public function setUp()
{
$this->user = $this->prophesize(Users::class);
$this->timedRecord = $this->prophesize(TimedRecord::class);
$this->schemaManager = $this->prophesize(SchemaManagerInterface::class);
$this->urlGenerator = $this->prophesize(UrlGeneratorInterface::class);
$this->flashLogger = $this->prophesize(FlashLoggerInterface::class);
$this->passwordFactory = $this->prophesize(PasswordFactory::class);
$this->listener = new StorageEventListener($this->timedRecord->reveal(), $this->schemaManager->reveal(), $this->urlGenerator->reveal(), $this->flashLogger->reveal(), $this->passwordFactory->reveal(), 5, false);
$this->storageEvent = $this->prophesize(StorageEvent::class);
}
/**
* Build a valid AJAX response for in-place saves that account for pre/post
* save events.
*
* @param Entity\Content $content
* @param boolean $flush
*
* @return JsonResponse
*/
private function createJsonUpdate(Entity\Content $content, $flush)
{
/*
* Flush any buffers from saveConent() dispatcher hooks
* and make sure our JSON output is clean.
*
* Currently occurs due to exceptions being generated in the dispatchers
* in \Bolt\Storage::saveContent()
* StorageEvents::PRE_SAVE
* StorageEvents::POST_SAVE
*/
if ($flush) {
Response::closeOutputBuffers(0, false);
}
$val = $content->toArray();
if (isset($val['datechanged'])) {
$val['datechanged'] = (new Carbon($val['datechanged']))->toIso8601String();
}
// Adjust decimal point as some locales use a comma and… JavaScript
$lc = localeconv();
$fields = $this->config->get('contenttypes/' . $content->getContenttype() . '/fields');
foreach ($fields as $key => $values) {
if ($values['type'] === 'float' && $lc['decimal_point'] === ',') {
$val[$key] = str_replace('.', ',', $val[$key]);
}
}
// Unset flashbag for ajax
$this->loggerFlash->clear();
return new JsonResponse($val);
}
/**
* Do the edit form for a record.
*
* @param Content $content A content record
* @param array $contentType The contenttype data
* @param boolean $duplicate If TRUE create a duplicate record
*
* @return array
*/
public function action(Content $content, array $contentType, $duplicate)
{
$contentTypeSlug = $contentType['slug'];
$new = $content->getId() === null ?: false;
$oldStatus = $content->getStatus();
$allStatuses = ['published', 'held', 'draft', 'timed'];
$allowedStatuses = [];
foreach ($allStatuses as $status) {
if ($this->users->isContentStatusTransitionAllowed($oldStatus, $status, $contentTypeSlug, $content->getId())) {
$allowedStatuses[] = $status;
}
}
// For duplicating a record, clear base field values.
if ($duplicate) {
$content->setId('');
$content->setSlug('');
$content->setDatecreated('');
$content->setDatepublish('');
$content->setDatedepublish(null);
$content->setDatechanged('');
$content->setUsername('');
$content->setOwnerid('');
$this->loggerFlash->info(Trans::__('contenttypes.generic.duplicated-finalize', ['%contenttype%' => $contentTypeSlug]));
}
// Set the users and the current owner of this content.
if ($new || $duplicate) {
// For brand-new and duplicated items, the creator becomes the owner.
$contentowner = $this->users->getCurrentUser();
} else {
// For existing items, we'll just keep the current owner.
$contentowner = $this->users->getUser($content->getOwnerid());
}
// Test write access for uploadable fields.
$contentType['fields'] = $this->setCanUpload($contentType['fields']);
$templateFields = $content->getTemplatefields();
if ($templateFields && ($templateFieldsData = $templateFields->getContenttype()->getFields())) {
$this->setCanUpload($templateFields->getContenttype());
}
// Build context for Twig.
