public function saveModelFromSanitizedData($sanitizedData, $model, &$savedSuccessfully, &$modelToStringValue)
{
//note: the logic for ExplicitReadWriteModelPermission might still need to be moved up into the
//post method above, not sure how this is coming in from API.
$explicitReadWriteModelPermissions = static::resolveAndMakeExplicitReadWriteModelPermissions($sanitizedData, $model);
$readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedData);
$sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner');
$sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner');
$model->setAttributes($sanitizedDataWithoutOwner);
$this->afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerData != null) {
$model->setAttributes($sanitizedOwnerData);
}
if ($model instanceof OwnedSecurableItem) {
$passedOwnerValidation = $model->validate(array('owner'));
} else {
$passedOwnerValidation = true;
}
if ($passedOwnerValidation && $model->save(false)) {
if ($explicitReadWriteModelPermissions != null) {
$success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions);
//todo: handle if success is false, means adding/removing permissions save failed.
}
$savedSuccessfully = true;
$this->afterSuccessfulSave($model);
}
} else {
}
return $model;
}
/**
* Handles when a user posts to another user's profile social feed. Sets the toUser in that case.
* (non-PHPdoc)
* @see ZurmoControllerUtil::saveModelFromPost()
* @param $postData
* @param $model
* @param $savedSucessfully
* @param $modelToStringValue
* @param bool $returnOnValidate
* @return OwnedSecurableItem
*/
public function saveModelFromPost($postData, $model, &$savedSucessfully, &$modelToStringValue, $returnOnValidate = false)
{
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData);
if ($this->relatedUser != null && !Yii::app()->user->userModel->isSame($this->relatedUser)) {
$model->toUser = $this->relatedUser;
}
return $this->saveModelFromSanitizedData($sanitizedPostData, $model, $savedSucessfully, $modelToStringValue, $returnOnValidate);
}
/**
* @param object $model
* @param attay $explicitReadWriteModelPermissions
*/
protected function afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions)
{
assert('$model instanceof Product');
$postData = PostUtil::getData();
if (isset($postData[$this->productCategoryFormName])) {
$this->peopleAddedAsProductCategories = ProductCategoriesUtil::resolveProductHasManyProductCategoriesFromPost($model, $postData[$this->productCategoryFormName]);
}
}
/**
* Supports setting metadata on both models. The MyListForm model and the SearchModel
* @see ModalConfigEditView::setMetadataFromPost()
*/
public function setMetadataFromPost($postArray)
{
parent::setMetadataFromPost($postArray);
$sanitizedPostArray = PostUtil::sanitizePostByDesignerTypeForSavingModel($this->searchModel, ArrayUtil::getArrayValue($_POST, $this->getSearchModelPostArrayName()));
$searchAttributes = SearchUtil::getSearchAttributesFromSearchArrayForSavingExistingSearchCriteria($sanitizedPostArray);
$searchAttributesAdaptedToSetInModel = SearchUtil::adaptSearchAttributesToSetInRedBeanModel($searchAttributes, $this->searchModel);
$this->searchAttributes = $searchAttributesAdaptedToSetInModel;
}
/**
* @param RedBeanModel $model
* @param array $explicitReadWriteModelPermissions
*/
protected function afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions)
{
assert('$model instanceof SavedCalendar');
$postData = PostUtil::getData();
$wizardFormClassName = ReportToWizardFormAdapter::getFormClassNameByType(Report::TYPE_ROWS_AND_COLUMNS);
if (isset($postData[$wizardFormClassName])) {
CalendarUtil::populateFiltersDataInModel($model, $postData[$wizardFormClassName]);
}
}
/**
* Override to handle incoming conversation participant information
* (non-PHPdoc)
* @see ModelHasRelatedItemsZurmoControllerUtil::afterSetAttributesDuringSave()
*/
protected function afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions)
{
assert('$model instanceof Conversation');
assert('$explicitReadWriteModelPermissions instanceof ExplicitReadWriteModelPermissions');
parent::afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions);
$postData = PostUtil::getData();
if (isset($postData[$this->conversationParticipantFormName])) {
$this->peopleAddedAsConversationParticipants = ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($model, $postData[$this->conversationParticipantFormName], $explicitReadWriteModelPermissions);
}
}
/**
* @param object $model
* @param attay $explicitReadWriteModelPermissions
*/
protected function afterSetAttributesDuringSave($model, $explicitReadWriteModelPermissions)
{
assert('$model instanceof Project');
$postData = PostUtil::getData();
if (isset($postData['ProjectAccountsForm'])) {
$this->projectAccounts = self::resolveProjectManyManyAccountsFromPost($model, $postData['ProjectAccountsForm']);
$this->projectContacts = self::resolveProjectManyManyContactsFromPost($model, $postData['ProjectContactsForm']);
$this->projectOpportunities = self::resolveProjectManyManyOpportunitiesFromPost($model, $postData['ProjectOpportunitiesForm']);
}
}
public function actionForm($id)
{
$cs = Yii::app()->getClientScript();
$cs->setIsolationMode();
$contactWebForm = static::getModelAndCatchNotFoundAndDisplayError('ContactWebForm', intval($id));
