/** * Export core * * Replaces definition in GridFieldPrintButton * same as original except sources data from $gridField->getList() instead of $gridField->getManipulatedList() * * @param GridField */ public function generatePrintData(GridField $gridField) { $printColumns = $this->getPrintColumnsForGridField($gridField); $header = null; if ($this->printHasHeader) { $header = new ArrayList(); foreach ($printColumns as $field => $label) { $header->push(new ArrayData(array("CellString" => $label))); } } // The is the only variation from the parent class, using getList() instead of getManipulatedList() $items = $gridField->getList(); $itemRows = new ArrayList(); foreach ($items as $item) { $itemRow = new ArrayList(); foreach ($printColumns as $field => $label) { $value = $gridField->getDataFieldValue($item, $field); $itemRow->push(new ArrayData(array("CellString" => $value))); } $itemRows->push(new ArrayData(array("ItemRow" => $itemRow))); $item->destroy(); } $ret = new ArrayData(array("Title" => $this->getTitle($gridField), "Header" => $header, "ItemRows" => $itemRows, "Datetime" => SS_Datetime::now(), "Member" => Member::currentUser())); return $ret; }
/** * Ensure all root requests go to login * @return SS_HTTPResponse */ public function index() { if (Member::currentUser()) { return $this->redirect($this->Link('directory')); } return $this->redirect('/Security/login/?BackURL=/summit-admin'); }
/** * @param $data * @param $form * @return bool|SS_HTTPResponse|void * @throws ValidationException * @throws null */ public function Save($data, $form) { /** @var Form $form */ $data = $form->getData(); if ($CurrentMember = Member::currentUser()) { if ($member = DataObject::get_one('Member', "Email = '" . Convert::raw2sql($data['Email']) . "' AND ID != " . $CurrentMember->ID)) { $form->addErrorMessage('Email', 'Sorry, that Email already exists.', 'validation'); return $this->controller->redirectBack(); } else { /** If no password don't save the field */ if (!isset($data['password'])) { unset($data['password']); } $this->controller->setFlash('Your profile has been updated', 'success'); $form->saveInto($CurrentMember); $CurrentMember->write(); return $this->controller->redirect($this->controller->Link()); } } else { /** Get registration page otherwise display warning. * * @var RegistrationPage $registerPage */ if ($registerPage = DataObject::get_one('RegistrationPage')) { return Security::PermissionFailure($this->controller, 'You must <a href="' . $registerPage->Link() . '">registered</a> and logged in to edit your profile.'); } else { $this->controller->setFlash('You must registered and logged in to edit your profile.', 'warning'); return $this->controller->redirect(Director::absoluteBaseURL()); } } }
public function edit() { $member = Member::currentUser(); $this->customise(array("ClassName" => "AccountPage", "Form" => $this->EditAccountForm()->loadDataFrom($member))); $this->extend("onBeforeEdit"); return $this->renderWith(array("UserAccount_edit", "UserAccount", "Page")); }
/** * Adds token creation fields to CMS * * @param FieldSet $fields * @return void */ public function updateCMSFields(FieldSet &$fields) { // Only modify file objects with parent nodes if (!$this->owner instanceof Folder || !$this->owner->ID) { return; } // Only allow ADMIN and SECURE_FILE_SETTINGS members to edit these options if (!Permission::checkMember(Member::currentUser(), array('ADMIN', 'SECURE_FILE_SETTINGS'))) { return; } // Update Security Tab $secureFilesTab = $fields->findOrMakeTab('Root.' . _t('SecureFiles.SECUREFILETABNAME', 'Security')); $secureFilesTab->push(new HeaderField(_t('SecureFiles.TOKENACCESSTITLE', 'Token Access'))); if (!$this->owner->containsFiles()) { $secureFilesTab->push(new ReadonlyField('DummyTokenList', '', _t('SecureFiles.NOFILESINFOLDER', 'There are no files in this folder.'))); return; } $secureFilesTab->push($tokenList = new ComplexTableField($this->owner, 'ContainedFileTokens', 'SecureFileAccessToken', null, null, "File.ParentID = '{$this->owner->ID}'", $sourceSort = null, "JOIN File ON FileID = File.ID")); $tokenList->setParentIdName('FolderID'); $tokenList->setRelationAutoSetting(false); // Remove add link if there are no files in this folder if (!$this->owner->containsFiles()) { $tokenList->setPermissions(array('edit', 'delete')); } }
