protected function executeImpl(kshow $kshow, entry &$entry)
{
$this->res = "";
$likuser_id = $this->getLoggedInUserId();
if ($likuser_id != $entry->getKuserId()) {
// ERROR - attempting to update an entry which doesnt belong to the user
return "<xml>!</xml>";
//$this->securityViolation( $kshow->getId() );
}
$name = @$_GET["RoughcutName"];
$entry->setName($name);
$entry->save();
//myEntryUtils::createWidgetImage($entry, false);
$this->name = $name;
}
/**
* Throws an error if the non-onwer session user is trying to update entitledPusersEdit or entitledPusersPublish
*
* @param KalturaBaseEntry $entry
* @param entry $dbEntry
*/
protected function validateEntitledUsersUpdate(KalturaBaseEntry $entry, entry $dbEntry)
{
if (!$this->getKs() || !$this->getKs()->isAdmin()) {
//non owner cannot change entitledUsersEdit and entitledUsersPublish
if ($this->getKuser()->getId() != $dbEntry->getKuserId()) {
if ($entry->entitledUsersEdit !== null && strtolower($entry->entitledUsersEdit) != strtolower($dbEntry->getEntitledPusersEdit())) {
throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE));
}
if ($entry->entitledUsersPublish !== null && strtolower($entry->entitledUsersPublish) != strtolower($dbEntry->getEntitledPusersPublish())) {
throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE));
}
}
}
}
/**
* Sets the valid user for the entry
* Throws an error if the session user is trying to update entry to another user and not using an admin session
*
* @param KalturaBaseEntry $entry
* @param entry $dbEntry
*/
protected function checkAndSetValidUserUpdate(KalturaBaseEntry $entry, entry $dbEntry)
{
KalturaLog::debug("DB puser id [" . $dbEntry->getPuserId() . "] kuser id [" . $dbEntry->getKuserId() . "]");
// user id not being changed
if ($entry->userId === null) {
KalturaLog::debug("entry->userId is null, not changing user");
return;
}
if (!$this->getKs() || !$this->getKs()->isAdmin()) {
$entryPuserId = $dbEntry->getPuserId();
// non admin cannot change the owner of an existing entry
if (strtolower($entry->userId) != strtolower($entryPuserId)) {
KalturaLog::debug('API entry userId [' . $entry->userId . '], DB entry userId [' . $entryPuserId . '] - change required but KS is not admin');
throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE));
}
}
// need to create kuser if this is an admin changing the owner of the entry to a different user
$kuser = kuserPeer::createKuserForPartner($dbEntry->getPartnerId(), $entry->userId);
KalturaLog::debug("Set kuser id [" . $kuser->getId() . "] line [" . __LINE__ . "]");
$dbEntry->setKuserId($kuser->getId());
}
/**
* Indicates that the KS user is the owner of the entry
* @return bool
*/
protected function isKsUserOwnsEntry()
{
return !$this->isKsWidget() && $this->ks && $this->entry && $this->entry->getKuserId() == $this->ks->getKuserId();
}
/**
* Executes addComment action, which returns a form enabling the insertion of a comment
* The request may include 1 fields: entry id.
