Example #1
0
        }
        if ($view && in_array($moduleName . '/' . $view, $policyAccessList)) {
            return true;
        }
    }
    return false;
}
// look for module and view info in uri parameters
if (!isset($uriParams[1])) {
    exitWithInternalError("Did not find module info in url.");
    return;
}
// find module
$uri = eZURI::instance(eZSys::requestURI());
$moduleName = $uri->element();
$module = eZModule::findModule($moduleName);
if (!$module instanceof eZModule) {
    exitWithInternalError("'{$moduleName}' module does not exist, or is not a valid module.");
    return;
}
// check existance of view
$viewName = $uri->element(1);
$moduleViews = $module->attribute('views');
if (!isset($moduleViews[$viewName])) {
    exitWithInternalError("'{$viewName}' view does not exist on the current module.");
    return;
}
// Check if module / view is disabled
$moduleCheck = eZModule::accessAllowed($uri);
if (!$moduleCheck['result']) {
    exitWithInternalError('$moduleName/$viewName is disabled.');
Example #2
0
        }

        // Redirect to request URI if it is set, if not view the new object in main node
        if ( $upload->attribute( 'result_uri' ) )
        {
            $uri = $upload->attribute( 'result_uri' );
            return $module->redirectTo( $uri );
        }
        else if ( $upload->attribute( 'result_module' ) )
        {
            $data = $upload->attribute( 'result_module' );
            $moduleName = $data[0];
            $view = $data[1];
            $parameters = isset( $data[2] ) ? $data[2] : array();
            $userParameters = isset( $data[3] ) ? $data[3] : array();
            $resultModule = eZModule::findModule( $moduleName, $module );
            $resultModule->setCurrentAction( $upload->attribute( 'result_action_name' ), $view );
            $actionParameters = false;
            if ( $upload->hasAttribute( 'result_action_parameters' ) )
            {
                $actionParameters = $upload->attribute( 'result_action_parameters' );
            }

            if ( $actionParameters )
            {
                foreach ( $actionParameters as $actionParameterName => $actionParameter )
                {
                    $resultModule->setActionParameter( $actionParameterName, $actionParameter, $view );
                }
            }
            return $resultModule->run( $view, $parameters, false, $userParameters );
 /**
  * Test regression for issue #14371 in a module/view context:
  * Workflow template repeat broken by security patch.
  *
  * Test Outline
  * ------------
  * 1. Setup a workflow that features a custom workflow event that expects a
  *    value to be submitted before
  * 2. Create & publish an article
  * 3. Add a global POST variable that would be sent interactively from POST
  * 4. Publish again with this variable
  *
  * @result: Redirection to content/history
  * @expected: The object gets published without being redirected
  * @link http://issues.ez.no/14371
  */
 public function testEditAfterFetchTemplateRepeatOperation()
 {
     // first, we need to create an appropriate test workflow
     $adminUser = eZUser::fetchByName('admin');
     $adminUserID = $adminUser->attribute('contentobject_id');
     // Create approval workflow and set up pre publish trigger
     $this->workflow = $this->createWorkFlow($adminUserID);
     $this->trigger = $this->createTrigger($this->workflow->attribute('id'));
     // Log in as a user who's allowed to publish content
     $this->currentUser = eZUser::currentUser();
     eZUser::setCurrentlyLoggedInUser($adminUser, $adminUserID);
     // required to avoid a notice
     $GLOBALS['eZSiteBasics']['user-object-required'] = false;
     $contentModule = eZModule::findModule('content');
     $adminUserID = eZUser::fetchByName('admin')->attribute('contentobject_id');
     // STEP 1: Create an article
     // This should start the publishing process, and interrupt it because
     // of the fetch template repeat workflow (expected)
     $article = new ezpObject("article", 2, $adminUserID);
     $article->name = "Article (with interactive workflow) for issue/regression #14371";
     $objectID = $article->publish();
     $version = eZContentObjectVersion::fetchVersion(1, $objectID);
     // STEP 2: Add the POST variables that will allow the operation to continue
     $_POST['CompletePublishing'] = 1;
     // STEP 3: run content/edit again in order to simulate a POST from the custom TPL
     $operationResult = eZOperationHandler::execute('content', 'publish', array('object_id' => $objectID, 'version' => 1));
     $this->assertInternalType('array', $operationResult);
     $this->assertEquals($operationResult['status'], eZModuleOperationInfo::STATUS_CONTINUE, "The operation result wasn't CONTINUE");
     $this->removeWorkflow($this->workflow);
     // Log in as whoever was logged in
     eZUser::setCurrentlyLoggedInUser($this->currentUser, $this->currentUser->attribute('id'));
 }
Example #4
0
 /**
  * Loads a module object by name
  *
  * @param string $moduleName The name of the module to find (ex: content)
  * @param array|string
  *        Either an array of path or a single path string. These will be
  *        used as additionnal locations that will be looked into
  * @param boolean $showError
  *        If true an error will be shown if the module it not found.
  * @return eZModule The eZModule object, or null if the module wasn't found
  * @see findModule()
  */
 static function exists($moduleName, $pathList = null, $showError = false)
 {
     $module = null;
     return eZModule::findModule($moduleName, $module, $pathList, $showError);
 }
         $dataMap = $node->attribute('data_map');
         $query = $dataMap['solr_filter']->attribute('content');
         $tpl->setVariable('query', $query);
         $content = $tpl->fetch('design:modules/mugo_bootstrap_admin/treemenu_search.tpl');
     }
     break;
     // including type 'node_id'
 // including type 'node_id'
 default:
     // special case for setup node
     if ($value == 48) {
         $data = [];
         $moduleIni = eZINI::instance('module.ini');
         $moduleNames = $moduleIni->variable('ModuleSettings', 'ModuleList');
         foreach ($moduleNames as $identifier) {
             $module = eZModule::findModule($identifier);
             // if module does not have a name
             $name = $module->Module['name'] ? $module->Module['name'] : $identifier;
             $data[$name] = array('title' => $name, 'key' => $identifier, 'folder' => true, 'lazy' => true, 'icon' => 'glyphicon icon-default', 'type' => 'view');
         }
         ksort($data, SORT_STRING);
         // remove keys
         foreach ($data as $entry) {
             $cleanData[] = $entry;
         }
         $content = json_encode($cleanData);
     } else {
         $data = array();
         $parentNodeId = (int) $value;
         $parentNode = eZContentObjectTreeNode::fetch($parentNodeId);
         $params = array('parent_node_id' => $parentNodeId, 'limit' => 200, 'sort_by' => $parentNode->attribute('sort_array'));