/** * This does not actually perform any validation, but just creates the * initial registration object. */ public function validateStep($data, $form) { $form = $this->getForm(); $datetime = $form->getController()->getDateTime(); $confirmation = $datetime->Event()->RegEmailConfirm; $registration = $this->getForm()->getSession()->getRegistration(); // If we require email validation for free registrations, then send // out the email and mark the registration. Otherwise immediately // mark it as valid. if ($confirmation) { $email = new Email(); $config = SiteConfig::current_site_config(); $registration->TimeID = $datetime->ID; $registration->Status = 'Unconfirmed'; $registration->write(); if (Member::currentUserID()) { $details = array('Name' => Member::currentUser()->getName(), 'Email' => Member::currentUser()->Email); } else { $details = $form->getSavedStepByClass('EventRegisterTicketsStep'); $details = $details->loadData(); } $link = Controller::join_links($this->getForm()->getController()->Link(), 'confirm', $registration->ID, '?token=' . $registration->Token); $regLink = Controller::join_links($datetime->Event()->Link(), 'registration', $registration->ID, '?token=' . $registration->Token); $email->setTo($details['Email']); $email->setSubject(sprintf('Confirm Registration For %s (%s)', $datetime->getTitle(), $config->Title)); $email->setTemplate('EventRegistrationConfirmationEmail'); $email->populateTemplate(array('Name' => $details['Name'], 'Registration' => $registration, 'RegLink' => $regLink, 'Title' => $datetime->getTitle(), 'SiteConfig' => $config, 'ConfirmLink' => Director::absoluteURL($link))); $email->send(); Session::set("EventRegistration.{$registration->ID}.message", $datetime->Event()->EmailConfirmMessage); } else { $registration->Status = 'Valid'; $registration->write(); } return true; }
public function init() { parent::init(); $member = Member::currentUser(); $this->member = $member; $request = $this->getRequest(); //echo $request->getVar('test'); //Setting dates based on request variables //We could add some sanity check herre $this->start = $request->getVar('start'); $this->end = $request->getVar('end'); if ($request->getVar('allDay') == 'true') { $this->allDay = true; } //Setting event based on request vars if (($eventID = (int) $request->getVar('eventID')) && $eventID > 0) { $event = Event::get()->byID($eventID); if ($event && $event->exists()) { if ($event->ClassName == 'PrivateEvent') { //Only show private events to their owners if ($event->OwnerID == $member->ID) { $this->event = $event; } } else { $this->event = $event; } } } }
/** * @param Order $order * @param array $data * * @throws ValidationException */ public function validateData(Order $order, array $data) { $result = ValidationResult::create(); $existingID = !empty($data[$this->addresstype . "AddressID"]) ? (int) $data[$this->addresstype . "AddressID"] : 0; if ($existingID) { // If existing address selected, check that it exists in $member->AddressBook if (!Member::currentUserID() || !Member::currentUser()->AddressBook()->byID($existingID)) { $result->error("Invalid address supplied", $this->addresstype . "AddressID"); throw new ValidationException($result); } } else { // Otherwise, require the normal address fields $required = parent::getRequiredFields($order); $addressLabels = singleton('Address')->fieldLabels(false); foreach ($required as $fieldName) { if (empty($data[$fieldName])) { // attempt to get the translated field name $fieldLabel = isset($addressLabels[$fieldName]) ? $addressLabels[$fieldName] : $fieldName; $errorMessage = _t('Form.FIELDISREQUIRED', '{name} is required', array('name' => $fieldLabel)); $result->error($errorMessage, $fieldName); throw new ValidationException($result); } } } }
/** * standard SS function - we dont need to show the Wish List field in the CMS. */ function updateCMSFields(&$fields) { $fields->removeByName("WishList"); $member = Member::currentUser(); if ($member && $member->IsAdmin()) { $html = ""; $array = unserialize($this->owner->WishList); $links = array(); if (is_array($array) && count($array)) { foreach ($array as $item) { $object = DataObject::get_by_id($item[0], $item[1]); if ($object) { $links[] = "<a href=\"" . $object->Link() . "\">" . $object->Title . "</a>"; } else { $links[] = "error in retrieving object " . implode(", ", $item); } } } else { $links[] = "no items on wishlist"; } $html = "<ul><li>" . implode("</li><li>", $links) . "</li></ul>"; $field = new LiteralField("WishListOverview", $html); $fields->addFieldToTab("Root.WishList", $field); } else { $fields->removeByName("WishList"); } }