*/
protected function executeImpl(kshow $kshow, entry &$entry)
{
$kshow_id = $kshow->getId();
if ($this->partner_id != null) {
// this part overhere should be in a more generic place - part of the services
$multiple_roghcuts = Partner::allowMultipleRoughcuts($this->partner_id);
$likuser_id = $this->getLoggedInUserId();
} else {
// is the logged-in-user is not an admin or the producer - check if show can be published
$likuser_id = $this->getLoggedInUserId();
$multiple_roghcuts = true;
}
if (!$likuser_id) {
return $this->securityViolation($kshow->getId());
}
$isIntro = $kshow->getIntroId() == $entry->getId();
if ($multiple_roghcuts) {
// create a new entry in two cases:
// 1. the user saving the roughcut isnt the owner of the entry
// 2. the entry is an intro and the current entry is not show (probably an image or video)
if ($entry->getKuserId() != $likuser_id || $isIntro && $entry->getMediaType() != entry::ENTRY_MEDIA_TYPE_SHOW) {
// TODO: add security check to whether multiple roughcuts are allowed
// create a new roughcut entry by cloning the original entry
$entry = myEntryUtils::deepClone($entry, $kshow_id, false);
$entry->setKuserId($likuser_id);
$entry->setCreatorKuserId($likuser_id);
$entry->setCreatedAt(time());
$entry->setMediaType(entry::ENTRY_MEDIA_TYPE_SHOW);
$entry->save();
}
}
/*
$viewer_type = myKshowUtils::getViewerType($kshow, $likuser_id);
if ( $viewer_type != KshowKuser::KSHOWKUSER_VIEWER_PRODUCER && ( ! $kshow->getCanPublish() ) )
{
// ERROR - attempting to publish a non-publishable show
return $this->securityViolation( $kshow->getId() );
}
*/
$this->xml_content = "<xml><EntryID>" . $entry->getId() . "</EntryID></xml>";
if ($isIntro) {
$kshow->setIntroId($entry->getId());
} else {
$kshow->setShowEntryId($entry->getId());
$has_roughcut = @$_REQUEST["HasRoughCut"];
if ($has_roughcut === "0") {
$kshow->setHasRoughcut(false);
$kshow->save();
return;
}
}
$content = @$_REQUEST["xml"];
$update_kshow = false;
if ($content != NULL) {
list($xml_content, $this->comments, $update_kshow) = myMetadataUtils::setMetadata($content, $kshow, $entry);
// Send an email alert to producer
if ($kshow->getProducerId() != $likuser_id) {
// don't send producer alerts when the producer is the editor
alertPeer::sendEmailIfNeeded($kshow->getProducerId(), alert::KALTURAS_PRODUCED_ALERT_TYPE_ROUGHCUT_CREATED, array('screenname' => $this->getUser()->getAttribute('screenname'), 'kshow_name' => $kshow->getName(), 'kshow_id' => $kshow->getId()));
}
// TODO: efficiency: see if there is a wa to search for contributors based on some other method than full entry table scan
// Send email alerts to contributors
$c = new Criteria();
$c->add(entryPeer::KSHOW_ID, $kshow_id);
$c->add(entryPeer::KUSER_ID, $likuser_id, Criteria::NOT_EQUAL);
// the current user knows they just edited
$c->addAnd(entryPeer::KUSER_ID, $kshow->getProducerId(), Criteria::NOT_EQUAL);
// the producer knows they just edited
$c->add(entryPeer::TYPE, entryType::MEDIA_CLIP);
$c->addGroupByColumn(entryPeer::KUSER_ID);
$entries = entryPeer::doSelect($c);
$already_received_alert_array = array();
foreach ($entries as $entry) {
alertPeer::sendEmailIfNeeded($entry->getKuserId(), alert::KALTURAS_PARTOF_ALERT_TYPE_ROUGHCUT_CREATED, array('screenname' => $this->getUser()->getAttribute('screenname'), 'kshow_name' => $kshow->getName(), 'kshow_id' => $kshow->getId()));
$already_received_alert_array[$entry->getKuserId()] = true;
}
// send email alert to subscribers
$c = new Criteria();
$c->add(KshowKuserPeer::KSHOW_ID, $kshow_id);
//only subsribers of this show
$c->add(KshowKuserPeer::KUSER_ID, $likuser_id, Criteria::NOT_EQUAL);
// the current user knows they just edited