$metadata = static::getMetadataByWebForm($contactWebForm);
if ($contactWebForm->language !== null) {
Yii::app()->language = $contactWebForm->language;
}
if (is_string($contactWebForm->submitButtonLabel) && !empty($contactWebForm->submitButtonLabel)) {
$metadata['global']['toolbar']['elements'][0]['label'] = $contactWebForm->submitButtonLabel;
}
$customDisplayLabels = ContactWebFormsUtil::getCustomDisplayLabels($contactWebForm);
$customRequiredFields = ContactWebFormsUtil::getCustomRequiredFields($contactWebForm);
$contactWebFormModelForm = new ContactWebFormsModelForm(new Contact());
$contactWebFormModelForm->state = $contactWebForm->defaultState;
$contactWebFormModelForm->owner = $contactWebForm->defaultOwner;
$contactWebFormModelForm->googleWebTrackingId = Yii::app()->getRequest()->getPost(ContactExternalEditAndDetailsView::GOOGLE_WEB_TRACKING_ID_FIELD);
$contactWebFormModelForm->setCustomDisplayLabels($customDisplayLabels);
$contactWebFormModelForm->setCustomRequiredFields($customRequiredFields);
$contactWebFormModelForm->resolveRequiredValidatorsForModel($customRequiredFields);
$postVariableName = get_class($contactWebFormModelForm);
if (isset($_POST[$postVariableName])) {
ContactWebFormsUtil::resolveHiddenAttributesForContactModel($postVariableName, $contactWebForm);
$_POST[$postVariableName] = PostUtil::sanitizePostByDesignerTypeForSavingModel($contactWebFormModelForm->getModel(), $_POST[$postVariableName]);
$contactWebFormModelForm->setAttributes($_POST[$postVariableName]);
$this->attemptToValidate($contactWebForm, $contactWebFormModelForm);
$this->attemptToSaveModelFromPost($contactWebFormModelForm, null, false);
if (isset($contactWebFormModelForm->getModel()->id) && intval($contactWebFormModelForm->getModel()->id) > 0) {
$this->resolveContactWebFormEntry($contactWebForm, $contactWebFormModelForm);
$controllerUtil = static::getZurmoControllerUtil();
$controllerUtil::setContactModelPermissionsByContactWebForm($contactWebFormModelForm->getModel(), $contactWebForm);
$responseData = array();
$responseData['redirectUrl'] = $contactWebForm->redirectUrl;
$this->renderResponse(CJSON::encode($responseData));
}
} else {
$containedView = new ContactExternalEditAndDetailsView('Edit', $this->getId(), $this->getModule()->getId(), $this->attemptToSaveModelFromPost($contactWebFormModelForm, null, false), $metadata);
$view = new ContactWebFormsExternalPageView(ZurmoExternalViewUtil::makeExternalViewForCurrentUser($containedView));
$cs->registerScript('catchGoogleWebTrackingId', "\n \$(document).ready(function()\n {\n \$('html').addClass('zurmo-embedded-form-active');\n if (typeof ga !== 'undefined')\n {\n ga(function(tracker)\n {\n var googleWebTrackingId = tracker.get('clientId');\n \$('#" . ContactExternalEditAndDetailsView::GOOGLE_WEB_TRACKING_ID_FIELD . "').val(googleWebTrackingId);\n });\n }\n });");
$excludeStyles = $contactWebForm->excludeStyles;
$rawXHtml = $view->render();
$rawXHtml = ZurmoExternalViewUtil::resolveAndCombineScripts($rawXHtml);
$combinedHtml = array();
$combinedHtml['head'] = ZurmoExternalViewUtil::resolveHeadTag($rawXHtml, $excludeStyles);
$combinedHtml['body'] = ZurmoExternalViewUtil::resolveHtmlAndScriptInBody($rawXHtml);
if (isset($contactWebForm->enableCaptcha) && $contactWebForm->enableCaptcha == true) {
$combinedHtml['enableCaptcha'] = true;
} else {
$combinedHtml['enableCaptcha'] = false;
}
$response = 'renderFormCallback(' . CJSON::encode($combinedHtml) . ');';
$this->renderResponse($response);
}
}
protected function actionInlineEditValidate($model)
{
$postData = PostUtil::getData();
$postFormData = ArrayUtil::getArrayValue($postData, get_class($model));
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postFormData);
$model->setAttributes($sanitizedPostData);
$model->validate();
$errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model);
echo CJSON::encode($errorData);
Yii::app()->end(0, false);
}
public function actionConfigurationEdit()
{
$breadCrumbLinks = array(Zurmo::t('MarketingModule', 'Marketing Configuration'));
$form = MarketingConfigurationFormAdapter::makeFormFromMarketingConfiguration();
$postData = PostUtil::getData();
$postVariableName = get_class($form);
if (isset($postData[$postVariableName])) {
$form->setAttributes($postData[$postVariableName]);
if ($form->validate()) {
MarketingConfigurationFormAdapter::setConfigurationFromForm($form);
Yii::app()->user->setFlash('notification', Zurmo::t('ZurmoModule', 'Marketing configuration saved successfully.'));
$this->redirect(Yii::app()->createUrl('configuration/default/index'));
}
}
$editView = new MarketingConfigurationEditAndDetailsView('Edit', $this->getId(), $this->getModule()->getId(), $form);
$editView->setCssClasses(array('AdministrativeArea'));
$view = new ZurmoConfigurationPageView(ZurmoDefaultAdminViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $editView, $breadCrumbLinks, 'SettingsBreadCrumbView'));
echo $view->render();
}
/**
* Override to handle userStatus validation
* @param User | ModelForm $model
* @param string $postVariableName
*/
protected function attemptToValidateAjaxFromPost($model, $postVariableName)
{
if (isset($_POST['ajax']) && $_POST['ajax'] == 'edit-form') {
$sanitizedPostdata = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $_POST[$postVariableName]);
