/**
* Removes a non-generic fieldset from a given document type.
*
* (Generic fieldsets are made available to and are required for all
* (subsequent) documents. Non-generic fieldsets are made available
* to and are required for all (subsequent) documents that have a
* particular document type.)
*/
function removeSetsFromDocumentType($oDocumentType, $aFieldsets)
{
if (is_object($oDocumentType)) {
$iDocumentTypeId = $oDocumentType->getId();
} else {
$iDocumentTypeId = $oDocumentType;
}
if (!is_array($aFieldsets)) {
$aFieldsets = array($aFieldsets);
}
if (empty($aFieldsets)) {
return true;
}
$aIds = array();
foreach ($aFieldsets as $oFieldset) {
if (is_object($oFieldset)) {
$iFieldsetId = $oFieldset->getId();
} else {
$iFieldsetId = $oFieldset;
}
$aIds[] = $iFieldsetId;
}
// Converts to (?, ?, ?) for query
$sParam = DBUtil::paramArray($aIds);
$aWhere = KTUtil::whereToString(array(array('document_type_id = ?', array($iDocumentTypeId)), array("fieldset_id IN ({$sParam})", $aIds)));
$sTable = KTUtil::getTableName('document_type_fieldsets');
$aQuery = array("DELETE FROM {$sTable} WHERE {$aWhere[0]}", $aWhere[1]);
return DBUtil::runQuery($aQuery);
}
function setEnabled($aIds)
{
$sTable = KTPluginEntity::_table();
$sIds = DBUtil::paramArray($aIds);
$sQuery = sprintf('UPDATE %s SET disabled = 1 WHERE id NOT IN (%s)', $sTable, $sIds);
DBUtil::runQuery(array($sQuery, $aIds));
$sQuery = sprintf('UPDATE %s SET disabled = 0 WHERE id IN (%s)', $sTable, $sIds);
DBUtil::runQuery(array($sQuery, $aIds));
KTPluginEntity::clearAllCaches();
}
function delete($oStartFolder, $oUser, $sReason, $aOptions = null, $bulk_action = false)
{
require_once KT_LIB_DIR . '/unitmanagement/Unit.inc';
$oPerm = KTPermission::getByName('ktcore.permissions.delete');
$bIgnorePermissions = KTUtil::arrayGet($aOptions, 'ignore_permissions');
$aFolderIds = array();
// of oFolder
$aDocuments = array();
// of oDocument
$aFailedDocuments = array();
// of String
$aFailedFolders = array();
// of String
$aRemainingFolders = array($oStartFolder->getId());
DBUtil::startTransaction();
while (!empty($aRemainingFolders)) {
$iFolderId = array_pop($aRemainingFolders);
$oFolder = Folder::get($iFolderId);
if (PEAR::isError($oFolder) || $oFolder == false) {
DBUtil::rollback();
return PEAR::raiseError(sprintf(_kt('Failure resolving child folder with id = %d.'), $iFolderId));
}
$oUnit = Unit::getByFolder($oFolder);
if (!empty($oUnit)) {
DBUtil::rollback();
return PEAR::raiseError(sprintf(_kt('Cannot remove unit folder: %s.'), $oFolder->getName()));
}
// don't just stop ... plough on.
if (!$bIgnorePermissions && !KTPermissionUtil::userHasPermissionOnItem($oUser, $oPerm, $oFolder)) {
$aFailedFolders[] = $oFolder->getName();
} else {
$aFolderIds[] = $iFolderId;
}
// child documents
$aChildDocs = Document::getList(array('folder_id = ?', array($iFolderId)));
foreach ($aChildDocs as $oDoc) {
if (!$bIgnorePermissions && $oDoc->getImmutable()) {
if (!KTBrowseUtil::inAdminMode($oUser, $oStartFolder)) {
$aFailedDocuments[] = $oDoc->getName();
continue;
}
}
if ($bIgnorePermissions || KTPermissionUtil::userHasPermissionOnItem($oUser, $oPerm, $oDoc) && $oDoc->getIsCheckedOut() == false) {
$aDocuments[] = $oDoc;
} else {
$aFailedDocuments[] = $oDoc->getName();
}
}
// child folders.