/** * If the flag has been set from the provided array, create a new * address and assign to the current user. * * @param $data Form data submitted */ private function save_address($data) { $member = Member::currentUser(); // If the user ticked "save address" then add to their account if ($member && array_key_exists('SaveAddress', $data) && $data['SaveAddress']) { // First save the details to the users account if they aren't set // We don't save email, as this is used for login $member->FirstName = $member->FirstName ? $member->FirstName : $data['FirstName']; $member->Surname = $member->Surname ? $member->Surname : $data['Surname']; $member->Company = $member->Company ? $member->Company : $data['Company']; $member->PhoneNumber = $member->PhoneNumber ? $member->PhoneNumber : $data['PhoneNumber']; $member->write(); $address = MemberAddress::create(); $address->Company = $data['Company']; $address->FirstName = $data['FirstName']; $address->Surname = $data['Surname']; $address->Address1 = $data['Address1']; $address->Address2 = $data['Address2']; $address->City = $data['City']; $address->PostCode = $data['PostCode']; $address->Country = $data['Country']; $address->OwnerID = $member->ID; $address->write(); } }
/** * @param Member $member * @return boolean */ public function canCreate($member = null) { if (!$member) { $member = Member::currentUser(); } return false || Permission::check('ADMIN', 'any', $member) || Permission::check('CMS_ACCESS_AdvancedReportsAdmin', 'any', $member); }
/** * @param string $token * @param string $password * @param string $password_confirmation * @throws InvalidResetPasswordTokenException * @throws EmptyPasswordException * @throws InvalidPasswordException * @throws PasswordMismatchException */ public function changePassword($token, $password, $password_confirmation) { $member = Member::currentUser(); if (!$member) { if (empty($token)) { throw new InvalidResetPasswordTokenException(); } $member = Member::member_from_autologinhash($token); } if (!$member) { throw new InvalidResetPasswordTokenException(); } if (empty($password)) { throw new EmptyPasswordException(); } if ($password !== $password_confirmation) { throw new PasswordMismatchException(); } $isValid = $member->changePassword($password); if (!$isValid->valid()) { throw new InvalidPasswordException($isValid->starredList()); } //invalidate former auto login token $member->generateAutologinTokenAndStoreHash(); //send confirmation email $email = EmailFactory::getInstance()->buildEmail(CHANGE_PASSWORD_EMAIL_FROM, $member->Email, CHANGE_PASSWORD_EMAIL_SUBJECT); $email->setTemplate('ChangedPasswordEmail'); $email->populateTemplate(array('MemberName' => $member->getFullName())); $email->send(); }
/** * @return mixed */ public function initialValue() { if (Member::currentUser()) { return Member::currentUser()->Email; } return ''; }
/** * Initialise the controller */ public function init() { parent::init(); if (!Member::currentUser() || !Member::currentUser()->IsAdmin()) { $this->redirect('cloud/index'); } }
function testAccessingStageWithBlankStage() { $this->useDraftSite(false); $this->autoFollowRedirection = false; $page = $this->objFromFixture('Page', 'draftOnlyPage'); if($member = Member::currentUser()) { $member->logOut(); } $response = $this->get($page->URLSegment . '?stage=Live'); $this->assertEquals($response->getStatusCode(), '404'); $response = $this->get($page->URLSegment . '?stage='); $this->assertEquals($response->getStatusCode(), '404'); // should be prompted for a login $response = $this->get($page->URLSegment . '?stage=Stage'); $this->assertEquals($response->getStatusCode(), '302'); $this->assertContains('Security/login', $response->getHeader('Location')); $this->logInWithPermission('ADMIN'); $response = $this->get($page->URLSegment . '?stage=Live'); $this->assertEquals($response->getStatusCode(), '404'); $response = $this->get($page->URLSegment . '?stage=Stage'); $this->assertEquals($response->getStatusCode(), '200'); $response = $this->get($page->URLSegment . '?stage='); $this->assertEquals($response->getStatusCode(), '404'); }
