public function update_set_groups() { if ($this->token->validate('update_set_groups')) { $gs = GroupSet::getByID($this->post('gsID')); if (!is_object($gs)) { $this->error->add(t('Invalid group set.')); } if (!$this->error->has()) { // go through and add all the attributes that aren't in another set $gs->clearGroups(); if (is_array($this->post('gID'))) { foreach ($_POST['gID'] as $gID) { $g = Group::getByID($gID); if (is_object($g)) { $gs->addGroup($g); } } } $this->redirect('dashboard/users/group_sets', 'set_updated'); } } else { $this->error->add($this->token->getErrorMessage()); } $this->edit($this->post('asID')); }
public function save($post) { // clear all selected permissions $tps = array(); foreach ($post['tpID'] as $tpID) { $tp = TaskPermission::getByID($tpID); $tps[] = $tp; $tp->clearPermissions(); } foreach ($post['selectedEntity'] as $e) { if ($e != '') { $o1 = explode('_', $e); if ($o1[0] == 'uID') { $obj = UserInfo::getByID($o1[1]); } else { $obj = Group::getByID($o1[1]); } foreach ($tps as $tp) { if ($post[$e . '_' . $tp->getTaskPermissionID()] == 1) { $tp->addAccess($obj); } } } } }
public function run() { $db = Loader::db(); $cnt = $db->GetOne('select count(*) from TaskPermissions where tpHandle = ?', array('delete_user')); if ($cnt < 1) { $g3 = Group::getByID(ADMIN_GROUP_ID); $tip = TaskPermission::addTask('delete_user', t('Delete Users'), false); if (is_object($g3)) { $tip->addAccess($g3); } } Loader::model('single_page'); $sp = Page::getByPath('/dashboard/settings/multilingual'); if ($sp->isError()) { $d1a = SinglePage::add('/dashboard/settings/multilingual'); $d1a->update(array('cName' => t('Multilingual Setup'))); } $sp = Page::getByPath('/dashboard/composer'); if ($sp->isError()) { $d2 = SinglePage::add('/dashboard/composer'); $d2->update(array('cName' => t('Composer Beta'), 'cDescription' => t('Write for your site.'))); } $sp = Page::getByPath('/dashboard/composer/write'); if ($sp->isError()) { $d3 = SinglePage::add('/dashboard/composer/write'); } $sp = Page::getByPath('/dashboard/composer/drafts'); if ($sp->isError()) { $d4 = SinglePage::add('/dashboard/composer/drafts'); } $sp = Page::getByPath('/dashboard/pages/types/composer'); if ($sp->isError()) { $d5 = SinglePage::add('/dashboard/pages/types/composer'); } }
public function delete($delGroupId, $token = ''){ $u=new User(); try { if(!$u->isSuperUser()) { throw new Exception(t('You do not have permission to perform this action.')); } $group = Group::getByID($delGroupId); if(!($group instanceof Group)) { throw new Exception(t('Invalid group ID.')); } $valt = Loader::helper('validation/token'); if (!$valt->validate('delete_group_' . $delGroupId, $token)) { throw new Exception($valt->getErrorMessage()); } $group->delete(); $resultMsg=t('Group deleted successfully.'); $_REQUEST=array(); $_GET=array(); $_POST=array(); $this->set('message', $resultMsg); $this->view(); } catch(Exception $e) { $this->set('error', $e); } }
public function getSearchResultFromQuery(Query $query) { $result = parent::getSearchResultFromQuery($query); $u = new \User(); if (!$u->isSuperUser()) { $gIDs = array(-1); $gs = new GroupList(); $groups = $gs->getResults(); foreach ($groups as $g) { $gp = new \Permissions($g); if ($gp->canSearchUsersInGroup()) { $gIDs[] = $g->getGroupID(); } } $result->getItemListObject()->getQueryObject()->leftJoin("u", "UserGroups", "ugRequired", "ugRequired.uID = u.uID"); $groups = 'ugRequired.gID in (' . implode(',', $gIDs) . ')'; $gg = \Group::getByID(REGISTERED_GROUP_ID); $ggp = new \Permissions($gg); if ($ggp->canSearchUsersInGroup()) { $null = 'ugRequired.gID is null'; } $result->getItemListObject()->getQueryObject()->select('distinct (u.uID)'); $expr = $result->getItemListObject()->getQueryObject()->expr()->orX($groups, $null); $result->getItemListObject()->getQueryObject()->andwhere($expr); } return $result; }
public static function addFilesForProduct(array $files, StoreProduct $product) { self::removeFilesForProduct($product); //add new ones. if (!empty($files['dffID'])) { foreach ($files['dffID'] as $fileID) { if (!empty($fileID) && $fileID > 0) { self::add($product->getProductID(), $fileID); $fileObj = \File::getByID($fileID); $fs = \FileSet::getByName("Digital Downloads"); $fs->addFileToSet($fileObj); $fileObj->resetPermissions(1); $pk = \Concrete\Core\Permission\Key\FileKey::getByHandle('view_file'); $pk->setPermissionObject($fileObj); $pao = $pk->getPermissionAssignmentObject(); $groupEntity = \Concrete\Core\Permission\Access\Entity\GroupEntity::getOrCreate(\Group::getByID(GUEST_GROUP_ID)); $pa = $pk->getPermissionAccessObject(); if ($pa) { $pa->removeListItem($groupEntity); $pao->assignPermissionAccess($pa); } } } } }
