public function cbModifyPages($context = NULL)
{
if (!Administration::instance()->isLoggedIn()) {
return;
}
$callback = Administration::instance()->getPageCallback();
$doc = $context['page'];
$role = Role::load(Administration::instance()->User->role_id);
// Remove items from navigation that the user has no permission to access
// Publish and Blueprints
$items = $doc->xpath("//ul[@id='nav']//li[./a[contains(@href, '/blueprints/') or contains(@href, '/publish/')]]");
foreach ($items as $element) {
$href = $element->getElementsByTagName('a')->item(0)->getAttribute('href');
if (!preg_match_all('/\\/(publish|blueprints)\\/([^\\/]+)\\//', $href, $match, PREG_SET_ORDER)) {
continue;
}
$area = $match[0][1];
$handle = $match[0][2];
if ((!isset($role->permissions()->{"{$area}::{$handle}.create"}) || $role->permissions()->{"{$area}::{$handle}.create"} < 1) && (!isset($role->permissions()->{"{$area}::{$handle}.edit"}) || $role->permissions()->{"{$area}::{$handle}.edit"} < 1)) {
$element->parentNode->removeChild($element);
}
}
// System
// Users
if ((!isset($role->permissions()->{"system::users.create"}) || $role->permissions()->{"system::users.create"} < 1) && (!isset($role->permissions()->{"system::users.edit"}) || $role->permissions()->{"system::users.edit"} < 1)) {
$users = $doc->xpath("//ul[@id='nav']//li[./a[contains(@href, '/system/users/')]]");
foreach ($users as $element) {
$element->parentNode->removeChild($element);
}
}
// TODO: Add delegate for extensions to remove navigation items based on permissions
// Remove empty navigation groups
foreach ($doc->xpath("//ul[@id='nav']/li[not(./ul/li)]") as $element) {
$element->parentNode->removeChild($element);
}
/*
// Users
if($callback['pageroot'] == '/system/users/'){
// Index
if(is_null($callback['context'])){
if(isset($role->permissions()->{"system::users.edit"}) && $role->permissions()->{"system::users.edit"} > 0){
if(isset($_POST['with-selected']) && isset($_POST['items']) && preg_match('/^aac-role::(\d+)/i', $_POST['with-selected'], $match)){
$checked = @array_keys($_POST['items']);
if(is_array($checked) && !empty($checked)){
Symphony::Database()->query(sprintf(
"UPDATE `tbl_users` SET `role_id` = %d WHERE `id` IN (%s)",
(int)$match[1],
implode(',', $checked)
));
}
}
}
// Remove the 'Create New' button if user has no 'create' privileges
if(!isset($role->permissions()->{"system::users.create"}) || $role->permissions()->{"system::users.create"} < 1){
$this->removeCreateButton($doc);
}
// Remove the 'With Selected' and row checkboxes if user has no 'edit' privileges
if(!isset($role->permissions()->{"system::users.edit"}) || $role->permissions()->{"system::users.edit"} < 1){
$this->removeFormActions($doc);
$this->removeCheckboxesFromTableRows($doc);
}
$this->modifyUsersPageIndex($context);
}
// New
elseif(isset($callback['context'][0]) && $callback['context'][0] == 'new'){
$this->modifyUsersPageNew($context);
}
// Edit
elseif(isset($callback['context'][0]) && $callback['context'][0] == 'edit'){
$this->modifyUsersPageEdit((int)$callback['context'][1], $context);
}
}
*/
// Publish
if (preg_match('/^\\/publish\\/([^\\/]+)\\/$/i', $callback['pageroot'], $match)) {
$handle = $match[1];
switch ($callback['context']['page']) {
case 'index':
// Remove the 'Create New' button if user has no 'create' privileges
if (!isset($role->permissions()->{"publish::{$handle}.create"}) || $role->permissions()->{"publish::{$handle}.create"} < 1) {
$this->removeCreateButton($doc);
}
// Remove the 'With Selected' and row checkboxes if user has no 'edit' privileges
if (!isset($role->permissions()->{"publish::{$handle}.edit"}) || $role->permissions()->{"publish::{$handle}.edit"} < 1) {
$this->removeFormActions($doc);
$this->removeCheckboxesFromTableRows($doc);
}
break;
case 'edit':
// User only has "edit own" permissions
if ($role->permissions()->{"publish::{$handle}.edit"} < 2) {
$entry = Entry::loadFromID($callback['context']['entry_id']);
if (Administration::instance()->User->id != $entry->meta()->user_id) {
$this->removeFormActions($doc);
}
}
break;
}
} elseif (preg_match('/^\\/blueprints\\/([^\\/]+)\\/$/i', $callback['pageroot'], $match)) {
$handle = $match[1];
switch ($callback['context'][0]) {
case 'index':
default:
// Remove the 'Create New' button if user has no 'create' privileges
if (!isset($role->permissions()->{"blueprints::{$handle}.create"}) || $role->permissions()->{"blueprints::{$handle}.create"} < 1) {
$this->removeCreateButton($doc);
}
// Remove the 'With Selected' and row checkboxes if user has no 'edit' privileges
if (!isset($role->permissions()->{"blueprints::{$handle}.edit"}) || $role->permissions()->{"blueprints::{$handle}.edit"} < 1) {
$this->removeWithSelected($doc);
}
break;
}
}
// TODO: Delegate for extensions to modify pages based on their own permissions
}
public function __actionEdit()
{
$callback = Administration::instance()->getPageCallback();
$entry_id = (int) $callback['context']['entry_id'];
if (@array_key_exists('save', $_POST['action']) || @array_key_exists("done", $_POST['action'])) {
$entry = Entry::loadFromID($entry_id);
$post = General::getPostData();
$fields = array();
if (isset($post['fields']) and !empty($post['fields'])) {
$fields = $post['fields'];
}
$entry->setFieldDataFromFormArray($fields);