function __construct($controller, $name) { $org_field = null; $current_user = Member::currentUser(); $current_affiliations = $current_user->getCurrentAffiliations(); if (!$current_affiliations) { $org_field = new TextField('Organization', 'Your Organization Name'); } else { if (count($current_affiliations) > 1) { $source = array(); foreach ($current_affiliations as $a) { $org = $a->Organization(); $source[$org->ID] = $org->Name; } $source['0'] = "-- New One --"; $ddl = new DropdownField('OrgID', 'Your Organization', $source); $ddl->setEmptyString('-- Select Your Organization --'); $org_field = new FieldGroup(); $org_field->push($ddl); $org_field->push($txt = new TextField('Organization', '')); $txt->addExtraClass('new-org-name'); } else { $org_field = new TextField('Organization', 'Your Organization Name', $current_user->getOrgName()); } } $fields = new FieldList($org_field, new DropdownField('Industry', 'Your Organization’s Primary Industry', ArrayUtils::AlphaSort(DeploymentSurveyOptions::$industry_options, array('' => '-- Please Select One --'), array('Other' => 'Other Industry (please specify)'))), new TextareaField('OtherIndustry', 'Other Industry'), $org_it_activity = new TextareaField('ITActivity', 'Your Organization’s Primary IT Activity'), new LiteralField('Break', '<hr/>'), new LiteralField('Break', '<p>Your Organization’s Primary Location or Headquarters</p>'), $country = new DropdownField('PrimaryCountry', 'Country', CountryCodes::$iso_3166_countryCodes), new TextField('PrimaryState', 'State / Province / Region'), new TextField('PrimaryCity', 'City'), new DropdownField('OrgSize', 'Your Organization Size (All Branches, Locations, Sites)', DeploymentSurveyOptions::$organization_size_options), new CustomCheckboxSetField('OpenStackInvolvement', 'What best describes your Organization’s involvement with OpenStack?<BR>Select All That Apply', ArrayUtils::AlphaSort(DeploymentSurveyOptions::$openstack_involvement_options))); $org_it_activity->addExtraClass('hidden'); $country->setEmptyString('-- Select One --'); $nextButton = new FormAction('NextStep', ' Next Step '); $actions = new FieldList($nextButton); $validator = new RequiredFields(); Requirements::javascript('surveys/js/deployment_survey_yourorganization_form.js'); parent::__construct($controller, $name, $fields, $actions, $validator); }
protected function getMessageFromSession() { parent::getMessageFromSession(); if (($member = Member::currentUser()) && !$this->message) { $this->message = sprintf(_t('Member.LOGGEDINAS'), $member->FirstName); } }
/** * A simple form for creating blog entries */ function FrontEndPostForm() { if ($this->owner->request->latestParam('ID')) { $id = (int) $this->owner->request->latestParam('ID'); } else { $id = 0; } $membername = Member::currentUser() ? Member::currentUser()->getName() : ""; // Set image upload $uploadfield = UploadField::create('FeaturedImage', _t('BlogFrontEnd.ShareImage', "Share an image")); $uploadfield->setCanAttachExisting(false); $uploadfield->setCanPreviewFolder(false); $uploadfield->setAllowedFileCategories('image'); $uploadfield->relationAutoSetting = false; if (BlogFrontEnd::config()->allow_wysiwyg_editing) { $content_field = TrumbowygHTMLEditorField::create("Content", _t("BlogFrontEnd.Content")); } else { $content_field = TextareaField::create("Content", _t("BlogFrontEnd.Content")); } $form = new Form($this->owner, 'FrontEndPostForm', $fields = new FieldList(HiddenField::create("ID", "ID"), TextField::create("Title", _t('BlogFrontEnd.Title', "Title")), $uploadfield, $content_field), $actions = new FieldList(FormAction::create('doSavePost', _t('BlogFrontEnd.PostEntry', 'Post Entry'))), new RequiredFields('Title')); $uploadfield->setForm($form); if ($this->owner->Categories()->exists()) { $fields->add(CheckboxsetField::create("Categories", _t("BlogFrontEnd.PostUnderCategories", "Post this in a category? (optional)"), $this->owner->Categories()->map())); } if ($this->owner->Tags()->exists()) { $fields->add(CheckboxsetField::create("Categories", _t("BlogFrontEnd.AddTags", "Add a tag? (optional)"), $this->owner->Tags()->map())); } if ($id && ($post = BlogPost::get()->byID($id))) { $form->loadDataFrom($post); } $this->owner->extend("updateFrontEndPostForm", $form); return $form; }
