public function __construct() { parent::__construct(); $request = $this->request; $arHandle = $request->query->get('arHandle'); $bID = $request->query->get('bID'); $a = \Area::get($this->page, $arHandle); if (!is_object($a)) { throw new \Exception('Invalid Area'); } $this->area = $a; if (!$a->isGlobalArea()) { $b = \Block::getByID($bID, $this->page, $a); $this->set('isGlobalArea', false); } else { $stack = \Stack::getByName($arHandle); $sc = ConcretePage::getByID($stack->getCollectionID(), 'RECENT'); $b = \Block::getByID($bID, $sc, STACKS_AREA_NAME); $b->setBlockAreaObject($a); // set the original area object $this->set('isGlobalArea', true); } $this->block = $b; $this->permissions = new \Permissions($b); $this->set('bp', $this->permissions); $this->set('b', $b); }
public function setPermissionObject(Block $b) { $this->permissionObject = $b; // if the area overrides the collection permissions explicitly (with a one on the override column) we check if ($b->overrideAreaPermissions()) { $this->permissionObjectToCheck = $b; } else { $a = $b->getBlockAreaObject(); if (is_object($a)) { if ($a->overrideCollectionPermissions()) { $this->permissionObjectToCheck = $a; } elseif ($a->getAreaCollectionInheritID()) { $mcID = $a->getAreaCollectionInheritID(); $mc = Page::getByID($mcID, 'RECENT'); $ma = Area::get($mc, $a->getAreaHandle()); if ($ma->overrideCollectionPermissions()) { $this->permissionObjectToCheck = $ma; } else { $this->permissionObjectToCheck = $ma->getAreaCollectionObject(); } } else { $this->permissionObjectToCheck = $a->getAreaCollectionObject(); } } else { $this->permissionObjectToCheck = Page::getCurrentPage(); } } }
public function setPermissionObject(Area $a) { $ax = $a; if ($a->isGlobalArea()) { $cx = Stack::getByName($a->getAreaHandle()); $a = Area::get($cx, STACKS_AREA_NAME); } $this->permissionObject = $a; // if the area overrides the collection permissions explicitly (with a one on the override column) we check if ($a->overrideCollectionPermissions()) { $this->permissionObjectToCheck = $a; } else { if ($a->getAreaCollectionInheritID() > 0) { // in theory we're supposed to be inheriting some permissions from an area with the same handle, // set on the collection id specified above (inheritid). however, if someone's come along and // reverted that area to the page's permissions, there won't be any permissions, and we // won't see anything. so we have to check $areac = Page::getByID($a->getAreaCollectionInheritID()); $inheritArea = Area::get($areac, $a->getAreaHandlE()); if (is_object($inheritArea) && $inheritArea->overrideCollectionPermissions()) { // okay, so that area is still around, still has set permissions on it. So we // pass our current area to our grouplist, userinfolist objects, knowing that they will // smartly inherit the correct items. $this->permissionObjectToCheck = $inheritArea; } } if (!$this->permissionObjectToCheck) { $this->permissionObjectToCheck = $a->getAreaCollectionObject(); } } }
/** * Store a newly created resource in storage. * POST /area/listar * * @return Response */ public function postListar() { //si la peticion es ajax if (Request::ajax()) { $areas = Area::get(Input::all()); return Response::json(array('rst' => 1, 'datos' => $areas)); } }
public function addScrapbook() { $scrapbookName = $_REQUEST['scrapbookName']; $c = $this->getCollectionObject(); $a = Area::get($c, $scrapbookName); if (!is_object($a)) { $a = Area::getOrCreate($c, $scrapbookName); } $this->redirect('/dashboard/scrapbook/'); }