$contextCan = ['upload' => $this->users->isAllowed('files:uploads'), 'publish' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':publish:' . $content->getId()), 'depublish' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':depublish:' . $content->getId()), 'change_ownership' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':change-ownership:' . $content->getId())];
$contextHas = ['incoming_relations' => count($content->getRelation()->incoming($content)), 'relations' => isset($contentType['relations']), 'tabs' => $contentType['groups'] !== false, 'taxonomy' => isset($contentType['taxonomy']), 'templatefields' => empty($templateFieldsData) ? false : true];
$contextValues = ['datepublish' => $this->getPublishingDate($content->getDatepublish(), true), 'datedepublish' => $this->getPublishingDate($content->getDatedepublish())];
$context = ['contenttype' => $contentType, 'content' => $content, 'allowed_status' => $allowedStatuses, 'contentowner' => $contentowner, 'fields' => $this->config->fields->fields(), 'fieldtemplates' => $this->getTempateFieldTemplates($contentType, $content), 'fieldtypes' => $this->getUsedFieldtypes($contentType, $content, $contextHas), 'groups' => $this->createGroupTabs($contentType, $contextHas), 'can' => $contextCan, 'has' => $contextHas, 'values' => $contextValues, 'relations_list' => $this->getRelationsList($contentType)];
return $context;
}
/**
* Run the create/alter query.
*
* @param string $tableName
* @param string $query
*
* @return \Doctrine\DBAL\Driver\Statement|null
*/
protected function runQuery($tableName, $query)
{
try {
return $this->connection->query($query);
} catch (DBALException $e) {
$this->loggerSystem->critical($e->getMessage(), ['event' => 'exception', 'exception' => $e]);
$this->loggerFlash->error(Trans::__('An error occured while updating `%TABLE%`. The error is %ERROR%', ['%TABLE%' => $tableName, '%ERROR%' => $e->getMessage()]));
}
}
/**
* Trigger database schema checks if required.
*
* @param GetResponseEvent $event
*/
protected function schemaCheck(GetResponseEvent $event)
{
$session = $event->getRequest()->getSession();
$validSession = $session->isStarted() && $session->get('authentication');
$expired = $this->schemaManager->isCheckRequired();
if ($validSession && $expired && $this->schemaManager->isUpdateRequired()) {
$msg = Trans::__("The database needs to be updated/repaired. Go to 'Configuration' > '<a href=\"%link%\">Check Database</a>' to do this now.", ['%link%' => $this->urlGenerator->generate('dbcheck')]);
$this->loggerFlash->error($msg);
}
}
/**
* Log out the currently logged in user.
*
* @return boolean
*/
public function revokeSession()
{
$this->flashLogger->info(Trans::__('You have been logged out.'));
// Remove all auth tokens when logging off a user
if ($sessionAuth = $this->session->get('authentication')) {
$this->repositoryAuthtoken->deleteTokens($sessionAuth->getUser()->getUsername());
}
$this->session->remove('authentication');
$this->session->migrate(true);
return false;
}
/**
* Transition a record's owner if permitted.
*
* @param Content $entity
* @param integer $ownerId
*/
protected function transistionRecordOwner(Content $entity, $ownerId)
{
$recordId = $entity->getId();
$contentTypeName = (string) $entity->getContenttype();
$canChangeOwner = $this->users->isAllowed("contenttype:{$contentTypeName}:change-ownership:{$recordId}");
if (!$canChangeOwner) {
$this->loggerFlash->error(Trans::__('general.access-denied.content-not-modified', ['%title%' => $entity->getTitle()]));
return;
}
$entity->setOwnerid($ownerId);
$entity->_modified = true;
}
/**
* Trigger database schema checks if required.
*
* @param GetResponseEvent $event
*/
protected function schemaCheck(GetResponseEvent $event)
{
$session = $event->getRequest()->getSession();
$validSession = $session->isStarted() && $session->get('authentication');
$expired = $this->schemaManager->isCheckRequired();
// Don't show the check if we're in the dbcheck already.
$notInCheck = !in_array($event->getRequest()->get('_route'), ['dbcheck', 'dbupdate_result', 'dbupdate']);
if ($validSession && $expired && $this->schemaManager->isUpdateRequired() && $notInCheck) {
$msg = Trans::__("The database needs to be updated/repaired. Go to 'Configuration' > '<a href=\"%link%\">Check Database</a>' to do this now.", ['%link%' => $this->urlGenerator->generate('dbcheck')]);
$this->loggerFlash->error($msg);
}
}
/**
* Load a single extension.
