/** * Do the edit form for a record. * * @param Content $content A content record * @param array $contentType The contenttype data * @param boolean $duplicate If TRUE create a duplicate record * * @return array */ public function action(Content $content, array $contentType, $duplicate) { $contentTypeSlug = $contentType['slug']; $new = $content->getId() === null ?: false; $oldStatus = $content->getStatus(); $allStatuses = ['published', 'held', 'draft', 'timed']; $allowedStatuses = []; foreach ($allStatuses as $status) { if ($this->users->isContentStatusTransitionAllowed($oldStatus, $status, $contentTypeSlug, $content->getId())) { $allowedStatuses[] = $status; } } // For duplicating a record, clear base field values. if ($duplicate) { $content->setId(''); $content->setSlug(''); $content->setDatecreated(''); $content->setDatepublish(''); $content->setDatedepublish(null); $content->setDatechanged(''); $content->setUsername(''); $content->setOwnerid(''); $this->loggerFlash->info(Trans::__('contenttypes.generic.duplicated-finalize', ['%contenttype%' => $contentTypeSlug])); } // Set the users and the current owner of this content. if ($new || $duplicate) { // For brand-new and duplicated items, the creator becomes the owner. $contentowner = $this->users->getCurrentUser(); } else { // For existing items, we'll just keep the current owner. $contentowner = $this->users->getUser($content->getOwnerid()); } // Build list of incoming non inverted related records. $incomingNotInverted = []; foreach ($content->getRelation()->incoming($content) as $relation) { if ($relation->isInverted()) { continue; } $fromContentType = $relation->getFromContenttype(); $record = $this->em->getContent($fromContentType . '/' . $relation->getFromId()); if ($record) { $incomingNotInverted[$fromContentType][] = $record; } } // Test write access for uploadable fields. $contentType['fields'] = $this->setCanUpload($contentType['fields']); $templateFields = $content->getTemplatefields(); if ($templateFields instanceof TemplateFields && ($templateFieldsData = $templateFields->getContenttype()->getFields())) { $templateFields->getContenttype()['fields'] = $this->setCanUpload($templateFields->getContenttype()->getFields()); } // Build context for Twig. $contextCan = ['upload' => $this->users->isAllowed('files:uploads'), 'publish' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':publish:' . $content->getId()), 'depublish' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':depublish:' . $content->getId()), 'change_ownership' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':change-ownership:' . $content->getId())]; $contextHas = ['incoming_relations' => count($incomingNotInverted) > 0, 'relations' => isset($contentType['relations']), 'tabs' => $contentType['groups'] !== false, 'taxonomy' => isset($contentType['taxonomy']), 'templatefields' => empty($templateFieldsData) ? false : true]; $contextValues = ['datepublish' => $this->getPublishingDate($content->getDatepublish(), true), 'datedepublish' => $this->getPublishingDate($content->getDatedepublish())]; $context = ['incoming_not_inv' => $incomingNotInverted, 'contenttype' => $contentType, 'content' => $content, 'allowed_status' => $allowedStatuses, 'contentowner' => $contentowner, 'fields' => $this->config->fields->fields(), 'fieldtemplates' => $this->getTemplateFieldTemplates($contentType, $content), 'fieldtypes' => $this->getUsedFieldtypes($contentType, $content, $contextHas), 'groups' => $this->createGroupTabs($contentType, $contextHas), 'can' => $contextCan, 'has' => $contextHas, 'values' => $contextValues, 'relations_list' => $this->getRelationsList($contentType)]; return $context; }
/** * Do the edit form for a record. * * @param Content $content A content record * @param array $contenttype The contenttype data * @param boolean $duplicate If TRUE create a duplicate record * * @return array */ public function handleEditRequest(Content $content, array $contenttype, $duplicate) { $contenttypeSlug = $contenttype['slug']; $new = $content->getId() === null ?: false; $oldStatus = $content->getStatus(); $allStatuses = ['published', 'held', 'draft', 'timed']; $allowedStatuses = []; foreach ($allStatuses as $status) { if ($this->app['users']->isContentStatusTransitionAllowed($oldStatus, $status, $contenttypeSlug, $content->getId())) { $allowedStatuses[] = $status; } } // For duplicating a record, clear base field values. if ($duplicate) { $content->setId(''); $content->setSlug(''); $content->setDatecreated(''); $content->setDatepublish(''); $content->setDatedepublish(null); $content->setDatechanged(''); $content->setUsername(''); $content->setOwnerid(''); $this->app['logger.flash']->info(Trans::__('contenttypes.generic.duplicated-finalize', ['%contenttype%' => $contenttypeSlug])); } // Set