$model->setAttributes($sanitizedPostdata);
$model->validate();
$userStatus = UserStatusUtil::makeByPostData($_POST[$postVariableName]);
if ($model instanceof User) {
if ($userStatus == null) {
$userStatus = UserStatusUtil::makeByUser($model);
}
Yii::app()->licenseManager->resolveValidationOnCreateOrEditUser($model, $userStatus);
} elseif ($model instanceof ModelForm) {
if ($userStatus == null) {
$userStatus = UserStatusUtil::makeByUser($model->getModel());
}
Yii::app()->licenseManager->resolveValidationOnCreateOrEditUser($model->getModel(), $userStatus);
}
$errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model);
echo CJSON::encode($errorData);
Yii::app()->end(0, false);
}
}
public function actionSaveOrder()
{
$savedWorkflowData = ArrayUtil::getArrayValue(PostUtil::getData(), 'SavedWorkflow');
if ($savedWorkflowData != null && isset($savedWorkflowData['savedWorkflowIds']) && count($savedWorkflowData['savedWorkflowIds']) > 0) {
$order = 1;
foreach ($savedWorkflowData['savedWorkflowIds'] as $savedWorkflowId) {
$savedWorkflow = SavedWorkflow::getById((int) $savedWorkflowId);
$savedWorkflow->order = $order;
$saved = $savedWorkflow->save();
if (!$saved) {
throw new FailedToSaveModelException();
}
$order++;
}
$message = Zurmo::t('WorkflowsModule', 'Order saved successfully.');
echo CJSON::encode(array('message' => $message, 'type' => 'message'));
} else {
echo CJSON::encode(array('message' => Zurmo::t('Core', 'There was an error processing your request'), 'type' => 'error'));
}
Yii::app()->end(0, false);
}
public function actionCreateEmailMessage($toAddress = null, $relatedId = null, $relatedModelClassName = null)
{
$postData = PostUtil::getData();
$getData = GetUtil::getData();
$personOrAccount = self::resolvePersonOrAccountFromGet($relatedId, $relatedModelClassName);
$emailMessage = new EmailMessage();
$emailMessageForm = new CreateEmailMessageForm($emailMessage);
$emailMessageForm->setScenario('createNonDraft');
$postVariableName = get_class($emailMessageForm);
if ($toAddress == null && $personOrAccount != null && $personOrAccount->primaryEmail->emailAddress != null) {
$toAddress = $personOrAccount->primaryEmail->emailAddress;
}
if (isset($postData[$postVariableName])) {
EmailMessageUtil::resolveEmailMessageFromPostData($postData, $emailMessageForm, Yii::app()->user->userModel);
$this->actionValidateCreateEmailMessage($postData, $emailMessageForm);
$this->attemptToSaveModelFromPost($emailMessageForm, null, false);
ZurmoControllerUtil::updatePermissionsWithDefaultForModelByCurrentUser($emailMessageForm->getModel());
Yii::app()->jobQueue->add('ProcessOutboundEmail');
} else {
EmailMessageUtil::resolveSignatureToEmailMessage($emailMessage, Yii::app()->user->userModel);
EmailMessageUtil::resolvePersonOrAccountToEmailMessage($emailMessage, Yii::app()->user->userModel, $toAddress, $relatedId, $relatedModelClassName);
$createEmailMessageModalEditView = new CreateEmailMessageModalEditView($this->getId(), $this->getModule()->getId(), $emailMessageForm);
$view = new ModalView($this, $createEmailMessageModalEditView);
Yii::app()->getClientScript()->setToAjaxMode();
echo $view->render();
}
}
/**
* @depends testCreateAndGetMeetingById
*/
public function testUpdateMeetingFromForm()
{
Yii::app()->user->userModel = User::getByUsername('super');
$user = User::getByUsername('billy');
$meetings = Meeting::getByName('MyMeeting');
$meeting = $meetings[0];
$this->assertEquals($meeting->name, 'MyMeeting');
$timeStamp = time();
$newStamp = DateTimeUtil::convertTimestampToDbFormatDateTime($timeStamp);
$postData = array('owner' => array('id' => $user->id), 'name' => 'New Name', 'startDateTime' => DateTimeUtil::convertTimestampToDisplayFormat($timeStamp, DateTimeUtil::DATETIME_FORMAT_DATE_WIDTH, DateTimeUtil::DATETIME_FORMAT_TIME_WIDTH, true));
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($meeting, $postData);
$meeting->setAttributes($sanitizedPostData);
$saved = $meeting->save();
$this->assertTrue($saved);
$id = $meeting->id;
unset($meeting);
$meeting = Meeting::getById($id);
$this->assertEquals('New Name', $meeting->name);
$this->assertEquals($sanitizedPostData['startDateTime'], $meeting->startDateTime);
//create new meeting from scratch where the startDateTime and endDateTime attributes are not populated.
//It should let you save.
$meeting = new Meeting();
$postData = array('owner' => array('id' => $user->id), 'name' => 'Lamazing', 'startDateTime' => DateTimeUtil::convertTimestampToDisplayFormat($timeStamp, DateTimeUtil::DATETIME_FORMAT_DATE_WIDTH, DateTimeUtil::DATETIME_FORMAT_TIME_WIDTH, true));
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($meeting, $postData);
$meeting->setAttributes($sanitizedPostData);
$saved = $meeting->save();
$this->assertTrue($saved);
$id = $meeting->id;
unset($meeting);
$meeting = Meeting::getById($id);
$this->assertEquals('Lamazing', $meeting->name);
$this->assertEquals($sanitizedPostData['startDateTime'], $meeting->startDateTime);
$this->assertEquals(null, $meeting->endDateTime);
}
/**
* Sanitizes get data for date and date time attributes by converting them to the proper
* format and timezone for saving. Wrapper for the method with the logic in PostUtil which completes this
* task.
