Ejemplo n.º 1
0
function filedepotAjaxServer_loadFileDetails()
{
    global $user;
    $filedepot = filedepot_filedepot();
    $nexcloud = filedepot_nexcloud();
    $reportmode = check_plain($_POST['reportmode']);
    $retval = array();
    $retval['editperm'] = FALSE;
    $retval['token'] = drupal_get_token(FILEDEPOT_TOKEN_FILEDETAILS);
    $retval['deleteperm'] = FALSE;
    $retval['addperm'] = FALSE;
    $retval['lockperm'] = FALSE;
    $retval['notifyperm'] = FALSE;
    $retval['broadcastperm'] = FALSE;
    $retval['tags'] = '';
    $validfile = FALSE;
    if ($reportmode == 'approvals') {
        $id = intval($_POST['id']);
        if (db_query("SELECT count(*) FROM {filedepot_filesubmissions} WHERE id=:id", array(':id' => $id))->fetchField() == 1) {
            $validfile = TRUE;
            $sql = "SELECT file.id as fid,file.cid,file.title,file.fname,file.date,file.size,file.version,file.submitter,file.tags,u.name, ";
            $sql .= "file.status,file.description,category.pid,category.name as folder,category.nid,file.version_note,tags ";
            $sql .= "FROM {filedepot_filesubmissions} file ";
            $sql .= "LEFT JOIN {filedepot_categories} category ON file.cid=category.cid ";
            $sql .= "LEFT JOIN {users} u ON u.uid=file.submitter ";
            $sql .= "WHERE file.id=:id ";
            $rec = db_query($sql, array(':id' => $id))->fetchAssoc();
            $retval = array_merge($retval, $rec);
            $retval['displayhtml'] = theme('filedepot_filedetail', array('fid' => $id, 'reportmode' => $reportmode));
            $retval['locked'] = FALSE;
            $retval['subscribed'] = FALSE;
        }
    } elseif ($reportmode == 'incoming') {
        $id = intval($_POST['id']);
        if (db_result(db_query("SELECT count(*) FROM {filedepot_import_queue} WHERE id=:id", array(':id' => $id))) == 1) {
            $validfile = TRUE;
            $sql = "SELECT file.id as fid,file.orig_filename as title,file.description,file.version_note,u.name ";
            $sql .= "FROM {filedepot_import_queue} file ";
            $sql .= "LEFT JOIN {users} u ON u.uid=file.uid ";
            $sql .= "WHERE file.id=:id ";
            $rec = db_query($sql, array(':id' => $id))->fetchAssoc();
            $retval = array_merge($retval, $rec);
            if (empty($retval['version_note'])) {
                $retval['version_note'] = '';
            }
            $retval['displayhtml'] = theme('filedepot_filedetail', array('fid' => $id, 'reportmode' => $reportmode));
            $retval['locked'] = FALSE;
            $retval['subscribed'] = FALSE;
            // Need to reference a valid filedepot_folder node for the filedepot_download callback to work - required for the File Details 'Download' menuitem
            $retval['nid'] = db_query_range("SELECT nid FROM {filedepot_categories} WHERE pid=0", 0, 1, array())->fetchField();
        }
    } else {
        // Check that record exists
        $fid = intval($_POST['id']);
        $cid = db_query("SELECT cid FROM {filedepot_files} WHERE fid=:fid", array(':fid' => $fid))->fetchField();
        if ($filedepot->checkPermission($cid, 'view') and db_query("SELECT count(*) FROM {filedepot_files} WHERE fid=:fid", array(':fid' => $fid))->fetchField() == 1) {
            $validfile = TRUE;
            $sql = "SELECT file.fid,file.cid,file.title,file.description,file.fname,file.date,file.size,file.version,file.submitter,u.name, ";
            $sql .= "file.status,category.pid,category.name as folder,category.nid,v.notes as version_note,file.status_changedby_uid ";
            $sql .= "FROM {filedepot_files} file ";
            $sql .= "LEFT JOIN {filedepot_categories} category ON file.cid=category.cid ";
            $sql .= "LEFT JOIN {filedepot_fileversions} v ON v.fid=file.fid ";
            $sql .= "LEFT JOIN {users} u ON u.uid=file.submitter ";