$c->add(KshowKuserPeer::SUBSCRIPTION_TYPE, KshowKuser::KSHOW_SUBSCRIPTION_NORMAL);
// this table stores other relations too
$subscriptions = KshowKuserPeer::doSelect($c);
foreach ($subscriptions as $subscription) {
if (!isset($already_received_alert_array[$subscription->getKuserId()])) {
// don't send emails to subscribed users who are also contributors
alertPeer::sendEmailIfNeeded($subscription->getKuserId(), alert::KALTURAS_SUBSCRIBEDTO_ALERT_TYPE_ROUGHCUT_CREATED, array('screenname' => $this->getUser()->getAttribute('screenname'), 'kshow_name' => $kshow->getName(), 'kshow_id' => $kshow->getId()));
}
}
if ($this->debug) {
return "text/html; charset=utf-8";
}
} else {
$this->comments = "";
// if there is no xml - receive it from the user
$this->debug = true;
$file_name = myContentStorage::getFSContentRootPath() . "/" . $entry->getDataPath();
//$this->xml_content = kFile::getFileContent( $file_name );
return "text/html; charset=utf-8";
}
}
/**
* @param entry $dbEntry
* @return bool if current user is admin / entyr owner / co-editor
*/
public static function validateUserEntitledForQuizEdit(entry $dbEntry)
{
if (kCurrentContext::$is_admin_session || kCurrentContext::getCurrentKsKuserId() == $dbEntry->getKuserId()) {
return true;
}
$entitledKusers = QuizPlugin::getObjectIdsAsArray($dbEntry->getEntitledKusersEdit());
if (in_array(kCurrentContext::getCurrentKsKuserId(), $entitledKusers)) {
return true;
}
return false;
}
/**
* Throws an error if the user is trying to update entry that doesn't belong to him and the session is not admin
*
* @param entry $dbEntry
*/
protected function checkIfUserAllowedToUpdateEntry(entry $dbEntry)
{
// if session is not admin, but privileges are
// edit:* or edit:ENTRY_ID or editplaylist:PLAYLIST_ID
// edit is allowed
if (!$this->getKs() || !$this->getKs()->isAdmin()) {
// check if wildcard on 'edit'
if ($this->getKs()->verifyPrivileges(ks::PRIVILEGE_EDIT, ks::PRIVILEGE_WILDCARD)) {
return;
}
// check if entryID on 'edit'
if ($this->getKs()->verifyPrivileges(ks::PRIVILEGE_EDIT, $dbEntry->getId())) {
return;
}
//
if ($this->getKs()->verifyPlaylistPrivileges(ks::PRIVILEGE_EDIT_ENTRY_OF_PLAYLIST, $dbEntry->getId(), $this->getPartnerId())) {
return;
}
}
// if user is not the entry owner, and the KS is user type - do not allow update
if ($dbEntry->getKuserId() != $this->getKuser()->getId() && (!$this->getKs() || !$this->getKs()->isAdmin())) {
throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE));
}
}
/**
* Returns true if kuser or current kuser is entitled to entryId
* @param entry $entry
* @param int $kuser
* @return bool
*/
public static function isEntryEntitled(entry $entry, $kuserId = null)
{
$ks = ks::fromSecureString(kCurrentContext::$ks);
// entry is entitled when entitlement is disable
// for actions with no ks - need to check if partner have default entitlement feature enable.
if (!self::getEntitlementEnforcement() && $ks) {
KalturaLog::debug('Entry entitled: entitlement disabled');
return true;
}
$partner = $entry->getPartner();
if (!$ks && !$partner->getDefaultEntitlementEnforcement()) {
KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: no ks and default is with no enforcement');
return true;
}
if ($ks && $ks->isWidgetSession() && $ks->getDisableEntitlementForEntry() == $entry->getId()) {
KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: widget session that disble entitlement for this entry');
return true;
}
$allCategoriesEntry = categoryEntryPeer::retrieveActiveAndPendingByEntryId($entry->getId());
$categories = array();
foreach ($allCategoriesEntry as $categoryEntry) {
$categories[] = $categoryEntry->getCategoryId();
}
//if entry doesn't belong to any category.
