function check_group_perm($id)
{
global $modx;
include_once MODX_MANAGER_PATH . 'processors/user_documents_permissions.class.php';
$udperms = new udperms();
$udperms->user = $modx->getLoginUserID();
$udperms->document = $id;
$udperms->role = $_SESSION['mgrRole'];
return $udperms->checkPermissions();
}
$tbl_document_groups = $modx->getFullTableName('document_groups');
$tbl_keyword_xref = $modx->getFullTableName('keyword_xref');
$tbl_site_content = $modx->getFullTableName('site_content');
$tbl_site_content_metatags = $modx->getFullTableName('site_content_metatags');
$tbl_site_keywords = $modx->getFullTableName('site_keywords');
$tbl_site_metatags = $modx->getFullTableName('site_metatags');
$tbl_site_templates = $modx->getFullTableName('site_templates');
$tbl_site_tmplvar_access = $modx->getFullTableName('site_tmplvar_access');
$tbl_site_tmplvar_contentvalues = $modx->getFullTableName('site_tmplvar_contentvalues');
$tbl_site_tmplvar_templates = $modx->getFullTableName('site_tmplvar_templates');
$tbl_site_tmplvars = $modx->getFullTableName('site_tmplvars');
if ($action == 27) {
//editing an existing document
// check permissions on the document
include_once MODX_MANAGER_PATH . 'processors/user_documents_permissions.class.php';
$udperms = new udperms();
$udperms->user = $modx->getLoginUserID();
$udperms->document = $id;
$udperms->role = $_SESSION['mgrRole'];
if (!$udperms->checkPermissions()) {
$modx->webAlertAndQuit($_lang["access_permission_denied"]);
}
}
// Check to see the document isn't locked
$rs = $modx->db->select('username', $tbl_active_users, "action=27 AND id='{$id}' AND internalKey!='" . $modx->getLoginUserID() . "'");
if ($username = $modx->db->getValue($rs)) {
$modx->webAlertAndQuit(sprintf($_lang['lock_msg'], $username, 'document'));
}
// get document groups for current user
if ($_SESSION['mgrDocgroups']) {
$docgrp = implode(',', $_SESSION['mgrDocgroups']);
/**
* The next step called at the end of executeParser()
*
* - checks cache
* - checks if document/resource is deleted/unpublished
* - checks if resource is a weblink and redirects if so
* - gets template and parses it
* - ensures that postProcess is called when PHP is finished
*/
function prepareResponse()
{
// we now know the method and identifier, let's check the cache
$this->documentContent = $this->checkCache($this->documentIdentifier);
if ($this->documentContent != "") {
// invoke OnLoadWebPageCache event
$this->invokeEvent("OnLoadWebPageCache");
} else {
// get document object
$this->documentObject = $this->getDocumentObject($this->documentMethod, $this->documentIdentifier, 'prepareResponse');
// write the documentName to the object
$this->documentName = $this->documentObject['pagetitle'];
// validation routines
if ($this->documentObject['deleted'] == 1) {
$this->sendErrorPage();
}
// && !$this->checkPreview()
if ($this->documentObject['published'] == 0) {
// Can't view unpublished pages
if (!$this->hasPermission('view_unpublished')) {
$this->sendErrorPage();
} else {
// Inculde the necessary files to check document permissions
include_once MODX_MANAGER_PATH . 'processors/user_documents_permissions.class.php';
$udperms = new udperms();
$udperms->user = $this->getLoginUserID();
$udperms->document = $this->documentIdentifier;
$udperms->role = $_SESSION['mgrRole'];
// Doesn't have access to this document
if (!$udperms->checkPermissions()) {
$this->sendErrorPage();
}
}
}
// check whether it's a reference
if ($this->documentObject['type'] == "reference") {
if (is_numeric($this->documentObject['content'])) {
// if it's a bare document id
$this->documentObject['content'] = $this->makeUrl($this->documentObject['content']);
} elseif (strpos($this->documentObject['content'], '[~') !== false) {
// if it's an internal docid tag, process it
$this->documentObject['content'] = $this->rewriteUrls($this->documentObject['content']);
}
$this->sendRedirect($this->documentObject['content'], 0, '', 'HTTP/1.0 301 Moved Permanently');
}
// check if we should not hit this document
if ($this->documentObject['donthit'] == 1) {
$this->config['track_visitors'] = 0;
}
// get the template and start parsing!