###
# Delegate: EntryPreEdit
# Description: Just prior to editing of an Entry.
Extension::notify('EntryPreEdit', '/publish/edit/', array('entry' => &$entry));
$this->errors->flush();
$status = Entry::save($entry, $this->errors);
if ($status == Entry::STATUS_OK) {
// Check if there is a field to prepopulate
if (isset($_REQUEST['prepopulate']) && strlen(trim($_REQUEST['prepopulate'])) > 0) {
$field_handle = key($_REQUEST['prepopulate']);
$value = stripslashes(rawurldecode($_REQUEST['prepopulate'][$field_handle]));
$prepopulate_filter = "?prepopulate[{$field_handle}]=" . rawurlencode($value);
} else {
$prepopulate_filter = null;
}
###
# Delegate: EntryPostEdit
# Description: Editing an entry. Entry object is provided.
Extension::notify('EntryPostEdit', '/publish/edit/', array('entry' => $entry));
## WOOT
redirect(sprintf('%s/symphony/publish/%s/edit/%d/:saved/%s', URL, $entry->section, $entry->id, $prepopulate_filter));
}
// Oh dear
$this->entry = $entry;
$this->alerts()->append(__('An error occurred while processing this form. <a href="#error">See below for details.</a> <a class="more">Show a list of errors.</a>'), AlertStack::ERROR);
return;
} elseif (@array_key_exists('delete', $_POST['action']) && is_numeric($entry_id)) {
$callback = Administration::instance()->getPageCallback();
###
# Delegate: Delete
# Description: Prior to deleting an entry. Entry ID is provided, as an
# array to remain compatible with other Delete delegate call
Extension::notify('Delete', '/publish/', array('entry_id' => $entry_id));
Entry::delete($entry_id);
redirect(ADMIN_URL . '/publish/' . $callback['context']['section_handle'] . '/');
}
}
public function trigger(Register $ParameterOutput, array $postdata)
{
$result = new XMLDocument();
$result->appendChild($result->createElement($this->parameters()->{'root-element'}));
$root = $result->documentElement;
// Apply default values:
foreach ($this->parameters()->{'defaults'} as $name => $value) {
if (!isset($postdata['fields'][$name])) {
$postdata['fields'][$name] = $value;
} else {
if (is_string($postdata['fields'][$name]) and $postdata['fields'][$name] == '') {
$postdata['fields'][$name] = $value;
} else {
if (is_array($postdata['fields'][$name]) and empty($postdata['fields'][$name])) {
$postdata['fields'][$name] = array($value);
}
}
}
}
// Apply override values:
foreach ($this->parameters()->{'overrides'} as $name => $value) {
if (is_array($postdata['fields'][$name])) {
$postdata['fields'][$name] = array($value);
} else {
$postdata['fields'][$name] = $value;
}
}
if (isset($postdata['id'])) {
$entry = Entry::loadFromID($postdata['id']);
$type = 'edit';
} else {
$entry = new Entry();
$entry->section = $this->parameters()->{'section'};
if (isset(Frontend::instance()->User) && Frontend::instance()->User instanceof User) {
$entry->user_id = Frontend::instance()->User->id;
} else {
$entry->user_id = (int) Symphony::Database()->query("SELECT `id` FROM `tbl_users` ORDER BY `id` ASC LIMIT 1")->current()->id;
}
$type = 'create';
}
if (isset($postdata['fields']) && is_array($postdata['fields']) && !empty($postdata['fields'])) {
$entry->setFieldDataFromFormArray($postdata['fields']);
}
$root->setAttribute('type', $type);
###
# Delegate: EntryPreCreate
# Description: Just prior to creation of an Entry. Entry object provided
Extension::notify('EntryPreCreate', '/frontend/', array('entry' => &$entry));
$errors = new MessageStack();
$status = Entry::save($entry, $errors);
