private function getOutput() { if (!AnwEnv::_GET("outputname") || !AnwEnv::_GET("outputlang")) { return self::ERR_BADCALL; } $sOutput = ""; try { //fake current page $_GET[AnwActionPage::GET_PAGENAME] = AnwEnv::_GET("outputcurrent"); $sPageName = AnwEnv::_GET("outputname"); if (substr($sPageName, 0, 1) == '/') { $sPageName = substr($sPageName, 1); } $sPageLang = AnwEnv::_GET("outputlang"); //additionnal permissions check if (!AnwCurrentSession::isActionAllowed($sPageName, 'output', $sPageLang)) { return self::ERR_ACLS; } //get page execution result $bAutoLoadTranslatedPage = true; $bUseCache = false; //TODO? $sCacheKey = ""; //"currentpage-".AnwActionPage::getCurrentPageName(); $sOutput = AnWiki::includePage($sPageName, $sPageLang, $bAutoLoadTranslatedPage, $bUseCache, $sCacheKey); } catch (AnwPageNotFoundException $e) { $sOutput = self::ERR_NOTFOUND; } catch (AnwAclException $e) { $sOutput = self::ERR_ACLS; } catch (AnwException $e) { $sOutput = self::ERR_UNKNOWN; } return $sOutput; }
private function doRename($sNewName, $sComment, $bUpdateLinks) { $nTime = time(); try { if (!AnwCurrentSession::isActionAllowed($sNewName, 'create', $this->getoPage()->getLang())) { throw new AnwAclException("permission create denied"); } $oPageTest = new AnwPageByName($sNewName); $oPageTest->setSkipLoadingContent(true); if ($oPageTest->exists()) { throw new AnwPageAlreadyExistsException(); } $sOldName = $this->getoPage()->getName(); //rename page $this->getoPage()->rename($sNewName, $bUpdateLinks); //unlock $this->unlockPageForEdition(); //redirect AnwUtils::redirect(AnwUtils::link($sNewName)); } catch (AnwBadPageNameException $e) { $sError = $this->g_("err_badpagename"); $this->renameForm($sNewName, $sComment, $sError); } catch (AnwBadCommentException $e) { $sError = $this->g_("err_badcomment"); $this->renameForm($sNewName, $sComment, $sError); } catch (AnwPageAlreadyExistsException $e) { $sError = $this->g_("err_pagealreadyexists"); $this->renameForm($sNewName, $sComment, $sError); } catch (AnwAclException $e) { $sError = $this->g_("err_nopermission"); $this->renameForm($sNewName, $sComment, $sError); } }
protected function pagenotfound() { if (AnwCurrentSession::isActionAllowed($this->getoPage()->getName(), 'create', -1)) { AnwPlugins::hook('action_view_pagenotfound_create', $this->getoPage()); AnwUtils::redirect(AnwUtils::link($this->getoPage(), "create")); } else { AnwPlugins::hook('action_view_pagenotfound_404', $this->getoPage()); $this->error404(); } }
private function saveTranslation() { try { $asAvailableLangs = $this->getoPage()->getPageGroup()->getAvailableLangs(); //check permissions : translate foreach ($asAvailableLangs as $sLang) { if (AnwEnv::_POST($this->getChkName($sLang))) { $sTranslationName = AnwEnv::_POST($this->getInputName($sLang), ""); if (!AnwCurrentSession::isActionAllowed($sTranslationName, 'translate', $sLang)) { throw new AnwAclException("permission translate denied"); } } } $oPageTranslation = null; AnwStorage::transactionStart(); try { foreach ($asAvailableLangs as $sLang) { if (AnwEnv::_POST($this->getChkName($sLang))) { $sTranslationName = AnwEnv::_POST($this->getInputName($sLang), ""); //create translation $oPageTranslation = $this->getoPage()->createNewTranslation($sTranslationName, $sLang); } } AnwStorage::transactionCommit(); } catch (AnwException $e) { AnwStorage::transactionRollback(); throw $e; } if ($oPageTranslation) { // redirect to last created translation AnwUtils::redirect(AnwUtils::link($oPageTranslation)); } else { // no translation was created, show form again $this->showForm(); } } catch (AnwBadPageNameException $e) { $this->showForm($this->g_("err_badpagename")); } catch (AnwBadLangException $e) { $this->showForm($this->g_("err_badlang")); } catch (AnwPageAlreadyExistsException $e) { $this->showForm($this->g_("err_pagealreadyexists")); } catch (AnwAclException $e) { $this->showForm($this->g_("err_nopermission")); } catch (AnwLangExistsForPageGroupException $e) { $this->showForm($this->g_("err_langexistsforpagegroup")); } }