public function addScrapbook(){ $txt = Loader::helper('text'); $valt = Loader::helper('validation/token'); if(!$valt->validate('add_scrapbook')){ $this->set('error', array($valt->getErrorMessage())); $this->view(); return; } $scrapbookName = $txt->sanitize($_REQUEST['scrapbookName']); $c=$this->getCollectionObject(); $a = Area::get($c, $scrapbookName); if (!is_object($a)) { $a = Area::getOrCreate( $c, $scrapbookName); } $this->redirect('/dashboard/scrapbook/'); }
public function importPageAreas(Page $page, \SimpleXMLElement $px) { foreach ($px->area as $ax) { if (isset($ax->blocks)) { foreach ($ax->blocks->block as $bx) { if ($bx['type'] != '') { // we check this because you might just get a block node with only an mc-block-id, if it's an alias $bt = BlockType::getByHandle((string) $bx['type']); if (!is_object($bt)) { throw new \Exception(t('Invalid block type handle: %s', strval($bx['type']))); } $btc = $bt->getController(); $btc->import($page, (string) $ax['name'], $bx); } else { if ($bx['mc-block-id'] != '') { // we find that block in the master collection block pool and alias it out $bID = array_search((string) $bx['mc-block-id'], ContentImporter::getMasterCollectionTemporaryBlockIDs()); if ($bID) { $mc = Page::getByID($page->getMasterCollectionID(), 'RECENT'); $block = Block::getByID($bID, $mc, (string) $ax['name']); $block->alias($page); if ($block->getBlockTypeHandle() == BLOCK_HANDLE_LAYOUT_PROXY) { // we have to go get the blocks on that page in this layout. $btc = $block->getController(); $arLayout = $btc->getAreaLayoutObject(); $columns = $arLayout->getAreaLayoutColumns(); foreach ($columns as $column) { $area = $column->getAreaObject(); $blocks = $area->getAreaBlocksArray($mc); foreach ($blocks as $_b) { $_b->alias($page); } } } } } } } } if (isset($ax->style)) { $area = \Area::get($page, (string) $ax['name']); $set = StyleSet::import($ax->style); $page->setCustomStyleSet($area, $set); } } }
/** * @param $stack \Concrete\Core\Page\Stack\Stack * @param \SimpleXMLElement $xml * @return mixed */ public function export($stack, \SimpleXMLElement $xml) { $db = \Database::connection(); $node = $xml->addChild('stack'); $node->addAttribute('name', \Core::make('helper/text')->entities($stack->getCollectionName())); if ($stack->getStackTypeExportText()) { $node->addAttribute('type', $stack->getStackTypeExportText()); } $node->addAttribute('path', substr($stack->getCollectionPath(), strlen(STACKS_PAGE_PATH))); // you shouldn't ever have a sub area in a stack but just in case. $r = $db->Execute('select arHandle from Areas where cID = ? and arParentID = 0', array($stack->getCollectionID())); while ($row = $r->FetchRow()) { $ax = \Area::get($stack, $row['arHandle']); $ax->export($node, $stack); } return $node; }
public function submit() { if ($this->validateAction() && $this->canAccess()) { $a = \Area::get($this->page, $_GET['arHandle']); $c = $this->page; if (is_object($a)) { $b = \Block::getByID($_GET['bID'], $c, $a); $p = new \Permissions($b); if ($p->canAdminBlock() && $c->isMasterCollection()) { if (is_array($_POST['cIDs'])) { foreach ($_POST['cIDs'] as $cID) { $nc = \Page::getByID($cID); if (!$b->isAlias($nc)) { $bt = $b->getBlockTypeObject(); if ($bt->isCopiedWhenPropagated()) { $b->duplicate($nc, true); } else { $b->alias($nc); } } } } // now remove any items that WERE checked and now aren't if (is_array($_POST['checkedCIDs'])) { foreach ($_POST['checkedCIDs'] as $cID) { if (!is_array($_POST['cIDs']) || !in_array($cID, $_POST['cIDs'])) { $nc = \Page::getByID($cID, 'RECENT'); $nb = \Block::getByID($_GET['bID'], $nc, $a); if (is_object($nb) && !$nb->isError()) { $nb->deleteBlock(); } $nc->rescanDisplayOrder($_REQUEST['arHandle']); } } } $er = new EditResponse(); $er->setPage($this->page); $er->setAdditionalDataAttribute('bID', $b->getBlockID()); $er->setAdditionalDataAttribute('aID', $a->getAreaID()); $er->setAdditionalDataAttribute('arHandle', $a->getAreaHandle()); $er->setMessage(t('Defaults updated.')); $er->outputJSON(); } } } }
