/** * @param string $validation_error_message * @param string $model_name name of an EEM_Base model * @param array $query_params @see EEM_Base::get_all() * @param string $input_field_name the input will be treated as this field's value * @throws \EE_Error */ public function __construct($validation_error_message = NULL, $model_name = '', $query_params = array(), $input_field_name = '') { if (!EE_Registry::instance()->is_model_name($model_name)) { throw new EE_Error(sprintf(__('You must provide a valid model object ', 'event_espresso'), $model_name)); } $this->_model = EE_Registry::instance()->load_model($model_name); $this->_query_params = $query_params; if (empty($input_field_name)) { $input_field_name = $this->_model->primary_key_name(); } $this->_input_field_name = $input_field_name; parent::__construct($validation_error_message); }
/** * Takes a entity that's ready to be returned and removes fields which the user shouldn't be able to access. * @param array $entity * @param \EEM_Base $model * @param string $request_type one of the return values from EEM_Base::valid_cap_contexts() * @param Model_Version_Info $model_version_info * @return array ready for converting into json */ public static function filter_out_inaccessible_entity_fields($entity, $model, $request_type, $model_version_info) { //we only care to do this for frontend reads and when the user can't edit the item if ($request_type !== \EEM_Base::caps_read || $model->exists(array(array($model->primary_key_name() => $entity[$model->primary_key_name()]), 'default_where_conditions' => 'none', 'caps' => \EEM_Base::caps_edit))) { return $entity; } foreach ($model->field_settings() as $field_name => $field_obj) { if ($model_version_info->field_has_rendered_format($field_obj) && isset($entity[$field_name]['raw'])) { unset($entity[$field_name]['raw']); } } //theoretically we may want to filter out specific fields for specific models return apply_filters('FHEE__Capabilities__filter_out_inaccessible_entity_fields', $entity, $model, $request_type); }
/** * After the form section is initially created, call this to sanitize the data in the submission * which relates to this form section, validate it, and set it as properties on the form. * @param array $req_data should usually be $_REQUEST (the default). However, you CAN * supply a different array. Consider using set_defaults() instead however. (If you rendered * the form in the page using echo $form_x->get_html() the inputs will have the correct name * in the request data for this function to find them and populate the form with them. * If you have a flat form (with only input subsections), you can supply a flat array where keys * are the form input names and values are their values) * @param boolean $validate whether or not to perform validation on this data. Default is, * of course, to validate that data, and set errors on the invalid values. But if the data * has already been validated (eg you validated the data then stored it in the DB) you may want * to skip this step. * @return void */ public function receive_form_submission($req_data = NULL, $validate = TRUE) { parent::receive_form_submission($req_data, $validate); //create or set the model object, if it isn't already if (!$this->_model_object) { //check to see if the form indicates a PK, in which case we want to only retrieve it and update it $pk_name = $this->_model->primary_key_name(); $model_obj = $this->_model->get_one_by_ID($this->get_input_value($pk_name)); if ($model_obj) { $this->_model_object = $model_obj; } else { $this->_model_object = EE_Registry::instance()->load_class($this->_model->get_this_model_name()); } } //ok so the model object is set. Just set it with the submitted form data (don't save yet though) foreach ($this->inputs_values_corresponding_to_model_fields() as $field_name => $field_value) { //only set the non-primary key if ($field_name != $this->_model->primary_key_name()) { $this->_model_object->set($field_name, $field_value); } } }
/** * Gets the one model object with the specified id for the specified model * @param \EEM_Base $model * @param \WP_REST_Request $request * @return array */ public function get_entity_from_model($model, $request) { $query_params = array(array($model->primary_key_name() => $request->get_param('id')), 'limit' => 1); if ($model instanceof \EEM_Soft_Delete_Base) { $query_params = $model->alter_query_params_so_deleted_and_undeleted_items_included($query_params); } $restricted_query_params = $query_params; $restricted_query_params['caps'] = $this->validate_context($request->get_param('caps')); $this->_set_debug_info('model query params', $restricted_query_params); $model_rows = $model->get_all_wpdb_results($restricted_query_params); if (!empty($model_rows)) { return $this->create_entity_from_wpdb_result($model, array_shift($model_rows), $request->get_param('include'), $this->validate_context($request->get_param('caps'))); } else { //ok let's test to see if we WOULD have found it, had we not had restrictions from missing capabilities $lowercase_model_name = strtolower($model->get_this_model_name()); $model_rows_found_sans_restrictions = $model->get_all_wpdb_results($query_params); if (!empty($model_rows_found_sans_restrictions)) { //you got shafted- it existed but we didn't want to tell you! return new \WP_Error('rest_user_cannot_read', sprintf(__('Sorry, you cannot read this %1$s. Missing permissions are: %2$s', 'event_espresso'), strtolower($model->get_this_model_name()), Capabilities::get_missing_permissions_string($model, $this->validate_context($request->get_param('caps')))), array('status' => 403)); } else { //it's not you. It just doesn't exist return new \WP_Error(sprintf('rest_%s_invalid_id', $lowercase_model_name), sprintf(__('Invalid %s ID.', 'event_espresso'), $lowercase_model_name), array('status' => 404)); } } }
