/** * @param array $treeNodes * @return OTreeNode|int * @throws \Exception */ public function getView($treeNodes) { $bright = new Bright(); $tree = new Tree(); $cal = new Calendar(); $maps = new Maps(); $user = new User(); $root = $bright->getRoot(); $numTreeNodes = count($treeNodes); $groups = array(); if ($numTreeNodes > 0) { $child = $root; //new OTreeNode(); for ($i = 0; $i < $numTreeNodes; $i++) { // Check if an alternative parser is required if ($child && isset($child->parser) && (int) $child->parser > 1) { $child->parser = (int) $child->parser; switch ($child->parser) { case Router::$CALENDAR_PARSER: // Must be last item if ($i < $numTreeNodes - 1) { return 404; } $event = $cal->getEventByLabel($treeNodes[$i]); if (!$event) { return 404; } $c = new OTreeNode(); $c->treeId = $child->treeId; $c->page = $event; $c->path = join('/', $treeNodes); return $c; break; case Router::$MARKER_PARSER: // Must be last item if ($i < $numTreeNodes - 1) { return 404; } $marker = $maps->getMarkerByLabel($treeNodes[$i]); if (!$marker) { return 404; } $result = new OTreeNode(); $result->parentId = $child->treeId; $result->page = $marker; $result->path = join('/', $treeNodes); return $result; break; case Router::$USER_PARSER: $userPage = $user->getUserByLabel($treeNodes[$i]); if (!$userPage) { return 404; } $child = new OTreeNode(); $child->page = $userPage; $child->path = join('/', $treeNodes); return $child; break; } } else { $child = $tree->getChildByLabel($child->treeId, $treeNodes[$i]); } if (!$child) { return 404; } if ($child->loginrequired) { $groups = array_merge($groups, $child->requiredgroups); } } // Check if we're member of the required groups $hasAccess = true; if (count($groups) > 0) { $authenticatedUser = $user->getAuthUser(); if ($authenticatedUser) { $missing = array_diff($groups, $authenticatedUser->usergroups); if (count($missing) > 0) { //insufficient rights $hasAccess = false; } } else { $hasAccess = false; } } if ($hasAccess === false) { // Redirect to login $path = BASEURL; $path .= USEPREFIX ? $_SESSION['prefix'] : ''; $path .= LOGINPAGE; // Include treeId, so we can redirect back when login successful header('Location:' . $path . '?tid=' . $child->treeId); exit; } // Build path (no need to get it from the db, we just checked it, it exists :D) $child = $bright->getChild($child->treeId); $child->path = join('/', $treeNodes); return $child; } //ROOT return $root; }
/** * Removes a user from the given group * @since 1.5 * @param int $userId the Id of the user * @param int $groupId the Id of the group * @return bool * @throws \Exception */ public function removeUserFromGroup($userId, $groupId) { // No permissions required, // First we have to find a way to gracefully by-pass // the authentication system, to allow apps to manage // users. // if(!$this -> IS_AUTH) // throw $this -> throwException(Exceptions::NO_USER_AUTH); // if(!$this -> MANAGE_USER) // throw $this -> throwException(Exceptions::MISSING_PERMISSION_USER); if (!is_numeric($userId)) { throw $this->throwException(ParameterException::INTEGER_EXCEPTION); } if (!is_numeric($groupId)) { throw $this->throwException(ParameterException::INTEGER_EXCEPTION); } $c = new Cache(); $c->deleteCacheByPrefix('user'); $sql = "DELETE FROM `userusergroups` WHERE `groupId`={$groupId} AND `userId`={$userId}"; $res = $this->_conn->deleteRow($sql) == 1; $uc = new User(); $au = $uc->getAuthUser(); // Update session if necessary if ($au->userId == $userId) { $user = $uc->getUser($userId); $_SESSION['user'] = serialize($user); } return $res; }
/** * Returns the full navigation, both as array and as tree * @param boolean $includeAll Pages with showinnavigation set to false are also returned (default = false) * @param boolean $onlyPublished When true, unpublished pages are also returned (default = false) * @return \stdClass An object containing 'arr' (a plain array of OTreeNodes) & 'tree' (Multidimensional array) */ public function getFullNavigation($includeAll = false, $onlyPublished = false) { $cl = new User(); $where = ''; $where .= $includeAll ? '' : 'AND p.showinnavigation = 1'; $where .= !$onlyPublished ? '' : ' AND ((UNIX_TIMESTAMP(p.publicationdate) <= ' . time() . ' AND UNIX_TIMESTAMP(p.expirationdate) >= ' . time() . ') OR p.alwayspublished = 1) '; $sql = 'SELECT t.*, p.label, it.label AS `itemLabel`, it.icon AS `itemicon`, (SELECT COUNT(`treeId`) FROM tree WHERE parentId=t.treeId) AS numChildren FROM itemtypes it, tree t JOIN page p on t.pageId = p.pageId WHERE p.itemType = it.itemId ' . $where . ' ORDER BY t.parentId, t.index ASC'; // DEBUG SPEED UP!: //$sql .= ' LIMIT 0,1'; $result = $this->_conn->getRows($sql); $page = new Page(); $root = $this->getRoot(); $rootid = $root->treeId; unset($root); $root = new OTreeNode(); $treearr = array(); foreach ($result as $row) { $to = new OTreeNode(); $to->treeId = (double) $row->treeId; $to->parentId = (double) $row->parentId; $to->locked = $row->locked == 1; $to->page = $page->getPageById($row->pageId); $to->path = $this->getPath($to->treeId, $rootid); $to->shortcut = (double) $row->shortcut; $to->numChildren = (double) $row->numChildren; if ($to->numChildren > 0) { $to->children = array(); } $treearr[$to->treeId] = $to; if ($to->parentId == 0) { $root = $to; } } foreach ($treearr as $treenode) { if (array_key_exists((int) $treenode->parentId, $treearr)) { $node = $treearr[$treenode->parentId]; if (!$node->loginrequired || $cl->isLoggedIn()) { $node->children[] = $treenode; } } else { } } $retObj = new \stdClass(); $retObj->arr = $treearr; $retObj->tree = $root; return $retObj; }