$aCFIds = Folder::getList(array('parent_id = ?', array($iFolderId)), array('ids' => true));
$aRemainingFolders = kt_array_merge($aRemainingFolders, $aCFIds);
}
// FIXME we could subdivide this to provide a per-item display (viz. bulk upload, etc.)
if (!empty($aFailedDocuments) || !empty($aFailedFolders)) {
$sFD = '';
$sFF = '';
if (!empty($aFailedDocuments)) {
$sFD = _kt('Documents: ') . implode(', ', $aFailedDocuments) . '. ';
}
if (!empty($aFailedFolders)) {
$sFF = _kt('Folders: ') . implode(', ', $aFailedFolders) . '.';
}
return PEAR::raiseError(_kt('You do not have permission to delete these items. ') . $sFD . $sFF);
}
// now we can go ahead.
foreach ($aDocuments as $oDocument) {
$res = KTDocumentUtil::delete($oDocument, $sReason);
if (PEAR::isError($res)) {
DBUtil::rollback();
return PEAR::raiseError(_kt('Delete Aborted. Unexpected failure to delete document: ') . $oDocument->getName() . $res->getMessage());
}
}
$oStorage =& KTStorageManagerUtil::getSingleton();
$oStorage->removeFolderTree($oStartFolder);
// Check for symbolic links to the folder and its sub folders
$aSymlinks = array();
foreach ($aFolderIds as $iFolder) {
$oFolder = Folder::get($iFolder);
$aLinks = $oFolder->getSymbolicLinks();
$aSymlinks = array_merge($aSymlinks, $aLinks);
}
// documents all cleared.
$sQuery = 'DELETE FROM ' . KTUtil::getTableName('folders') . ' WHERE id IN (' . DBUtil::paramArray($aFolderIds) . ')';
$aParams = $aFolderIds;
$res = DBUtil::runQuery(array($sQuery, $aParams));
if (PEAR::isError($res)) {
DBUtil::rollback();
return PEAR::raiseError(_kt('Failure deleting folders.'));
}
// now that the folder has been deleted we delete all the shortcuts
if (!empty($aSymlinks)) {
$links = array();
foreach ($aSymlinks as $link) {
$links[] = $link['id'];
}
$linkIds = implode(',', $links);
$query = "DELETE FROM folders WHERE id IN ({$linkIds})";
DBUtil::runQuery($query);
}
/*
foreach($aSymlinks as $aSymlink){
KTFolderUtil::deleteSymbolicLink($aSymlink['id']);
}
*/
// purge caches
KTEntityUtil::clearAllCaches('Folder');
// and store
DBUtil::commit();
return true;
}
/**
* Generates the necessary joins and where clause and parameters to
* ensure that all the documents returns are accessible to the user
* given for the permission listed.
*
* Returns a list of the following elements:
* - String representing the where clause
* - Array of parameters that go with the where clause
* - String with the SQL necessary to join with the tables in the
* where clause
*/
function permissionToSQL($oUser, $sPermissionName, $sItemTableName = "D")
{
if (is_null($oUser)) {
return array("", array(), "");
}
if (is_null($sPermissionName)) {
$sPermissionName = 'ktcore.permissions.read';
}
$oPermission =& KTPermission::getByName($sPermissionName);
$sPermissionLookupsTable = KTUtil::getTableName('permission_lookups');
$sPermissionLookupAssignmentsTable = KTUtil::getTableName('permission_lookup_assignments');
$sPermissionDescriptorsTable = KTUtil::getTableName('permission_descriptors');
$sJoinSQL = "\n INNER JOIN {$sPermissionLookupsTable} AS PL ON {$sItemTableName}.permission_lookup_id = PL.id\n INNER JOIN {$sPermissionLookupAssignmentsTable} AS PLA ON PL.id = PLA.permission_lookup_id AND PLA.permission_id = ?\n ";
$aPermissionDescriptors = KTPermissionUtil::getPermissionDescriptorsForUser($oUser);
if (count($aPermissionDescriptors) === 0) {
return PEAR::raiseError(_kt('You have no permissions'));
}
$sPermissionDescriptors = DBUtil::paramArray($aPermissionDescriptors);
$sSQLString = "PLA.permission_descriptor_id IN ({$sPermissionDescriptors})";
$aParams = array($oPermission->getId());
$aParams = kt_array_merge($aParams, $aPermissionDescriptors);
return array($sSQLString, $aParams, $sJoinSQL);
}
/**
* Finds folders that aren't reachable by the user but to which the
* user has read permissions.