private static function getAreaPermissions($unknownObj) { // this is split out because it's so f'ing complicated $cObj = $unknownObj->getAreaCollectionObject(); if ($unknownObj->overrideCollectionPermissions()) { $po = PermissionsProxy::getNewOrCached($unknownObj, 'AreaPermissions'); } else { if ($unknownObj->getAreaCollectionInheritID() > 0) { $areac = Page::getByID($unknownObj->getAreaCollectionInheritID()); $inheritArea = Area::get($areac, $unknownObj->getAreaHandle()); if ($inheritArea->overrideCollectionPermissions()) { $po = PermissionsProxy::getNewOrCached($inheritArea, 'AreaPermissions'); } } } if (!isset($po)) { // otherwise we grab the collection permissions for this page $po = PermissionsProxy::getNewOrCached($cObj, 'CollectionPermissions'); } return $po; }
} ?> href="javascript:void(0)" onclick="window.location.href='<?php echo DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $stack->getCollectionID() . "&ctask=approve-recent" . $token; ?> '" class="btn small ccm-main-nav-edit-option ccm-button-v2-right"><?php echo t('Approve Changes'); ?> </a> <?php } ?> </div> <div class="ccm-pane-body ccm-pane-body-footer clearfix" id="ccm-stack-container"> <?php $a = Area::get($stack, 'Main'); $bv = new BlockView(); $bv->renderElement('block_area_header', array('a' => $a)); $bv->renderElement('block_area_header_view', array('a' => $a)); foreach ($blocks as $b) { $bv = new BlockView(); $bv->setAreaObject($a); $p = new Permissions($b); if ($p->canViewBlock()) { $bv->renderElement('block_controls', array('a' => $a, 'b' => $b, 'p' => $p)); $bv->renderElement('block_header', array('a' => $a, 'b' => $b, 'p' => $p)); $bv->render($b); $bv->renderElement('block_footer'); } } $bv->renderElement('block_area_footer_view', array('a' => $a));
if ($ap->canAddBlock($bt)) { if (!$bt->includeAll()) { $nvc = $c->getVersionToModify(); $b->alias($nvc); } else { $b->alias($c); } } } } } else { if (isset($_REQUEST['bID'])) { if ($_REQUEST['globalBlock']) { $scrapbookHelper = Loader::helper('concrete/scrapbook'); $c1 = $scrapbookHelper->getGlobalScrapbookPage(); $a1 = Area::get($c1, $_REQUEST['globalScrapbook']); $b = Block::getByID($_REQUEST['bID'], $c1, $a1); } else { $b = Block::getByID($_REQUEST['bID']); } $bt = BlockType::getByHandle($b->getBlockTypeHandle()); if ($ap->canAddBlock($bt)) { $b->setBlockAreaObject($a); if (!$bt->includeAll()) { $nvc = $c->getVersionToModify(); $b->alias($nvc); } else { $b->alias($c); } } }
?> '"><?php echo $publishTitle; ?> </button> </li> </ul> <?php } ?> </div> </nav> <div id="ccm-stack-container"> <?php $a = Area::get($stackToEdit, STACKS_AREA_NAME); $a->forceControlsToDisplay(); View::element('block_area_header', array('a' => $a)); foreach ($blocks as $b) { $bv = new BlockView($b); $bv->setAreaObject($a); $p = new Permissions($b); if ($p->canViewBlock()) { $bv->render('view'); } } //View::element('block_area_footer', array('a' => $a)); print '</div>'; // No, we don't include the footer because we don't want all area controls available. // But the footer element has a closing DIV we need. ?>
