'skip';
}
}
$asset->set('checks', $checks);
$assets->push($asset);
}
$levels = \Components\Members\Helpers\Debug::getLevelsOptions();
$components = \Components\Members\Helpers\Debug::getComponents();
// Output the HTML
$this->view->set('group', $accessgroup)->set('filters', $filters)->set('assets', $assets)->set('actions', $actions)->set('levels', $levels)->set('components', $components)->display();
}
/**
* Edit an entry
*
* @param object $row
* @return void
*/
public function editTask($row = null)
{
Request::setVar('hidemainmenu', 1);
if (!$row) {
// Incoming
$id = Request::getVar('id', array());
// Get the single ID we're working with
if (is_array($id)) {
$id = !empty($id) ? $id[0] : 0;
}
$row = Viewlevel::oneOrNew($id);
}
$row->set('rules', json_decode($row->get('rules')));
$groups = Accessgroup::all()->order('lft', 'asc')->rows();
// Output the HTML
$this->view->set('row', $row)->set('groups', $groups)->setErrors($this->getErrors())->setLayout('edit')->display();
}
/**
* Gets the parent groups that a leaf group belongs to in its branch back to the root of the tree
* (including the leaf group id).
*
* @param mixed $groupId An integer or array of integers representing the identities to check.
* @return mixed True if allowed, false for an explicit deny, null for an implicit deny.
*/
protected static function getGroupPath($groupId)
{
// Preload all groups
if (empty(self::$userGroups)) {
self::$userGroups = Group::all()->order('lft', 'asc')->rows();
}
// Make sure groupId is valid
if (!array_key_exists($groupId, self::$userGroups)) {
return array();
}
// Get parent groups and leaf group
if (!isset(self::$userGroupPaths[$groupId])) {
self::$userGroupPaths[$groupId] = array();
foreach (self::$userGroups as $group) {
if ($group->get('lft') <= self::$userGroups[$groupId]->get('lft') && $group->get('rgt') >= self::$userGroups[$groupId]->get('rgt')) {
self::$userGroupPaths[$groupId][] = $group->get('id');
}
}
}
return self::$userGroupPaths[$groupId];
}
/**
* Serve the file
*
* @param $pId
* @return void
*/
public function displayTask()
{
// Get the transaction ID
$tId = Request::getInt('task', '');
// Get the SKU ID
$sId = Request::getVar('p0');
// Get the landing page flag
$direct = Request::getVar('p1');
// Check if the transaction is complete and belongs to the user and is active and the SKU requested is valid
$transaction = Cart::getTransactionFacts($tId);
$transactionExistingItems = $transaction->items;
$transaction = $transaction->info;
$transactionItems = unserialize($transaction->tiItems);
$tStatus = $transaction->tStatus;
$crtId = $transaction->crtId;
// get cart user
$cartUser = Cart::getCartUser($crtId);
$currentUser = $this->juser->id;
// Error if needed
if ($tStatus !== 'completed') {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_TRANSACTION_NOT_COMPLETED'), 'error'));
$this->messageTask($messages);
return;
} elseif ($cartUser != $currentUser) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_NOT_AUTHORIZED'), 'error'));
$this->messageTask($messages);
return;
} elseif (!array_key_exists($sId, $transactionItems)) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_NOT_AUTHORIZED'), 'error'));
$this->messageTask($messages);
return;
}
// Check if the product is valid and downloadable; find the file
$warehouse = new Warehouse();
$sku = $warehouse->getSkuInfo($sId);
$productType = $warehouse->getProductTypeInfo($sku['info']->ptId);
$downloadFile = $sku['meta']['downloadFile'];
// Error if needed
if ($productType['ptName'] != 'Software Download' || empty($downloadFile)) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_DOWNLOADABLE'), 'error'));
$this->messageTask($messages);
return;
}
$db = \App::get('db');
// Check if there is a limit on how many times the product can be downloaded
// Get the number of downloads allowed
if (isset($sku['meta']['downloadLimit']) && $sku['meta']['downloadLimit'] && is_numeric($sku['meta']['downloadLimit'])) {
$sql = "SELECT COUNT(`dId`) FROM `#__cart_downloads` WHERE `uId` = {$currentUser} AND `sId` = {$sId} AND `dStatus` > 0";
$db->setQuery($sql);
$downloadsCount = $db->loadResult();
if ($downloadsCount >= $sku['meta']['downloadLimit']) {
$messages = array(array('Download limit exceeded', 'error'));
$this->messageTask($messages);
return;
}
}
// Path and file name
$storefrontConfig = Component::params('com_storefront');