* @return - array sanitized get data
*/
public static function sanitizePostByDesignerTypeForSavingModel($model, $postData)
{
return PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData);
}
protected function actionInlineEditValidate($model)
{
$readyToUsePostData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($_POST[get_class($model)]);
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $readyToUsePostData);
$sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostData, 'owner');
$sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostData, 'owner');
$model->setAttributes($sanitizedPostDataWithoutOwner);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerPostData != null) {
$model->setAttributes($sanitizedOwnerPostData);
}
if ($model instanceof OwnedSecurableItem) {
$model->validate(array('owner'));
}
}
$errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model);
echo CJSON::encode($errorData);
Yii::app()->end(0, false);
}
public function actionApplyRuntimeFilters($id)
{
$postData = PostUtil::getData();
$savedReport = SavedReport::getById((int) $id);
ControllerSecurityUtil::resolveCanCurrentUserAccessModule($savedReport->moduleClassName);
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($savedReport);
$report = SavedReportToReportAdapter::makeReportBySavedReport($savedReport);
$wizardFormClassName = ReportToWizardFormAdapter::getFormClassNameByType($report->getType());
if (!isset($postData[$wizardFormClassName])) {
throw new NotSupportedException();
}
DataToReportUtil::resolveFilters($postData[$wizardFormClassName], $report, true);
if (isset($postData['ajax']) && $postData['ajax'] == 'edit-form') {
$adapter = new ReportToWizardFormAdapter($report);
$reportWizardForm = $adapter->makeFormByType();
$reportWizardForm->setScenario(reportWizardForm::FILTERS_VALIDATION_SCENARIO);
if (!$reportWizardForm->validate()) {
$errorData = array();
foreach ($reportWizardForm->getErrors() as $attribute => $errors) {
$errorData[ZurmoHtml::activeId($reportWizardForm, $attribute)] = $errors;
}
echo CJSON::encode($errorData);
Yii::app()->end(0, false);
}
}
$filtersData = ArrayUtil::getArrayValue($postData[$wizardFormClassName], ComponentForReportForm::TYPE_FILTERS);
$sanitizedFiltersData = DataToReportUtil::sanitizeFiltersData($report->getModuleClassName(), $report->getType(), $filtersData);
$stickyData = array(ComponentForReportForm::TYPE_FILTERS => $sanitizedFiltersData);
StickyReportUtil::setDataByKeyAndData($report->getId(), $stickyData);
}
public function actionUpdateParticipants($id)
{
$postData = PostUtil::getData();
if (isset($postData['ConversationParticipantsForm'])) {
$conversation = Conversation::getById((int) $id);
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($conversation);
$currentUserWasParticipant = ConversationParticipantsUtil::isUserAParticipant($conversation, Yii::app()->user->userModel);
$peopleAdded = ConversationParticipantsUtil::resolveConversationHasManyParticipantsFromPost($conversation, $postData['ConversationParticipantsForm'], $explicitReadWriteModelPermissions);
ConversationParticipantsUtil::resolveEmailInvitesByPeople($conversation, $peopleAdded);
$saved = $conversation->save();
if ($saved) {
$success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($conversation, $explicitReadWriteModelPermissions);
$currentUserIsParticipant = ConversationParticipantsUtil::isCurrentUserAParticipant($conversation);
if ($currentUserWasParticipant && !$currentUserIsParticipant) {
echo 'redirectToList';
}
} else {
throw new FailedToSaveModelException();
}
}
}
/**
* 查看帖子
* @param: NULL
* @return: NULL
* @access: public
*/
public function run()
{
//取得帖子的id
$topic_id = $this->getParameterFromGET('id');
$topic_id = (int) $topic_id;
if (!$topic_id || $topic_id < 1) {
$this->AlertAndBack(VT_TOPIC_ID_IS_NOT_VALID);
return;
}
//验证帖子的id是否存在
if (!TopicUtil::isExists($this->db, $topic_id)) {
$this->AlertAndBack(VT_TOPIC_ID_IS_NOT_EXISTS);
return;
}
//查询帖子的版块id
$layout_id = TopicUtil::getLayoutId($this->db, $topic_id);
//验证论坛的版块
if (!LayoutUtil::isExists($this->db, $layout_id)) {
$this->AlertAndBack(VT_LAYOUT_IS_NOT_EXISTS);
return;
}
//得出论坛版块的状态
$layout_status = LayoutUtil::getLayoutStatus($this->db, $layout_id);
//状态为0则为全部开放
//状态为1则为需要验证
//状态为2则为关闭
//如果为2
if ($layout_status == 2) {
$this->AlertAndBack(VT_LAYOUT_IS_CLOSED);
return;
} else {
if ($layout_status == 1) {
if (!$_SESSION['user']['name']) {
$this->AlertAndBack(VT_LAYOUT_NEED_AUTHOR);
return;
}
}
}
//取得帖子的状态
$topic_status = TopicUtil::getTopicStatus($this->db, $topic_id);
/**
* 为0, 则开放
* 为1, 则需要认证
* 为2,则关闭
*/
if ($topic_status == 1) {
if (!$_SESSION['user']['name']) {
$this->AlertAndBack(VT_TOPIC_NEED_AUTHOR);
return;
}
}
//增加帖子的浏览次数
TopicUtil::updateViewNumber($this->db, $topic_id);
//取得Smarty的对象
$smarty = $this->getSmarty();