/** * Constructor. * * @param Controller $controller * @param string $name method on the $controller * @param FieldList $fields * @param FieldList $actions * @param bool $checkCurrentUser - show logout button if logged in */ public function __construct($controller, $name, $fields = null, $actions = null, $checkCurrentUser = true) { parent::__construct($controller, $name, $fields, $actions, $checkCurrentUser); // will be used to get correct Link() $this->ldapSecController = Injector::inst()->create('LDAPSecurityController'); $usernameField = new TextField('Username', _t('Member.USERNAME', 'Username'), null, null, $this); $this->Fields()->replaceField('Email', $usernameField); $this->setValidator(new RequiredFields('Username', 'Password')); if (Security::config()->remember_username) { $usernameField->setValue(Session::get('SessionForms.MemberLoginForm.Email')); } else { // Some browsers won't respect this attribute unless it's added to the form $this->setAttribute('autocomplete', 'off'); $usernameField->setAttribute('autocomplete', 'off'); } // Users can't change passwords unless appropriate a LDAP user with write permissions is // configured the LDAP connection binding $this->Actions()->remove($this->Actions()->fieldByName('forgotPassword')); $allowPasswordChange = Config::inst()->get('LDAPService', 'allow_password_change'); if ($allowPasswordChange && $name != 'LostPasswordForm' && !Member::currentUser()) { $forgotPasswordLink = sprintf('<p id="ForgotPassword"><a href="%s">%s</a></p>', $this->ldapSecController->Link('lostpassword'), _t('Member.BUTTONLOSTPASSWORD', "I've lost my password")); $forgotPassword = new LiteralField('forgotPassword', $forgotPasswordLink); $this->Actions()->add($forgotPassword); } // Focus on the Username field when the page is loaded Requirements::block('MemberLoginFormFieldFocus'); $js = <<<JS \t\t\t(function() { \t\t\t\tvar el = document.getElementById("Username"); \t\t\t\tif(el && el.focus && (typeof jQuery == 'undefined' || jQuery(el).is(':visible'))) el.focus(); \t\t\t})(); JS; Requirements::customScript($js, 'LDAPLoginFormFieldFocus'); }
/** * Get the locale of the Member, or if we're not logged in or don't have a locale, use the default one * @return string */ protected function locale() { if (($member = Member::currentUser()) && $member->Locale) { return $member->Locale; } return i18n::get_locale(); }
/** * Taken from MemberLoginForm::__construct with minor changes */ public function __construct($controller, $name, $fields = null, $actions = null, $checkCurrentUser = true) { $customCSS = project() . '/css/member_login.css'; if (Director::fileExists($customCSS)) { Requirements::css($customCSS); } if (isset($_REQUEST['BackURL'])) { $backURL = $_REQUEST['BackURL']; } else { $backURL = Session::get('BackURL'); } if ($checkCurrentUser && Member::currentUser() && Member::logged_in_session_exists()) { $fields = new FieldList(new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this)); $actions = new FieldList(new FormAction("logout", _t('Member.BUTTONLOGINOTHER', "Log in as someone else"))); } else { if (!$fields) { $fields = new FieldList(new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this)); } if (!$actions) { $actions = new FieldList(new FormAction('dologin', _t('GoogleAuthenticator.BUTTONLOGIN', "Log in with Google"))); } } if (isset($backURL)) { $fields->push(new HiddenField('BackURL', 'BackURL', $backURL)); } // Allow GET method for callback $this->setFormMethod('GET', true); parent::__construct($controller, $name, $fields, $actions); }
/** * Change the password * * @param array $data The user submitted data * @return SS_HTTPResponse */ public function doChangePassword(array $data) { if ($member = Member::currentUser()) { // The user was logged in, check the current password if (empty($data['OldPassword']) || !$member->checkPassword($data['OldPassword'])->valid()) { $this->clearMessage(); $this->sessionMessage(_t('Member.ERRORPASSWORDNOTMATCH', "Your current password does not match, please try again"), "bad"); // redirect back to the form, instead of using redirectBack() which could send the user elsewhere. return $this->controller->redirect($this->controller->Link('changepassword')); } } if (!$member) { if (Session::get('AutoLoginHash')) { $member = Member::member_from_autologinhash(Session::get('AutoLoginHash')); } // The user is not logged in and no valid auto login hash is available if (!