/** * Reindexes the search engine. */ public function reindex() { Loader::library('3rdparty/Zend/Search/Lucene'); Loader::library('3rdparty/StandardAnalyzer/Analyzer/Standard/English'); $index = new Zend_Search_Lucene(DIR_FILES_CACHE_PAGES, true); //Zend_Search_Lucene_Analysis_Analyzer::setDefault(new Zend_Search_Lucene_Analysis_Analyzer_Common_Utf8Num_CaseInsensitive()); Zend_Search_Lucene_Analysis_Analyzer::setDefault(new StandardAnalyzer_Analyzer_Standard_English()); $db = Loader::db(); $collection_attributes = Loader::model('collection_attributes'); $r = $db->query("select cID from Pages order by cID asc"); $g = Group::getByID(GUEST_GROUP_ID); $nh = Loader::helper('navigation'); while ($row = $r->fetchRow()) { $c = Page::getByID($row['cID'], 'ACTIVE'); if($c->getCollectionAttributeValue('exclude_search_index')) continue; $themeObject = $c->getCollectionThemeObject(); $g->setPermissionsForObject($c); if ($g->canRead()) { $pageID = md5($row['cID']); $doc = new Zend_Search_Lucene_Document(); $doc->addField(Zend_Search_Lucene_Field::Keyword('cIDhash', $pageID)); $doc->addField(Zend_Search_Lucene_Field::Unindexed('cID', $row['cID'])); $doc->addField(Zend_Search_Lucene_Field::Text('cName', $c->getCollectionName(), APP_CHARSET)); $doc->addField(Zend_Search_Lucene_Field::Keyword('ctHandle', $c->getCollectionTypeHandle())); $doc->addField(Zend_Search_Lucene_Field::Text('cDescription', $c->getCollectionDescription(), APP_CHARSET)); $doc->addField(Zend_Search_Lucene_Field::Text('cBody', $this->getBodyContentFromPage($c), APP_CHARSET)); if (is_object($themeObject)) { $doc->addField(Zend_Search_Lucene_Field::Text('cTheme', $themeObject->getThemeHandle())); } $doc->addField(Zend_Search_Lucene_Field::Text( 'cPath', $c->getCollectionPath())); if (count($this->cPathSections) > 0) { foreach($this->cPathSections as $var => $cPath) { $isInSection = (strstr(strtolower($c->getCollectionPath()), $cPath . '/')) ? 'true' : 'false'; $doc->addField(Zend_Search_Lucene_Field::Keyword($var, $isInSection)); } } $attributes=$c->getSetCollectionAttributes(); foreach($attributes as $attribute){ if ($attribute->isCollectionAttributeKeySearchable()) { $doc->addField(Zend_Search_Lucene_Field::Keyword( $attribute->akHandle, $c->getCollectionAttributeValue($attribute) )); } } $index->addDocument($doc); } } $result = new stdClass; $result->count = $index->count(); return $result; }
public function run() { $db = Loader::db(); $columns = $db->MetaColumns('Pages'); if (!isset($columns['CISSYSTEMPAGE'])) { $db->Execute('alter table Pages add column cIsSystemPage tinyint(1) not null default 0'); $db->Execute('alter table Pages add index (cIsSystemPage)'); } $columns = $db->MetaColumns('Pages'); if (!isset($columns['CISACTIVE'])) { $db->Execute('alter table Pages add column cIsActive tinyint(1) not null default 1'); $db->Execute('alter table Pages add index (cIsActive)'); $db->Execute('update Pages set cIsActive = 1'); } $columns = $db->MetaColumns('PageSearchIndex'); if (!isset($columns['CREQUIRESREINDEX'])) { $db->Execute('alter table PageSearchIndex add column cRequiresReindex tinyint(1) not null default 0'); $db->Execute('alter table PageSearchIndex add index (cRequiresReindex)'); } // install version job Loader::model("job"); Job::installByHandle('remove_old_page_versions'); // flag system pages appropriately Page::rescanSystemPages(); // add a newsflow task permission $db = Loader::db(); $cnt = $db->GetOne('select count(*) from TaskPermissions where tpHandle = ?', array('view_newsflow')); if ($cnt < 1) { $g3 = Group::getByID(ADMIN_GROUP_ID); $tip = TaskPermission::addTask('view_newsflow', t('View Newsflow'), false); if (is_object($g3)) { $tip->addAccess($g3); } } // Install new block types $this->installBlockTypes(); // install stacks, trash and drafts $this->installSinglePages(); // move the old dashboard $newDashPage = Page::getByPath('/dashboard/welcome'); if (!is_object($newDashPage) || $newDashPage->isError()) { $dashboard = Page::getByPath('/dashboard'); $dashboard->moveToTrash(); // install new dashboard + page types $this->installDashboard(); $this->migrateOldDashboard(); } Loader::model('system/captcha/library'); $scl = SystemCaptchaLibrary::getByHandle('securimage'); if (!is_object($scl)) { $scl = SystemCaptchaLibrary::add('securimage', t('SecurImage (Default)')); $scl->activate(); } Config::save('SEEN_INTRODUCTION', 1); }
public function load() { $db = Loader::db(); $gID = $db->GetOne('select gID from PermissionAccessEntityGroups where peID = ?', array($this->peID)); if ($gID) { $g = Group::getByID($gID); if (is_object($g)) { $this->group = $g; $this->label = $g->getGroupName(); } else { $this->label = t('(Deleted Group)'); } } }
public function run() { $db = Loader::db(); $cnt = $db->GetOne('select count(*) from TaskPermissions where tpHandle = ?', array('install_packages')); if ($cnt < 1) { $g3 = Group::getByID(ADMIN_GROUP_ID); $tip = TaskPermission::addTask('install_packages', t('Install Packages and Connect to the Marketplace'), false); if (is_object($g3)) { $tip->addAccess($g3); } } // ensure we have a proper ocID $db->Execute("alter table Files modify column ocID int unsigned not null default 0"); }