//先删除已经不存在的用户
LayoutUtil::delNotExistsUser($this->db);
//取得站点的公告,并显示在页面上
$is_have_post = false;
$post_str = '';
if (PostUtil::haveNotExpirePost($this->getDB())) {
$is_have_post = true;
$post_array = PostUtil::getPost($this->getDB(), 3);
foreach ($post_array as $post_rows) {
$post_str .= '<a href=\'index.php?module=post&action=view&id=' . $post_rows['id'] . '\' title=\'' . $post_rows['title'] . '\'>' . utf8_substr($post_rows['title'], 0, 35) . '</a>' . ' ';
}
}
$smarty->assign('have_system_post', $is_have_post);
$smarty->assign('post_str', $post_str);
//求帖子的访问的导航菜单
$nav_array = LayoutUtil::getParentLayoutInfo($this->db, $layout_id);
//导航栏
$smarty->assign('nav_array', $nav_array);
//求帖子的标题
$title = TopicUtil::getTitle($this->db, $topic_id);
$smarty->assign('topic_title', $title);
$smarty->assign('clone_title', ' -> ' . $title);
//取得页面
$page = $this->getParameterFromGET('page');
if (!$page || $page <= 0) {
$page = 1;
}
//求总的页面
$total_page = TopicUtil::getTotalPage($this->db, $topic_id, $this->pre_page);
if ($page > $total_page && $total_page > 0) {
$page = $total_page;
}
//帖子的id和版块的id
$smarty->assign('topic_id', $topic_id);
$smarty->assign('bbs_id', $layout_id);
//页面
$smarty->assign('now_page', $page);
$smarty->assign('total_page', $total_page);
$begin_page = 1;
$end_page = $total_page;
if ($page <= 10 && $total_page >= 10) {
$end_page = 10;
} else {
if ($page > 10) {
if ($page % 10 == 0) {
//向前翻
$end_page = $page;
$begin_page = $end_page - 9;
} else {
if ($page % 10 == 1) {
//向后翻
//确定开始的页数
$begin_page = $page;
if ($begin_page > $total_page) {
$begin_page = $page - 9;
}
if ($begin_page + 9 > $total_page) {
$end_page = $total_page;
} else {
$end_page = $begin_page + 9;
}
} else {
$num = $page % 10;
$pre_num = floor($page / 10);
$begin_page = $pre_num * 10 + 1;
$end_page = $begin_page + 9;
}
}
}
}
if ($end_page > $total_page) {
$end_page = $total_page;
}
$nav_page_array = array();
for ($i = $begin_page; $i <= $end_page; $i++) {
array_push($nav_page_array, $i);
}
//帖子导航栏
$smarty->assign('nav_page', $nav_page_array);
$offset_page = ($page - 1) * $this->pre_page;
$topic_array = TopicUtil::getTopicInfo($this->db, $topic_id, $this->pre_page, $offset_page);
$smarty->assign('topic', $topic_array);
//取得当前用户的身份
$user_name = $_SESSION['user']['name'];
$user_id = UserUtil::getUserId($this->db, $user_name);
if (strlen($user_name)) {
//验证用户的身份
$sql = 'select group_dep from base_user_info where lower(user_name) =?';
$sth = $this->db->prepare($sql);
$res = $this->db->Execute($sth, array(strtolower($user_name)));
$rows = $res->FetchRow();
$user_group = $rows['group_dep'];
if ($user_group == 1 || $user_group == 2) {
$smarty->assign('can_be_close', 1);
} else {
if ($user_group == 3) {
$layout_id = TopicUtil::getLayoutId($this->db, $topic_id);
$sql = 'select count(*) as num from bbs_layout_manager where user_id=? and ' . ' layout_id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->Execute($sth, array($user_id, $layout_id));
$rows = $res->FetchRow();
if (!$rows['num']) {
$smarty->assign('can_be_close', 0);
} else {
$smarty->assign('can_be_close', 1);
}
}
}
} else {
$smarty->assign('can_be_close', 0);
}
//加密一个返回的url
$backurl = 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . '&page=' . $page;
$backurl = base64_encode($backurl);
$smarty->assign('backurl', $backurl);
$smarty->display('viewtopic.tmpl');
}
public function testProjectSaveWithPermissions()
{
Yii::app()->user->userModel = User::getByUsername('super');
$user = Yii::app()->user->userModel;
$everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
$explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions();
$postData = array('name' => 'ProjectPermissionTest', 'description' => 'Test Description', 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => ''));
$model = new Project();
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData);
if ($model instanceof SecurableItem) {
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model);
} else {
$explicitReadWriteModelPermissions = null;
}
$readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData);
$sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner');
$sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner');
$model->setAttributes($sanitizedDataWithoutOwner);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerData != null) {
$model->setAttributes($sanitizedOwnerData);
}
if ($model instanceof OwnedSecurableItem) {
$passedOwnerValidation = $model->validate(array('owner'));
} else {
$passedOwnerValidation = true;
}
if ($passedOwnerValidation && $model->save(false)) {
if ($explicitReadWriteModelPermissions != null) {
$success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions);
//todo: handle if success is false, means adding/removing permissions save failed.