exit; } break; case 'output': $p = $_REQUEST['pID'] ? Pile::get($_REQUEST['pID']) : Pile::getDefault(); if (is_object($p)) { if ($p->isMyPile()) { $p->output($_REQUEST['module']); exit; } } break; } } if ($_REQUEST['btask'] == 'add') { $a = Area::get($c, $_REQUEST['arHandle']); $b = Block::getByID($_REQUEST['bID'], $c, $a); if (!$a) { echo t('Error: Area not found.'); } elseif (!intval($b->bID)) { echo t('Error: Block not found.'); } elseif (!$_REQUEST['scrapbookName'] && $_REQUEST['btask'] == 'add') { $sp = Pile::getDefault(); $scrapBookAreasData = $scrapbookHelper->getAvailableScrapbooks(); $ih = Loader::helper('concrete/interface'); $defaultScrapbook = $scrapbookHelper->getDefault(); ?> <script type="text/javascript"> if(!ccmSaveToScrapbookDialogTarget) var ccmSaveToScrapbookDialogTarget=null;
protected function migrateBlockPermissions() { if (PERMISSIONS_MODEL == 'simple') { return; } $db = Loader::db(); $tables = $db->MetaTables(); if (!in_array('CollectionVersionBlockPermissions', $tables)) { return false; } // permissions $permissionMap = array('r' => array(PermissionKey::getByHandle('view_block')), 'wa' => array(PermissionKey::getByHandle('edit_block'), PermissionKey::getByHandle('edit_block_custom_template'), PermissionKey::getByHandle('edit_block_design')), 'db' => array(PermissionKey::getByHandle('delete_block'), PermissionKey::getByHandle('schedule_guest_access'), PermissionKey::getByHandle('edit_block_permissions'))); $r = $db->Execute('select * from CollectionVersionBlockPermissions order by cID asc'); while ($row = $r->FetchRow()) { $pe = $this->migrateAccessEntity($row); if (!$pe) { continue; } $permissions = $this->getPermissionsArray($row['cbgPermissions']); $co = Page::getByID($row['cID'], $row['cvID']); if (!is_object($co) || $co->isError()) { continue; } $arHandle = $db->GetOne('select arHandle from CollectionVersionBlocks cvb where cvb.cID = ? and cvb.cvID = ? and cvb.bID = ?', array($row['cID'], $row['cvID'], $row['bID'])); $a = Area::get($co, $arHandle); $bo = Block::getByID($row['bID'], $co, $a); if (is_object($bo)) { foreach ($permissions as $p) { $permissionsToApply = $permissionMap[$p]; foreach ($permissionsToApply as $pko) { $pko->setPermissionObject($bo); $pt = $pko->getPermissionAssignmentObject(); $pa = $pko->getPermissionAccessObject(); if (!is_object($pa)) { $pa = PermissionAccess::create($pko); } else { if ($pa->isPermissionAccessInUse()) { $pa = $pa->duplicate(); } } $pa->addListItem($pe, false, BlockPermissionKey::ACCESS_TYPE_INCLUDE); $pt->assignPermissionAccess($pa); } } } } }
public function export($pageNode) { $p = $pageNode->addChild('page'); $p->addAttribute('name', Loader::helper('text')->entities($this->getCollectionName())); $p->addAttribute('path', $this->getCollectionPath()); $p->addAttribute('filename', $this->getCollectionFilename()); $p->addAttribute('pagetype', $this->getCollectionTypeHandle()); $p->addAttribute('description', Loader::helper('text')->entities($this->getCollectionDescription())); $p->addAttribute('package', $this->getPackageHandle()); if ($this->getCollectionParentID() == 0 && $this->isSystemPage()) { $p->addAttribute('root', 'true'); } $attribs = $this->getSetCollectionAttributes(); if (count($attribs) > 0) { $attributes = $p->addChild('attributes'); foreach ($attribs as $ak) { $av = $this->getAttributeValueObject($ak); $cnt = $ak->getController(); $cnt->setAttributeValue($av); $akx = $attributes->addChild('attributekey'); $akx->addAttribute('handle', $ak->getAttributeKeyHandle()); $cnt->exportValue($akx); } } // this is brutal but we need to do it because otherwise duplicated pages // that haven't yet been visited in a browser won't properly export their contents // because they don't have area records yet. $v = View::getInstance(); $v->disableEditing(); $v->disableLinks(); $v->enablePreview(); ob_start(); $v->render($this); ob_end_clean(); $db = Loader::db(); $r = $db->Execute('select arHandle from Areas where cID = ? and arIsGlobal = 0', array($this->getCollectionID())); while ($row = $r->FetchRow()) { $ax = Area::get($this, $row['arHandle']); $ax->export($p, $this); } }
