public function validateUpdate($payload, sfWebRequest $request = null)
{
parent::validateUpdate($payload, $request);
$params = $this->parsePayload($payload);
$user = $this->getUser()->getGuardUser();
if (!$user) {
throw new sfException('Action requires an auth token.', 401);
}
$primaryKey = $request->getParameter('id');
$episode = EpisodeTable::getInstance()->find($primaryKey);
if (!$this->getUser()->isSuperAdmin()) {
$admin = sfGuardUserSubredditMembershipTable::getInstance()->getFirstByUserSubredditAndMemberships($user->getIncremented(), $episode->getSubredditId(), array('admin'));
$moderator = sfGuardUserSubredditMembershipTable::getInstance()->getFirstByUserSubredditAndMemberships($user->getIncremented(), $episode->getSubredditId(), array('moderator'));
if (!$admin) {
if (array_key_exists('episode_assignment_id', $params)) {
$assignment = EpisodeAssignmentTable::getInstance()->find($params['episode_assignment_id']);
if ($assignment->getSfGuardUserId() != $user->getIncremented()) {
throw new sfException('You are not allowed to change the EpisodeAssignment of the Episode!', 403);
}
}
if (array_key_exists('approved_by', $params) && !$moderator && $params['approved_by'] != $user->getIncremented()) {
throw new sfException('You are not allowed to add approval for the Episode!', 403);
}
}
}
}
public function validateUpdate($payload, sfWebRequest $request = null)
{
parent::validateUpdate($payload, $request);
$params = $this->parsePayload($payload);
$primaryKey = $request->getParameter('id');
$assignment = EpisodeAssignmentTable::getInstance()->find($primaryKey);
$admin = sfGuardUserSubredditMembershipTable::getInstance()->getFirstByUserSubredditAndMemberships($user->getIncremented(), $assignment->getEpisode()->getSubredditId(), array('admin'));
if (array_key_exists('sf_guard_user_id', $params) && !$this->getUser()->isSuperAdmin() && !$admin) {
throw new sfException('You are not allowed to change users for this EpisodeAssignment.', 403);
}
}
public function validateUpdate($payload, sfWebRequest $request = null)
{
parent::validateUpdate($payload, $request);
$primaryKey = $request->getParameter('id');
$params = $this->parsePayload($payload);
$user = $this->getUser()->getGuardUser();
if (!$user) {
throw new sfException('Action requires an auth token.', 401);
}
$deadline = DeadlineTable::getInstance()->find($request->getParameter('id'));
$subreddit_id = $deadline->getSubredditId();
$admin = sfGuardUserSubredditMembershipTable::getInstance()->getFirstByUserSubredditAndMemberships($user->getIncremented(), $subreddit_id, array('admin'));
if (!$admin && !$this->getUser()->isSuperAdmin()) {
throw new sfException("Your user does not have permissions to " . "update Deadlines in this Subreddit.", 403);
}
}
/**
* Since a User can only have one membership in a Subreddit, this tests that
* the first returned sfGuardUserSubredditMembership is the exact same as
* the only one made. The limitation on sfGuardUserSubredditMemberships is
* in place using Unique indexes in the database, so we depend upon that to
* prevent multiple Subreddit Memberships.