            $sql .= "WHERE file.fid=:fid ORDER BY v.version DESC";
            $rec = db_query($sql, array(':fid' => $fid))->fetchAssoc();
            $retval = array_merge($retval, $rec);
            $retval['tags'] = $nexcloud->get_itemtags($fid);
            $retval['displayhtml'] = theme('filedepot_filedetail', array('fid' => $fid, 'reportmode' => $reportmode));
            // Check if file is locked
            if ($retval['status'] == FILEDEPOT_LOCKED_STATUS) {
                $retval['locked'] = TRUE;
            } else {
                $retval['locked'] = FALSE;
            }
            // Check and see if user has subscribed to this file
            $direct = FALSE;
            $ignorefilechanges = FALSE;
            // Check if user has an ignore file changes record or a subscribe to changes record for this file
            $query = db_query("SELECT fid,ignore_filechanges FROM {filedepot_notifications} WHERE fid=:fid and uid=:uid", array(':fid' => $fid, ':uid' => $user->uid));
            $A = $query->fetchAssoc();
            if ($A['ignore_filechanges'] == 1) {
                $ignorefilechanges = TRUE;
            } elseif ($A['fid'] == $fid) {
                $direct = TRUE;
            }
            // Check and see if user has indirectly subscribed to file by subscribing to folder
            $sql = "SELECT count(*) FROM {filedepot_notifications} WHERE cid_changes=1 AND cid=:cid AND uid=:uid";
            $indirect = db_query($sql, array(':cid' => $rec['cid'], ':uid' => $user->uid))->fetchField();
            if (($direct or $indirect) and !$ignorefilechanges) {
                $retval['subscribed'] = TRUE;
            } else {
                $retval['subscribed'] = FALSE;
            }
        }
    }
    if ($validfile) {
        $retval['error'] = '';
        $retval['retcode'] = 200;
        if ($reportmode == 'incoming') {
            $retval['downloadperm'] = TRUE;
            $retval['editperm'] = TRUE;
            $retval['deleteperm'] = TRUE;
            $retval['addperm'] = FALSE;
            $retval['lockperm'] = FALSE;
            $retval['notifyperm'] = FALSE;
            $retval['broadcastperm'] = FALSE;
            $folderoptions = filedepot_recursiveAccessOptions('admin', 0);
            $retval['folderoptions'] = '<select name="folder" style="width:220px;">' . $folderoptions . '</select>';
        } else {
            $retval['dispfolder'] = $retval['folder'];
            $retval['description'] = nl2br($retval['description']);
            $retval['version_note'] = nl2br($retval['version_note']);
            $retval['date'] = strftime('%b %d %Y %I:%M %p', $retval['date']);
            $retval['size'] = filedepot_formatFileSize($retval['size']);
            // Setup the folder option select HTML options
            $cid = intval($retval['cid']);
            $folderoptions = filedepot_recursiveAccessOptions('admin', $cid, 0, 1, FALSE);
            if (!empty($folderoptions) and $filedepot->checkPermission($retval['cid'], 'admin')) {
                $retval['folderoptions'] = '<select name="folder" style="width:220px;">' . $folderoptions . '</select>';
            } else {
                $retval['folderoptions'] = '<input type="text" name="folder" value="' . $retval['folder'] . '" READONLY />';
            }
            if ($filedepot->checkPermission($retval['cid'], 'admin')) {
                $retval['downloadperm'] = TRUE;
                $retval['editperm'] = TRUE;
                $retval['deleteperm'] = TRUE;
                $retval['addperm'] = TRUE;
                $retval['lockperm'] = TRUE;
                $retval['notifyperm'] = TRUE;
                $retval['broadcastperm'] = TRUE;
            } elseif ($retval['locked']) {
                if ($retval['status_changedby_uid'] == $user->uid) {
                    $retval['lockperm'] = TRUE;