*
* @param PackageDescriptor $descriptor
*/
private function addManagedExtension(PackageDescriptor $descriptor)
{
$className = $descriptor->getClass();
if ($this->isClassLoadable($className) === false) {
$this->flashLogger->error(Trans::__("Extension package %NAME% has an invalid class '%CLASS%' and has been skipped.", ['%NAME%' => $descriptor->getName(), '%CLASS%' => $className]));
return;
}
/** @var ExtensionInterface $extension */
$extension = new $className();
if ($extension instanceof ExtensionInterface) {
$baseDir = $this->extFs->getDir($descriptor->getPath());
$webDir = $this->webFs->getDir($descriptor->getWebPath());
$this->add($extension, $baseDir, $webDir, $descriptor->getName())->setDescriptor($descriptor);
} else {
$this->flashLogger->error(Trans::__("Extension package %NAME% base class '%CLASS%' does not implement \\Bolt\\Extension\\ExtensionInterface and has been skipped.", ['%NAME%' => $descriptor->getName(), '%CLASS%' => $className]));
}
}
/**
* Log out the currently logged in user.
*
* @return boolean
*/
public function revokeSession()
{
try {
// Only show this flash if there are users in the system.
// Not when we're about to get redirected to the "first users" screen.
if ($this->repositoryUsers->hasUsers()) {
$this->flashLogger->info(Trans::__('You have been logged out.'));
}
} catch (TableNotFoundException $e) {
// If we have no table, then we definitely have no users
}
// Remove all auth tokens when logging off a user
if ($sessionAuth = $this->session->get('authentication')) {
$this->repositoryAuthtoken->deleteTokens($sessionAuth->getUser()->getUsername());
}
$this->session->remove('authentication');
$this->session->migrate(true);
return false;
}
/**
* Load a single extension.
*
* @param PackageDescriptor $descriptor
*/
private function addManagedExtension(PackageDescriptor $descriptor)
{
$className = $descriptor->getClass();
if ($this->isClassLoadable($className) === false) {
if ($descriptor->getType() === 'local' && $this->isClassLoadable('Wikimedia\\Composer\\MergePlugin') === false) {
$this->flashLogger->error(Trans::__('general.phrase.error-local-extension-set-up-incomplete', ['%NAME%' => $descriptor->getName(), '%CLASS%' => $className]));
} else {
$this->flashLogger->error(Trans::__("Extension package %NAME% has an invalid class '%CLASS%' and has been skipped.", ['%NAME%' => $descriptor->getName(), '%CLASS%' => $className]));
}
return;
}
/** @var ExtensionInterface $extension */
$extension = new $className();
if ($extension instanceof ExtensionInterface) {
$baseDir = $this->extFs->getDir($descriptor->getPath());
$webDir = $this->webFs->getDir($descriptor->getWebPath());
$this->add($extension, $baseDir, $webDir, $descriptor->getName())->setDescriptor($descriptor);
} else {
$this->flashLogger->error(Trans::__("Extension package %NAME% base class '%CLASS%' does not implement \\Bolt\\Extension\\ExtensionInterface and has been skipped.", ['%NAME%' => $descriptor->getName(), '%CLASS%' => $className]));
}
}
/**
* Load a single extension.
*
* @param PackageDescriptor $descriptor
*/
private function addManagedExtension(PackageDescriptor $descriptor)
{
$className = $descriptor->getClass();
if (class_exists($className) === false) {
if ($descriptor->getType() === 'local' && class_exists('Wikimedia\\Composer\\MergePlugin') === false) {
$this->flashLogger->error(Trans::__("Local extension set up incomplete. Please run 'Install all packages' on the Extensions page.", ['%NAME%' => $descriptor->getName(), '%CLASS%' => $className]));
} else {
$this->flashLogger->error(Trans::__("Extension package %NAME% has an invalid class '%CLASS%' and has been skipped.", ['%NAME%' => $descriptor->getName(), '%CLASS%' => $className]));
}
return;
}
/** @var ExtensionInterface $extension */
$extension = new $className();
if ($extension instanceof ExtensionInterface) {
$baseDir = $this->filesystem->getDir($descriptor->getPath());
$relativeUrl = sprintf('/extensions/%s/web/', $descriptor->getPath());
$this->add($extension, $baseDir, $relativeUrl, $descriptor->getName())->setDescriptor($descriptor);
} else {
$this->flashLogger->error(Trans::__("Extension package %NAME% base class '%CLASS%' does not implement \\Bolt\\Extension\\ExtensionInterface and has been skipped.", ['%NAME%' => $descriptor->getName(), '%CLASS%' => $className]));
}
}