<?php defined('C5_EXECUTE') or die("Access Denied."); $c = Page::getByID($_REQUEST['cID']); $a = Area::get($c, $_GET['arHandle']); $ax = $a; $cx = $c; if ($a->isGlobalArea()) { $cx = Stack::getByName($_REQUEST['arHandle']); $ax = Area::get($cx, STACKS_AREA_NAME); } if (is_object($a)) { $ap = new Permissions($a); if ($ap->canEditAreaPermissions()) { if ($_REQUEST['task'] == 'add_access_entity' && Loader::helper("validation/token")->validate('add_access_entity')) { $pk = AreaPermissionKey::getByID($_REQUEST['pkID']); $pk->setPermissionObject($ax); $pa = PermissionAccess::getByID($_REQUEST['paID'], $pk); $pe = PermissionAccessEntity::getByID($_REQUEST['peID']); $pd = PermissionDuration::getByID($_REQUEST['pdID']); $pa->addListItem($pe, $pd, $_REQUEST['accessType']); } if ($_REQUEST['task'] == 'revert_to_page_permissions' && Loader::helper("validation/token")->validate('revert_to_page_permissions')) { $ax->revertToPagePermissions(); } if ($_REQUEST['task'] == 'override_page_permissions' && Loader::helper("validation/token")->validate('override_page_permissions')) { $ax->overridePagePermissions(); } if ($_REQUEST['task'] == 'remove_access_entity' && Loader::helper("validation/token")->validate('remove_access_entity')) { $pk = AreaPermissionKey::getByID($_REQUEST['pkID']); $pk->setPermissionObject($ax);
function getArea($arHandle) { return Area::get($c, $arHandle); }
// if the area overrides the collection permissions explicitly (with a one on the override column) we check if ($a->overrideCollectionPermissions()) { $gl = new GroupList($a); $ul = new UserInfoList($a); } else { // now it gets more complicated. $permsSet = false; if ($a->getAreaCollectionInheritID() > 0) { // in theory we're supposed to be inheriting some permissions from an area with the same handle, // set on the collection id specified above (inheritid). however, if someone's come along and // reverted that area to the page's permissions, there won't be any permissions, and we // won't see anything. so we have to check $areac = Page::getByID($a->getAreaCollectionInheritID()); $inheritArea = Area::get($areac, $_GET['arHandle']); if ($inheritArea->overrideCollectionPermissions()) { // okay, so that area is still around, still has set permissions on it. So we // pass our current area to our grouplist, userinfolist objects, knowing that they will // smartly inherit the correct items. $gl = new GroupList($a); $ul = new UserInfoList($a); $permsSet = true; } } if (!$permsSet) { // otherwise we grab the collection permissions for this page $gl = new GroupList($c); $ul = new UserInfoList($c); }
<?php define('SIMPLE_TEST', '../../simpletest/'); require_once SIMPLE_TEST . 'unit_tester.php'; require_once SIMPLE_TEST . 'web_tester.php'; require_once '../../phpQuery/phpQuery.php'; define('C5_ENVIRONMENT_ONLY', true); define('DIR_BASE', dirname(__FILE__) . '/..'); require '../concrete/dispatcher.php'; require 'testing_base.php'; $c = Page::getByID(1); $cp = new Permissions($c); $a = Area::get($c, 'Main'); $ap = new Permissions($a); class ShowPasses extends HtmlReporter { function ShowPasses() { $this->HtmlReporter(); } function paintPass($message) { parent::paintPass($message); print "<span class=\"pass\">Pass</span>: "; print " {$message}<br />\n"; } } $t = new TestSuite('All Tests'); $t->addFile($_SERVER['DOCUMENT_ROOT'] . '/web/tests/template_tests.php'); $t->addFile($_SERVER['DOCUMENT_ROOT'] . '/web/tests/block_override_tests.php'); $t->run(new ShowPasses());