static function includePage($sPageName, $sCurrentLang, $bAutoLoadTranslatedPage = true, $bUseCache = true, $sCacheKey = "") { //$oPage = new AnwPageByName($sPageName); $oPage = AnwStorage::getPageByName($sPageName, false, false, $sCurrentLang); //load translation if available if ($bAutoLoadTranslatedPage && $oPage->getLang() != $sCurrentLang) { $oPage = $oPage->getPageGroup()->getPreferedPage($sCurrentLang); } //check ACL if (!AnwCurrentSession::isActionAllowed($oPage->getName(), 'view', $oPage->getLang())) { throw new AnwAclException(); } $oOutputHtml = $oPage->toHtml($bUseCache, $sCacheKey); $sReturn = $oOutputHtml->runBody(); //$sContentHtmlDir = AnwComponent::g_("local_html_dir", array(), $oPage->getLang()); //$sReturn = '<div dir="'.$sContentHtmlDir.'">'.$sReturn.'</div>'; return $sReturn; }
private function doChangeLang($sLang, $sComment) { try { if (!AnwCurrentSession::isActionAllowed($this->getoPage()->getName(), 'create', $sLang)) { throw new AnwAclException("permission create denied"); } //change page lang $this->getoPage()->changeLang($sLang, $sComment); //unlock $this->unlockPageForEdition(); //redirect AnwUtils::redirect(AnwUtils::link($this->getoPage())); } catch (AnwBadLangException $e) { $sError = $this->g_("err_badlang"); $this->changeLangForm($sLang, $sComment, $sError); } catch (AnwBadCommentException $e) { $sError = $this->g_("err_badcomment"); $this->changeLangForm($sLang, $sComment, $sError); } catch (AnwLangExistsForPageGroupException $e) { $sError = $this->g_("err_langexistsforpagegroup"); $this->changeLangForm($sLang, $sComment, $sError); } }
protected function filterLangs($asRequiredActionsAcls = array(), $bCheckAllByDefault = false) { $asAllLangs = self::globalCfgLangs(); $asDisplayLangs = array(); foreach ($asAllLangs as $i => $sLang) { //check ACLs $bAuthorized = true; foreach ($asRequiredActionsAcls as $sAction) { if (!AnwCurrentSession::isActionAllowed(-1, $sAction, $sLang)) { $bAuthorized = false; break; } } if (!$bAuthorized) { unset($asAllLangs[$i]); } else { if (AnwEnv::_GET("lg_" . $sLang)) { $asDisplayLangs[] = $sLang; } } } //always check at least the default language if (!$bCheckAllByDefault && count($asDisplayLangs) == 0) { $asDisplayLangs[] = self::globalCfgLangDefault(); //when sDisplayLangs is empty, all checkbox are be checked } return array($asAllLangs, $asDisplayLangs); }
private function exportProcess($anExportPages) { //prepare an array of pages to be exported $aaExportPageGroups = array(); $aoPageGroups = AnwStorage::getPageGroups(); foreach ($aoPageGroups as $oPageGroup) { $bPageExported = false; $aoExportPages = array(); $aoTranslations = $oPageGroup->getPages(); foreach ($aoTranslations as $oPage) { $bExportDisabled = false; //check that page has been checked for export if (in_array($oPage->getId(), $anExportPages)) { //check PHP permission if ($oPage->hasPhpCode() && !AnwCurrentSession::getUser()->isPhpEditionAllowed()) { $bExportDisabled = true; } //check ACL permission if (!AnwCurrentSession::isActionAllowed($oPage->getName(), "export", $oPage->getLang())) { $bExportDisabled = true; } //add page to pagegroup export array if (!$bExportDisabled) { $aoExportPages[] = $oPage; $bPageExported = true; } } } //add pagegroup to export array if ($bPageExported) { $aaExportPageGroups[] = array("GROUP" => $oPageGroup, "PAGES" => $aoExportPages); } } //export now $sExportData = $this->exportData($aaExportPageGroups); //output as a file $this->out = $sExportData; $sBackupDate = str_replace('/', '-', Anwi18n::date(time())); $sBackupDate .= '-' . date("H") . date("i") . date("s"); $this->printOutputDownload("wiki-" . $sBackupDate . ".xml"); }