}
$savedSuccessfully = true;
}
} else {
}
$this->assertEquals('ProjectPermissionTest', $model->name);
}
/**
* Only supports saving 4 layoutTypes (max 2 column)
*
*/
public function actionEditDashboard($id)
{
$id = intval($id);
$dashboard = Dashboard::getById(intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserWriteModel($dashboard);
if (isset($_POST['Dashboard'])) {
$oldLayoutType = $dashboard->layoutType;
$_POST['Dashboard'] = PostUtil::sanitizePostByDesignerTypeForSavingModel($dashboard, $_POST['Dashboard']);
$dashboard->setAttributes($_POST['Dashboard']);
assert('in_array($dashboard->layoutType, array_keys(Dashboard::getLayoutTypesData()))');
if ($dashboard->save()) {
if ($oldLayoutType != $dashboard->layoutType && $dashboard->layoutType == '100') {
$uniqueLayoutId = 'HomeDashboard' . $dashboard->layoutId;
$portletCollection = Portlet::getByLayoutIdAndUserSortedByColumnIdAndPosition($uniqueLayoutId, Yii::app()->user->userModel->id, array());
Portlet::shiftPositionsBasedOnColumnReduction($portletCollection, 1);
}
GeneralCache::forgetAll();
//Ensure menu refreshes
$this->redirect(array('default/dashboardDetails', 'id' => $dashboard->id));
}
}
$editView = new DashboardEditView($this->getId(), $this->getModule()->getId(), $dashboard, strval($dashboard));
$view = new AccountsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $editView));
echo $view->render();
}
/**
* 显示BBS的首页
* @param: NULL
* @return: NULL
* @access: public
*/
public function run()
{
//先删除已经不存在的用户
LayoutUtil::delNotExistsUser($this->db);
//取得站点的公告,并显示在页面上
$is_have_post = false;
$post_str = '';
if (PostUtil::haveNotExpirePost($this->getDB())) {
$is_have_post = true;
$post_array = PostUtil::getPost($this->getDB(), 3);
foreach ($post_array as $post_rows) {
$post_str .= '<a href=\'index.php?module=post&action=view&id=' . $post_rows['id'] . '\' title=\'' . $post_rows['title'] . '\'>' . utf8_substr($post_rows['title'], 0, 35) . '</a>' . ' ';
}
}
//取得论坛的统计信息
$online_user_number = UserUtil::getOnlineUserNumber($this->db);
$online_vistor_number = UserUtil::getVistorNumber($this->db);
//在线的最高时间
$high_access = UserUtil::getTheHighAccess($this->db);
$high_number = $high_access['num'];
$high_time = $high_access['time'];
//在线用户列表
$online_user_array = UserUtil::getOnLineUser($this->db);
//取得站点的版面信息
$bbs_layout = $this->getBBSLayout();
$smarty = $this->getSmarty();
//统计当前在线人数和发表的主题数,帖子数。
//总共有的会员数
$dbh = $this->getDB();
$sql = "select count(*) as num from online_user";
$stmt = $dbh->prepare($sql);
$res = $dbh->Execute($stmt);
$rows = $res->FetchRow();
$smarty->assign('all_page_online_user', $rows['num']);
$sql = "select count(*) as num from bbs_subject ";
$stmt = $dbh->prepare($sql);
$res = $dbh->CacheExecute(40, $stmt);
$rows = $res->FetchRow();
$smarty->assign('all_page_topic_number', $rows['num']);
$sql = "select count(*) as num from bbs_reply ";
$stmt = $dbh->prepare($sql);
$res = $dbh->CacheExecute(60, $stmt);
$rows = $res->FetchRow();
$smarty->assign('all_page_reply_number', $rows['num']);
$sql = "select count(*) as num from base_user_info ";
$stmt = $dbh->prepare($sql);
$res = $dbh->Execute($stmt);
$rows = $res->FetchRow();
$smarty->assign('all_page_user_number', $rows['num']);
//查找最近新登录的三位新会员
$sql = "select id, user_name from base_user_info order by id desc limit 3";
$stmt = $dbh->prepare($sql);
$res = $dbh->CacheExecute(100, $stmt);
$rows = $res->GetArray();
$smarty->assign('newuser', $rows);
$smarty->assign('have_system_post', $is_have_post);
$smarty->assign('post_str', $post_str);
$smarty->assign('online_user_number', $online_user_number);
$smarty->assign('online_vistor_number', $online_vistor_number);
$smarty->assign('high_number', $high_number);
$smarty->assign('high_time', $high_time);
$smarty->assign('user_info', $online_user_array);
$smarty->assign('info', $bbs_layout);
$smarty->display('showbbsindex.tmpl');
}
/**
* @depends testCreateAndGetAccountById
*/
public function testValidatesWithoutOwnerWhenSpecifyingAttributesToValidate()
{
$user = User::getByUsername('steven');
$this->assertTrue($user->id > 0);
$account = new Account(false);
$_POST['MassEdit'] = array('employees' => '1');
$_POST['fake'] = array('employees' => 4);
PostUtil::sanitizePostForSavingMassEdit('fake');
$account->setAttributes($_POST['fake']);
$account->validate(array_keys($_POST['MassEdit']));
$this->assertEquals(array(), $account->getErrors());
$account->forget();
$account = new Account(false);
$_POST['MassEdit'] = array('owner' => '1');
$_POST['fake'] = array('owner' => array('id' => ''));
PostUtil::sanitizePostForSavingMassEdit('fake');
$account->setAttributes($_POST['fake']);
$account->validate(array_keys($_POST['MassEdit']));
//there should be an owner error since it is specified but blank
$this->assertNotEquals(array(), $account->getErrors());
$account->forget();
$account = new Account(false);
$_POST['MassEdit'] = array('employees' => '1', 'owner' => '2');
$_POST['fake'] = array('employees' => 4, 'owner' => array('id' => $user->id));
PostUtil::sanitizePostForSavingMassEdit('fake');
$account->setAttributes($_POST['fake']);
$account->validate(array_keys($_POST['MassEdit']));
$this->assertEquals(array(), $account->getErrors());
}
public function testRemoveElementFromPostDataForSavingModel()
{
$data = array('a' => 'aaa', 'b' => 'bbb', 'c' => 'ccc');