$member) { Session::clear('AutoLoginHash'); return $this->controller->redirect($this->controller->Link('login')); } } // Check the new password if (empty($data['NewPassword1'])) { $this->clearMessage(); $this->sessionMessage(_t('Member.EMPTYNEWPASSWORD', "The new password can't be empty, please try again"), "bad"); // redirect back to the form, instead of using redirectBack() which could send the user elsewhere. return $this->controller->redirect($this->controller->Link('changepassword')); } else { if ($data['NewPassword1'] == $data['NewPassword2']) { $isValid = $member->changePassword($data['NewPassword1']); if ($isValid->valid()) { $member->logIn(); // TODO Add confirmation message to login redirect Session::clear('AutoLoginHash'); // Clear locked out status $member->LockedOutUntil = null; $member->FailedLoginCount = null; $member->write(); if (!empty($_REQUEST['BackURL']) && Director::is_site_url($_REQUEST['BackURL'])) { $url = Director::absoluteURL($_REQUEST['BackURL']); return $this->controller->redirect($url); } else { // Redirect to default location - the login form saying "You are logged in as..." $redirectURL = HTTP::setGetVar('BackURL', Director::absoluteBaseURL(), $this->controller->Link('login')); return $this->controller->redirect($redirectURL); } } else { $this->clearMessage(); $this->sessionMessage(_t('Member.INVALIDNEWPASSWORD', "We couldn't accept that password: {password}", array('password' => nl2br("\n" . $isValid->starredList()))), "bad"); // redirect back to the form, instead of using redirectBack() which could send the user elsewhere. return $this->controller->redirect($this->controller->Link('changepassword')); } } else { $this->clearMessage(); $this->sessionMessage(_t('Member.ERRORNEWPASSWORD', "You have entered your new password differently, try again"), "bad"); // redirect back to the form, instead of using redirectBack() which could send the user elsewhere. return $this->controller->redirect($this->controller->Link('changepassword')); } } }
/** * @todo fix this BIG mess. */ public static function postFacebook($message, $link = null, $impression = null) { $member = Member::currentUser(); $postresult = false; $SiteConfig = SiteConfig::current_site_config(); if ($member && $SiteConfig->FBAppID && $SiteConfig->FBSecret) { if ($link == null) { $link = Director::absoluteBaseURL(); } $page = '/' . $SiteConfig->FBPageID . '/feed'; $facebook = new Facebook(array('appId' => $SiteConfig->FBAppID, 'secret' => $SiteConfig->FBSecret)); $token = $facebook->api('/me/accounts'); foreach ($token['data'] as $pages) { if ($pages['id'] == $SiteConfig->FBPageID) { $facebook->setAccessToken($pages['access_token']); $verified = true; break; } } if ($verified) { $data = array('message' => $message, 'link' => $link, 'picture' => $impression); $postresult = $facebook->api($page, 'post', $data); } } return $postresult; }
/** * @param array $data * @return SS_HTTPResponse|void */ function doChangePassword(array $data) { try { $token = Session::get('AutoLoginHash'); $this->password_manager->changePassword($token, @$data['NewPassword1'], @$data['NewPassword2']); $member = Member::currentUser(); if (!$member) { if (empty($token)) { throw new InvalidResetPasswordTokenException(); } $member = Member::member_from_autologinhash($token); } Session::clear('AutoLoginHash'); $back_url = isset($_REQUEST['BackURL']) ? $_REQUEST['BackURL'] : '/'; return OpenStackIdCommon::loginMember($member, $back_url); } catch (InvalidResetPasswordTokenException $ex1) { Session::clear('AutoLoginHash'); Controller::curr()->redirect('login'); } catch (EmptyPasswordException $ex2) { $this->clearMessage(); $this->sessionMessage(_t('Member.EMPTYNEWPASSWORD', "The new password can't be empty, please try again"), "bad"); Controller::curr()->redirectBack(); } catch (PasswordMismatchException $ex3) { $this->clearMessage(); $this->sessionMessage(_t('Member.ERRORNEWPASSWORD', "You have entered your new password differently, try again"), "bad"); Controller::curr()->redirectBack(); } catch (InvalidPasswordException $ex4) { $this->clearMessage(); $this->sessionMessage(sprintf(_t('Member.INVALIDNEWPASSWORD', "We couldn't accept that password: %s"), nl2br("\n" . $ex4->getMessage())), "bad"); Controller::curr()->redirectBack(); } }