function run() { //get a page history ? $oPage = null; $oPageGroup = null; $oPageGroup = $this->getPageGroupForHistory(); if (!$oPageGroup) { // did we requested a page history? $oPage = $this->getPageForHistory(); } //page title if ($oPage) { $sTitle = $this->t_("history_t", array("pagename" => $oPage->getName())); } else { if ($oPageGroup) { $sTitle = $this->t_("history_pagegroup_t", array("pagegroupid" => $oPageGroup->getId())); } else { $sTitle = $this->t_("title"); } } $this->setTitle($sTitle); //filter change types $amAllChangeTypes = AnwChange::getChangeTypes(); $amDisplayChangeTypes = array(); foreach ($amAllChangeTypes as $mChangeType) { if (AnwEnv::_GET("ct_" . $mChangeType)) { $amDisplayChangeTypes[] = $mChangeType; } } if (count($amDisplayChangeTypes) == 0) { $amDisplayChangeTypes = $amAllChangeTypes; if (!$oPage) { $amDisplayChangeTypes = AnwUtils::array_remove($amDisplayChangeTypes, AnwChange::TYPE_PAGE_EDITION_DEPLOY); $amDisplayChangeTypes = AnwUtils::array_remove($amDisplayChangeTypes, AnwChange::TYPE_PAGE_UPDATELINKS); } } //initialize filters list($asAllLangs, $asDisplayLangs) = $this->filterLangs(array("view"), true); list($asAllClasses, $asDisplayClasses) = $this->filterContentClasses(); $nDefaultDisplayModeGrouped = 1; //disable filters if a page is selected if ($oPage || $oPageGroup) { $asDisplayLangs = $asAllLangs; $asDisplayClasses = $asAllClasses; $nDefaultDisplayModeGrouped = 0; //show in detailled mode by default } //display mode $bGrouped = AnwEnv::_GET("fg", $nDefaultDisplayModeGrouped); //limit $nLimit = $this->cfg(self::CFG_LIMIT); if ($bGrouped) { $nLimit *= 2; } //TODO $nStart = (int) AnwEnv::_GET("s", 0); $nStartPrev = $nStart - $nLimit; $nStartNext = $nStart + $nLimit; //get last changes $aoChanges = AnwStorage::getLastChanges($nLimit, $nStart, $asDisplayLangs, $asDisplayClasses, $amDisplayChangeTypes, $oPage, $oPageGroup); if ($bGrouped) { $aoChanges = AnwSimilarChanges::groupSimilarChanges($aoChanges); } //check permissions foreach ($aoChanges as $i => $oChange) { if ($oChange->getPage() && !$oChange->getPage()->isActionAllowed("view") || !AnwCurrentSession::isActionAllowed($oChange->getPageName(), "view", $oChange->getPageLang())) { unset($aoChanges[$i]); } } if (AnwEnv::_GET("feed")) { $this->showFeed($aoChanges); } else { $this->showHtml($aoChanges, $amAllChangeTypes, $amDisplayChangeTypes, $asAllLangs, $asDisplayLangs, $asAllClasses, $asDisplayClasses, $nStartPrev, $nStartNext, $sTitle, $bGrouped, $oPage, $oPageGroup); } }
private function createPageProcess($sLang, $sContentClass) { $sPageName = $this->getPageName(); if (!AnwCurrentSession::isActionAllowed($sPageName, 'create', $sLang)) { throw new AnwAclException("permission create denied"); } $oContentClass = AnwContentClasses::getContentClass($sContentClass); AnwStorage::transactionStart(); try { //create page $oPage = AnwPage::createNewPage($oContentClass, $sPageName, $sLang); //should we create translations for this new page? $asAvailableLangs = $oPage->getPageGroup()->getAvailableLangs(); //check permissions : translate foreach ($asAvailableLangs as $sLang) { if (AnwEnv::_POST($this->getChkName($sLang))) { $sTranslationName = AnwEnv::_POST($this->getInputName($sLang), ""); if (!AnwCurrentSession::isActionAllowed($sTranslationName, 'translate', $sLang)) { throw new AnwAclException("permission translate denied"); } } } foreach ($asAvailableLangs as $sLang) { if (AnwEnv::_POST($this->getChkName($sLang))) { $sTranslationName = AnwEnv::_POST($this->getInputName($sLang), ""); //create translation $oPageTranslation = $oPage->createNewTranslation($sTranslationName, $sLang); } } AnwStorage::transactionCommit(); } catch (AnwException $e) { AnwStorage::transactionRollback(); throw $e; } AnwUtils::redirect(AnwUtils::link($oPage, "edit")); }