if (!$this->documentObject['template']) {
$this->documentContent = "[*content*]";
} else {
$result = $this->db->select('content', $this->getFullTableName("site_templates"), "id = '{$this->documentObject['template']}'");
$rowCount = $this->db->getRecordCount($result);
if ($rowCount == 1) {
$this->documentContent = $this->db->getValue($result);
} else {
$this->messageQuit("Incorrect number of templates returned from database");
}
}
// invoke OnLoadWebDocument event
$this->invokeEvent("OnLoadWebDocument");
// Parse document source
$this->documentContent = $this->parseDocumentSource($this->documentContent);
// setup <base> tag for friendly urls
// if($this->config['friendly_urls']==1 && $this->config['use_alias_path']==1) {
// $this->regClientStartupHTMLBlock('<base href="'.$this->config['site_url'].'" />');
// }
}
if ($this->documentIdentifier == $this->config['error_page'] && $this->config['error_page'] != $this->config['site_start']) {
header('HTTP/1.0 404 Not Found');
}
register_shutdown_function(array(&$this, "postProcess"));
// tell PHP to call postProcess when it shuts down
$this->outputContent();
//$this->postProcess();
}
function prepareResponse()
{
// we now know the method and identifier, let's check the cache
$this->documentContent = $this->checkCache($this->documentIdentifier);
if ($this->documentContent != '') {
$this->invokeEvent('OnLoadWebPageCache');
// invoke OnLoadWebPageCache event
} else {
// get document object
$this->documentObject = $this->getDocumentObject($this->documentMethod, $this->documentIdentifier);
// validation routines
if ($this->documentObject['deleted'] == 1) {
if ($this->http_status_code == '200') {
$this->sendErrorPage();
}
}
// && !$this->checkPreview()
if ($this->documentObject['published'] == 0) {
// Can't view unpublished pages
if (!$this->hasPermission('view_unpublished')) {
if ($this->http_status_code == '200') {
$this->sendErrorPage();
}
} else {
// Inculde the necessary files to check document permissions
include_once $this->config['base_path'] . 'manager/processors/user_documents_permissions.class.php';
$udperms = new udperms();
$udperms->user = $this->getLoginUserID();
$udperms->document = $this->documentIdentifier;
$udperms->role = $_SESSION['mgrRole'];
// Doesn't have access to this document
if (!$udperms->checkPermissions()) {
if ($this->http_status_code == '200') {
$this->sendErrorPage();
}
}
}
}
// check whether it's a reference
if ($this->documentObject['type'] == 'reference') {
if (preg_match('@^[0-9]+$@', $this->documentObject['content'])) {
// if it's a bare document id
$this->documentObject['content'] = $this->makeUrl($this->documentObject['content']);
}
$this->documentObject['content'] = $this->parseDocumentSource($this->documentObject['content']);
$this->sendRedirect($this->documentObject['content'], 0, '', 'HTTP/1.0 301 Moved Permanently');
}
// check if we should not hit this document
if ($this->documentObject['donthit'] == 1) {
$this->config['track_visitors'] = 0;
}
// get the template and start parsing!
if (!$this->documentObject['template']) {
$this->documentContent = '[*content*]';
// use blank template
} else {
$rs = $this->db->select('content', '[+prefix+]site_templates', "id = '{$this->documentObject['template']}'");
$rowCount = $this->db->getRecordCount($rs);
if ($rowCount > 1) {
$this->messageQuit('Incorrect number of templates returned from database');
} elseif ($rowCount == 1) {
$row = $this->db->getRow($rs);
$this->documentContent = $row['content'];
} else {
$this->messageQuit('Template does not exist. Or it was deleted.');
}
}
// invoke OnLoadWebDocument event
$this->invokeEvent('OnLoadWebDocument');
// Parse document source
$this->documentContent = $this->parseDocumentSource($this->documentContent);
}
if ($this->directParse == 0) {
register_shutdown_function(array(&$this, 'postProcess'));
// tell PHP to call postProcess when it shuts down
}
$result = $this->outputContent();
return $result;
}
public function can_save_here()
{
if( $this->modx->config['use_udperms'] != 1) {
return true;
}
include_once MODX_BASE_PATH . 'manager/processors/user_documents_permissions.class.php';
$udperms = new udperms;
$udperms->user = $this->get_user_id();
$udperms->document = $this->fields['parent'];
$udperms->role = $this->get_user_role();
if( $udperms->checkPermissions() ) {
return true;
} else {
$language = sprintf($this->_lang['access_permission_parent_denied'], $this->fields['id'], $this->fields['alias']);
$this->web_alert_error($language, $this->fields['id'], 'can_save_here');
}
}