$categories[] = category::CATEGORY_ID_THAT_DOES_NOT_EXIST;
$c = KalturaCriteria::create(categoryPeer::OM_CLASS);
$c->add(categoryPeer::ID, $categories, Criteria::IN);
$privacy = array(PrivacyType::ALL);
if ($ks && !$ks->isWidgetSession()) {
$privacy[] = PrivacyType::AUTHENTICATED_USERS;
}
$crit = $c->getNewCriterion(categoryPeer::PRIVACY, $privacy, Criteria::IN);
$ksPrivacyContexts = null;
// entry that doesn't belong to any category is public
//when ks is not provided - the entry is still public (for example - download action)
$categoryEntries = categoryEntryPeer::retrieveActiveByEntryId($entry->getId());
if (!count($categoryEntries) && !$ks) {
KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: entry does not belong to any category');
return true;
}
if ($ks) {
$ksPrivacyContexts = $ks->getPrivacyContext();
if (!$ksPrivacyContexts || trim($ksPrivacyContexts) == '') {
$ksPrivacyContexts = self::DEFAULT_CONTEXT . $partner->getId();
if (!count($allCategoriesEntry)) {
// entry that doesn't belong to any category is public
KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: entry does not belong to any category and privacy context on the ks is not set');
return true;
}
}
$c->add(categoryPeer::PRIVACY_CONTEXTS, $ksPrivacyContexts, KalturaCriteria::IN_LIKE);
if (!$kuserId) {
$partnerId = kCurrentContext::$partner_id ? kCurrentContext::$partner_id : kCurrentContext::$ks_partner_id;
$kuser = kuserPeer::getKuserByPartnerAndUid($partnerId, kCurrentContext::$ks_uid, true);
if ($kuser) {
$kuserId = $kuser->getId();
}
}
if ($kuserId) {
// kuser is set on the entry as creator or uploader
if ($kuserId != '' && $entry->getKuserId() == $kuserId) {
KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: ks user is the same as entry->kuserId or entry->creatorKuserId [' . $kuserId . ']');
return true;
}
// kuser is set on the entry entitled users edit or publish
$entitledKusers = array_merge(explode(',', $entry->getEntitledKusersEdit()), explode(',', $entry->getEntitledKusersPublish()));
if (in_array($kuserId, $entitledKusers)) {
KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: ks user is the same as entry->entitledKusersEdit or entry->entitledKusersPublish');
return true;
}
}
// kuser is set on the category as member
// this ugly code is temporery - since we have a bug in sphinxCriteria::getAllCriterionFields
if ($kuserId) {
$membersCrit = $c->getNewCriterion(categoryPeer::MEMBERS, $kuserId, Criteria::LIKE);
$membersCrit->addOr($crit);
$crit = $membersCrit;
}
} else {
//no ks = set privacy context to default.
$c->add(categoryPeer::PRIVACY_CONTEXTS, array(self::DEFAULT_CONTEXT . $partner->getId()), KalturaCriteria::IN_LIKE);
}
$c->addAnd($crit);
//remove default FORCED criteria since categories that has display in search = public - doesn't mean that all of their entries are public
KalturaCriterion::disableTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY);
$category = categoryPeer::doSelectOne($c);
KalturaCriterion::restoreTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY);
if ($category) {
KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: ks user is a member of this category or category privacy is set to public of authenticated');
return true;
}
KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] not entitled');
return false;
}
protected function executeImpl(kshow $kshow, entry &$entry)
{
$this->res = "";
$likuser_id = $this->getLoggedInUserId();
// if we allow multiple rouchcuts - there is no reason for one suer to override someone else's thumbnail