private function checkPermissions($sPageName, $sPageLang, $sPageContent) { $asNotices = array(); //check that page don't exist if (!AnwPage::isAvailablePageName($sPageName)) { $asNotices[] = $this->t_("notice_exists"); } //check PHP permission if (AnwUtils::contentHasPhpCode($sPageContent) && !AnwCurrentSession::getUser()->isPhpEditionAllowed()) { $asNotices[] = $this->t_("notice_php"); } //check JS permission if (AnwUtils::contentHasJsCode($sPageContent) && !AnwCurrentSession::getUser()->isJsEditionAllowed()) { $asNotices[] = $this->t_("notice_js"); } //check ACL permission : create and edit if (!AnwCurrentSession::isActionAllowed($sPageName, "create", $sPageLang) || !AnwCurrentSession::isActionAllowed($sPageName, "edit", $sPageLang)) { $asNotices[] = $this->t_("notice_acl"); } return $asNotices; }
private function saveTranslations($sAddLang) { try { if (!Anwi18n::langExists($sAddLang)) { throw new AnwBadLangException(); } $this->out .= $this->tpl()->startProcess(); $bSomethingDone = false; $aoPageGroups = AnwStorage::getPageGroups(false, null, null); AnwStorage::transactionStart(); try { foreach ($aoPageGroups as $oPageGroup) { $aoPages = $oPageGroup->getPages(); $bChecked = AnwEnv::_POST($this->getChkName($oPageGroup)); if (!isset($aoPages[$sAddLang]) && $bChecked) { $sTranslationName = AnwEnv::_POST($this->getInputName($oPageGroup)); //check permissions : translate if (!AnwCurrentSession::isActionAllowed($sTranslationName, 'translate', $sAddLang)) { throw new AnwAclException("permission translate denied"); } //find PageRef $nPageRefId = (int) AnwEnv::_POST($this->getInputRef($oPageGroup)); $oPageRef = new AnwPageById($nPageRefId); if (isset($aoPages[$oPageRef->getLang()]) && $oPageRef->getId() == $aoPages[$oPageRef->getLang()]->getId()) { //create translation $oPageTranslation = $oPageRef->createNewTranslation($sTranslationName, $sAddLang); $this->out .= $this->tpl()->newTranslationCreated($sAddLang, $oPageTranslation->link()); $bSomethingDone = true; } } } AnwStorage::transactionCommit(); } catch (AnwException $e) { AnwStorage::transactionRollback(); throw $e; } $sUrlContinue = $this->linkMe(array("addlang" => $sAddLang)); if (!$bSomethingDone) { AnwUtils::redirect($sUrlContinue); } $this->out .= $this->tpl()->endProcess($sUrlContinue); } catch (AnwBadPageNameException $e) { $this->showForm($sAddLang, $this->g_("err_badpagename")); } catch (AnwBadLangException $e) { $this->showForm($sAddLang, $this->g_("err_badlang")); } catch (AnwPageAlreadyExistsException $e) { $this->showForm($sAddLang, $this->g_("err_pagealreadyexists")); } catch (AnwAclException $e) { $this->showForm($sAddLang, $this->g_("err_nopermission")); } catch (AnwLangExistsForPageGroupException $e) { $this->showForm($sAddLang, $this->g_("err_langexistsforpagegroup")); } }
function checkActionAllowed($sAction) { // important: ask directly AnwCurrentSession, as getPage() may be null if (!AnwCurrentSession::isActionAllowed($this->getPageName(), $sAction, $this->getPageLang())) { throw new AnwAclException("permission denied on page action: " . $sAction); } }
function checkActionAllowed($sAction, $bSkipTranslatedPercentPermission = false) { if (!$bSkipTranslatedPercentPermission) { if ($sAction == 'view') { //check min translated percent and throw a special exception for distinction if (!$this->isActionAllowed('translate') && $this->getTranslatedPercent() < AnwComponent::globalCfgViewUntranslatedMinpercent()) { throw new AnwAclMinTranslatedPercentException($this->getTranslatedPercent()); } } } if (!AnwCurrentSession::isActionAllowed($this->getName(), $sAction, $this->getLang())) { throw new AnwAclException("permission denied on page action: " . $sAction); } }