*
* Returns an array of Folder objects.
*/
function getBrowseableFolders($oUser)
{
$aPermissionDescriptors = KTPermissionUtil::getPermissionDescriptorsForUser($oUser);
if (empty($aPermissionDescriptors)) {
return array();
}
$sPermissionDescriptors = DBUtil::paramArray($aPermissionDescriptors);
$oPermission = KTPermission::getByName('ktcore.permissions.read');
$oPermission2 = KTPermission::getByName('ktcore.permissions.folder_details');
$aPermissionIds = array($oPermission->getId(), $oPermission->getId(), $oPermission2->getId(), $oPermission2->getId());
$sFoldersTable = KTUtil::getTableName('folders');
$sPLTable = KTUtil::getTableName('permission_lookups');
$sPLATable = KTUtil::getTableName('permission_lookup_assignments');
$sQuery = "SELECT DISTINCT F.id AS id FROM\n {$sFoldersTable} AS F\n LEFT JOIN {$sPLTable} AS PL ON F.permission_lookup_id = PL.id\n LEFT JOIN {$sPLATable} AS PLA ON PLA.permission_lookup_id = PL.id AND (PLA.permission_id = ? || PLA.permission_id = ?)\n\n LEFT JOIN {$sFoldersTable} AS F2 ON F.parent_id = F2.id\n LEFT JOIN {$sPLTable} AS PL2 ON F2.permission_lookup_id = PL2.id\n LEFT JOIN {$sPLATable} AS PLA2 ON PLA2.permission_lookup_id = PL2.id AND (PLA2.permission_id = ? || PLA.permission_id = ?)\n WHERE\n PLA.permission_descriptor_id IN ({$sPermissionDescriptors})\n AND F2.id <> 1\n AND NOT (PLA2.permission_descriptor_id IN ({$sPermissionDescriptors}))";
$aParams = kt_array_merge($aPermissionIds, $aPermissionDescriptors, $aPermissionDescriptors);
$res = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'id');
if (PEAR::isError($res)) {
return $res;
}
$aFolders = array();
foreach ($res as $iFolderId) {
$aFolders[] = Folder::get($iFolderId);
}
return $aFolders;
}
function &getByUsers($aUsers, $aOptions = null)
{
$sTable = KTUtil::getTableName('permission_descriptor_users');
if (is_null($aOptions)) {
$aOptions = array();
}
if (count($aUsers) === 0) {
return array();
}
$ids = KTUtil::arrayGet($aOptions, 'ids');
$aUserIDs = array();
foreach ($aUsers as $oUser) {
if (is_numeric($oUser)) {
$aUserIDs[] = $oUser;
} else {
$aUserIDs[] = $oUser->getID();
}
}
$sUserIDs = DBUtil::paramArray($aUserIDs);
$sQuery = "SELECT DISTINCT descriptor_id FROM {$sTable} WHERE user_id IN ( {$sUserIDs} )";
$aParams = $aUserIDs;
$aIDs = DBUtil::getResultArrayKey(array($sQuery, $aParams), 'descriptor_id');
$aRet = array();
foreach ($aIDs as $iID) {
if ($ids === true) {
$aRet[] = $iID;
} else {
$aRet[] =& KTPermissionDescriptor::get($iID);
}
}
return $aRet;
}
function getMembershipReason($oUser, $oGroup)
{
$aGroupArray = GroupUtil::buildGroupArray();
// short circuit
if ($oGroup->hasMember($oUser)) {
return sprintf(_kt('%s is a direct member.'), $oUser->getName());
}
$aSubgroups = (array) $aGroupArray[$oGroup->getId()];
if (empty($aSubgroups)) {
return null;
// not a member, no subgroups.