?> sbitem.addButton(btn); <?php } ?> ccm_statusBar.addItem(sbitem); <?php } ?> ccm_statusBar.activate('ccm-stack-status-bar'); }); </script> <?php } $a = Area::get($stack, STACKS_AREA_NAME); $bv = new BlockView(); $bv->renderElement('block_area_header', array('a' => $a)); $bv->renderElement('block_area_header_view', array('a' => $a)); foreach ($blocks as $b) { $bv = new BlockView(); $bv->setAreaObject($a); $p = new Permissions($b); if ($p->canViewBlock()) { $bv->renderElement('block_controls', array('a' => $a, 'b' => $b, 'p' => $p)); $bv->renderElement('block_header', array('a' => $a, 'b' => $b, 'p' => $p)); $bv->render($b); $bv->renderElement('block_footer'); } } $bv->renderElement('block_area_footer_view', array('a' => $a));
<?php echo $form->text('ccmStackSearch', array('tabindex' => 1, 'autocomplete' => 'off', 'style' => 'margin-left: 8px; width: 168px')); ?> </form> </div> </div> <?php if (count($stacks) > 0) { ?> <ul id="ccm-stack-list" class="item-select-list item-select-list-groups"> <?php foreach ($stacks as $s) { $as = Area::get($s, STACKS_AREA_NAME); $asp = new Permissions($as); if ($asp->canRead() && $ap->canAddStackToArea($s)) { ?> <li class="ccm-stack-available"> <a onclick="ccmStackSearchResetKeys()" dialog-on-destroy="ccmStackSearchMapKeys()" class="dialog-launch ccm-block-type-inner" dialog-on-close="ccm_blockWindowAfterClose()" dialog-append-buttons="true" dialog-modal="false" dialog-width="620" dialog-height="400" dialog-title="<?php echo $s->getCollectionName(); ?> <?php echo t('Contents'); ?> " href="<?php echo REL_DIR_FILES_TOOLS_REQUIRED; ?> /edit_area_popup.php?atask=add_stack_contents&cID=<?php
public function export($pageNode) { $p = $pageNode->addChild('page'); $p->addAttribute('name', Loader::helper('text')->entities($this->getCollectionName())); $p->addAttribute('path', $this->getCollectionPath()); $p->addAttribute('filename', $this->getCollectionFilename()); $p->addAttribute('pagetype', $this->getCollectionTypeHandle()); $p->addAttribute('description', Loader::helper('text')->entities($this->getCollectionDescription())); $p->addAttribute('package', $this->getPackageHandle()); if ($this->getCollectionParentID() == 0 && $this->isSystemPage()) { $p->addAttribute('root', 'true'); } $attribs = $this->getSetCollectionAttributes(); if (count($attribs) > 0) { $attributes = $p->addChild('attributes'); foreach ($attribs as $ak) { $av = $this->getAttributeValueObject($ak); $cnt = $ak->getController(); $cnt->setAttributeValue($av); $akx = $attributes->addChild('attributekey'); $akx->addAttribute('handle', $ak->getAttributeKeyHandle()); $cnt->exportValue($akx); } } $db = Loader::db(); $r = $db->Execute('select arHandle from Areas where cID = ? and arIsGlobal = 0', array($this->getCollectionID())); while ($row = $r->FetchRow()) { $ax = Area::get($this, $row['arHandle']); $ax->export($p, $this); } }
