/** * checks if actual role has access for this request * * @param \Zend_Controller_Request_Abstract $request */ public function preDispatch(\Zend_Controller_Request_Abstract $request) { $accessManager = AccessManager::singleton(); if ($this->isGroupCheckEnabled()) { $resource = strtolower($request->getControllerName()); $privilege = strtolower($request->getActionName()); if (!$accessManager->isAllowed($resource, $privilege)) { if ($accessManager->hasIdentityRoleGuest($accessManager->getIdentityAsArray(), true)) { \Cms\ExceptionStack::addException(new \Cms\Exception(5)); } else { \Cms\ExceptionStack::addException(new \Cms\Exception(4, __METHOD__, __LINE__, array('resource' => $resource, 'privilege' => $request->getActionName()))); } } } /** * Sind Fehler aufgetreten, so muss hier explizit auf den Error-Controller * verwiesen werden. * Da wir im preDespatch sind greift unsere normale Weiterleitung auf den * Error-Controller bei nicht gefangenen Exception noch nicht. */ if (count(\Cms\ExceptionStack::getExceptions()) > 0) { $request->setControllerName('Error'); $request->setActionName('error'); } }
/** * validate a request object on basis of function-name(action) * * @param string $function * @param \Cms\Request\Abstract $actionRequest * @param boolean $setHttpErrorCode * @return true * @throws Exception */ public function validate($function, Request $actionRequest, $abortExceptions = true) { $methodName = 'validateMethod' . $function; if (method_exists($this, $methodName)) { try { $this->{$methodName}($actionRequest); } catch (PropertyAccessException $e) { $message = str_replace('%name%', $e->getName(), $this->_('error.validation.missing_parameter')); $this->addError(new Error($e->getName(), null, array($message))); } if (count($this->getErrors()) > 0) { foreach ($this->getErrors() as $error) { \Cms\ExceptionStack::addException($error); } if (count(\Cms\ExceptionStack::getExceptions()) > 0) { // soll nur der Status-Code veraendert werden (Bsp: Rueckgabe Images) if ($abortExceptions == true) { // bisherige Fehler loggen und reset foreach (\Cms\ExceptionStack::getExceptions() as $exception) { \Seitenbau\Registry::getLogger()->logException(__METHOD__, __LINE__, $exception, \Seitenbau\Log::NOTICE); } //\Cms\ExceptionStack::reset(); return false; } else { \Cms\ExceptionStack::throwErrors(); } } } return true; } else { $data = array('method' => $methodName); throw new \Cms\Exception(-12, __METHOD__, __LINE__, $data); } }
/** * @SWG\Api( * path="/websitesettings/editmultiple", * @SWG\Operation( * method="GET, POST", * summary="Updates website settings", * notes="Update website settings section and return the new website settings.", * type="WebsiteSettingsEdit", * nickname="edit") * )) */ public function editmultipleAction() { /** @var $validatedRequest \Cms\Request\WebsiteSettings\EditMultiple */ $validatedRequest = $this->getValidatedRequest('WebsiteSettings', 'EditMultiple'); $this->getBusiness()->checkUserRights('edit', array('websiteId' => $validatedRequest->getWebsiteId())); $allNewWebsiteSettings = $validatedRequest->getAllWebsiteSettings(); foreach ($allNewWebsiteSettings as $id => $websiteSettings) { try { $attributes = get_object_vars($websiteSettings); $this->getBusiness()->update($validatedRequest->getWebsiteId(), $id, $attributes); } catch (\Exception $e) { CmsExceptionStack::addException($e); } } $allWebsiteSettings = $this->getBusiness()->getAll($validatedRequest->getWebsiteId()); $responseData = new Response\GetAll($allWebsiteSettings); if (CmsExceptionStack::hasErrors()) { CmsExceptionStack::throwErrors($responseData); } $this->responseData->setData($responseData); }
/** * deletes the modules given by $ids * * @param ModuleSource $moduleSource * @param string[] $ids */ public function deleteByIds(ModuleSource $moduleSource, array $ids) { $allModuleInfo = $this->getAllBaseInfo($moduleSource); foreach ($ids as $id) { if (!isset($allModuleInfo[$id]) || empty($allModuleInfo[$id])) { continue; } try { $this->checkIfModuleIsWritable($allModuleInfo[$id]); FS::rmdir($allModuleInfo[$id]->getDirectory()); } catch (\Exception $e) { CmsExceptionStack::addException($e); } } $this->resetCache(); if (CmsExceptionStack::hasErrors()) { CmsExceptionStack::throwErrors(); } }
/** * Empty all theme files */ public function resetTheme() { $this->createTargetDirectory(); // empty theme files CmsExceptionStack::reset(); foreach ($this->themeFileNames as $file => $target) { try { FS::rmFile(FS::joinPath($this->targetPath, $target)); } catch (\Exception $e) { CmsExceptionStack::addException($e); } } if (CmsExceptionStack::hasErrors()) { CmsExceptionStack::throwErrors(); } }