                    if ($filedepot->checkPermission($retval['cid'], 'upload_ver')) {
                        $retval['addperm'] = TRUE;
                    }
                    if ($retval['submitter'] == $user->uid) {
                        $retval['deleteperm'] = TRUE;
                    }
                } elseif ($retval['status_changedby_uid'] > 0) {
                    if ($retval['submitter'] == $user->uid) {
                        $retval['lockperm'] = TRUE;
                    } else {
                        $retval['downloadperm'] = FALSE;
                    }
                }
                $retval['notifyperm'] = TRUE;
            } elseif ($user->uid > 0) {
                if ($retval['submitter'] == $user->uid) {
                    $retval['deleteperm'] = TRUE;
                    $retval['lockperm'] = TRUE;
                }
                if ($filedepot->checkPermission($retval['cid'], 'upload_ver')) {
                    $retval['addperm'] = TRUE;
                }
                $retval['notifyperm'] = TRUE;
            }
            // Changed
            if ($filedepot->checkPermission($retval['cid'], 'view', 0, TRUE)) {
                $retval['tagperms'] = TRUE;
                // Able to set or change tags
                if ($retval['locked']) {
                    if ($retval['submitter'] == $user->uid or $retval['status_changedby_uid'] == $user->uid) {
                        $retval['downloadperm'] = TRUE;
                    } elseif (variable_get('filedepot_locked_file_download_enabled', 0) == 1) {
                        // Check admin config setting
                        $retval['downloadperm'] = TRUE;
                    } else {
                        $retval['downloadperm'] = FALSE;
                    }
                } else {
                    $retval['downloadperm'] = TRUE;
                    if ($retval['submitter'] == $user->uid) {
                        $retval['editperm'] = TRUE;
                    }
                }
            } else {
                $retval['tagperms'] = FALSE;
                $retval['downloadperm'] = FALSE;
            }
        }
    } else {
        $retval['retcode'] = 400;
        $retval['error'] = t('Invalid access');
    }
    return $retval;
}
Ejemplo n.º 2
0
function template_preprocess_filedepot_fileversion(&$variables)
{
    global $user;
    $filedepot = filedepot_filedepot();
    $variables['site_url'] = base_path();
    list($fid, $fname, $file_version, $ver_note, $ver_size, $ver_date, $submitter, $nid) = array_values($variables['versionRec']);
    $ver_shortdate = strftime($filedepot->shortdate, $ver_date);
    $ver_author = db_query("SELECT name from {users} WHERE uid=:uid", array(':uid' => $submitter))->fetchField();
    $cid = db_query("SELECT cid from {filedepot_files} WHERE fid=:fid", array(':fid' => $fid))->fetchField();
    $icon = $filedepot->getFileIcon($fname);
    $variables['fileicon'] = "{$variables['layout_url']}/css/images/{$icon}";
    $variables['fid'] = $fid;
    $variables['nid'] = $nid;
    $variables['vname'] = filter_xss($fname);
    $variables['ver_shortdate'] = $ver_shortdate;
    $variables['ver_author'] = $ver_author;
    $variables['ver_size'] = filedepot_formatFileSize($ver_size);
    $variables['ver_fileicon'] = $icon;
    $variables['file_versionnum'] = '(V' . $file_version . ')';
    $variables['file_version'] = $file_version;
    $variables['edit_version_note'] = filter_xss($ver_note);
    $variables['version_note'] = nl2br(filter_xss($ver_note));
    $variables['show_edit_version'] = 'none';
    $variables['show_delete_version'] = 'none';
    if ($user->uid == $submitter or $filedepot->checkPermission($cid, 'admin')) {
        $variables['show_edit_version'] = '';
        $variables['show_delete_version'] = '';
    }
    $variables['cssid'] = $variables['zebra'] == 'odd' ? 1 : 2;
}