$newData = PostUtil::removeElementFromPostDataForSavingModel($data, 'doesntexist');
$this->assertEquals($data, $newData);
$newData = PostUtil::removeElementFromPostDataForSavingModel($data, 'b');
$this->assertEquals(array('a' => 'aaa', 'c' => 'ccc'), $newData);
}
public function actionSave($builtType)
{
$postData = PostUtil::getData();
$emailTemplate = null;
$this->resolveEmailTemplateByPostData($postData, $emailTemplate, $builtType);
$emailTemplateToWizardFormAdapter = new EmailTemplateToWizardFormAdapter($emailTemplate);
$model = $emailTemplateToWizardFormAdapter->makeFormByBuiltType();
if (isset($postData['ajax']) && $postData['ajax'] === 'edit-form') {
$this->actionValidate($postData, $model);
}
$unmuteScoring = false;
if ($emailTemplate->isBuilderTemplate() && ($emailTemplate->isDraft || !isset($emailTemplate->isDraft))) {
Yii::app()->gameHelper->muteScoringModelsOnSave();
$unmuteScoring = true;
}
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($postData[get_class($model)], $emailTemplate);
if ($emailTemplate->save()) {
if ($unmuteScoring) {
Yii::app()->gameHelper->unmuteScoringModelsOnSave();
}
if ($explicitReadWriteModelPermissions != null) {
ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($emailTemplate, $explicitReadWriteModelPermissions);
}
$modelClassName = $emailTemplate->modelClassName;
$moduleClassName = $modelClassName::getModuleClassName();
echo CJSON::encode(array('id' => $emailTemplate->id, 'redirectToList' => false, 'moduleClassName' => $moduleClassName));
Yii::app()->end(0, false);
} else {
throw new FailedToSaveModelException();
}
}
/**
* Override to handle report filters
* @param SavedCalendar | ModelForm $model
* @param string $postVariableName
* @throws NotSupportedException();
*/
protected function attemptToValidateAjaxFromPost($model, $postVariableName)
{
if (isset($_POST['ajax']) && $_POST['ajax'] == 'edit-form') {
$postData = PostUtil::getData();
$readyToUsePostData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($_POST[$postVariableName]);
$sanitizedPostdata = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $readyToUsePostData);
$sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostdata, 'owner');
$sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostdata, 'owner');
$model->setAttributes($sanitizedPostDataWithoutOwner);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerPostData != null) {
$model->setAttributes($sanitizedOwnerPostData);
}
if ($model instanceof OwnedSecurableItem) {
$model->validate(array('owner'));
}
}
$wizardFormClassName = ReportToWizardFormAdapter::getFormClassNameByType(Report::TYPE_ROWS_AND_COLUMNS);
if (!isset($postData[$wizardFormClassName])) {
throw new NotSupportedException();
}
$report = SavedCalendarToReportAdapter::makeReportBySavedCalendar($model);
DataToReportUtil::resolveFiltersStructure($postData[$wizardFormClassName], $report);
DataToReportUtil::resolveFilters($postData[$wizardFormClassName], $report);
//This would do the filter and filter structure validation
$reportToWizardFormAdapter = new ReportToWizardFormAdapter($report);
$reportForm = $reportToWizardFormAdapter->makeFormByType();
$postData['validationScenario'] = $wizardFormClassName::FILTERS_VALIDATION_SCENARIO;
$filtersErrorData = ReportUtil::validateReportWizardForm($postData, $reportForm);
$errorData = ZurmoActiveForm::makeErrorsDataAndResolveForOwnedModelAttributes($model);
$errorData = array_merge($errorData, $filtersErrorData);
echo CJSON::encode($errorData);
Yii::app()->end(0, false);
}
}
/**
* 显示版面的情况
* @param: NULL
* @return: NULL
* @access: public
*/
public function run()
{
//取得用户的id
$user_id = UserUtil::getUserId($this->db, $_SESSION['user']['name']);
$smarty = $this->getSmarty();
//取得站点的公告,并显示在页面上
$is_have_post = false;
$post_str = '';
if (PostUtil::haveNotExpirePost($this->getDB())) {
$is_have_post = true;
$post_array = PostUtil::getPost($this->getDB(), 3);
foreach ($post_array as $post_rows) {
$post_str .= '<a href=\'index.php?module=post&action=view&id=' . $post_rows['id'] . '\' title=\'' . $post_rows['title'] . '\'>' . utf8_substr($post_rows['title'], 0, 35) . '</a>' . ' ';
}
}
$smarty->assign('have_system_post', $is_have_post);
$smarty->assign('post_str', $post_str);
//公告显示结束
$q = $this->getParameterFromGET('q');
$encode_q = $q;
//取得查询字符串
if (!$q) {
//取得用户最后一次的动作时间
$last_time = UserUtil::getUserLastLogoutTime($this->db, $user_id);
//生成一个where语句
$q = " where last_access_date >='" . $last_time . "'";
$encode_q = base64_encode($q);
} else {
$q = base64_decode($q);
}
$smarty->assign('encode_q', $encode_q);
//生成所有的记录数
$sql = 'select count(*) as num from bbs_subject ' . $q;
$res = $this->db->Execute($sql);
$rows = $res->FetchRow();
$total_number = $rows['num'];
//求总公的页面
$total_page = ceil($total_number / $this->page_number);
//取得当前的页面
$page = $this->getParameter('page');
if (!$page || $page < 0) {
$page = 1;
}
if ($page > $total_page && $total_page > 0) {
$page = $total_page;
}
$begin_page = 1;
$end_page = $total_page;
if ($page <= 10 && $total_page >= 10) {
$end_page = 10;
} else {
if ($page > 10) {
if ($page % 10 == 0) {
//向前翻
$end_page = $page;
$begin_page = $end_page - 9;
} else {
if ($page % 10 == 1) {
//向后翻
//确定开始的页数
$begin_page = $page;
if ($begin_page > $total_page) {
$begin_page = $page - 9;
}
if ($begin_page + 9 > $total_page) {
$end_page = $total_page;
} else {
$end_page = $begin_page + 9;
}
} else {