function getAreaBlocksArray($c) { if (is_array($this->areaBlocksArray)) { return $this->areaBlocksArray; } $this->cID = $c->getCollectionID(); $this->c = $c; $this->areaBlocksArray = array(); if ($this->arIsGlobal) { $blocks = array(); $cp = new Permissions($c); if ($cp->canReadVersions()) { $c = Stack::getByName($this->arHandle); } else { $c = Stack::getByName($this->arHandle, 'ACTIVE'); } if (is_object($c)) { $blocks = $c->getBlocks(STACKS_AREA_NAME); $globalArea = Area::get($c, STACKS_AREA_NAME); } } else { $blocks = $c->getBlocks($this->arHandle); } foreach ($blocks as $ab) { if ($this->arIsGlobal && is_object($globalArea)) { $ab->setBlockAreaObject($globalArea); } else { $ab->setBlockAreaObject($this); } $this->areaBlocksArray[] = $ab; $this->totalBlocks++; } return $this->areaBlocksArray; }
<?php defined('C5_EXECUTE') or die("Access Denied."); $c = $b->getBlockCollectionObject(); if (!is_object($a)) { $a = Area::get($c, $b->getAreaHandle()); } $class = $c->isArrangeMode() ? "ccm-block-arrange" : "ccm-block"; $class .= $b->isAliasOfMasterCollection() || $b->getBlockTypeHandle() == BLOCK_HANDLE_SCRAPBOOK_PROXY ? " ccm-block-alias" : ""; if ($b->getBlockTypeHandle() == BLOCK_HANDLE_STACK_PROXY) { $class .= ' ccm-block-stack '; } echo '<div id="b' . $b->getBlockID() . '-' . $a->getAreaID() . '" custom-style="' . $b->getBlockCustomStyleRuleID() . '" class="' . $class . '">';
public function export($pageNode) { $p = $pageNode->addChild('stack'); $p->addAttribute('name', Loader::helper('text')->entities($this->getCollectionName())); if ($this->getStackTypeExportText()) { $p->addAttribute('type', $this->getStackTypeExportText()); } $db = Loader::db(); $r = $db->Execute('select arHandle from Areas where cID = ?', array($this->getCollectionID())); while ($row = $r->FetchRow()) { $ax = Area::get($this, $row['arHandle']); $ax->export($p, $this); } }
<?php defined('C5_EXECUTE') or die("Access Denied."); $json = Loader::helper('json'); $c = Page::getByID($_REQUEST['cID']); $a = Area::get($c, $_GET['arHandle']); if (!is_object($c) || !is_object($a)) { $jsonData = array(); $jsonData['msg'] = t('Access Denied.'); echo $json->encode($jsonData); exit; } $nvc = $c->getVersionToModify(); $cp = new Permissions($c); $ap = new Permissions($a); if (!$cp->canEditPageContents() || !$ap->canAddLayoutToArea()) { $jsonData = array(); $jsonData['msg'] = t('Access Denied.'); echo $json->encode($jsonData); exit; } $valt = Loader::helper('validation/token'); $token = '&' . $valt->getParameter(); if ($_GET['task'] == 'deletePreset') { $layoutPreset = LayoutPreset::getByID($_REQUEST['lpID']); if (is_object($layoutPreset)) { $layout = $layoutPreset->getLayoutObject(); $layoutID = $layout->layoutID; } } else { $layoutID = intval($_REQUEST['layoutID']);
function getOrCreate(&$c, $arHandle) { /* different than get(), getOrCreate() is called by the templates. If no area record exists for the permissions cID / handle combination, we create one. This is to make our lives easier */ $area = Area::get($c, $arHandle); if (is_object($area)) { return $area; } // I'm pretty sure this next line is meaningless // because this will ALWAYS be true. // $cID = ($c->getCollectionInheritance()) ? $c->getCollectionID() : $c->getParentPermissionsCollectionID(); $cID = $c->getCollectionID(); $v = array($cID, $arHandle); $q = "insert into Areas (cID, arHandle) values (?, ?)"; $db = Loader::db(); $db->query($q, $v); $area = Area::get($c, $arHandle); // we're assuming the insert succeeded $area->rescanAreaPermissionsChain(); return $area; }