}
$sTable = KTUtil::getTableName('users_groups');
$sQuery = 'SELECT group_id FROM ' . $sTable . ' WHERE user_id = ? AND group_id IN (' . DBUtil::paramArray($aSubgroups) . ')';
$aParams = array($oUser->getId());
$aParams = kt_array_merge($aParams, $aSubgroups);
$res = DBUtil::getOneResult(array($sQuery, $aParams));
if (PEAR::isError($res)) {
return $res;
} else {
if (is_null($res)) {
return null;
// not a member
}
}
// else {
$oSubgroup = Group::get($res['group_id']);
if (PEAR::isError($oSubgroup)) {
return $oSubgroup;
}
return sprintf(_kt('%s is a member of %s'), $oUser->getName(), $oSubgroup->getName());
// could be error, but errors are caught.
// }
}
function deleteByCondition($oCondition)
{
$iConditionId = KTUtil::getId($oCondition);
$sTable = KTUtil::getTableName('permission_dynamic_conditions');
$sAssignmentsTable = KTUtil::getTableName('permission_dynamic_assignments');
$aQuery = array(sprintf('SELECT id FROM %s WHERE condition_id = ?', $sTable), array($iConditionId));
$aIds = DBUtil::getResultArrayKey($aQuery, 'id');
$sParam = DBUtil::paramArray($aIds);
$aAssignmentQuery = array(sprintf('DELETE FROM %s WHERE dynamic_condition_id IN (%s)', $sAssignmentsTable, $sParam), $aIds);
DBUtil::runQuery($aAssignmentQuery);
$aConditionQuery = array(sprintf('DELETE FROM %s WHERE id IN (%s)', $sTable, $sParam), $aIds);
DBUtil::runQuery($aAssignmentQuery);
return;
}
function do_changeToSimple()
{
$this->startTransaction();
$oFieldset =& $this->oValidator->validateFieldset($_REQUEST['fFieldsetId']);
$oFieldset->setIsComplex(false);
$res = $oFieldset->update();
$this->oValidator->notError($res, array('redirect_to' => array('manageConditional', 'fFieldsetId=' . $oFieldset->getId()), 'message' => _kt('Error changing to simple')));
$aFields = DocumentField::getByFieldset($oFieldset);
if (!empty($aFields)) {
$aFieldIds = array();
foreach ($aFields as $oField) {
$aFieldIds[] = $oField->getId();
}
// value instances
$sTable = KTUtil::getTableName('field_value_instances');
$aQuery = array("DELETE FROM {$sTable} WHERE field_id IN (" . DBUtil::paramArray($aFieldIds) . ")", $aFieldIds);
$res = DBUtil::runQuery($aQuery);
//$this->addInfoMessage('value instances: ' . print_r($res, true));
// behaviours
$sTable = KTUtil::getTableName('field_behaviours');
$aQuery = array("DELETE FROM {$sTable} WHERE field_id IN (" . DBUtil::paramArray($aFieldIds) . ")", $aFieldIds);
$res = DBUtil::runQuery($aQuery);
//$this->addInfoMessage('behaviours: ' . print_r($res, true));
}
$this->oValidator->notError($res, array('redirect_to' => array('manageConditional', 'fFieldsetId=' . $oFieldset->getId()), 'message' => _kt('Error changing to simple')));
KTEntityUtil::clearAllCaches('KTFieldBehaviour');
KTEntityUtil::clearAllCaches('KTValueInstance');
$this->commitTransaction();
$this->addInfoMessage(_kt('Changed to simple'));
redirect($this->sParentUrl);
exit(0);
}