/** Executes the job. * @return string Returns a string describing the job result in case of success. * @throws Exception Throws an exception in case of errors. */ public function run() { Cache::disableCache(); Cache::disableLocalCache(); try { $db = Loader::db(); $instances = array('navigation' => Loader::helper('navigation'), 'dashboard' => Loader::helper('concrete/dashboard'), 'view_page' => PermissionKey::getByHandle('view_page'), 'guestGroup' => Group::getByID(GUEST_GROUP_ID), 'now' => new DateTime('now'), 'ak_exclude_sitemapxml' => CollectionAttributeKey::getByHandle('exclude_sitemapxml'), 'ak_sitemap_changefreq' => CollectionAttributeKey::getByHandle('sitemap_changefreq'), 'ak_sitemap_priority' => CollectionAttributeKey::getByHandle('sitemap_priority')); $instances['guestGroupAE'] = array(GroupPermissionAccessEntity::getOrCreate($instances['guestGroup'])); $xmlDoc = new SimpleXMLElement('<' . '?xml version="1.0" encoding="' . APP_CHARSET . '"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" />'); $rs = Loader::db()->Query('SELECT cID FROM Pages'); while ($row = $rs->FetchRow()) { self::addPage($xmlDoc, intval($row['cID']), $instances); } $rs->Close(); Events::fire('on_sitemap_xml_ready', $xmlDoc); $dom = dom_import_simplexml($xmlDoc)->ownerDocument; $dom->formatOutput = true; $addedPages = count($xmlDoc->url); $relName = ltrim(SITEMAPXML_FILE, '\\/'); $osName = rtrim(DIR_BASE, '\\/') . '/' . $relName; $urlName = rtrim(BASE_URL . DIR_REL, '\\/') . '/' . $relName; if (!file_exists($osName)) { @touch($osName); } if (!is_writable($osName)) { throw new Exception(t('The file %s is not writable', $osName)); } if (!($hFile = @fopen($osName, 'w'))) { throw new Exception(t('Cannot open file %s', $osName)); } if (!@fwrite($hFile, $dom->saveXML())) { throw new Exception(t('Error writing to file %s', $osName)); } @fflush($hFile); @fclose($hFile); unset($hFile); return t('%1$s file saved (%2$d pages).', sprintf('<a href="%s" target="_blank">%s</a>', $urlName, preg_replace('/^https?:\\/\\//i', '', $urlName)), $addedPages); } catch (Exception $x) { if (isset($hFile) && $hFile) { @fflush($hFile); @ftruncate($hFile, 0); @fclose($hFile); $hFile = null; } throw $x; } }
public function load() { $db = Loader::db(); $gIDs = $db->GetCol('select gID from PermissionAccessEntityGroups where peID = ? order by gID asc', array($this->peID)); if ($gIDs && is_array($gIDs)) { for ($i = 0; $i < count($gIDs); $i++) { $g = Group::getByID($gIDs[$i]); if (is_object($g)) { $this->groups[] = $g; $this->label .= $g->getGroupName(); if ($i + 1 < count($gIDs)) { $this->label .= t(' + '); } } } } }
/** * @param FileList $list * @param $request */ public function filterList(ItemList $list) { $filterGIDs = array(); if (isset($this->data['gID']) && is_array($this->data['gID'])) { foreach ($this->data['gID'] as $gID) { $g = \Group::getByID($gID); if (is_object($g)) { $gp = new \Permissions($g); if ($gp->canSearchUsersInGroup()) { $filterGIDs[] = $g->getGroupID(); } } } } foreach ($filterGIDs as $gID) { $list->filterByGroupID($gID); } }
public function canGuestsViewThisBlock() { $pk = PermissionKey::getByHandle('view_block'); $pk->setPermissionObject($this->getPermissionObject()); $gg = GroupPermissionAccessEntity::getOrCreate(Group::getByID(GUEST_GROUP_ID)); $accessEntities = array($gg); $valid = false; $list = $pk->getAccessListItems(PermissionKey::ACCESS_TYPE_ALL, $accessEntities); foreach ($list as $l) { if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_INCLUDE) { $valid = true; } if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_EXCLUDE) { $valid = false; } } return $valid; }
public function run() { $bt = BlockType::getByHandle('guestbook'); if (is_object($bt)) { $bt->refresh(); } // add user export users task permission $pk = PermissionKey::getByHandle('access_user_search_export'); if (!$pk instanceof PermissionKey) { $pk = PermissionKey::add('user', 'access_user_search_export', 'Export Site Users', 'Controls whether a user can export site users or not', false, false); $pa = $pk->getPermissionAccessObject(); if (!is_object($pa)) { $pa = PermissionAccess::create($pk); } $adminGroup = Group::getByID(ADMIN_GROUP_ID); //Make sure "Adminstrators" group still exists if ($adminGroup) { $adminGroupEntity = GroupPermissionAccessEntity::getOrCreate($adminGroup); $pa->addListItem($adminGroupEntity); $pt = $pk->getPermissionAssignmentObject(); $pt->assignPermissionAccess($pa); } } if (!Config::get('SECURITY_TOKEN_JOBS')) { Config::save('SECURITY_TOKEN_JOBS', Loader::helper('validation/identifier')->getString(64)); } if (!Config::get('SECURITY_TOKEN_ENCRYPTION')) { Config::save('SECURITY_TOKEN_ENCRYPTION', Loader::helper('validation/identifier')->getString(64)); } if (!Config::get('SECURITY_TOKEN_VALIDATION')) { Config::save('SECURITY_TOKEN_VALIDATION', Loader::helper('validation/identifier')->getString(64)); } $sp = Page::getByPath('/dashboard/system/mail/method/test_settings'); if (!is_object($sp) || $sp->isError()) { $sp = SinglePage::add('/dashboard/system/mail/method/test_settings'); $sp->update(array('cName' => t('Test Mail Settings'))); $sp->setAttribute('meta_keywords', 'test smtp, test mail'); } }