if ($this->allowMultipleRoughcuts()) {
if ($likuser_id != $entry->getKuserId()) {
// ERROR - attempting to update an entry which doesnt belong to the user
return "<xml>!!</xml>";
//$this->securityViolation( $kshow->getId() );
}
}
$debug = @$_GET["debug"];
/*
$kshow_id = @$_GET["kshow_id"];
$debug = @$_GET["debug"];
$this->kshow_id = $kshow_id;
if ( $kshow_id == NULL || $kshow_id == 0 ) return;
$kshow = kshowPeer::retrieveByPK( $kshow_id );
if ( ! $kshow )
{
$this->res = "No kshow " . $kshow_id ;
return;
}
// is the logged-in-user is not an admin or the producer - check if show can be published
$likuser_id = $this->getLoggedInUserId();
$viewer_type = myKshowUtils::getViewerType($kshow, $likuser_id);
if ( $viewer_type != KshowKuser::KSHOWKUSER_VIEWER_PRODUCER && ( ! $kshow->getCanPublish() ) )
{
// ERROR - attempting to publish a non-publishable show
return "<xml>!</xml>";//$this->securityViolation( $kshow->getId() );
}
// ASSUME - the kshow & roughcut already exist
$show_entry_id = $kshow->getShowEntryId();
$roughcut = entryPeer::retrieveByPK( $show_entry_id );
$roughcut = entryPeer::retrieveByPK( $entry_id );
if ( ! $roughcut)
{
$this->res = "No roughcut for kshow " . $kshow->getId() ;
return;
}
*/
// echo "for entry: $show_entry_id current thumb path: " . $entry->getThumbnail() ;
$entry->setThumbnail(".jpg");
$entry->setCreateThumb(false);
$entry->save();
//$thumb_data = $_REQUEST["ThumbData"];
if (isset($HTTP_RAW_POST_DATA)) {
$thumb_data = $HTTP_RAW_POST_DATA;
} else {
$thumb_data = file_get_contents("php://input");
}
// $thumb_data = $GLOBALS["HTTP_RAW_POST_DATA"];
$thumb_data_size = strlen($thumb_data);
$bigThumbPath = myContentStorage::getFSContentRootPath() . $entry->getBigThumbnailPath();
kFile::fullMkdir($bigThumbPath);
kFile::setFileContent($bigThumbPath, $thumb_data);
$path = myContentStorage::getFSContentRootPath() . $entry->getThumbnailPath();
kFile::fullMkdir($path);
myFileConverter::createImageThumbnail($bigThumbPath, $path);
$roughcutPath = myContentStorage::getFSContentRootPath() . $entry->getDataPath();
$xml_doc = new KDOMDocument();
$xml_doc->load($roughcutPath);
if (myMetadataUtils::updateThumbUrl($xml_doc, $entry->getBigThumbnailUrl())) {
$xml_doc->save($roughcutPath);
}
$this->res = $entry->getBigThumbnailUrl();
}
public static function deleteEntry(entry $entry)
{
$kshow = $entry->getkshow();
if ($kshow) {
$v = $kshow->getEntries();
self::dec($v);
$kshow->setEntries($v);
$c = new Criteria();
myCriteria::addComment($c, __METHOD__);
$c->add(entryPeer::KSHOW_ID, $entry->getKshowId());
$c->add(entryPeer::KUSER_ID, $entry->getKuserId());
$c->setLimit(2);
$res = entryPeer::doCount($c);
if ($res == 1) {
// if $res > 1 - this kuser contributed more than one entry, deleting this one should still leave him a contributor
// if $res < 1 - this kuser never contributed - strange! but no need to dec the contributors
// kuser did contribute to this kshow - decrement
$v = $kshow->getContributors();
self::dec($v);
$kshow->setContributors($v);
}
$kuser = $entry->getkuser();
if ($kuser) {
$v = $kuser->getEntries();
self::dec($v);
$kuser->setEntries($v);
}
self::add($kshow);
self::add($kuser);
}
}
/**
* @param entry $dbEntry
* @return bool if current user is admin / entry's owner / co-editor
*/
public static function isEntitledForEditEntry(entry $dbEntry)
{
if (kCurrentContext::$is_admin_session || kCurrentContext::getCurrentKsKuserId() == $dbEntry->getKuserId()) {
return true;
}
return $dbEntry->isEntitledKuserEdit(kCurrentContext::getCurrentKsKuserId());
}