$dir = $storefrontConfig->get('downloadFolder', '/site/protected/storefront/software');
$file = PATH_APP . $dir . DS . $downloadFile;
if (!file_exists($file)) {
$messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_FOUND'), 'error'));
$this->messageTask($messages);
return;
}
if (!$direct) {
$this->landingTask($tId, $sId);
return;
}
// Log the download
$sql = "INSERT INTO `#__cart_downloads` SET\n\t\t\t\t`uId` = " . $currentUser . ",\n\t\t\t\t`sId` = " . $sId . ",\n\t\t\t\t`dIp` = INET_ATON(" . $db->quote(Request::ip()) . "),\n\t\t\t\t`dDownloaded` = NOW()";
$db->setQuery($sql);
$db->query();
$dId = $db->insertid();
// Save the meta data
$userGroups = User::getAuthorisedGroups();
$meta = array();
$ignoreGroups = array('public', 'registered');
foreach ($userGroups as $groupId) {
$group = Accessgroup::one($groupId);
if (!in_array(strtolower($group->get('title')), $ignoreGroups)) {
$meta[$groupId] = $group->get('title');
}
}
if ($mta = User::getState('metadata')) {
$meta = array_merge($meta, $mta);
}
$sql = "INSERT INTO `#__cart_meta` SET\n\t\t\t\t`scope_id` = " . $dId . ",\n\t\t\t\t`scope` = 'download',\n\t\t\t\t`mtKey` = 'userInfo',\n\t\t\t\t`mtValue` = '" . serialize($meta) . "'";
$db->setQuery($sql);
$db->query();
// Figure out if the EULA was accepted
$itemTransactionInfoMeta = $transactionExistingItems[$sId]['transactionInfo']->tiMeta;
$eulaAccepted = $itemTransactionInfoMeta && property_exists($itemTransactionInfoMeta, 'eulaAccepted') && $itemTransactionInfoMeta->eulaAccepted ? true : false;
if ($eulaAccepted) {
$sql = "INSERT INTO `#__cart_meta` SET\n\t\t\t\t\t`scope_id` = " . $dId . ",\n\t\t\t\t\t`scope` = 'download',\n\t\t\t\t\t`mtKey` = 'eulaAccepted',\n\t\t\t\t\t`mtValue` = '" . $eulaAccepted . "'";
$db->setQuery($sql);
$db->query();
}
// Serve up the file
$xserver = new \Hubzero\Content\Server();
$xserver->filename($file);
$xserver->serve_attachment($file);
// Firefox and Chrome fail if served inline
exit;
}
/**
* Save an entry and return to main listing
*
* @return void
*/
public function saveTask()
{
// Check for request forgeries
Request::checkToken();
if (!User::authorise('core.manage', $this->_option) && !User::authorise('core.admin', $this->_option) && !User::authorise('core.create', $this->_option) && !User::authorise('core.edit', $this->_option)) {
App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
// Incoming profile edits
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
// Load the profile
$user = Member::oneOrNew($fields['id']);
// Get the user before changes so we can
// compare how data changed later on
$prev = clone $user;
// Set the incoming data
$user->set($fields);
if ($user->isNew()) {
$newUsertype = $this->config->get('new_usertype');
if (!$newUsertype) {
$newUsertype = Accessgroup::oneByTitle('Registered')->get('id');
}
$user->set('accessgroups', array($newUsertype));
// Check that username is filled
if (!Validate::username($user->get('username'))) {
Notify::error(Lang::txt('COM_MEMBERS_MEMBER_USERNAME_INVALID'));
return $this->editTask($user);
}
// Check email is valid
if (!Validate::email($user->get('email'))) {
Notify::error(Lang::txt('COM_MEMBERS_MEMBER_EMAIL_INVALID'));
return $this->editTask($user);
}
// Set home directory
$hubHomeDir = rtrim($this->config->get('homedir'), '/');
if (!$hubHomeDir) {
// try to deduce a viable home directory based on sitename or live_site
$sitename = strtolower(Config::get('sitename'));
$sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1);
$sitename = trim($sitename, '/ ');
$sitename_e = explode('.', $sitename, 2);
if (isset($sitename_e[1])) {
$sitename = $sitename_e[0];
}
if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) {
$sitename = '';
}
if (empty($sitename)) {
$sitename = strtolower(Request::base());
$sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1);
$sitename = trim($sitename, '/ ');
$sitename_e = explode('.', $sitename, 2);
if (isset($sitename_e[1])) {
$sitename = $sitename_e[0];
}
if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) {
$sitename = '';
}
}
$hubHomeDir = DS . 'home';
if (!empty($sitename)) {
$hubHomeDir .= DS . $sitename;
}
}
$user->set('homeDirectory', $hubHomeDir . DS . $user->get('username'));
$user->set('loginShell', '/bin/bash');
$user->set('ftpShell', '/usr/lib/sftp-server');
$user->set('registerDate', Date::toSql());
}
// Set the new info