<?php defined('C5_EXECUTE') or die("Access Denied."); if (Loader::helper('validation/token')->validate('process')) { $js = Loader::helper('json'); $obj = new stdClass(); if (count($_POST['gID']) > 0) { $groups = array(); foreach ($_POST['gID'] as $gID) { $g = Group::getByID($gID); if (is_object($g)) { $groups[] = $g; } } $pae = GroupCombinationPermissionAccessEntity::getOrCreate($groups); $obj->peID = $pae->getAccessEntityID(); $obj->label = $pae->getAccessEntityLabel(); } print $js->encode($obj); }
public function setFileSetPermissions($fs, $post) { $fs->resetPermissions(); foreach($post['selectedEntity'] as $e) { if ($e != '') { $id = substr($e, 4); if (strpos($e, 'uID') === 0) { $obj = UserInfo::getByID($id); } else { $obj = Group::getByID($id); } $canSearch = $post['canSearch_' . $e]; $canRead = $post['canRead_' . $e]; $canWrite = $post['canWrite_' . $e]; $canAdmin = $post['canAdmin_' . $e]; $canAdd = $post['canAdd_' . $e]; $extensions = $post['canAddExtension_' . $e]; $fs->setPermissions($obj, $canSearch, $canRead, $canWrite, $canAdmin, $canAdd, $extensions); } } }
/** * @private */ public function assignPermissionSet($px) { // this is the legacy function that is called just by xml. We pass these values in as though they were the old ones. if (isset($px->guests)) { $pkHandles = self::translatePermissionsXMLToKeys($px->guests); $this->assignPermissions(Group::getByID(GUEST_GROUP_ID), $pkHandles); } if (isset($px->registered)) { $pkHandles = self::translatePermissionsXMLToKeys($px->registered); $this->assignPermissions(Group::getByID(REGISTERED_GROUP_ID), $pkHandles); } if (isset($px->administrators)) { $pkHandles = self::translatePermissionsXMLToKeys($px->administrators); $this->assignPermissions(Group::getByID(ADMIN_GROUP_ID), $pkHandles); } if (isset($px->group)) { foreach ($px->group as $g) { $pkHandles = self::translatePermissionsXMLToKeys($px->administrators); $this->assignPermissions(Group::getByID($g['gID']), $pkHandles); } } if (isset($px->user)) { foreach ($px->user as $u) { $pkHandles = self::translatePermissionsXMLToKeys($px->administrators); $this->assignPermissions(Group::getByID($u['uID']), $pkHandles); } } $this->refreshCache(); }
foreach ($users as $ui) { echo $form->hidden('uID[]', $ui->getUserID()); } ?> <div class="clearfix"> <?php echo $form->label('groupIDs', t('Remove the users below from Group(s)')); ?> <div class="input"> <select multiple name="groupIDs[]" class="select2-select" data-placeholder="<?php echo t('Select Group(s)'); ?> " > <?php foreach ($g1 as $gRow) { $g = Group::getByID($gRow['gID']); $gp = new Permissions($g); if ($gp->canAssignGroup()) { ?> <option value="<?php echo $g->getGroupID(); ?> " <?php if (is_array($_REQUEST['groupIDs']) && in_array($g->getGroupID(), $_REQUEST['groupIDs'])) { ?> selected="selected" <?php } ?> ><?php echo $g->getGroupDisplayName(); ?>
public function up(Schema $schema) { $ft = FlagType::getByhandle('spam'); if (!is_object($ft)) { FlagType::add('spam'); } $bt = BlockType::getByHandle('image_slider'); $bt->refresh(); $types = array(Type::getByHandle('group'), Type::getByHandle('user'), Type::getByHandle('group_set'), Type::getByHandle('group_combination')); $categories = array(Category::getByHandle('conversation'), Category::getByHandle('conversation_message')); foreach ($categories as $category) { foreach ($types as $pe) { if (is_object($category) && is_object($pe)) { $category->associateAccessEntityType($pe); } } } try { $gat = AuthenticationType::getByHandle('google'); } catch (Exception $e) { $gat = AuthenticationType::add('google', 'Google'); if (is_object($gat)) { $gat->disable(); } } // fix register page permissions $g1 = \Group::getByID(GUEST_GROUP_ID); $register = \Page::getByPath('/register', "RECENT"); $register->assignPermissions($g1, array('view_page')); // add new permissions, set it to the same value as edit page permissions on all pages. $epk = PermissionKey::getByHandle('edit_page_permissions'); $msk = PermissionKey::getByHandle('edit_page_multilingual_settings'); $ptk = PermissionKey::getByHandle('edit_page_page_type'); if (!is_object($msk)) { $msk = PermissionKey::add('page', 'edit_page_multilingual_settings', 'Edit Multilingual Settings', 'Controls whether a user can see the multilingual settings menu, re-map a page or set a page as ignored in multilingual settings.', false, false); } if (!is_object($ptk)) { $ptk = PermissionKey::add('page', 'edit_page_page_type', 'Edit Page Type', 'Change the type of an existing page.', false, false); } $db = \Database::get(); $r = $db->Execute('select cID from Pages where cInheritPermissionsFrom = "OVERRIDE" order by cID asc'); while ($row = $r->FetchRow()) { $c = Page::getByID($row['cID']); if (is_object($c) && !