/** * remove security rules from child items * * @param array json request * @return array json response */ public function removeChildPermissions($p) { if (!Security::isAdmin()) { throw new \Exception(L\get('Access_denied')); } $pids = Objects::getPids($p['id'], false); $pids = implode(',', $pids); $child_ids = array(); // selecting childs with accesses $res = DB\dbQuery('SELECT id FROM tree_info WHERE pids like $1 and acl_count > 0', $pids . ',%'); while ($r = $res->fetch_assoc()) { $child_ids[] = $r['id']; } $res->close(); //remove security rules for childs if (!empty($child_ids)) { DB\dbQuery('DELETE FROM tree_acl WHERE node_id in (' . implode(',', $child_ids) . ')'); // update inherit flag DB\dbQuery('UPDATE tree SET inherit_acl = 1 WHERE id in (' . implode(',', $child_ids) . ')'); } Solr\Client::runBackgroundCron(); return array('success' => true); }
/** * save or create an object * @param array $p object properties * @return json responce */ public function save($p) { $d = Util\toJSONArray($p['data']); // check if need to create object instead of update if (empty($d['id']) || !is_numeric($d['id'])) { return $this->create($d); } // SECURITY: check if current user has write access to this action if (!Security::canWrite($d['id'])) { throw new \Exception(L\get('Access_denied')); } /* prepare params */ if (empty($d['date']) && !empty($d['date_start'])) { $d['date'] = $d['date_start']; } /* end of prepare params */ // update object $object = $this->getCachedObject($d['id']); //set sys_data from object, it can contain custom data //that shouldn't be overwritten $d['sys_data'] = $object->getSysData(); $object->update($d); Objects::updateCaseUpdateInfo($d['id']); /* updating saved document into solr directly (before runing background cron) so that it'll be displayed with new name without delay */ if (!\CB\Config::getFlag('disableSolrIndexing')) { $solrClient = new Solr\Client(); $solrClient->updateTree(array('id' => $d['id'])); //running background cron to index other nodes $solrClient->runBackgroundCron(); } return $this->load($d); }
public function rename($p) { $id = explode('/', $p['path']); $id = array_pop($id); $p['name'] = trim($p['name']); if (!is_numeric($id) || empty($p['name'])) { return array('success' => false); } /* check security access */ if (!Security::canWrite($id)) { throw new \Exception(L\get('Access_denied')); } DB\dbQuery('UPDATE tree SET name = $1 WHERE id = $2', array($p['name'], $id)) or die(DB\dbQueryError()); switch (Objects::getType($id)) { case 'file': $p['name'] = Purify::filename($p['name']); DB\dbQuery('UPDATE files SET name = $1 WHERE id = $2', array($p['name'], $id)) or die(DB\dbQueryError()); break; } /*updating renamed document into solr directly (before runing background cron) so that it'll be displayed with new name without delay*/ $solrClient = new Solr\Client(); $solrClient->updateTree(array('id' => $id)); //running background cron to index other nodes $solrClient->runBackgroundCron(); $p['name'] = htmlspecialchars($p['name'], ENT_COMPAT); //get pid $pid = null; $res = DB\dbQuery('SELECT pid FROM tree WHERE id = $1', $id) or die(DB\dbQueryError()); if ($r = $res->fetch_assoc()) { $pid = $r['pid']; } $res->close(); return array('success' => true, 'data' => array('id' => $id, 'pid' => $pid, 'newName' => $p['name'])); }
/** * Save access data specified for a user in UserManagement form (groups association) * * */ public function saveAccessData($p) { if (!User::isVerified()) { return array('success' => false, 'verify' => true); } if (!Security::canManage()) { throw new \Exception(L\get('Access_denied')); } $p = (array) $p; @($user_id = $this->extractId($p['id'])); /* analize groups: - for newly associated groups the access should be updated - for deassociated groups the access also should be reviewed/**/ /* get current user groups */ $current_groups = UsersGroups::getGroupIdsForUser($user_id); $updating_groups = Util\toNumericArray(@$p['groups']); $new_groups = array_diff($updating_groups, $current_groups); $deleting_groups = array_diff($current_groups, $updating_groups); foreach ($new_groups as $group_id) { DB\dbQuery('INSERT INTO users_groups_association (user_id, group_id, cid) VALUES($1, $2, $3) ON DUPLICATE KEY UPDATE uid = $3', array($user_id, $group_id, $_SESSION['user']['id'])) or die(DB\dbQueryError()); } if (!empty($deleting_groups)) { DB\dbQuery('DELETE FROM users_groups_association WHERE user_id = $1 AND group_id IN (' . implode(', ', $deleting_groups) . ')', $user_id) or die(DB\dbQueryError()); } Security::calculateUpdatedSecuritySets($user_id); Solr\Client::runBackgroundCron(); return array('success' => true); }
public function rename($p) { $id = explode('/', $p['path']); $id = array_pop($id); $p['name'] = trim($p['name']); if (!is_numeric($id) || empty($p['name'])) { return array('success' => false); } /* check security access */ if (!Security::canWrite($id)) { throw new \Exception(L\get('Access_denied')); } $p['name'] = Purify::filename($p['name']); $rez = array('success' => true, 'data' => array('id' => $id, 'pid' => null, 'newName' => $p['name'])); $objectType = Objects::getType($id); if ($objectType == 'shortcut') { $r = DM\Tree::read($id); if (!empty($r['target_id'])) { $id = $r['target_id']; $objectType = Objects::getType($id); } } DM\Tree::update(array('id' => $id, 'name' => $p['name'])); if ($objectType == 'file') { DM\Files::update(array('id' => $id, 'name' => $p['name'])); } /*updating renamed document into solr directly (before runing background cron) so that it'll be displayed with new name without delay*/ $solrClient = new Solr\Client(); $solrClient->updateTree(array('id' => $id)); //running background cron to index other nodes $solrClient->runBackgroundCron(); $p['name'] = htmlspecialchars($p['name'], ENT_COMPAT); //get pid $r = DM\Tree::read($rez['data']['id']); if (!empty($r['pid'])) { $rez['data']['pid'] = $r['pid']; } return $rez; }