$num = $page % 10;
$pre_num = floor($page / 10);
$begin_page = $pre_num * 10 + 1;
$end_page = $begin_page + 9;
}
}
}
}
if ($end_page > $total_page) {
$end_page = $total_page;
}
$nav_page_array = array();
for ($i = $begin_page; $i <= $end_page; $i++) {
array_push($nav_page_array, $i);
}
//帖子导航栏
$smarty->assign('nav_page', $nav_page_array);
//当前的页面
$smarty->assign('now_page', $page);
//共有的页面
$smarty->assign('total_page', $total_page);
//显示搜索结果
//求出偏移
$offset_number = ($page - 1) * $this->page_number;
$subject_array = LayoutUtil::getCacheSubjectInfo($this->db, $this->page_number, $offset_number, $q);
if ($total_page > 0) {
$smarty->assign('subject', $subject_array);
$smarty->assign('have_subject', 1);
}
$smarty->display('viewnew.tmpl');
}
protected static function processModelForMassEdit(&$model)
{
// TODO: @Shoaibi/@Jason: Low: Candidate for MassActionController
$postModelClassName = Yii::app()->request->getPost(get_class($model));
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postModelClassName);
$sanitizedOwnerPostData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($sanitizedPostData, 'owner');
$sanitizedPostDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($sanitizedPostData, 'owner');
$model->setAttributes($sanitizedPostDataWithoutOwner);
if ($sanitizedOwnerPostData != null) {
$model->setAttributes($sanitizedOwnerPostData);
}
if (!$model->save(false)) {
throw new FailedToSaveModelException();
} else {
return true;
}
}
public function testProductSaveWithPermissions()
{
Yii::app()->user->userModel = User::getByUsername('super');
$contacts = Contact::getAll();
$accounts = Account::getByName('superAccount');
$opportunities = Opportunity::getByName('superOpportunity');
$productTemplates = ProductTemplate::getByName('superProductTemplate');
$account = $accounts[0];
$user = $account->owner;
$everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
$explicitReadWriteModelPermissions = new ExplicitReadWriteModelPermissions();
$currencyHelper = Yii::app()->currencyHelper;
$currencyCode = $currencyHelper->getBaseCode();
$currency = Currency::getByCode($currencyCode);
$postData = array('productTemplate' => array('id' => $productTemplates[0]->id), 'name' => 'ProductPermissionTest', 'quantity' => 6, 'account' => array('id' => $accounts[0]->id), 'contact' => array('id' => $contacts[0]->id), 'opportunity' => array('id' => ''), 'type' => ProductTemplate::TYPE_PRODUCT, 'priceFrequency' => ProductTemplate::PRICE_FREQUENCY_ONE_TIME, 'sellPrice' => array('currency' => array('id' => $currency->id), 'value' => 210), 'stage' => array('value' => 'Open'), 'owner' => array('id' => $user->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_EVERYONE_GROUP, 'nonEveryoneGroup' => ''));
$model = new Product();
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($model, $postData);
if ($model instanceof SecurableItem) {
$explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::resolveByPostDataAndModelThenMake($sanitizedPostData, $model);
} else {
$explicitReadWriteModelPermissions = null;
}
$readyToUseData = ExplicitReadWriteModelPermissionsUtil::removeIfExistsFromPostData($sanitizedPostData);
$sanitizedOwnerData = PostUtil::sanitizePostDataToJustHavingElementForSavingModel($readyToUseData, 'owner');
$sanitizedDataWithoutOwner = PostUtil::removeElementFromPostDataForSavingModel($readyToUseData, 'owner');
$model->setAttributes($sanitizedDataWithoutOwner);
if ($model->validate()) {
$modelToStringValue = strval($model);
if ($sanitizedOwnerData != null) {
$model->setAttributes($sanitizedOwnerData);
}
if ($model instanceof OwnedSecurableItem) {
$passedOwnerValidation = $model->validate(array('owner'));
} else {
$passedOwnerValidation = true;
}
if ($passedOwnerValidation && $model->save(false)) {
if ($explicitReadWriteModelPermissions != null) {
$success = ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($model, $explicitReadWriteModelPermissions);
//todo: handle if success is false, means adding/removing permissions save failed.
}
$savedSuccessfully = true;
}
} else {
}
$this->assertEquals('ProductPermissionTest', $model->name);
}
/**
* @depends testCreateAndGetTaskById
*/
public function testUpdateTaskFromForm()
{
Yii::app()->user->userModel = User::getByUsername('super');
$user = User::getByUsername('billy');
$tasks = Task::getByName('MyTask');
$task = $tasks[0];
$this->assertEquals($task->name, 'MyTask');
$postData = array('owner' => array('id' => $user->id), 'name' => 'New Name', 'dueDateTime' => '');
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($task, $postData);
$task->setAttributes($sanitizedPostData);
$this->assertTrue($task->save());
$id = $task->id;
unset($task);
$task = Task::getById($id);
$this->assertEquals('New Name', $task->name);
$this->assertEquals(null, $task->dueDateTime);
//create new task from scratch where the DateTime attributes are not populated. It should let you save.
$task = new Task();
$postData = array('owner' => array('id' => $user->id), 'name' => 'Lamazing', 'dueDateTime' => '');
$sanitizedPostData = PostUtil::sanitizePostByDesignerTypeForSavingModel($task, $postData);
$task->setAttributes($sanitizedPostData);
$this->assertTrue($task->save());
$id = $task->id;
unset($task);
$task = Task::getById($id);
$this->assertEquals('Lamazing', $task->name);
$this->assertEquals(null, $task->dueDateTime);
}