$c->isError()) { $epk->setPermissionObject($c); $msk->setPermissionObject($c); $ptk->setPermissionObject($c); $rpa = $epk->getPermissionAccessObject(); if (is_object($rpa)) { $pt = $msk->getPermissionAssignmentObject(); if (is_object($pt)) { $pt->clearPermissionAssignment(); $pt->assignPermissionAccess($rpa); } $pt = $ptk->getPermissionAssignmentObject(); if (is_object($pt)) { $pt->clearPermissionAssignment(); $pt->assignPermissionAccess($rpa); } } } } // add new page type permissions $epk = PermissionKey::getByHandle('edit_page_type_permissions'); $msk = PermissionKey::getByHandle('edit_page_type'); $dsk = PermissionKey::getByHandle('delete_page_type'); if (!is_object($msk)) { $msk = PermissionKey::add('page_type', 'edit_page_type', 'Edit Page Type', '', false, false); } if (!is_object($dsk)) { $dsk = PermissionKey::add('page_type', 'delete_page_type', 'Delete Page Type', '', false, false); } $list = \Concrete\Core\Page\Type\Type::getList(); foreach ($list as $pagetype) { $epk->setPermissionObject($pagetype); $msk->setPermissionObject($pagetype); $dsk->setPermissionObject($pagetype); $rpa = $epk->getPermissionAccessObject(); if (is_object($rpa)) { $pt = $msk->getPermissionAssignmentObject(); if (is_object($pt)) { $pt->clearPermissionAssignment(); $pt->assignPermissionAccess($rpa); } $pt = $dsk->getPermissionAssignmentObject(); if (is_object($pt)) { $pt->clearPermissionAssignment(); $pt->assignPermissionAccess($rpa); } } } // add new multilingual tables. $sm = $db->getSchemaManager(); $schemaTables = $sm->listTableNames(); if (!in_array('MultilingualPageRelations', $schemaTables)) { $mpr = $schema->createTable('MultilingualPageRelations'); $mpr->addColumn('mpRelationID', 'integer', array('notnull' => true, 'unsigned' => true, 'default' => 0)); $mpr->addColumn('cID', 'integer', array('notnull' => true, 'unsigned' => true, 'default' => 0)); $mpr->addColumn('mpLanguage', 'string', array('notnull' => true, 'default' => '')); $mpr->addColumn('mpLocale', 'string', array('notnull' => true)); $mpr->setPrimaryKey(array('mpRelationID', 'cID', 'mpLocale')); } if (!in_array('MultilingualSections', $schemaTables)) { $mus = $schema->createTable('MultilingualSections'); $mus->addColumn('cID', 'integer', array('notnull' => true, 'unsigned' => true, 'default' => 0)); $mus->addColumn('msLanguage', 'string', array('notnull' => true, 'default' => '')); $mus->addColumn('msCountry', 'string', array('notnull' => true, 'default' => '')); $mus->setPrimaryKey(array('cID')); } if (!in_array('MultilingualTranslations', $schemaTables)) { $mts = $schema->createTable('MultilingualTranslations'); $mts->addColumn('mtID', 'integer', array('autoincrement' => true, 'unsigned' => true)); $mts->addColumn('mtSectionID', 'integer', array('unsigned' => true, 'notnull' => true, 'default' => 0)); $mts->addColumn('msgid', 'text', array('notnull' => false)); $mts->addColumn('msgstr', 'text', array('notnull' => false)); $mts->addColumn('context', 'text', array('notnull' => false)); $mts->addColumn('comments', 'text', array('notnull' => false)); $mts->addColumn('reference', 'text', array('notnull' => false)); $mts->addColumn('flags', 'text', array('notnull' => false)); $mts->addColumn('updated', 'datetime', array('notnull' => false)); $mts->setPrimaryKey(array('mtID')); } // block type $bt = BlockType::getByHandle('switch_language'); if (!is_object($bt)) { $bt = BlockType::installBlockType('switch_language'); } // single pages $sp = Page::getByPath('/dashboard/system/multilingual'); if (!is_object($sp) || $sp->isError()) { $sp = SinglePage::add('/dashboard/system/multilingual'); $sp->update(array('cName' => 'Multilingual')); $sp->setAttribute('meta_keywords', 'multilingual, localization, internationalization, i18n'); } $sp = Page::getByPath('/dashboard/system/multilingual/setup'); if (!is_object($sp) || $sp->isError()) { $sp = SinglePage::add('/dashboard/system/multilingual/setup'); $sp->update(array('cName' => 'Multilingual Setup')); } $sp = Page::getByPath('/dashboard/system/multilingual/page_report'); if (!is_object($sp) || $sp->isError()) { $sp = SinglePage::add('/dashboard/system/multilingual/page_report'); $sp->update(array('cName' => 'Page Report')); } $sp = Page::getByPath('/dashboard/system/multilingual/translate_interface'); if (!is_object($sp) || $sp->isError()) { $sp = SinglePage::add('/dashboard/system/multilingual/translate_interface'); $sp->update(array('cName' => 'Translate Interface')); } $sp = Page::getByPath('/dashboard/pages/types/attributes'); if (!is_object($sp) || $sp->isError()) { $sp = SinglePage::add('/dashboard/pages/types/attributes'); $sp->update(array('cName' => 'Page Type Attributes')); } }