the users and the current owner of this content. if ($new || $duplicate) { // For brand-new and duplicated items, the creator becomes the owner. $contentowner = $this->app['users']->getCurrentUser(); } else { // For existing items, we'll just keep the current owner. $contentowner = $this->app['users']->getUser($content->getOwnerid()); } // Test write access for uploadable fields. $contenttype['fields'] = $this->setCanUpload($contenttype['fields']); if ($templatefields = $content->getTemplatefields()) { $this->setCanUpload($templatefields->getContenttype()); } // Build context for Twig. $contextCan = ['upload' => $this->app['users']->isAllowed('files:uploads'), 'publish' => $this->app['users']->isAllowed('contenttype:' . $contenttypeSlug . ':publish:' . $content->getId()), 'depublish' => $this->app['users']->isAllowed('contenttype:' . $contenttypeSlug . ':depublish:' . $content->getId()), 'change_ownership' => $this->app['users']->isAllowed('contenttype:' . $contenttypeSlug . ':change-ownership:' . $content->getId())]; $contextHas = ['incoming_relations' => is_array($content->relation), 'relations' => isset($contenttype['relations']), 'tabs' => $contenttype['groups'] !== false, 'taxonomy' => isset($contenttype['taxonomy']), 'templatefields' => $templatefields ? true : false]; $contextValues = ['datepublish' => $this->getPublishingDate($content->getDatepublish(), true), 'datedepublish' => $this->getPublishingDate($content->getDatedepublish())]; $context = ['contenttype' => $contenttype, 'content' => $content, 'allowed_status' => $allowedStatuses, 'contentowner' => $contentowner, 'fields' => $this->app['config']->fields->fields(), 'fieldtemplates' => $this->getTempateFieldTemplates($contenttype, $content), 'fieldtypes' => $this->getUsedFieldtypes($contenttype, $content, $contextHas), 'groups' => $this->createGroupTabs($contenttype, $contextHas), 'can' => $contextCan, 'has' => $contextHas, 'values' => $contextValues, 'relations_list' => $this->getRelationsList($contenttype)]; return $context; }
/** * Set a Contenttype record values from a HTTP POST. * * @param Entity\Content $content * @param array $formValues * @param array $contentType * * @throws AccessControlException */ private function setPostedValues(Entity\Content $content, $formValues, $contentType) { // Ensure all fields have valid values $formValues = $this->setSuccessfulControlValues($formValues, $contentType['fields']); $formValues = Input::cleanPostedData($formValues); unset($formValues['contenttype']); $user = $this->users->getCurrentUser(); if ($id = $content->getId()) { // Owner is set explicitly, is current user is allowed to do this? if (isset($formValues['ownerid']) && (int) $formValues['ownerid'] !== $content->getOwnerid()) { if (!$this->users->isAllowed("contenttype:{$contentType['slug']}:change-ownership:{$id}")) { throw new AccessControlException('Changing ownership is not allowed.'); } $content->setOwnerid($formValues['ownerid']); } } else { $content->setOwnerid($user['id']); } // Make sure we have a proper status. if (!in_array($formValues['status'], ['published', 'timed', 'held', 'draft'])) { if ($status = $content->getStatus()) { $formValues['status'] = $status; } else { $formValues['status'] = 'draft'; } } // Set the object values appropriately foreach ($formValues as $name => $value) { if ($name === 'relation') { $this->setPostedRelations($content, $formValues); } elseif ($name === 'taxonomy') { $this->setPostedTaxonomies($content, $formValues); } else { $content->set($name, empty($value) ? null : $value); } } }
/** * Transition a record's owner if permitted. * * @param Content $entity * @param integer $ownerId */ protected function transistionRecordOwner(Content $entity, $ownerId) { $recordId = $entity->getId(); $contentTypeName = (string) $entity->getContenttype(); $canChangeOwner = $this->users->isAllowed("contenttype:{$contentTypeName}:change-ownership:{$recordId}"); if (!$canChangeOwner) { $this->loggerFlash->error(Trans::__('general.access-denied.content-not-modified', ['%title%' => $entity->getTitle()])); return; } $entity->setOwnerid($ownerId); $entity->_modified = true; }
/** * Identifies which relations are incoming to the given entity * * @param Entity\Content $entity * * @return mixed */ public function incoming(Entity\Content $entity) { return $this->filter(function ($el) use($entity) { /** @var Entity\Relations $el */ return $el->getToContenttype() == (string) $entity->getContenttype() && $el->getToId() === $entity->getId(); }); }