$user->set('givenName', preg_replace('/\\s+/', ' ', trim($fields['givenName'])));
$user->set('middleName', preg_replace('/\\s+/', ' ', trim($fields['middleName'])));
$user->set('surname', preg_replace('/\\s+/', ' ', trim($fields['surname'])));
$name = array($user->get('givenName'), $user->get('middleName'), $user->get('surname'));
$name = implode(' ', $name);
$name = preg_replace('/\\s+/', ' ', $name);
$user->set('name', $name);
$user->set('modifiedDate', Date::toSql());
if ($ec = Request::getInt('activation', 0, 'post')) {
$user->set('activation', $ec);
} else {
$user->set('activation', Helpers\Utility::genemailconfirm());
}
// Can't block yourself
if ($user->get('block') && $user->get('id') == User::get('id') && !User::get('block')) {
Notify::error(Lang::txt('COM_USERS_USERS_ERROR_CANNOT_BLOCK_SELF'));
return $this->editTask($user);
}
// Make sure that we are not removing ourself from Super Admin group
$iAmSuperAdmin = User::authorise('core.admin');
if ($iAmSuperAdmin && User::get('id') == $user->get('id')) {
// Check that at least one of our new groups is Super Admin
$stillSuperAdmin = false;
foreach ($fields['accessgroups'] as $group) {
$stillSuperAdmin = $stillSuperAdmin ? $stillSuperAdmin : \JAccess::checkGroup($group, 'core.admin');
}
if (!$stillSuperAdmin) {
Notify::error(Lang::txt('COM_USERS_USERS_ERROR_CANNOT_DEMOTE_SELF'));
return $this->editTask($user);
}
}
// Save the changes
if (!$user->save()) {
Notify::error($user->getError());
return $this->editTask($user);
}
// Save profile data
$profile = Request::getVar('profile', array(), 'post', 'none', 2);
$access = Request::getVar('profileaccess', array(), 'post', 'none', 2);
foreach ($profile as $key => $data) {
if (isset($profile[$key]) && is_array($profile[$key])) {
$profile[$key] = array_filter($profile[$key]);
}
if (isset($profile[$key . '_other']) && trim($profile[$key . '_other'])) {
if (is_array($profile[$key])) {
$profile[$key][] = $profile[$key . '_other'];
} else {
$profile[$key] = $profile[$key . '_other'];
}
unset($profile[$key . '_other']);
}
}
if (!$user->saveProfile($profile, $access)) {
Notify::error($user->getError());
return $this->editTask($user);
}
// Do we have a new pass?
$newpass = trim(Request::getVar('newpass', '', 'post'));
if ($newpass) {
// Get password rules and validate
$password_rules = \Hubzero\Password\Rule::all()->whereEquals('enabled', 1)->rows();
$validated = \Hubzero\Password\Rule::verify($newpass, $password_rules, $user->get('id'));
if (!empty($validated)) {
// Set error
Notify::error(Lang::txt('COM_MEMBERS_PASSWORD_DOES_NOT_MEET_REQUIREMENTS'));
$this->validated = $validated;
$this->_task = 'apply';
} else {
// Save password
\Hubzero\User\Password::changePassword($user->get('username'), $newpass);
}
}
$passinfo = \Hubzero\User\Password::getInstance($user->get('id'));
if (is_object($passinfo)) {
// Do we have shadow info to change?
$shadowMax = Request::getInt('shadowMax', false, 'post');
$shadowWarning = Request::getInt('shadowWarning', false, 'post');
$shadowExpire = Request::getVar('shadowExpire', '', 'post');
if ($shadowMax || $shadowWarning || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) {
if ($shadowMax) {
$passinfo->set('shadowMax', $shadowMax);
}
if ($shadowExpire || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) {
if (preg_match("/[0-9]{4}-[0-9]{2}-[0-9]{2}/", $shadowExpire)) {
$shadowExpire = strtotime($shadowExpire) / 86400;
$passinfo->set('shadowExpire', $shadowExpire);
} elseif (preg_match("/[0-9]+/", $shadowExpire)) {
$passinfo->set('shadowExpire', $shadowExpire);
} elseif (empty($shadowExpire)) {
$passinfo->set('shadowExpire', NULL);
}
}
if ($shadowWarning) {
$passinfo->set('shadowWarning', $shadowWarning);
}
$passinfo->update();
}
}
// Check for spam count
$reputation = Request::getVar('spam_count', null, 'post');
if (!is_null($reputation)) {
$user->reputation->set('spam_count', $reputation);
$user->reputation->save();
}
// Email the user that their account has been approved
if (!$prev->get('approved') && $this->config->get('useractivation_email')) {
if (!$this->emailApprovedUser($user)) {
Notify::error(Lang::txt('COM_MEMBERS_ERROR_EMAIL_FAILED'));
}
}
// Set success message
Notify::success(Lang::txt('COM_MEMBERS_MEMBER_SAVED'));
// Drop through to edit form?
if ($this->getTask() == 'apply') {
return $this->editTask($user);
}
// Redirect
$this->cancelTask();
}