public function update_permissions() { $this->set_permissions(); $home = $this->get('home'); $gru = Group::getByID(REGISTERED_GROUP_ID); $ggu = Group::getByID(GUEST_GROUP_ID); $gau = Group::getByID(ADMIN_GROUP_ID); $args = array(); switch ($_POST['view']) { case "ANYONE": $args['collectionRead'][] = 'gID:' . $ggu->getGroupID(); // this API is pretty crappy. TODO: clean this up in a nice object oriented fashion break; case "USERS": $args['collectionRead'][] = 'gID:' . $gru->getGroupID(); // this API is pretty crappy. TODO: clean this up in a nice object oriented fashion break; case "PRIVATE": $args['collectionRead'][] = 'gID:' . $gau->getGroupID(); break; } $args['collectionWrite'] = array(); if (is_array($_POST['gID'])) { foreach ($_POST['gID'] as $gID) { $args['collectionReadVersions'][] = 'gID:' . $gID; $args['collectionWrite'][] = 'gID:' . $gID; $args['collectionAdmin'][] = 'gID:' . $gID; $args['collectionDelete'][] = 'gID:' . $gID; } } $args['cInheritPermissionsFrom'] = 'OVERRIDE'; $args['cOverrideTemplatePermissions'] = 1; $home->updatePermissions($args); $this->redirect('/dashboard/settings/', 'set_permissions', 'permissions_saved'); }
/** * @return \Concrete\Core\Page\PageList */ public function getPageListObject() { $pl = new PageList(); $pl->setItemsPerPage($this->itemsPerFeed); $pl->sortByPublicDateDescending(); if (!$this->checkPagePermissions) { $pl->ignorePermissions(); } else { $vp = \Concrete\Core\Permission\Key\Key::getByHandle('view_page'); $guest = \Group::getByID(GUEST_GROUP_ID); $access = GroupEntity::getOrCreate($guest); // we set page permissions to be Guest group only, because // authentication won't work with RSS feeds $pl->setPermissionsChecker(function ($page) use($vp, $access) { $vp->setPermissionObject($page); $pa = $vp->getPermissionAccessObject($page); if (!is_object($pa)) { return false; } return $pa->validateAccessEntities(array($access)); }); } if ($this->cParentID) { if ($this->pfIncludeAllDescendents) { $parent = \Page::getByID($this->cParentID); if (is_object($parent) && !$parent->isError()) { $pl->filterByPath($parent->getCollectionPath()); } } else { $pl->filterByParentID($this->cParentID); } } if ($this->pfDisplayAliases) { $pl->includeAliases(); } if ($this->ptID) { $pl->filterByPageTypeID($this->ptID); } if ($this->pfDisplayFeaturedOnly) { $pl->filterByAttribute('is_featured', true); } return $pl; }
public function save($data) { $db = Database::get(); if ($data['pID']) { //if we know the pID, we're updating. $pID = $data['pID']; //update product details $vals = array($data['gID'], $data['pName'], $data['pDesc'], $data['pDetail'], $data['pPrice'], $data['pFeatured'], $data['pQty'], $data['pTaxable'], $data['pfID'], $data['pActive'], $data['pShippable'], $data['pWidth'], $data['pHeight'], $data['pLength'], $data['pWeight'], $data['pID']); $db->Execute('UPDATE VividStoreProducts SET gID=?,pName=?,pDesc=?,pDetail=?,pPrice=?,pFeatured=?,pQty=?,pTaxable=?,pfID=?,pActive=?,pShippable=?,pWidth=?,pHeight=?,pLength=?,pWeight=? WHERE pID = ?', $vals); //update additional images $db->Execute('DELETE FROM VividStoreProductImages WHERE pID = ?', $data['pID']); $count = count($data['pifID']); if ($count > 0) { for ($i = 0; $i < $count; $i++) { $vals = array($data['pID'], $data['pifID'][$i], $data['piSort'][$i]); $db->Execute("INSERT INTO VividStoreProductImages (pID,pifID,piSort) VALUES (?,?,?)", $vals); } } //update user groups $db->Execute('DELETE FROM VividStoreProductUserGroups WHERE pID = ?', $data['pID']); if (!empty($data['pUserGroups'])) { foreach ($data['pUserGroups'] as $gID) { $vals = array($data['pID'], $gID); $db->Execute("INSERT INTO VividStoreProductUserGroups (pID,gID) VALUES (?,?)", $vals); } } //update product groups $db->Execute('DELETE FROM VividStoreProductGroups WHERE pID = ?', $data['pID']); if (!empty($data['pProductGroups'])) { foreach ($data['pProductGroups'] as $gID) { $vals = array($pID, $gID); $db->Execute("INSERT INTO VividStoreProductGroups (pID,gID) VALUES (?,?)", $vals); } } //update option groups $db->Execute('DELETE FROM VividStoreProductOptionGroups WHERE pID = ?', $data['pID']); $db->Execute('DELETE FROM VividStoreProductOptionItems WHERE pID = ?', $data['pID']); $count = count($data['pogSort']); $ii = 0; //set counter for items if ($count > 0) { for ($i = 0; $i < $count; $i++) { $vals = array($data['pID'], $data['pogName'][$i], $data['pogSort'][$i]); $db->Execute("INSERT INTO VividStoreProductOptionGroups (pID,pogName,pogSort) VALUES (?,?,?)", $vals); //add option items $pogID = $db->lastInsertId(); $itemsInGroup = count($data['optGroup' . $i]); if ($itemsInGroup > 0) { for ($gi = 0; $gi < $itemsInGroup; $gi++, $ii++) { $vals = array($data['pID'], $pogID, $data['poiName'][$ii], $data['poiSort'][$ii]); $db->Execute("INSERT INTO VividStoreProductOptionItems (pID,pogID,poiName,poiSort) VALUES (?,?,?,?)", $vals); } } } } } else { //else, we don't know it, so we're adding $dt = Core::make('helper/date'); $now = $dt->getLocalDateTime(); //add product details $vals = array($data['gID'], $data['pName'], $data['pDesc'], $data['pDetail'], $data['pPrice'], $data['pFeatured'], $data['pQty'], $data['pTaxable'], $data['pfID'], $data['pActive'], $data['pShippable'], $data['pWidth'], $data['pHeight'], $data['pLength'], $data['pWeight'], $now); $db->Execute("INSERT INTO VividStoreProducts (gID,pName,pDesc,pDetail,pPrice,pFeatured,pQty,pTaxable,pfID,pActive,pShippable,pWidth,pHeight,pLength,pWeight,pDateAdded) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)", $vals); //add additional images $pID = $db->lastInsertId(); $count = count($data['pifID']); if ($count > 0) { for ($i = 0; $i < $count; $i++) { $vals = array($pID, $data['pifID'][$i], $data['piSort'][$i]); $db->Execute("INSERT INTO VividStoreProductImages (pID,pifID,piSort) VALUES (?,?,?)", $vals); } } //insert user groups if (!empty($data['pUserGroups'])) { foreach ($data['pUserGroups'] as $gID) { $vals = array($pID, $gID); $db->Execute("INSERT INTO VividStoreProductUserGroups (pID,gID) VALUES (?,?)", $vals); } } //insert product groups if (!empty($data['pProductGroups'])) { foreach ($data['pProductGroups'] as $gID) { $vals = array($pID, $gID); $db->Execute("INSERT INTO VividStoreProductGroups (pID,gID) VALUES (?,?)", $vals); } } //add option groups $count = count($data['pogSort']); $ii = 0; //set counter for items if ($count > 0) { for ($i = 0; $i < $count; $i++) { $vals = array($pID, $data['pogName'][$i], $data['pogSort'][$i]); $db->Execute("INSERT INTO VividStoreProductOptionGroups (pID,pogName,pogSort) VALUES (?,?,?)", $vals); //add option items $pogID = $db->lastInsertId(); $itemsInGroup = count($data['optGroup' . $i]); if ($itemsInGroup > 0) { for ($gi = 0; $gi < $itemsInGroup; $gi++, $ii++) { $vals = array($pID, $pogID, $data['poiName'][$ii], $data['poiSort'][$ii]); $db->Execute("INSERT INTO VividStoreProductOptionItems (pID,pogID,poiName,poiSort) VALUES (?,?,?,?)", $vals); } } } } $product = Product::getByID($pID); $product->generatePage($data['selectPageTemplate']); } //save files $db->Execute("DELETE FROM VividStoreDigitalFiles WHERE pID=?", $pID); $u = User::getByUserID(1); $ui = \UserInfo::getByID($u->getUserID()); if ($data['dffID']) { foreach ($data['dffID'] as $dffID) { if ($dffID) { $db->Execute("INSERT INTO VividStoreDigitalFiles(dffID,pID) VALUES (?,?)", array($dffID, $pID)); $fileObj = File::getByID($dffID); $fs = \FileSet::getByName("Digital Downloads"); $fs->addFileToSet($fileObj); $fileObj->resetPermissions(1); $pk = \Concrete\Core\Permission\Key\FileKey::getByHandle('view_file'); $pk->setPermissionObject($fileObj); $pao = $pk->getPermissionAssignmentObject(); $groupEntity = \Concrete\Core\Permission\Access\Entity\GroupEntity::getOrCreate(\Group::getByID(GUEST_GROUP_ID)); $pa = $pk->getPermissionAccessObject(); if ($pa) { $pa->removeListItem($groupEntity); $pao->assignPermissionAccess($pa); } } } } $db->Execute("DELETE FROM VividStoreProductLocations where pID = ?", array($pID)); foreach ($data['cID'] as $cID) { if ($cID > 0) { $db->Execute("REPLACE INTO VividStoreProductLocations(pID,cID) VALUES (?,?)", array($pID, (int) $cID)); } } $product = Product::getByID($pID); return $product; }
$date = Loader::helper('form/date_time'); switch($_POST['gUserExpirationMethod']) { case 'SET_TIME': $g->setGroupExpirationByDateTime($date->translate('gUserExpirationSetDateTime'), $_POST['gUserExpirationAction']); break; case 'INTERVAL': $g->setGroupExpirationByInterval($_POST['gUserExpirationIntervalDays'], $_POST['gUserExpirationIntervalHours'], $_POST['gUserExpirationIntervalMinutes'], $_POST['gUserExpirationAction']); break; } } else { $g->removeGroupExpiration(); } } if ($_REQUEST['task'] == 'edit') { $g = Group::getByID(intval($_REQUEST['gID'])); if (is_object($g)) { if ($_POST['update']) { $gName = $_POST['gName']; $gDescription = $_POST['gDescription']; } else { $gName = $g->getGroupName(); $gDescription = $g->getGroupDescription(); } $editMode = true; }
} Loader::model('search/group'); $gl = new GroupSearch(); $gl->setItemsPerPage(-1); $g1 = $gl->getPage(); if ($_POST['task'] == 'group_remove') { if (!$token->validate('bulk_group_remove')) { echo Loader::helper('json')->encode(array('error' => t("Invalid token."))); exit; } // build the group array $groupIDs = $_REQUEST['groupIDs']; $groups = array(); if (is_array($groupIDs) && count($groupIDs)) { foreach ($groupIDs as $gID) { $groups[] = Group::getByID($gID); } } foreach ($users as $ui) { if ($ui instanceof UserInfo) { $u = $ui->getUserObject(); foreach ($groups as $g) { if ($gk->validate($g)) { if ($u->inGroup($g)) { // avoid messing up group enter times $u->exitGroup($g); } } } } }