public function canCreate($member = null) { if (!$member) { $member = Member::currentUser(); } return $member->ID > 0; }
public function canEdit($member = null) { if (!$member) { $member = Member::currentUser(); } return Permission::checkMember($member, array('CMS_ACCESS_AssetAdmin', 'CMS_ACCESS_LeftAndMain')); }
/** * This page can only be seen by logged in users * This feature could be enhanced (e.g. only allowing for certain groups) * by subclassing this page * @param Member * @return boolean */ public function canView($member = null) { $o = $this->owner; //strangely it seems that the member is passed as int sometimes? //these lines should fix that if (is_int($member)) { $member = Member::get()->filter('ID', $member)->first(); } if (!$member) { $member = Member::currentUser(); } if ($member) { if ($groups = $o->DictatedViewerGroups()) { //if specific viewer groups have been defined, we'll //only give access to thos groups return $member->inGroups($groups); } else { //if no specific viewer groups ahve been defined, //we'll give access to all logged in users return true; } } else { return false; } }
function getCMSFields() { Requirements::javascript('blog/javascript/bbcodehelp.js'); Requirements::themedCSS('bbcodehelp'); $firstName = Member::currentUser() ? Member::currentUser()->FirstName : ''; $codeparser = new BBCodeParser(); $fields = parent::getCMSFields(); if(!self::$allow_wysiwyg_editing) { $fields->removeFieldFromTab("Root.Content.Main","Content"); $fields->addFieldToTab("Root.Content.Main", new TextareaField("Content", _t("BlogEntry.CN", "Content"), 20)); } $fields->addFieldToTab("Root.Content.Main", new PopupDateTimeField("Date", _t("BlogEntry.DT", "Date")),"Content"); $fields->addFieldToTab("Root.Content.Main", new TextField("Author", _t("BlogEntry.AU", "Author"), $firstName),"Content"); if(!self::$allow_wysiwyg_editing) { $fields->addFieldToTab("Root.Content.Main", new LiteralField("BBCodeHelper", "<div id='BBCode' class='field'>" . "<a id=\"BBCodeHint\" target='new'>" . _t("BlogEntry.BBH", "BBCode help") . "</a>" . "<div id='BBTagsHolder' style='display:none;'>".$codeparser->useable_tagsHTML()."</div></div>")); } $fields->addFieldToTab("Root.Content.Main", new TextField("Tags", _t("BlogEntry.TS", "Tags (comma sep.)")),"Content"); return $fields; }
function testDeleteLink() { $post = $this->objFromFixture('Post', 'Post1'); // should be false since we're not logged in. if ($member = Member::currentUser()) { $member->logOut(); } $this->assertFalse($post->EditLink()); // logged in as the member. Should be able to delete it $member = $this->objFromFixture('Member', 'test1'); $member->logIn(); $this->assertContains($post->Thread()->URLSegment . '/deletepost/' . $post->ID, $post->DeleteLink()); // because this is the first post test for the class which is used in javascript $this->assertContains("class=\"deleteLink firstPost\"", $post->DeleteLink()); $member->logOut(); // log in as another member who is not in a position to delete this post $member = $this->objFromFixture('Member', 'test2'); $member->logIn(); $this->assertFalse($post->DeleteLink()); // log in as someone who can moderator this post (and therefore delete it) $member = $this->objFromFixture('Member', 'moderator'); $member->logIn(); // should be able to edit post since they're moderators $this->assertContains($post->Thread()->URLSegment . '/deletepost/' . $post->ID, $post->DeleteLink()); // test that a 2nd post doesn't have the first post ID hook $memberOthersPost = $this->objFromFixture('Post', 'Post2'); $this->assertFalse(strstr($memberOthersPost->DeleteLink(), "firstPost")); }
function submit($data, $form) { $member = Member::currentUser(); if (!$member || !$member->inGroup("ADMIN")) { $form->setMessage("You need to be logged as an admin to send this email.", "bad"); return Controller::curr()->redirectBack(); } $data = Convert::raw2sql($data); $page = null; if (isset($data["ModuleProductID"])) { $page = ModuleProduct::get()->byID(intval($data["ModuleProductID"])); } if (!$page) { $form->setMessage("Can not find the right page for saving this email.", "bad"); return Controller::curr()->redirectBack(); } $email = new ModuleProductEmail(); $form->saveInto($email); $email->write(); if (Director::is_ajax()) { return "mail sent!"; } else { return Controller::curr()->redirect($page->Link()); } }