/** * Gibt zurueck, ob der angegebene Lock fuer den angemeldete Benutzer existiert * * @param string $runId * @param string $itemId * @param string $websiteId * @param string $type * @param boolean $noLock true: Lock muss fuer den Benutzer vorhanden sein * false: gibt true zurueck auch wenn kein Lock existiert * @param boolean $throwError * @return boolean true: Lock vorhanden; false: Lock nicht vorhanden */ public function checkUserLock($runId, $itemId, $websiteId, $type, $noLock = true, $throwError = true) { // Lockstatus ermitteln $lockState = $this->checkLock($runId, $itemId, $websiteId, $type, false, $throwError); // Lock vorhanden? if (isset($lockState['action']) && ($lockState['action'] == self::LOCK_STATE_NEW || $lockState['action'] == self::LOCK_STATE_EXPIRED) && $noLock == true && $throwError == true) { // Nein -> Fehler aufnehmen switch ($type) { case self::LOCK_TYPE_PAGE: $exeptionCode = $lockState['action'] == self::LOCK_STATE_EXPIRED ? 1517 : 1510; break; case self::LOCK_TYPE_TEMPLATE: $exeptionCode = $lockState['action'] == self::LOCK_STATE_EXPIRED ? 1527 : 1520; break; case self::LOCK_TYPE_MODULE: $exeptionCode = $lockState['action'] == self::LOCK_STATE_EXPIRED ? 1535 : 1530; break; case self::LOCK_TYPE_WEBSITE: $exeptionCode = $lockState['action'] == self::LOCK_STATE_EXPIRED ? 1549 : 1540; break; default: $exeptionCode = $lockState['action'] == self::LOCK_STATE_EXPIRED ? 1509 : 1508; break; } // Fehlerdaten zusammenbauen $errData = array('item.id' => isset($lockState['item']['id']) ? $lockState['item']['id'] : '???', 'item.name' => isset($lockState['item']['name']) ? $lockState['item']['name'] : '???', 'item.type' => $type); // Fehler aufnehmen CmsExceptionStack::addException(new CmsException($exeptionCode, __METHOD__, __LINE__, $errData)); } return isset($lockState['action']) && $lockState['action'] == self::LOCK_STATE_UPDATE || $noLock !== true && $lockState['action'] == self::LOCK_STATE_NEW ? true : false; }
/** * Reparse von Pages * * @param $websiteId * @param array $pageIds * * @return array */ private function reparsePages($websiteId, array $pageIds) { if (count($pageIds) == 0) { return array(); } $idsOfReparsedPages = array(); $pageBusiness = $this->getPageBusiness(); foreach ($pageIds as $pageId) { try { $page = $pageBusiness->getById($pageId, $websiteId); if ($this->reparsePage($page)) { $idsOfReparsedPages[] = $page->getId(); } } catch (\Exception $e) { \Cms\ExceptionStack::addException($e); } } if (\Cms\ExceptionStack::hasErrors()) { \Cms\ExceptionStack::throwErrors(); } return $idsOfReparsedPages; }
/** * @param string $id * @param string $websiteId * @param array $groupIds * * @return boolean */ public function removeGroups($id, $websiteId, array $groupIds) { /** @var $groupService \Cms\Service\Group */ $groupService = $this->getService('Group'); foreach ($groupIds as $groupId) { try { $groupService->removeUsers($groupId, $websiteId, array($id)); } catch (\Exception $e) { CmsExceptionStack::addException($e); } } if (CmsExceptionStack::hasErrors()) { CmsExceptionStack::throwErrors(); } return true; }
/** * Loescht Media-Items * * IDs der Media items, welche nicht geloescht werden konnten, werden * zurueckgegeben * * @param array $mediaIds * @param string $websiteId * @return array */ public function delete(array $mediaIds, $websiteId, $checkNonDeletables = true) { $notDeletableIds = array(); if (count($mediaIds) == 0) { return $notDeletableIds; } if ($checkNonDeletables === true) { foreach ($mediaIds as $index => $mediaId) { $notDeletableInfos = array('modules' => array(), 'templates' => array(), 'pages' => array()); $deleteMediaSuccess = true; $mediaRelations = $this->getMediaRelations($mediaId, $websiteId); if (count($mediaRelations) > 0) { foreach ($notDeletableInfos as $relationKey => $relationValues) { if (isset($mediaRelations[$relationKey])) { $notDeletableInfos[$relationKey] = $mediaRelations[$relationKey]; $deleteMediaSuccess = false; } } unset($mediaIds[$index]); } if ($deleteMediaSuccess == false) { try { $mediaName = $this->getService()->getById($mediaId, $websiteId)->getName(); } catch (\Exception $e) { $mediaName = 'unknown'; } \Cms\ExceptionStack::addException(new \Cms\Exception(236, __METHOD__, __LINE__, array('id' => $mediaId, 'name' => $mediaName, 'infos' => $notDeletableInfos))); $notDeletableIds[] = $mediaId; } } } $config = Registry::getConfig(); $mediaDirectory = $config->media->files->directory; $mediaFileService = new MediaFileService($mediaDirectory); $mediaCacheDirectory = $config->media->cache->directory; $cacheFileService = new MediaCacheService($mediaCacheDirectory); foreach ($mediaIds as $index => $id) { $media = $this->getService()->getById($id, $websiteId); if ($media !== null) { $mediaFileService->delete($websiteId, $media->getFile()); $cacheFileService->delete($websiteId, $media->getFile()); } } $this->getService()->delete($mediaIds, $websiteId); return $notDeletableIds; }