public function getAllTimedAssignmentsForPage() { $db = Loader::db(); $assignments = array(); $r = $db->Execute('select peID, pkID, pdID from PagePermissionAssignments ppa inner join PermissionAccessList pal on ppa.paID = pal.paID where pdID > 0 and cID = ?', array($this->object->getCollectionID())); while ($row = $r->FetchRow()) { $pk = PagePermissionKey::getByID($row['pkID']); $pae = PermissionAccessEntity::getByID($row['peID']); $pd = PermissionDuration::getByID($row['pdID']); $ppc = new PageContentPermissionTimedAssignment(); $ppc->setDurationObject($pd); $ppc->setAccessEntityObject($pae); $ppc->setPermissionKeyObject($pk); $assignments[] = $ppc; } $r = $db->Execute('select arHandle from Areas where cID = ? and arOverrideCollectionPermissions = 1', array($this->object->getCollectionID())); while ($row = $r->FetchRow()) { $r2 = $db->Execute('select peID, pdID, pkID from AreaPermissionAssignments apa inner join PermissionAccessList pal on apa.paID = pal.paID where pdID > 0 and cID = ? and arHandle = ?', array($this->object->getCollectionID(), $row['arHandle'])); while ($row2 = $r2->FetchRow()) { $pk = AreaPermissionKey::getByID($row2['pkID']); $pae = PermissionAccessEntity::getByID($row2['peID']); $area = Area::get($this->getPermissionObject(), $row['arHandle']); $pk->setPermissionObject($area); $pd = PermissionDuration::getByID($row2['pdID']); $ppc = new PageContentPermissionTimedAssignment(); $ppc->setDurationObject($pd); $ppc->setAccessEntityObject($pae); $ppc->setPermissionKeyObject($pk); $assignments[] = $ppc; } } $r = $db->Execute('select peID, cvb.cvID, cvb.bID, pdID, pkID from BlockPermissionAssignments bpa inner join PermissionAccessList pal on bpa.paID = pal.paID inner join CollectionVersionBlocks cvb on cvb.cID = bpa.cID and cvb.cvID = bpa.cvID and cvb.bID = bpa.bID where pdID > 0 and cvb.cID = ? and cvb.cvID = ? and cvb.cbOverrideAreaPermissions = 1', array($this->object->getCollectionID(), $this->object->getVersionID())); while ($row = $r->FetchRow()) { $pk = BlockPermissionKey::getByID($row['pkID']); $pae = PermissionAccessEntity::getByID($row['peID']); $arHandle = $db->GetOne('select arHandle from CollectionVersionBlocks where bID = ? and cvID = ? and cID = ?', array($row['bID'], $row['cvID'], $this->object->getCollectionID())); $b = Block::getByID($row['bID'], $this->object, $arHandle); $pk->setPermissionObject($b); $pd = PermissionDuration::getByID($row['pdID']); $ppc = new PageContentPermissionTimedAssignment(); $ppc->setDurationObject($pd); $ppc->setAccessEntityObject($pae); $ppc->setPermissionKeyObject($pk); $assignments[] = $ppc; } return $assignments; }
<?php defined('C5_EXECUTE') or die("Access Denied."); use Concrete\Core\Conversation\Message\Message as ConversationMessage; $ax = Loader::helper('ajax'); $vs = Loader::helper('validation/strings'); $ve = Loader::helper('validation/error'); $as = Loader::helper('validation/antispam'); $pageObj = Page::getByID($_POST['cID']); $areaObj = Area::get($pageObj, $_POST['blockAreaHandle']); $blockObj = Block::getByID($_POST['bID'], $pageObj, $areaObj); $form = Loader::helper('form'); $u = new User(); $ui = UserInfo::getByID($u->getUserID()); $val = Loader::helper('validation/token'); if (Loader::helper('validation/numbers')->integer($_POST['cnvMessageID']) && $_POST['cnvMessageID'] > 0) { $message = ConversationMessage::getByID($_POST['cnvMessageID']); if (is_object($message)) { $mp = new Permissions($message); if ($mp->canEditConversationMessage()) { $editor = \Concrete\Core\Conversation\Editor\Editor::getByID($message->getConversationEditorID()); $editor->setConversationMessageObject($message); if (is_object($conversation)) { if ($conversation->getConversationAttachmentOverridesEnabled() > 0) { $attachmentsEnabled = $conversation->getConversationAttachmentsEnabled(); } else { $attachmentsEnabled = Config::get('conversations.attachments_enabled'); } } ?>