if ($status == Entry::STATUS_OK) {
###
# Delegate: EntryPostCreate
# Description: Creation of an Entry. New Entry object is provided.
Extension::notify('EntryPostCreate', '/frontend/', array('entry' => $entry));
if ($this->parameters()->{'output-id-on-save'} == true) {
$ParameterOutput->{sprintf('event-%s-id', $this->parameters()->{'root-element'})} = $entry->id;
}
$root->setAttribute('result', 'success');
$root->setAttribute('id', $entry->id);
$root->appendChild($result->createElement('message', __("Entry %s successfully.", array($type == 'edit' ? __('edited') : __('created')))));
} else {
$root->setAttribute('result', 'error');
$root->appendChild($result->createElement('message', __('Entry encountered errors when saving.')));
if (!isset($postdata['fields']) || !is_array($postdata['fields'])) {
$postdata['fields'] = array();
}
$element = $result->createElement('errors');
$this->appendMessages($element, $errors);
$root->appendChild($element);
}
$messages = new MessageStack();
###
# Delegate: EventPostSaveFilter
# Description: After saving entry from the front-end. This delegate will not force the Events to terminate if it populates the error
# array reference. Provided with the event, message stack, postdata and entry object.
Extension::notify('EventPostSaveFilter', '/frontend/', array('event' => $this, 'messages' => $messages, 'fields' => $postdata, 'entry' => $entry));
if ($messages->valid()) {
$filter = $result->createElement('filters');
$this->appendMessages($filter, $messages);
$root->appendChild($filter);
}
$element = $result->createElement('values');
$this->appendValues($element, is_array($postdata['fields']) ? $postdata['fields'] : array());
$root->appendChild($element);
return $result;
}
public function prepareTableValue($data, DOMElement $link = NULL)
{
if (!is_array($data) || empty($data)) {
return parent::prepareTableValue(NULL, $link);
}
$result = Administration::instance()->Page->createDocumentFragment();
foreach ($data as $index => $d) {
try {
$entry = Entry::loadFromID($d->relation_id);
foreach ($this->{'related-fields'} as $key => $value) {
list($section_handle, $field_handle) = $value;
if ($section_handle != $entry->meta()->section) {
continue;
}
$section = Section::loadFromHandle($section_handle);
$field = $section->fetchFieldByHandle($field_handle);
$value = $field->prepareTableValue($entry->data()->{$field_handle});
// TODO: handle passing links
if ($index > 0) {
$result->appendChild(new DOMText(', '));
}
$result->appendChild(Widget::anchor($value, sprintf('%s/publish/%s/edit/%d/', ADMIN_URL, $section_handle, $entry->meta()->id)));
break;
}
} catch (Exception $e) {
}
}
if (!$result->hasChildNodes()) {
return parent::prepareTableValue(NULL, $link);
}
return $result;
}
public function trigger(Register $ParameterOutput, array $postdata)
{
$result = new XMLDocument();
$result->appendChild($result->createElement($this->parameters()->{'root-element'}));
$root = $result->documentElement;
if (isset($postdata['id'])) {
$entry = Entry::loadFromID($postdata['id']);
$type = 'edit';
} else {
$entry = new Entry();
$entry->section = $this->parameters()->{'section'};
if (isset(Frontend::instance()->User) && Frontend::instance()->User instanceof User) {
$entry->user_id = Frontend::instance()->User->id;
} else {
$entry->user_id = (int) Symphony::Database()->query("SELECT `id` FROM `tbl_users` ORDER BY `id` ASC LIMIT 1")->current()->id;
}
$type = 'create';
}
if (isset($postdata['fields']) && is_array($postdata['fields']) && !empty($postdata['fields'])) {
$entry->setFieldDataFromFormArray($postdata['fields']);
}
$root->setAttribute('type', $type);
###
# Delegate: EntryPreCreate
# Description: Just prior to creation of an Entry. Entry object provided
Extension::notify('EntryPreCreate', '/frontend/', array('entry' => &$entry));
$errors = new MessageStack();
$status = Entry::save($entry, $errors);
if ($status == Entry::STATUS_OK) {
###
# Delegate: EntryPostCreate
# Description: Creation of an Entry. New Entry object is provided.
Extension::notify('EntryPostCreate', '/frontend/', array('entry' => $entry));
if ($this->parameters()->{'output-id-on-save'} == true) {
$ParameterOutput->{sprintf('event-%s-id', $this->parameters()->{'root-element'})} = $entry->id;
}
$root->setAttribute('result', 'success');
$root->appendChild($result->createElement('message', __("Entry %s successfully.", array($type == 'edit' ? __('edited') : __('created')))));
} else {
$root->setAttribute('result', 'error');
$root->appendChild($result->createElement('message', __('Entry encountered errors when saving.')));
if (!isset($postdata['fields']) || !is_array($postdata['fields'])) {
$postdata['fields'] = array();
}
$element = $result->createElement('values');
$this->appendValues($element, $postdata['fields']);
$root->appendChild($element);
$element = $result->createElement('errors');
$this->appendMessages($element, $errors);
$root->appendChild($element);
}
return $result;
}