<?php defined('C5_EXECUTE') or die("Access Denied."); if (Loader::helper('validation/token')->validate('process')) { $js = Loader::helper('json'); $obj = new stdClass(); $g = Group::getByID($_REQUEST['gID']); if (is_object($g)) { $pae = GroupPermissionAccessEntity::getOrCreate($g); $obj->peID = $pae->getAccessEntityID(); $obj->label = $pae->getAccessEntityLabel(); } print $js->encode($obj); }
public function set_site_permissions() { Loader::model('file_set'); $fs = FileSet::getGlobal(); $g1 = Group::getByID(GUEST_GROUP_ID); $g2 = Group::getByID(REGISTERED_GROUP_ID); $g3 = Group::getByID(ADMIN_GROUP_ID); $fs->assignPermissions($g1, array('view_file_set_file')); $fs->assignPermissions($g3, array('view_file_set_file', 'search_file_set', 'edit_file_set_file_properties', 'edit_file_set_file_contents', 'copy_file_set_files', 'edit_file_set_permissions', 'delete_file_set_files', 'delete_file_set', 'add_file')); if (defined('ACTIVE_LOCALE') && ACTIVE_LOCALE != '' && ACTIVE_LOCALE != 'en_US') { Config::save('SITE_LOCALE', ACTIVE_LOCALE); } Config::save('SITE', SITE); Config::save('SITE_APP_VERSION', APP_VERSION); Config::save('SITE_INSTALLED_APP_VERSION', APP_VERSION); $u = new User(); $u->saveConfig('NEWSFLOW_LAST_VIEWED', 'FIRSTRUN'); $home = Page::getByID(1, "RECENT"); $home->assignPermissions($g1, array('view_page')); $home->assignPermissions($g3, array('view_page_versions', 'preview_page_as_user', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_theme', 'edit_page_type', 'edit_page_permissions', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page', 'schedule_page_contents_guest_access')); }
foreach ($assignments as $asi) { $ae = $asi->getAccessEntityObject(); if ($ae->getAccessEntityTypeHandle() == 'group') { $group = $ae->getGroupObject(); if (is_object($group)) { $editAccess[] = $group->getGroupID(); } } } Loader::model('search/group'); $gl = new GroupSearch(); $gl->sortBy('gID', 'asc'); $gIDs = $gl->get(); $gArray = array(); foreach ($gIDs as $g) { $gArray[] = Group::getByID($g['gID']); } $rel = Loader::helper('security')->sanitizeString($_REQUEST['rel']); ?> <div class="ccm-ui"> <form method="post" id="ccmPermissionsForm" name="ccmPermissionsForm" action="<?php echo $c->getCollectionAction(); ?> "> <input type="hidden" name="rel" value="<?php echo h($rel); ?> " /> <div class="clearfix">
/** Executes the job. * @return string Returns a string describing the job result in case of success. * @throws Exception Throws an exception in case of errors. */ public function run() { Cache::disableCache(); Cache::disableLocalCache(); try { $db = Loader::db(); $instances = array( 'navigation' => Loader::helper('navigation'), 'dashboard' => Loader::helper('concrete/dashboard'), 'view_page' => PermissionKey::getByHandle('view_page'), 'guestGroup' => Group::getByID(GUEST_GROUP_ID), 'now' => new DateTime('now') ); $instances['guestGroupAE'] = array(GroupPermissionAccessEntity::getOrCreate($instances['guestGroup'])); $rsPages = $db->query('SELECT cID FROM Pages WHERE (cID > 1) ORDER BY cID'); $relName = ltrim(SITEMAPXML_FILE, '\\/'); $osName = rtrim(DIR_BASE, '\\/') . '/' . $relName; $urlName = rtrim(BASE_URL . DIR_REL, '\\/') . '/' . $relName; if(!file_exists($osName)) { @touch($osName); } if(!is_writable($osName)) { throw new Exception(t('The file %s is not writable', $osName)); } if(!$hFile = fopen($osName, 'w')) { throw new Exception(t('Cannot open file %s', $osName)); } if(!@fprintf($hFile, '<'.'?xml version="1.0" encoding="%s"?>' . self::EOL . '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">', APP_CHARSET)) { throw new Exception(t('Error writing header of %s', $osName)); } $addedPages = 0; if(self::AddPage($hFile, 1, $instances)) { $addedPages++; } while($rowPage = $rsPages->FetchRow()) { if(self::AddPage($hFile, intval($rowPage['cID']), $instances)) { $addedPages++; } } $rsPages->Close(); unset($rsPages); if(!@fwrite($hFile, self::EOL . '</urlset>')) { throw new Exception(t('Error writing footer of %s', $osName)); } @fflush($hFile); @fclose($hFile); unset($hFile); return t('%1$s file saved (%2$d pages).', $urlName, $addedPages); } catch(Exception $x) { if(isset($rsPages) && $rsPages) { $rsPages->Close(); $rsPages = null; } if(isset($hFile) && $hFile) { @fflush($hFile); @ftruncate($hFile, 0); @fclose($hFile); $hFile = null; } throw $x; } }
function add($gName, $gDescription) { $db = Loader::db(); $v = array($gName, $gDescription); $r = $db->prepare("insert into Groups (gName, gDescription) values (?, ?)"); $res = $db->Execute($r, $v); if ($res) { $ng = Group::getByID($db->Insert_ID()); Events::fire('on_group_add', $ng); return $ng; } }