*/
public function testGetFirstByUserSubredditAndMemberships()
{
$user = new sfGuardUser();
$user->setEmailAddress(rand(0, 1000));
$user->setUsername(rand(0, 1000));
$user->setIsValidated(1);
$user->save();
$subreddit = new Subreddit();
$subreddit->setName(rand(0, 1000));
$subreddit->setDomain(rand(0, 1000));
$subreddit->save();
$membership = MembershipTable::getInstance()->findOneByType('user');
$second_membership = MembershipTable::getInstance()->findOneByType('admin');
$user_subreddit_membership = new sfGuardUserSubredditMembership();
$user_subreddit_membership->setSfGuardUserId($user->getIncremented());
$user_subreddit_membership->setSubredditId($subreddit->getIncremented());
$user_subreddit_membership->setMembership($membership);
$user_subreddit_membership->save();
$second_user_subreddit_membership = new sfGuardUserSubredditMembership();
$second_user_subreddit_membership->setSfGuardUserId($user->getIncremented());
$second_user_subreddit_membership->setSubredditId($subreddit->getIncremented());
$second_user_subreddit_membership->setMembership($second_membership);
$exception_thrown = false;
try {
$second_user_subreddit_membership->save();
} catch (Exception $exception) {
unset($exception);
$exception_thrown = true;
}
$retrieved_object = sfGuardUserSubredditMembershipTable::getInstance()->getFirstByUserSubredditAndMemberships($user->getIncremented(), $subreddit->getIncremented(), array($membership->getType()));
$this->assertEquals($retrieved_object->getIncremented(), $user_subreddit_membership->getIncremented());
$user_subreddit_membership->delete();
$subreddit->delete();
$user->delete();
$this->assertTrue($exception_thrown);
}
protected function verifyPermissionsForCurrentUser($subreddit_id, $permissions = array())
{
$membership = sfGuardUserSubredditMembershipTable::getInstance()->getFirstByUserSubredditAndMemberships($this->getUser()->getApiUserId(), $subreddit_id, $permissions);
return $membership ? true : false;
}
public function save(Doctrine_Connection $conn = null)
{
if (!$this->isNew() && !$this->getSkipBackup() && in_array('graphic_file', $this->_modified) && $this->_get('graphic_file')) {
$file_location = rtrim(ProjectConfiguration::getEpisodeGraphicFileLocalDirectory(), '/') . '/';
$filename = $this->_get('graphic_file');
if (file_exists($file_location . $filename)) {
ProjectConfiguration::registerAws();
$response = $this->saveFileToApplicationBucket($file_location, $filename, 'upload', AmazonS3::ACL_PUBLIC);
if ($response->isOK()) {
unlink($file_location . $filename);
}
}
}
if (!$this->isNew() && !$this->getSkipBackup() && in_array('audio_file', $this->_modified) && $this->_get('audio_file')) {
$file_location = rtrim(ProjectConfiguration::getEpisodeAudioFileLocalDirectory(), '/') . '/';
$filename = $this->_get('audio_file');
if (file_exists($file_location . $filename)) {
ProjectConfiguration::registerAws();
$response = $this->saveFileToApplicationBucket($file_location, $filename, 'audio');
}
}
if (!$this->isNew() && in_array('is_submitted', $this->_modified) && $this->_get('is_submitted')) {
/* The episode has been submitted. We need to send an email about
* it to the subreddit moderators.
*/
$types = array('moderator');
$memberships = sfGuardUserSubredditMembershipTable::getInstance()->getAllBySubredditAndMemberships($this->getSubredditId(), $types);
$initial_is_submitted = $this->_get('is_submitted');
$initial_submitted_at = $this->_get('submitted_at');
foreach ($memberships as $membership) {
$user = $membership->getSfGuardUser();
$parameters = array('user_id' => $membership->getSfGuardUserId(), 'episode_id' => $this->getIncremented());
$prefer_html = $user->getPreferHtml();
$address = $user->getEmailAddress();
$name = $user->getPreferredName() ? $user->getPreferredName() : $user->getFullName();
$email = EmailTable::getInstance()->getFirstByEmailTypeAndLanguage('EpisodeApprovalPending', $user->getPreferredLanguage());
$subject = $email->generateSubject($parameters);
$body = $email->generateBodyText($parameters, $prefer_html);
$from = sfConfig::get('app_email_address', ProjectConfiguration::getApplicationName() . ' <' . ProjectConfiguration::getApplicationEmailAddress() . '>');
AppMail::sendMail($address, $from, $subject, $body, $prefer_html ? $body : null);
$user->addLoginMessage('You have Episodes awaiting your approval.');
}
// @todo: The previous foreach loop sets the 'is_submitted' and 'submitted_at' columns to null. I don't know why.
$this->_set('is_submitted', $initial_is_submitted);
$this->_set('submitted_at', $initial_submitted_at);
}
return parent::save($conn);
}
public function validateUpdate($payload, sfWebRequest $request = null)
{
parent::validateUpdate($payload, $request);
$params = $this->parsePayload($payload);
$user = $this->getUser()->getGuardUser();
$primaryKey = $request->getParameter('id');
$admin = sfGuardUserSubredditMembershipTable::getInstance()->getFirstByUserSubredditAndMemberships($user->getIncremented(), $primaryKey, array('admin'));
if (!$this->getUser()->isSuperAdmin() && !$admin) {
throw new sfException("Your user does not have permissions to " . "alter Subreddits.", 403);
}
}