/** * Removes the "_calculate_fields" part of entity responses before 4.8.36 * @param array $entity_response_array * @param \EEM_Base $model * @param string $request_context * @param \WP_REST_Request $request * @param Read $controller * @return array */ public function remove_old_featured_image_part_of_cpt_entities($entity_response_array, \EEM_Base $model, $request_context, \WP_REST_Request $request, Read $controller) { if ($this->applies_to_version($controller->get_model_version_info()->requested_version()) && $model instanceof \EEM_CPT_Base) { $attachment = wp_get_attachment_image_src(get_post_thumbnail_id($entity_response_array[$model->primary_key_name()]), 'full'); $entity_response_array['featured_image_url'] = !empty($attachment) ? $attachment[0] : null; } return $entity_response_array; }
/** * Interally used to delete or restore items, using the request data. Meant to be * flexible between question or question groups * @param EEM_Base $model * @param boolean $trash wehter to trash or restore */ private function _trash_or_restore_items(EEM_Base $model, $trash = TRUE) { do_action('AHEE_log', __FILE__, __FUNCTION__, ''); $success = 1; //Checkboxes //echo "trash $trash"; //var_dump($this->_req_data['checkbox']);die; if (isset($this->_req_data['checkbox'])) { if (isset($this->_req_data['checkbox']) && !empty($this->_req_data['checkbox']) && is_array($this->_req_data['checkbox'])) { // if array has more than one element than success message should be plural $success = count($this->_req_data['checkbox']) > 1 ? 2 : 1; // cycle thru bulk action checkboxes while (list($ID, $value) = each($this->_req_data['checkbox'])) { if (!$model->delete_or_restore_by_ID($trash, absint($ID))) { $success = 0; } } } else { // grab single id and delete $ID = absint($this->_req_data['checkbox']); if (!$model->delete_or_restore_by_ID($trash, $ID)) { $success = 0; } } } else { // delete via trash link // grab single id and delete $ID = absint($this->_req_data[$model->primary_key_name()]); if (!$model->delete_or_restore_by_ID($trash, $ID)) { $success = 0; } } $action = $model instanceof EEM_Question ? 'default' : 'question_groups'; //strtolower( $model->item_name(2) ); //echo "action :$action"; //$action = 'questions' ? 'default' : $action; if ($trash) { $action_desc = 'trashed'; $status = 'trash'; } else { $action_desc = 'restored'; $status = 'all'; } $this->_redirect_after_action($success, $model->item_name($success), $action_desc, array('action' => $action, 'status' => $status)); }
/** * Given the model object data, finds the row to update and updates it * @param string|int $id_in_csv * @param array $model_object_data * @param EEM_Base $model * @param array $old_db_to_new_db_mapping * @return array updated $old_db_to_new_db_mapping */ protected function _update_from_data_array($id_in_csv, $model_object_data, $model, $old_db_to_new_db_mapping) { try { //let's keep two copies of the model object data: //one for performing an update, one for everthing else $model_object_data_for_update = $model_object_data; if ($model->has_primary_key_field()) { $conditions = array($model->primary_key_name() => $model_object_data[$model->primary_key_name()]); //remove the primary key because we shouldn't use it for updating unset($model_object_data_for_update[$model->primary_key_name()]); } elseif ($model->get_combined_primary_key_fields() > 1) { $conditions = array(); foreach ($model->get_combined_primary_key_fields() as $key_field) { $conditions[$key_field->get_name()] = $model_object_data[$key_field->get_name()]; } } else { $model->primary_key_name(); //this shoudl just throw an exception, explaining that we dont have a primary key (or a combine dkey) } $success = $model->update($model_object_data_for_update, array($conditions)); if ($success) { $this->_total_updates++; EE_Error::add_success(sprintf(__("Successfully updated %s with csv data %s", "event_espresso"), $model->get_this_model_name(), implode(",", $model_object_data_for_update))); //we should still record the mapping even though it was an update //because if we were going to insert somethign but it was going to conflict //we would have last-minute decided to update. So we'd like to know what we updated //and so we record what record ended up being updated using the mapping if ($model->has_primary_key_field()) { $new_key_for_mapping = $model_object_data[$model->primary_key_name()]; } else { //no primary key just a combined key $new_key_for_mapping = $model->get_index_primary_key_string($model_object_data); } $old_db_to_new_db_mapping[$model->get_this_model_name()][$id_in_csv] = $new_key_for_mapping; } else { $matched_items = $model->get_all(array($conditions)); if (!$matched_items) { //no items were matched (so we shouldn't have updated)... but then we should have inserted? what the heck? $this->_total_update_errors++; EE_Error::add_error(sprintf(__("Could not update %s with the csv data: '%s' for an unknown reason (using WHERE conditions %s)", "event_espresso"), $model->get_this_model_name(), http_build_query($model_object_data), http_build_query($conditions)), __FILE__, __FUNCTION__, __LINE__); } else { $this->_total_updates++; EE_Error::add_success(sprintf(__("%s with csv data '%s' was found in the database and didn't need updating because all the data is identical.", "event_espresso"), $model->get_this_model_name(), implode(",", $model_object_data))); } } } catch (EE_Error $e) { $this->_total_update_errors++; $basic_message = sprintf(__("Could not update %s with the csv data: %s because %s", "event_espresso"), $model->get_this_model_name(), implode(",", $model_object_data), $e->getMessage()); $debug_message = $basic_message . ' Stack trace: ' . $e->getTraceAsString(); EE_Error::add_error("{$basic_message} | {$debug_message}", __FILE__, __FUNCTION__, __LINE__); } return $old_db_to_new_db_mapping; }